Analysis Date2015-11-17 02:07:14
MD505050819708c6d52d2e2cd492dc22fde
SHA1b2d570192c2512e8ba417d43bc1c020fa458b01b

Static Details:

File typePE32 executable for MS Windows (GUI) Intel 80386 32-bit
Section.text md5: 667b2e43928b7b4f7997d3771ee35279 sha1: 9cfbaf431aafe1afc7942a4e57e4e5c78a5a1b74 size: 3072
Section.data md5: 3bb690ef3f51cc08743db079d31031df sha1: d8cf2894f6771571ee1b8b639f57b54413041ec1 size: 5120
Section.rsrc md5: 4ade1c0dc38342fa47a24dd94bab4ec8 sha1: 9f368654901f5930e0d7be03150caf7c1c7cecde size: 11264
Timestamp2012-01-27 20:38:07
PEhashc420ed1c98e655b6345b338ed44cf20e8c8ff586
IMPhash397a95116b500848ae2a01af5f88df45
AVRisingno_virus
AVMcafeeDownloader-FSH!05050819708C
AVAvira (antivir)TR/Yarwi.B.210
AVTwisterTrojan.2F17D84B008E96B0
AVAd-AwareTrojan.GenericKD.1604712
AVAlwil (avast)Zbot-TCT [Trj]
AVEset (nod32)Win32/TrojanDownloader.Waski.A
AVGrisoft (avg)Generic_s.DBQ
AVSymantecDownloader.Upatre
AVFortinetW32/Upatre.BH!tr
AVBitDefenderTrojan.GenericKD.1604712
AVK7Trojan-Downloader ( 0048f6391 )
AVMicrosoft Security EssentialsTrojanDownloader:Win32/Upatre.O
AVMicroWorld (escan)Trojan.GenericKD.1604712
AVMalwareBytesTrojan.Downloader.RRE
AVAuthentiumW32/Trojan.KVED-7604
AVFrisk (f-prot)W32/Trojan2.ODQJ
AVIkarusTrojan-Downloader.Win32.Upatre
AVEmsisoftTrojan.GenericKD.1604712
AVZillya!Trojan.Bublik.Win32.13746
AVKasperskyTrojan.Win32.Generic
AVTrend MicroTROJ_UPATRE.SM37
AVCAT (quickheal)TrojanDownloader.Upatre.A4
AVVirusBlokAda (vba32)Malware-Cryptor.Hlux
AVPadvishno_virus
AVBullGuardTrojan.GenericKD.1604712
AVArcabit (arcavir)Trojan.GenericKD.1604712
AVClamAVWin.Trojan.Generickd-3405
AVDr. WebTrojan.DownLoad3.32271
AVF-SecureTrojan-Downloader:W32/Upatre.I
AVCA (E-Trust Ino)Win32/Zbot.VXNPJB
AVRisingno_virus
AVMcafeeDownloader-FSH!05050819708C
AVAvira (antivir)TR/Yarwi.B.210
AVTwisterTrojan.2F17D84B008E96B0
AVAd-AwareTrojan.GenericKD.1604712
AVAlwil (avast)Zbot-TCT [Trj]
AVEset (nod32)Win32/TrojanDownloader.Waski.A
AVGrisoft (avg)Generic_s.DBQ
AVSymantecDownloader.Upatre
AVFortinetW32/Upatre.BH!tr
AVBitDefenderTrojan.GenericKD.1604712
AVK7Trojan-Downloader ( 0048f6391 )
AVMicrosoft Security EssentialsTrojanDownloader:Win32/Upatre.O
AVMicroWorld (escan)Trojan.GenericKD.1604712
AVMalwareBytesTrojan.Downloader.RRE
AVAuthentiumW32/Trojan.KVED-7604
AVFrisk (f-prot)W32/Trojan2.ODQJ
AVIkarusTrojan-Downloader.Win32.Upatre

Runtime Details:

