Advanced File Analysis System | Valkyrie

File Name: PFXServer.exe

File Type: PE32 executable (GUI) Intel 80386, for MS Windows

SHA1: 607a45a0d2ba7e53249570ec9b1acada710aafd9

MD5: b9456922590d0a1f3304d04502056e90

Download Kill Chain Report

Contacted IPs

Network Port Distribution

Name	IP	Country	ASN	ASN Name	Trigger Process Type
	8.8.4.4	United States	15169	Level 3 Parent, LLC	Malware Process
	104.200.23.95		63949	Linode	Malware Process

HTTP Packets

Host	Port	Method	Version	User Agent	Count	Call Time During Execution(Sec)
www.aieov.com	80	GET	1.1		2	6.44032406807
Path: /setup.exe URI: http://www.aieov.com/setup.exe
www.aieov.com	80	GET	1.1		12	10.6005051136
Path: /logo.gif URI: http://www.aieov.com/logo.gif
www.aieov.com	80	GET	1.1		1	185.17839098
Path: /so.gif URI: http://www.aieov.com/so.gif

DNS Queries/Answers

Request	Type
5isohu.com	A
www.aieov.com	A
Answers - 104.200.22.130 (A) - 104.200.23.95 (A)

TCP Packets

Call Time During Execution(sec)	Source IP	Dest IP	Dest Port
6.44032406807	Sandbox	104.200.23.95	80
10.6005051136	Sandbox	104.200.23.95	80
11.7099149227	Sandbox	104.200.23.95	80
19.3966009617	Sandbox	104.200.23.95	80
20.490762949	Sandbox	104.200.23.95	80
28.1939520836	Sandbox	104.200.23.95	80
29.2714350224	Sandbox	104.200.23.95	80
36.9905850887	Sandbox	104.200.23.95	80
38.0526969433	Sandbox	104.200.23.95	80
45.78738904	Sandbox	104.200.23.95	80
46.8342180252	Sandbox	104.200.23.95	80
54.5842030048	Sandbox	104.200.23.95	80
55.6152219772	Sandbox	104.200.23.95	80
60.3967399597	Sandbox	104.200.23.95	80
185.17839098	Sandbox	104.200.23.95	80

UDP Packets

Call Time During Execution(sec)	Source IP	Dest IP	Dest Port
3.03014206886	Sandbox	224.0.0.252	5355
3.07230901718	Sandbox	224.0.0.252	5355
3.10205197334	Sandbox	192.168.56.255	137
3.15815401077	Sandbox	239.255.255.250	3702
4.02451014519	Sandbox	8.8.4.4	53
5.62926912308	Sandbox	224.0.0.252	5355
6.3922970295	Sandbox	8.8.4.4	53

Loading...