NetWork | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
09.22 06:09
audiodg.exe
09.22 06:09
psfod.exe
09.22 06:09
73EtsZxIoDetWTu.exe
09.22 06:09
otqp9.exe
09.22 06:09
xx.exe
09.22 06:09
fck.exe
09.22 06:09
LummaC222222.exe
09.22 06:09
seethebestwayforunders...
09.22 06:09
Name.exe
09.22 06:09
needmoney.exe

Latest News
09.23 02:09
Brass Propeller Gets I...
09.23 01:09
트리니티소프트, 애플리케이션 보안 분야에...
09.23 01:09
텔레그램 사용자 정책 위반 사칭 피싱 사...
09.23 01:09
SKYBOX 통합보안위험관리 솔루션, 다...
09.23 12:09
카스퍼스키, 클라우드·엔드포인트·OT 보...
09.22 11:09
Lula Seeks to Lead Pus...
09.22 11:09
Emoji-Erweiterung: Ach...
09.22 11:09
Slack wird noch smarte...
09.22 11:09
지란지교데이터, 개인정보 비식별화와 AI...
09.22 11:09
Robotic Touch Using a ...

NetWork | ZeroBOX

IP Address	Status	Action
104.21.67.52	Active	Moloch
164.124.101.2	Active	Moloch
94.130.50.78	Active	Moloch

Name	Response	Post-Analysis Lookup
www.shop-pravaonline.online	A 172.67.213.211 A 104.21.67.52	104.21.67.52
www.dogclubuk.com
www.keymuscatgroups.com	CNAME keymuscatgroups.com A 94.130.50.78	94.130.50.78

UDP Requests

GET 301 http://www.keymuscatgroups.com/bp31/?yVMpQTlP=yNiC01S4ovnvJ+4O8UQILoBOncymYWrbdHgK3FAKeJB65Mx698O5TOrqAYEBEx6+IzqV5xYJ&1bz=ofrLp

GET 0 http://www.shop-pravaonline.online/bp31/?yVMpQTlP=Uqza8+9L64sRJc+c2iCGCqwjPe7m2xZwn2Ag66Dpm3Yoyn941TYF9FYKVDiYLzEfUp+bSjyL&1bz=ofrLp

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

Flow	SID	Signature	Category
TCP 192.168.56.101:49166 -> 104.21.67.52:80	2031412	ET MALWARE FormBook CnC Checkin (GET)	Malware Command and Control Activity Detected
TCP 192.168.56.101:49165 -> 94.130.50.78:80	2031412	ET MALWARE FormBook CnC Checkin (GET)	Malware Command and Control Activity Detected

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts