192.168.71.131
|
1.5 |
VIEW 1 |
- 85.92.158.75 (85-92-158-75.Reasonnet.Com), Country: Netherlands (Nl), City: (Unknown City).
- 72.55.140.184 (Ip-72-55-140-184.Static.Privatedns.Com), Country: Canada (Ca), City: Montreal.
|
- 1:2008371 {tcp} C&C Communication: ET MALWARE Likely Ad-ware installation phoning home (success and NSISDL User-Agent); 3195->80
- 1:2008279 (2) {tcp} C&C Communication: ET MALWARE ZenoSearch Spyware User-Agent; 3194->80
- 777:7777005 (3) {tcp} Outbound Scan: Detected intense non-malware port scanning of 21 IPs (18 /24s) (# pkts S/M/O/I=193/0/17/24): 53u:31, 80:162, 67u:14, 443:3
- 1:2600098 {udp} Attack Prep: SPYWARE-DNS DNS lookup 10 chars (.com); 1026->53
- 1:2600110 {udp} Attack Prep: SPYWARE-DNS DNS lookup 14 chars (.com); 1026->53
- 1:2600144 {udp} Attack Prep: SPYWARE-DNS DNS lookup 6 chars (.com); 1026->53
|