|
Time |
Victim OS |
Infection Source |
C&C Server |
DNS Lookups & Failed Connects |
Infection Port |
Packet Trace |
Detection Signatures |
Infection Chatter |
BotHunter Analysis |
Behavioral Cluster |
Forensic Logs |
Antivirus Labels |
Packed Malware_Binary |
Unpacked egg.exe |
Unpacked egg.asm |
Packer PEID |
Data Strings |
Syscall Trace |
| T:00:24:00 | WinXP | 122.229.191.118 (HZ.ZJ.CN): CHINANET ZHEJIANG PROVINCE NETWORK, BEIJING, BEIJING, CN. |
n/a | DE:siliconfireware.ru US:searchportal.information.com US:spi.domainsponsor.com GB:new.egg.com :wpad US:spt.information.com |
445 | pcap | raw alerts ruleset |
http http http http 44 lines |
Yeah : 0.8 profile |
none | summary tarball |
29 of 29 | a12cab51ef NEW |
none[0] | none:none |
ASPack| | lines=281 embedded dns |
trace |
| T:00:50:00 | Win2K-f | 68.151.119.176 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, CALGARY, ALBERTA, CA. (DSL) |
n/a | 135 | pcap | raw alerts ruleset |
other 1008 lines |
Yeah : 1.3 profile |
none | summary tarball |
31 of 41 | 682a384fe9 NEW |
none[3] | none:none |
none|none | none | trace | |
| T:01:23:00 | WinXP | 121.121.142.16 (MAXIS.NET.MY): MAXIS COMMUNICATIONS BHD, MY. |
213.219.245.212:80 | RU:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
35 of 35 | 9716d7995a NEW |
c3a5354b6f [0] | none:none |
PolyEnE| | none | trace |
| T:01:41:00 | Win2K-f | 124.241.172.79 (STARCAT.NE.JP): KMN CORPORATION, NAGOYA, AICHI, JP. |
n/a | US:microsoft.com | 135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 NEW 73f1082158 NEW |
1473091351 [0] none [0] |
ASM:Graph none:none |
tElock| Armadillo| |
lines=75 embedded dns lines=90 |
trace trace |
| T:02:57:00 | WinXP | 94.251.204.203 (-): . |
213.219.245.212:80 | **:proxim.ircgalaxy.pl RU:citi-bank.ru |
445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
34 of 36 | 9bb68450cd NEW |
c2d5ac2315 [0] | ASM:Graph |
PolyEnE| | lines=73 embedded dns |
trace |
| 04:26:00 | Win2K-f | 85.50.242.213 (DYNAMIC.ORANGE.ES): ADDRESSES IP FOR HOME CLIENTS, ES. |
n/a | US:www.getmyip.org US:checkip.dyndns.org US:75.126.138.202:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Argh : 0.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:05:21:00 | WinXP | 61.151.10.208 (163DATA.COM.CN): CHINANET SHANGHAI PROVINCE NETWORK, SHANGHAI, SHANGHAI, CN. (DIAL) |
n/a | 135 | pcap | raw alerts ruleset |
other 18 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:05:52:00 | WinXP | 119.230.96.171 (-): . |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 16 lines |
Yeah : 1.3 profile |
none | summary tarball |
38 of 41 | 7b313206a2 NEW |
0c866c8cce [0] | none:none |
none|none | none | trace | |
| T:06:03:00 | WinXP | 66.72.68.15 (AMERITECH.NET): AT&T INTERNET SERVICES, BLOOMINGTON, INDIANA, US. (DIAL) |
n/a | :moscow-advokat.ru :brussels.be.eu.undernet.org SE:ced.dal.net SE:broadway.ny.us.dal.net HR:london.uk.eu.undernet.org :gaspode.zanet.org.za :caen.fr.eu.undernet.org :los-angeles.ca.us.undernet.org SE:vancouver.dal.net :lulea.se.eu.undernet.org |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 1.3 profile |
none | summary tarball |
25 of 25 | 7f60162c2c NEW |
none[0] | none:none |
PolyEnE| | lines=93 embedded dns |
trace |
| T:06:15:00 | WinXP | 217.201.20.249 (-): TELECOM ITALIA MOBILE, PISA, TOSCANA, IT. |
