7eef6ef8fed53b7c3bf61ba821f375a0a433ea4cb0185fd223780b729a9a5792 (SHA256)
output.113528456.txt.exe
Windows Exe (x86-32)
Created at 2018-08-10 04:08:00
Notifications (1/1)
The maximum number of reputation file hash requests (20 per analysis) was exceeded. As a result, the reputation status could not be queried for all file hashes. In order to get the reputation status for all file hashes, please increase the 'Max File Hash Requests' setting in the system configurations.
Network Overview
Connections
DNS (12)
| Operation | Additional Information | Success | Count | Logfile |
|---|---|---|---|---|
| Resolve Name | host = www.myswcd.com, address_out = 54.191.17.130 |
|
1 | |
| Resolve Name | host = 0x0x.co, address_out = 104.217.54.142, service = 80 |
|
1 | |
| Resolve Name | host = api.ipstack.com, address_out = 198.23.101.146, 158.85.167.221 |
|
1 | |
| Resolve Name | host = api.ipstack.com, address_out = 198.23.101.146, 158.85.167.221 |
|
1 | |
| Resolve Name | host = r3m0te.65cdn.com, address_out = 104.207.155.61 |
|
7 | |
| Resolve Name | host = api.ipstack.com, address_out = 198.23.101.146 |
|
1 | - |
TCP Sessions (14)
| Information | Value |
|---|---|
| Total Data Sent | 63.56 KB |
| Total Data Received | 1.49 MB |
| Contacted Host Count | 6 |
| Contacted Hosts | 54.191.17.130, 104.217.54.142, 198.23.101.146, 104.207.155.61, 104.217.54.142:80, 54.191.17.130:80 |
TCP Session #1
| Information | Value |
|---|---|
| Handle | 0x204 |
| Address Family | AF_INET |
| Type | SOCK_STREAM |
| Protocol | IPPROTO_IP |
| Remote Address | 104.217.54.142 |
| Remote Port | 80 |
| Local Address | 0.0.0.0 |
| Local Port | 49160 |
| Data Sent | 2.18 KB |
| Data Received | 0.51 KB |
| Operation | Additional Information | Success | Count | Logfile |
|---|---|---|---|---|
| Create | protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_STREAM |
|
1 | |
| Connect | remote_address = 104.217.54.142, remote_port = 80 |
|
1 | |
| Send | flags = NO_FLAG_SET, size = 2237, size_out = 2237 |
|
1 | |
| Receive | flags = NO_FLAG_SET, size = 1, size_out = 1 |
|
191 | |
| Receive | flags = NO_FLAG_SET, size = 322, size_out = 322 |
|
1 | |
| Receive | flags = NO_FLAG_SET, size = 2, size_out = 2 |
|
1 | |
| Receive | flags = NO_FLAG_SET, size = 1, size_out = 1 |
|
5 | |
| Close | type = SOCK_STREAM |
|
1 |
TCP Session #2
| Information | Value |
|---|---|
| Handle | 0x49c |
| Address Family | AF_INET |
| Type | SOCK_STREAM |
| Protocol | IPPROTO_TCP |
| Remote Address | 54.191.17.130 |
| Remote Port | 80 |
| Local Address | 0.0.0.0 |
| Local Port | 49159 |
| Data Sent | 0.05 KB |
| Data Received | 213.77 KB |
| Operation | Additional Information | Success | Count | Logfile |
|---|---|---|---|---|
| Create | protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM |
|
1 | |
| Connect | remote_address = 54.191.17.130, remote_port = 80 |
|
1 | |
| Send | flags = NO_FLAG_SET, size = 50, size_out = 50 |
|
1 | |
| Receive | flags = NO_FLAG_SET, size = 4096, size_out = 4096 |
|
1 | |
| Receive | flags = NO_FLAG_SET, size = 65536, size_out = 4664 |
|
1 | |
| Receive | flags = NO_FLAG_SET, size = 65536, size_out = 65536 |
|
1 | |
| Receive | flags = NO_FLAG_SET, size = 65536, size_out = 39584 |
|
1 | |
| Receive | flags = NO_FLAG_SET, size = 65536, size_out = 65536 |
|
1 | |
| Receive | flags = NO_FLAG_SET, size = 39481, size_out = 7464 |
|
1 | |
| Receive | flags = NO_FLAG_SET, size = 32017, size_out = 32017 |
|
1 | |
| Close | type = SOCK_STREAM |
|
1 |
TCP Session #3
| Information | Value |
|---|---|
| Source | PCAP |
| Stream ID | 0 |
| Remote Address | 54.191.17.130 |
| Remote Port | 80 |
| Local Address | 192.168.0.125 |
| Local Port | 49159 |
| Data Sent | 53.89 KB |
| Data Received | 1.21 MB |
| Time | Highest Layer | Additional Information | Success | ||
|---|---|---|---|---|---|
| 44.357621 s | TCP | Data Sent: 0.06 KB, Data Received: 0.06 KB |
|
||
| 44.553331 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 44.563291 s | HTTP | Data Sent: 0.12 KB, Data Received: 1.48 KB |
|
||
| 44.762173 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 44.955686 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 45.148533 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 45.152193 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 45.344104 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 45.348149 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 45.537089 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 45.537287 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 45.537606 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 45.537786 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 45.538085 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 45.541614 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 45.541912 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 45.542106 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 45.542410 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 45.732195 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 45.734663 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 45.735117 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 45.923445 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 45.924011 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 45.924370 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 45.925179 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 45.927190 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 45.928036 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.116317 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.116772 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.116984 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.117249 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.117445 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.126673 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.307178 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.307415 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.307629 