Screenshot

Process
↳ C:\malware.exe

RegistryHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass ➝
1
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temp\pdf_updater.exe
Creates FilePIPE\wkssvc
Creates Process"C:\Documents and Settings\Administrator\Local Settings\Temp\pdf_updater.exe"

Process
↳ "C:\Documents and Settings\Administrator\Local Settings\Temp\pdf_updater.exe"

RegistryHKEY_CURRENT_CONFIG\Software\Microsoft\windows\CurrentVersion\Internet Settings\ProxyEnable ➝
NULL
RegistryHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass ➝
1
Creates FileC:\Documents and Settings\Administrator\Local Settings\History\History.IE5\index.dat
Creates FileC:\Documents and Settings\Administrator\Cookies\index.dat
Creates FilePIPE\lsarpc
Creates File\Device\Afd\Endpoint
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat
Creates Mutexc:!documents and settings!administrator!local settings!history!history.ie5!
Creates MutexWininetConnectionMutex
Creates Mutexc:!documents and settings!administrator!cookies!
Creates Mutexc:!documents and settings!administrator!local settings!temporary internet files!content.ie5!
Winsock DNSquarkspark.org
Winsock DNSterenceteo.com
Winsock DNSgobehost.info
Winsock DNSgobemall.com

Network Details:

