Edit tour
Windows
Analysis Report
a4#Uff09.exe
Overview
General Information
| Sample name: | a4#Uff09.exerenamed because original name is a hash value |
| Original sample name: | R2.exe |
| Analysis ID: | 1467982 |
| MD5: | 75d53417d21654acbe4565e04a5e3353 |
| SHA1: | 18f996da80eee26b0fe48da445586f190aa710bd |
| SHA256: | ecbc34e6b5739a37dc046dfecf8e067eff30b4d1a4bf7531147286fbb45e1be5 |
| Tags: | exesality |
| Infos: |   |
 | |
Detection
Bdaejec, Sality
| Score: | 100 |
| Range: | 0 - 100 |
| Whitelisted: | false |
| Confidence: | 100% |
Signatures
Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Antivirus detection for dropped file
Detected unpacking (changes PE section rights)
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for dropped file
Snort IDS alert for network traffic
Yara detected Bdaejec
Yara detected Sality
AI detected suspicious sample
Allocates memory in foreign processes
Changes security center settings (notifications, updates, antivirus, firewall)
Contains functionality to inject threads in other processes
Creates a thread in another existing process (thread injection)
Creates autorun.inf (USB autostart)
Deletes keys which are related to windows safe boot (disables safe mode boot)
Disables UAC (registry)
Disables user account control notifications
Drops PE files with a suspicious file extension
Infects executable files (exe, dll, sys, html)
Injects code into the Windows Explorer (explorer.exe)
Machine Learning detection for dropped file
Machine Learning detection for sample
May modify the system service descriptor table (often done to hook functions)
Modifies the windows firewall
Modifies the windows firewall notifications settings
PE file contains section with special chars
PE file has a writeable .text section
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
Uses known network protocols on non-standard ports
Writes to foreign memory regions
AV process strings found (often used to terminate AV products)
Abnormal high CPU Usage
Checks for available system drives (often done to infect USB drives)
Contains functionality to dynamically determine API calls
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Contains functionality to read the PEB
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Contains long sleeps (>= 3 min)
Detected TCP or UDP traffic on non-standard ports
Detected potential crypto function
Dropped file seen in connection with other malware
Drops PE files
Enables debug privileges
Entry point lies outside standard sections
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found dropped PE file which has not been started or loaded
Found evasive API chain (date check)
Found evasive API chain checking for process token information
Found inlined nop instructions (likely shell or obfuscated code)
IP address seen in connection with other malware
Internet Provider seen in connection with other malware
May infect USB drives
May sleep (evasive loops) to hinder dynamic analysis
Modifies existing windows services
One or more processes crash
PE file contains executable resources (Code or Archives)
PE file contains more sections than normal
PE file contains sections with non-standard names
Queries disk information (often used to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
Sample file is different than original file name gathered from version info
Sigma detected: Uncommon Svchost Parent Process
Sigma detected: Use Short Name Path in Command Line
Uses 32bit PE files
Uses a known web browser user agent for HTTP communication
Uses code obfuscation techniques (call, push, ret)
Uses the system / local time for branch decision (may execute only at specific dates)
Yara detected Keylogger Generic
Yara signature match
Classification
- System is w10x64
a4#Uff09.exe (PID: 7020 cmdline: "C:\Users\ user\Deskt op\a4#Uff0 9.exe" MD5: 75D53417D21654ACBE4565E04A5E3353) 
plgMeM.exe (PID: 320 cmdline: C:\Users\u ser~1\AppD ata\Local\ Temp\plgMe M.exe MD5: 56B2C3810DBA2E939A8BB9FA36D3CF96) 
WerFault.exe (PID: 7332 cmdline: C:\Windows \SysWOW64\ WerFault.e xe -u -p 3 20 -s 1592 MD5: C31336C1EFC2CCB44B4326EA793040F2) - fontdrvhost.exe (PID: 772 cmdline:
"fontdrvho st.exe" MD5: BBCB897697B3442657C7D6E3EDDBD25F) - dllhost.exe (PID: 5112 cmdline:
C:\Windows \system32\ DllHost.ex e /Process id:{3EB3C8 77-1F16-48 7C-9050-10 4DBCD66683 } MD5: 08EB78E5BE019DF044C26B14703BD1FA) - fontdrvhost.exe (PID: 780 cmdline:
"fontdrvho st.exe" MD5: BBCB897697B3442657C7D6E3EDDBD25F) - svchost.exe (PID: 5380 cmdline:
C:\Windows \system32\ svchost.ex e -k Unist ackSvcGrou p MD5: B7F884C1B74A263F746EE12A5F7C9F6A) - dwm.exe (PID: 976 cmdline:
"dwm.exe" MD5: 5C27608411832C5B39BA04E33D53536C) - sihost.exe (PID: 3476 cmdline:
sihost.exe MD5: A21E7719D73D0322E2E7D61802CB8F80) - svchost.exe (PID: 3524 cmdline:
C:\Windows \system32\ svchost.ex e -k Unist ackSvcGrou p -s CDPUs erSvc MD5: B7F884C1B74A263F746EE12A5F7C9F6A) - svchost.exe (PID: 3556 cmdline:
C:\Windows \system32\ svchost.ex e -k Unist ackSvcGrou p -s WpnUs erService MD5: B7F884C1B74A263F746EE12A5F7C9F6A) 
ctfmon.exe (PID: 3852 cmdline: "ctfmon.ex e" MD5: B625C18E177D5BEB5A6F6432CCF46FB3) 
explorer.exe (PID: 4056 cmdline: C:\Windows \Explorer. EXE MD5: 662F4F92FDE3557E86D110526BB578D5) - svchost.exe (PID: 1096 cmdline:
C:\Windows \system32\ svchost.ex e -k Clipb oardSvcGro up -p -s c bdhsvc MD5: B7F884C1B74A263F746EE12A5F7C9F6A) - StartMenuExperienceHost.exe (PID: 4756 cmdline:
"C:\Window s\SystemAp ps\Microso ft.Windows .StartMenu Experience Host_cw5n1 h2txyewy\S tartMenuEx perienceHo st.exe" -S erverName: App.AppXyw brabmsek0g m3tkwpr5kw zbs55tkqay .mca MD5: 5CDDF06A40E89358807A2B9506F064D9) - RuntimeBroker.exe (PID: 4844 cmdline:
C:\Windows \System32\ RuntimeBro ker.exe -E mbedding MD5: BA4CFE6461AFA1004C52F19C8F2169DC) - SearchApp.exe (PID: 4972 cmdline:
"C:\Window s\SystemAp ps\Microso ft.Windows .Search_cw 5n1h2txyew y\SearchAp p.exe" -Se rverName:C ortanaUI.A ppX8z9r6jm 96hw4bsbne egw0kyxx29 6wr9t.mca MD5: 5E1C9231F1F1DCBA168CA9F3227D9168) - RuntimeBroker.exe (PID: 3596 cmdline:
C:\Windows \System32\ RuntimeBro ker.exe -E mbedding MD5: BA4CFE6461AFA1004C52F19C8F2169DC) - ShellExperienceHost.exe (PID: 8092 cmdline:
"C:\Window s\SystemAp ps\ShellEx perienceHo st_cw5n1h2 txyewy\She llExperien ceHost.exe " -ServerN ame:App.Ap pXtk181tbx bce2qsex02 s8tw7hfxa9 xb3t.mca MD5: 9B8DE9D4EDF68EEF2C1E490ABC291567) - RuntimeBroker.exe (PID: 5620 cmdline:
C:\Windows \System32\ RuntimeBro ker.exe -E mbedding MD5: BA4CFE6461AFA1004C52F19C8F2169DC) - smartscreen.exe (PID: 5672 cmdline:
C:\Windows \System32\ smartscree n.exe -Emb edding MD5: 02FB7069B8D8426DC72C9D8A495AF55A) - ApplicationFrameHost.exe (PID: 3496 cmdline:
C:\Windows \system32\ Applicatio nFrameHost .exe -Embe dding MD5: D58A8A987A8DAFAD9DC32A548CC061E7) - RuntimeBroker.exe (PID: 6552 cmdline:
C:\Windows \System32\ RuntimeBro ker.exe -E mbedding MD5: BA4CFE6461AFA1004C52F19C8F2169DC) - WinStore.App.exe (PID: 1868 cmdline:
"C:\Progra m Files\Wi ndowsApps\ Microsoft. WindowsSto re_11910.1 002.5.0_x6 4__8wekyb3 d8bbwe\Win Store.App. exe" -Serv erName:App .AppXc75wv wned5vhz4x yxxecvgdjh dkgsdza.mc a MD5: 6C44453CD661FC2DB18E4C09C4940399) - RuntimeBroker.exe (PID: 3536 cmdline:
C:\Windows \System32\ RuntimeBro ker.exe -E mbedding MD5: BA4CFE6461AFA1004C52F19C8F2169DC) - TextInputHost.exe (PID: 6852 cmdline:
"C:\Window s\SystemAp ps\Microso ftWindows. Client.CBS _cw5n1h2tx yewy\TextI nputHost.e xe" -Serve rName:Inpu tApp.AppXj d5de1g66v2 06tj52m9d0 dtpppx4cgp n.mca MD5: F050189D49E17D0D340DE52E9E5B711F)
- cleanup
| Name | Description | Attribution | Blogpost URLs | Link |
|---|---|---|---|---|
| Sality | F-Secure states that the Sality virus family has been circulating in the wild as early as 2003. Over the years, the malware has been developed and improved with the addition of new features, such as rootkit or backdoor functionality, and so on, keeping it an active and relevant threat despite the relative age of the malware.Modern Sality variants also have the ability to communicate over a peer-to-peer (P2P) network, allowing an attacker to control a botnet of Sality-infected machines. The combined resources of the Sality botnet may also be used by its controller(s) to perform other malicious actions, such as attacking routers.InfectionSality viruses typically infect executable files on local, shared and removable drives. In earlier variants, the Sality virus simply added its own malicious code to the end of the infected (or host) file, a technique known as prepending. The viral code that Sality inserts is polymorphic, a form of complex code that is intended to make analysis more difficult.Earlier Sality variants were regarded as technically sophisticated in that they use an Entry Point Obscuration (EPO) technique to hide their presence on the system. This technique means that the virus inserts a command somewhere in the middle of an infected file's code, so that when the system is reading the file to execute it and comes to the command, it forces the system to 'jump' to the malware's code and execute that instead. This technique was used to make discovery and disinfection of the malicious code harder.PayloadOnce installed on the computer system, Sality viruses usually also execute a malicious payload. The specific actions performed depend on the specific variant in question, but generally Sality viruses will attempt to terminate processes, particularly those related to security programs. The virus may also attempt to open connections to remote sites, download and run additional malicious files, and steal data from the infected machine. |
⊘No configs have been found
| Source | Rule | Description | Author | Strings |
|---|---|---|---|---|
| INDICATOR_EXE_Packed_SimplePolyEngine | Detects executables packed with Sality Polymorphic Code Generator or Simple Poly Engine or Sality | ditekSHen |
| |
| INDICATOR_EXE_Packed_SimplePolyEngine | Detects executables packed with Sality Polymorphic Code Generator or Simple Poly Engine or Sality | ditekSHen |
|
| Source | Rule | Description | Author | Strings |
|---|---|---|---|---|
| JoeSecurity_Keylogger_Generic | Yara detected Keylogger Generic | Joe Security | ||
| JoeSecurity_Sality | Yara detected Sality | Joe Security | ||
| JoeSecurity_Keylogger_Generic | Yara detected Keylogger Generic | Joe Security | ||
| JoeSecurity_Sality | Yara detected Sality | Joe Security | ||
| JoeSecurity_Bdaejec | Yara detected Bdaejec | Joe Security |