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.307890 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.308127 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.308382 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.308665 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.308874 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.310023 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.312131 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.312364 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.317805 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.498883 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.499107 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.499407 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.499681 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.499999 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.500280 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.500507 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.500724 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.503335 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.503623 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.504007 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.505527 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.508836 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.690932 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.691311 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.691614 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.691874 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.692090 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.692517 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.693042 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.694863 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.702542 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.703131 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.882044 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.882392 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.882622 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.882877 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.883184 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.883446 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.883749 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.884241 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.885554 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.894183 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.894439 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.894681 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.894939 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 46.895182 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.071905 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.071983 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.073837 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.076266 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.084315 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.084573 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.084919 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.085142 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.085535 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.088035 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.088485 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.262774 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.262985 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.266276 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.266367 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.266428 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.268324 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.274039 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.274263 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.274522 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.274765 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.275011 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.277301 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.277546 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.277799 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.278147 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.279445 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.450809 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.451045 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.451291 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.451534 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.454257 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.454483 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.454793 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.455032 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.455291 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.455532 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.455793 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.456163 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.467797 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.467907 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.468049 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.468116 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.468734 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.470175 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.472346 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.642894 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.643440 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
| 47.646526 s | TCP | Data Sent: 0.05 KB, Data Received: 1.48 KB |
|
||
|
The remaining entries of this session are omitted for performance reasons and can be found in
analysis.pcap
.
|
|||||
|
The remaining 10 entries are omitted for performance reasons and can be found in
glog.xml
or
analysis.pcap
.