DNSquarkspark.org
Type: A
104.18.44.153
DNSquarkspark.org
Type: A
104.18.45.153
DNSgobehost.info
Type: A
50.56.218.189
DNSterenceteo.com
Type: A
104.28.4.70
DNSterenceteo.com
Type: A
104.28.5.70
DNSgobemall.com
Type: A
HTTP GEThttp://quarkspark.org/images/1203a.ton
User-Agent: Updates downloader
HTTP GEThttp://gobehost.info/images/headers/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://terenceteo.com/wp-content/uploads/photos/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://quarkspark.org/images/1203a.ton
User-Agent: Updates downloader
HTTP GEThttp://gobehost.info/images/headers/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://terenceteo.com/wp-content/uploads/photos/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://quarkspark.org/images/1203a.ton
User-Agent: Updates downloader
HTTP GEThttp://gobehost.info/images/headers/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://terenceteo.com/wp-content/uploads/photos/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://quarkspark.org/images/1203a.ton
User-Agent: Updates downloader
HTTP GEThttp://gobehost.info/images/headers/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://terenceteo.com/wp-content/uploads/photos/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://quarkspark.org/images/1203a.ton
User-Agent: Updates downloader
HTTP GEThttp://gobehost.info/images/headers/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://terenceteo.com/wp-content/uploads/photos/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://quarkspark.org/images/1203a.ton
User-Agent: Updates downloader
HTTP GEThttp://gobehost.info/images/headers/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://terenceteo.com/wp-content/uploads/photos/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://quarkspark.org/images/1203a.ton
User-Agent: Updates downloader
HTTP GEThttp://gobehost.info/images/headers/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://terenceteo.com/wp-content/uploads/photos/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://quarkspark.org/images/1203a.ton
User-Agent: Updates downloader
HTTP GEThttp://gobehost.info/images/headers/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://terenceteo.com/wp-content/uploads/photos/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://quarkspark.org/images/1203a.ton
User-Agent: Updates downloader
HTTP GEThttp://gobehost.info/images/headers/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://terenceteo.com/wp-content/uploads/photos/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://quarkspark.org/images/1203a.ton
User-Agent: Updates downloader
HTTP GEThttp://gobehost.info/images/headers/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://terenceteo.com/wp-content/uploads/photos/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://quarkspark.org/images/1203a.ton
User-Agent: Updates downloader
HTTP GEThttp://gobehost.info/images/headers/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://terenceteo.com/wp-content/uploads/photos/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://quarkspark.org/images/1203a.ton
User-Agent: Updates downloader
HTTP GEThttp://gobehost.info/images/headers/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://terenceteo.com/wp-content/uploads/photos/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://quarkspark.org/images/1203a.ton
User-Agent: Updates downloader
HTTP GEThttp://gobehost.info/images/headers/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://terenceteo.com/wp-content/uploads/photos/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://quarkspark.org/images/1203a.ton
User-Agent: Updates downloader
HTTP GEThttp://gobehost.info/images/headers/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://terenceteo.com/wp-content/uploads/photos/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://quarkspark.org/images/1203a.ton
User-Agent: Updates downloader
HTTP GEThttp://gobehost.info/images/headers/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://terenceteo.com/wp-content/uploads/photos/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://quarkspark.org/images/1203a.ton
