GandCrab Ransomware | Network
Try VMRay Analyzer
Connection Overview
Remarks
Critical The sample tried to contact a known suspicious URL.

Remote Hosts (3)
-
Host Country City Protocols Reputation Status
ipv4bot.whatismyipaddress.com (66.171.248.178) United States Los Angeles HTTP, TCP
Unknown
a.dnspod.com (101.226.79.205, 112.90.141.215) China Shanghai DNS, UDP
Unknown
78.155.206.6 Russian Federation - HTTP, TCP
Unknown
URL (2)
-
URL Connection Successful Reputation Status
78.155.206.6/curl.php?token=1019 True
Suspicious
ipv4bot.whatismyipaddress.com/ True
Unknown
Connections
DNS (10)
+
Operation Additional Information Success Count Logfile
Get Hostname name_out = LHnIwsj True 1
Fn
Get Hostname name_out = LHnIwsj True 1
Fn
Get Hostname name_out = LHnIwsj True 1
Fn
Get Hostname name_out = LHnIwsj True 1
Fn
Get Hostname name_out = LHnIwsj True 1
Fn
Resolve Name host = a.dnspod.com, address_out = 101.226.79.205, 112.90.141.215 True 1
Fn
Resolve Name host = a.dnspod.com, address_out = 112.90.141.215 True 1
Fn
Resolve Name host = a.dnspod.com, address_out = 112.90.141.215 True 1
Fn
Resolve Name host = a.dnspod.com, address_out = 112.90.141.215 True 1
Fn
Resolve Name host = a.dnspod.com, address_out = 112.90.141.215 True 1
Fn
UDP Sessions (15)
+
Information Value
Total Data Sent 0.51 KB (525 bytes)
Total Data Received 1.09 KB (1120 bytes)
Contacted Host Count 2
Contacted Hosts 112.90.141.215:53, 101.226.79.205:53
UDP Session #1
+
Information Value
Handle 0x19c
Address Family AF_INET
Type SOCK_DGRAM
Protocol IPPROTO_IP
Local Address -
Local Port -
Data Sent 0.04 KB (45 bytes)
Data Received 0.00 KB (0 bytes)
Operations
Operation Additional Information Success Count Logfile
Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_DGRAM True 1
Fn
Connect remote_address = 112.90.141.215, remote_port = 53 False 1
Fn
Send flags = NO_FLAG_SET, size = 45, size_out = 45 True 1
Fn
Data
Close type = SOCK_DGRAM True 1
Fn
UDP Session #2
+
Information Value
Handle 0x19c
Address Family AF_INET
Type SOCK_DGRAM
Protocol IPPROTO_IP
Local Address -
Local Port -
Data Sent 0.03 KB (30 bytes)
Data Received 0.12 KB (124 bytes)
Operations
Operation Additional Information Success Count Logfile
Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_DGRAM True 1
Fn
Connect remote_address = 112.90.141.215, remote_port = 53 False 1
Fn
Send flags = NO_FLAG_SET, size = 30, size_out = 30 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 65536, size_out = 124 True 1
Fn
Data
Close type = SOCK_DGRAM True 1
Fn
UDP Session #3
+
Information Value
Handle 0x19c
Address Family AF_INET
Type SOCK_DGRAM
Protocol IPPROTO_IP
Local Address -
Local Port -
Data Sent 0.03 KB (30 bytes)
Data Received 0.10 KB (100 bytes)
Operations
Operation Additional Information Success Count Logfile
Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_DGRAM True 1
Fn
Connect remote_address = 112.90.141.215, remote_port = 53 False 1
Fn
Send flags = NO_FLAG_SET, size = 30, size_out = 30 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 65536, size_out = 100 True 1
Fn
Data
Close type = SOCK_DGRAM True 1
Fn
UDP Session #4
+
Information Value
Handle 0x190
Address Family AF_INET
Type SOCK_DGRAM
Protocol IPPROTO_IP
Local Address -
Local Port -
Data Sent 0.04 KB (45 bytes)
Data Received 0.00 KB (0 bytes)
Operations
