Analysis Date2015-12-04 07:06:43
MD53f8508727a4996ea147d57ff2133f84d
SHA1e347fb5e1284c0462a6860798b0a0a0fa817e0a0

Static Details:

File typePE32 executable for MS Windows (GUI) Intel 80386 32-bit
Section.text md5: 3767c7cf040fd13e8d71549a27ce2bad sha1: 9fde7d1bb2aa909c4eff99c94ffa890e066bca2b size: 52736
Section.rdata md5: 0b35d81f86134cb47bc8bce51cd8abf2 sha1: 580330b48084efc4a978ed43dcbf4f5f6cd9f6e1 size: 14336
Section.data md5: dbc5721142d3c4b368a9380ad2b22758 sha1: 57797afa7d2d1c257ee4b404a3675acf4017f312 size: 4608
Section.rsrc md5: 5be68c19c0abe376af98a4c1fdfa3050 sha1: 5868e7122f6fa5b70c8b4dc59109a4b5f4e1868e size: 482304
Timestamp2015-01-30 16:25:24
VersionLegalCopyright: Copyright (C) Arrange 2006-2013
Legal Trademarks: Arrange
Internal Name: Mississippi.exe
CompanyName: Wilson Johnson principle - www.Arrange.com
ProductName: Arrange
Original Filename: Mississippi.exe
ProductVersion: 7.0
FileDescription: Theory badly hell origin tribe couple mail
FileVersion: 1.0.0.8
PackerMicrosoft Visual C++ ?.?
PEhash30ffc4840ce167bdec14bbc4c4a5564c16db1937
IMPhash2238cecb61d318821836dd2ff71d412a
AVKasperskyTrojan.Win32.Generic
AVPadvishno_virus
AVF-SecureTrojan.Lethic.Gen.1
AVKasperskyTrojan.Win32.Generic
AVMicrosoft Security EssentialsVirTool:Win32/CeeInject.GF
AVMicroWorld (escan)Trojan.Lethic.Gen.1
AVFortinetW32/Kryptik.CXBS!tr
AVFrisk (f-prot)no_virus
AVIkarusTrojan.Crypt
AVK7Trojan ( 004b4b2b1 )
AVMcafeeno_virus
AVMcafeeno_virus
AVMicrosoft Security EssentialsVirTool:Win32/CeeInject.GF
AVMicroWorld (escan)Trojan.Lethic.Gen.1
AVEset (nod32)Win32/Kryptik.CWWK
AVEset (nod32)Win32/Kryptik.CWWK
AVFortinetW32/Kryptik.CXBS!tr
AVFrisk (f-prot)no_virus
AVF-SecureTrojan.Lethic.Gen.1
AVGrisoft (avg)Crypt3.BXBZ
AVIkarusTrojan.Crypt
AVK7Trojan ( 004b4b2b1 )
AVMalwareBytesTrojan.Agent.DED
AVMalwareBytesTrojan.Agent.DED
AVAd-AwareTrojan.Lethic.Gen.1
AVBullGuardTrojan.Lethic.Gen.1
AVBullGuardTrojan.Lethic.Gen.1
AVAlwil (avast)Androp [Drp]
AVAuthentiumW32/Rovnix.A.gen!Eldorado
AVCA (E-Trust Ino)no_virus
AVCA (E-Trust Ino)no_virus
AVAuthentiumW32/Rovnix.A.gen!Eldorado
AVAlwil (avast)Androp [Drp]
AVCAT (quickheal)TrojanRansom.Crowti.MUE.A4
AVCAT (quickheal)TrojanRansom.Crowti.MUE.A4
AVAd-AwareTrojan.Lethic.Gen.1
AVAvira (antivir)TR/Crypt.ZPACK.125052
AVClamAVno_virus
AVClamAVno_virus
AVAvira (antivir)TR/Crypt.ZPACK.125052
AVGrisoft (avg)Crypt3.BXBZ
AVDr. WebTrojan.Encoder.514
AVDr. WebTrojan.Encoder.514
AVArcabit (arcavir)Trojan.Lethic.Gen.1
AVBitDefenderTrojan.Lethic.Gen.1
AVEmsisoftTrojan.Lethic.Gen.1
AVEmsisoftTrojan.Lethic.Gen.1
AVBitDefenderTrojan.Lethic.Gen.1
AVArcabit (arcavir)Trojan.Lethic.Gen.1
AVPadvishno_virus

Runtime Details:

Screenshot

Process
↳ C:\malware.exe

Creates FileC:\Documents and Settings\Administrator\Local Settings\Temp\3.tmp
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temp\2.tmp
Creates ProcessC:\Documents and Settings\Administrator\Local Settings\Temp\3.tmp
Creates ProcessC:\Documents and Settings\Administrator\Local Settings\Temp\2.tmp

Process
↳ C:\Documents and Settings\Administrator\Local Settings\Temp\2.tmp

Creates ProcessC:\WINDOWS\explorer.exe

Process
↳ C:\Documents and Settings\Administrator\Local Settings\Temp\3.tmp

Creates FileC:\WINDOWS\FrameworkUpdate\Update.exe
Creates FileC:\Documents and Settings\Administrator\Application Data\\\xe9\\xfa\\xbd\\xe9\\xce\\x92\\xe9\\xe7\\x93\\xe8\\xa6\\x9c
Creates Mutex_HSJ909NJJNJ90203_
Creates ServiceEnables the detection, download and installation of updates for Windows. - C:\WINDOWS\FrameworkUpdate\Update.exe

Process
↳ C:\WINDOWS\explorer.exe

Creates FileC:\Documents and Settings\Administrator\Start Menu\Programs\Startup\6ff06165.exe
Creates FileC:\6ff06165\6ff06165.exe
Creates FileC:\Documents and Settings\Administrator\Application Data\6ff06165.exe
Creates Processvssadmin.exe Delete Shadows /All /Quiet
Creates Process-k netsvcs

Process
↳ C:\WINDOWS\FrameworkUpdate\Update.exe

Process
↳ C:\WINDOWS\system32\svchost.exe

Process
↳ -k netsvcs

RegistryHKEY_CURRENT_CONFIG\Software\Microsoft\windows\CurrentVersion\Internet Settings\ProxyEnable ➝
NULL
RegistryHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass ➝
1
Creates FileC:\Documents and Settings\Administrator\Local Settings\History\History.IE5\index.dat
Creates FileC:\Documents and Settings\Administrator\Cookies\index.dat
Creates FilePIPE\lsarpc
Creates File\Device\Afd\Endpoint
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat
Creates Mutexc:!documents and settings!administrator!local settings!history!history.ie5!
Creates Mutexc:!documents and settings!administrator!cookies!
Creates Mutexc:!documents and settings!administrator!local settings!temporary internet files!content.ie5!
Winsock DNS5.199.165.160
Winsock DNSfleep.com
Winsock DNSevidentis.tv
Winsock DNSddiss.com
Winsock DNStgp.com.my
Winsock DNSformagrafic.com
Winsock DNStgp.my
Winsock DNSlensprojapan.com
Winsock DNSnaomis-kitchen.com
Winsock DNSaquionics.net
Winsock DNS173.230.130.167
Winsock DNSterreal.com.my
Winsock DNSandyknife.com
Winsock DNSfleep.jp
Winsock DNSblessedcode.net
Winsock DNScurlmyip.com
Winsock DNSmacrobiotics-japan.com
Winsock DNSentramuntanats.org
Winsock DNSamaru.me
Winsock DNSfutbolenelbar.com
Winsock DNSkslcity.com.my
Winsock DNS94.247.28.29
Winsock DNSfleep.net
Winsock DNS91.121.12.127
Winsock DNSmyexternalip.com
Winsock DNSmlmsoftware.com.my
Winsock DNSlacubana.es
Winsock DNSip-addr.es

Process
↳ Pid 804

Process
↳ Pid 852

Process
↳ C:\WINDOWS\System32\svchost.exe

Creates FileC:\WINDOWS\system32\WBEM\Logs\wbemess.log

Process
↳ Pid 1212

Process
↳ C:\WINDOWS\system32\spoolsv.exe

Process
↳ Pid 1860

Process
↳ Pid 1136

Process
↳ vssadmin.exe Delete Shadows /All /Quiet

Creates FilePIPE\lsarpc

Network Details:

DNSip-addr.es
Type: A
188.165.164.184
DNSmyexternalip.com
Type: A
78.47.139.102
DNScurlmyip.com
Type: A
184.106.112.172
DNSentramuntanats.org
Type: A
95.215.62.77
DNSformagrafic.com
Type: A
95.215.62.77
DNStgp.com.my
Type: A
103.18.247.250
DNSandyknife.com
Type: A
95.215.62.77
DNSfutbolenelbar.com
Type: A
95.215.62.77
DNSkslcity.com.my
Type: A
103.18.247.250
DNSmlmsoftware.com.my
Type: A
43.252.215.197
DNSterreal.com.my
Type: A
103.18.247.250
DNSfleep.com
Type: A
219.94.235.33
DNStgp.my
Type: A
103.18.247.250
DNSlacubana.es
Type: A
95.215.62.77
DNSlensprojapan.com
Type: A
204.11.56.48
DNSmacrobiotics-japan.com
Type: A
219.94.235.33
DNSfleep.jp
Type: A
219.94.235.33
DNSddiss.com
Type: A
54.175.122.20
DNSaquionics.net
Type: A
103.18.247.250
DNSfleep.net
Type: A
219.94.235.33
DNSamaru.me
Type: A
DNSblessedcode.net
Type: A
DNSnaomis-kitchen.com
Type: A
DNSevidentis.tv
Type: A
HTTP GEThttp://ip-addr.es/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP GEThttp://myexternalip.com/raw
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP GEThttp://curlmyip.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP POSThttp://entramuntanats.org:65535/6qa511i86qc
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP POSThttp://formagrafic.com:8585/6qa511i86qc
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP POSThttp://tgp.com.my:65535/6qa511i86qc
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP POSThttp://andyknife.com:65535/6qa511i86qc
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP POSThttp://futbolenelbar.com:65535/6qa511i86qc
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP POSThttp://kslcity.com.my:2525/6qa511i86qc
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP POSThttp://mlmsoftware.com.my:65535/6qa511i86qc
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP POSThttp://terreal.com.my:65535/6qa511i86qc
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP POSThttp://5.199.165.160:2525/6qa511i86qc
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP POSThttp://173.230.130.167:8080/6qa511i86qc
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP POSThttp://fleep.com:8081/6qa511i86qc
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP POSThttp://tgp.my:65535/6qa511i86qc
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP POSThttp://lacubana.es:8585/6qa511i86qc
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP POSThttp://91.121.12.127:81/6qa511i86qc
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP POSThttp://lensprojapan.com:8081/6qa511i86qc
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP POSThttp://macrobiotics-japan.com:65535/6qa511i86qc
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP POSThttp://fleep.jp:65535/6qa511i86qc
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP POSThttp://ddiss.com:8585/6qa511i86qc
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP POSThttp://aquionics.net:2525/6qa511i86qc
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP POSThttp://fleep.net:65535/6qa511i86qc
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP POSThttp://94.247.28.29:8080/6qa511i86qc
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP GEThttp://ip-addr.es/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP GEThttp://myexternalip.com/raw
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP GEThttp://curlmyip.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP POSThttp://entramuntanats.org:65535/ibm5sgar5gbramj
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP POSThttp://formagrafic.com:8585/ibm5sgar5gbramj
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP POSThttp://tgp.com.my:65535/ibm5sgar5gbramj
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP POSThttp://andyknife.com:65535/ibm5sgar5gbramj
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP POSThttp://futbolenelbar.com:65535/ibm5sgar5gbramj
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP POSThttp://kslcity.com.my:2525/ibm5sgar5gbramj
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP POSThttp://mlmsoftware.com.my:65535/ibm5sgar5gbramj
