e7dc2321...6d47 | Network
Try VMRay Analyzer
VTI SCORE: 100/100
Dynamic Analysis Report
Classification:
Ransomware
Dropper
Backdoor
Threat Names:
Gen:Trojan.Heur.2T0@rmnKOxoi

General

Total Sent: 26.45 KB
Total Received: 1.92 MB
2 ports: 80 , 443
5 contacted IP addresses
0 URLs extracted
0 files downloaded
0 malicious hosts detected

DNS

10 DNS requests for 4 domains
1 nameserver contacted
0 total requests returned errors

HTTP/S

9 URLs contacted, 3 servers
9 sessions, sending 15.33 KB, receiving 5.62 KB

4 Hosts

api.db-ip.com80, 53
dosyaupload.tech53, 443
mzrevenge.ga80, 53
api.ipify.org80, 53
HTTP Requests (6)DNS Requests (6)TCP Sessions (5)
GEThttp://api.db-ip.com/v2/free/95.222.165.118/continentCode200104.26.5.1580-
Unknown
GEThttp://api.db-ip.com/v2/free/95.222.165.118/continentName200104.26.5.1580-
Unknown
GEThttp://api.db-ip.com/v2/free/95.222.165.118/countryCode200104.26.5.1580-
Unknown
GEThttp://api.db-ip.com/v2/free/95.222.165.118/countryName200104.26.5.1580-
Unknown
GEThttp://api.db-ip.com/v2/free/95.222.165.118/stateProv200104.26.5.1580-
Unknown
GEThttp://api.db-ip.com/v2/free/95.222.165.118/city200104.26.5.1580-
Unknown
RequestResponseFunction Logs (2)Stream (3)

Request Headers

Timestamp102.911000
URLhttp://api.db-ip.com/v2/free/95.222.165.118/continentCode
Version1.1
MethodGET
Hostapi.db-ip.com
Accepttext/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
User-AgentMozilla/3.0 (compatible; Indy Library)

URL Reputation

Reputation
Unknown
Function Logfile
Exit-Icon

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".


    
Before

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".


    
After

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".


    
Screenshot
Expand-Icon
Exit-Icon
icon_left
icon_left
image