| Source | Rule | Description | Author | Strings |
|---|---|---|---|---|
| INDICATOR_EXE_Packed_SimplePolyEngine | Detects executables packed with Sality Polymorphic Code Generator or Simple Poly Engine or Sality | ditekSHen |
| |
| INDICATOR_EXE_Packed_SimplePolyEngine | Detects executables packed with Sality Polymorphic Code Generator or Simple Poly Engine or Sality | ditekSHen |
| |
| JoeSecurity_Sality | Yara detected Sality | Joe Security | ||
| INDICATOR_EXE_Packed_SimplePolyEngine | Detects executables packed with Sality Polymorphic Code Generator or Simple Poly Engine or Sality | ditekSHen |
| |
| JoeSecurity_Keylogger_Generic | Yara detected Keylogger Generic | Joe Security | ||
| Click to see the 2 entries | ||||
System Summary |   |
|---|
| Source: | Author: Florian Roth (Nextron Systems): | ||
| Source: | Author: frack113, Nasreddine Bencherchali: | ||
| Source: | Author: frack113: | ||
| Source: | Author: vburov: | ||
| Timestamp: | 07/05/24-08:03:54.079676 |
| SID: | 2804830 |
| Source Port: | 49999 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:07.193888 |
| SID: | 2838522 |
| Source Port: | 49274 |
| Destination Port: | 53 |
| Protocol: | UDP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:07.750441 |
| SID: | 2807908 |
| Source Port: | 49706 |
| Destination Port: | 799 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:07.323406 |
| SID: | 2804830 |
| Source Port: | 49938 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:45.236101 |
| SID: | 2804830 |
| Source Port: | 49759 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:20.604250 |
| SID: | 2804830 |
| Source Port: | 49955 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:39.674041 |
| SID: | 2804830 |
| Source Port: | 49825 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:25.972827 |
| SID: | 2804830 |
| Source Port: | 49730 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:06.577493 |
| SID: | 2804830 |
| Source Port: | 49937 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:04.989762 |
| SID: | 2804830 |
| Source Port: | 49782 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:19.844628 |
| SID: | 2804830 |
| Source Port: | 49723 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:21.400592 |
| SID: | 2804830 |
| Source Port: | 49956 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:50.416771 |
| SID: | 2804830 |
| Source Port: | 49916 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:33.091948 |
| SID: | 2804830 |
| Source Port: | 49892 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:04:04.234554 |
| SID: | 2804830 |
| Source Port: | 50013 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:00.017380 |
| SID: | 2804830 |
| Source Port: | 49929 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:42.706476 |
| SID: | 2804830 |
| Source Port: | 49829 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:38.796774 |
| SID: | 2804830 |
| Source Port: | 49824 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:54.772822 |
| SID: | 2804830 |
| Source Port: | 49843 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:09.146982 |
| SID: | 2804830 |
| Source Port: | 49861 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:19.041265 |
| SID: | 2804830 |
| Source Port: | 49874 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:13.906899 |
| SID: | 2804830 |
| Source Port: | 49947 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:04.025577 |
| SID: | 2804830 |
| Source Port: | 49934 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:17.476356 |
| SID: | 2804830 |
| Source Port: | 49951 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:15.863341 |
| SID: | 2804830 |
| Source Port: | 49796 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:09.628662 |
| SID: | 2804830 |
| Source Port: | 49709 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:02.693866 |
| SID: | 2804830 |
| Source Port: | 49778 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:12.784586 |
| SID: | 2804830 |
| Source Port: | 49792 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:28.927797 |
| SID: | 2804830 |
| Source Port: | 49887 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:35.469085 |
| SID: | 2804830 |
| Source Port: | 49974 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:29.744544 |
| SID: | 2804830 |
| Source Port: | 49737 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:43.250923 |
| SID: | 2804830 |
| Source Port: | 49756 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:03.167474 |
| SID: | 2804830 |
| Source Port: | 49933 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:17.979106 |
| SID: | 2804830 |
| Source Port: | 49952 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:14.843930 |
| SID: | 2804830 |
| Source Port: | 49869 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:27.862972 |
| SID: | 2804830 |
| Source Port: | 49810 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:57.518019 |
| SID: | 2804830 |
| Source Port: | 49773 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:04:11.191840 |
| SID: | 2804830 |
| Source Port: | 50021 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:48.219903 |
| SID: | 2804830 |
| Source Port: | 49992 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:12.165636 |
