分析类型 | 虚拟机标签 | 开始时间 | 结束时间 | 持续时间 |
---|---|---|---|---|
URL | win7-sp1-x64-hpdapp01-1 | 2020-07-02 20:04:15 | 2020-07-02 20:06:28 | 133 秒 |
URL |
---|
URL专业沙箱检测 -> https://weixin110.qq.com/ |
无主机纪录.
Name: None Country: CN State: Guang Dong City: None ZIP Code: None Address: None Orginization: Shenzhen Tencent Computer Systems CO.,Ltd Domain Name(s): QQ.COM qq.com Creation Date: 1995-05-04 04:00:00 1995-05-03 21:00:00-0700 Updated Date: 2020-03-04 03:29:29 2020-03-03 19:13:59-0800 Expiration Date: 2027-07-27 02:09:19 2027-07-26 19:09:19-0700 Email(s): abusecomplaints@markmonitor.com whoisrequest@markmonitor.com Registrar(s): MarkMonitor, Inc. Name Server(s): NS1.QQ.COM NS2.QQ.COM NS3.QQ.COM NS4.QQ.COM ns3.qq.com ns4.qq.com ns1.qq.com ns2.qq.com Referral URL(s): None
无主机纪录.
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 49160 | 101.226.49.154 weixin110.qq.com | 443 |
192.168.122.201 | 49451 | 101.89.38.155 weixin110.qq.com | 443 |
192.168.122.201 | 49443 | 114.106.160.70 res.wx.qq.com | 443 |
192.168.122.201 | 49444 | 114.106.160.70 res.wx.qq.com | 443 |
192.168.122.201 | 49445 | 114.106.160.70 res.wx.qq.com | 443 |
192.168.122.201 | 49446 | 114.106.160.70 res.wx.qq.com | 443 |
192.168.122.201 | 49447 | 114.106.160.70 res.wx.qq.com | 443 |
192.168.122.201 | 49448 | 114.106.160.70 res.wx.qq.com | 443 |
192.168.122.201 | 49450 | 14.17.43.114 tudg.qq.com | 443 |
192.168.122.201 | 49441 | 14.215.138.25 tajs.qq.com | 443 |
192.168.122.201 | 49442 | 14.215.138.25 tajs.qq.com | 443 |
192.168.122.201 | 49449 | 183.3.226.92 pingtas.qq.com | 443 |
192.168.122.201 | 49440 | 192.168.122.1 | 53 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 49310 | 192.168.122.1 | 53 |
192.168.122.201 | 49608 | 192.168.122.1 | 53 |
192.168.122.201 | 51856 | 192.168.122.1 | 53 |
192.168.122.201 | 58897 | 192.168.122.1 | 53 |
192.168.122.201 | 64155 | 192.168.122.1 | 53 |
192.168.122.201 | 64912 | 192.168.122.1 | 53 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 49160 | 101.226.49.154 weixin110.qq.com | 443 |
192.168.122.201 | 49451 | 101.89.38.155 weixin110.qq.com | 443 |
192.168.122.201 | 49443 | 114.106.160.70 res.wx.qq.com | 443 |
192.168.122.201 | 49444 | 114.106.160.70 res.wx.qq.com | 443 |
192.168.122.201 | 49445 | 114.106.160.70 res.wx.qq.com | 443 |
192.168.122.201 | 49446 | 114.106.160.70 res.wx.qq.com | 443 |
192.168.122.201 | 49447 | 114.106.160.70 res.wx.qq.com | 443 |
192.168.122.201 | 49448 | 114.106.160.70 res.wx.qq.com | 443 |
192.168.122.201 | 49450 | 14.17.43.114 tudg.qq.com | 443 |
192.168.122.201 | 49441 | 14.215.138.25 tajs.qq.com | 443 |
192.168.122.201 | 49442 | 14.215.138.25 tajs.qq.com | 443 |
192.168.122.201 | 49449 | 183.3.226.92 pingtas.qq.com | 443 |
192.168.122.201 | 49440 | 192.168.122.1 | 53 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 49310 | 192.168.122.1 | 53 |
192.168.122.201 | 49608 | 192.168.122.1 | 53 |
192.168.122.201 | 51856 | 192.168.122.1 | 53 |
192.168.122.201 | 58897 | 192.168.122.1 | 53 |
192.168.122.201 | 64155 | 192.168.122.1 | 53 |
192.168.122.201 | 64912 | 192.168.122.1 | 53 |
未发现HTTP请求.
无SMTP流量.
无IRC请求.
无ICMP流量.
