Analysis Report
Overview
General Information |
---|
Joe Sandbox Version: | 18.0.0 |
Analysis ID: | 210282 |
Start time: | 14:24:50 |
Joe Sandbox Product: | Cloud |
Start date: | 25.01.2017 |
Overall analysis duration: | 0h 3m 40s |
Report type: | full |
Sample file name: | bankbot |
Cookbook file name: | defaultandroidfilecookbook.jbs |
Analysis system description: | Android x86 5.1 |
Detection: | MAL |
Classification: | mal68.evad.spyw.bank.and@0/235@6/0 |
Warnings: | Show All
|
Detection |
---|
Strategy | Score | Range | Reporting | Detection | |
---|---|---|---|---|---|
Threshold | 68 | 0 - 100 | Report FP / FN |
Classification |
---|
Signature Overview |
---|
Click to jump to signature section
Change of System Appearance: |
---|
Acquires a wake lock | Show sources |
Source: com.example.livemusay.foxgood.fgjhdghjghjghj;->onHandleIntent:24 | API Call: | ||
Source: com.example.livemusay.foxgood.ioluyjtgrthth;->a:33 | API Call: |
Mutes ringtone sound | Show sources |
Source: com.example.livemusay.foxgood.ioluyjtgrthth;->a:276 | API Call: | ||
Source: com.example.livemusay.foxgood.ioluyjtgrthth;->a:484 | API Call: | ||
Source: com.example.livemusay.foxgood.iukyjhtrgrf;->onCreate:66 | API Call: | ||
Source: com.example.livemusay.foxgood.oluyjtrghyjuilfj;->a:88 | API Call: | ||
Source: com.example.livemusay.foxgood.oluyjtrghyjuilfj;->a:209 | API Call: | ||
Source: com.example.livemusay.foxgood.oluyjtrghyjuilfj;->a:337 | API Call: | ||
Source: com.example.livemusay.foxgood.uiyjhtrgyukioluyhtrg;->a:86 | API Call: | ||
Source: com.example.livemusay.foxgood.uiyjhtrgyukioluyhtrg;->a:116 | API Call: |
Sets a repeating alarm | Show sources |
Source: com.example.livemusay.foxgood.fgjhdghjghjghj;->onHandleIntent:38 | API Call: | ||
Source: com.example.livemusay.foxgood.ioluyjtgrthth;->a:351 | API Call: | ||
Source: com.example.livemusay.foxgood.olukyjhtrgthyjukilgkjf;->onReceive:66 | API Call: | ||
Source: com.example.livemusay.foxgood.olukyjhtrgthyjukilgkjf;->onReceive:82 | API Call: | ||
Source: com.example.livemusay.foxgood.ukyjhtrgfdfghnj;->onCreate:15 | API Call: |
May access the Android keyguard (lock screen) | Show sources |
Source: classes.dex | String found in binary or memory: | ||
Source: classes.dex | String found in binary or memory: | ||
Source: classes.dex | String found in binary or memory: | ||
Source: android | String found in binary or memory: |
Location Tracing: |
---|
Queries the phones location (GPS) | Show sources |
Source: com.example.livemusay.foxgood.oilufyjhtghyjukfhg;->b:43 | API Call: | ||
Source: com.example.livemusay.foxgood.oilufyjhtghyjukfhg;->b:45 | API Call: | ||
Source: com.example.livemusay.foxgood.yujtyfghfghdfgh;->b:62 | API Call: | ||
Source: com.example.livemusay.foxgood.yujtyfghfghdfgh;->b:64 | API Call: |
Spam, unwanted Advertisements and Ransom Demands: |
---|
Dials phone numbers | Show sources |
Source: com.example.livemusay.foxgood.iukyjhtrgrf;->onCreate:39 | API Call: |
Has permission to perform phone calls in the background | Show sources |
Source: submitted apk | Request permission: |
Has permission to send SMS in the background | Show sources |
Source: submitted apk | Request permission: |
Has permission to write to the SMS storage | Show sources |
Source: submitted apk | Request permission: |
Sends SMS using SmsManager | Show sources |
Source: com.example.livemusay.foxgood.ioluyjtgrthth;->a:237 | API Call: | ||
Source: com.example.livemusay.foxgood.oluyjtrghyjuilfj;->a:169 | API Call: | ||
Source: com.example.livemusay.foxgood.uiyjhtrgyukioluyhtrg;->a:83 | API Call: |
Detailed /proc access | Show sources |
Source: Lcom/example/livemusay/foxgood/ghdghsfghfghfgh;->a(Ljava/lang/String;)[Ljava/lang/String; | Method string: |
May check for popular installed apps | Show sources |
Privilege Escalation: |
---|
Checks if the device administrator is active | Show sources |
Source: com.example.livemusay.foxgood.fgjhdghjghjghj;->onHandleIntent:45 | API Call: | ||
Source: com.example.livemusay.foxgood.a;->a:17 | API Call: | ||
Source: com.example.livemusay.foxgood.ioluyjtgrthth;->a:79 | API Call: |
Tries to add a new device administrator | Show sources |
Source: com.example.livemusay.foxgood.sfghdfghfghfgh;->onCreate:8 | API Call: |
E-Banking Fraud: |
---|
Contains package name strings related to banking (usually for identifying banking APKs) | Show sources |
Source: Lcom/example/livemusay/foxgood/ioluyjtgrthth;->b()Ljava/lang/String; | Method String: |
Found strings which match to known bank urls | Show sources |
Source: android | String found in binary or memory: | ||
Source: classes.dex, android | String found in binary or memory: | ||
Source: classes.dex, android | String found in binary or memory: | ||
Source: classes.dex, android | String found in binary or memory: | ||
Source: android | String found in binary or memory: | ||
Source: classes.dex, android | String found in binary or memory: | ||
Source: classes.dex, android | String found in binary or memory: | ||
Source: classes.dex, android | String found in binary or memory: | ||
Source: classes.dex, android | String found in binary or memory: | ||
Source: classes.dex, android | String found in binary or memory: | ||
Source: classes.dex, android | String found in binary or memory: | ||
Source: classes.dex, android | String found in binary or memory: | ||
Source: classes.dex, android | String found in binary or memory: | ||
Source: classes.dex, android | String found in binary or memory: | ||
Source: classes.dex, android | String found in binary or memory: | ||
Source: classes.dex, android | String found in binary or memory: | ||
Source: classes.dex, android | String found in binary or memory: | ||
Source: classes.dex, android | String found in binary or memory: | ||
Source: classes.dex, android | String found in binary or memory: | ||
Source: classes.dex, android | String found in binary or memory: | ||
Source: classes.dex, android | String found in binary or memory: | ||
Source: classes.dex, android | String found in binary or memory: | ||
Source: classes.dex, android | String found in binary or memory: | ||
Source: classes.dex, android | String found in binary or memory: | ||
Source: classes.dex, android | String found in binary or memory: | ||
Source: classes.dex, android | String found in binary or memory: | ||
Source: classes.dex, android | String found in binary or memory: | ||
Source: classes.dex, android | String found in binary or memory: | ||
