Comnie dropper | Network
Try VMRay Analyzer
VTI SCORE: 95/100
Dynamic Analysis Report
Classification: Trojan, Dropper

ea4a4162cd6ffad02d142c48067c1239253f688b8f163fd2887229d8a3240253 (SHA256)

addin.xlam.xls

Excel Document

Created at 2018-08-05 19:41:00

Hosts (2)
»
Hostname IP Address Location Protocols Reputation Status WHOIS Data
- 157.56.120.207 - UDP
Not Queried
Not Queried
- 51.144.52.224 - TCP
Not Queried
Not Queried

Connections

TCP Sessions (1)
»
Information Value
Total Data Sent 0.11 KB
Total Data Received 0.05 KB
Contacted Host Count 1
Contacted Hosts 51.144.52.224
TCP Session #1
»
Information Value
Source PCAP
Stream ID 10
Remote Address 51.144.52.224
Remote Port 443
Local Address 192.168.0.222
Local Port 49693
Data Sent 0.11 KB
Data Received 0.05 KB
Time Highest Layer Additional Information Success
79.549780 s TCP Data Sent: 0.05 KB, Data Received: 0.05 KB True
79.579231 s TCP Data Sent: 0.05 KB, Data Received: 0.00 KB False
UDP Sessions (1)
»
Total Data Sent 2.97 KB
Total Data Received 2.97 KB
Contacted Host Count 1
Contacted Hosts 157.56.120.207
UDP Session #1
»
Information Value
Source PCAP
Stream ID 0
Remote Address 157.56.120.207
Remote Port 3544
Local Address 192.168.0.222
Local Port 61031
Data Sent 2.97 KB
Data Received 2.97 KB
Time Highest Layer Additional Information Success
0.862349 s IPV6 Data Sent: 0.10 KB, Data Received: 0.10 KB True
5.800858 s IPV6 Data Sent: 0.10 KB, Data Received: 0.10 KB True
12.552157 s IPV6 Data Sent: 0.10 KB, Data Received: 0.10 KB True
14.598076 s IPV6 Data Sent: 0.10 KB, Data Received: 0.10 KB True
17.136373 s IPV6 Data Sent: 0.10 KB, Data Received: 0.10 KB True
19.542936 s IPV6 Data Sent: 0.10 KB, Data Received: 0.10 KB True
25.816075 s IPV6 Data Sent: 0.10 KB, Data Received: 0.10 KB True
28.975236 s IPV6 Data Sent: 0.10 KB, Data Received: 0.10 KB True
30.569077 s IPV6 Data Sent: 0.10 KB, Data Received: 0.10 KB True
35.210869 s IPV6 Data Sent: 0.10 KB, Data Received: 0.10 KB True
37.210058 s IPV6 Data Sent: 0.10 KB, Data Received: 0.10 KB True
40.086338 s IPV6 Data Sent: 0.10 KB, Data Received: 0.10 KB True
47.148875 s IPV6 Data Sent: 0.10 KB, Data Received: 0.10 KB True
48.735003 s IPV6 Data Sent: 0.10 KB, Data Received: 0.10 KB True
52.279052 s IPV6 Data Sent: 0.10 KB, Data Received: 0.10 KB True
58.717331 s IPV6 Data Sent: 0.10 KB, Data Received: 0.10 KB True
60.712977 s IPV6 Data Sent: 0.10 KB, Data Received: 0.10 KB True
63.574816 s IPV6 Data Sent: 0.10 KB, Data Received: 0.10 KB True
65.579210 s IPV6 Data Sent: 0.10 KB, Data Received: 0.10 KB True
70.225867 s IPV6 Data Sent: 0.10 KB, Data Received: 0.10 KB True
72.228820 s IPV6 Data Sent: 0.10 KB, Data Received: 0.10 KB True
75.076932 s IPV6 Data Sent: 0.10 KB, Data Received: 0.10 KB True
81.713754 s IPV6 Data Sent: 0.10 KB, Data Received: 0.10 KB True
83.716482 s IPV6 Data Sent: 0.10 KB, Data Received: 0.10 KB True
86.688691 s IPV6 Data Sent: 0.10 KB, Data Received: 0.10 KB True
88.569728 s IPV6 Data Sent: 0.10 KB, Data Received: 0.10 KB True
93.796287 s IPV6 Data Sent: 0.10 KB, Data Received: 0.10 KB True
98.573950 s IPV6 Data Sent: 0.10 KB, Data Received: 0.10 KB True
100.583908 s IPV6 Data Sent: 0.10 KB, Data Received: 0.10 KB True
105.433439 s IPV6 Data Sent: 0.10 KB, Data Received: 0.10 KB True
107.257733 s IPV6 Data Sent: 0.10 KB, Data Received: 0.10 KB True
Function Logfile
Exit-Icon

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".


    
Before

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".


    
After

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".


    
Screenshot
Expand-Icon
Exit-Icon
icon_left
icon_left
image