|
UDP Sessions (4)
| Total Data Sent | 0.29 KB |
| Total Data Received | 0.46 KB |
| Contacted Host Count | 1 |
| Contacted Hosts | 192.168.0.1 |
UDP Session #1
| Information | Value |
|---|---|
| Source | PCAP |
| Stream ID | 130 |
| Remote Address | 192.168.0.1 |
| Remote Port | 53 |
| Local Address | 192.168.0.125 |
| Local Port | 62576 |
| Data Sent | 0.07 KB |
| Data Received | 0.14 KB |
| Time | Highest Layer | Additional Information | Success |
|---|---|---|---|
| 78.051993 s | DNS | Data Sent: 0.07 KB, Data Received: 0.14 KB |
|
UDP Session #2
| Information | Value |
|---|---|
| Source | PCAP |
| Stream ID | 102 |
| Remote Address | 192.168.0.1 |
| Remote Port | 53 |
| Local Address | 192.168.0.125 |
| Local Port | 59597 |
| Data Sent | 0.07 KB |
| Data Received | 0.11 KB |
| Time | Highest Layer | Additional Information | Success |
|---|---|---|---|
| 44.326894 s | DNS | Data Sent: 0.07 KB, Data Received: 0.11 KB |
|
UDP Session #3
| Information | Value |
|---|---|
| Source | PCAP |
| Stream ID | 121 |
| Remote Address | 192.168.0.1 |
| Remote Port | 53 |
| Local Address | 192.168.0.125 |
| Local Port | 52989 |
| Data Sent | 0.07 KB |
| Data Received | 0.08 KB |
| Time | Highest Layer | Additional Information | Success |
|---|---|---|---|
| 53.538201 s | DNS | Data Sent: 0.07 KB, Data Received: 0.08 KB |
|
UDP Session #4
| Information | Value |
|---|---|
| Source | PCAP |
| Stream ID | 125 |
| Remote Address | 192.168.0.1 |
| Remote Port | 53 |
| Local Address | 192.168.0.125 |
| Local Port | 56449 |
| Data Sent | 0.07 KB |
| Data Received | 0.13 KB |
| Time | Highest Layer | Additional Information | Success |
|---|---|---|---|
| 69.519586 s | DNS | Data Sent: 0.07 KB, Data Received: 0.13 KB |
|
HTTP Sessions (6)
| Information | Value |
|---|---|
| Total Data Sent | 1.58 KB |
| Total Data Received | 5.17 MB |
| Contacted Host Count | 3 |
| Contacted Hosts | 0x0x.co, api.ipstack.com, www.myswcd.com |
HTTP Session #1
| Information | Value |
|---|---|
| Source | Function Log |
| User Agent | Mozilla/5.0 (Windows NT 6.3; rv:40.0) Gecko/20100101 Firefox/49.0 |
| Server Name | api.ipstack.com |
| Server Port | 80 |
| Data Sent | 0.20 KB |
| Data Received | 0.94 KB |
| Operation | Additional Information | Success | Count | Logfile |
|---|---|---|---|---|
| Open Session | user_agent = Mozilla/5.0 (Windows NT 6.3; rv:40.0) Gecko/20100101 Firefox/49.0, access_type = WINHTTP_ACCESS_TYPE_NO_PROXY, proxy_name = WINHTTP_NO_PROXY_NAME, proxy_bypass = WINHTTP_NO_PROXY_BYPASS |
|
1 | |
| Open Connection | protocol = http, server_name = api.ipstack.com, server_port = 80 |
|
1 | |
| Open HTTP Request | http_verb = GET, http_version = HTTP/1.1, target_resource = /check?access_key=5fe547c4ec9ffabae465e7864d212dc4&output=xml |
|
1 | |
| Send HTTP Request | headers = host: api.ipstack.com, connection: Keep-Alive, user-agent: Mozilla/5.0 (Windows NT 6.3; rv:40.0) Gecko/20100101 Firefox/49.0, url = api.ipstack.com/check?access_key=5fe547c4ec9ffabae465e7864d212dc4&output=xml |
|
1 | |
| Read Response | size = 4096, size_out = 966 |
|
1 | |
| Close Session | - |
|
1 |
HTTP Session #2
| Information | Value |
|---|---|
| Source | Function Log |
| User Agent | Mozilla/5.0 (Windows NT 6.3; rv:40.0) Gecko/20100101 Firefox/49.0 |
| Server Name | api.ipstack.com |
| Server Port | 80 |
| Data Sent | 0.20 KB |
| Data Received | 0.94 KB |
