RTF Doc. Uses CVE-2017-8759 Exploit to Execute Code | Network
Try VMRay Analyzer
Connection Overview
Remarks
Critical The sample contacted only unknown URLs.

Hosts (1)
-
Host Country City Protocols Reputation Status
www.samyrai777m.p-host.in (185.211.244.133) Russian Federation - HTTP, DNS, TCP
Unknown
URL (1)
-
URL Connection Successful Reputation Status
www.samyrai777m.p-host.in/t/tp.php?thread=0 True
Unknown
Connections
DNS (1)
+
Operation Additional Information Success Count Logfile
Resolve Name host = www.samyrai777m.p-host.in, address_out = 185.211.244.133 True 1
Fn
TCP Sessions (1)
+
Information Value
Total Data Sent 0.09 KB (92 bytes)
Total Data Received 1.21 KB (1240 bytes)
Contacted Host Count 1
Contacted Hosts 185.211.244.133:80
TCP Session #1
+
Information Value
Handle 0xb94
Address Family AF_INET
Type SOCK_STREAM
Protocol IPPROTO_TCP
Remote Address 185.211.244.133
Remote Port 80
Local Address 0.0.0.0
Local Port 1984
Data Sent 0.09 KB (92 bytes)
Data Received 1.21 KB (1240 bytes)
Operations
Operation Additional Information Success Count Logfile
Create protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM True 1
Fn
Connect remote_address = 185.211.244.133, remote_port = 80 True 1
Fn
Send flags = NO_FLAG_SET, size = 92, size_out = 92 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 4096, size_out = 1240 True 1
Fn
Data
HTTP Sessions (1)
+
Information Value
Total Data Sent 0.09 KB (92 bytes)
Total Data Received 1.21 KB (1240 bytes)
Contacted Host Count 1
Contacted Hosts www.samyrai777m.p-host.in
HTTP Session #1
+
Information Value
Server Name www.samyrai777m.p-host.in
Server Port 80
Data Sent 0.09 KB (92 bytes)
Data Received 1.21 KB (1240 bytes)
Operations
Operation Additional Information Success Count Logfile
Open Session access_type = WINHTTP_ACCESS_TYPE_NO_PROXY, proxy_name = WINHTTP_NO_PROXY_NAME, proxy_bypass = WINHTTP_NO_PROXY_BYPASS True 1
Fn
Open Connection protocol = http, server_name = www.samyrai777m.p-host.in, server_port = 80 True 1
Fn
Open HTTP Request http_verb = GET, http_version = HTTP/1.1, target_resource = /t/tp.php?thread=0 True 1
Fn
Send HTTP Request headers = host: www.samyrai777m.p-host.in, connection: Keep-Alive, url = www.samyrai777m.p-host.in/t/tp.php?thread=0 True 1
Fn
Data
Read Response size = 4096, size_out = 1240 True 1
Fn
Data
Function Logfile
Download-Icon
Exit-Icon

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy". 


     

    

    

     

      
       

        
        
        
        
       

      
      
      
     

    

   

   

    

     
     

      Screenshot
     

     

      Expand-Icon
     

     

      Exit-Icon
     

    

    

     

      icon_left
     

     

      icon_left
     

    

    

    

    

     image