Source: classes.dex, android | String found in binary or memory: | ||
Source: classes.dex, android | String found in binary or memory: | ||
Source: android | String found in binary or memory: | ||
Source: android | String found in binary or memory: | ||
Source: classes.dex, android | String found in binary or memory: | ||
Source: classes.dex, android | String found in binary or memory: | ||
Source: classes.dex, android | String found in binary or memory: | ||
Source: classes.dex, android | String found in binary or memory: |
Has permission to query the list of currently running applications | Show sources |
Source: submitted apk | Request permission: |
May query for the most recent running application (usually for UI overlaying) | Show sources |
Source: com.example.livemusay.foxgood.ghdghsfghfghfgh;->a | getRunningTasks and getPackageName invocations in same method: | ||
Source: com.example.livemusay.foxgood.ghdghsfghfghfgh;->a | getRunningTasks and getPackageName invocations in same method: |
Detailed /proc access | Show sources |
Source: Lcom/example/livemusay/foxgood/ghdghsfghfghfgh;->a(Ljava/lang/String;)[Ljava/lang/String; | Method string: |
May check for popular installed apps | Show sources |
Networking: |
---|
Urls found in memory or binary data | Show sources |
Source: classes.dex, android | String found in binary or memory: | ||
Source: android | String found in binary or memory: | ||
Source: navigation_drawer_view.xml | String found in binary or memory: | ||
Source: navigation_drawer_view.xml | String found in binary or memory: | ||
Source: alert_dialog_wearable.xml | String found in binary or memory: |
Downloads files from webservers via HTTP | Show sources |
Source: global traffic | HTTP traffic detected: | ||
Source: global traffic | HTTP traffic detected: | ||
Source: global traffic | HTTP traffic detected: | ||
Source: global traffic | HTTP traffic detected: | ||
Source: global traffic | HTTP traffic detected: | ||
Source: global traffic | HTTP traffic detected: |
Found strings which match to known social media urls | Show sources |
Source: classes.dex, android | String found in binary or memory: | ||
Source: classes.dex, android | String found in binary or memory: | ||
Source: classes.dex, android | String found in binary or memory: | ||
Source: classes.dex, android | String found in binary or memory: |
Performs DNS lookups | Show sources |
Source: unknown | DNS traffic detected: |
Posts data to webserver | Show sources |
Source: unknown | HTTP traffic detected: |
Tries to download non-existing http data (HTTP/1.1 404 Not Found) | Show sources |
Source: global traffic | HTTP traffic detected: |
Uses HTTP for connecting to the internet | Show sources |
Source: com.example.livemusay.foxgood.b$a;->a:39 | API Call: |
Uses HTTPS | Show sources |
Source: unknown | Network traffic detected: | ||
Source: unknown | Network traffic detected: |
Opens an internet connection | Show sources |
Source: com.example.livemusay.foxgood.b$a;->a:6 | API Call: |
Boot Survival: |
---|
Has permission to execute code after phone reboot | Show sources |
Source: submitted apk | Request permission: |
Starts/registers a service/receiver on phone boot (autostart) | Show sources |
Source: com.example.livemusay.foxgood.olukyjhtrgthyjukilgkjf;->onReceive:52 | API Call: | ||
Source: com.example.livemusay.foxgood.olukyjhtrgthyjukilgkjf;->onReceive:52 | API Call: | ||
Source: com.example.livemusay.foxgood.olukyjhtrgthyjukilgkjf;->a:42 | API Call: | ||
Source: com.example.livemusay.foxgood.olukyjhtrgthyjukilgkjf;->onReceive:58 | API Call: |
Remote Access Functionality: |
---|
Found parser code for incoming SMS (may be used to act on incoming SMS, BOT) | Show sources |
Source: com.example.livemusay.foxgood.olukyjhtrgthyjukilgkjf;->onReceive:55 | API Call: |
Stealing of Sensitive Information: |
---|
Has permission to query the current location | Show sources |
Source: submitted apk | Request permission: |
Creates SMS data (e.g. PDU) | Show sources |
Source: com.example.livemusay.foxgood.olukyjhtrgthyjukilgkjf;->a:8 | API Call: |
Has permission to read contacts | Show sources |
Source: submitted apk | Request permission: |
Has permission to read the SMS storage | Show sources |
Source: submitted apk | Request permission: |
Has permission to read the phones state (phone number, device IDs, active call ect.) | Show sources |
Source: submitted apk | Request permission: |
Has permission to receive SMS in the background | Show sources |
Source: submitted apk | Request permission: |
Monitors incoming Phone calls | Show sources |
Source: com.example.livemusay.foxgood.olukyjhtrgthyjukilgkjf | Registered receiver: |
Monitors incoming SMS | Show sources |
Source: com.example.livemusay.foxgood.olukyjhtrgthyjukilgkjf | Registered receiver: |
Queries SMS data | Show sources |
Source: com.example.livemusay.foxgood.oluyjtrghyjuilfj;->c:6 | API Call: | ||
Source: com.example.livemusay.foxgood.oluyjtrghyjuilfj;->b:339 | API Call: |
Queries a list of installed applications | Show sources |
Source: com.example.livemusay.foxgood.ioluyjtgrthth;->b:490 | API Call: | ||
Source: com.example.livemusay.foxgood.ioluyjtgrthth;->c:786 | API Call: |
Queries phone contact information | Show sources |
Source: com.example.livemusay.foxgood.uiyjhtrgyukioluyhtrg;->a:5 | Field access: | ||
Source: com.example.livemusay.foxgood.uiyjhtrgyukioluyhtrg;->a:68 | Field access: |
Monitors outgoing Phone calls | Show sources |
Source: com.example.livemusay.foxgood.olukyjhtrgthyjukilgkjf | Registered receiver: |
Persistence and Installation Behavior: |
---|
Creates files | Show sources |
Source: com.example.livemusay.foxgood.ghdghsfghfghfgh;->c:180 | API Call: | ||
Source: com.example.livemusay.foxgood.ioluyjtgrthth;->a:442 | API Call: |
Data Obfuscation: |
---|
Obfuscates method names | Show sources |
Source: bankbot | Total valid method names: |
System Summary: |
---|
Classification label | Show sources |
Source: classification engine | Classification label: |
Requests potentially dangerous permissions | Show sources |
Source: submitted apk | Request permission: | ||
Source: submitted apk | Request permission: | ||
Source: submitted apk | Request permission: | ||
Source: submitted apk | Request permission: | ||
Source: submitted apk | Request permission: | ||
Source: submitted apk | Request permission: | ||
Source: submitted apk | Request permission: | ||
Source: submitted apk | Request permission: | ||
Source: submitted apk | Request permission: | ||
