Contacted IPs
Network Port Distribution
| Name | IP | Country | ASN | ASN Name | Trigger Process Type |
|---|---|---|---|---|---|
| 8.8.4.4 | United States | 15169 | Google LLC | Malware Process | |
| 8.8.8.8 | United States | 15169 | Google LLC | Malware Process | |
| www.ibayme.eb2a.com | 199.59.243.227 | United States | 16509 | Bodis, LLC | Malware Process |
| www.aieov.com | 45.33.30.197 | United States | 63949 | Akamai Technologies, Inc. | Malware Process |
| Malware Process | |||||
| www.msftncsi.com | 23.200.3.27 | United States | 20940 | Akamai Technologies, Inc. | Malware Process |
HTTP Packets
| Host | Port | Method | Version | User Agent | Count | Call Time During Execution(Sec) |
|---|
DNS Queries/Answers
| Request | Type |
|---|---|
| 5isohu.com | A |
| www.msftncsi.com | A |
| www.aieov.com | A |
| www.ibayme.eb2a.com | A |
TCP Packets
| Call Time During Execution(sec) | Source IP | Dest IP | Dest Port |
|---|
UDP Packets
| Call Time During Execution(sec) | Source IP | Dest IP | Dest Port |
|---|---|---|---|
| 6.71524786949 | Sandbox | 224.0.0.252 | 5355 |
| 6.71796894073 | Sandbox | 224.0.0.252 | 5355 |
| 6.78439497948 | Sandbox | 192.168.56.255 | 137 |
| 8.75891184807 | Sandbox | 224.0.0.252 | 5355 |
| 9.28755784035 | Sandbox | 224.0.0.252 | 5355 |
| 10.5045039654 | Sandbox | 8.8.4.4 | 53 |
| 11.3159639835 | Sandbox | 8.8.4.4 | 53 |
| 11.5021569729 | Sandbox | 8.8.8.8 | 53 |
| 12.3152899742 | Sandbox | 8.8.8.8 | 53 |
| 12.8008139133 | Sandbox | 192.168.56.255 | 138 |
| 25.0025699139 | Sandbox | 8.8.8.8 | 53 |
| 25.3620388508 | Sandbox | 8.8.8.8 | 53 |
| 26.0023229122 | Sandbox | 8.8.4.4 | 53 |
| 26.3617370129 | Sandbox | 8.8.4.4 | 53 |
| 26.6294879913 | Sandbox | 8.8.8.8 | 53 |
| 27.6274449825 | Sandbox | 8.8.4.4 | 53 |
| 39.4152178764 | Sandbox | 8.8.8.8 | 53 |
| 40.4086768627 | Sandbox | 8.8.4.4 | 53 |
| 57.7177658081 | Sandbox | 8.8.8.8 | 53 |