分析任务
| 分析类型 | 虚拟机标签 | 开始时间 | 结束时间 | 持续时间 |
|---|---|---|---|---|
| URL | win7-sp1-x64-shaapp02-1 | 2022-07-01 09:39:11 | 2022-07-01 09:41:20 | 129 秒 |
魔盾分数
正常的
URL详细信息
登录查看威胁特征
运行截图
访问主机纪录 (可点击查询WPING实时安全评级)
| 直接 | IP | 安全评级 | 地理位置 |
|---|---|---|---|
| 否 | 122.246.6.206 | 中国 | |
| 否 | 157.122.153.106 | 中国 |
域名解析 (可点击查询WPING实时安全评级)
| 域名 | 安全评级 | 响应 |
|---|---|---|
| icar.epicc.com.cn | 未知 |
A 157.122.153.106 A 183.63.41.106 |
| res.wx.qq.com | 未知 |
A 122.224.48.199 A 116.211.184.197 CNAME reswx.mid.tdnsv6.com A 117.21.231.214 A 117.41.226.223 A 180.153.93.98 A 122.228.255.210 A 117.21.231.220 A 61.164.140.232 CNAME res.wx.qq.com.sched.legopic1.tdnsv6.com A 180.153.93.72 A 122.246.6.206 A 122.228.255.248 A 122.246.6.20 A 180.97.245.123 A 116.211.185.111 CNAME reswx.tc.qq.com A 122.228.66.193 |
摘要
登录查看详细行为信息WHOIS 信息
Name: None
Country: None
State: None
City: None
ZIP Code: None
Address: None
Orginization: None
Domain Name(s):
epicc.com.cn
Creation Date:
None
Updated Date:
None
Expiration Date:
None
Email(s):
tonglei01@picc.com.cn
Registrar(s):
北京国旭网络科技有限公司
Name Server(s):
cns1.zdnscloud.net
dns1.zdnscloud.info
ins1.zdnscloud.com
vns1.zdnscloud.biz
Referral URL(s):
None
访问主机纪录 (可点击查询WPING实时安全评级)
| 直接 | IP | 安全评级 | 地理位置 |
|---|---|---|---|
| 否 | 122.246.6.206 | 中国 | |
| 否 | 157.122.153.106 | 中国 |
TCP
| 源地址 | 源端口 | 目标地址 | 目标端口 |
|---|---|---|---|
| 192.168.122.201 | 56512 | 122.246.6.206 res.wx.qq.com | 443 |
| 192.168.122.201 | 49159 | 157.122.153.106 icar.epicc.com.cn | 8445 |
| 192.168.122.201 | 49160 | 157.122.153.106 icar.epicc.com.cn | 8445 |
| 192.168.122.201 | 49161 | 157.122.153.106 icar.epicc.com.cn | 8445 |
| 192.168.122.201 | 49162 | 157.122.153.106 icar.epicc.com.cn | 8445 |
| 192.168.122.201 | 56513 | 157.122.153.106 icar.epicc.com.cn | 8445 |
| 192.168.122.201 | 56514 | 157.122.153.106 icar.epicc.com.cn | 8445 |
| 192.168.122.201 | 56511 | 192.168.122.1 | 53 |
| 192.168.122.201 | 49163 | 23.78.141.136 | 80 |
UDP
| 源地址 | 源端口 | 目标地址 | 目标端口 |
|---|---|---|---|
| 192.168.122.201 | 53118 | 192.168.122.1 | 53 |
| 192.168.122.201 | 57526 | 192.168.122.1 | 53 |
| 192.168.122.201 | 63246 | 192.168.122.1 | 53 |
域名解析 (可点击查询WPING实时安全评级)
| 域名 | 安全评级 | 响应 |
|---|---|---|
| icar.epicc.com.cn | 未知 |
A 157.122.153.106 A 183.63.41.106 |
| res.wx.qq.com | 未知 |
A 122.224.48.199 A 116.211.184.197 CNAME reswx.mid.tdnsv6.com A 117.21.231.214 A 117.41.226.223 A 180.153.93.98 A 122.228.255.210 A 117.21.231.220 A 61.164.140.232 CNAME res.wx.qq.com.sched.legopic1.tdnsv6.com A 180.153.93.72 A 122.246.6.206 A 122.228.255.248 A 122.246.6.20 A 180.97.245.123 A 116.211.185.111 CNAME reswx.tc.qq.com A 122.228.66.193 |