Source: submitted apk | Request permission: | ||
Source: submitted apk | Request permission: |
Malware Analysis System Evasion: |
---|
Accesses android OS build fields | Show sources |
Queries the unique operating system id (ANDROID_ID) | Show sources |
Source: com.example.livemusay.foxgood.c;->b:59 | API Call: | ||
Source: com.example.livemusay.foxgood.ioluyjtgrthth;->a:355 | API Call: | ||
Source: com.example.livemusay.foxgood.oluyjtrghyjuilfj;->a:212 | API Call: |
Hooking and other Techniques for Hiding and Protection: |
---|
Has permission to query the list of currently running applications | Show sources |
Source: submitted apk | Request permission: |
Has permission to terminate background processes of other applications | Show sources |
Source: submitted apk | Request permission: |
Queries list of running processes/tasks | Show sources |
Source: com.example.livemusay.foxgood.ghdghsfghfghfgh;->a:89 | API Call: | ||
Source: com.example.livemusay.foxgood.ghdghsfghfghfgh;->a:97 | API Call: |
Starts/registers a service/receiver on screen off | Show sources |
Source: com.example.livemusay.foxgood.olukyjhtrgthyjukilgkjf;->onReceive:52 | API Call: | ||
Source: com.example.livemusay.foxgood.olukyjhtrgthyjukilgkjf;->onReceive:52 | API Call: | ||
Source: com.example.livemusay.foxgood.olukyjhtrgthyjukilgkjf;->a:42 | API Call: | ||
Source: com.example.livemusay.foxgood.olukyjhtrgthyjukilgkjf;->onReceive:58 | API Call: |
Lowering of HIPS / PFW / Operating System Security Settings: |
---|
May check for install Android security applications (AV and firewalls) | Show sources |
Source: Lcom/example/livemusay/foxgood/ioluyjtgrthth;->c()Ljava/lang/String; | Method string: | ||
Source: Lcom/example/livemusay/foxgood/ioluyjtgrthth;->c()Ljava/lang/String; | Method string: | ||
Source: Lcom/example/livemusay/foxgood/ioluyjtgrthth;->c()Ljava/lang/String; | Method string: | ||
Source: Lcom/example/livemusay/foxgood/ioluyjtgrthth;->c()Ljava/lang/String; | Method string: | ||
Source: Lcom/example/livemusay/foxgood/ioluyjtgrthth;->c()Ljava/lang/String; | Method string: | ||
Source: Lcom/example/livemusay/foxgood/ioluyjtgrthth;->c()Ljava/lang/String; | Method string: |
Language, Device and Operating System Detection: |
---|
Queries the network operator ISO country code | Show sources |
Source: com.example.livemusay.foxgood.ioluyjtgrthth;->a:71 | API Call: | ||
Source: com.example.livemusay.foxgood.c;->a:4 | API Call: |
Queries the network operator name | Show sources |
Source: com.example.livemusay.foxgood.ioluyjtgrthth;->a:53 | API Call: |
Queries the unqiue device ID (IMEI, MEID or ESN) | Show sources |
Source: com.example.livemusay.foxgood.ioluyjtgrthth;->a:49 | API Call: | ||
Source: com.example.livemusay.foxgood.ioluyjtgrthth;->a:57 | API Call: | ||
Source: com.example.livemusay.foxgood.oluyjtrghyjuilfj;->a:48 | API Call: | ||
Source: com.example.livemusay.foxgood.c;->b:56 | API Call: |
Yara Overview |
---|
No Yara matches |
---|
Screenshot |
---|
Created / dropped Files |
---|
No created / dropped files found |
---|
Contacted Domains/Contacted IPs |
---|
Contacted Domains |
---|
Name | IP | Active |
---|---|---|
newset.mcdir.ru | 178.208.83.22 | true |
mtalk.google.com | 74.125.133.188 | true |
android.clients.google.com | 216.58.204.78 | true |
Contacted IPs |
---|
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Country | Flag | ASN | ASN Name |
---|---|---|---|---|
216.58.204.78 | United States | 15169 | GoogleInc | |
8.8.8.8 | United States | 15169 | GoogleInc | |
66.102.1.188 | United States | 15169 | GoogleInc | |
178.208.83.22 | Russian Federation | 35415 | WebaZillaBV | |
74.125.133.188 | United States | 15169 | GoogleInc |
Static File Info |
---|
General | |
---|---|
File type: | Zip archive data, at least v2.0 to extract |
TrID: |
|
File name: | bankbot |
File size: | 172541 |
MD5: | beee6b598d006a6f6fc93f6b8764715f |
SHA1: | 27806e7f4a4a5e3236d52e432e982915ce636da4 |
SHA256: | 7927146c3db630d5a75dca2d97c26e2406f1183df50fdc29d7f40f8ad667ab02 |
SHA512: | bbd01b41ffb5eb0946566cfbc2d12f190a7d24c4593468ac675e45cf9ab4c02826478e3ade8ada2668089b27194479ff15ca66cb39fec67e9c1755230071d145 |
File Content Preview: | PK.............Pr.<....,......AndroidManifest.xml...O.....0c..i.1.I.ml0...1`.1..a...........P....d+R.........,..R............UVYt.u.E]....;....]....}.q...9...;........&.B.F..R.....<......MC.A.B..^B...............CO...o..C..........W........@ya..:.m..PAD.. |
File Icon |
---|
Static APK Info |
---|
General | |
---|---|
Label: | Play ?ap?e? |
Minimum SDK required: | 9 |
Target SDK required: | 24 |
Version Code: | 1 |
Version Name: | 1 |
Package Name: | com.example.livemusay.foxgood |
Is Activity: | true |
Is Receiver: | true |
Is Service: | true |
Requests System Level Permissions: | false |
Play Store Compatible: | true |
Activities |
---|
Name | Is Entrypoint |
---|---|
com.example.livemusay.foxgoodcom.example.livemusay.foxgood.ukyjhtrgfdfghnj | true |
com.example.livemusay.foxgoodcom.example.livemusay.foxgood.thjgdhjghjghj | |
com.example.livemusay.foxgoodcom.example.livemusay.foxgood.sfghdfghfghfgh | |
com.example.livemusay.foxgoodcom.example.livemusay.foxgood.iukyjhtrgrf | |
com.example.livemusay.foxgoodcom.example.livemusay.foxgood.uiyjhtrgyukioluyhtrg | |
com.example.livemusay.foxgoodcom.example.livemusay.foxgood.ilkjhgtrfegtyjuilohgujhtf |
Receivers |
---|
|
|
| |
|
|
Services |
---|
| |
| |
| |
| |
| |
|
Permission Requested |
---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Certificate |
---|
Name: | classes.dex |
Issuer: | CN=fgfg,OU=hsfgsf,O=ghsfgh,L=srths,ST=fghsrth,C=sfghsrfghrhfgh |
Subject: | CN=fgfg,OU=hsfgsf,O=ghsfgh,L=srths,ST=fghsrth,C=sfghsrfghrhfgh |
Resources |
---|
Name | Type |
---|---|
\res/mipmap-xxxhdpi-v4/ic_launcher.png | PNG image, 48 x 48, 8-bit/color RGBA, non-interlaced |
\res/drawable/ic_launcher.png | PNG image, 48 x 48, 8-bit/color RGBA, non-interlaced |
\res/layout-v20/watch_card_content.xml | DBase 3 data file (900 records) |
\res/drawable/card_background.xml | DBase 3 data file (560 records) |
\res/drawable-mdpi-v4/card_frame_pressed.9.png | PNG image, 27 x 27, 8-bit/color RGBA, non-interlaced |
\res/drawable-v21/generic_confirmation_animation.xml | DBase 3 data file (696 records) |
\res/interpolator/generic_confirmation_animation_interpolator_0.xml | DBase 3 data file (240 records) |
\res/anim-v21/open_on_phone_path_1_animation.xml | DBase 3 data file (2204 records) |