| SID: | 2807908 |
| Source Port: | 49712 |
| Destination Port: | 799 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:31.891538 |
| SID: | 2804830 |
| Source Port: | 49815 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:56.946740 |
| SID: | 2804830 |
| Source Port: | 50003 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:41.619770 |
| SID: | 2804830 |
| Source Port: | 49903 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:50.101971 |
| SID: | 2804830 |
| Source Port: | 49838 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:12.978610 |
| SID: | 2804830 |
| Source Port: | 49866 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:33.772934 |
| SID: | 2804830 |
| Source Port: | 49818 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:35.491760 |
| SID: | 2804830 |
| Source Port: | 49895 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:50.018422 |
| SID: | 2804830 |
| Source Port: | 49995 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:12.232206 |
| SID: | 2804830 |
| Source Port: | 49865 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:28.544037 |
| SID: | 2804830 |
| Source Port: | 49965 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:23.145856 |
| SID: | 2804830 |
| Source Port: | 49804 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:53.141197 |
| SID: | 2804830 |
| Source Port: | 49767 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:36.313053 |
| SID: | 2804830 |
| Source Port: | 49896 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:55.275240 |
| SID: | 2804830 |
| Source Port: | 49844 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:07.294107 |
| SID: | 2804830 |
| Source Port: | 49859 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:04:07.491473 |
| SID: | 2804830 |
| Source Port: | 50017 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:08.703238 |
| SID: | 2804830 |
| Source Port: | 49787 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:23.433566 |
| SID: | 2804830 |
| Source Port: | 49959 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:50.075882 |
| SID: | 2804830 |
| Source Port: | 49764 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:35.623129 |
| SID: | 2804830 |
| Source Port: | 49820 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:11.526434 |
| SID: | 2804830 |
| Source Port: | 49711 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:44.381931 |
| SID: | 2804830 |
| Source Port: | 49907 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:04:02.396103 |
| SID: | 2804830 |
| Source Port: | 50010 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:34.696045 |
| SID: | 2804830 |
| Source Port: | 49973 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:37.809563 |
| SID: | 2804830 |
| Source Port: | 49747 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:42.744667 |
| SID: | 2804830 |
| Source Port: | 49753 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:57.680694 |
| SID: | 2804830 |
| Source Port: | 50004 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:15.997396 |
| SID: | 2804830 |
| Source Port: | 49718 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:30.500718 |
| SID: | 2804830 |
| Source Port: | 49967 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:30.031744 |
| SID: | 2804830 |
| Source Port: | 49813 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:44.814571 |
| SID: | 2804830 |
| Source Port: | 49831 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:33.868366 |
| SID: | 2804830 |
| Source Port: | 49742 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:44.546203 |
| SID: | 2804830 |
| Source Port: | 49987 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:26.520518 |
| SID: | 2804830 |
| Source Port: | 49733 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:53.564881 |
| SID: | 2804830 |
| Source Port: | 49920 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:57.137619 |
| SID: | 2804830 |
| Source Port: | 49925 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:26.326136 |
| SID: | 2804830 |
| Source Port: | 49962 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:45.125963 |
| SID: | 2804830 |
| Source Port: | 49908 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:33.112705 |
| SID: | 2804830 |
| Source Port: | 49741 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:06.978087 |
| SID: | 2804830 |
| Source Port: | 49784 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:19.869268 |
| SID: | 2804830 |
| Source Port: | 49875 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:22.912317 |
| SID: | 2804830 |
| Source Port: | 49879 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:13.226230 |
| SID: | 2804830 |
| Source Port: | 49946 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:08.671726 |
| SID: | 2804830 |
| Source Port: | 49940 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:34.404177 |
| SID: | 2804830 |
| Source Port: | 49743 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:28.197539 |
| SID: | 2804830 |
| Source Port: | 49886 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:32.583766 |
| SID: | 2804830 |
| Source Port: | 49891 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:31.271862 |
| SID: | 2804830 |
