We received PacketTracer70_64bit_setup.exe from our teacher who says he got it from Cisco Netacad academy.
My colleague installed it and when he opened it our network went down.
When checking the firewall, I found that his PC was opening 30000 + sessions which made the firewall choke.
Another tracing software shows the same, as you can see in below screenshot.
It opens connections to:
163.172.140.38 > Telize.com > This service offers a REST API allowing to get a visitor IP address and to query location information from any IP address.
54.245.255.16 > Apache Tomcat server
Is this a bug or is it infected?
![](/legacyfs/online/media/pt7_trace.jpg)