\res/interpolator/open_on_phone_animation_interpolator_1.xml | DBase 3 data file (240 records) |
\res/layout/overlay_confirmation.xml | DBase 3 data file (1024 records) |
\res/layout/error_layout.xml | DBase 3 data file (1040 records) |
\res/interpolator-v21/open_on_phone_animation_interpolator_1.xml | DBase 3 data file (348 records) |
\res/mipmap-xxhdpi-v4/ic_launcher.png | PNG image, 48 x 48, 8-bit/color RGBA, non-interlaced |
\res/drawable-hdpi-v4/card_frame_pressed.9.png | PNG image, 41 x 41, 8-bit/color RGBA, non-interlaced |
\res/layout-v17/activity_main.xml | DBase 3 data file (1140 records) |
\res/layout/activity_main.xml | DBase 3 data file (1084 records) |
\res/drawable-hdpi-v4/ic_full_cancel.png | PNG image, 96 x 96, 8-bit/color RGBA, non-interlaced |
\res/color/btn_colored_background_material.xml | DBase 3 data file (468 records) |
\res/layout-v21/dismiss_overlay.xml | DBase 3 data file (1236 records) |
\res/drawable/action_item_icon_background.xml | DBase 3 data file (436 records) |
\META-INF/MANIFEST.MF | ASCII text, with CRLF line terminators |
\res/drawable-v21/open_on_phone_animation.xml | DBase 3 data file (788 records) |
\res/layout/accept_deny_dialog.xml | DBase 3 data file (2796 records) |
\res/interpolator/open_on_phone_animation_interpolator_0.xml | DBase 3 data file (240 records) |
\META-INF/CERT.SF | ASCII text, with CRLF line terminators |
\res/interpolator-v21/generic_confirmation_animation_interpolator_3.xml | DBase 3 data file (340 records) |
\res/drawable-mdpi-v4/card_frame.9.png | PNG image, 27 x 27, 8-bit/color RGBA, non-interlaced |
\res/drawable-xhdpi-v4/ic_full_sad.png | PNG image, 128 x 128, 8-bit colormap, non-interlaced |
\res/color-v11/btn_colored_background_material.xml | DBase 3 data file (504 records) |
\res/interpolator-v21/open_on_phone_animation_interpolator_0.xml | DBase 3 data file (328 records) |
\res/drawable/close_button.xml | DBase 3 data file (1788 records) |
\res/drawable-mdpi-v4/ic_full_cancel.png | PNG image, 64 x 64, 8-bit/color RGBA, non-interlaced |
\res/drawable/accept_deny_dialog_negative_bg.xml | DBase 3 data file (1104 records) |
\res/drawable/action_item_background.xml | DBase 3 data file (336 records) |
\res/color/card_text_color.xml | DBase 3 data file (468 records) |
\resources.arsc | data |
\res/layout/activity_inj.xml | DBase 3 data file (476 records) |
\res/layout-v16/error_layout.xml | DBase 3 data file (1116 records) |
\res/layout/activity_activ_location.xml | DBase 3 data file (536 records) |
\res/layout-v16/overlay_confirmation.xml | DBase 3 data file (1100 records) |
\res/mipmap-hdpi-v4/ic_launcher.png | PNG image, 48 x 48, 8-bit/color RGBA, non-interlaced |
\res/anim-v21/open_on_phone_arrow_animation.xml | DBase 3 data file (576 records) |
\res/mipmap-mdpi-v4/ic_launcher.png | PNG image, 48 x 48, 8-bit/color RGBA, non-interlaced |
\res/anim-v21/generic_confirmation_icon_animation.xml | DBase 3 data file (2216 records) |
\res/interpolator/generic_confirmation_animation_interpolator_3.xml | DBase 3 data file (240 records) |
\res/interpolator-v21/generic_confirmation_animation_interpolator_2.xml | DBase 3 data file (464 records) |
\res/layout/navigation_drawer_item_view.xml | DBase 3 data file (876 records) |
\META-INF/CERT.RSA | data |
\res/anim-v21/generic_confirmation_generic_confirmation_animation.xml | DBase 3 data file (1028 records) |
\res/animator/circular_image_button_anim.xml | DBase 3 data file (1172 records) |
\res/drawable/accept_deny_dialog_positive_bg.xml | DBase 3 data file (1104 records) |
\res/layout/alert_dialog_wearable.xml | DBase 3 data file (1928 records) |
\res/drawable-v21/generic_confirmation.xml | DBase 3 data file (2468 records) |
\res/layout/action_drawer_item_view.xml | DBase 3 data file (948 records) |
\res/drawable-xhdpi-v4/ic_full_cancel.png | PNG image, 128 x 128, 8-bit colormap, non-interlaced |
\res/layout/activity_g0us_s_d.xml | DBase 3 data file (536 records) |
\res/anim-v21/open_on_phone_path_2_animation.xml | DBase 3 data file (4600 records) |
\res/interpolator/generic_confirmation_animation_interpolator_2.xml | DBase 3 data file (240 records) |
\res/drawable-xhdpi-v4/card_frame.9.png | PNG image, 54 x 54, 8-bit/color RGBA, non-interlaced |
\res/drawable-v21/open_on_phone.xml | DBase 3 data file (4520 records) |
\res/interpolator-v21/generic_confirmation_animation_interpolator_1.xml | DBase 3 data file (332 records) |
\res/layout/r_l.xml | DBase 3 data file (576 records) |
\res/drawable/ic_cc_checkmark.xml | DBase 3 data file (780 records) |
\res/drawable-hdpi-v4/ic_full_sad.png | PNG image, 96 x 96, 8-bit/color RGBA, non-interlaced |
\res/drawable-mdpi-v4/ic_full_sad.png | PNG image, 64 x 64, 8-bit/color RGBA, non-interlaced |
\res/layout-v21/wearable_drawer_view.xml | DBase 3 data file (856 records) |
\res/layout/activity_go_adm.xml | DBase 3 data file (536 records) |
\res/drawable-xhdpi-v4/card_frame_pressed.9.png | PNG image, 54 x 54, 8-bit/color RGBA, non-interlaced |
\res/color/circular_button.xml | DBase 3 data file (468 records) |
\res/drawable/ic_more_vert_24dp_wht.xml | DBase 3 data file (1048 records) |
\res/layout/action_drawer_peek_view.xml | DBase 3 data file (816 records) |
\AndroidManifest.xml | DBase 3 data file (11468 records) |
\res/drawable-hdpi-v4/card_frame.9.png | PNG image, 41 x 41, 8-bit/color RGBA, non-interlaced |
\res/color/card_grey_text_color.xml | DBase 3 data file (468 records) |
\res/drawable/ic_more_horiz_24dp_wht.xml | DBase 3 data file (1052 records) |
\res/mipmap-xhdpi-v4/ic_launcher.png | PNG image, 48 x 48, 8-bit/color RGBA, non-interlaced |
\res/drawable/ic_cc_clear.xml | DBase 3 data file (884 records) |
\res/interpolator/generic_confirmation_animation_interpolator_1.xml | DBase 3 data file (240 records) |
\res/interpolator-v21/generic_confirmation_animation_interpolator_0.xml | DBase 3 data file (328 records) |
\res/animator-v11/circular_image_button_anim.xml | DBase 3 data file (1636 records) |
\res/layout/activity_activ_all_numbers.xml | DBase 3 data file (536 records) |
\classes.dex | Dalvik dex file version 035 |
\res/layout/wearable_drawer_view.xml | DBase 3 data file (816 records) |
\res/layout/navigation_drawer_view.xml | DBase 3 data file (940 records) |
Network Behavior |
---|
Network Port Distribution |
---|
TCP Packets |
---|
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jan 25, 2017 14:25:07.781132936 CET | 48457 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:25:07.781203985 CET | 5228 | 48457 | 74.125.133.188 | 192.168.1.33 |
