恶意软件分析 & URL链接扫描免费在线病毒分析平台

分析任务

分析类型	虚拟机标签	开始时间	结束时间	持续时间
URL	win7-sp1-x64-shaapp03-1	2020-10-21 00:41:19	2020-10-21 00:43:22	123 秒

魔盾分数

0.35

正常的

URL详细信息

URL
URL专业沙箱检测 -> http://www.kangpaisy.com

登录查看威胁特征

运行截图

访问主机纪录 (可点击查询WPING实时安全评级)

无主机纪录.

域名解析 (可点击查询WPING实时安全评级)

域名	安全评级	响应
www.kangpaisy.com	A 58.211.137.156
jspassport.ssl.qhimg.com	A 117.91.191.254 CNAME jspassport.ssl.qhimg.com.qh-cdn.com CNAME webcdn.360qhcdn.com A 58.222.38.25 A 58.222.38.24 A 61.147.108.254 A 58.218.206.213
zz.bdstatic.com	A 180.163.198.48 CNAME sslzz.jomodns.com
sp0.baidu.com	未知	CNAME www.a.shifen.com A 180.101.49.11 A 180.101.49.12
s.ssl.qhres.com	CNAME s.ssl.qhres.com.qh-cdn.com
hm.baidu.com	CNAME hm.e.shifen.com A 106.120.159.126
s.360.cn	A 171.8.167.89 A 171.8.167.90 A 171.13.14.66 A 180.163.251.230 A 180.163.251.231 A 180.97.63.237
img.kangpaisy.com	A 122.114.173.95
ada.baidu.com	CNAME ada.e.shifen.com A 180.101.49.110
goutong.baidu.com	CNAME goutong.e.shifen.com A 180.97.36.107
acroipm.adobe.com	A 23.215.100.64 CNAME acroipm.adobe.com.edgesuite.net A 23.215.100.98 CNAME a1983.dscd.akamai.net
sgoutong.baidu.com	A 106.120.159.192 CNAME sgoutong.e.shifen.com A 14.215.177.223

摘要

登录查看详细行为信息

URL分析
防病毒引擎

WHOIS 信息

Name: None
Country: CN
State: he bei
City: None
ZIP Code: None
Address: None

Orginization: None
Domain Name(s):
    KANGPAISY.COM
    kangpaisy.com
Creation Date:
    2020-06-23 01:51:24
Updated Date:
    2020-09-29 03:06:50
Expiration Date:
    2025-06-23 01:51:24
Email(s):
    DomainAbuse@service.aliyun.com

Registrar(s):
    Alibaba Cloud Computing (Beijing) Co., Ltd.
Name Server(s):
    N3618.NS.YUNJIASU.COM
    N678.NS.YUNJIASU.COM
Referral URL(s):
    None

没有防病毒引擎扫描信息!

iexplore.exe, PID: 2392, 上一级进程 PID: 2148

缺省注册表文件系统网络进程线程服务设备同步加密浏览器全部

下载PCAP包

访问主机纪录 (可点击查询WPING实时安全评级)

无主机纪录.

TCP

源地址	源端口	目标地址	目标端口
192.168.122.201	49171	106.120.159.126 hm.baidu.com	443
192.168.122.201	49211	106.120.159.126 hm.baidu.com	443
192.168.122.201	49214	106.120.159.126 hm.baidu.com	443
192.168.122.201	49215	106.120.159.126 hm.baidu.com	443
192.168.122.201	49169	117.91.191.254 jspassport.ssl.qhimg.com	443
192.168.122.201	49172	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49173	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49174	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49175	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49176	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49177	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49178	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49179	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49180	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49181	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49182	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49183	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49184	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49185	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49186	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49187	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49188	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49189	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49190	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49191	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49194	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49195	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49196	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49197	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49200	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49201	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49202	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49203	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49204	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49205	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49209	14.215.177.223 sgoutong.baidu.com	443
192.168.122.201	49212	14.215.177.223 sgoutong.baidu.com	443
192.168.122.201	49168	180.101.49.11 sp0.baidu.com	443
192.168.122.201	49198	180.101.49.110 ada.baidu.com	443
192.168.122.201	49206	180.101.49.110 ada.baidu.com	443
192.168.122.201	49166	180.163.198.48 zz.bdstatic.com	443
192.168.122.201	49199	180.97.36.107 goutong.baidu.com	443
192.168.122.201	49207	180.97.36.107 goutong.baidu.com	443
192.168.122.201	49170	180.97.63.237 s.360.cn	443
192.168.122.201	49208	23.215.100.98 acroipm.adobe.com	80
192.168.122.201	49159	58.211.137.156 www.kangpaisy.com	80
192.168.122.201	49160	58.211.137.156 www.kangpaisy.com	443
192.168.122.201	49161	58.211.137.156 www.kangpaisy.com	443
192.168.122.201	49162	58.211.137.156 www.kangpaisy.com	443
192.168.122.201	49163	58.211.137.156 www.kangpaisy.com	443
192.168.122.201	49164	58.211.137.156 www.kangpaisy.com	443
192.168.122.201	49165	58.211.137.156 www.kangpaisy.com	443
192.168.122.201	49219	58.211.137.156 www.kangpaisy.com	443
192.168.122.201	49221	58.211.137.156 www.kangpaisy.com	443
192.168.122.201	49222	58.211.137.156 www.kangpaisy.com	443
192.168.122.201	49223	58.211.137.156 www.kangpaisy.com	443
192.168.122.201	49224	58.211.137.156 www.kangpaisy.com	443
192.168.122.201	49167	58.222.38.24 jspassport.ssl.qhimg.com	443

