分析类型 | 虚拟机标签 | 开始时间 | 结束时间 | 持续时间 |
---|---|---|---|---|
URL | win7-sp1-x64-shaapp02-1 | 2022-07-01 09:39:11 | 2022-07-01 09:41:20 | 129 秒 |
直接 | IP | 安全评级 | 地理位置 |
---|---|---|---|
否 | 122.246.6.206 | 中国 | |
否 | 157.122.153.106 | 中国 |
域名 | 安全评级 | 响应 |
---|---|---|
icar.epicc.com.cn | 未知 |
A 157.122.153.106 A 183.63.41.106 |
res.wx.qq.com | 未知 |
A 122.224.48.199 A 116.211.184.197 CNAME reswx.mid.tdnsv6.com A 117.21.231.214 A 117.41.226.223 A 180.153.93.98 A 122.228.255.210 A 117.21.231.220 A 61.164.140.232 CNAME res.wx.qq.com.sched.legopic1.tdnsv6.com A 180.153.93.72 A 122.246.6.206 A 122.228.255.248 A 122.246.6.20 A 180.97.245.123 A 116.211.185.111 CNAME reswx.tc.qq.com A 122.228.66.193 |
Name: None Country: None State: None City: None ZIP Code: None Address: None Orginization: None Domain Name(s): epicc.com.cn Creation Date: None Updated Date: None Expiration Date: None Email(s): tonglei01@picc.com.cn Registrar(s): 北京国旭网络科技有限公司 Name Server(s): cns1.zdnscloud.net dns1.zdnscloud.info ins1.zdnscloud.com vns1.zdnscloud.biz Referral URL(s): None
直接 | IP | 安全评级 | 地理位置 |
---|---|---|---|
否 | 122.246.6.206 | 中国 | |
否 | 157.122.153.106 | 中国 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 56512 | 122.246.6.206 res.wx.qq.com | 443 |
192.168.122.201 | 49159 | 157.122.153.106 icar.epicc.com.cn | 8445 |
192.168.122.201 | 49160 | 157.122.153.106 icar.epicc.com.cn | 8445 |
192.168.122.201 | 49161 | 157.122.153.106 icar.epicc.com.cn | 8445 |
192.168.122.201 | 49162 | 157.122.153.106 icar.epicc.com.cn | 8445 |
192.168.122.201 | 56513 | 157.122.153.106 icar.epicc.com.cn | 8445 |
192.168.122.201 | 56514 | 157.122.153.106 icar.epicc.com.cn | 8445 |
192.168.122.201 | 56511 | 192.168.122.1 | 53 |
192.168.122.201 | 49163 | 23.78.141.136 | 80 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 53118 | 192.168.122.1 | 53 |
192.168.122.201 | 57526 | 192.168.122.1 | 53 |
192.168.122.201 | 63246 | 192.168.122.1 | 53 |
域名 | 安全评级 | 响应 |
---|---|---|
icar.epicc.com.cn | 未知 |
A 157.122.153.106 A 183.63.41.106 |
res.wx.qq.com | 未知 |
A 122.224.48.199 A 116.211.184.197 CNAME reswx.mid.tdnsv6.com A 117.21.231.214 A 117.41.226.223 A 180.153.93.98 A 122.228.255.210 A 117.21.231.220 A 61.164.140.232 CNAME res.wx.qq.com.sched.legopic1.tdnsv6.com A 180.153.93.72 A 122.246.6.206 A 122.228.255.248 A 122.246.6.20 A 180.97.245.123 A 116.211.185.111 CNAME reswx.tc.qq.com A 122.228.66.193 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 56512 | 122.246.6.206 res.wx.qq.com | 443 |
192.168.122.201 | 49159 | 157.122.153.106 icar.epicc.com.cn | 8445 |
192.168.122.201 | 49160 | 157.122.153.106 icar.epicc.com.cn | 8445 |
192.168.122.201 | 49161 | 157.122.153.106 icar.epicc.com.cn | 8445 |
192.168.122.201 | 49162 | 157.122.153.106 icar.epicc.com.cn | 8445 |
192.168.122.201 | 56513 | 157.122.153.106 icar.epicc.com.cn | 8445 |
192.168.122.201 | 56514 | 157.122.153.106 icar.epicc.com.cn | 8445 |
192.168.122.201 | 56511 | 192.168.122.1 | 53 |
192.168.122.201 | 49163 | 23.78.141.136 | 80 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 53118 | 192.168.122.1 | 53 |
192.168.122.201 | 57526 | 192.168.122.1 | 53 |
192.168.122.201 | 63246 | 192.168.122.1 | 53 |
URI | HTTP数据 |
---|---|
URL专业沙箱检测 -> http://acroipm.adobe.com/11/rdr/CHS/win/nooem/none/message.zip | GET /11/rdr/CHS/win/nooem/none/message.zip HTTP/1.1 Accept: */* If-Modified-Since: Mon, 08 Nov 2017 08:44:36 GMT User-Agent: IPM Host: acroipm.adobe.com Connection: Keep-Alive Cache-Control: no-cache |
无SMTP流量.
无IRC请求.
无ICMP流量.
无 CIF 结果
无警报
Timestamp | Source IP | Source Port | Destination IP | Destination Port | Version | Issuer | Subject | Fingerprint |
---|---|---|---|---|---|---|---|---|
2022-07-01 09:39:31.599965+0800 | 192.168.122.201 | 49159 | 157.122.153.106 | 8445 | TLS 1.2 | C=BE, O=GlobalSign nv-sa, CN=GlobalSign RSA OV SSL CA 2018 | C=CN, ST=Beijing, L=Beijing, OU=IT, O=PICC Property and Casualty Company Limited, CN=*.epicc.com.cn | 65:20:7d:31:e3:62:72:3d:52:c6:99:c7:b5:df:ae:fa:d5:f4:9d:ab |
2022-07-01 09:39:32.019434+0800 | 192.168.122.201 | 56512 | 122.246.6.206 | 443 | TLS 1.2 | C=US, O=DigiCert Inc, CN=DigiCert Secure Site CN CA G3 | C=CN, ST=Guangdong Province, L=Shenzhen, O=Shenzhen Tencent Computer Systems Company Limited, CN=weixin.qq.com | 38:f9:64:1e:b2:cc:a8:5b:3e:50:a6:f1:e4:45:55:c0:bc:a3:c2:d1 |
No Suricata HTTP
HTML 总结报告 (需15-60分钟同步) |
下载 |
---|
Task ID | 697546 |
---|---|
Mongo ID | 62be50e4dc327b609d27fd2e |
Cuckoo release | 1.4-Maldun |