Jan 25, 2017 14:25:07.781572104 CET | 48457 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:25:07.782573938 CET | 48457 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:25:07.782613993 CET | 5228 | 48457 | 74.125.133.188 | 192.168.1.33 |
Jan 25, 2017 14:25:07.894232988 CET | 5228 | 48457 | 74.125.133.188 | 192.168.1.33 |
Jan 25, 2017 14:25:07.894588947 CET | 48457 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:25:07.908199072 CET | 5228 | 48457 | 74.125.133.188 | 192.168.1.33 |
Jan 25, 2017 14:25:07.908230066 CET | 5228 | 48457 | 74.125.133.188 | 192.168.1.33 |
Jan 25, 2017 14:25:07.908246994 CET | 5228 | 48457 | 74.125.133.188 | 192.168.1.33 |
Jan 25, 2017 14:25:07.908468008 CET | 48457 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:25:07.908540010 CET | 48457 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:25:07.908581972 CET | 48457 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:25:07.908608913 CET | 5228 | 48457 | 74.125.133.188 | 192.168.1.33 |
Jan 25, 2017 14:25:07.908763885 CET | 48457 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:25:07.913710117 CET | 48457 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:25:07.913741112 CET | 5228 | 48457 | 74.125.133.188 | 192.168.1.33 |
Jan 25, 2017 14:25:07.914175987 CET | 48457 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:25:07.915685892 CET | 36468 | 80 | 192.168.1.33 | 216.58.204.78 |
Jan 25, 2017 14:25:07.915729046 CET | 80 | 36468 | 216.58.204.78 | 192.168.1.33 |
Jan 25, 2017 14:25:07.984159946 CET | 80 | 36468 | 216.58.204.78 | 192.168.1.33 |
Jan 25, 2017 14:25:07.984623909 CET | 36468 | 80 | 192.168.1.33 | 216.58.204.78 |
Jan 25, 2017 14:25:09.090708971 CET | 20497 | 53 | 192.168.1.33 | 8.8.8.8 |
Jan 25, 2017 14:25:09.234994888 CET | 53 | 20497 | 8.8.8.8 | 192.168.1.33 |
Jan 25, 2017 14:25:12.921221972 CET | 36450 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:25:12.921298981 CET | 5228 | 36450 | 74.125.133.188 | 192.168.1.33 |
Jan 25, 2017 14:25:12.921570063 CET | 36450 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:25:12.922583103 CET | 36450 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:25:12.922619104 CET | 5228 | 36450 | 74.125.133.188 | 192.168.1.33 |
Jan 25, 2017 14:25:13.104979992 CET | 5228 | 36450 | 74.125.133.188 | 192.168.1.33 |
Jan 25, 2017 14:25:13.105209112 CET | 36450 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:25:13.118778944 CET | 5228 | 36450 | 74.125.133.188 | 192.168.1.33 |
Jan 25, 2017 14:25:13.118803024 CET | 5228 | 36450 | 74.125.133.188 | 192.168.1.33 |
Jan 25, 2017 14:25:13.118809938 CET | 5228 | 36450 | 74.125.133.188 | 192.168.1.33 |
Jan 25, 2017 14:25:13.118985891 CET | 36450 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:25:13.119060040 CET | 36450 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:25:13.119101048 CET | 36450 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:25:13.119118929 CET | 5228 | 36450 | 74.125.133.188 | 192.168.1.33 |
Jan 25, 2017 14:25:13.119273901 CET | 36450 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:25:13.124291897 CET | 36450 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:25:13.124325991 CET | 5228 | 36450 | 74.125.133.188 | 192.168.1.33 |
Jan 25, 2017 14:25:13.124931097 CET | 36450 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:25:13.125912905 CET | 36468 | 80 | 192.168.1.33 | 216.58.204.78 |
Jan 25, 2017 14:25:13.125941992 CET | 80 | 36468 | 216.58.204.78 | 192.168.1.33 |
Jan 25, 2017 14:25:13.200249910 CET | 80 | 36468 | 216.58.204.78 | 192.168.1.33 |
Jan 25, 2017 14:25:13.200588942 CET | 36468 | 80 | 192.168.1.33 | 216.58.204.78 |
Jan 25, 2017 14:25:16.311645985 CET | 31840 | 53 | 192.168.1.33 | 8.8.8.8 |
Jan 25, 2017 14:25:16.351440907 CET | 53 | 31840 | 8.8.8.8 | 192.168.1.33 |
Jan 25, 2017 14:25:16.352478027 CET | 38023 | 443 | 192.168.1.33 | 216.58.204.78 |
Jan 25, 2017 14:25:16.352540970 CET | 443 | 38023 | 216.58.204.78 | 192.168.1.33 |
Jan 25, 2017 14:25:16.352689981 CET | 38023 | 443 | 192.168.1.33 | 216.58.204.78 |
Jan 25, 2017 14:25:16.356236935 CET | 38023 | 443 | 192.168.1.33 | 216.58.204.78 |
Jan 25, 2017 14:25:16.356262922 CET | 443 | 38023 | 216.58.204.78 | 192.168.1.33 |
Jan 25, 2017 14:25:16.463845015 CET | 443 | 38023 | 216.58.204.78 | 192.168.1.33 |
Jan 25, 2017 14:25:16.463864088 CET | 443 | 38023 | 216.58.204.78 | 192.168.1.33 |
Jan 25, 2017 14:25:16.463871002 CET | 443 | 38023 | 216.58.204.78 | 192.168.1.33 |
Jan 25, 2017 14:25:16.464176893 CET | 38023 | 443 | 192.168.1.33 | 216.58.204.78 |
Jan 25, 2017 14:25:16.464277983 CET | 38023 | 443 | 192.168.1.33 | 216.58.204.78 |
Jan 25, 2017 14:25:16.464344025 CET | 38023 | 443 | 192.168.1.33 | 216.58.204.78 |
Jan 25, 2017 14:25:16.480803013 CET | 443 | 38023 | 216.58.204.78 | 192.168.1.33 |
Jan 25, 2017 14:25:16.481024027 CET | 38023 | 443 | 192.168.1.33 | 216.58.204.78 |
Jan 25, 2017 14:25:16.496325970 CET | 38023 | 443 | 192.168.1.33 | 216.58.204.78 |
Jan 25, 2017 14:25:16.496361017 CET | 443 | 38023 | 216.58.204.78 | 192.168.1.33 |
Jan 25, 2017 14:25:16.496778011 CET | 38023 | 443 | 192.168.1.33 | 216.58.204.78 |
Jan 25, 2017 14:25:22.837763071 CET | 55153 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:25:22.837800980 CET | 5228 | 55153 | 74.125.133.188 | 192.168.1.33 |
Jan 25, 2017 14:25:22.838041067 CET | 55153 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:25:22.838656902 CET | 55153 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:25:22.838676929 CET | 5228 | 55153 | 74.125.133.188 | 192.168.1.33 |
Jan 25, 2017 14:25:22.952673912 CET | 5228 | 55153 | 74.125.133.188 | 192.168.1.33 |
Jan 25, 2017 14:25:22.952918053 CET | 55153 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:25:22.966654062 CET | 5228 | 55153 | 74.125.133.188 | 192.168.1.33 |
Jan 25, 2017 14:25:22.966680050 CET | 5228 | 55153 | 74.125.133.188 | 192.168.1.33 |
Jan 25, 2017 14:25:22.966689110 CET | 5228 | 55153 | 74.125.133.188 | 192.168.1.33 |
Jan 25, 2017 14:25:22.966902971 CET | 55153 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:25:22.966974020 CET | 55153 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:25:22.967015982 CET | 55153 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:25:22.967035055 CET | 5228 | 55153 | 74.125.133.188 | 192.168.1.33 |
Jan 25, 2017 14:25:22.967175961 CET | 55153 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:25:22.972182989 CET | 55153 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:25:22.972215891 CET | 5228 | 55153 | 74.125.133.188 | 192.168.1.33 |
