Network Analysis
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| s4.gtsystems.hu |
CNAME
shadowman.dnse.hu
|
185.6.188.137 |
GET
404
http://217.15.164.94/update//web/kmnkNIANBDUIbudbnIA.php?t=2024-10-16%20??%2011:56:28
REQUEST
RESPONSE
BODY
GET /update//web/kmnkNIANBDUIbudbnIA.php?t=2024-10-16%20??%2011:56:28 HTTP/1.1
Accept: */*
Accept-Language: ko-KR
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; InfoPath.2; .NET4.0C; .NET4.0E)
Host: 217.15.164.94
Connection: Keep-Alive
HTTP/1.1 404 Not Found
Date: Wed, 16 Oct 2024 06:37:54 GMT
Server: Apache/2.4.62 (Debian)
Content-Length: 275
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
GET
404
http://217.15.164.94/update//resources.xml
REQUEST
RESPONSE
BODY
GET /update//resources.xml HTTP/1.1
Host: 217.15.164.94
Connection: Keep-Alive
HTTP/1.1 404 Not Found
Date: Wed, 16 Oct 2024 06:37:54 GMT
Server: Apache/2.4.62 (Debian)
Content-Length: 275
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ICMP traffic
| Source | Destination | ICMP Type | Data |
|---|---|---|---|
| 192.168.56.101 | 164.124.101.2 | 3 |
IRC traffic
No IRC requests performed.
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
Snort Alerts
No Snort Alerts