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP POSThttp://terreal.com.my:65535/ibm5sgar5gbramj
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP POSThttp://5.199.165.160:2525/ibm5sgar5gbramj
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP POSThttp://173.230.130.167:8080/ibm5sgar5gbramj
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP POSThttp://fleep.com:8081/ibm5sgar5gbramj
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP POSThttp://tgp.my:65535/ibm5sgar5gbramj
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP POSThttp://lacubana.es:8585/ibm5sgar5gbramj
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP POSThttp://91.121.12.127:81/ibm5sgar5gbramj
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP POSThttp://lensprojapan.com:8081/ibm5sgar5gbramj
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP POSThttp://macrobiotics-japan.com:65535/ibm5sgar5gbramj
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP POSThttp://fleep.jp:65535/ibm5sgar5gbramj
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP POSThttp://ddiss.com:8585/ibm5sgar5gbramj
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP POSThttp://aquionics.net:2525/ibm5sgar5gbramj
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP POSThttp://fleep.net:65535/ibm5sgar5gbramj
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP POSThttp://94.247.28.29:8080/ibm5sgar5gbramj
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP GEThttp://ip-addr.es/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP GEThttp://myexternalip.com/raw
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
HTTP GEThttp://curlmyip.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
Flows TCP192.168.1.1:1031 ➝ 188.165.164.184:80
Flows TCP192.168.1.1:1032 ➝ 78.47.139.102:80
Flows TCP192.168.1.1:1033 ➝ 184.106.112.172:80
Flows TCP192.168.1.1:1034 ➝ 95.215.62.77:65535
Flows TCP192.168.1.1:1035 ➝ 95.215.62.77:8585
Flows TCP192.168.1.1:1036 ➝ 103.18.247.250:65535
Flows TCP192.168.1.1:1037 ➝ 95.215.62.77:65535
Flows TCP192.168.1.1:1038 ➝ 95.215.62.77:65535
Flows TCP192.168.1.1:1039 ➝ 103.18.247.250:2525
Flows TCP192.168.1.1:1040 ➝ 43.252.215.197:65535
Flows TCP192.168.1.1:1041 ➝ 103.18.247.250:65535
Flows TCP192.168.1.1:1042 ➝ 5.199.165.160:2525
Flows TCP192.168.1.1:1043 ➝ 173.230.130.167:8080
Flows TCP192.168.1.1:1044 ➝ 219.94.235.33:8081
Flows TCP192.168.1.1:1045 ➝ 103.18.247.250:65535
Flows TCP192.168.1.1:1046 ➝ 95.215.62.77:8585
Flows TCP192.168.1.1:1047 ➝ 91.121.12.127:81
Flows TCP192.168.1.1:1048 ➝ 204.11.56.48:8081
Flows TCP192.168.1.1:1049 ➝ 219.94.235.33:65535
Flows TCP192.168.1.1:1050 ➝ 219.94.235.33:65535
Flows TCP192.168.1.1:1051 ➝ 54.175.122.20:8585
Flows TCP192.168.1.1:1052 ➝ 103.18.247.250:2525
Flows TCP192.168.1.1:1053 ➝ 219.94.235.33:65535
Flows TCP192.168.1.1:1054 ➝ 94.247.28.29:8080
Flows TCP192.168.1.1:1055 ➝ 188.165.164.184:80
Flows TCP192.168.1.1:1056 ➝ 78.47.139.102:80
Flows TCP192.168.1.1:1057 ➝ 184.106.112.172:80
Flows TCP192.168.1.1:1058 ➝ 95.215.62.77:65535
Flows TCP192.168.1.1:1059 ➝ 95.215.62.77:8585
Flows TCP192.168.1.1:1060 ➝ 103.18.247.250:65535
Flows TCP192.168.1.1:1061 ➝ 95.215.62.77:65535
Flows TCP192.168.1.1:1062 ➝ 95.215.62.77:65535
Flows TCP192.168.1.1:1063 ➝ 103.18.247.250:2525
Flows TCP192.168.1.1:1064 ➝ 43.252.215.197:65535
Flows TCP192.168.1.1:1065 ➝ 103.18.247.250:65535
Flows TCP192.168.1.1:1066 ➝ 5.199.165.160:2525
Flows TCP192.168.1.1:1067 ➝ 173.230.130.167:8080
Flows TCP192.168.1.1:1068 ➝ 219.94.235.33:8081
Flows TCP192.168.1.1:1069 ➝ 103.18.247.250:65535
Flows TCP192.168.1.1:1070 ➝ 95.215.62.77:8585
Flows TCP192.168.1.1:1071 ➝ 91.121.12.127:81
Flows TCP192.168.1.1:1072 ➝ 204.11.56.48:8081
Flows TCP192.168.1.1:1073 ➝ 219.94.235.33:65535
Flows TCP192.168.1.1:1074 ➝ 219.94.235.33:65535
Flows TCP192.168.1.1:1075 ➝ 54.175.122.20:8585
Flows TCP192.168.1.1:1076 ➝ 103.18.247.250:2525
Flows TCP192.168.1.1:1077 ➝ 219.94.235.33:65535
Flows TCP192.168.1.1:1078 ➝ 94.247.28.29:8080
Flows TCP192.168.1.1:1079 ➝ 188.165.164.184:80
Flows TCP192.168.1.1:1080 ➝ 78.47.139.102:80
Flows TCP192.168.1.1:1081 ➝ 184.106.112.172:80
Flows TCP192.168.1.1:1082 ➝ 95.215.62.77:65535

Raw Pcap

Strings