Network Analysis
| IP Address | Status | Action | VT | Location |
|---|---|---|---|---|
| No hosts contacted. | ||||
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| No hosts contacted. | ||
No traffic
No traffic
GET
200
http://mkkuei4kdsz.com/486/515.html
REQUEST
RESPONSE
BODY
GET /486/515.html HTTP/1.1
From: 133965128315468750
Via: emohgso\sgt>9.7`apfc>5\qcpbo;1`mt?423/_mcz?6f327;`fg5827g843:a:g62;2ee/c51c
Host: mkkuei4kdsz.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 14 Jul 2025 09:58:57 GMT
Content-Type: text/html
Content-Length: 0
Connection: close
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
| Flow | SID | Signature | Category |
|---|---|---|---|
| UDP 192.168.168.218:64301 -> 8.8.8.8:53 | 91551352 | ThreatFox botnet C2 traffic (domain - confidence level: 100%) | A Network Trojan was detected |
| TCP 192.168.168.218:49245 -> 3.238.30.69:80 | 2015786 | ET MALWARE Ransom.Win32.Birele.gsg Checkin | Malware Command and Control Activity Detected |
| TCP 192.168.168.218:49245 -> 3.238.30.69:80 | 91509693 | ThreatFox botnet C2 traffic (url - confidence level: 75%) | A Network Trojan was detected |
Suricata TLS
No Suricata TLS
Snort Alerts
No Snort Alerts