n/a | :moscow-advokat.ru | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
40 of 41 | f419a6c471 NEW |
04cdb38e06 [0] | none:none |
PolyEnE| | none | trace |
| T:07:49:00 | WinXP | 68.150.191.172 (SHAWCABLE.NET): SHAW COMMUNICATIONS INC, SHERWOOD PARK, ALBERTA, CA. (DSL) |
n/a | US:microsoft.com | 135 | pcap | raw alerts ruleset |
other 222 lines |
Yeah : 1.3 profile |
none | summary tarball |
37 of 41 38 of 41 |
4180c19d91 NEW b6e91e001c NEW |
9f3f2de385 [0] d2275a6cf5[0] |
none:none none:none |
Armadillo| PolyEnE| |
none none |
trace trace |
| T:08:13:00 | WinXP | 221.225.39.48 (163DATA.COM.CN): CHINANET JIANGSU PROVINCE NETWORK, BEIJING, BEIJING, CN. |
213.219.245.212:80 | RU:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
40 of 41 | 119ec42aa0 NEW |
fd3c61c261 [0] | none:none |
PolyEnE| | none | trace |
| T:09:00:00 | WinXP | 124.123.235.112 (-): . |
n/a | RU:citi-bank.ru RU:213.219.245.212:80 |
445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 0.8 profile |
none | summary tarball |
35 of 35 | 9716d7995a NEW |
c3a5354b6f [0] | none:none |
PolyEnE| | none | trace |
| T:09:18:00 | Win2K-f | 41.206.136.137 (-): VODAFONE EGYPT, EG. |
n/a | CZ:qtas.net | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
18 of 41 | eb29e2642a NEW |
953ac55191 [0] | none:none |
FSG| | none | trace |
| T:09:19:00 | WinXP | 67.150.102.251 (MDSG-PACWEST.COM): PAC-WEST MANAGED MODEM NAS POOL, SACRAMENTO, CALIFORNIA, US. |
n/a | 445 | pcap | raw alerts ruleset |
other 0 lines |
Yeah : 0.8 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:09:22:00 | WinXP | 114.204.77.227 (-): . |
n/a | **:proxim.ircgalaxy.pl US:microsoft.com |
135 | pcap | raw alerts ruleset |
other 118 lines |
Yeah : 1.3 profile |
none | summary tarball |
30 of 33 28 of 33 |
533d15b5ce NEW 58c343a8d8 NEW |
c67adf46e2 [0] none [0] |
ASM:Graph none:none |
tElock| Armadillo| |
lines=126 embedded dns lines=91 |
trace trace |
| T:09:24:00 | Win2K-f | 75.60.195.10 (SBCGLOBAL.NET): PPPOX POOL - SE1.WOTNOH, COLUMBUS, OHIO, US. (DSL) |
n/a | US:microsoft.com | 135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 |
53bfe15e91 NEW a08f3b74a4 NEW |
1473091351 [0] none [0] |
ASM:Graph none:none |
tElock| Armadillo| |
lines=75 embedded dns lines=90 |
trace trace |
| T:10:22:00 | Win2K-f | 208.103.158.63 (CORETEL.NET): CORETEL AMERICA INC, ANNAPOLIS, MARYLAND, US. |
n/a | US:microsoft.com | 135 | pcap | raw alerts ruleset |
other 109 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 NEW 73f1082158 NEW |
1473091351 [0] none [0] |
ASM:Graph none:none |
tElock| Armadillo| |
lines=75 embedded dns lines=90 |
trace trace |
| T:10:23:00 | WinXP | 65.32.132.210 (RR.COM): ROAD RUNNER HOLDCO LLC, CLEARWATER, FLORIDA, US. (DSL) |
n/a | :gg.arrancar.org | 135 | pcap | raw alerts ruleset |
other 187 lines |
Yeah : 1.3 profile |
none | summary tarball |
40 of 41 | f303a7d13b NEW |
7708089eac [0] | none:none |
none|none | none | trace |
| T:11:16:00 | Win2K-f | 130.13.39.23 (QWEST.NET): QWEST BROADBAND SERVICES INC, PHOENIX, ARIZONA, US. |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 16 lines |
Yeah : 1.3 profile |
none | summary tarball |
36 of 41 | 894e794b2b NEW |
aeb41eb7b9 [0] | none:none |
Obsidium| | none | trace | |
| T:11:36:00 | WinXP | 74.214.47.11 (METROCAST.NET): GMP CABLE TV, BERWICK, PENNSYLVANIA, US. |
