Welcome to the Cyber-TA
SRI's Multiperspective Malware Infection Analysis Page

UNCENSORED PAGE

<Click here: to download BotHunter>

15 August 2009
<prev>   <next>

All data collection and analyses summarized in this page were 100% AUTO-GENERATED.

DEVELOPERS: Vinod Yegneswaran (SRI), Phillip Porras (SRI), Hassen Saidi (SRI)
Monirul Sharif (Georgia-Tech), Arvind Narayanan (University of Texas at Austin)

The data on this website is provided for research purposes only. It is provided
for your personal use only and is supplied AS IS, WITHOUT WARRANTY OF ANY KIND.
Use or reliance on this data is at your own risk.


Daily Summary Files: [DNS Lookups & Failed Connects] [ Attacker IPs ] [C&C Servers] [Binary Digests]
Cumulative Summary Files: [DNS Lookup Log] [Attacker IP Log] [C&C Server Log] [Antivirus Detection] [Code Segment Overlap]
[Behavioral Clusters] [Binary Digest Log]

[See Country Codes ]
Time
 		Victim
OS
 		Infection
Source
 		C&C
Server
 		DNS Lookups &
Failed Connects 		Infection
Port
 		Packet
Trace
 		Detection
Signatures
 		Infection
Chatter
 		BotHunter
Analysis
 		Behavioral
Cluster
 		Forensic
Logs
 		Antivirus
Labels
 		Packed Malware_Binary Unpacked egg.exe
 		Unpacked egg.asm
 		Packer PEID
 		Data Strings
 		Syscall Trace
01:04:00 Win2K-f 113.10.97.120 (-):
. 		n/a US:www.msn.com
US:dqcywyapi.org
:djcvcvcoa.net
:uzefwdtgigd.net
US:ciwwuu.org
:xnbpafozlqc.biz
US:fxqww.info
US:xosrhdsaeas.info
:qbvhouiz.info
:esigaqnux.com
:vxgybsofbc.biz
:herxvxaat.biz
:jglhdvxn.net
:hmglewbbsia.info
:mbtxprqip.biz
:ugfrpl.net
:gwlvvoyedqe.biz
US:nvjsishg.org
:ktlxsgnle.com
NL:fkyjwbllras.org
:rucxdabsr.com
US:smgyauxf.info
US:edtip.org
:ofjkosgv.com
:iuojaccazoy.com
:okdmufirrd.biz
:epkfv.net
US:yvvmbmnmhfa.info
:lrpmjimcgw.com
:ceaktng.net
:vsyhapmuq.com
NL:mispxc.org
US:epqxamji.org
US:wensjxohmw.org
US:qesjdrv.info
:crkuw.net
:hzsnpgjr.biz
:plxzovfb.com
US:fqipqorq.org
:jjowhzmxhfs.biz
NL:dlqrjcnx.org
:vexwgly.net
:olobn.biz
:tkilv.biz
:xcfwqzcqn.net
US:vwpgpmywm.org
US:eyzgylvmz.org
:ycoqr.biz
:gybsuubfw.info
:mkbkcjlzyh.com
:whotd.net
US:ortcmmybnla.info
:qedmgdnf.biz
:adqgnhfhddr.org
:ueflnuke.biz
:lyaypdvh.biz
US:zzkgwwj.org
:ijbbwlnd.net
:odaieaarmbf.net
:crrnzadscf.net
:izcfadzh.net
US:204.152.184.92:80
US:74.208.64.145:80 		445 pcap raw alerts
ruleset 		http
17 lines 		Argh : 0.3
profile 		none summary
tarball 		none none none none none none none
T:01:35:00 Win2K-f 69.193.74.22 (-):
. 		n/a US:microsoft.com 135 pcap raw alerts
ruleset 		other
75 lines 		Yeah : 1.3
profile 		none summary
tarball 		33 of 33
0 of 32		 53bfe15e91
NEW
73f1082158
NEW 		1473091351 [0]
none [0] 		ASM:Graph
none:none
 tElock|
Armadillo| 		lines=75
embedded dns
lines=90 		trace
trace
T:02:27:00 WinXP 70.182.95.25 (COX.NET):
COX COMMUNICATIONS,
OKLAHOMA CITY, OKLAHOMA, US. 		n/a US:microsoft.com 135 pcap raw alerts
ruleset 		other
110 lines 		Yeah : 1.3
profile 		none summary