UDP

源地址	源端口	目标地址	目标端口
192.168.122.201	49532	192.168.122.1	53
192.168.122.201	52179	192.168.122.1	53
192.168.122.201	52207	192.168.122.1	53
192.168.122.201	53125	192.168.122.1	53
192.168.122.201	56270	192.168.122.1	53
192.168.122.201	59401	192.168.122.1	53
192.168.122.201	59906	192.168.122.1	53
192.168.122.201	60465	192.168.122.1	53
192.168.122.201	61329	192.168.122.1	53
192.168.122.201	65178	192.168.122.1	53
192.168.122.201	65179	192.168.122.1	53
192.168.122.201	65259	192.168.122.1	53

域名解析 (可点击查询WPING实时安全评级)

域名	安全评级	响应
www.kangpaisy.com	A 58.211.137.156
jspassport.ssl.qhimg.com	A 117.91.191.254 CNAME jspassport.ssl.qhimg.com.qh-cdn.com CNAME webcdn.360qhcdn.com A 58.222.38.25 A 58.222.38.24 A 61.147.108.254 A 58.218.206.213
zz.bdstatic.com	A 180.163.198.48 CNAME sslzz.jomodns.com
sp0.baidu.com	未知	CNAME www.a.shifen.com A 180.101.49.11 A 180.101.49.12
s.ssl.qhres.com	CNAME s.ssl.qhres.com.qh-cdn.com
hm.baidu.com	CNAME hm.e.shifen.com A 106.120.159.126
s.360.cn	A 171.8.167.89 A 171.8.167.90 A 171.13.14.66 A 180.163.251.230 A 180.163.251.231 A 180.97.63.237
img.kangpaisy.com	A 122.114.173.95
ada.baidu.com	CNAME ada.e.shifen.com A 180.101.49.110
goutong.baidu.com	CNAME goutong.e.shifen.com A 180.97.36.107
acroipm.adobe.com	A 23.215.100.64 CNAME acroipm.adobe.com.edgesuite.net A 23.215.100.98 CNAME a1983.dscd.akamai.net
sgoutong.baidu.com	A 106.120.159.192 CNAME sgoutong.e.shifen.com A 14.215.177.223

