分析类型 | 虚拟机标签 | 开始时间 | 结束时间 | 持续时间 |
---|---|---|---|---|
URL | win7-sp1-x64-hpdapp01-1 | 2020-01-18 22:39:27 | 2020-01-18 22:41:37 | 130 秒 |
无主机纪录.
域名 | 安全评级 | 响应 |
---|---|---|
mackeeper.com |
A 52.72.253.159 A 34.233.185.82 |
|
x.ss2.us |
A 13.249.166.206 A 13.249.166.214 A 13.249.166.190 A 13.249.166.127 |
Name: WhoisGuard Protected Country: PA State: Panama City: Panama ZIP Code: None Address: P.O. Box 0823-03411 Orginization: WhoisGuard, Inc. Domain Name(s): MACKEEPER.COM mackeeper.com Creation Date: 2009-12-09 14:27:14 2009-12-09 14:27:14 Updated Date: 2019-12-02 07:29:42 2019-12-02 07:29:42 Expiration Date: 2020-12-09 14:27:14 2020-12-09 14:27:14 Email(s): abuse@namecheap.com 5175e6f3d3f84db693ba1751af855614.protect@whoisguard.com Registrar(s): NAMECHEAP INC Name Server(s): NS-1326.AWSDNS-37.ORG NS-1671.AWSDNS-16.CO.UK NS-448.AWSDNS-56.COM NS-569.AWSDNS-07.NET ns-569.awsdns-07.net ns-448.awsdns-56.com ns-1671.awsdns-16.co.uk ns-1326.awsdns-37.org Referral URL(s): None
无主机纪录.
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 49161 | 13.249.166.127 x.ss2.us | 80 |
192.168.122.201 | 49160 | 52.72.253.159 mackeeper.com | 443 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 49608 | 192.168.122.1 | 53 |
192.168.122.201 | 64912 | 192.168.122.1 | 53 |
域名 | 安全评级 | 响应 |
---|---|---|
mackeeper.com |
A 52.72.253.159 A 34.233.185.82 |
|
x.ss2.us |
A 13.249.166.206 A 13.249.166.214 A 13.249.166.190 A 13.249.166.127 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 49161 | 13.249.166.127 x.ss2.us | 80 |
192.168.122.201 | 49160 | 52.72.253.159 mackeeper.com | 443 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 49608 | 192.168.122.1 | 53 |
192.168.122.201 | 64912 | 192.168.122.1 | 53 |
URI | HTTP数据 |
---|---|
URL专业沙箱检测 -> http://x.ss2.us/x.cer | GET /x.cer HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: x.ss2.us |
无SMTP流量.
无IRC请求.
无ICMP流量.
无 CIF 结果
无警报
Timestamp | Source IP | Source Port | Destination IP | Destination Port | Version | Issuer | Subject | Fingerprint |
---|---|---|---|---|---|---|---|---|
2020-01-18 22:39:54.707214+0800 | 192.168.122.201 | 49160 | 52.72.253.159 | 443 | TLS 1.2 | C=US, O=Amazon, OU=Server CA 1B, CN=Amazon | CN=kromtech.com | ca:4b:cd:ef:0d:d6:32:46:33:d0:42:7a:3f:60:87:51:bb:90:3b:98 |
No Suricata HTTP
HTML 总结报告 (需15-60分钟同步) |
下载 |
---|
Task ID | 488351 |
---|---|
Mongo ID | 5e2319442f8f2e4bf1636a8c |
Cuckoo release | 1.4-Maldun |