OPTIONAL: Sandbox SMTP Report

LAST UPDATED: 2023-08-30

THIS REPORT IS DISCONTINUED

This report summarizes the email sent by each of the malicious binaries when they were run in our sandbox system.

It is specifically generated by running a malicious binary in our sandbox system. The malware attempts either to email or utilize an email server that was referenced in the report. It does not mean that the access was successful or that your system is compromised at the time of the report, just that a piece of malware attempted either to utilize your infrastructure or to send an email to it.

Fields

md5hash

MD5 has of the binary that was run
email

Email addresses used by the binary
sender

Return email address used by the binary
smtp_inet

IP of the remote SMTP server
smtp_port

Remote port used
smtp_host

Hostname resolution of the IP address

Sample

Our 119 Report Types

API: ASN and Network Queries
API: Documentation
API: Malware Query
API: Reports Query
API: Research
API: Scan/SSL
API: Trusted Programs Query
Accessible ADB Report
Accessible AFP Report
Accessible AMQP Report
Accessible ActiveMQ Service Report
Accessible Apple Remote Desktop (ARD) Report
Accessible BGP Service Report
Accessible Cisco Smart Install Report
Accessible CoAP Report
Accessible CouchDB Report
Accessible Docker Service Report
Accessible Erlang Port Mapper Daemon Report
Accessible FTP Report
Accessible HTTP Proxy Report
Accessible HTTP Report
Accessible Hadoop Report
Accessible ICS Report
Accessible Kubernetes API Server Report
Accessible MS-RDPEUDP
Accessible MSMQ Service Report
Accessible MySQL Server Report
Accessible PostgreSQL Server Report
Accessible QUIC Report
Accessible RDP Report
Accessible Radmin Report
Accessible Rsync Report
Accessible SIP Report
Accessible SLP Service Report
Accessible SMB Report
Accessible SMTP Report
Accessible SOCKS 4/5 Proxy Report
Accessible SSH Report
Accessible SSL Report
Accessible STUN Service Report
Accessible Telnet Report
Accessible VNC Report
Accessible WS-Discovery Service Report
Accessible XDMCP Service Report
Amplification DDoS Victim Report
Block List Report
Compromised Account Report
Compromised Website Report
DDoS Participant Report
DNS Open Resolvers Report
Darknet Events Report
Device Identification Report
Exposed F5 iControl REST API Special Report
HAFNIUM Exchange Victim Special Report
Honeypot DDoS Target Events Report
Honeypot Amplification DDoS Events Report
Honeypot Brute Force Events Report
Honeypot DDoS Events Report
Honeypot HTTP Scanner Events Report
Honeypot ICS Scanner Events Report
Honeypot RDP Scanner Events Report
Honeypot SMB Scanner Events Report
IP Spoofer Events Report
LEGACY: Accessible Modbus Report
Malware URL Report
Microsoft Sinkhole Events Report
Microsoft Sinkhole HTTP Events Report
NTP Monitor Report
NTP Version Report
Netcore/Netis Router Vulnerability Scan Report
OPTIONAL: Sandbox Connection Report
OPTIONAL: Sandbox IRC Report
OPTIONAL: Sandbox URL Report
Open BGP Service Report
Open CWMP Report
Open CharGen Report
Open DB2 Discovery Service
Open DVR DHCPDiscover Report
Open Elasticsearch Report
Open HTTP Proxy Report
Open IPMI Report
Open IPP Report
Open LDAP Report
Open LDAP TCP Report
Open MQTT Report
Open MS-SQL Server Resolution Service Report
Open Memcached Report
Open MongoDB Report
Open NAT-PMP Report
Open NetBIOS Report
Open Portmapper Report
Open QOTD Report
Open Redis Report
Open SNMP Report
Open SSDP Report
Open Ubiquiti Report
Open mDNS Report
Open/Accessible TFTP
Qakbot Historical Bot Infections Special Report
SSL FREAK Report
SSL POODLE Report
Sinkhole DNS Events Report
Sinkhole Events Report
Sinkhole HTTP Events Report
Sinkhole HTTP Referer Events Report
Spam URL Report
Synful Scan Report
Vulnerable DDoS Middlebox Report
Vulnerable Exchange Server Report
Vulnerable Exchange Servers Special Report #1
Vulnerable Exchange Servers Special Report #2
Vulnerable Exchange Servers Special Report #3
Vulnerable Exchange Servers Special Report #4
Vulnerable Exchange Servers Special Report #5
Vulnerable Fortinet Special Report
Vulnerable HTTP Report
Vulnerable ISAKMP Report
Vulnerable Log4j Servers Special Report
Vulnerable SMTP Report

« Back to Network Reporting