Network Analysis
| IP Address | Status | Action | VT | Location |
|---|---|---|---|---|
| No hosts contacted. | ||||
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| No hosts contacted. | ||
No traffic
No traffic
No traffic
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
No Suricata Alerts
Suricata TLS
| Flow | Issuer | Subject | Fingerprint |
|---|---|---|---|
|
TLS 1.2 192.168.168.214:49236 188.114.97.1:443 |
C=US, O=Google Trust Services, CN=WE1 | CN=qegyhig.com | 08:d2:1c:42:00:7a:ae:b2:a3:18:a1:03:2f:48:77:d5:8e:16:19:5e |
|
TLS 1.2 192.168.168.214:49244 188.114.97.1:443 |
None | None | None |
|
TLS 1.2 192.168.168.214:49260 188.114.97.1:443 |
C=US, O=Google Trust Services, CN=WE1 | CN=lysyvan.com | 28:56:24:e9:b5:90:7a:a4:88:02:db:c0:26:47:1a:ad:3c:65:a0:d9 |
|
TLS 1.2 192.168.168.214:49265 188.114.97.1:443 |
None | None | None |
|
TLS 1.2 192.168.168.214:49294 188.114.97.1:443 |
None | None | None |
|
TLS 1.2 192.168.168.214:49297 188.114.97.1:443 |
None | None | None |
Snort Alerts
| Flow | SID | Message |
|---|---|---|
| TCP 192.168.168.214:49229 -> 188.114.97.1:80 | 2016879 | ET POLICY Unsupported/Fake Windows NT Version 5.0 |
| TCP 192.168.168.214:49229 -> 188.114.97.1:80 | 2016873 | ET POLICY Unsupported/Fake Internet Explorer Version MSIE 2. |
| TCP 192.168.168.214:49226 -> 162.255.119.102:80 | 2016879 | ET POLICY Unsupported/Fake Windows NT Version 5.0 |
| TCP 192.168.168.214:49226 -> 162.255.119.102:80 | 2016873 | ET POLICY Unsupported/Fake Internet Explorer Version MSIE 2. |
| TCP 162.255.119.102:80 -> 192.168.168.214:49226 | 2035208 | ET INFO Namecheap URL Forward |
| TCP 162.255.119.102:80 -> 192.168.168.214:49226 | 2035208 | ET INFO Namecheap URL Forward |
| TCP 192.168.168.214:49274 -> 103.224.182.215:80 | 2016879 | ET POLICY Unsupported/Fake Windows NT Version 5.0 |
| TCP 192.168.168.214:49274 -> 103.224.182.215:80 | 2016873 | ET POLICY Unsupported/Fake Internet Explorer Version MSIE 2. |
| TCP 192.168.168.214:49275 -> 185.53.179.200:80 | 2016879 | ET POLICY Unsupported/Fake Windows NT Version 5.0 |
| TCP 192.168.168.214:49275 -> 185.53.179.200:80 | 2016873 | ET POLICY Unsupported/Fake Internet Explorer Version MSIE 2. |
| TCP 192.168.168.214:49289 -> 188.114.97.1:80 | 2016879 | ET POLICY Unsupported/Fake Windows NT Version 5.0 |
| TCP 192.168.168.214:49289 -> 188.114.97.1:80 | 2016873 | ET POLICY Unsupported/Fake Internet Explorer Version MSIE 2. |
| TCP 192.168.168.214:49286 -> 185.53.178.99:80 | 2016879 | ET POLICY Unsupported/Fake Windows NT Version 5.0 |
| TCP 192.168.168.214:49286 -> 185.53.178.99:80 | 2016873 | ET POLICY Unsupported/Fake Internet Explorer Version MSIE 2. |
| TCP 162.255.119.102:80 -> 192.168.168.214:49284 | 2035208 | ET INFO Namecheap URL Forward |
| TCP 162.255.119.102:80 -> 192.168.168.214:49284 | 2035208 | ET INFO Namecheap URL Forward |