Operation Additional Information Success Count Logfile
Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_DGRAM True 1
Fn
Connect remote_address = 101.226.79.205, remote_port = 53 False 1
Fn
Send flags = NO_FLAG_SET, size = 45, size_out = 45 True 1
Fn
Data
Close type = SOCK_DGRAM True 1
Fn
UDP Session #5
+
Information Value
Handle 0x190
Address Family AF_INET
Type SOCK_DGRAM
Protocol IPPROTO_IP
Local Address -
Local Port -
Data Sent 0.03 KB (30 bytes)
Data Received 0.12 KB (124 bytes)
Operations
Operation Additional Information Success Count Logfile
Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_DGRAM True 1
Fn
Connect remote_address = 101.226.79.205, remote_port = 53 False 1
Fn
Send flags = NO_FLAG_SET, size = 30, size_out = 30 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 65536, size_out = 124 True 1
Fn
Data
Close type = SOCK_DGRAM True 1
Fn
UDP Session #6
+
Information Value
Handle 0x190
Address Family AF_INET
Type SOCK_DGRAM
Protocol IPPROTO_IP
Local Address -
Local Port -
Data Sent 0.03 KB (30 bytes)
Data Received 0.10 KB (100 bytes)
Operations
Operation Additional Information Success Count Logfile
Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_DGRAM True 1
Fn
Connect remote_address = 101.226.79.205, remote_port = 53 False 1
Fn
Send flags = NO_FLAG_SET, size = 30, size_out = 30 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 65536, size_out = 100 True 1
Fn
Data
Close type = SOCK_DGRAM True 1
Fn
UDP Session #7
+
Information Value
Handle 0x19c
Address Family AF_INET
Type SOCK_DGRAM
Protocol IPPROTO_IP
Local Address -
Local Port -
Data Sent 0.04 KB (45 bytes)
Data Received 0.00 KB (0 bytes)
Operations
Operation Additional Information Success Count Logfile
Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_DGRAM True 1
Fn
Connect remote_address = 112.90.141.215, remote_port = 53 False 1
Fn
Send flags = NO_FLAG_SET, size = 45, size_out = 45 True 1
Fn
Data
Close type = SOCK_DGRAM True 1
Fn
UDP Session #8
+
Information Value
Handle 0x19c
Address Family AF_INET
Type SOCK_DGRAM
Protocol IPPROTO_IP
Local Address -
Local Port -
Data Sent 0.03 KB (30 bytes)
Data Received 0.12 KB (124 bytes)
Operations
Operation Additional Information Success Count Logfile
Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_DGRAM True 1
Fn
Connect remote_address = 112.90.141.215, remote_port = 53 False 1
Fn
Send flags = NO_FLAG_SET, size = 30, size_out = 30 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 65536, size_out = 124 True 1
Fn
Data
Close type = SOCK_DGRAM True 1
Fn
UDP Session #9
+
Information Value
Handle 0x19c
Address Family AF_INET
Type SOCK_DGRAM
Protocol IPPROTO_IP
Local Address -
Local Port -
Data Sent 0.03 KB (30 bytes)
Data Received 0.10 KB (100 bytes)
Operations
Operation Additional Information Success Count Logfile
Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_DGRAM True 1
Fn
Connect remote_address = 112.90.141.215, remote_port = 53 False 1
Fn
Send flags = NO_FLAG_SET, size = 30, size_out = 30 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 65536, size_out = 100 True 1
Fn
Data
Close type = SOCK_DGRAM True 1
Fn
UDP Session #10
+
Information Value
Handle 0x190
Address Family AF_INET
Type SOCK_DGRAM
Protocol IPPROTO_IP
Local Address -
Local Port -
Data Sent 0.04 KB (45 bytes)
Data Received 0.00 KB (0 bytes)
Operations
