Network Activity

The Network activity section contains information about connections established while running a sample. This information is represented as a map and a table. The map shows the number of connections and their destinations. Below the map, the table provides the following details for each connection:

Time: seconds from the first captured packet.

Protocol: a protocol that is used for the connection.

Source: an IP address of the packet source.

Destination: an IP address of the packet destination.

Information: details about the transferred packet.

You can sort data by any column (except for Information) in ascending or descending order. To do this, click the header of the column you want to sort by. At the left of the header arr_sort_up or arr_sort_down will appear. To change the sorting direction, click the header again.

warning_green

By default, the Network activity section only shows connections that are initiated by the sample. To include connections you initiated using the VNC client, select Monitor all processes if VNC is used in Additional settings before analysis.