Jan 25, 2017 14:25:22.972703934 CET | 55153 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:25:22.974008083 CET | 36468 | 80 | 192.168.1.33 | 216.58.204.78 |
Jan 25, 2017 14:25:22.974046946 CET | 80 | 36468 | 216.58.204.78 | 192.168.1.33 |
Jan 25, 2017 14:25:23.085088968 CET | 80 | 36468 | 216.58.204.78 | 192.168.1.33 |
Jan 25, 2017 14:25:23.085357904 CET | 36468 | 80 | 192.168.1.33 | 216.58.204.78 |
Jan 25, 2017 14:25:25.066010952 CET | 61104 | 53 | 192.168.1.33 | 8.8.8.8 |
Jan 25, 2017 14:25:25.675028086 CET | 53 | 61104 | 8.8.8.8 | 192.168.1.33 |
Jan 25, 2017 14:25:25.676786900 CET | 46347 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:25:25.676848888 CET | 80 | 46347 | 178.208.83.22 | 192.168.1.33 |
Jan 25, 2017 14:25:25.677225113 CET | 46347 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:25:25.688601017 CET | 46347 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:25:25.688637018 CET | 80 | 46347 | 178.208.83.22 | 192.168.1.33 |
Jan 25, 2017 14:25:25.767029047 CET | 80 | 46347 | 178.208.83.22 | 192.168.1.33 |
Jan 25, 2017 14:25:25.767312050 CET | 46347 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:25:26.010298014 CET | 46347 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:25:26.010435104 CET | 80 | 46347 | 178.208.83.22 | 192.168.1.33 |
Jan 25, 2017 14:25:26.010529995 CET | 46347 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:25:33.308154106 CET | 58953 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:25:33.308188915 CET | 80 | 58953 | 178.208.83.22 | 192.168.1.33 |
Jan 25, 2017 14:25:33.308314085 CET | 58953 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:25:33.317496061 CET | 58953 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:25:33.317534924 CET | 80 | 58953 | 178.208.83.22 | 192.168.1.33 |
Jan 25, 2017 14:25:33.390985012 CET | 80 | 58953 | 178.208.83.22 | 192.168.1.33 |
Jan 25, 2017 14:25:33.391345024 CET | 58953 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:25:34.064582109 CET | 58953 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:25:34.064738989 CET | 80 | 58953 | 178.208.83.22 | 192.168.1.33 |
Jan 25, 2017 14:25:34.064898968 CET | 58953 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:25:42.339673996 CET | 55339 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:25:42.339714050 CET | 5228 | 55339 | 74.125.133.188 | 192.168.1.33 |
Jan 25, 2017 14:25:42.339875937 CET | 55339 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:25:42.340742111 CET | 55339 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:25:42.340764999 CET | 5228 | 55339 | 74.125.133.188 | 192.168.1.33 |
Jan 25, 2017 14:25:42.398346901 CET | 5228 | 55339 | 74.125.133.188 | 192.168.1.33 |
Jan 25, 2017 14:25:42.398508072 CET | 55339 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:25:42.412290096 CET | 5228 | 55339 | 74.125.133.188 | 192.168.1.33 |
Jan 25, 2017 14:25:42.412316084 CET | 5228 | 55339 | 74.125.133.188 | 192.168.1.33 |
Jan 25, 2017 14:25:42.412327051 CET | 5228 | 55339 | 74.125.133.188 | 192.168.1.33 |
Jan 25, 2017 14:25:42.412561893 CET | 55339 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:25:42.412621975 CET | 55339 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:25:42.412656069 CET | 55339 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:25:42.412668943 CET | 5228 | 55339 | 74.125.133.188 | 192.168.1.33 |
Jan 25, 2017 14:25:42.412817955 CET | 55339 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:25:42.415935040 CET | 55339 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:25:42.415957928 CET | 5228 | 55339 | 74.125.133.188 | 192.168.1.33 |
Jan 25, 2017 14:25:42.416228056 CET | 55339 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:25:42.417701960 CET | 36468 | 80 | 192.168.1.33 | 216.58.204.78 |
Jan 25, 2017 14:25:42.417743921 CET | 80 | 36468 | 216.58.204.78 | 192.168.1.33 |
Jan 25, 2017 14:25:42.511689901 CET | 80 | 36468 | 216.58.204.78 | 192.168.1.33 |
Jan 25, 2017 14:25:42.511976004 CET | 36468 | 80 | 192.168.1.33 | 216.58.204.78 |
Jan 25, 2017 14:25:44.464668036 CET | 33033 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:25:44.464720964 CET | 80 | 33033 | 178.208.83.22 | 192.168.1.33 |
Jan 25, 2017 14:25:44.464971066 CET | 33033 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:25:44.474687099 CET | 33033 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:25:44.474724054 CET | 80 | 33033 | 178.208.83.22 | 192.168.1.33 |
Jan 25, 2017 14:25:44.567434072 CET | 80 | 33033 | 178.208.83.22 | 192.168.1.33 |
Jan 25, 2017 14:25:44.567701101 CET | 33033 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:25:45.888585091 CET | 33033 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:25:45.888705015 CET | 80 | 33033 | 178.208.83.22 | 192.168.1.33 |
Jan 25, 2017 14:25:45.889033079 CET | 33033 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:26:09.245307922 CET | 3484 | 53 | 192.168.1.33 | 8.8.8.8 |
Jan 25, 2017 14:26:09.651566982 CET | 53 | 3484 | 8.8.8.8 | 192.168.1.33 |
Jan 25, 2017 14:26:21.134061098 CET | 63813 | 53 | 192.168.1.33 | 8.8.8.8 |
Jan 25, 2017 14:26:21.179393053 CET | 53 | 63813 | 8.8.8.8 | 192.168.1.33 |
Jan 25, 2017 14:26:21.180179119 CET | 42887 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:26:21.180226088 CET | 5228 | 42887 | 74.125.133.188 | 192.168.1.33 |
Jan 25, 2017 14:26:21.180501938 CET | 42887 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:26:21.181646109 CET | 42887 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:26:21.181679010 CET | 5228 | 42887 | 74.125.133.188 | 192.168.1.33 |
Jan 25, 2017 14:26:21.298548937 CET | 5228 | 42887 | 74.125.133.188 | 192.168.1.33 |
Jan 25, 2017 14:26:21.298747063 CET | 42887 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:26:21.319389105 CET | 5228 | 42887 | 74.125.133.188 | 192.168.1.33 |
Jan 25, 2017 14:26:21.319411993 CET | 5228 | 42887 | 74.125.133.188 | 192.168.1.33 |
Jan 25, 2017 14:26:21.319422007 CET | 5228 | 42887 | 74.125.133.188 | 192.168.1.33 |
Jan 25, 2017 14:26:21.319590092 CET | 42887 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:26:21.319655895 CET | 42887 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:26:21.319698095 CET | 42887 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:26:21.319715977 CET | 5228 | 42887 | 74.125.133.188 | 192.168.1.33 |