Operation Additional Information Success Count Logfile
Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_DGRAM True 1
Fn
Connect remote_address = 112.90.141.215, remote_port = 53 False 1
Fn
Send flags = NO_FLAG_SET, size = 45, size_out = 45 True 1
Fn
Data
Close type = SOCK_DGRAM True 1
Fn
UDP Session #11
+
Information Value
Handle 0x190
Address Family AF_INET
Type SOCK_DGRAM
Protocol IPPROTO_IP
Local Address -
Local Port -
Data Sent 0.03 KB (30 bytes)
Data Received 0.12 KB (124 bytes)
Operations
Operation Additional Information Success Count Logfile
Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_DGRAM True 1
Fn
Connect remote_address = 112.90.141.215, remote_port = 53 False 1
Fn
Send flags = NO_FLAG_SET, size = 30, size_out = 30 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 65536, size_out = 124 True 1
Fn
Data
Close type = SOCK_DGRAM True 1
Fn
UDP Session #12
+
Information Value
Handle 0x190
Address Family AF_INET
Type SOCK_DGRAM
Protocol IPPROTO_IP
Local Address -
Local Port -
Data Sent 0.03 KB (30 bytes)
Data Received 0.10 KB (100 bytes)
Operations
Operation Additional Information Success Count Logfile
Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_DGRAM True 1
Fn
Connect remote_address = 112.90.141.215, remote_port = 53 False 1
Fn
Send flags = NO_FLAG_SET, size = 30, size_out = 30 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 65536, size_out = 100 True 1
Fn
Data
Close type = SOCK_DGRAM True 1
Fn
UDP Session #13
+
Information Value
Handle 0x190
Address Family AF_INET
Type SOCK_DGRAM
Protocol IPPROTO_IP
Local Address -
Local Port -
Data Sent 0.04 KB (45 bytes)
Data Received 0.00 KB (0 bytes)
Operations
Operation Additional Information Success Count Logfile
Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_DGRAM True 1
Fn
Connect remote_address = 112.90.141.215, remote_port = 53 False 1
Fn
Send flags = NO_FLAG_SET, size = 45, size_out = 45 True 1
Fn
Data
Close type = SOCK_DGRAM True 1
Fn
UDP Session #14
+
Information Value
Handle 0x190
Address Family AF_INET
Type SOCK_DGRAM
Protocol IPPROTO_IP
Local Address -
Local Port -
Data Sent 0.03 KB (30 bytes)
Data Received 0.12 KB (124 bytes)
Operations
Operation Additional Information Success Count Logfile
Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_DGRAM True 1
Fn
Connect remote_address = 112.90.141.215, remote_port = 53 False 1
Fn
Send flags = NO_FLAG_SET, size = 30, size_out = 30 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 65536, size_out = 124 True 1
Fn
Data
Close type = SOCK_DGRAM True 1
Fn
UDP Session #15
+
Information Value
Handle 0x190
Address Family AF_INET
Type SOCK_DGRAM
Protocol IPPROTO_IP
Local Address -
Local Port -
Data Sent 0.03 KB (30 bytes)
Data Received 0.10 KB (100 bytes)
Operations
Operation Additional Information Success Count Logfile
Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_DGRAM True 1
Fn
Connect remote_address = 112.90.141.215, remote_port = 53 False 1
Fn
Send flags = NO_FLAG_SET, size = 30, size_out = 30 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 65536, size_out = 100 True 1
Fn
Data
Close type = SOCK_DGRAM True 1
Fn
HTTP Sessions (8)
+
Information Value
Total Data Sent 2.24 KB (2290 bytes)
Total Data Received 16.78 KB (17187 bytes)
Contacted Host Count 2
Contacted Hosts ipv4bot.whatismyipaddress.com, 78.155.206.6
