Network Analysis

Download pcap
Hosts 0 DNS 0 TCP 0 UDP 0 HTTP 0 ICMP 0 IRC 0 Suricata Snort
IP Address Status Action VT Location
No hosts contacted.
Name Response Post-Analysis Lookup
No hosts contacted.

No traffic

No traffic

No traffic

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

Flow SID Signature Category
UDP 192.168.168.222:55628 -> 8.8.8.8:53 2054170 ET INFO External IP Lookup Domain in DNS Lookup (whatismyipaddress .com) Device Retrieving External IP Address Detected
UDP 192.168.168.222:55936 -> 8.8.8.8:53 2829498 ETPRO MALWARE GandCrab DNS Lookup 1 A Network Trojan was detected
UDP 192.168.168.222:55936 -> 8.8.8.8:53 2017645 ET INFO DNS Query Domain .bit Potentially Bad Traffic
UDP 192.168.168.222:55937 -> 8.8.8.8:53 2829498 ETPRO MALWARE GandCrab DNS Lookup 1 A Network Trojan was detected
UDP 192.168.168.222:55937 -> 8.8.8.8:53 2017645 ET INFO DNS Query Domain .bit Potentially Bad Traffic
UDP 192.168.168.222:55938 -> 8.8.8.8:53 2829498 ETPRO MALWARE GandCrab DNS Lookup 1 A Network Trojan was detected
UDP 192.168.168.222:55938 -> 8.8.8.8:53 2017645 ET INFO DNS Query Domain .bit Potentially Bad Traffic
UDP 192.168.168.222:55939 -> 8.8.8.8:53 2829498 ETPRO MALWARE GandCrab DNS Lookup 1 A Network Trojan was detected
UDP 192.168.168.222:55939 -> 8.8.8.8:53 2017645 ET INFO DNS Query Domain .bit Potentially Bad Traffic
UDP 192.168.168.222:64525 -> 8.8.8.8:53 2829500 ETPRO MALWARE GandCrab DNS Lookup 3 A Network Trojan was detected
UDP 192.168.168.222:64525 -> 8.8.8.8:53 2017645 ET INFO DNS Query Domain .bit Potentially Bad Traffic
UDP 192.168.168.222:64526 -> 8.8.8.8:53 2829500 ETPRO MALWARE GandCrab DNS Lookup 3 A Network Trojan was detected
UDP 192.168.168.222:64526 -> 8.8.8.8:53 2017645 ET INFO DNS Query Domain .bit Potentially Bad Traffic
UDP 192.168.168.222:64527 -> 8.8.8.8:53 2829500 ETPRO MALWARE GandCrab DNS Lookup 3 A Network Trojan was detected
UDP 192.168.168.222:64527 -> 8.8.8.8:53 2017645 ET INFO DNS Query Domain .bit Potentially Bad Traffic
UDP 192.168.168.222:64528 -> 8.8.8.8:53 2829500 ETPRO MALWARE GandCrab DNS Lookup 3 A Network Trojan was detected
UDP 192.168.168.222:64528 -> 8.8.8.8:53 2017645 ET INFO DNS Query Domain .bit Potentially Bad Traffic

Suricata TLS

No Suricata TLS

Snort Alerts

Flow SID Message
UDP 192.168.168.222:55628 -> 8.8.8.8:53 2054170 ET INFO External IP Lookup Domain in DNS Lookup (whatismyipaddress .com)
UDP 192.168.168.222:55936 -> 8.8.8.8:53 2017645 ET INFO DNS Query Domain .bit
UDP 192.168.168.222:55937 -> 8.8.8.8:53 2017645 ET INFO DNS Query Domain .bit
UDP 192.168.168.222:55938 -> 8.8.8.8:53 2017645 ET INFO DNS Query Domain .bit
UDP 192.168.168.222:55939 -> 8.8.8.8:53 2017645 ET INFO DNS Query Domain .bit
UDP 192.168.168.222:64525 -> 8.8.8.8:53 2017645 ET INFO DNS Query Domain .bit
UDP 192.168.168.222:64526 -> 8.8.8.8:53 2017645 ET INFO DNS Query Domain .bit
UDP 192.168.168.222:64527 -> 8.8.8.8:53 2017645 ET INFO DNS Query Domain .bit
UDP 192.168.168.222:64528 -> 8.8.8.8:53 2017645 ET INFO DNS Query Domain .bit
Cuckoo

We're processing your submission... This could take a few seconds.