Network Analysis
| IP Address | Status | Action |
|---|---|---|
| 62.204.41.159 | Active | Moloch |
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| No hosts contacted. | ||
GET
200
http://62.204.41.159/
REQUEST
RESPONSE
BODY
GET / HTTP/1.1
Host: 62.204.41.159
Connection: Keep-Alive
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 03 Oct 2024 23:39:27 GMT
Server: Apache/2.4.52 (Ubuntu)
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
POST
200
http://62.204.41.159/edd20096ecef326d.php
REQUEST
RESPONSE
BODY
POST /edd20096ecef326d.php HTTP/1.1
Content-Type: multipart/form-data; boundary=----HCFCFHJDBKJKEBFHJEHI
Host: 62.204.41.159
Content-Length: 219
Connection: Keep-Alive
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 03 Oct 2024 23:39:27 GMT
Server: Apache/2.4.52 (Ubuntu)
Vary: Accept-Encoding
Content-Length: 168
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
POST
200
http://62.204.41.159/edd20096ecef326d.php
REQUEST
RESPONSE
BODY
POST /edd20096ecef326d.php HTTP/1.1
Content-Type: multipart/form-data; boundary=----BFCGDAAKFHIDBFIDBKFH
Host: 62.204.41.159
Content-Length: 268
Connection: Keep-Alive
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 03 Oct 2024 23:39:28 GMT
Server: Apache/2.4.52 (Ubuntu)
Vary: Accept-Encoding
Content-Length: 1520
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
POST
200
http://62.204.41.159/edd20096ecef326d.php
REQUEST
RESPONSE
BODY
POST /edd20096ecef326d.php HTTP/1.1
Content-Type: multipart/form-data; boundary=----AAAAAAAAAAAAAAAAAAAA
Host: 62.204.41.159
Content-Length: 267
Connection: Keep-Alive
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 03 Oct 2024 23:39:28 GMT
Server: Apache/2.4.52 (Ubuntu)
Vary: Accept-Encoding
Content-Length: 7116
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
POST
200
http://62.204.41.159/edd20096ecef326d.php
REQUEST
RESPONSE
BODY
POST /edd20096ecef326d.php HTTP/1.1
Content-Type: multipart/form-data; boundary=----JDBGHIIDAECBFIDHIIDG
Host: 62.204.41.159
Content-Length: 268
Connection: Keep-Alive
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 03 Oct 2024 23:39:28 GMT
Server: Apache/2.4.52 (Ubuntu)
Vary: Accept-Encoding
Content-Length: 108
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
POST
200
http://62.204.41.159/edd20096ecef326d.php
REQUEST
RESPONSE
BODY
POST /edd20096ecef326d.php HTTP/1.1
Content-Type: multipart/form-data; boundary=----BKECFIIEHCFHIECAFBAK
Host: 62.204.41.159
Content-Length: 4395
Connection: Keep-Alive
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 03 Oct 2024 23:39:28 GMT
Server: Apache/2.4.52 (Ubuntu)
Content-Length: 0
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
GET
200
http://62.204.41.159/db293a2c1b1c70c4/sqlite3.dll
REQUEST
RESPONSE
BODY
GET /db293a2c1b1c70c4/sqlite3.dll HTTP/1.1
Host: 62.204.41.159
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 03 Oct 2024 23:39:28 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Mon, 05 Sep 2022 14:30:30 GMT
ETag: "10e436-5e7eeebed8d80"
Accept-Ranges: bytes
Content-Length: 1106998
Content-Type: application/x-msdos-program
POST
200
http://62.204.41.159/edd20096ecef326d.php
REQUEST
RESPONSE
BODY
POST /edd20096ecef326d.php HTTP/1.1
Content-Type: multipart/form-data; boundary=----ECGDHDHJEBGHJKFIECBG
Host: 62.204.41.159
Content-Length: 359
Connection: Keep-Alive
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 03 Oct 2024 23:39:31 GMT
Server: Apache/2.4.52 (Ubuntu)
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
GET
200
http://62.204.41.159/db293a2c1b1c70c4/freebl3.dll
REQUEST
RESPONSE
BODY
GET /db293a2c1b1c70c4/freebl3.dll HTTP/1.1
Host: 62.204.41.159
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 03 Oct 2024 23:39:34 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT
ETag: "a7550-5e7ebd4425100"
Accept-Ranges: bytes
Content-Length: 685392
Content-Type: application/x-msdos-program
GET
200
http://62.204.41.159/db293a2c1b1c70c4/mozglue.dll
REQUEST
RESPONSE
BODY
GET /db293a2c1b1c70c4/mozglue.dll HTTP/1.1
Host: 62.204.41.159