User-Agent: Updates downloader
HTTP GEThttp://gobehost.info/images/headers/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://terenceteo.com/wp-content/uploads/photos/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://quarkspark.org/images/1203a.ton
User-Agent: Updates downloader
HTTP GEThttp://gobehost.info/images/headers/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://terenceteo.com/wp-content/uploads/photos/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://quarkspark.org/images/1203a.ton
User-Agent: Updates downloader
HTTP GEThttp://gobehost.info/images/headers/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://terenceteo.com/wp-content/uploads/photos/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://quarkspark.org/images/1203a.ton
User-Agent: Updates downloader
HTTP GEThttp://gobehost.info/images/headers/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://terenceteo.com/wp-content/uploads/photos/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://quarkspark.org/images/1203a.ton
User-Agent: Updates downloader
HTTP GEThttp://gobehost.info/images/headers/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://terenceteo.com/wp-content/uploads/photos/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://quarkspark.org/images/1203a.ton
User-Agent: Updates downloader
HTTP GEThttp://gobehost.info/images/headers/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://terenceteo.com/wp-content/uploads/photos/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://quarkspark.org/images/1203a.ton
User-Agent: Updates downloader
HTTP GEThttp://gobehost.info/images/headers/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://terenceteo.com/wp-content/uploads/photos/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://quarkspark.org/images/1203a.ton
User-Agent: Updates downloader
HTTP GEThttp://gobehost.info/images/headers/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://terenceteo.com/wp-content/uploads/photos/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://quarkspark.org/images/1203a.ton
User-Agent: Updates downloader
HTTP GEThttp://gobehost.info/images/headers/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://terenceteo.com/wp-content/uploads/photos/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://quarkspark.org/images/1203a.ton
User-Agent: Updates downloader
HTTP GEThttp://gobehost.info/images/headers/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://terenceteo.com/wp-content/uploads/photos/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://quarkspark.org/images/1203a.ton
User-Agent: Updates downloader
HTTP GEThttp://gobehost.info/images/headers/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://terenceteo.com/wp-content/uploads/photos/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://quarkspark.org/images/1203a.ton
User-Agent: Updates downloader
HTTP GEThttp://gobehost.info/images/headers/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://terenceteo.com/wp-content/uploads/photos/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://quarkspark.org/images/1203a.ton
User-Agent: Updates downloader
HTTP GEThttp://gobehost.info/images/headers/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://terenceteo.com/wp-content/uploads/photos/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://quarkspark.org/images/1203a.ton
User-Agent: Updates downloader
HTTP GEThttp://gobehost.info/images/headers/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://terenceteo.com/wp-content/uploads/photos/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://quarkspark.org/images/1203a.ton
User-Agent: Updates downloader
HTTP GEThttp://gobehost.info/images/headers/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://terenceteo.com/wp-content/uploads/photos/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://quarkspark.org/images/1203a.ton
User-Agent: Updates downloader
HTTP GEThttp://gobehost.info/images/headers/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://terenceteo.com/wp-content/uploads/photos/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://quarkspark.org/images/1203a.ton