| Source Port: | 49968 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:46.513761 |
| SID: | 2804830 |
| Source Port: | 49761 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:18.500630 |
| SID: | 2804830 |
| Source Port: | 49873 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:17.393634 |
| SID: | 2804830 |
| Source Port: | 49797 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:24.811845 |
| SID: | 2804830 |
| Source Port: | 49728 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:31.825176 |
| SID: | 2804830 |
| Source Port: | 49969 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:39.679715 |
| SID: | 2804830 |
| Source Port: | 49980 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:41.509392 |
| SID: | 2804830 |
| Source Port: | 49828 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:59.321219 |
| SID: | 2804830 |
| Source Port: | 49928 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:58.781917 |
| SID: | 2804830 |
| Source Port: | 49927 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:05.624703 |
| SID: | 2804830 |
| Source Port: | 49857 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:14.219187 |
| SID: | 2804830 |
| Source Port: | 49715 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:51.117172 |
| SID: | 2804830 |
| Source Port: | 49917 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:40.218084 |
| SID: | 2804830 |
| Source Port: | 49981 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:46.934915 |
| SID: | 2804830 |
| Source Port: | 49911 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:14.587567 |
| SID: | 2804830 |
| Source Port: | 49794 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:58.039779 |
| SID: | 2804830 |
| Source Port: | 49774 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:53.871516 |
| SID: | 2804830 |
| Source Port: | 49768 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:08.093379 |
| SID: | 2804830 |
| Source Port: | 49860 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:41.444039 |
| SID: | 2804830 |
| Source Port: | 49983 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:26.243759 |
| SID: | 2804830 |
| Source Port: | 49883 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:21.588982 |
| SID: | 2804830 |
| Source Port: | 49877 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:03.711587 |
| SID: | 2804830 |
| Source Port: | 49854 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:37.304934 |
| SID: | 2804830 |
| Source Port: | 49977 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:49.873814 |
| SID: | 2804830 |
| Source Port: | 49915 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:09.822245 |
| SID: | 2804830 |
| Source Port: | 49788 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:45.329234 |
| SID: | 2804830 |
| Source Port: | 49832 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:40.301379 |
| SID: | 2804830 |
| Source Port: | 49826 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:45.630618 |
| SID: | 2804830 |
| Source Port: | 49909 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:58.427630 |
| SID: | 2804830 |
| Source Port: | 49848 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:21.965532 |
| SID: | 2804830 |
| Source Port: | 49803 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:54.077723 |
| SID: | 2804830 |
| Source Port: | 49921 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:04:11.938903 |
| SID: | 2804830 |
| Source Port: | 50022 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:56.765688 |
| SID: | 2804830 |
| Source Port: | 49772 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:52.760739 |
| SID: | 2804830 |
| Source Port: | 49919 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:24.899269 |
| SID: | 2804830 |
| Source Port: | 49807 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:20.049748 |
| SID: | 2804830 |
| Source Port: | 49800 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:42.205901 |
| SID: | 2804830 |
| Source Port: | 49752 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:38.921284 |
| SID: | 2804830 |
| Source Port: | 49979 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:54.596306 |
| SID: | 2804830 |
| Source Port: | 50000 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:41.078765 |
| SID: | 2804830 |
| Source Port: | 49902 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:43.040911 |
| SID: | 2804830 |
| Source Port: | 49985 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:31.140756 |
| SID: | 2804830 |
| Source Port: | 49814 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:47.448502 |
| SID: | 2804830 |
| Source Port: | 49991 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:04:07.014014 |
| SID: | 2804830 |
| Source Port: | 50016 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:48.742596 |
| SID: | 2804830 |
| Source Port: | 49993 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:02.421879 |
| SID: | 2804830 |
| Source Port: | 49932 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:07.985689 |
| SID: | 2804830 |
| Source Port: | 49707 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:59.023279 |
| SID: | 2804830 |
| Source Port: | 49775 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:59.595777 |