TCP

源地址	源端口	目标地址	目标端口
192.168.122.201	49171	106.120.159.126 hm.baidu.com	443
192.168.122.201	49211	106.120.159.126 hm.baidu.com	443
192.168.122.201	49214	106.120.159.126 hm.baidu.com	443
192.168.122.201	49215	106.120.159.126 hm.baidu.com	443
192.168.122.201	49169	117.91.191.254 jspassport.ssl.qhimg.com	443
192.168.122.201	49172	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49173	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49174	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49175	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49176	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49177	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49178	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49179	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49180	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49181	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49182	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49183	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49184	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49185	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49186	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49187	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49188	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49189	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49190	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49191	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49194	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49195	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49196	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49197	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49200	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49201	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49202	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49203	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49204	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49205	122.114.173.95 img.kangpaisy.com	443
192.168.122.201	49209	14.215.177.223 sgoutong.baidu.com	443
192.168.122.201	49212	14.215.177.223 sgoutong.baidu.com	443
192.168.122.201	49168	180.101.49.11 sp0.baidu.com	443
192.168.122.201	49198	180.101.49.110 ada.baidu.com	443
192.168.122.201	49206	180.101.49.110 ada.baidu.com	443
192.168.122.201	49166	180.163.198.48 zz.bdstatic.com	443
192.168.122.201	49199	180.97.36.107 goutong.baidu.com	443
192.168.122.201	49207	180.97.36.107 goutong.baidu.com	443
192.168.122.201	49170	180.97.63.237 s.360.cn	443
192.168.122.201	49208	23.215.100.98 acroipm.adobe.com	80
192.168.122.201	49159	58.211.137.156 www.kangpaisy.com	80
192.168.122.201	49160	58.211.137.156 www.kangpaisy.com	443
192.168.122.201	49161	58.211.137.156 www.kangpaisy.com	443
192.168.122.201	49162	58.211.137.156 www.kangpaisy.com	443
192.168.122.201	49163	58.211.137.156 www.kangpaisy.com	443
192.168.122.201	49164	58.211.137.156 www.kangpaisy.com	443
192.168.122.201	49165	58.211.137.156 www.kangpaisy.com	443
192.168.122.201	49219	58.211.137.156 www.kangpaisy.com	443
192.168.122.201	49221	58.211.137.156 www.kangpaisy.com	443
192.168.122.201	49222	58.211.137.156 www.kangpaisy.com	443
192.168.122.201	49223	58.211.137.156 www.kangpaisy.com	443
192.168.122.201	49224	58.211.137.156 www.kangpaisy.com	443
192.168.122.201	49167	58.222.38.24 jspassport.ssl.qhimg.com	443

UDP

源地址	源端口	目标地址	目标端口
192.168.122.201	49532	192.168.122.1	53
192.168.122.201	52179	192.168.122.1	53
192.168.122.201	52207	192.168.122.1	53
192.168.122.201	53125	192.168.122.1	53
192.168.122.201	56270	192.168.122.1	53
192.168.122.201	59401	192.168.122.1	53
192.168.122.201	59906	192.168.122.1	53
192.168.122.201	60465	192.168.122.1	53
192.168.122.201	61329	192.168.122.1	53
192.168.122.201	65178	192.168.122.1	53
192.168.122.201	65179	192.168.122.1	53
192.168.122.201	65259	192.168.122.1	53

HTTP 请求

URI	HTTP数据
URL专业沙箱检测 -> http://www.kangpaisy.com/	GET / HTTP/1.1 Accept: / Accept-Language: zh-cn User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.kangpaisy.com Connection: Keep-Alive
URL专业沙箱检测 -> http://acroipm.adobe.com/11/rdr/CHS/win/nooem/none/message.zip	GET /11/rdr/CHS/win/nooem/none/message.zip HTTP/1.1 Accept: / If-Modified-Since: Mon, 08 Nov 2017 08:44:36 GMT User-Agent: IPM Host: acroipm.adobe.com Connection: Keep-Alive Cache-Control: no-cache

URI

HTTP数据

URL专业沙箱检测 -> http://www.kangpaisy.com/

GET / HTTP/1.1
Accept: */*
Accept-Language: zh-cn
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: www.kangpaisy.com
Connection: Keep-Alive

URL专业沙箱检测 -> http://acroipm.adobe.com/11/rdr/CHS/win/nooem/none/message.zip

GET /11/rdr/CHS/win/nooem/none/message.zip HTTP/1.1
Accept: */*
If-Modified-Since: Mon, 08 Nov 2017 08:44:36 GMT
User-Agent: IPM
Host: acroipm.adobe.com
Connection: Keep-Alive
Cache-Control: no-cache

SMTP 流量

无SMTP流量.

IRC 流量

无IRC请求.

ICMP 流量

无ICMP流量.