| Operation | Additional Information | Success | Count | Logfile |
|---|---|---|---|---|
| Open Session | user_agent = Mozilla/5.0 (Windows NT 6.3; rv:40.0) Gecko/20100101 Firefox/49.0, access_type = WINHTTP_ACCESS_TYPE_NO_PROXY, proxy_name = WINHTTP_NO_PROXY_NAME, proxy_bypass = WINHTTP_NO_PROXY_BYPASS |
|
1 | |
| Open Connection | protocol = http, server_name = api.ipstack.com, server_port = 80 |
|
1 | |
| Open HTTP Request | http_verb = GET, http_version = HTTP/1.1, target_resource = /check?access_key=5fe547c4ec9ffabae465e7864d212dc4&output=xml |
|
1 | |
| Send HTTP Request | headers = host: api.ipstack.com, connection: Keep-Alive, user-agent: Mozilla/5.0 (Windows NT 6.3; rv:40.0) Gecko/20100101 Firefox/49.0, url = api.ipstack.com/check?access_key=5fe547c4ec9ffabae465e7864d212dc4&output=xml |
|
1 | |
| Read Response | size = 4096, size_out = 966 |
|
1 | |
| Close Session | - |
|
3 |
HTTP Session #3
| Information | Value |
|---|---|
| Source | Function Log |
| Server Name | www.myswcd.com |
| Server Port | 80 |
| Data Sent | 0.07 KB |
| Data Received | 4.96 MB |
| Operation | Additional Information | Success | Count | Logfile |
|---|---|---|---|---|
| Open Session | access_type = WINHTTP_ACCESS_TYPE_NO_PROXY, proxy_name = WINHTTP_NO_PROXY_NAME, proxy_bypass = WINHTTP_NO_PROXY_BYPASS |
|
1 | |
| Open Connection | protocol = http, server_name = www.myswcd.com, server_port = 80 |
|
1 | |
| Open HTTP Request | http_verb = GET, http_version = HTTP/1.1, target_resource = /vol/v1.exe |
|
1 | |
| Send HTTP Request | headers = host: www.myswcd.com, connection: Keep-Alive, url = www.myswcd.com/vol/v1.exe |
|
1 | |
| Read Response | size = 4096, size_out = 4096 |
|
1 | |
| Read Response | size = 65536, size_out = 4664 |
|
1 | |
| Read Response | size = 65536, size_out = 65536 |
|
1 | |
| Read Response | size = 65536, size_out = 1624 |
|
1 | |
| Read Response | size = 65536, size_out = 65536 |
|
1 | |
| Read Response | size = 65536, size_out = 33744 |
|
1 | |
| Read Response | size = 65536, size_out = 5840 |
|
1 | |
| Read Response | size = 65536, size_out = 65536 |
|
1 | |
| Read Response | size = 65536, size_out = 33744 |
|
1 | |
| Read Response | size = 65536, size_out = 32120 |
|
1 | |
| Read Response | size = 65536, size_out = 65536 |
|
1 | |
| Read Response | size = 65536, size_out = 24984 |
|
1 | |
| Read Response | size = 65536, size_out = 65536 |
|
1 | |
| Read Response | size = 65536, size_out = 17684 |
|
1 | |
| Read Response | size = 65536, size_out = 39420 |
|
1 | |
| Read Response | size = 65536, size_out = 65536 |
|
1 | |
| Read Response | size = 65536, size_out = 20604 |
|
1 | |
| Read Response | size = 65536, size_out = 65536 |
|
1 | |
| Read Response | size = 65536, size_out = 54184 |
|
1 | |
| Read Response | size = 65536, size_out = 65536 |
|
1 | |
| Read Response | size = 65536, size_out = 24984 |
|
1 | |
| Read Response | size = 65536, size_out = 65536 |
|
1 | |
| Read Response | size = 65536, size_out = 61484 |
|
1 | |
| Read Response | size = 65536, size_out = 65536 |
|
1 | |
| Read Response | size = 65536, size_out = 7464 |
|
1 | |
| Read Response | size = 65536, size_out = 65536 |
|
3 | |
| Read Response | size = 65536, size_out = 57432 |
|
1 | |
| Read Response | size = 65536, size_out = 65536 |
|
1 | |
| Read Response | size = 65536, size_out = 23524 |
|
1 | |
| Read Response | size = 65536, size_out = 3752 |
|
1 | |
| Read Response | size = 65536, size_out = 65536 |