tarball 		39 of 41
38 of 41		 0cfec3f183
NEW
af6521a46c
NEW 		f3d2639900 [0]
37dd0e1040[0] 		none:none
none:none
 tElock|
Armadillo| 		none
none 		trace
trace
03:00:00 Win2K-f 95.28.42.132 (-):
. 		n/a :checkip.dyndns.org 445 pcap raw alerts
ruleset 		http
1 line 		Argh : 0.3
profile 		none summary
tarball 		none none none none none none none
T:03:00:00 WinXP 151.81.128.122 (38-151.NET24.IT):
IUNET-BNET,
IT. 		n/a RU:citi-bank.ru
RU:213.219.245.212:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		41 of 41 c44169f401
NEW 		64d22c5c02 [0] none:none
 PolyEnE| none trace
T:03:22:00 WinXP 87.173.94.10 (T-IPCONNECT.DE):
DEUTSCHE TELEKOM AG,
DE. 		n/a   445 pcap raw alerts
ruleset 		shell
ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		31 of 32 741e3b03b3
NEW 		none[0] none:none
 none|none lines=61 trace
03:23:00 WinXP 41.202.176.33 (-):
. 		213.219.245.212:80 RU:citi-bank.ru 445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 1.3
profile 		none summary
tarball 		39 of 41 7f38ca84af
NEW 		89991cf07f [0] none:none
 PolyEnE| none trace
T:03:54:00 Win2K-f 75.60.195.10 (SBCGLOBAL.NET):
PPPOX POOL - SE1.WOTNOH,
COLUMBUS, OHIO, US. (DSL) 		n/a US:microsoft.com 135 pcap raw alerts
ruleset 		other
75 lines 		Yeah : 1.3
profile 		none summary
tarball 		33 of 33
0 of 33		 53bfe15e91
NEW
a08f3b74a4
NEW 		1473091351 [0]
none [0] 		ASM:Graph
none:none
 tElock|
Armadillo| 		lines=75
embedded dns
lines=90 		trace
trace
T:05:15:00 WinXP 118.231.15.104 (-):
. 		n/a RU:citi-bank.ru
RU:213.219.245.212:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		38 of 41 a639a866cf
NEW 		c7bf122964 [0] none:none
 PolyEnE| none trace
T:06:11:00 Win2K-f 118.87.18.132 (-):
. 		n/a US:microsoft.com 135 pcap raw alerts
ruleset 		other
129 lines 		Yeah : 1.3
profile 		none summary
tarball 		32 of 36
34 of 36		 0b951c2832
NEW
e4ed4df0f0
NEW 		5fe761661a [0]
de471fc380[0] 		none:none
none:none
 Armadillo|
tElock| 		none
none 		trace
trace
T:06:35:00 WinXP 206.53.74.173 (METROCAST.NET):
METROCAST COMMUNICATIONS,
DANIELSON, CONNECTICUT, US. 		n/a RU:citi-bank.ru
RU:213.219.245.212:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		41 of 41 72134e4b44
NEW 		28c60e99a7 [0] none:none
 PolyEnE| none trace
06:50:00 Win2K-f 89.41.253.63 (AIRBITES.RO):
SC AIR BITES SRL,
RO. 		n/a :zniddq.com
:pjedxkav.net
NL:nqaaz.org
:gphnpjrusn.com
:sxbqmgpy.biz
US:fqipqorq.org
US:jybubclmjq.org
US:xjankhma.org
:omealfjjw.net
US:flidassrtu.org
:cyymykmihg.net
:lbcxtixi.info
:lcmmgaeuyu.net
NL:oldpbd.info
US:jeezpeyh.org
US:xppqf.info
:nvjsishg.org
:izcfadzh.net
:xcfwqzcqn.net
:tqbal.biz
:yjjzmk.net
:epskpklwj.biz
NL:uladiowzz.org
:afiawshsiey.com
US:fkyjwbllras.org
US:krfbuh.info
US:yrgan.org
:skobgujdemx.com
US:fmqebnr.info
:zutzuxpl.net
US:ortcmmybnla.info
US:alzdmapr.org
:fqmluiqcdw.biz
:plxzovfb.com
NL:iarmst.org
:jmzaonnvadx.com
:wmjgtaau.net
US:nlmnpujb.org
US:btcmiknq.org
:elziu.com
:mkbkcjlzyh.com
:kkwidfc.biz