无 CIF 结果
无警报
Timestamp | Source IP | Source Port | Destination IP | Destination Port | Version | Issuer | Subject | Fingerprint |
---|---|---|---|---|---|---|---|---|
2020-07-02 20:04:44.886222+0800 | 192.168.122.201 | 49442 | 14.215.138.25 | 443 | TLS 1.2 | C=US, O=DigiCert Inc, OU=www.digicert.com, CN=Secure Site CA G2 | C=CN, ST=Guangdong Province, L=Shenzhen, O=Shenzhen Tencent Computer Systems Company Limited, OU=R&D, CN=pingfore.qq.com | bb:5d:15:8d:96:fc:77:01:90:f0:de:f8:7d:9d:fb:60:82:56:85:11 |
2020-07-02 20:04:44.874748+0800 | 192.168.122.201 | 49441 | 14.215.138.25 | 443 | TLS 1.2 | C=US, O=DigiCert Inc, OU=www.digicert.com, CN=Secure Site CA G2 | C=CN, ST=Guangdong Province, L=Shenzhen, O=Shenzhen Tencent Computer Systems Company Limited, OU=R&D, CN=pingfore.qq.com | bb:5d:15:8d:96:fc:77:01:90:f0:de:f8:7d:9d:fb:60:82:56:85:11 |
2020-07-02 20:04:44.913301+0800 | 192.168.122.201 | 49447 | 114.106.160.70 | 443 | TLS 1.2 | C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 | C=CN, ST=guangdong, L=shenzhen, O=Shenzhen Tencent Computer Systems Company Limited, CN=res.wx.qq.com | c5:df:60:d7:0b:e9:94:06:22:9e:88:ec:70:b8:d3:65:ad:9f:64:54 |
2020-07-02 20:04:44.908728+0800 | 192.168.122.201 | 49446 | 114.106.160.70 | 443 | TLS 1.2 | C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 | C=CN, ST=guangdong, L=shenzhen, O=Shenzhen Tencent Computer Systems Company Limited, CN=res.wx.qq.com | c5:df:60:d7:0b:e9:94:06:22:9e:88:ec:70:b8:d3:65:ad:9f:64:54 |
2020-07-02 20:04:43.692069+0800 | 192.168.122.201 | 49160 | 101.226.49.154 | 443 | TLS 1.2 | C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 | C=CN, ST=guangdong, L=shenzhen, O=Shenzhen Tencent Computer Systems Company Limited, CN=comm.weixin.qq.com | 48:dc:5d:b2:6b:bc:ec:da:f4:b5:88:7a:a9:9e:d0:1a:28:f9:95:33 |
2020-07-02 20:04:44.899505+0800 | 192.168.122.201 | 49445 | 114.106.160.70 | 443 | TLS 1.2 | C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 | C=CN, ST=guangdong, L=shenzhen, O=Shenzhen Tencent Computer Systems Company Limited, CN=res.wx.qq.com | c5:df:60:d7:0b:e9:94:06:22:9e:88:ec:70:b8:d3:65:ad:9f:64:54 |
2020-07-02 20:04:44.952337+0800 | 192.168.122.201 | 49444 | 114.106.160.70 | 443 | TLS 1.2 | C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 | C=CN, ST=guangdong, L=shenzhen, O=Shenzhen Tencent Computer Systems Company Limited, CN=res.wx.qq.com | c5:df:60:d7:0b:e9:94:06:22:9e:88:ec:70:b8:d3:65:ad:9f:64:54 |
2020-07-02 20:04:44.942804+0800 | 192.168.122.201 | 49443 | 114.106.160.70 | 443 | TLS 1.2 | C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 | C=CN, ST=guangdong, L=shenzhen, O=Shenzhen Tencent Computer Systems Company Limited, CN=res.wx.qq.com | c5:df:60:d7:0b:e9:94:06:22:9e:88:ec:70:b8:d3:65:ad:9f:64:54 |
2020-07-02 20:04:45.154951+0800 | 192.168.122.201 | 49448 | 114.106.160.70 | 443 | TLS 1.2 | C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 | C=CN, ST=guangdong, L=shenzhen, O=Shenzhen Tencent Computer Systems Company Limited, CN=res.wx.qq.com | c5:df:60:d7:0b:e9:94:06:22:9e:88:ec:70:b8:d3:65:ad:9f:64:54 |
2020-07-02 20:04:50.359483+0800 | 192.168.122.201 | 49449 | 183.3.226.92 | 443 | TLS 1.2 | C=US, O=DigiCert Inc, OU=www.digicert.com, CN=Secure Site CA G2 | C=CN, ST=Guangdong Province, L=Shenzhen, O=Shenzhen Tencent Computer Systems Company Limited, OU=R&D, CN=pingfore.qq.com | bb:5d:15:8d:96:fc:77:01:90:f0:de:f8:7d:9d:fb:60:82:56:85:11 |
2020-07-02 20:04:51.468531+0800 | 192.168.122.201 | 49451 | 101.89.38.155 | 443 | TLS 1.2 | C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 | C=CN, ST=guangdong, L=shenzhen, O=Shenzhen Tencent Computer Systems Company Limited, CN=comm.weixin.qq.com | 48:dc:5d:b2:6b:bc:ec:da:f4:b5:88:7a:a9:9e:d0:1a:28:f9:95:33 |
2020-07-02 20:04:50.641794+0800 | 192.168.122.201 | 49450 | 14.17.43.114 | 443 | TLS 1.2 | C=US, O=DigiCert Inc, OU=www.digicert.com, CN=Secure Site CA G2 | C=CN, ST=Guangdong, L=Shenzhen, O=Tencent Technology (Shenzhen) Company Limited, OU=R&D, CN=tudg.qq.com | fb:6a:00:d6:45:ff:39:44:cf:00:20:f8:64:21:87:28:aa:82:07:62 |
No Suricata HTTP
HTML 总结报告 (需15-60分钟同步) |
下载 |
---|
Task ID | 557108 |
---|---|
Mongo ID | 5efdcde82f8f2e0b56a3e9d6 |
Cuckoo release | 1.4-Maldun |