|
3 | |
| Read Response | size = 65536, size_out = 2580 |
|
1 | |
| Read Response | size = 65536, size_out = 65536 |
|
1 | |
| Read Response | size = 65536, size_out = 164 |
|
1 | |
| Read Response | size = 65536, size_out = 65536 |
|
3 | |
| Read Response | size = 65536, size_out = 38452 |
|
1 | |
| Read Response | size = 65536, size_out = 65536 |
|
11 | |
| Read Response | size = 65536, size_out = 344 |
|
1 | |
| Read Response | size = 65536, size_out = 65536 |
|
2 | |
| Read Response | size = 65536, size_out = 25148 |
|
1 | |
| Read Response | size = 65536, size_out = 3752 |
|
1 | |
| Read Response | size = 65536, size_out = 18148 |
|
1 | |
| Read Response | size = 65536, size_out = 65536 |
|
1 | |
| Read Response | size = 65536, size_out = 7464 |
|
1 | |
| Read Response | size = 65536, size_out = 65536 |
|
2 | |
| Read Response | size = 65536, size_out = 25148 |
|
1 | |
| Read Response | size = 65536, size_out = 3752 |
|
1 | |
| Read Response | size = 65536, size_out = 628 |
|
1 | |
| Read Response | size = 65536, size_out = 65536 |
|
1 | |
| Read Response | size = 65536, size_out = 26444 |
|
1 | |
| Read Response | size = 65536, size_out = 65536 |
|
2 | |
| Read Response | size = 65536, size_out = 32448 |
|
1 | |
| Read Response | size = 65536, size_out = 65536 |
|
1 | |
| Read Response | size = 65536, size_out = 29364 |
|
1 | |
| Read Response | size = 65536, size_out = 65536 |
|
2 | |
| Read Response | size = 65536, size_out = 36828 |
|
1 | |
| Read Response | size = 65536, size_out = 65536 |
|
1 | |
| Read Response | size = 65536, size_out = 6004 |
|
1 | |
| Read Response | size = 65536, size_out = 65536 |
|
3 | |
| Read Response | size = 65536, size_out = 492 |
|
1 | |
| Read Response | size = 65536, size_out = 65536 |
|
1 | |
| Read Response | size = 65536, size_out = 7464 |
|
1 | |
| Read Response | size = 65536, size_out = 65536 |
|
1 | |
| Read Response | size = 65536, size_out = 1624 |
|
1 | |
| Read Response | size = 65536, size_out = 65536 |
|
1 | |
| Read Response | size = 65536, size_out = 49804 |
|
1 | |
| Read Response | size = 65536, size_out = 65536 |
|
1 | |
| Read Response | size = 65536, size_out = 7464 |
|
1 | |
| Read Response | size = 65536, size_out = 65536 |
|
1 | |
| Read Response | size = 65536, size_out = 1624 |
|
1 | |
| Read Response | size = 65536, size_out = 65536 |
|
1 | |
| Read Response | size = 65536, size_out = 62944 |
|
1 | |
| Read Response | size = 65536, size_out = 14600 |
|
1 | |
| Read Response | size = 65536, size_out = 65536 |
|
1 | |
| Read Response | size = 65536, size_out = 41044 |
|
1 | |
| Read Response | size = 65536, size_out = 23360 |
|
1 | |
| Read Response | size = 65536, size_out = 65536 |
|
1 | |
| Read Response | size = 65536, size_out = 35204 |
|
1 | |
| Read Response | size = 65536, size_out = 65536 |
|
1 | |
| Read Response | size = 65536, size_out = 8924 |
|
1 | |
| Read Response | size = 65536, size_out = 65536 |
|
1 | |
| Read Response | size = 65536, size_out = 6004 |
|
1 | |
| Read Response | size = 65536, size_out = 65536 |
|
2 | |
| Read Response | size = 65536, size_out = 17848 |
|
1 | |
| Read Response | size = 65536, size_out = 1460 |
|
3 | |
| Read Response | size = 65536, size_out = 65536 |
|
1 | |
| Read Response | size = 65536, size_out = 22064 |
|
1 | |
| Read Response | size = 65536, size_out = 16060 |
|
1 | |
| Read Response | size = 65536, size_out = 65536 |
