Analysis Date | 2015-11-02 16:20:02 |
---|---|
MD5 | 477ae994b3490842b61736307a42a69a |
SHA1 | f07f1b249f9a10f93f3b188c55be787f3729648f |
Static Details:
File type | PE32 executable for MS Windows (GUI) Intel 80386 32-bit | |
---|---|---|
Section | .text md5: db240ece3132817f63441fc8c058f507 sha1: 6e41a35586dfc7d0d78b9ba60324b86a15ccee17 size: 1408000 | |
Section | .rdata md5: 392aab1e49b0e8750ba517567548477e sha1: 2577f2c4064edcb2e1161ffccc0f7cd029c28ead size: 325120 | |
Section | .data md5: f290dbe659a454c851b70bb0ee39c0d9 sha1: 67006ccdb5fa5deaa4a8b104737edee808362a1e size: 7680 | |
Section | .reloc md5: 8fa168eef128f82e49eebf24a4314aa5 sha1: 9acbaa81e72ed338c2e8788a8be81d758ecee4f4 size: 197120 | |
Timestamp | 2015-05-11 04:36:08 | |
Packer | VC8 -> Microsoft Corporation | |
PEhash | c37a235058e64d42f953ad1cdff22917083954e4 | |
IMPhash | dad8e12ea035ce7a9c513eb41b85526d | |
AV | MalwareBytes | No Virus |
AV | Padvish | No Virus |
AV | Ikarus | Trojan.Win32.Bayrob |
AV | MalwareBytes | No Virus |
AV | Microsoft Security Essentials | TrojanSpy:Win32/Nivdort!rfn |
AV | MicroWorld (escan) | Gen:Variant.Diley.1 |
AV | Fortinet | W32/Bayrob.X!tr |
AV | Grisoft (avg) | Win32/Cryptor |
AV | K7 | Trojan ( 004c77f41 ) |
AV | Kaspersky | Trojan.Win32.Generic |
AV | Mcafee | Trojan-FGIJ!477AE994B349 |
AV | Microsoft Security Essentials | TrojanSpy:Win32/Nivdort!rfn |
AV | F-Secure | Gen:Variant.Diley.1 |
AV | MicroWorld (escan) | Gen:Variant.Diley.1 |
AV | Eset (nod32) | Win32/Bayrob.Y |
AV | Eset (nod32) | Win32/Bayrob.Y |
AV | Frisk (f-prot) | No Virus |
AV | Grisoft (avg) | Win32/Cryptor |
AV | Fortinet | W32/Bayrob.X!tr |
AV | Ikarus | Trojan.Win32.Bayrob |
AV | K7 | Trojan ( 004c77f41 ) |
AV | Kaspersky | Trojan.Win32.Generic |
AV | F-Secure | Gen:Variant.Diley.1 |
AV | Mcafee | Trojan-FGIJ!477AE994B349 |
AV | Ad-Aware | Gen:Variant.Diley.1 |
AV | BullGuard | Gen:Variant.Diley.1 |
AV | BullGuard | Gen:Variant.Diley.1 |
AV | Alwil (avast) | Dropper-OJQ [Drp] |
AV | Authentium | W32/SoxGrave.A.gen!Eldorado |
AV | CA (E-Trust Ino) | No Virus |
AV | CA (E-Trust Ino) | No Virus |
AV | Authentium | W32/SoxGrave.A.gen!Eldorado |
AV | Alwil (avast) | Dropper-OJQ [Drp] |
AV | CAT (quickheal) | No Virus |
AV | CAT (quickheal) | No Virus |
AV | Ad-Aware | Gen:Variant.Diley.1 |
AV | Avira (antivir) | TR/Crypt.Xpack.280228 |
AV | ClamAV | No Virus |
AV | ClamAV | No Virus |
AV | Avira (antivir) | TR/Crypt.Xpack.280228 |
AV | Frisk (f-prot) | No Virus |
AV | Dr. Web | Trojan.Bayrob.5 |
AV | Dr. Web | Trojan.Bayrob.5 |
AV | Arcabit (arcavir) | Gen:Variant.Diley.1 |
AV | BitDefender | Gen:Variant.Diley.1 |
AV | Emsisoft | Gen:Variant.Diley.1 |
AV | Emsisoft | Gen:Variant.Diley.1 |
AV | BitDefender | Gen:Variant.Diley.1 |
AV | Arcabit (arcavir) | Gen:Variant.Diley.1 |
AV | Padvish | No Virus |
Runtime Details:
Screenshot | ![]() |
---|
Process
↳ C:\malware.exe
Creates File | C:\WINDOWS\system32\efbfbdsnhqj\tst |
---|---|
Creates File | C:\Documents and Settings\Administrator\Local Settings\Temp\chmridz81lqzngv9iqsomorge.exe |
Creates Process | C:\Documents and Settings\Administrator\Local Settings\Temp\chmridz81lqzngv9iqsomorge.exe |
Process
↳ C:\Documents and Settings\Administrator\Local Settings\Temp\chmridz81lqzngv9iqsomorge.exe
Registry | HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Interactive Connections List Auto ➝ C:\WINDOWS\system32\seathvj.exe |
