| Name | IP | Country | ASN | ASN Name | Trigger Process Type |
|---|---|---|---|---|---|
| 8.8.4.4 | United States | 15169 | Level 3 Parent, LLC | Malware Process | |
| agent.wizztrakys.com | 176.31.252.74 | France | 16276 | Malware Process | |
| www.wizzmonetize.com | 176.31.115.114 | France | 16276 | Malware Process | |
| ladomainadeserver.com | 176.31.106.195 | France | 16276 | Malware Process | |
| asedownloadgate.com | 46.105.121.115 | France | 16276 | Malware Process |
| Host | Port | Method | Version | User Agent | Count | Call Time During Execution(Sec) |
|---|---|---|---|---|---|---|
| www.wizzmonetize.com | 80 | POST | 1.1 | 1 | 17.9284639359 | |
|
Path: /remotes_xml_sections.php URI: http://www.wizzmonetize.com/remotes_xml_sections.php |
||||||
| asedownloadgate.com | 80 | GET | 1.1 | 1 | 21.2482359409 | |
|
Path: /from_backup/747474/AdsShow_installer.exe URI: http://asedownloadgate.com/from_backup/747474/AdsShow_installer.exe |
||||||
| asedownloadgate.com | 80 | GET | 1.1 | 1 | 22.1068029404 | |
|
Path: /3/000000/wizzcaster_installer_v2.exe URI: http://asedownloadgate.com/3/000000/wizzcaster_installer_v2.exe |
||||||
| asedownloadgate.com | 80 | GET | 1.1 | 1 | 23.1531741619 | |
|
Path: /exe/updater.exe URI: http://asedownloadgate.com/exe/updater.exe |
||||||
| asedownloadgate.com | 80 | GET | 1.1 | 1 | 28.0881619453 | |
|
Path: /safe_download/582369/AdsShow.exe URI: http://asedownloadgate.com/safe_download/582369/AdsShow.exe |
||||||
| asedownloadgate.com | 80 | GET | 1.1 | 1 | 31.3899040222 | |
|
Path: /download/3/wizzcaster_v2.exe URI: http://asedownloadgate.com/download/3/wizzcaster_v2.exe |
||||||
| agent.wizztrakys.com | 80 | POST | 1.1 | 1 | 31.5296039581 | |
|
Path: /wemonetize/wizzmonetize/sales_we_DefaultProduct_DefaultPartner_1_load URI: http://agent.wizztrakys.com/wemonetize/wizzmonetize/sales_we_DefaultProduct_DefaultPartner_1_load |
||||||
| asedownloadgate.com | 80 | GET | 1.1 | 1 | 33.4033491611 | |
|
Path: /download/3/wizzcaster_uninstaller_v2.exe URI: http://asedownloadgate.com/download/3/wizzcaster_uninstaller_v2.exe |
||||||
| ladomainadeserver.com | 80 | POST | 1.1 | 1 | 41.41771698 | |
|
Path: /api/v5/config URI: http://ladomainadeserver.com/api/v5/config |
||||||
| ladomainadeserver.com | 80 | POST | 1.1 | 1 | 49.2110590935 | |
|
Path: /api/v5/link URI: http://ladomainadeserver.com/api/v5/link |
||||||
| Request | Type |
|---|---|
| www.wizzmonetize.com | A |
|
Answers - 188.165.209.131 (A) - 94.23.44.92 (A) - 176.31.106.195 (A) - 176.31.252.74 (A) - 176.31.252.54 (A) - 176.31.107.87 (A) - 176.31.115.114 (A) - 188.165.210.24 (A) |
|
| asedownloadgate.com | A |
|
Answers - 46.105.121.115 (A) |
|
| agent.wizztrakys.com | A |
| ladomainadeserver.com | A |
| Call Time During Execution(sec) | Source IP | Dest IP | Dest Port |
|---|---|---|---|
| 17.9284639359 | Sandbox | 188.165.210.24 | 80 |
| 21.2482359409 | Sandbox | 46.105.121.115 | 80 |
| 28.0881619453 | Sandbox | 46.105.121.115 | 80 |
| 31.3899040222 | Sandbox | 46.105.121.115 | 80 |
| 31.5296039581 | Sandbox | 176.31.107.87 | 80 |
| 41.41771698 | Sandbox | 176.31.252.54 | 80 |
| Call Time During Execution(sec) | Source IP | Dest IP | Dest Port |
|---|---|---|---|
| 7.15581202507 | Sandbox | 224.0.0.252 | 5355 |
| 7.21978616714 | Sandbox | 192.168.56.255 | 137 |
| 7.37389802933 | Sandbox | 224.0.0.252 | 5355 |
| 7.40740704536 | Sandbox | 239.255.255.250 | 3702 |
| 9.98591399193 | Sandbox | 224.0.0.252 | 5355 |
| 10.2250511646 | Sandbox | 192.168.56.255 | 138 |
| 17.4043121338 | Sandbox | 8.8.4.4 | 53 |
| 18.5451130867 | Sandbox | 224.0.0.252 | 5355 |
| 21.1403970718 | Sandbox | 8.8.4.4 | 53 |
| 24.9214229584 | Sandbox | 224.0.0.252 | 5355 |
| 28.1738770008 | Sandbox | 224.0.0.252 | 5355 |
| 31.2216830254 | Sandbox | 8.8.4.4 | 53 |
| 41.1365611553 | Sandbox | 8.8.4.4 | 53 |