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 03 Oct 2024 23:39:35 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT
ETag: "94750-5e7ebd4425100"
Accept-Ranges: bytes
Content-Length: 608080
Content-Type: application/x-msdos-program
GET
200
http://62.204.41.159/db293a2c1b1c70c4/msvcp140.dll
REQUEST
RESPONSE
BODY
GET /db293a2c1b1c70c4/msvcp140.dll HTTP/1.1
Host: 62.204.41.159
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 03 Oct 2024 23:39:35 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT
ETag: "6dde8-5e7ebd4425100"
Accept-Ranges: bytes
Content-Length: 450024
Content-Type: application/x-msdos-program
GET
200
http://62.204.41.159/db293a2c1b1c70c4/nss3.dll
REQUEST
RESPONSE
BODY
GET /db293a2c1b1c70c4/nss3.dll HTTP/1.1
Host: 62.204.41.159
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 03 Oct 2024 23:39:36 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT
ETag: "1f3950-5e7ebd4425100"
Accept-Ranges: bytes
Content-Length: 2046288
Content-Type: application/x-msdos-program
GET
200
http://62.204.41.159/db293a2c1b1c70c4/softokn3.dll
REQUEST
RESPONSE
BODY
GET /db293a2c1b1c70c4/softokn3.dll HTTP/1.1
Host: 62.204.41.159
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 03 Oct 2024 23:39:37 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT
ETag: "3ef50-5e7ebd4425100"
Accept-Ranges: bytes
Content-Length: 257872
Content-Type: application/x-msdos-program
GET
200
http://62.204.41.159/db293a2c1b1c70c4/vcruntime140.dll
REQUEST
RESPONSE
BODY
GET /db293a2c1b1c70c4/vcruntime140.dll HTTP/1.1
Host: 62.204.41.159
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 03 Oct 2024 23:39:37 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT
ETag: "13bf0-5e7ebd4425100"
Accept-Ranges: bytes
Content-Length: 80880
Content-Type: application/x-msdos-program
POST
200
http://62.204.41.159/edd20096ecef326d.php
REQUEST
RESPONSE
BODY
POST /edd20096ecef326d.php HTTP/1.1
Content-Type: multipart/form-data; boundary=----JKJECBAAAFHIIEBFCBKF
Host: 62.204.41.159
Content-Length: 943
Connection: Keep-Alive
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 03 Oct 2024 23:39:38 GMT
Server: Apache/2.4.52 (Ubuntu)
Content-Length: 0
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
POST
200
http://62.204.41.159/edd20096ecef326d.php
REQUEST
RESPONSE
BODY
POST /edd20096ecef326d.php HTTP/1.1
Content-Type: multipart/form-data; boundary=----AEHIJDAFBKFHIDGCFBFC
Host: 62.204.41.159
Content-Length: 879
Connection: Keep-Alive
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 03 Oct 2024 23:39:39 GMT
Server: Apache/2.4.52 (Ubuntu)
Content-Length: 0
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
POST
200
http://62.204.41.159/edd20096ecef326d.php
REQUEST
RESPONSE
BODY
POST /edd20096ecef326d.php HTTP/1.1
Content-Type: multipart/form-data; boundary=----GDHDAEBGCAAFIDGCGDHI
Host: 62.204.41.159
Content-Length: 663
Connection: Keep-Alive
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 03 Oct 2024 23:39:39 GMT
Server: Apache/2.4.52 (Ubuntu)
Content-Length: 0
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
POST
200
http://62.204.41.159/edd20096ecef326d.php
REQUEST
RESPONSE
BODY
POST /edd20096ecef326d.php HTTP/1.1
Content-Type: multipart/form-data; boundary=----EGDBFIIECBGDGDGDHCAK
Host: 62.204.41.159
Content-Length: 267
Connection: Keep-Alive
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 03 Oct 2024 23:39:40 GMT
Server: Apache/2.4.52 (Ubuntu)
Vary: Accept-Encoding
Content-Length: 2408
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
POST
200
http://62.204.41.159/edd20096ecef326d.php
REQUEST
RESPONSE
BODY
POST /edd20096ecef326d.php HTTP/1.1
Content-Type: multipart/form-data; boundary=----EGHJKJKKJDHIDHJKJDBG
Host: 62.204.41.159
Content-Length: 265
Connection: Keep-Alive
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 03 Oct 2024 23:39:40 GMT
Server: Apache/2.4.52 (Ubuntu)
Vary: Accept-Encoding
Content-Length: 968
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
Suricata TLS
No Suricata TLS
Snort Alerts
No Snort Alerts