Contacted IPs
Network Port Distribution
| Name | IP | Country | ASN | ASN Name | Trigger Process Type |
|---|---|---|---|---|---|
| 8.8.4.4 | United States | 15169 | Level 3 Parent, LLC | Malware Process | |
| 104.17.210.9 | United States | 13335 | Cloudflare, Inc. | Malware Process | |
| 104.18.20.226 | United States | 13335 | Cloudflare, Inc. | Malware Process | |
| www.cloudflare.com | 104.17.209.9 | United States | 13335 | Cloudflare, Inc. | Malware Process |
| canyoning-austria.at | 194.177.142.4 | Austria | 6798 | Malware Process |
HTTP Packets
| Host | Port | Method | Version | User Agent | Count | Call Time During Execution(Sec) |
|---|---|---|---|---|---|---|
| canyoning-austria.at | 80 | GET | 1.1 | Windows Installer | 1 | 12.3337190151 |
|
Path: /dashost URI: http://canyoning-austria.at/dashost |
||||||
DNS Queries/Answers
| Request | Type |
|---|---|
| canyoning-austria.at | A |
|
Answers - 194.177.142.4 (A) |
|
| www.cloudflare.com | A |
|
Answers - 104.17.209.9 (A) - 104.17.210.9 (A) |
|
TCP Packets
| Call Time During Execution(sec) | Source IP | Dest IP | Dest Port |
|---|---|---|---|
| 12.3337190151 | Sandbox | 194.177.142.4 | 80 |
| 58.7972919941 | Sandbox | 159.69.48.50 | 5655 |
UDP Packets
| Call Time During Execution(sec) | Source IP | Dest IP | Dest Port |
|---|---|---|---|
| 3.03948688507 | Sandbox | 239.255.255.250 | 3702 |
| 3.04058098793 | Sandbox | 224.0.0.252 | 5355 |
| 3.04140496254 | Sandbox | 224.0.0.252 | 5355 |
| 3.11093401909 | Sandbox | 192.168.56.255 | 137 |
| 5.5955119133 | Sandbox | 224.0.0.252 | 5355 |
| 9.54390287399 | Sandbox | 224.0.0.252 | 5355 |
| 12.0963928699 | Sandbox | 8.8.4.4 | 53 |
| 43.2450199127 | Sandbox | 224.0.0.252 | 5355 |
| 45.2342779636 | Sandbox | 8.8.4.4 | 53 |