HTTP Session #1
+
Information Value
User Agent Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Server Name ipv4bot.whatismyipaddress.com
Server Port 80
Data Sent 0.29 KB (295 bytes)
Data Received 0.01 KB (14 bytes)
Operations
Operation Additional Information Success Count Logfile
Open Session user_agent = Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36, access_type = INTERNET_OPEN_TYPE_DIRECT True 1
Fn
Open Connection protocol = HTTP, server_name = ipv4bot.whatismyipaddress.com, server_port = 80 True 1
Fn
Open HTTP Request http_verb = GET, http_version = HTTP/1.1, target_resource = /, accept_types = 0, flags = INTERNET_FLAG_PRAGMA_NOCACHE, INTERNET_FLAG_NO_UI, INTERNET_FLAG_HYPERLINK, INTERNET_FLAG_IGNORE_CERT_CN_INVALID, INTERNET_FLAG_IGNORE_CERT_DATE_INVALID, INTERNET_FLAG_IGNORE_REDIRECT_TO_HTTPS, INTERNET_FLAG_IGNORE_REDIRECT_TO_HTTP, INTERNET_FLAG_NO_AUTH, INTERNET_FLAG_NO_CACHE_WRITE, INTERNET_FLAG_RELOAD True 1
Fn
Send HTTP Request headers = WINHTTP_NO_ADDITIONAL_HEADERS, url = ipv4bot.whatismyipaddress.com/ True 1
Fn
Read Response size = 10238, size_out = 14 True 1
Fn
Data
Read Response size = 10238, size_out = 0 True 1
Fn
Close Session - True 6
Fn
HTTP Session #2
+
Information Value
User Agent Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Server Name 78.155.206.6
Server Port 80
Data Sent 0.27 KB (281 bytes)
Data Received 5.58 KB (5709 bytes)
Operations
Operation Additional Information Success Count Logfile
Open Session user_agent = Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36, access_type = INTERNET_OPEN_TYPE_DIRECT True 1
Fn
Open Connection protocol = HTTP, server_name = 78.155.206.6, server_port = 80 True 1
Fn
Open HTTP Request http_verb = POST, http_version = HTTP/1.1, target_resource = curl.php?token=1019, accept_types = 0, flags = INTERNET_FLAG_PRAGMA_NOCACHE, INTERNET_FLAG_NO_UI, INTERNET_FLAG_HYPERLINK, INTERNET_FLAG_IGNORE_CERT_CN_INVALID, INTERNET_FLAG_IGNORE_CERT_DATE_INVALID, INTERNET_FLAG_IGNORE_REDIRECT_TO_HTTPS, INTERNET_FLAG_IGNORE_REDIRECT_TO_HTTP, INTERNET_FLAG_NO_AUTH, INTERNET_FLAG_NO_CACHE_WRITE, INTERNET_FLAG_RELOAD True 1
Fn
Send HTTP Request headers = Content-Type: application/x-www-form-urlencoded, url = 78.155.206.6/curl.php?token=1019 True 1
Fn
Data
Read Response size = 10238, size_out = 5709 True 1
Fn
Data
Read Response size = 10238, size_out = 0 True 1
Fn
Close Session - True 6
Fn
HTTP Session #3
+
Information Value
User Agent Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Server Name 78.155.206.6
Server Port 80
Data Sent 0.27 KB (281 bytes)
Data Received 0.01 KB (9 bytes)
Operations
Operation Additional Information Success Count Logfile
Open Session user_agent = Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36, access_type = INTERNET_OPEN_TYPE_DIRECT True 1
Fn
Open Connection protocol = HTTP, server_name = 78.155.206.6, server_port = 80 True 1
Fn
Open HTTP Request http_verb = POST, http_version = HTTP/1.1, target_resource = curl.php?token=1019, accept_types = 0, flags = INTERNET_FLAG_PRAGMA_NOCACHE, INTERNET_FLAG_NO_UI, INTERNET_FLAG_HYPERLINK, INTERNET_FLAG_IGNORE_CERT_CN_INVALID, INTERNET_FLAG_IGNORE_CERT_DATE_INVALID, INTERNET_FLAG_IGNORE_REDIRECT_TO_HTTPS, INTERNET_FLAG_IGNORE_REDIRECT_TO_HTTP, INTERNET_FLAG_NO_AUTH, INTERNET_FLAG_NO_CACHE_WRITE, INTERNET_FLAG_RELOAD True 1
Fn