User-Agent: Updates downloader
HTTP GEThttp://gobehost.info/images/headers/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://terenceteo.com/wp-content/uploads/photos/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://quarkspark.org/images/1203a.ton
User-Agent: Updates downloader
HTTP GEThttp://gobehost.info/images/headers/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://terenceteo.com/wp-content/uploads/photos/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://quarkspark.org/images/1203a.ton
User-Agent: Updates downloader
HTTP GEThttp://gobehost.info/images/headers/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://terenceteo.com/wp-content/uploads/photos/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://quarkspark.org/images/1203a.ton
User-Agent: Updates downloader
HTTP GEThttp://gobehost.info/images/headers/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://terenceteo.com/wp-content/uploads/photos/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://quarkspark.org/images/1203a.ton
User-Agent: Updates downloader
HTTP GEThttp://gobehost.info/images/headers/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://terenceteo.com/wp-content/uploads/photos/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://quarkspark.org/images/1203a.ton
User-Agent: Updates downloader
HTTP GEThttp://gobehost.info/images/headers/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://terenceteo.com/wp-content/uploads/photos/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://quarkspark.org/images/1203a.ton
User-Agent: Updates downloader
HTTP GEThttp://gobehost.info/images/headers/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://terenceteo.com/wp-content/uploads/photos/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://quarkspark.org/images/1203a.ton
User-Agent: Updates downloader
HTTP GEThttp://gobehost.info/images/headers/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://terenceteo.com/wp-content/uploads/photos/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://quarkspark.org/images/1203a.ton
User-Agent: Updates downloader
HTTP GEThttp://gobehost.info/images/headers/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://terenceteo.com/wp-content/uploads/photos/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://quarkspark.org/images/1203a.ton
User-Agent: Updates downloader
HTTP GEThttp://gobehost.info/images/headers/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://terenceteo.com/wp-content/uploads/photos/13003UKp.ton
User-Agent: Updates downloader
HTTP GEThttp://quarkspark.org/images/1203a.ton
User-Agent: Updates downloader
Flows TCP192.168.1.1:1031 ➝ 104.18.44.153:80
Flows TCP192.168.1.1:1032 ➝ 50.56.218.189:80
Flows TCP192.168.1.1:1033 ➝ 104.28.4.70:80
Flows TCP192.168.1.1:1034 ➝ 104.18.44.153:80
Flows TCP192.168.1.1:1035 ➝ 50.56.218.189:80
Flows TCP192.168.1.1:1036 ➝ 104.28.4.70:80
Flows TCP192.168.1.1:1037 ➝ 104.18.44.153:80
Flows TCP192.168.1.1:1038 ➝ 50.56.218.189:80
Flows TCP192.168.1.1:1039 ➝ 104.28.4.70:80
Flows TCP192.168.1.1:1040 ➝ 104.18.44.153:80
Flows TCP192.168.1.1:1041 ➝ 50.56.218.189:80
Flows TCP192.168.1.1:1042 ➝ 104.28.4.70:80
Flows TCP192.168.1.1:1043 ➝ 104.18.44.153:80
Flows TCP192.168.1.1:1044 ➝ 50.56.218.189:80
Flows TCP192.168.1.1:1045 ➝ 104.28.4.70:80
Flows TCP192.168.1.1:1046 ➝ 104.18.44.153:80
Flows TCP192.168.1.1:1047 ➝ 50.56.218.189:80
Flows TCP192.168.1.1:1048 ➝ 104.28.4.70:80
Flows TCP192.168.1.1:1049 ➝ 104.18.44.153:80
Flows TCP192.168.1.1:1050 ➝ 50.56.218.189:80
Flows TCP192.168.1.1:1051 ➝ 104.28.4.70:80
Flows TCP192.168.1.1:1052 ➝ 104.18.44.153:80
Flows TCP192.168.1.1:1053 ➝ 50.56.218.189:80
Flows TCP192.168.1.1:1054 ➝ 104.28.4.70:80
Flows TCP192.168.1.1:1055 ➝ 104.18.44.153:80
Flows TCP192.168.1.1:1056 ➝ 50.56.218.189:80
Flows TCP192.168.1.1:1057 ➝ 104.28.4.70:80
Flows TCP192.168.1.1:1058 ➝ 104.18.44.153:80
Flows TCP192.168.1.1:1059 ➝ 50.56.218.189:80
Flows TCP192.168.1.1:1060 ➝ 104.28.4.70:80
Flows TCP192.168.1.1:1061 ➝ 104.18.44.153:80
Flows TCP192.168.1.1:1062 ➝ 50.56.218.189:80