:xnbpafozlqc.biz
US:fshyrylncvz.org
US:zpxhdidlfpw.org
:hfkcgpfelw.com
:mbtxprqip.biz
:ocxtvxzzcx.net
NL:ktpvdapmlq.info
:aowajhpc.net
US:204.152.184.92:80
US:74.208.64.145:80 		445 pcap raw alerts
ruleset 		http
1 line 		Argh : 0.3
profile 		none summary
tarball 		none none none none none none none
T:07:02:00 Win2K-f 211.124.142.36 (ZAQ.NE.JP):
KITAKAWACHI CABLE NET CO LTD,
OSAKA, OSAKA, JP. 		n/a   135 pcap raw alerts
ruleset 		other
232 lines 		Yeah : 1.3
profile 		none summary
tarball 		18 of 32 bec892aaf3
NEW 		b73f3acec5 [0] none:none
 none|none none trace
T:08:25:00 WinXP 12.64.48.35 (PRSERV.NET):
AT&T GLOBAL SERVICES,
CHICAGO, ILLINOIS, US. 		n/a :www.google.com.au
US:www.yahoo.com
:jbeegvia.ru 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		31 of 32 17028f1eda
NEW 		none[3] none:none
 tElock| none trace
T:08:48:00 WinXP 79.163.211.15 (-):
IDEA,
PL. 		213.219.245.212:80 RU:citi-bank.ru 445 pcap raw alerts
ruleset 		http
3 lines 		Yeah : 1.3
profile 		none summary
tarball 		40 of 41 e63f3be55b
NEW 		0a081f4200 [0] none:none
 PolyEnE| none trace
T:08:48:00 Win2K-f 71.127.246.30 (VERIZON.NET):
VERIZON INTERNET SERVICES INC,
ITHACA, NEW YORK, US. 		n/a US:microsoft.com 135 pcap raw alerts
ruleset 		other
75 lines 		Yeah : 1.3
profile 		none summary
tarball 		33 of 33
0 of 33		 53bfe15e91
NEW
a08f3b74a4
NEW 		1473091351 [0]
none [0] 		ASM:Graph
none:none
 tElock|
Armadillo| 		lines=75
embedded dns
lines=90 		trace
trace
09:53:00 Win2K-f 84.56.186.138 (ARCOR-IP.NET):
ARCOR-DSL-NET,
STUTTGART, BADEN-WURTTEMBERG, DE. (DSL) 		n/a US:trafficconverter.biz
US:www.yahoo.com
:stisvzsy.net
:aybzavdvnx.net
:plxzovfb.com
US:fjraotyivpe.org
:olobn.biz
:gkwxdp.com
US:jtkymrnl.org
:yhucbakgvi.biz
:zniddq.com
US:zpxhdidlfpw.org
:ypdxxgqk.net
US:zljixnkk.info
:pjedxkav.net
US:fxywdwsl.org
:jcgzqpbcb.net
:yjjzmk.net
US:bmninbnl.info
:irgyq.com
:mkbkcjlzyh.com
US:iklqenmx.info
:crkuw.net
US:wmqsswle.info
:mlzwbvwicb.biz
:uiydmknuu.net
:bcbqslalg.com
US:dzbvht.info
US:jtlmbqcmjn.info
US:nqaaz.org
US:azlytlsj.org
US:qbjjahdsq.info
US:204.152.184.92:80
US:74.208.64.145:80 		445 pcap raw alerts
ruleset 		http
1 line 		Argh : 0.3
profile 		none summary
tarball 		none none none none none none none
T:10:46:00 WinXP 93.102.71.118 (APEXCOVANTAGE.COM):
EU-ZZ,
UK. 		n/a US:www.altavista.com
US:www.yahoo.com
:jbeegvia.ru 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		31 of 32 17028f1eda
NEW 		none[3] none:none
 tElock| none trace
11:01:00 Win2K-f 124.66.160.131 (-):
PT ANTAR MITRA PRAKARSA,
JAKARTA, JAKARTA RAYA (DJAKARTA RAYA), ID. 		n/a US:www.maxmind.com
US:www.getmyip.org
US:getmyip.co.uk
US:checkip.dyndns.org
208.78.69.70:80
US:65.254.39.170:80
US:67.15.94.80:80
US:75.126.138.202:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		3 of 37 d9cb288f31
NEW 		45603a001c [0] ASM:Graph
 UPX| lines=174
embedded dns 		trace
12:02:00 WinXP 62.63.208.127 (TYFON.SE):
TYFON SVENSKA AB,