|
1 | |
| Read Response | size = 65536, size_out = 52724 |
|
1 | |
| Read Response | size = 65536, size_out = 2920 |
|
1 | |
| Read Response | size = 65536, size_out = 65536 |
|
1 | |
| Read Response | size = 49411, size_out = 8924 |
|
1 | |
| Read Response | size = 40487, size_out = 3752 |
|
1 | |
| Read Response | size = 36735, size_out = 34208 |
|
1 | |
| Read Response | size = 2527, size_out = 2527 |
|
1 | |
| Close Session | - |
|
2 |
HTTP Session #4
| Information | Value |
|---|---|
| Source | Function Log |
| Server Name | www.myswcd.com |
| Server Port | 80 |
| Data Sent | 0.05 KB |
| Data Received | 213.77 KB |
| Operation | Additional Information | Success | Count | Logfile |
|---|---|---|---|---|
| Open Session | access_type = WINHTTP_ACCESS_TYPE_NO_PROXY, proxy_name = WINHTTP_NO_PROXY_NAME, proxy_bypass = WINHTTP_NO_PROXY_BYPASS |
|
1 | |
| Open Connection | protocol = http, server_name = www.myswcd.com, server_port = 80 |
|
1 | |
| Open HTTP Request | http_verb = GET, http_version = HTTP/1.1, target_resource = /vol/v2.exe |
|
1 | |
| Send HTTP Request | headers = host: www.myswcd.com, url = www.myswcd.com/vol/v2.exe |
|
1 | |
| Read Response | size = 4096, size_out = 4096 |
|
1 | |
| Read Response | size = 65536, size_out = 4664 |
|
1 | |
| Read Response | size = 65536, size_out = 65536 |
|
1 | |
| Read Response | size = 65536, size_out = 39584 |
|
1 | |
| Read Response | size = 65536, size_out = 65536 |
|
1 | |
| Read Response | size = 39481, size_out = 7464 |
|
1 | |
| Read Response | size = 32017, size_out = 32017 |
|
1 | |
| Close Session | - |
|
2 |
HTTP Session #5
| Information | Value |
|---|---|
| Source | PCAP |
| User Agent | Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko |
| Stream ID | 1 |
| Server Name | 0x0x.co |
| Server Port | 80 |
| Data Sent | 0.81 KB |
| Data Received | 0.56 KB |
| Time | Operation | Additional Information | Success |
|---|---|---|---|
| 53.714649 s | Open Connection | protocol = http, server_name = 0x0x.co, server_port = 80 |
|
| 53.714649 s | Open HTTP Request | http_verb = POST, http_version = HTTP/1.1, target_resource = /ver.php |
|
| 53.714649 s | Send HTTP Request | headers = host: 0x0x.co, content_type: application/x-www-form-urlencoded, content_length: 1887, accept: text/html, application/xhtml+xml, */*, user_agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko, url = http://0x0x.co/ver.php |
|
| 53.912873 s | Read Response | HTTP Status Code = 404 |
|
HTTP Session #6
| Information | Value |
|---|---|
| Source | PCAP |
| User Agent | Mozilla/5.0 (Windows NT 6.3; rv:40.0) Gecko/20100101 Firefox/49.0 |
| Stream ID | 4 |
| Server Name | api.ipstack.com |
| Server Port | 80 |
| Data Sent | 0.25 KB |
| Data Received | 1.00 KB |
| Time | Operation | Additional Information | Success |
|---|---|---|---|
| 76.284596 s | Open Connection | protocol = http, server_name = api.ipstack.com, server_port = 80 |
|
| 76.284596 s | Open HTTP Request | http_verb = GET, http_version = HTTP/1.1, target_resource = /check?access_key=5fe547c4ec9ffabae465e7864d212dc4&output=xml |
|
| 76.284596 s | Send HTTP Request | headers = host: api.ipstack.com, user_agent: Mozilla/5.0 (Windows NT 6.3; rv:40.0) Gecko/20100101 Firefox/49.0, url = http://api.ipstack.com/check?access_key=5fe547c4ec9ffabae465e7864d212dc4&output=xml |
|
| 76.493997 s | Read Response | HTTP Status Code = 200 |
|