---|---|
Creates File | C:\WINDOWS\system32\drivers\etc\hosts |
Creates File | C:\WINDOWS\system32\efbfbdsnhqj\etc |
Creates File | C:\WINDOWS\system32\efbfbdsnhqj\lck |
Creates File | C:\WINDOWS\system32\efbfbdsnhqj\tst |
Creates File | C:\WINDOWS\system32\seathvj.exe |
Deletes File | C:\WINDOWS\system32\\drivers\etc\hosts |
Creates Process | C:\WINDOWS\system32\seathvj.exe |
Creates Service | Audio Driver DHCP Fax Link-Layer - C:\WINDOWS\system32\seathvj.exe |
Process
↳ C:\WINDOWS\system32\svchost.exe
Process
↳ Pid 804
Process
↳ Pid 848
Process
↳ C:\WINDOWS\System32\svchost.exe
Creates File | C:\WINDOWS\system32\WBEM\Logs\wbemess.log |
---|
Process
↳ Pid 1204
Process
↳ C:\WINDOWS\system32\spoolsv.exe
Registry | HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Print\BeepEnabled ➝ NULL |
---|---|
Registry | HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\Print\TypesSupported ➝ 7 |
Registry | HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Print\Printers\SymbolicLinkValue ➝ NULL |
Registry | HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Print\Printers\DefaultSpoolDirectory ➝ C:\WINDOWS\System32\spool\PRINTERS\\x00 |
Registry | HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Providers\LogonTime ➝ NULL |
Creates File | WMIDataDevice |
Process
↳ Pid 1864
Process
↳ Pid 1128
Process
↳ C:\WINDOWS\system32\seathvj.exe
Registry | HKEY_LOCAL_MACHINE\Software\Microsoft\Security Center\FirewallDisableNotify ➝ 1 |
---|---|
Creates File | C:\WINDOWS\system32\efbfbdsnhqj\run |
Creates File | C:\WINDOWS\system32\efbfbdsnhqj\rng |
Creates File | C:\WINDOWS\system32\efbfbdsnhqj\tst |
Creates File | C:\WINDOWS\system32\efbfbdsnhqj\cfg |
Creates File | pipe\net\NtControlPipe10 |
Creates File | C:\WINDOWS\TEMP\chmridz81tb4ngv9i.exe |
Creates File | C:\WINDOWS\system32\efbfbdsnhqj\lck |
Creates File | C:\WINDOWS\system32\vphxcvk.exe |
Creates File | \Device\Afd\Endpoint |
Creates Process | WATCHDOGPROC "c:\windows\system32\seathvj.exe" |
Creates Process | C:\WINDOWS\TEMP\chmridz81tb4ngv9i.exe -r 41695 tcp |
Process
↳ C:\WINDOWS\system32\seathvj.exe
Creates File | C:\WINDOWS\system32\efbfbdsnhqj\tst |
---|
Process
↳ WATCHDOGPROC "c:\windows\system32\seathvj.exe"
Creates File | C:\WINDOWS\system32\efbfbdsnhqj\tst |
---|
Process
↳ C:\WINDOWS\TEMP\chmridz81tb4ngv9i.exe -r 41695 tcp
Creates File | \Device\Afd\Endpoint |
---|---|
Winsock DNS | 239.255.255.250 |
Network Details:
DNS | recordsoldier.net Type: A 208.91.197.241 |
---|---|
DNS | fliersurprise.net Type: A 208.91.197.241 |
DNS | historybright.net Type: A 208.91.197.241 |
DNS | chiefsoldier.net Type: A 208.91.197.241 |
DNS | classsurprise.net Type: A 208.91.197.241 |
DNS | thosecontinue.net Type: A 208.91.197.241 |
DNS | throughcontain.net Type: A 208.91.197.241 |
DNS | belongguard.net Type: A 208.91.197.241 |
DNS | maybellinethaddeus.net Type: A 208.91.197.241 |
DNS | kimberleyshavonne.net Type: A 208.91.197.241 |
DNS | naildeep.com Type: A 74.220.215.218 |
DNS | riddenstorm.net Type: A 66.147.240.171 |
DNS | destroystorm.net Type: A 216.239.138.86 |
DNS | wishfish.net Type: A 50.63.202.55 |
DNS | deadwing.net Type: A 85.25.214.16 |
DNS | deadlady.net Type: A 195.22.26.253 |
DNS | deadlady.net Type: A 195.22.26.254 |
DNS | deadlady.net Type: A 195.22.26.231 |