Flows TCP192.168.1.1:1063 ➝ 104.28.4.70:80
Flows TCP192.168.1.1:1064 ➝ 104.18.44.153:80
Flows TCP192.168.1.1:1065 ➝ 50.56.218.189:80
Flows TCP192.168.1.1:1066 ➝ 104.28.4.70:80
Flows TCP192.168.1.1:1067 ➝ 104.18.44.153:80
Flows TCP192.168.1.1:1068 ➝ 50.56.218.189:80
Flows TCP192.168.1.1:1069 ➝ 104.28.4.70:80
Flows TCP192.168.1.1:1070 ➝ 104.18.44.153:80
Flows TCP192.168.1.1:1071 ➝ 50.56.218.189:80
Flows TCP192.168.1.1:1072 ➝ 104.28.4.70:80
Flows TCP192.168.1.1:1073 ➝ 104.18.44.153:80
Flows TCP192.168.1.1:1074 ➝ 50.56.218.189:80
Flows TCP192.168.1.1:1075 ➝ 104.28.4.70:80
Flows TCP192.168.1.1:1076 ➝ 104.18.44.153:80
Flows TCP192.168.1.1:1077 ➝ 50.56.218.189:80
Flows TCP192.168.1.1:1078 ➝ 104.28.4.70:80
Flows TCP192.168.1.1:1079 ➝ 104.18.44.153:80
Flows TCP192.168.1.1:1080 ➝ 50.56.218.189:80
Flows TCP192.168.1.1:1081 ➝ 104.28.4.70:80
Flows TCP192.168.1.1:1082 ➝ 104.18.44.153:80
Flows TCP192.168.1.1:1083 ➝ 50.56.218.189:80
Flows TCP192.168.1.1:1084 ➝ 104.28.4.70:80
Flows TCP192.168.1.1:1085 ➝ 104.18.44.153:80
Flows TCP192.168.1.1:1086 ➝ 50.56.218.189:80
Flows TCP192.168.1.1:1087 ➝ 104.28.4.70:80
Flows TCP192.168.1.1:1088 ➝ 104.18.44.153:80
Flows TCP192.168.1.1:1089 ➝ 50.56.218.189:80
Flows TCP192.168.1.1:1090 ➝ 104.28.4.70:80
Flows TCP192.168.1.1:1091 ➝ 104.18.44.153:80
Flows TCP192.168.1.1:1092 ➝ 50.56.218.189:80
Flows TCP192.168.1.1:1093 ➝ 104.28.4.70:80
Flows TCP192.168.1.1:1094 ➝ 104.18.44.153:80
Flows TCP192.168.1.1:1095 ➝ 50.56.218.189:80
Flows TCP192.168.1.1:1096 ➝ 104.28.4.70:80
Flows TCP192.168.1.1:1097 ➝ 104.18.44.153:80
Flows TCP192.168.1.1:1098 ➝ 50.56.218.189:80
Flows TCP192.168.1.1:1099 ➝ 104.28.4.70:80
Flows TCP192.168.1.1:1100 ➝ 104.18.44.153:80
Flows TCP192.168.1.1:1101 ➝ 50.56.218.189:80
Flows TCP192.168.1.1:1102 ➝ 104.28.4.70:80
Flows TCP192.168.1.1:1103 ➝ 104.18.44.153:80
Flows TCP192.168.1.1:1104 ➝ 50.56.218.189:80
Flows TCP192.168.1.1:1105 ➝ 104.28.4.70:80
Flows TCP192.168.1.1:1106 ➝ 104.18.44.153:80
Flows TCP192.168.1.1:1107 ➝ 50.56.218.189:80
Flows TCP192.168.1.1:1108 ➝ 104.28.4.70:80
Flows TCP192.168.1.1:1109 ➝ 104.18.44.153:80
Flows TCP192.168.1.1:1110 ➝ 50.56.218.189:80
Flows TCP192.168.1.1:1111 ➝ 104.28.4.70:80
Flows TCP192.168.1.1:1112 ➝ 104.18.44.153:80
Flows TCP192.168.1.1:1113 ➝ 50.56.218.189:80
Flows TCP192.168.1.1:1114 ➝ 104.28.4.70:80
Flows TCP192.168.1.1:1115 ➝ 104.18.44.153:80
Flows TCP192.168.1.1:1116 ➝ 50.56.218.189:80
Flows TCP192.168.1.1:1117 ➝ 104.28.4.70:80
Flows TCP192.168.1.1:1118 ➝ 104.18.44.153:80
Flows TCP192.168.1.1:1119 ➝ 50.56.218.189:80
Flows TCP192.168.1.1:1120 ➝ 104.28.4.70:80
Flows TCP192.168.1.1:1121 ➝ 104.18.44.153:80
Flows TCP192.168.1.1:1122 ➝ 50.56.218.189:80
Flows TCP192.168.1.1:1123 ➝ 104.28.4.70:80
Flows TCP192.168.1.1:1124 ➝ 104.18.44.153:80
Flows TCP192.168.1.1:1125 ➝ 50.56.218.189:80
Flows TCP192.168.1.1:1126 ➝ 104.28.4.70:80
Flows TCP192.168.1.1:1127 ➝ 104.18.44.153:80
Flows TCP192.168.1.1:1128 ➝ 50.56.218.189:80
Flows TCP192.168.1.1:1129 ➝ 104.28.4.70:80
Flows TCP192.168.1.1:1130 ➝ 104.18.44.153:80
Flows TCP192.168.1.1:1131 ➝ 50.56.218.189:80
Flows TCP192.168.1.1:1132 ➝ 104.28.4.70:80
Flows TCP192.168.1.1:1133 ➝ 104.18.44.153:80
Flows TCP192.168.1.1:1134 ➝ 50.56.218.189:80
Flows TCP192.168.1.1:1135 ➝ 104.28.4.70:80
Flows TCP192.168.1.1:1136 ➝ 104.18.44.153:80
Flows TCP192.168.1.1:1137 ➝ 50.56.218.189:80
Flows TCP192.168.1.1:1138 ➝ 104.28.4.70:80
Flows TCP192.168.1.1:1139 ➝ 104.18.44.153:80
Flows TCP192.168.1.1:1140 ➝ 50.56.218.189:80
Flows TCP192.168.1.1:1141 ➝ 104.28.4.70:80
Flows TCP192.168.1.1:1142 ➝ 104.18.44.153:80
Flows TCP192.168.1.1:1143 ➝ 50.56.218.189:80
Flows TCP192.168.1.1:1144 ➝ 104.28.4.70:80
Flows TCP192.168.1.1:1145 ➝ 104.18.44.153:80
Flows TCP192.168.1.1:1146 ➝ 50.56.218.189:80
Flows TCP192.168.1.1:1147 ➝ 104.28.4.70:80
Flows TCP192.168.1.1:1148 ➝ 104.18.44.153:80
Flows TCP192.168.1.1:1149 ➝ 50.56.218.189:80
Flows TCP192.168.1.1:1150 ➝ 104.28.4.70:80
Flows TCP192.168.1.1:1151 ➝ 104.18.44.153:80
Flows TCP192.168.1.1:1152 ➝ 50.56.218.189:80
Flows TCP192.168.1.1:1153 ➝ 104.28.4.70:80
Flows TCP192.168.1.1:1154 ➝ 104.18.44.153:80
Flows TCP192.168.1.1:1155 ➝ 50.56.218.189:80

Raw Pcap

Strings