Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6402 | July 1, 2024, 3:02 p.m. | July 1, 2024, 3:05 p.m. |
Name | Response | Post-Analysis Lookup |
---|---|---|
kaylen.xyz | 172.67.220.235 |
Suricata Alerts
Suricata TLS
Flow | Issuer | Subject | Fingerprint |
---|---|---|---|
TLSv1 192.168.56.102:49173 104.21.94.78:443 |
C=US, O=Google Trust Services, CN=WE1 | CN=kaylen.xyz | a6:97:7c:6b:09:d0:4a:fa:93:43:ee:47:cc:8f:7b:47:85:bc:af:68 |
TLSv1 192.168.56.102:49172 104.21.94.78:443 |
C=US, O=Google Trust Services, CN=WE1 | CN=kaylen.xyz | a6:97:7c:6b:09:d0:4a:fa:93:43:ee:47:cc:8f:7b:47:85:bc:af:68 |
TLSv1 192.168.56.102:49175 104.21.94.78:443 |
C=US, O=Google Trust Services, CN=WE1 | CN=kaylen.xyz | a6:97:7c:6b:09:d0:4a:fa:93:43:ee:47:cc:8f:7b:47:85:bc:af:68 |
TLSv1 192.168.56.102:49171 104.21.94.78:443 |
C=US, O=Google Trust Services, CN=WE1 | CN=kaylen.xyz | a6:97:7c:6b:09:d0:4a:fa:93:43:ee:47:cc:8f:7b:47:85:bc:af:68 |
TLSv1 192.168.56.102:49174 104.21.94.78:443 |
C=US, O=Google Trust Services, CN=WE1 | CN=kaylen.xyz | a6:97:7c:6b:09:d0:4a:fa:93:43:ee:47:cc:8f:7b:47:85:bc:af:68 |
TLSv1 192.168.56.102:49176 104.21.94.78:443 |
C=US, O=Google Trust Services, CN=WE1 | CN=kaylen.xyz | a6:97:7c:6b:09:d0:4a:fa:93:43:ee:47:cc:8f:7b:47:85:bc:af:68 |
TLSv1 192.168.56.102:49178 104.21.94.78:443 |
C=US, O=Google Trust Services, CN=WE1 | CN=kaylen.xyz | a6:97:7c:6b:09:d0:4a:fa:93:43:ee:47:cc:8f:7b:47:85:bc:af:68 |
TLSv1 192.168.56.102:49179 104.21.94.78:443 |
C=US, O=Google Trust Services, CN=WE1 | CN=kaylen.xyz | a6:97:7c:6b:09:d0:4a:fa:93:43:ee:47:cc:8f:7b:47:85:bc:af:68 |
TLSv1 192.168.56.102:49170 104.21.94.78:443 |
C=US, O=Google Trust Services, CN=WE1 | CN=kaylen.xyz | a6:97:7c:6b:09:d0:4a:fa:93:43:ee:47:cc:8f:7b:47:85:bc:af:68 |
suspicious_features | POST method with no referer header | suspicious_request | POST https://kaylen.xyz/ |
request | GET https://kaylen.xyz/ |
request | POST https://kaylen.xyz/ |
request | GET https://kaylen.xyz//sql.dll |
request | GET https://kaylen.xyz//freebl3.dll |
request | GET https://kaylen.xyz//mozglue.dll |
request | GET https://kaylen.xyz//msvcp140.dll |
request | GET https://kaylen.xyz//nss3.dll |
request | GET https://kaylen.xyz//softokn3.dll |
request | GET https://kaylen.xyz//vcruntime140.dll |
request | POST https://kaylen.xyz/ |
Elastic | malicious (moderate confidence) |
ESET-NOD32 | a variant of Win32/TrojanDownloader.Rugmi.AJC.gen |
NANO-Antivirus | Virus.Win32.Gen.ccmw |