DNS | deadlady.net Type: A 195.22.26.252 |
DNS | rocklady.net Type: A 64.61.199.44 |
DNS | deadfish.net Type: A 69.172.201.208 |
DNS | rockfish.net Type: A 96.45.83.91 |
DNS | rockfish.net Type: A 96.45.83.235 |
DNS | rockfish.net Type: A 96.45.82.90 |
DNS | rockfish.net Type: A 96.45.82.194 |
DNS | wronglady.net Type: A 208.100.26.234 |
DNS | southcity.net Type: A 207.148.248.143 |
DNS | spotcity.net Type: A 91.195.240.101 |
DNS | saltcity.net Type: A 184.168.221.55 |
DNS | gladcity.net Type: A 65.254.248.183 |
DNS | visitcity.net Type: A 104.193.110.28 |
DNS | watchcity.net Type: A 207.148.248.143 |
DNS | faircity.net Type: A 80.77.120.47 |
DNS | dreamgrow.net Type: A 213.180.31.141 |
DNS | dreamcity.net Type: A 72.52.4.119 |
DNS | thiscity.net Type: A 121.42.126.34 |
DNS | husbandfound.net Type: A |
DNS | leadershort.net Type: A |
DNS | eggbraker.com Type: A |
DNS | ithouneed.com Type: A |
DNS | wishpast.net Type: A |
DNS | joinlady.net Type: A |
DNS | wishlady.net Type: A |
DNS | joinfish.net Type: A |
DNS | rockwing.net Type: A |
DNS | deadpast.net Type: A |
DNS | rockpast.net Type: A |
DNS | wrongwing.net Type: A |
DNS | madewing.net Type: A |
DNS | wrongpast.net Type: A |
DNS | madepast.net Type: A |
DNS | madelady.net Type: A |
DNS | wrongfish.net Type: A |
DNS | madefish.net Type: A |
DNS | arivegrow.net Type: A |
DNS | southgrow.net Type: A |
DNS | arivetear.net Type: A |
DNS | southtear.net Type: A |
DNS | arivethank.net Type: A |
DNS | souththank.net Type: A |
DNS | arivecity.net Type: A |
DNS | upongrow.net Type: A |
DNS | whichgrow.net Type: A |
DNS | upontear.net Type: A |
DNS | whichtear.net Type: A |
DNS | uponthank.net Type: A |
DNS | whichthank.net Type: A |
DNS | uponcity.net Type: A |
DNS | whichcity.net Type: A |
DNS | spotgrow.net Type: A |
DNS | saltgrow.net Type: A |
DNS | spottear.net Type: A |
DNS | salttear.net Type: A |
DNS | spotthank.net Type: A |
DNS | saltthank.net Type: A |
DNS | gladgrow.net Type: A |
DNS | takengrow.net Type: A |
DNS | gladtear.net Type: A |
DNS | takentear.net Type: A |
DNS | gladthank.net Type: A |
DNS | takenthank.net Type: A |
DNS | takencity.net Type: A |
DNS | equalgrow.net Type: A |
DNS | groupgrow.net Type: A |
DNS | equaltear.net Type: A |
DNS | grouptear.net Type: A |
DNS | equalthank.net Type: A |
DNS | groupthank.net Type: A |
DNS | equalcity.net Type: A |
DNS | groupcity.net Type: A |
DNS | spokegrow.net Type: A |
DNS | visitgrow.net Type: A |
DNS | spoketear.net Type: A |
DNS | visittear.net Type: A |
DNS | spokethank.net Type: A |
DNS | visitthank.net Type: A |
DNS | spokecity.net Type: A |
DNS | watchgrow.net Type: A |
DNS | fairgrow.net Type: A |
DNS | watchtear.net Type: A |
DNS | fairtear.net Type: A |
DNS | watchthank.net Type: A |
DNS | fairthank.net Type: A |
DNS | thisgrow.net Type: A |
DNS | dreamtear.net Type: A |
DNS | thistear.net Type: A |
DNS | dreamthank.net Type: A |
DNS | thisthank.net Type: A |