Jan 25, 2017 14:26:21.319879055 CET | 42887 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:26:21.324912071 CET | 42887 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:26:21.324937105 CET | 5228 | 42887 | 74.125.133.188 | 192.168.1.33 |
Jan 25, 2017 14:26:21.325311899 CET | 42887 | 5228 | 192.168.1.33 | 74.125.133.188 |
Jan 25, 2017 14:26:21.326661110 CET | 36468 | 80 | 192.168.1.33 | 216.58.204.78 |
Jan 25, 2017 14:26:21.326699018 CET | 80 | 36468 | 216.58.204.78 | 192.168.1.33 |
Jan 25, 2017 14:26:21.426356077 CET | 80 | 36468 | 216.58.204.78 | 192.168.1.33 |
Jan 25, 2017 14:26:21.426641941 CET | 36468 | 80 | 192.168.1.33 | 216.58.204.78 |
Jan 25, 2017 14:26:23.265836954 CET | 45342 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:26:23.265880108 CET | 80 | 45342 | 178.208.83.22 | 192.168.1.33 |
Jan 25, 2017 14:26:23.266005993 CET | 45342 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:26:23.275819063 CET | 45342 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:26:23.275847912 CET | 80 | 45342 | 178.208.83.22 | 192.168.1.33 |
Jan 25, 2017 14:26:23.360166073 CET | 80 | 45342 | 178.208.83.22 | 192.168.1.33 |
Jan 25, 2017 14:26:23.360502958 CET | 45342 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:26:24.465593100 CET | 45342 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:26:24.465724945 CET | 80 | 45342 | 178.208.83.22 | 192.168.1.33 |
Jan 25, 2017 14:26:24.465811968 CET | 45342 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:26:30.496727943 CET | 26787 | 53 | 192.168.1.33 | 8.8.8.8 |
Jan 25, 2017 14:26:30.539041996 CET | 53 | 26787 | 8.8.8.8 | 192.168.1.33 |
Jan 25, 2017 14:26:30.539813995 CET | 49135 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:26:30.539865971 CET | 80 | 49135 | 178.208.83.22 | 192.168.1.33 |
Jan 25, 2017 14:26:30.540069103 CET | 49135 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:26:30.542268991 CET | 49135 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:26:30.542306900 CET | 80 | 49135 | 178.208.83.22 | 192.168.1.33 |
Jan 25, 2017 14:26:30.632613897 CET | 80 | 49135 | 178.208.83.22 | 192.168.1.33 |
Jan 25, 2017 14:26:30.632869959 CET | 49135 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:26:32.611387968 CET | 49135 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:26:32.611536980 CET | 80 | 49135 | 178.208.83.22 | 192.168.1.33 |
Jan 25, 2017 14:26:32.611727953 CET | 49135 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:26:37.763267040 CET | 54015 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:26:37.763330936 CET | 80 | 54015 | 178.208.83.22 | 192.168.1.33 |
Jan 25, 2017 14:26:37.763544083 CET | 54015 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:26:37.773379087 CET | 54015 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:26:37.773416996 CET | 80 | 54015 | 178.208.83.22 | 192.168.1.33 |
Jan 25, 2017 14:26:37.839852095 CET | 80 | 54015 | 178.208.83.22 | 192.168.1.33 |
Jan 25, 2017 14:26:37.840250015 CET | 54015 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:26:37.847059965 CET | 54015 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:26:37.847213984 CET | 80 | 54015 | 178.208.83.22 | 192.168.1.33 |
Jan 25, 2017 14:26:37.847482920 CET | 54015 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:26:44.944984913 CET | 42582 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:26:44.945036888 CET | 80 | 42582 | 178.208.83.22 | 192.168.1.33 |
Jan 25, 2017 14:26:44.945152044 CET | 42582 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:26:44.953845978 CET | 42582 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:26:44.953890085 CET | 80 | 42582 | 178.208.83.22 | 192.168.1.33 |
Jan 25, 2017 14:26:45.035718918 CET | 80 | 42582 | 178.208.83.22 | 192.168.1.33 |
Jan 25, 2017 14:26:45.036089897 CET | 42582 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:26:45.706329107 CET | 42582 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:26:45.706461906 CET | 80 | 42582 | 178.208.83.22 | 192.168.1.33 |
Jan 25, 2017 14:26:45.706553936 CET | 42582 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:26:52.185661077 CET | 38418 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:26:52.185743093 CET | 80 | 38418 | 178.208.83.22 | 192.168.1.33 |
Jan 25, 2017 14:26:52.185946941 CET | 38418 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:26:52.187669992 CET | 38418 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:26:52.187695026 CET | 80 | 38418 | 178.208.83.22 | 192.168.1.33 |
Jan 25, 2017 14:26:52.251575947 CET | 80 | 38418 | 178.208.83.22 | 192.168.1.33 |
Jan 25, 2017 14:26:52.251840115 CET | 38418 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:26:53.032850981 CET | 38418 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:26:53.032984018 CET | 80 | 38418 | 178.208.83.22 | 192.168.1.33 |
Jan 25, 2017 14:26:53.033196926 CET | 38418 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:27:29.654413939 CET | 63501 | 53 | 192.168.1.33 | 8.8.8.8 |
Jan 25, 2017 14:27:29.686804056 CET | 53 | 63501 | 8.8.8.8 | 192.168.1.33 |
Jan 25, 2017 14:27:30.717751026 CET | 34751 | 53 | 192.168.1.33 | 8.8.8.8 |
Jan 25, 2017 14:27:31.060302973 CET | 53 | 34751 | 8.8.8.8 | 192.168.1.33 |
Jan 25, 2017 14:27:31.061129093 CET | 52085 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:27:31.061166048 CET | 80 | 52085 | 178.208.83.22 | 192.168.1.33 |
Jan 25, 2017 14:27:31.061311960 CET | 52085 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:27:31.071064949 CET | 52085 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:27:31.071094036 CET | 80 | 52085 | 178.208.83.22 | 192.168.1.33 |
Jan 25, 2017 14:27:31.136826992 CET | 80 | 52085 | 178.208.83.22 | 192.168.1.33 |
Jan 25, 2017 14:27:31.137105942 CET | 52085 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:27:32.227011919 CET | 52085 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:27:32.227174044 CET | 80 | 52085 | 178.208.83.22 | 192.168.1.33 |
Jan 25, 2017 14:27:32.227303028 CET | 52085 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:27:38.739506960 CET | 16169 | 53 | 192.168.1.33 | 8.8.8.8 |
Jan 25, 2017 14:27:38.779988050 CET | 53 | 16169 | 8.8.8.8 | 192.168.1.33 |
Jan 25, 2017 14:27:38.780944109 CET | 47564 | 5228 | 192.168.1.33 | 66.102.1.188 |
Jan 25, 2017 14:27:38.781019926 CET | 5228 | 47564 | 66.102.1.188 | 192.168.1.33 |
Jan 25, 2017 14:27:38.781230927 CET | 47564 | 5228 | 192.168.1.33 | 66.102.1.188 |
Jan 25, 2017 14:27:38.782335997 CET | 47564 | 5228 | 192.168.1.33 | 66.102.1.188 |
Jan 25, 2017 14:27:38.782377958 CET | 5228 | 47564 | 66.102.1.188 | 192.168.1.33 |