Send HTTP Request headers = Content-Type: application/x-www-form-urlencoded, url = 78.155.206.6/curl.php?token=1019 True 1
Fn
Data
Read Response size = 10238, size_out = 9 True 1
Fn
Data
Read Response size = 10238, size_out = 0 True 1
Fn
Close Session - True 6
Fn
HTTP Session #4
+
Information Value
User Agent Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Server Name ipv4bot.whatismyipaddress.com
Server Port 80
Data Sent 0.29 KB (295 bytes)
Data Received 0.01 KB (14 bytes)
Operations
Operation Additional Information Success Count Logfile
Open Session user_agent = Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36, access_type = INTERNET_OPEN_TYPE_DIRECT True 1
Fn
Open Connection protocol = HTTP, server_name = ipv4bot.whatismyipaddress.com, server_port = 80 True 1
Fn
Open HTTP Request http_verb = GET, http_version = HTTP/1.1, target_resource = /, accept_types = 0, flags = INTERNET_FLAG_PRAGMA_NOCACHE, INTERNET_FLAG_NO_UI, INTERNET_FLAG_HYPERLINK, INTERNET_FLAG_IGNORE_CERT_CN_INVALID, INTERNET_FLAG_IGNORE_CERT_DATE_INVALID, INTERNET_FLAG_IGNORE_REDIRECT_TO_HTTPS, INTERNET_FLAG_IGNORE_REDIRECT_TO_HTTP, INTERNET_FLAG_NO_AUTH, INTERNET_FLAG_NO_CACHE_WRITE, INTERNET_FLAG_RELOAD True 1
Fn
Send HTTP Request headers = WINHTTP_NO_ADDITIONAL_HEADERS, url = ipv4bot.whatismyipaddress.com/ True 1
Fn
Read Response size = 10238, size_out = 14 True 1
Fn
Data
Read Response size = 10238, size_out = 0 True 1
Fn
Close Session - True 6
Fn
HTTP Session #5
+
Information Value
User Agent Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Server Name 78.155.206.6
Server Port 80
Data Sent 0.27 KB (281 bytes)
Data Received 5.58 KB (5709 bytes)
Operations
Operation Additional Information Success Count Logfile
Open Session user_agent = Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36, access_type = INTERNET_OPEN_TYPE_DIRECT True 1
Fn
Open Connection protocol = HTTP, server_name = 78.155.206.6, server_port = 80 True 1
Fn
Open HTTP Request http_verb = POST, http_version = HTTP/1.1, target_resource = curl.php?token=1019, accept_types = 0, flags = INTERNET_FLAG_PRAGMA_NOCACHE, INTERNET_FLAG_NO_UI, INTERNET_FLAG_HYPERLINK, INTERNET_FLAG_IGNORE_CERT_CN_INVALID, INTERNET_FLAG_IGNORE_CERT_DATE_INVALID, INTERNET_FLAG_IGNORE_REDIRECT_TO_HTTPS, INTERNET_FLAG_IGNORE_REDIRECT_TO_HTTP, INTERNET_FLAG_NO_AUTH, INTERNET_FLAG_NO_CACHE_WRITE, INTERNET_FLAG_RELOAD True 1
Fn
Send HTTP Request headers = Content-Type: application/x-www-form-urlencoded, url = 78.155.206.6/curl.php?token=1019 True 1
Fn
Data
Read Response size = 10238, size_out = 5709 True 1
Fn
Data
Read Response size = 10238, size_out = 0 True 1
Fn
Close Session - True 6
Fn
HTTP Session #6
+
Information Value
User Agent Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Server Name 78.155.206.6
Server Port 80
Data Sent 0.27 KB (281 bytes)
Data Received 0.01 KB (9 bytes)
Operations
Operation Additional Information Success Count Logfile
Open Session user_agent = Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36, access_type = INTERNET_OPEN_TYPE_DIRECT True 1
Fn
Open Connection protocol = HTTP, server_name = 78.155.206.6, server_port = 80 True 1
Fn