CIF 报告

无 CIF 结果

网络警报

无警报

TLS

Timestamp	Source IP	Source Port	Destination IP	Destination Port	Version	Issuer	Subject	Fingerprint
2020-10-21 00:41:37.079615+0800	192.168.122.201	49160	58.211.137.156	443	TLS 1.2	C=CN, O=TrustAsia Technologies, Inc., OU=Domain Validated SSL, CN=TrustAsia TLS RSA CA	CN=www.kangpaisy.com	71:b0:45:cb:89:ba:4e:70:51:cb:b2:76:57:66:44:7b:4c:41:e1:86
2020-10-21 00:41:38.223940+0800	192.168.122.201	49169	117.91.191.254	443	TLS 1.2	C=CN, O=WoTrus CA Limited, CN=WoTrus OV SSL CA	C=CN, ST=北京市, L=北京市, O=北京奇虎科技有限公司, CN=*.ssl.qhres.com	46:5c:4d:33:69:4a:e7:58:80:5c:98:a1:f5:96:52:da:cf:c9:d6:f5
2020-10-21 00:41:37.976853+0800	192.168.122.201	49167	58.222.38.24	443	TLS 1.2	C=CN, O=WoTrus CA Limited, CN=WoTrus OV SSL CA	C=CN, ST=北京市, L=北京市, O=北京奇虎科技有限公司, CN=*.ssl.qhimg.com	fe:27:d9:ac:b0:11:18:04:78:cc:93:c7:05:0f:b2:6a:20:8b:eb:27
2020-10-21 00:41:37.972284+0800	192.168.122.201	49166	180.163.198.48	443	TLS 1.2	C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2	C=CN, ST=beijing, L=beijing, OU=service operation department, O=Beijing Baidu Netcom Science Technology Co., Ltd, CN=baidu.com	fc:b4:0a:45:f2:7e:b3:91:ad:b1:3f:34:a6:25:96:87:35:ce:dd:cb
2020-10-21 00:41:38.167492+0800	192.168.122.201	49168	180.101.49.11	443	TLS 1.2	C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2	C=CN, ST=beijing, L=beijing, OU=service operation department, O=Beijing Baidu Netcom Science Technology Co., Ltd, CN=baidu.com	fc:b4:0a:45:f2:7e:b3:91:ad:b1:3f:34:a6:25:96:87:35:ce:dd:cb
2020-10-21 00:41:38.421474+0800	192.168.122.201	49170	180.97.63.237	443	TLS 1.2	C=CN, O=WoSign CA Limited, CN=WoSign OV SSL CA	C=CN, ST=Beijing, L=Beijing, O=Beijing Qihoo Technology Company Limited, CN=*.s.360.cn	a9:71:52:9b:47:31:b6:ab:57:af:da:48:3d:67:4a:52:e9:05:af:aa
2020-10-21 00:41:38.443950+0800	192.168.122.201	49171	106.120.159.126	443	TLS 1.2	C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2	C=CN, ST=beijing, L=beijing, OU=service operation department, O=Beijing Baidu Netcom Science Technology Co., Ltd, CN=baidu.com	1a:fd:44:9a:f4:5b:3e:9d:58:95:e7:5d:0b:e4:ea:a3:54:5d:85:b7
2020-10-21 00:41:38.480016+0800	192.168.122.201	49172	122.114.173.95	443	TLS 1.2	C=CN, O=TrustAsia Technologies, Inc., OU=Domain Validated SSL, CN=TrustAsia TLS RSA CA	CN=img.kangpaisy.com	fe:59:87:83:d3:ee:ca:29:77:2e:b6:e7:36:f4:3d:47:e8:8a:dc:9b
2020-10-21 00:41:38.572784+0800	192.168.122.201	49173	122.114.173.95	443	TLS 1.2	C=CN, O=TrustAsia Technologies, Inc., OU=Domain Validated SSL, CN=TrustAsia TLS RSA CA	CN=img.kangpaisy.com	fe:59:87:83:d3:ee:ca:29:77:2e:b6:e7:36:f4:3d:47:e8:8a:dc:9b
2020-10-21 00:41:38.604603+0800	192.168.122.201	49176	122.114.173.95	443	TLS 1.2	C=CN, O=TrustAsia Technologies, Inc., OU=Domain Validated SSL, CN=TrustAsia TLS RSA CA	CN=img.kangpaisy.com	fe:59:87:83:d3:ee:ca:29:77:2e:b6:e7:36:f4:3d:47:e8:8a:dc:9b
2020-10-21 00:41:38.601939+0800	192.168.122.201	49175	122.114.173.95	443	TLS 1.2	C=CN, O=TrustAsia Technologies, Inc., OU=Domain Validated SSL, CN=TrustAsia TLS RSA CA	CN=img.kangpaisy.com	fe:59:87:83:d3:ee:ca:29:77:2e:b6:e7:36:f4:3d:47:e8:8a:dc:9b
2020-10-21 00:41:38.606873+0800	192.168.122.201	49174	122.114.173.95	443	TLS 1.2	C=CN, O=TrustAsia Technologies, Inc., OU=Domain Validated SSL, CN=TrustAsia TLS RSA CA	CN=img.kangpaisy.com	fe:59:87:83:d3:ee:ca:29:77:2e:b6:e7:36:f4:3d:47:e8:8a:dc:9b
2020-10-21 00:41:38.607897+0800	192.168.122.201	49177	122.114.173.95	443	TLS 1.2	C=CN, O=TrustAsia Technologies, Inc., OU=Domain Validated SSL, CN=TrustAsia TLS RSA CA	CN=img.kangpaisy.com	fe:59:87:83:d3:ee:ca:29:77:2e:b6:e7:36:f4:3d:47:e8:8a:dc:9b
2020-10-21 00:41:41.401137+0800	192.168.122.201	49198	180.101.49.110	443	TLS 1.2	C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2	C=CN, ST=beijing, L=beijing, OU=service operation department, O=Beijing Baidu Netcom Science Technology Co., Ltd, CN=baidu.com	1a:fd:44:9a:f4:5b:3e:9d:58:95:e7:5d:0b:e4:ea:a3:54:5d:85:b7
2020-10-21 00:41:41.399504+0800	192.168.122.201	49199	180.97.36.107	443	TLS 1.2	C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2	C=CN, ST=beijing, L=beijing, OU=service operation department, O=Beijing Baidu Netcom Science Technology Co., Ltd, CN=baidu.com	1a:fd:44:9a:f4:5b:3e:9d:58:95:e7:5d:0b:e4:ea:a3:54:5d:85:b7
2020-10-21 00:41:41.811344+0800	192.168.122.201	49206	180.101.49.110	443	TLS 1.2	C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2	C=CN, ST=beijing, L=beijing, OU=service operation department, O=Beijing Baidu Netcom Science Technology Co., Ltd, CN=baidu.com	1a:fd:44:9a:f4:5b:3e:9d:58:95:e7:5d:0b:e4:ea:a3:54:5d:85:b7
2020-10-21 00:41:50.893571+0800	192.168.122.201	49209	14.215.177.223	443	TLS 1.2	C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2	C=CN, ST=beijing, L=beijing, OU=service operation department, O=Beijing Baidu Netcom Science Technology Co., Ltd, CN=baidu.com	1a:fd:44:9a:f4:5b:3e:9d:58:95:e7:5d:0b:e4:ea:a3:54:5d:85:b7
2020-10-21 00:41:51.656319+0800	192.168.122.201	49212	14.215.177.223	443	TLS 1.2	C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2	C=CN, ST=beijing, L=beijing, OU=service operation department, O=Beijing Baidu Netcom Science Technology Co., Ltd, CN=baidu.com	1a:fd:44:9a:f4:5b:3e:9d:58:95:e7:5d:0b:e4:ea:a3:54:5d:85:b7