SE. 		n/a :moscow-advokat.ru 445 pcap raw alerts
ruleset 		other
0 lines 		Yeah : 0.8
profile 		none summary
tarball 		29 of 29 d175bad0e6
NEW 		none[0] ASM:Graph
 tElock| lines=81
embedded dns 		trace
T:13:12:00 Win2K-f 61.218.192.234 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
KAOHSIUNG, KAO-HSIUNG, TW. 		n/a US:microsoft.com 135 pcap raw alerts
ruleset 		other
75 lines 		Yeah : 1.3
profile 		none summary
tarball 		33 of 33
0 of 33		 53bfe15e91
NEW
57ce4acac2
NEW 		1473091351 [0]
none [0] 		ASM:Graph
none:none
 tElock|
Armadillo| 		lines=75
embedded dns
lines=90 		trace
trace
T:13:13:00 Win2K-f 96.49.5.211 (-):
. 		n/a   135 pcap raw alerts
ruleset 		other
1008 lines 		Yeah : 1.3
profile 		none summary
tarball 		15 of 41 770a04a72c
NEW 		none[3] none:none
 none|none none trace
T:14:55:00 WinXP 187.20.83.118 (-):
. 		n/a :moscow-advokat.ru 445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		40 of 41 2f6cc0e618
NEW 		f8f316af28 [0] none:none
 PolyEnE| none trace
T:14:56:00 Win2K-f 4.176.159.134 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
ALBUQUERQUE, NEW MEXICO, US. (DIAL) 		n/a US:microsoft.com 135 pcap raw alerts
ruleset 		other
75 lines 		Yeah : 1.3
profile 		none summary
tarball 		33 of 33
0 of 33		 53bfe15e91
NEW
a08f3b74a4
NEW 		1473091351 [0]
none [0] 		ASM:Graph
none:none
 tElock|
Armadillo| 		lines=75
embedded dns
lines=90 		trace
trace
T:15:30:00 Win2K-f 4.141.26.203 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
CAZENOVIA, NEW YORK, US. (DIAL) 		n/a US:microsoft.com 135 pcap raw alerts
ruleset 		other
129 lines 		Yeah : 1.3
profile 		none summary
tarball 		33 of 33
8 of 33		 53bfe15e91
NEW
b7082104e4
NEW 		1473091351 [0]
c5b49e7b82[0] 		ASM:Graph
ASM:Graph
 tElock|
tElock| 		lines=75
embedded dns
lines=41 		trace
trace
T:16:04:00 WinXP 200.219.108.98 (STERLINGSTUDENTS.NET):
COMITE GESTOR DA INTERNET NO BRASIL,
BR. (DSL) 		n/a RU:citi-bank.ru
RU:213.219.245.212:80 		445 pcap raw alerts
ruleset 		http
1 line 		Yeah : 0.8
profile 		none summary
tarball 		40 of 41 694802b8ef
NEW 		433eb20eb6 [0] none:none
 PolyEnE| none trace
T:16:14:00 Win2K-f 172.130.47.17 (AOL.COM):
AMERICA ONLINE,
RESTON, VIRGINIA, US. (DSL) 		n/a US:microsoft.com 135 pcap raw alerts
ruleset 		other
77 lines 		Yeah : 1.3
profile 		none summary
tarball 		33 of 33
0 of 32		 53bfe15e91
NEW
73f1082158
NEW 		1473091351 [0]
none [0] 		ASM:Graph
none:none
 tElock|
Armadillo| 		lines=75
embedded dns
lines=90 		trace
trace
T:17:08:00 WinXP 81.92.50.235 (MYQ.GR):
Q TELECOMMUNICATIONS S.A,
ATHENS, ATTIKI, GR. 		n/a   445 pcap raw alerts
ruleset 		shell
ftp
14 lines 		Yeah : 1.3
profile 		none summary
tarball 		29 of 29 1a2c0e6130
NEW 		none[0] none:none
 none|none lines=60 trace
T:17:11:00 Win2K-f 4.176.39.93 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
MESA, ARIZONA, US. (DIAL) 		n/a   135 pcap raw alerts
ruleset 		other
149 lines 		Yeah : 1.3
profile 		none summary