TCP
| 源地址 | 源端口 | 目标地址 | 目标端口 |
|---|---|---|---|
| 192.168.122.201 | 56512 | 122.246.6.206 res.wx.qq.com | 443 |
| 192.168.122.201 | 49159 | 157.122.153.106 icar.epicc.com.cn | 8445 |
| 192.168.122.201 | 49160 | 157.122.153.106 icar.epicc.com.cn | 8445 |
| 192.168.122.201 | 49161 | 157.122.153.106 icar.epicc.com.cn | 8445 |
| 192.168.122.201 | 49162 | 157.122.153.106 icar.epicc.com.cn | 8445 |
| 192.168.122.201 | 56513 | 157.122.153.106 icar.epicc.com.cn | 8445 |
| 192.168.122.201 | 56514 | 157.122.153.106 icar.epicc.com.cn | 8445 |
| 192.168.122.201 | 56511 | 192.168.122.1 | 53 |
| 192.168.122.201 | 49163 | 23.78.141.136 | 80 |
UDP
| 源地址 | 源端口 | 目标地址 | 目标端口 |
|---|---|---|---|
| 192.168.122.201 | 53118 | 192.168.122.1 | 53 |
| 192.168.122.201 | 57526 | 192.168.122.1 | 53 |
| 192.168.122.201 | 63246 | 192.168.122.1 | 53 |
HTTP 请求
| URI | HTTP数据 |
|---|---|
| URL专业沙箱检测 -> http://acroipm.adobe.com/11/rdr/CHS/win/nooem/none/message.zip | GET /11/rdr/CHS/win/nooem/none/message.zip HTTP/1.1 Accept: */* If-Modified-Since: Mon, 08 Nov 2017 08:44:36 GMT User-Agent: IPM Host: acroipm.adobe.com Connection: Keep-Alive Cache-Control: no-cache |
SMTP 流量
无SMTP流量.
IRC 流量
无IRC请求.
ICMP 流量
无ICMP流量.
CIF 报告
无 CIF 结果
网络警报
无警报
TLS
| Timestamp | Source IP | Source Port | Destination IP | Destination Port | Version | Issuer | Subject | Fingerprint |
|---|---|---|---|---|---|---|---|---|
| 2022-07-01 09:39:31.599965+0800 | 192.168.122.201 | 49159 | 157.122.153.106 | 8445 | TLS 1.2 | C=BE, O=GlobalSign nv-sa, CN=GlobalSign RSA OV SSL CA 2018 | C=CN, ST=Beijing, L=Beijing, OU=IT, O=PICC Property and Casualty Company Limited, CN=*.epicc.com.cn | 65:20:7d:31:e3:62:72:3d:52:c6:99:c7:b5:df:ae:fa:d5:f4:9d:ab |
| 2022-07-01 09:39:32.019434+0800 | 192.168.122.201 | 56512 | 122.246.6.206 | 443 | TLS 1.2 | C=US, O=DigiCert Inc, CN=DigiCert Secure Site CN CA G3 | C=CN, ST=Guangdong Province, L=Shenzhen, O=Shenzhen Tencent Computer Systems Company Limited, CN=weixin.qq.com | 38:f9:64:1e:b2:cc:a8:5b:3e:50:a6:f1:e4:45:55:c0:bc:a3:c2:d1 |
Suricata HTTP
No Suricata HTTP
未发现网络提取文件
抱歉! 没有任何文件投放。
| HTML 总结报告 (需15-60分钟同步) |
下载 |
|---|
Processing ( 25.804 seconds )
- 12.345 NetworkAnalysis
- 10.754 Suricata
- 2.617 AnalysisInfo
- 0.082 Static
- 0.004 BehaviorAnalysis
- 0.002 Memory
Signatures ( 0.0 seconds )
Reporting ( 0.0 seconds )
| Task ID | 697546 |
|---|---|
| Mongo ID | 62be50e4dc327b609d27fd2e |
| Cuckoo release | 1.4-Maldun |
沪公网安备 31011502009736号