n/a | US:microsoft.com | 135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 |
53bfe15e91 NEW a08f3b74a4 NEW |
1473091351 [0] none [0] |
ASM:Graph none:none |
tElock| Armadillo| |
lines=75 embedded dns lines=90 |
trace trace |
| T:12:07:00 | Win2K-f | 4.165.105.26 (LEVEL3.NET): LEVEL 3 COMMUNICATIONS INC, DETROIT, MICHIGAN, US. (DIAL) |
n/a | US:microsoft.com | 135 | pcap | raw alerts ruleset |
other 194 lines |
Yeah : 1.3 profile |
none | summary tarball |
36 of 41 39 of 41 |
932dbb4b69 NEW f6e5daee26 NEW |
dd4d9c7adf [0] 413c524714[0] |
none:none none:none |
Armadillo| tElock| |
none none |
trace trace |
| T:12:37:00 | WinXP | 77.54.133.235 (REV.VODAFONE.PT): VODAFONE TELECEL COMUNICACOES PESSOAIS SA, PT. |
n/a | RU:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
32 of 32 | 21cc05003b NEW |
6776bccc2d [0] | none:none |
PolyEnE| | none | trace |
| T:12:45:00 | Win2K-f | 116.86.228.116 (MAXONLINE.COM.SG): STARHUB CABLE VISION LTD, SINGAPORE, SINGAPORE, SG. |
n/a | 135 | pcap | raw alerts ruleset |
other 186 lines |
Yeah : 1.3 profile |
none | summary tarball |
39 of 41 | 11e183286c NEW |
8a7d445a4a [0] | none:none |
none|none | none | trace | |
| T:12:58:00 | Win2K-f | 4.237.235.40 (LEVEL3.NET): LEVEL 3 COMMUNICATIONS INC, NEW YORK, NEW YORK, US. (DIAL) |
n/a | US:microsoft.com | 135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 32 |
53bfe15e91 NEW 73f1082158 NEW |
1473091351 [0] none [0] |
ASM:Graph none:none |
tElock| Armadillo| |
lines=75 embedded dns lines=90 |
trace trace |
| T:13:49:00 | WinXP | 99.51.89.174 (-): . |
n/a | US:microsoft.com | 135 | pcap | raw alerts ruleset |
other 76 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 |
53bfe15e91 NEW a08f3b74a4 NEW |
1473091351 [0] none [0] |
ASM:Graph none:none |
tElock| Armadillo| |
lines=75 embedded dns lines=90 |
trace trace |
| T:15:05:00 | WinXP | 4.176.108.148 (LEVEL3.NET): LEVEL 3 COMMUNICATIONS INC, TUCSON, ARIZONA, US. (DIAL) |
n/a | 135 | pcap | raw alerts ruleset |
other 154 lines |
Yeah : 1.3 profile |
none | summary tarball |
25 of 41 | e7f442bf6b NEW |
1cbd3d66e4 [0] | none:none |
Armadillo| | none | trace | |
| T:15:11:00 | Win2K-f | 208.105.110.232 (-): . |
n/a | 135 | pcap | raw alerts ruleset |
other 395 lines |
Yeah : 1.3 profile |
none | summary tarball |
27 of 41 | de2a8e3f8e NEW |
032d753367 [0] | none:none |
PENinja S| | none | trace | |
| T:15:42:00 | Win2K-f | 194.126.184.69 (XCLUSIV.RO): SC EXCLUSIV NETWORK SRL, RO. |
n/a | US:microsoft.com | 135 | pcap | raw alerts ruleset |
other 78 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 |
53bfe15e91 NEW a08f3b74a4 NEW |
1473091351 [0] none [0] |
ASM:Graph none:none |
tElock| Armadillo| |
lines=75 embedded dns lines=90 |
trace trace |
| T:15:44:00 | WinXP | 66.53.120.26 (MDSG-PACWEST.COM): PAC-WEST MANAGED MODEM NAS POOL, SACRAMENTO, CALIFORNIA, US. |
213.219.245.212:80 | RU:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
39 of 41 | ddf5c2da76 NEW |
0778330e58 [0] | none:none |
PolyEnE| | none | trace |
| T:16:00:00 | WinXP | 4.191.64.85 (LEVEL3.NET): LEVEL 3 COMMUNICATIONS INC, SALEM, OREGON, US. (DIAL) |
n/a | 135 | pcap | raw alerts ruleset |
other 18 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:16:14:00 | WinXP | 173.171.242.179 (-): . |
n/a | US:microsoft.com | 135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 |