tarball 		37 of 41 a1acc403a2
NEW 		54ef26c2f9 [0] none:none
 Armadillo| none trace
T:17:12:00 Win2K-f 4.138.80.155 (LEVEL3.NET):
LEVEL 3 COMMUNICATIONS INC,
SUWANEE, GEORGIA, US. (DIAL) 		n/a   135 pcap raw alerts
ruleset 		other
6 lines 		Yeah : 0.8
profile 		none summary
tarball 		none none none none none none none
T:17:17:00 WinXP 89.111.226.220 (TEOL.NET):
TELEKOMSRPSKE,
BA. (DIAL) 		n/a   445 pcap raw alerts
ruleset 		shell
ftp
15 lines 		Yeah : 1.3
profile 		none summary
tarball 		37 of 40 f54691063f
NEW 		6039c698cd [0] ASM:Graph
 none|none lines=59 trace
T:18:03:00 WinXP 98.141.9.117 (-):
. 		n/a   135 pcap raw alerts
ruleset 		other
19 lines 		Yeah : 1.3
profile 		none summary
tarball 		none none none none none none none
T:19:05:00 WinXP 67.52.25.21 (RR.COM):
ROAD RUNNER HOLDCO LLC,
RACINE, WISCONSIN, US. 		n/a RU:citi-bank.ru
RU:213.219.245.212:80 		445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 0.8
profile 		none summary
tarball 		40 of 41 119ec42aa0
NEW 		fd3c61c261 [0] none:none
 PolyEnE| none trace
T:19:43:00 Win2K-f 71.116.212.170 (VERIZON.NET):
VERIZON INTERNET SERVICES INC,
LOS ANGELES, CALIFORNIA, US. 		n/a US:microsoft.com 135 pcap raw alerts
ruleset 		other
75 lines 		Yeah : 1.3
profile 		none summary
tarball 		33 of 33
0 of 33		 53bfe15e91
NEW
a08f3b74a4
NEW 		1473091351 [0]
none [0] 		ASM:Graph
none:none
 tElock|
Armadillo| 		lines=75
embedded dns
lines=90 		trace
trace
20:06:00 Win2K-f 187.44.5.171 (-):
. 		n/a :www.google.com
:wfqkawvgg.com
:gdippldouai.biz
:cnxyymhv.biz
US:qmylymvm.org
:hsczbabol.com
US:kcbspqb.org
:qtmlsd.biz
:yvdttitegd.com
:kgmonrsp.com
US:gbjfjtidrsp.info
:ndasvrgaamp.biz
:aodah.com
US:txvhdr.info
:zsvclwen.net
US:alfoyk.org
:tlzbjytye.net
US:mxyumj.info
:wiyufh.biz
:vxqsjmue.net
US:hyqxnpc.info
:bjytrofi.net
:zwysgnodz.net
US:vsbugypnw.org
US:ozzythtv.info
US:tlktkhyd.org
:ehgmwjimjq.com
US:usiigfkzfza.info
:geyiau.com
:rzdyzrw.org
NL:fbrgnhsi.org
US:ursgqise.info
:kkmqxetp.net
US:mwlyumn.org
:awblpgnyfi.com
:yinbcp.net
:xdyampjvmm.com
:aeioncyi.com
US:tiwvoovf.info
:jkxkotkzcbk.net
:lcvsn.net
US:204.152.184.92:80
US:74.208.64.145:80 		445 pcap raw alerts
ruleset 		http
8 lines 		Argh : 0.3
profile 		none summary
tarball 		none none none none none none none
T:20:31:00 WinXP 125.4.220.152 (ZAQ.NE.JP):
KITAKAWACHI CABLE NET CO LTD,
JP. 		n/a   135 pcap raw alerts
ruleset 		other
249 lines 		Yeah : 1.3
profile 		none summary
tarball 		39 of 41 a8a15ce6ae
NEW 		0d23174d7b [0] none:none
 PolyEnE| none trace
20:44:00 Win2K-f 220.129.124.128 (HINET.NET):
CHTD CHUNGHWA TELECOM CO. LTD,
KAOHSIUNG, KAO-HSIUNG, TW. 		n/a EU:checkip.dyndns.org
US:getmyip.co.uk
US:www.getmyip.org
US:204.152.184.92:80
US:65.254.39.170:80
EU:91.198.22.70:80 		445 pcap raw alerts
ruleset 		http
1 line 		Argh : 0.3
profile 		none summary
tarball 		none none none none none none none
T:20:48:00 Win2K-f 203.91.165.198 (STARCAT.NE.JP):
KMN CORPORATION,