| SID: | 2804830 |
| Source Port: | 49849 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:32.413888 |
| SID: | 2804830 |
| Source Port: | 49816 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:49.333237 |
| SID: | 2804830 |
| Source Port: | 49914 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:40.799274 |
| SID: | 2804830 |
| Source Port: | 49827 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:01.645270 |
| SID: | 2804830 |
| Source Port: | 49931 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:46.143358 |
| SID: | 2804830 |
| Source Port: | 49910 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:31.994022 |
| SID: | 2804830 |
| Source Port: | 49740 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:18.210602 |
| SID: | 2804830 |
| Source Port: | 49798 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:29.365473 |
| SID: | 2804830 |
| Source Port: | 49812 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:16.700449 |
| SID: | 2804830 |
| Source Port: | 49950 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:48.584173 |
| SID: | 2804830 |
| Source Port: | 49913 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:09.582231 |
| SID: | 2804830 |
| Source Port: | 49941 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:27.612763 |
| SID: | 2804830 |
| Source Port: | 49885 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:11.088316 |
| SID: | 2804830 |
| Source Port: | 49790 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:54.943437 |
| SID: | 2804830 |
| Source Port: | 49770 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:24.597688 |
| SID: | 2804830 |
| Source Port: | 49881 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:36.822076 |
| SID: | 2804830 |
| Source Port: | 49822 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:35.746332 |
| SID: | 2804830 |
| Source Port: | 49745 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:13.522685 |
| SID: | 2804830 |
| Source Port: | 49867 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:53.003632 |
| SID: | 2804830 |
| Source Port: | 49841 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:31.304905 |
| SID: | 2804830 |
| Source Port: | 49739 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:18.614533 |
| SID: | 2804830 |
| Source Port: | 49721 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:52.875081 |
| SID: | 2804830 |
| Source Port: | 49998 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:04:08.737626 |
| SID: | 2804830 |
| Source Port: | 50019 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:08.773435 |
| SID: | 2804830 |
| Source Port: | 49708 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:35.965126 |
| SID: | 2804830 |
| Source Port: | 49975 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:03.707606 |
| SID: | 2804830 |
| Source Port: | 49779 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:37.506165 |
| SID: | 2804830 |
| Source Port: | 49898 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:55.345528 |
| SID: | 2804830 |
| Source Port: | 49923 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:08.090379 |
| SID: | 2804830 |
| Source Port: | 49939 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:10.613211 |
| SID: | 2804830 |
| Source Port: | 49863 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:10.129320 |
| SID: | 2037771 |
| Source Port: | 80 |
| Destination Port: | 49709 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:56.077593 |
| SID: | 2804830 |
| Source Port: | 49845 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:42.808063 |
| SID: | 2804830 |
| Source Port: | 49905 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:21.929385 |
| SID: | 2804830 |
| Source Port: | 49957 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:36.504685 |
| SID: | 2804830 |
| Source Port: | 49976 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:22.467645 |
| SID: | 2804830 |
| Source Port: | 49958 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:27.800233 |
| SID: | 2804830 |
| Source Port: | 49735 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:45.125470 |
| SID: | 2804830 |
| Source Port: | 49988 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:30.794906 |
| SID: | 2804830 |
| Source Port: | 49889 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:27.068264 |
| SID: | 2804830 |
| Source Port: | 49734 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:16.197642 |
| SID: | 2807908 |
| Source Port: | 49719 |
| Destination Port: | 799 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:45.826893 |
| SID: | 2804830 |
| Source Port: | 49989 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:49.292201 |
| SID: | 2804830 |
| Source Port: | 49994 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:04.301554 |
| SID: | 2804830 |
| Source Port: | 49780 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:32.950973 |
| SID: | 2804830 |
| Source Port: | 49817 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:17.963369 |
| SID: | 2804830 |
| Source Port: | 49872 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:04:12.497729 |
| SID: | 2804830 |
| Source Port: | 50023 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:00.092504 |