HTTP GET | http://recordsoldier.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://fliersurprise.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://historybright.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://chiefsoldier.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://classsurprise.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://thosecontinue.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://throughcontain.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://belongguard.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://maybellinethaddeus.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://kimberleyshavonne.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://naildeep.com/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://riddenstorm.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://destroystorm.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://wishfish.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://deadwing.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://deadlady.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://rocklady.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://deadfish.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://rockfish.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://wronglady.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://southcity.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://spotcity.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://saltcity.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://gladcity.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://visitcity.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://watchcity.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://faircity.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://dreamgrow.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://dreamcity.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://thiscity.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://recordsoldier.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://fliersurprise.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://historybright.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://chiefsoldier.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://classsurprise.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://thosecontinue.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://throughcontain.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://belongguard.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://maybellinethaddeus.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://kimberleyshavonne.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://naildeep.com/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://riddenstorm.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://destroystorm.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://wishfish.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://deadwing.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://deadlady.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://rocklady.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://deadfish.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://rockfish.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://wronglady.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://southcity.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://spotcity.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://saltcity.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://gladcity.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://visitcity.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://watchcity.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://faircity.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://dreamgrow.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://dreamcity.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
HTTP GET | http://thiscity.net/index.php?method=validate&mode=sox&v=050&sox=3c18da00&lenhdr User-Agent: |
Flows TCP | 192.168.1.1:1036 ➝ 208.91.197.241:80 |
Flows TCP | 192.168.1.1:1037 ➝ 208.91.197.241:80 |
Flows TCP | 192.168.1.1:1038 ➝ 208.91.197.241:80 |
Flows TCP | 192.168.1.1:1039 ➝ 208.91.197.241:80 |
Flows TCP | 192.168.1.1:1040 ➝ 208.91.197.241:80 |
Flows TCP | 192.168.1.1:1041 ➝ 208.91.197.241:80 |
Flows TCP | 192.168.1.1:1042 ➝ 208.91.197.241:80 |
Flows TCP | 192.168.1.1:1043 ➝ 208.91.197.241:80 |
Flows TCP | 192.168.1.1:1044 ➝ 208.91.197.241:80 |
Flows TCP | 192.168.1.1:1046 ➝ 208.91.197.241:80 |
Flows TCP | 192.168.1.1:1047 ➝ 74.220.215.218:80 |
Flows TCP | 192.168.1.1:1048 ➝ 66.147.240.171:80 |
Flows TCP | 192.168.1.1:1049 ➝ 216.239.138.86:80 |
Flows TCP | 192.168.1.1:1050 ➝ 50.63.202.55:80 |
Flows TCP | 192.168.1.1:1051 ➝ 85.25.214.16:80 |
Flows TCP | 192.168.1.1:1052 ➝ 195.22.26.253:80 |
Flows TCP | 192.168.1.1:1053 ➝ 64.61.199.44:80 |
Flows TCP | 192.168.1.1:1054 ➝ 69.172.201.208:80 |
Flows TCP | 192.168.1.1:1055 ➝ 96.45.83.91:80 |
Flows TCP | 192.168.1.1:1056 ➝ 208.100.26.234:80 |
Flows TCP | 192.168.1.1:1057 ➝ 207.148.248.143:80 |
Flows TCP | 192.168.1.1:1058 ➝ 91.195.240.101:80 |
Flows TCP | 192.168.1.1:1059 ➝ 184.168.221.55:80 |
Flows TCP | 192.168.1.1:1060 ➝ 65.254.248.183:80 |
Flows TCP | 192.168.1.1:1061 ➝ 104.193.110.28:80 |
Flows TCP | 192.168.1.1:1062 ➝ 207.148.248.143:80 |
Flows TCP | 192.168.1.1:1063 ➝ 80.77.120.47:80 |
Flows TCP | 192.168.1.1:1064 ➝ 213.180.31.141:80 |
Flows TCP | 192.168.1.1:1065 ➝ 72.52.4.119:80 |
Flows TCP | 192.168.1.1:1066 ➝ 121.42.126.34:80 |
Flows TCP | 192.168.1.1:1067 ➝ 208.91.197.241:80 |
Flows TCP | 192.168.1.1:1068 ➝ 208.91.197.241:80 |
Flows TCP | 192.168.1.1:1069 ➝ 208.91.197.241:80 |
Flows TCP | 192.168.1.1:1070 ➝ 208.91.197.241:80 |
Flows TCP | 192.168.1.1:1071 ➝ 208.91.197.241:80 |
Flows TCP | 192.168.1.1:1072 ➝ 208.91.197.241:80 |
Flows TCP | 192.168.1.1:1073 ➝ 208.91.197.241:80 |
Flows TCP | 192.168.1.1:1074 ➝ 208.91.197.241:80 |
Flows TCP | 192.168.1.1:1075 ➝ 208.91.197.241:80 |
Flows TCP | 192.168.1.1:1076 ➝ 208.91.197.241:80 |
Flows TCP | 192.168.1.1:1077 ➝ 74.220.215.218:80 |
Flows TCP | 192.168.1.1:1078 ➝ 66.147.240.171:80 |
Flows TCP | 192.168.1.1:1079 ➝ 216.239.138.86:80 |
Flows TCP | 192.168.1.1:1080 ➝ 50.63.202.55:80 |
Flows TCP | 192.168.1.1:1081 ➝ 85.25.214.16:80 |
Flows TCP | 192.168.1.1:1082 ➝ 195.22.26.253:80 |
Flows TCP | 192.168.1.1:1083 ➝ 64.61.199.44:80 |
Flows TCP | 192.168.1.1:1084 ➝ 69.172.201.208:80 |
Flows TCP | 192.168.1.1:1085 ➝ 96.45.83.91:80 |
Flows TCP | 192.168.1.1:1086 ➝ 208.100.26.234:80 |
Flows TCP | 192.168.1.1:1087 ➝ 207.148.248.143:80 |
Flows TCP | 192.168.1.1:1088 ➝ 91.195.240.101:80 |
Flows TCP | 192.168.1.1:1089 ➝ 184.168.221.55:80 |
Flows TCP | 192.168.1.1:1090 ➝ 65.254.248.183:80 |
Flows TCP | 192.168.1.1:1091 ➝ 104.193.110.28:80 |
Flows TCP | 192.168.1.1:1092 ➝ 207.148.248.143:80 |
Flows TCP | 192.168.1.1:1093 ➝ 80.77.120.47:80 |
Flows TCP | 192.168.1.1:1094 ➝ 213.180.31.141:80 |
Flows TCP | 192.168.1.1:1095 ➝ 72.52.4.119:80 |
Flows TCP | 192.168.1.1:1096 ➝ 121.42.126.34:80 |
Raw Pcap
Strings