NAGOYA, AICHI, JP. 		n/a US:microsoft.com 135 pcap raw alerts
ruleset 		other
59 lines 		Yeah : 1.3
profile 		none summary
tarball 		33 of 33
8 of 33		 53bfe15e91
NEW
b7082104e4
NEW 		1473091351 [0]
c5b49e7b82[0] 		ASM:Graph
ASM:Graph
 tElock|
tElock| 		lines=75
embedded dns
lines=41 		trace
trace
T:20:50:00 WinXP 24.213.224.238 (RR.COM):
ROAD RUNNER HOLDCO LLC,
AMSTERDAM, NEW YORK, US. 		n/a US:microsoft.com 135 pcap raw alerts
ruleset 		other
75 lines 		Yeah : 1.3
profile 		none summary
tarball 		33 of 33
0 of 33		 53bfe15e91
NEW
a08f3b74a4
NEW 		1473091351 [0]
none [0] 		ASM:Graph
none:none
 tElock|
Armadillo| 		lines=75
embedded dns
lines=90 		trace
trace
T:20:51:00 WinXP 203.196.73.71 (KAGACABLE.NE.JP):
KAGA CABLE TELEVISION CO.LTD,
JP. (DSL) 		n/a   135 pcap raw alerts
ruleset 		other
432 lines 		Yeah : 1.3
profile 		none summary
tarball 		40 of 41 5b391c97c3
NEW 		794c5d4b69 [0] none:none
 PENinja S| none trace
T:21:11:00 WinXP 98.30.117.92 (-):
. 		n/a US:microsoft.com 135 pcap raw alerts
ruleset 		other
76 lines 		Yeah : 1.3
profile 		none summary
tarball 		33 of 33
0 of 33		 53bfe15e91
NEW
a08f3b74a4
NEW 		1473091351 [0]
none [0] 		ASM:Graph
none:none
 tElock|
Armadillo| 		lines=75
embedded dns
lines=90 		trace
trace
T:21:20:00 Win2K-f 61.221.250.18 (HINET.NET):
DATA COMMUNICATION BUSINESS GROUP CHUNGHWA TELECOM CO. LTD,
TW. 		n/a US:microsoft.com 135 pcap raw alerts
ruleset 		other
79 lines 		Yeah : 1.3
profile 		none summary
tarball 		33 of 33
0 of 33		 53bfe15e91
NEW
57ce4acac2
NEW 		1473091351 [0]
none [0] 		ASM:Graph
none:none
 tElock|
Armadillo| 		lines=75
embedded dns
lines=90 		trace
trace
T:23:12:00 WinXP 203.73.57.180 (SEED.NET.TW):
DIGITAL UNITED INC,
TAIPEI, T'AI-PEI, TW. (DSL) 		n/a US:microsoft.com 135 pcap raw alerts
ruleset 		other
110 lines 		Yeah : 1.3
profile 		none summary
tarball 		39 of 41
41 of 41		 5ffa88bdca
NEW
7d1c24e1b1
NEW 		b088542abb [0]
eb039ab0c2[0] 		none:none
none:none
 Armadillo|
tElock| 		none
none 		trace
trace
T:23:25:00 WinXP 220.209.199.136 (INFOWEB.NE.JP):
INFOWEB(FUJITSU LTD.),
TOKYO, TOKYO, JP. (DIAL) 		213.219.245.212:80 RU:citi-bank.ru 445 pcap raw alerts
ruleset 		http
2 lines 		Yeah : 1.3
profile 		none summary
tarball 		29 of 29 bdb53fb863
NEW 		d9d20eabcf [0] none:none
 PolyEnE| none trace
T:23:54:00 Win2K-f 99.164.48.10 (-):
. 		n/a US:microsoft.com 135 pcap raw alerts
ruleset 		other
75 lines 		Yeah : 1.3
profile 		none summary
tarball 		18 of 35
0 of 33		 218ce30f5c
NEW
a08f3b74a4
NEW 		none[3]
none [0] 		none:none
none:none
 none|none
Armadillo| 		none
lines=90 		trace
trace
T:23:59:00 WinXP 72.66.8.36 (VERIZON.NET):
GAIP INC,
VIENNA, VIRGINIA, US. (100Mbps) 		n/a US:microsoft.com 135 pcap raw alerts
ruleset 		other
75 lines 		Yeah : 1.3
profile 		none summary
tarball 		18 of 35
0 of 32		 218ce30f5c
NEW
73f1082158
NEW 		none[3]
none [0] 		none:none
none:none
 none|none
Armadillo| 		none
lines=90 		trace
trace