Jan 25, 2017 14:27:38.879261017 CET | 5228 | 47564 | 66.102.1.188 | 192.168.1.33 |
Jan 25, 2017 14:27:38.879280090 CET | 5228 | 47564 | 66.102.1.188 | 192.168.1.33 |
Jan 25, 2017 14:27:38.879290104 CET | 5228 | 47564 | 66.102.1.188 | 192.168.1.33 |
Jan 25, 2017 14:27:38.879467010 CET | 47564 | 5228 | 192.168.1.33 | 66.102.1.188 |
Jan 25, 2017 14:27:38.879504919 CET | 47564 | 5228 | 192.168.1.33 | 66.102.1.188 |
Jan 25, 2017 14:27:38.879532099 CET | 47564 | 5228 | 192.168.1.33 | 66.102.1.188 |
Jan 25, 2017 14:27:38.895550966 CET | 5228 | 47564 | 66.102.1.188 | 192.168.1.33 |
Jan 25, 2017 14:27:38.895816088 CET | 47564 | 5228 | 192.168.1.33 | 66.102.1.188 |
Jan 25, 2017 14:27:38.901191950 CET | 47564 | 5228 | 192.168.1.33 | 66.102.1.188 |
Jan 25, 2017 14:27:38.901221991 CET | 5228 | 47564 | 66.102.1.188 | 192.168.1.33 |
Jan 25, 2017 14:27:38.901429892 CET | 47564 | 5228 | 192.168.1.33 | 66.102.1.188 |
Jan 25, 2017 14:27:38.902424097 CET | 36468 | 80 | 192.168.1.33 | 216.58.204.78 |
Jan 25, 2017 14:27:38.902447939 CET | 80 | 36468 | 216.58.204.78 | 192.168.1.33 |
Jan 25, 2017 14:27:39.066225052 CET | 80 | 36468 | 216.58.204.78 | 192.168.1.33 |
Jan 25, 2017 14:27:39.066550970 CET | 36468 | 80 | 192.168.1.33 | 216.58.204.78 |
Jan 25, 2017 14:27:47.094224930 CET | 36745 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:27:47.094315052 CET | 80 | 36745 | 178.208.83.22 | 192.168.1.33 |
Jan 25, 2017 14:27:47.094563961 CET | 36745 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:27:47.104911089 CET | 36745 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:27:47.104990959 CET | 80 | 36745 | 178.208.83.22 | 192.168.1.33 |
Jan 25, 2017 14:27:47.170838118 CET | 80 | 36745 | 178.208.83.22 | 192.168.1.33 |
Jan 25, 2017 14:27:47.171092987 CET | 36745 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:27:47.978882074 CET | 36745 | 80 | 192.168.1.33 | 178.208.83.22 |
Jan 25, 2017 14:27:47.979048967 CET | 80 | 36745 | 178.208.83.22 | 192.168.1.33 |
Jan 25, 2017 14:27:47.979192019 CET | 36745 | 80 | 192.168.1.33 | 178.208.83.22 |
UDP Packets |
---|
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jan 25, 2017 14:25:09.090708971 CET | 20497 | 53 | 192.168.1.33 | 8.8.8.8 |
Jan 25, 2017 14:25:09.234994888 CET | 53 | 20497 | 8.8.8.8 | 192.168.1.33 |
Jan 25, 2017 14:25:16.311645985 CET | 31840 | 53 | 192.168.1.33 | 8.8.8.8 |
Jan 25, 2017 14:25:16.351440907 CET | 53 | 31840 | 8.8.8.8 | 192.168.1.33 |
Jan 25, 2017 14:25:25.066010952 CET | 61104 | 53 | 192.168.1.33 | 8.8.8.8 |
Jan 25, 2017 14:25:25.675028086 CET | 53 | 61104 | 8.8.8.8 | 192.168.1.33 |
Jan 25, 2017 14:26:09.245307922 CET | 3484 | 53 | 192.168.1.33 | 8.8.8.8 |
Jan 25, 2017 14:26:09.651566982 CET | 53 | 3484 | 8.8.8.8 | 192.168.1.33 |
Jan 25, 2017 14:26:21.134061098 CET | 63813 | 53 | 192.168.1.33 | 8.8.8.8 |
Jan 25, 2017 14:26:21.179393053 CET | 53 | 63813 | 8.8.8.8 | 192.168.1.33 |
Jan 25, 2017 14:26:30.496727943 CET | 26787 | 53 | 192.168.1.33 | 8.8.8.8 |
Jan 25, 2017 14:26:30.539041996 CET | 53 | 26787 | 8.8.8.8 | 192.168.1.33 |
Jan 25, 2017 14:27:29.654413939 CET | 63501 | 53 | 192.168.1.33 | 8.8.8.8 |
Jan 25, 2017 14:27:29.686804056 CET | 53 | 63501 | 8.8.8.8 | 192.168.1.33 |
Jan 25, 2017 14:27:30.717751026 CET | 34751 | 53 | 192.168.1.33 | 8.8.8.8 |
Jan 25, 2017 14:27:31.060302973 CET | 53 | 34751 | 8.8.8.8 | 192.168.1.33 |
Jan 25, 2017 14:27:38.739506960 CET | 16169 | 53 | 192.168.1.33 | 8.8.8.8 |
Jan 25, 2017 14:27:38.779988050 CET | 53 | 16169 | 8.8.8.8 | 192.168.1.33 |
DNS Queries |
---|
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class |
---|---|---|---|---|---|---|---|
Jan 25, 2017 14:25:16.311645985 CET | 192.168.1.33 | 8.8.8.8 | 0xa43d | Standard query (0) | android.clients.google.com | A (IP address) | IN (0x0001) |
Jan 25, 2017 14:25:25.066010952 CET | 192.168.1.33 | 8.8.8.8 | 0xf9f3 | Standard query (0) | newset.mcdir.ru | A (IP address) | IN (0x0001) |
Jan 25, 2017 14:26:21.134061098 CET | 192.168.1.33 | 8.8.8.8 | 0x9eea | Standard query (0) | mtalk.google.com | A (IP address) | IN (0x0001) |
Jan 25, 2017 14:26:30.496727943 CET | 192.168.1.33 | 8.8.8.8 | 0x1360 | Standard query (0) | newset.mcdir.ru | A (IP address) | IN (0x0001) |
Jan 25, 2017 14:27:30.717751026 CET | 192.168.1.33 | 8.8.8.8 | 0x3237 | Standard query (0) | newset.mcdir.ru | A (IP address) | IN (0x0001) |
Jan 25, 2017 14:27:38.739506960 CET | 192.168.1.33 | 8.8.8.8 | 0xbded | Standard query (0) | mtalk.google.com | A (IP address) | IN (0x0001) |
DNS Answers |
---|
Timestamp | Source IP | Dest IP | Trans ID | Replay Code | Name | CName | Address | Type | Class |
---|---|---|---|---|---|---|---|---|---|
Jan 25, 2017 14:25:16.351440907 CET | 8.8.8.8 | 192.168.1.33 | 0xa43d | No error (0) | android.clients.google.com | 216.58.204.78 | A (IP address) | IN (0x0001) | |
Jan 25, 2017 14:25:25.675028086 CET | 8.8.8.8 | 192.168.1.33 | 0xf9f3 | No error (0) | newset.mcdir.ru | 178.208.83.22 | A (IP address) | IN (0x0001) | |
Jan 25, 2017 14:26:21.179393053 CET | 8.8.8.8 | 192.168.1.33 | 0x9eea | No error (0) | mtalk.google.com | 74.125.133.188 | A (IP address) | IN (0x0001) | |
Jan 25, 2017 14:26:30.539041996 CET | 8.8.8.8 | 192.168.1.33 | 0x1360 | No error (0) | newset.mcdir.ru | 178.208.83.22 | A (IP address) | IN (0x0001) | |
Jan 25, 2017 14:27:31.060302973 CET | 8.8.8.8 | 192.168.1.33 | 0x3237 | No error (0) | newset.mcdir.ru | 178.208.83.22 | A (IP address) | IN (0x0001) | |
Jan 25, 2017 14:27:38.779988050 CET | 8.8.8.8 | 192.168.1.33 | 0xbded | No error (0) | mtalk.google.com | 66.102.1.188 | A (IP address) | IN (0x0001) |
HTTP Request Dependency Graph |
---|
|
HTTP Packets |
---|
Timestamp | Source Port | Dest Port | Source IP | Dest IP | Header | Total Bytes Transfered (KB) |
---|---|---|---|---|---|---|
Jan 25, 2017 14:25:07.915685892 CET | 36468 | 80 | 192.168.1.33 | 216.58.204.78 | 5 | |
Jan 25, 2017 14:25:07.984159946 CET | 80 | 36468 | 216.58.204.78 | 192.168.1.33 | 6 | |
Jan 25, 2017 14:25:13.125912905 CET | 36468 | 80 | 192.168.1.33 | 216.58.204.78 | 12 | |
Jan 25, 2017 14:25:13.200249910 CET | 80 | 36468 | 216.58.204.78 | 192.168.1.33 | 12 | |
Jan 25, 2017 14:25:22.974008083 CET | 36468 | 80 | 192.168.1.33 | 216.58.204.78 | 24 | |
Jan 25, 2017 14:25:23.085088968 CET | 80 | 36468 | 216.58.204.78 | 192.168.1.33 | 24 | |
Jan 25, 2017 14:25:25.688601017 CET | 46347 | 80 | 192.168.1.33 | 178.208.83.22 | 25 | |
Jan 25, 2017 14:25:25.767029047 CET | 80 | 46347 | 178.208.83.22 | 192.168.1.33 |