Loading... Additional Content is being loaded
Windows
Analysis Report
BANK PAYMENT COPY.doc
Overview
General Information
| Sample name: | BANK PAYMENT COPY.doc |
| Analysis ID: | 1517840 |
| MD5: | 2ac91d79a602fe37092bd6f878f4ae2d |
| SHA1: | dfebe627e262e9edf9ee1fe2ebc706f4bd1356d3 |
| SHA256: | 30096d5c8c4854311558a13ab825884fa3accfb27de30f3e2ba85e70bf0f6ab7 |
| Tags: | docuser-abuse_ch |
| Infos: |   |
 |
|
Detection
XWorm
| Score: | 100 |
| Range: | 0 - 100 |
| Whitelisted: | false |
| Confidence: | 100% |
Signatures
Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Found malware configuration
Initial sample is an obfuscated RTF file
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for dropped file
Multi AV Scanner detection for submitted file
Sigma detected: EQNEDT32.EXE connecting to internet
Sigma detected: File Dropped By EQNEDT32EXE
Suricata IDS alerts for network traffic
Yara detected XWorm
.NET source code contains method to dynamically call methods (often used by packers)
.NET source code contains potential unpacker
Adds a directory exclusion to Windows Defender
C2 URLs / IPs found in malware configuration
Contains functionality to log keystrokes (.Net Source)
Document exploit detected (process start blacklist hit)
Injects a PE file into a foreign processes
Installs new ROOT certificates
Machine Learning detection for dropped file
Office equation editor drops PE file
Office equation editor establishes network connection
Office equation editor starts processes (likely CVE 2017-11882 or CVE-2018-0802)
Queries sensitive video device information (via WMI, Win32_VideoController, often done to detect virtual machines)
Sample uses string decryption to hide its real strings
Sigma detected: Equation Editor Network Connection
Sigma detected: Powershell Base64 Encoded MpPreference Cmdlet
Sigma detected: Suspicious Binary In User Directory Spawned From Office Application
Sigma detected: Suspicious Microsoft Office Child Process
Uses the Telegram API (likely for C&C communication)
Yara detected Generic Downloader
Abnormal high CPU Usage
Allocates memory with a write watch (potentially for evading sandboxes)
Allocates memory within range which is reserved for system DLLs (kernel32.dll, advapi32.dll, etc)
Binary contains a suspicious time stamp
Checks if Antivirus/Antispyware/Firewall program is installed (via WMI)
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Creates a window with clipboard capturing capabilities
Detected TCP or UDP traffic on non-standard ports
Detected potential crypto function
Downloads executable code via HTTP
Drops PE files
Enables debug privileges
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
HTTP GET or POST without a user agent
IP address seen in connection with other malware
Internet Provider seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
Monitors certain registry keys / values for changes (often done to protect autostart functionality)
Office Equation Editor has been started
Potential document exploit detected (performs DNS queries)
Potential document exploit detected (performs HTTP gets)
Potential document exploit detected (unknown TCP traffic)
Queries the volume information (name, serial number etc) of a device
Sigma detected: Powershell Defender Exclusion
Stores large binary data to the registry
Uses a known web browser user agent for HTTP communication
Uses code obfuscation techniques (call, push, ret)
Yara signature match
Classification
| Name | Description | Attribution | Blogpost URLs | Link |
|---|---|---|---|---|
| XWorm | Malware with wide range of capabilities ranging from RAT to ransomware. | No Attribution |
|
AV Detection |
  |
|---|
| Source: |
Avira: |
||
| Source: |
Avira URL Cloud: |
||
| Source: |
Malware Configuration Extractor: |
||
| Source: |
ReversingLabs: |
||
| Source: |
ReversingLabs: |
||
| Source: |
ReversingLabs: |
||
| Source: |
Joe Sandbox ML: |
||
| Source: |
Joe Sandbox ML: |
||
| Source: |
String decryptor: |
||
| Source: |
String decryptor: |
||
| Source: |
String decryptor: |
||
| Source: |
String decryptor: |
||
| Source: |
String decryptor: |
||
| Source: |
String decryptor: |
||
| Source: |
String decryptor: |
||
| Source: |
String decryptor: |
||
| Source: |
String decryptor: |
||
| Source: |
String decryptor: |
||
| Source: |
String decryptor: |
||
Exploits |
|
|---|
| Source: |
Network connect: |
Jump to behavior | ||
| Source: |
Process created: |
|||
| Source: |
Process created: |
Jump to behavior | ||
| Source: |
Process created: |
||
| Source: |
Process created: |
||
| Source: |
File opened: |
Jump to behavior | ||
| Source: |
HTTPS traffic detected: |
||
| Source: |
Binary string: |
||
| Source: |
Binary string: |
||
Software Vulnerabilities |
|
|---|
| Source: |
Process created: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
DNS query: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic: |
||
Networking |
|
|---|
| Source: |
Suricata IDS: |
||
| Source: |
Suricata IDS: |
||
| Source: |
Suricata IDS: |
||
| Source: |
Suricata IDS: |
||
| Source: |
URLs: |
||
| Source: |
DNS query: |
||
| Source: |
File source: |
||
| Source: |
File source: |
||
| Source: |
File source: |
||
| Source: |
TCP traffic: |
||
| Source: |
HTTP traffic detected: | ||