53bfe15e91 NEW a08f3b74a4 NEW |
1473091351 [0] none [0] |
ASM:Graph none:none |
tElock| Armadillo| |
lines=75 embedded dns lines=90 |
trace trace |
| T:16:17:00 | Win2K-f | 173.28.212.53 (-): . |
n/a | US:microsoft.com | 135 | pcap | raw alerts ruleset |
other 110 lines |
Yeah : 1.3 profile |
none | summary tarball |
36 of 41 38 of 40 |
067917e07b NEW d764c1dcb2 NEW |
dae35b319c [0] 3d2bc60c5d[0] |
none:none none:none |
Armadillo| tElock| |
none none |
trace trace |
| T:16:53:00 | WinXP | 69.85.109.148 (ELLIJAY.COM): ELLIJAY COMMUNITY TELEVISION, BLUE RIDGE, GEORGIA, US. |
213.219.245.212:80 | RU:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
35 of 35 | 9716d7995a NEW |
c3a5354b6f [0] | none:none |
PolyEnE| | none | trace |
| T:17:14:00 | WinXP | 121.84.26.212 (EONET.NE.JP): K-OPTICOM CORPORATION, JP. |
n/a | 445 | pcap | raw alerts ruleset |
shell ftp 13 lines |
Yeah : 0.8 profile |
none | summary tarball |
38 of 41 | 7b313206a2 NEW |
0c866c8cce [0] | none:none |
none|none | none | trace | |
| T:17:21:00 | WinXP | 69.85.112.63 (SPEAKEASY.NET): US. |
213.219.245.212:80 | RU:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
35 of 35 | 9716d7995a NEW |
c3a5354b6f [0] | none:none |
PolyEnE| | none | trace |
| T:17:25:00 | WinXP | 75.177.22.1 (RR.COM): ROAD RUNNER HOLDCO LLC, GREENSBORO, NORTH CAROLINA, US. |
213.219.245.212:80 | RU:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
26 of 28 | 7d99b0e910 NEW |
none[0] | none:none |
PolyEnE| | lines=68 | trace |
| T:17:32:00 | WinXP | 76.166.147.194 (RR.COM): ROAD RUNNER HOLDCO LLC, LANCASTER, CALIFORNIA, US. |
n/a | US:microsoft.com | 135 | pcap | raw alerts ruleset |
other 60 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 8 of 33 |
53bfe15e91 NEW b7082104e4 NEW |
1473091351 [0] c5b49e7b82[0] |
ASM:Graph ASM:Graph |
tElock| tElock| |
lines=75 embedded dns lines=41 |
trace trace |
| T:17:33:00 | WinXP | 206.169.143.219 (-): TIME WARNER TELECOM INC, ZIHUATANEJO, GUERRERO, MX. |
n/a | **:sys.zief.pl RU:citi-bank.ru **:core.ircgalaxy.pl RU:213.219.245.212:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
30 of 41 | 78c5ae9bf8 NEW |
e4d8d9e239 [0] | none:none |
PolyEnE| | none | trace |
| T:17:54:00 | WinXP | 201.17.190.87 (STERLINGSTUDENTS.NET): COMITE GESTOR DA INTERNET NO BRASIL, BR. (DSL) |
n/a | FR:2ch.pass.as | 445 | pcap | raw alerts ruleset |
shell ftp irc 24 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none |
| T:18:53:00 | WinXP | 124.241.188.252 (STARCAT.NE.JP): KMN CORPORATION, NAGOYA, AICHI, JP. |
n/a | US:microsoft.com | 135 | pcap | raw alerts ruleset |
other 110 lines |
Yeah : 1.3 profile |
none | summary tarball |
38 of 41 37 of 41 |
c7bb39ee2c NEW f49bcb46ba NEW |
07462a9c7b [0] ab0f851c9d[0] |
none:none none:none |
tElock| Armadillo| |
none none |
trace trace |
| T:19:05:00 | WinXP | 66.25.226.225 (RR.COM): ROAD RUNNER HOLDCO LLC, BEAUMONT, TEXAS, US. |
213.219.245.212:80 | RU:citi-bank.ru | 445 | pcap | raw alerts ruleset |
http 2 lines |
Yeah : 1.3 profile |
none | summary tarball |
32 of 32 | b502f83a7c NEW |
28f5be93b0 [0] | none:none |
PolyEnE| | none | trace |
| T:19:25:00 | WinXP | 114.32.140.186 (-): . |