| SID: | 2804830 |
| Source Port: | 49850 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:38.997095 |
| SID: | 2804830 |
| Source Port: | 49749 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:33.087688 |
| SID: | 2804830 |
| Source Port: | 49971 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:17.182096 |
| SID: | 2804830 |
| Source Port: | 49871 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:54.393388 |
| SID: | 2804830 |
| Source Port: | 49769 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:52.117935 |
| SID: | 2804830 |
| Source Port: | 49997 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:53.745329 |
| SID: | 2804830 |
| Source Port: | 49842 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:04:03.554852 |
| SID: | 2804830 |
| Source Port: | 50012 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:24.393679 |
| SID: | 2804830 |
| Source Port: | 49806 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:49.026282 |
| SID: | 2804830 |
| Source Port: | 49836 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:58.713788 |
| SID: | 2804830 |
| Source Port: | 50006 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:20.674195 |
| SID: | 2804830 |
| Source Port: | 49801 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:50.934804 |
| SID: | 2804830 |
| Source Port: | 49765 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:55.629338 |
| SID: | 2804830 |
| Source Port: | 49771 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:21.708136 |
| SID: | 2804830 |
| Source Port: | 49724 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:25.038288 |
| SID: | 2804830 |
| Source Port: | 49961 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:59.743814 |
| SID: | 2804830 |
| Source Port: | 49776 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:04:08.019459 |
| SID: | 2804830 |
| Source Port: | 50018 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:11.351826 |
| SID: | 2804830 |
| Source Port: | 49943 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:45.977388 |
| SID: | 2804830 |
| Source Port: | 49760 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:04.345788 |
| SID: | 2804830 |
| Source Port: | 49855 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:42.127754 |
| SID: | 2804830 |
| Source Port: | 49904 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:12.148410 |
| SID: | 2804830 |
| Source Port: | 49944 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:11.619212 |
| SID: | 2804830 |
| Source Port: | 49791 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:38.413717 |
| SID: | 2804830 |
| Source Port: | 49748 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:54.615908 |
| SID: | 2804830 |
| Source Port: | 49922 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:57.901258 |
| SID: | 2804830 |
| Source Port: | 49926 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:55.324330 |
| SID: | 2804830 |
| Source Port: | 50001 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:15.277686 |
| SID: | 2804830 |
| Source Port: | 49717 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:19.304636 |
| SID: | 2804830 |
| Source Port: | 49799 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:23.576150 |
| SID: | 2804830 |
| Source Port: | 49880 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:38.608727 |
| SID: | 2804830 |
| Source Port: | 49899 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:49.601686 |
| SID: | 2804830 |
| Source Port: | 49837 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:36.943363 |
| SID: | 2804830 |
| Source Port: | 49746 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:12.700775 |
| SID: | 2804830 |
| Source Port: | 49945 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:27.088178 |
| SID: | 2804830 |
| Source Port: | 49809 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:43.976891 |
| SID: | 2804830 |
| Source Port: | 49757 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:48.267375 |
| SID: | 2804830 |
| Source Port: | 49835 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:34.940616 |
| SID: | 2804830 |
| Source Port: | 49744 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:36.258057 |
| SID: | 2804830 |
| Source Port: | 49821 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:37.575304 |
| SID: | 2804830 |
| Source Port: | 49823 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:14.135112 |
| SID: | 2804830 |
| Source Port: | 49868 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:40.295808 |
| SID: | 2804830 |
| Source Port: | 49901 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:30.268121 |
| SID: | 2804830 |
| Source Port: | 49738 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:18.688790 |
| SID: | 2804830 |
| Source Port: | 49953 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:33.861375 |
| SID: | 2804830 |
| Source Port: | 49893 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:59.407716 |
| SID: | 2804830 |
| Source Port: | 50007 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:04.734060 |
| SID: | 2804830 |
| Source Port: | 49935 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:00.871301 |
| SID: | 2804830 |