Open HTTP Request http_verb = POST, http_version = HTTP/1.1, target_resource = curl.php?token=1019, accept_types = 0, flags = INTERNET_FLAG_PRAGMA_NOCACHE, INTERNET_FLAG_NO_UI, INTERNET_FLAG_HYPERLINK, INTERNET_FLAG_IGNORE_CERT_CN_INVALID, INTERNET_FLAG_IGNORE_CERT_DATE_INVALID, INTERNET_FLAG_IGNORE_REDIRECT_TO_HTTPS, INTERNET_FLAG_IGNORE_REDIRECT_TO_HTTP, INTERNET_FLAG_NO_AUTH, INTERNET_FLAG_NO_CACHE_WRITE, INTERNET_FLAG_RELOAD True 1
Fn
Send HTTP Request headers = Content-Type: application/x-www-form-urlencoded, url = 78.155.206.6/curl.php?token=1019 True 1
Fn
Data
Read Response size = 10238, size_out = 9 True 1
Fn
Data
Read Response size = 10238, size_out = 0 True 1
Fn
Close Session - True 6
Fn
HTTP Session #7
+
Information Value
User Agent Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Server Name ipv4bot.whatismyipaddress.com
Server Port 80
Data Sent 0.29 KB (295 bytes)
Data Received 0.01 KB (14 bytes)
Operations
Operation Additional Information Success Count Logfile
Open Session user_agent = Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36, access_type = INTERNET_OPEN_TYPE_DIRECT True 1
Fn
Open Connection protocol = HTTP, server_name = ipv4bot.whatismyipaddress.com, server_port = 80 True 1
Fn
Open HTTP Request http_verb = GET, http_version = HTTP/1.1, target_resource = /, accept_types = 0, flags = INTERNET_FLAG_PRAGMA_NOCACHE, INTERNET_FLAG_NO_UI, INTERNET_FLAG_HYPERLINK, INTERNET_FLAG_IGNORE_CERT_CN_INVALID, INTERNET_FLAG_IGNORE_CERT_DATE_INVALID, INTERNET_FLAG_IGNORE_REDIRECT_TO_HTTPS, INTERNET_FLAG_IGNORE_REDIRECT_TO_HTTP, INTERNET_FLAG_NO_AUTH, INTERNET_FLAG_NO_CACHE_WRITE, INTERNET_FLAG_RELOAD True 1
Fn
Send HTTP Request headers = WINHTTP_NO_ADDITIONAL_HEADERS, url = ipv4bot.whatismyipaddress.com/ True 1
Fn
Read Response size = 10238, size_out = 14 True 1
Fn
Data
Read Response size = 10238, size_out = 0 True 1
Fn
Close Session - True 4
Fn
HTTP Session #8
+
Information Value
User Agent Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Server Name 78.155.206.6
Server Port 80
Data Sent 0.27 KB (281 bytes)
Data Received 5.58 KB (5709 bytes)
Operations
Operation Additional Information Success Count Logfile
Open Session user_agent = Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36, access_type = INTERNET_OPEN_TYPE_DIRECT True 1
Fn
Open Connection protocol = HTTP, server_name = 78.155.206.6, server_port = 80 True 1
Fn
Open HTTP Request http_verb = POST, http_version = HTTP/1.1, target_resource = curl.php?token=1019, accept_types = 0, flags = INTERNET_FLAG_PRAGMA_NOCACHE, INTERNET_FLAG_NO_UI, INTERNET_FLAG_HYPERLINK, INTERNET_FLAG_IGNORE_CERT_CN_INVALID, INTERNET_FLAG_IGNORE_CERT_DATE_INVALID, INTERNET_FLAG_IGNORE_REDIRECT_TO_HTTPS, INTERNET_FLAG_IGNORE_REDIRECT_TO_HTTP, INTERNET_FLAG_NO_AUTH, INTERNET_FLAG_NO_CACHE_WRITE, INTERNET_FLAG_RELOAD True 1
Fn
Send HTTP Request headers = Content-Type: application/x-www-form-urlencoded, url = 78.155.206.6/curl.php?token=1019 True 1
Fn
Data
Read Response size = 10238, size_out = 5709 True 1
Fn
Data
Read Response size = 10238, size_out = 0 True 1
Fn
Close Session - True 4
Fn
Function Logfile
Download-Icon
Exit-Icon

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy". 


    

   

   

    

     
      

       
       
       
       
      

     
     
     
    

   

  

  

   

    
    

     Screenshot
    

    

     Expand-Icon
    

    

     Exit-Icon
    

   

   

    

     icon_left
    

    

     icon_left
    

   

   

   

   

    image