221.5.74.40:65520 216.245.213.194:80 | **:proxim.ircgalaxy.pl CN:dretis.cn CN:kritq.cn :onuka.cn :mxs.mail.ru US:alt4.gmail-smtp-in.l.google.com US:in1.smtp.messagingengine.com US:mail7.digitalwaves.co.nz 116.253.108.156:3128 116.73.165.164:3128 117.102.113.3:3128 118.32.40.198:3128 KR:122.38.120.237:3128 189.35.186.54:3128 189.47.200.60:3128 BR:189.5.45.211:3128 IN:210.212.126.177:3128 KR:211.192.165.158:3128 CN:220.232.119.42:3128 CN:221.1.58.70:3128 CN:61.48.166.207:3128 EU:78.56.104.206:3128 |
445 | pcap | raw alerts ruleset |
shell ftp irc http http http 32 lines |
Yeah : 1.3 profile |
none | summary tarball |
22 of 40 7 of 41 38 of 40 26 of 41 |
034ee7001c NEW 5354e986cd NEW 7bc8d57d8c NEW 9b132706e1 NEW |
cf02cac654 [0] 55eb7e6494[0] be025ab204[0] ad6c626eb7[0] |
none:none none:none none:none none:none |
Armadillo| PENinja| none|none ASPack| |
none none none none |
trace trace trace trace |
| T:19:35:00 | WinXP | 218.110.93.94 (SO-NET.NE.JP): SO-NET SERVICE, TOKYO, TOKYO, JP. |
221.5.74.40:65520 216.245.213.194:80 | CN:dretis.cn CN:kritq.cn :onuka.cn :mxs.mail.ru US:alt4.gmail-smtp-in.l.google.com US:in1.smtp.messagingengine.com US:mail7.digitalwaves.co.nz 112.201.114.101:3128 119.64.234.88:3128 KR:121.165.105.73:3128 KR:125.183.117.132:3128 189.98.77.200:3128 BR:201.47.132.232:3128 BR:201.51.192.175:3128 CA:204.112.150.218:3128 US:209.85.222.58:25 KR:211.113.227.194:3128 KR:211.246.229.189:3128 KR:218.158.67.21:3128 CN:220.232.119.42:3128 CN:221.209.144.110:3128 HK:222.167.56.46:3128 HK:61.92.228.138:3128 99.243.248.160:3128 |
445 | pcap | raw alerts ruleset |
irc http 11 lines |
Yeah : 0.8 profile |
none | summary tarball |
26 of 41 22 of 41 7 of 41 |
1086afeef2 NEW 4b628dcac2 NEW 5354e986cd NEW |
ad6c626eb7 [0] 35602d43b9[0] 55eb7e6494[0] |
none:none none:none none:none |
ASPack| Armadillo| PENinja| |
none none none |
trace trace trace |
| T:20:25:00 | WinXP | 98.141.9.117 (-): . |
n/a | 135 | pcap | raw alerts ruleset |
other 18 lines |
Yeah : 1.3 profile |
none | summary tarball |
none | none | none | none | none | none | none | |
| T:20:34:00 | Win2K-f | 203.91.179.36 (STARCAT.NE.JP): KMN CORPORATION, NAGOYA, AICHI, JP. |
n/a | US:microsoft.com | 135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 |
53bfe15e91 NEW a08f3b74a4 NEW |
1473091351 [0] none [0] |
ASM:Graph none:none |
tElock| Armadillo| |
lines=75 embedded dns lines=90 |
trace trace |
| T:21:01:00 | WinXP | 203.67.43.157 (SEED.NET.TW): DIGITAL UNITED INC, TAIPEI, T'AI-PEI, TW. (DSL) |
n/a | **:proxim.ircgalaxy.pl RU:citi-bank.ru RU:213.219.245.212:80 |
445 | pcap | raw alerts ruleset |
http 1 line |
Yeah : 0.8 profile |
none | summary tarball |
40 of 41 | e7e8223291 NEW |
f58555b68a [0] | none:none |
PolyEnE| | none | trace |
| T:22:48:00 | WinXP | 71.130.22.21 (PACBELL.NET): WILLIAM MARTINEZ DBA, PLANO, TEXAS, US. (DSL) |
n/a | US:microsoft.com | 135 | pcap | raw alerts ruleset |
other 75 lines |
Yeah : 1.3 profile |
none | summary tarball |
33 of 33 0 of 33 |
53bfe15e91 NEW a08f3b74a4 NEW |
1473091351 [0] none [0] |
ASM:Graph none:none |
tElock| Armadillo| |
lines=75 embedded dns lines=90 |
trace trace |
| T:23:53:00 | WinXP | 62.63.208.127 (TYFON.SE): TYFON SVENSKA AB, SE. |
n/a | :moscow-advokat.ru | 445 | pcap | raw alerts ruleset |
other 0 lines |
Yeah : 0.8 profile |
none | summary tarball |
29 of 29 | d175bad0e6 NEW |
none[0] | ASM:Graph |
tElock| | lines=81 embedded dns |
trace |