Suricata HTTP

No Suricata HTTP

未发现网络提取文件

抱歉! 没有任何文件投放。

HTML 总结报告 (需15-60分钟同步)	下载

Processing ( 25.694 seconds )

12.825 NetworkAnalysis
10.667 Suricata
1.472 VirusTotal
0.713 Static
0.012 AnalysisInfo
0.003 BehaviorAnalysis
0.002 Memory

Signatures ( 1.448 seconds )

1.354 md_url_bl
0.029 md_domain_bl
0.011 antiav_detectreg
0.005 anomaly_persistence_autorun
0.005 antiav_detectfile
0.005 infostealer_ftp
0.004 geodo_banking_trojan
0.004 ransomware_files
0.003 infostealer_bitcoin
0.003 infostealer_im
0.003 network_torgateway
0.003 ransomware_extensions
0.002 tinba_behavior
0.002 antianalysis_detectreg
0.002 antivm_vbox_files
0.002 disables_browser_warn
0.002 infostealer_mail
0.001 rat_nanocore
0.001 betabot_behavior
0.001 cerber_behavior
0.001 bot_drive
0.001 bot_drive2
0.001 browser_security
0.001 maldun_malicious_drop_executable_file_to_temp_folder
0.001 ie_martian_children
0.001 md_bad_drop

Reporting ( 0.52 seconds )

0.52 ReportHTMLSummary


Task ID	582685
Mongo ID	5f8f13ce7e769a49afeeb231
Cuckoo release	1.4-Maldun