| Source Port: | 49851 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:27.799167 |
| SID: | 2804830 |
| Source Port: | 49964 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:40.931335 |
| SID: | 2804830 |
| Source Port: | 49751 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:07.510235 |
| SID: | 2804830 |
| Source Port: | 49785 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:10.645082 |
| SID: | 2804830 |
| Source Port: | 49710 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:36.832363 |
| SID: | 2804830 |
| Source Port: | 49897 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:43.929702 |
| SID: | 2804830 |
| Source Port: | 49986 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:50.838235 |
| SID: | 2804830 |
| Source Port: | 49839 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:08.006940 |
| SID: | 2804830 |
| Source Port: | 49786 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:26.860959 |
| SID: | 2804830 |
| Source Port: | 49963 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:40.742000 |
| SID: | 2804830 |
| Source Port: | 49982 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:23.869123 |
| SID: | 2804830 |
| Source Port: | 49805 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:46.114759 |
| SID: | 2804830 |
| Source Port: | 49833 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:14.773929 |
| SID: | 2804830 |
| Source Port: | 49716 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:32.330065 |
| SID: | 2804830 |
| Source Port: | 49970 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:04:05.856829 |
| SID: | 2804830 |
| Source Port: | 50015 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:39.713481 |
| SID: | 2804830 |
| Source Port: | 49750 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:04:01.487780 |
| SID: | 2804830 |
| Source Port: | 50009 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:31.791683 |
| SID: | 2804830 |
| Source Port: | 49890 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:25.619836 |
| SID: | 2804830 |
| Source Port: | 49808 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:02.941707 |
| SID: | 2804830 |
| Source Port: | 49853 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:10.569607 |
| SID: | 2804830 |
| Source Port: | 49789 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:09.655496 |
| SID: | 2804830 |
| Source Port: | 49862 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:27.085889 |
| SID: | 2804830 |
| Source Port: | 49884 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:28.406516 |
| SID: | 2804830 |
| Source Port: | 49811 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:57.670447 |
| SID: | 2804830 |
| Source Port: | 49847 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:19.261473 |
| SID: | 2804830 |
| Source Port: | 49722 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:22.349717 |
| SID: | 2804830 |
| Source Port: | 49878 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:15.340850 |
| SID: | 2804830 |
| Source Port: | 49795 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:02:04.886056 |
| SID: | 2804830 |
| Source Port: | 49856 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:13.526849 |
| SID: | 2804830 |
| Source Port: | 49714 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:58.195981 |
| SID: | 2804830 |
| Source Port: | 50005 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:17.267424 |
| SID: | 2804830 |
| Source Port: | 49720 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:06.213484 |
| SID: | 2804830 |
| Source Port: | 49783 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:21.203555 |
| SID: | 2804830 |
| Source Port: | 49802 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:04:02.950492 |
| SID: | 2804830 |
| Source Port: | 50011 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:43.459729 |
| SID: | 2804830 |
| Source Port: | 49830 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:34.880660 |
| SID: | 2804830 |
| Source Port: | 49819 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:01:01.041161 |
| SID: | 2804830 |
| Source Port: | 49777 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:03:15.937387 |
| SID: | 2804830 |
| Source Port: | 49949 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 07/05/24-08:00:28.927989 |
| SID: | 2804830 |
| Source Port: | 49736 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
Click to jump to signature section
Show All Signature Results
AV Detection | |
|---|
| Source: | Avira: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira URL Cloud: | ||
| Source: | Avira: | ||
| Source: | Avira: | ||
| Source: | Avira: | ||
| Source: | ReversingLabs: | ||
| Source: | Integrated Neural Analysis Model: | ||
| Source: | Joe Sandbox ML: | ||
| Source: | Joe Sandbox ML: | ||
| Source: | Joe Sandbox ML: | ||
| Source: | Joe Sandbox ML: | ||
| Source: | Static PE information: | ||
| Source: | Binary string: | ||
Spreading | |
|---|
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File created: | Jump to behavior | ||
| Source: | System file written: | Jump to behavior | ||
| Source: | System file written: | Jump to behavior | ||
| Source: | System file written: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||