NetWork | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
11.13 04:11
hello.exe
11.13 03:11
espsemhvcioff.exe
11.13 02:11
Geek_se.exe
11.13 02:11
cred64.dll
11.13 02:11
svhost.exe
11.13 02:11
nb.exe
11.13 02:11
svcyr.exe
11.13 02:11
Ghost_1.5.11.5.exe
11.13 02:11
PowderGpl.exe
11.13 02:11
goodlabel%E6%89%93%E5%...

Latest News
11.15 07:11
FCC to soon announce l...
11.15 07:11
Michael Burry Boosts C...
11.15 07:11
Thomas Kurtz, Co-Creat...
11.15 06:11
Malware Spotlight: A ...
11.15 06:11
Disney's Streaming Suc...
11.15 06:11
Applied Materials Fore...
11.15 06:11
Bluetooth Dongle Gives...
11.15 06:11
North Korea's Lazarus ...
11.15 06:11
Malone Makes Pitch for...
11.15 05:11
SpaceX Scraps Texas La...

NetWork | ZeroBOX

IP Address	Status	Action
125.74.99.73	Active	Moloch
164.124.101.2	Active	Moloch
185.215.113.66	Active	Moloch
213.230.111.168	Active	Moloch
37.255.202.28	Active	Moloch
5.219.163.120	Active	Moloch
5.234.21.11	Active	Moloch
5.53.62.35	Active	Moloch
5.75.53.107	Active	Moloch
78.36.17.105	Active	Moloch
82.151.120.74	Active	Moloch
89.249.62.238	Active	Moloch
90.156.163.31	Active	Moloch
94.252.244.21	Active	Moloch
95.159.149.185	Active	Moloch
95.72.81.43	Active	Moloch

Name	Response	Post-Analysis Lookup
www.update.microsoft.com		20.72.235.82

No traffic

UDP Requests

No traffic

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

Flow	SID	Signature	Category
UDP 192.168.56.103:50801 -> 5.75.53.107:40500	2044077	ET MALWARE Win32/Phorpiex UDP Peer-to-Peer CnC	A Network Trojan was detected
UDP 192.168.56.103:50801 -> 5.53.62.35:40500	2044077	ET MALWARE Win32/Phorpiex UDP Peer-to-Peer CnC	A Network Trojan was detected
UDP 192.168.56.103:50801 -> 5.234.21.11:40500	2044077	ET MALWARE Win32/Phorpiex UDP Peer-to-Peer CnC	A Network Trojan was detected
UDP 192.168.56.103:50801 -> 95.72.81.43:40500	2044077	ET MALWARE Win32/Phorpiex UDP Peer-to-Peer CnC	A Network Trojan was detected
UDP 192.168.56.103:50801 -> 89.249.62.238:40500	2044077	ET MALWARE Win32/Phorpiex UDP Peer-to-Peer CnC	A Network Trojan was detected
UDP 192.168.56.103:50801 -> 78.36.17.105:40500	2044077	ET MALWARE Win32/Phorpiex UDP Peer-to-Peer CnC	A Network Trojan was detected
UDP 192.168.56.103:50801 -> 37.255.202.28:40500	2044077	ET MALWARE Win32/Phorpiex UDP Peer-to-Peer CnC	A Network Trojan was detected
UDP 192.168.56.103:50801 -> 125.74.99.73:40500	2044077	ET MALWARE Win32/Phorpiex UDP Peer-to-Peer CnC	A Network Trojan was detected

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts