NetWork | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
09.20 01:09
setup.exe
09.20 11:09
3uTools.exe
09.20 11:09
66ecb4573225b_vsbhfdg1...
09.20 10:09
66ecb452ba19c_sfbdsgfd...
09.20 10:09
66ecb44c35444_vfdhsgdf...
09.20 10:09
66ec0e61998bf_setup30.exe
09.20 10:09
66ebf725efe38_lyla.exe
09.20 10:09
Desktop_Explorer.exe
09.20 10:09
66ec3528901bb_winupdat...
09.20 10:09
Inquiry-Dubai.js

Latest News
09.20 03:09
에듀사이버평생교육원, 종합미용면허증 단기...
09.20 03:09
보물섬투어, 베트남 나트랑·달랏 3박 5...
09.20 03:09
버드리 위승용, 50-50 메이저리거 오...
09.20 03:09
국정원, ‘한국우주안보학회’ 우주안보 전...
09.20 03:09
[PASCON 2024-영상] 파수, 끊...
09.20 03:09
Insurer Alan Hits €4 B...
09.20 03:09
스타일러스·따뜻한동행, 장애인 위한 '동...
09.20 03:09
[PASCON 2024-영상] 굿모닝아이...
09.20 03:09
Critical Ivanti Cloud ...
09.20 03:09
SOOSAN INT Product Sec...

NetWork | ZeroBOX

IP Address	Status	Action
192.227.146.252	Active	Moloch

Name	Response	Post-Analysis Lookup
No hosts contacted.

TCP Requests

UDP Requests

No traffic

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

Flow	SID	Signature	Category
TCP 192.168.56.103:49163 -> 192.227.146.252:8000	2260003	SURICATA Applayer Protocol detection skipped	Generic Protocol Command Decode
TCP 192.168.56.103:49162 -> 192.227.146.252:2025	2016879	ET POLICY Unsupported/Fake Windows NT Version 5.0	Potential Corporate Privacy Violation
TCP 192.168.56.103:49162 -> 192.227.146.252:2025	2018752	ET HUNTING Generic .bin download from Dotted Quad	Potentially Bad Traffic
TCP 192.227.146.252:2025 -> 192.168.56.103:49162	2045860	ET HUNTING Rejetto HTTP File Sever Response	A Network Trojan was detected
TCP 192.168.56.103:49162 -> 192.227.146.252:2025	2016879	ET POLICY Unsupported/Fake Windows NT Version 5.0	Potential Corporate Privacy Violation
TCP 192.168.56.103:49162 -> 192.227.146.252:2025	2018752	ET HUNTING Generic .bin download from Dotted Quad	Potentially Bad Traffic
TCP 192.168.56.103:49169 -> 192.227.146.252:2025	2016879	ET POLICY Unsupported/Fake Windows NT Version 5.0	Potential Corporate Privacy Violation
TCP 192.168.56.103:49169 -> 192.227.146.252:2025	2018752	ET HUNTING Generic .bin download from Dotted Quad	Potentially Bad Traffic
TCP 192.227.146.252:2025 -> 192.168.56.103:49169	2045860	ET HUNTING Rejetto HTTP File Sever Response	A Network Trojan was detected
TCP 192.168.56.103:49169 -> 192.227.146.252:2025	2016879	ET POLICY Unsupported/Fake Windows NT Version 5.0	Potential Corporate Privacy Violation
TCP 192.168.56.103:49169 -> 192.227.146.252:2025	2018752	ET HUNTING Generic .bin download from Dotted Quad	Potentially Bad Traffic
TCP 192.168.56.103:49170 -> 192.227.146.252:8000	2260003	SURICATA Applayer Protocol detection skipped	Generic Protocol Command Decode

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts