Contacted IPs
Network Port Distribution
| Name | IP | Country | ASN | ASN Name | Trigger Process Type |
|---|---|---|---|---|---|
| 8.8.4.4 | United States | 15169 | Level 3 Parent, LLC | Malware Process | |
| xmr.pool.minergate.com | 136.243.94.27 | Germany | 24940 | Malware Process |
HTTP Packets
| Host | Port | Method | Version | User Agent | Count | Call Time During Execution(Sec) |
|---|---|---|---|---|---|---|
| 185.202.172.106 | 80 | GET | 1.1 | WinInetGet/0.1 | 3 | 7.20315909386 |
|
Path: /file.txt URI: http://185.202.172.106/file.txt |
||||||
DNS Queries/Answers
| Request | Type |
|---|---|
| xmr.pool.minergate.com | A |
|
Answers - 46.4.120.155 (A) - 94.130.64.225 (A) - 136.243.102.157 (A) - 136.243.88.145 (A) - 78.46.23.253 (A) - 94.130.9.194 (A) - 136.243.94.27 (A) - 176.9.0.89 (A) - 176.9.147.178 (A) - 94.130.48.154 (A) |
|
TCP Packets
| Call Time During Execution(sec) | Source IP | Dest IP | Dest Port |
|---|---|---|---|
| 7.20315909386 | Sandbox | 185.202.172.106 | 80 |
| 8.62883400917 | Sandbox | 136.243.102.157 | 45700 |
| 12.4729821682 | Sandbox | 185.202.172.106 | 80 |
| 21.9156141281 | Sandbox | 46.4.120.155 | 45700 |
UDP Packets
| Call Time During Execution(sec) | Source IP | Dest IP | Dest Port |
|---|---|---|---|
| 6.95502305031 | Sandbox | 224.0.0.252 | 5355 |
| 7.01207613945 | Sandbox | 224.0.0.252 | 5355 |
| 7.02901101112 | Sandbox | 192.168.56.255 | 137 |
| 7.04847002029 | Sandbox | 239.255.255.250 | 3702 |
| 8.4838821888 | Sandbox | 8.8.4.4 | 53 |
| 9.64455318451 | Sandbox | 224.0.0.252 | 5355 |
| 13.0894751549 | Sandbox | 192.168.56.255 | 138 |