分析任务

分析类型 虚拟机标签 开始时间 结束时间 持续时间
URL win7-sp1-x64-app01-1 2017-03-01 10:00:28 2017-03-01 10:03:04 156 秒

魔盾分数

1.65

正常的

URL详细信息

URL
URL专业沙箱检测 -> http://www.ed2000.com
登录查看威胁特征

运行截图

访问主机纪录 (可点击查询WPING实时安全评级)

直接 IP 安全评级 地理位置
58.218.211.180 中国
43.230.146.102 香港
42.156.140.84 中国
222.73.134.44 中国
222.73.134.43 中国
221.236.7.141 中国
221.236.7.139 中国
180.97.64.48 中国
115.239.211.92 中国
115.238.154.167 中国
115.238.154.162 中国

域名解析 (可点击查询WPING实时安全评级)

域名 安全评级 响应
www.ed2000.com CNAME gdhw12rq.end-ddos.com
CNAME ed2000com.hw98.wdtcp.com
A 43.230.146.102
img.ed2000.com CNAME www.ed2000.com
t.adyun.com A 115.238.154.162
ed2008.kkcaicai.com A 58.218.211.180
gg.qucaigg.com A 221.236.7.139
CNAME 94ec0ddaa8baf6a4.vip.jiasule.org
A 221.236.7.141
res1.adyun.com A 115.238.154.167
bdimg.share.baidu.com CNAME share.jomodns.com
A 180.97.64.48
s.adyun.com
s92.cnzz.com A 222.186.49.224
CNAME all.cnzz.com.danuoyi.tbcache.com
CNAME c.cnzz.com
A 222.73.134.44
A 222.73.134.43
ocsp.globalsign.com CNAME cdn.globalsigncdn.com
A 58.211.137.192
hzs9.cnzz.com CNAME z.cnzz.com
CNAME z10.cnzz.com
CNAME z.gds.cnzz.com
A 42.156.140.84
c.cnzz.com
nsclick.baidu.com CNAME static.n.shifen.com
A 115.239.211.92

摘要

登录查看详细行为信息

WHOIS 信息

Name: Registration Private
Country: US
State: Arizona
City: Scottsdale
ZIP Code: 85260
Address: DomainsByProxy.com

Orginization: Domains By Proxy, LLC
Domain Name(s):
    ED2000.COM
Creation Date:
    2008-02-12 00:00:00
    2008-02-12 08:58:19
Updated Date:
    2013-01-27 00:00:00
Expiration Date:
    2019-02-12 00:00:00
    2019-02-12 08:58:19
Email(s):
    abuse@godaddy.com
    ED2000.COM@domainsbyproxy.com

Registrar(s):
    GoDaddy.com, LLC
Name Server(s):
    F1G1NS1.DNSPOD.NET
    F1G1NS2.DNSPOD.NET
Referral URL(s):
    http://www.godaddy.com
防病毒引擎/厂商 网站安全分析
CLEAN MX Clean Site
VX Vault Clean Site
ZDB Zeus Clean Site
Tencent Clean Site
Netcraft Unrated Site
desenmascara_me Clean Site
PhishLabs Unrated Site
Zerofox Clean Site
Sangfor Clean Site
K7AntiVirus Clean Site
SecureBrain Clean Site
SCUMWARE_org Clean Site
Quttera Clean Site
AegisLab WebGuard Clean Site
MalwareDomainList Clean Site
ZeusTracker Clean Site
zvelo Clean Site
Google Safebrowsing Clean Site
ParetoLogic Clean Site
Kaspersky Clean Site
BitDefender Clean Site
Certly Clean Site
G-Data Clean Site
C-SIRT Clean Site
OpenPhish Clean Site
Websense ThreatSeeker Clean Site
MalwarePatrol Clean Site
Webutation Clean Site
Trustwave Clean Site
Web Security Guard Clean Site
Dr_Web Clean Site
ADMINUSLabs Clean Site
Malwarebytes hpHosts Clean Site
Opera Clean Site
AlienVault Clean Site
Emsisoft Clean Site
Malc0de Database Clean Site
Phishtank Clean Site
Malwared Clean Site
Avira Clean Site
CyberCrime Clean Site
Antiy-AVL Clean Site
FraudSense Clean Site
malwares_com URL checker Clean Site
Comodo Site Inspector Clean Site
Malekal Clean Site
ESET Clean Site
Sophos Unrated Site
Yandex Safebrowsing Clean Site
Spam404 Clean Site
Nucleon Clean Site
Malware Domain Blocklist Clean Site
Blueliv Clean Site
ZCloudsec Clean Site
AutoShun Unrated Site
ThreatHive Clean Site
FraudScore Clean Site
Rising Clean Site
URLQuery Unrated Site
StopBadware Unrated Site
Sucuri SiteCheck Clean Site
Fortinet Clean Site
ZeroCERT Clean Site
Baidu-International Clean Site
securolytics Clean Site

进程树

iexplore.exe, PID: 2640, 上一级进程 PID: 2232
iexplore.exe, PID: 2952, 上一级进程 PID: 2640
下载PCAP包

访问主机纪录 (可点击查询WPING实时安全评级)

直接 IP 安全评级 地理位置
58.218.211.180 中国
43.230.146.102 香港
42.156.140.84 中国
222.73.134.44 中国
222.73.134.43 中国
221.236.7.141 中国
221.236.7.139 中国
180.97.64.48 中国
115.239.211.92 中国
115.238.154.167 中国
115.238.154.162 中国

TCP

源地址 源端口 目标地址 目标端口
192.168.122.201 49172 115.238.154.162 t.adyun.com 80
192.168.122.201 49183 115.238.154.162 t.adyun.com 80
192.168.122.201 49190 115.238.154.162 t.adyun.com 80
192.168.122.201 49180 115.238.154.167 res1.adyun.com 80
192.168.122.201 49181 115.238.154.167 res1.adyun.com 80
192.168.122.201 49194 115.238.154.167 res1.adyun.com 80
192.168.122.201 49195 115.238.154.167 res1.adyun.com 80
192.168.122.201 49211 115.239.211.92 nsclick.baidu.com 80
192.168.122.201 49184 180.97.64.48 bdimg.share.baidu.com 80
192.168.122.201 49185 180.97.64.48 bdimg.share.baidu.com 80
192.168.122.201 49222 221.236.7.139 gg.qucaigg.com 8080
192.168.122.201 49193 222.73.134.43 s92.cnzz.com 443
192.168.122.201 49209 222.73.134.44 s92.cnzz.com 443
192.168.122.201 49240 23.34.61.40 80
192.168.122.201 49208 42.156.140.84 hzs9.cnzz.com 443
192.168.122.201 49166 43.230.146.102 www.ed2000.com 80
192.168.122.201 49170 43.230.146.102 www.ed2000.com 80
192.168.122.201 49171 43.230.146.102 www.ed2000.com 80
192.168.122.201 49175 43.230.146.102 www.ed2000.com 80
192.168.122.201 49176 43.230.146.102 www.ed2000.com 80
192.168.122.201 49182 43.230.146.102 www.ed2000.com 80
192.168.122.201 49224 43.230.146.102 www.ed2000.com 80
192.168.122.201 49205 58.211.137.192 ocsp.globalsign.com 80
192.168.122.201 49206 58.211.137.192 ocsp.globalsign.com 80
192.168.122.201 49177 58.218.211.180 ed2008.kkcaicai.com 8080

UDP

源地址 源端口 目标地址 目标端口
192.168.122.201 50039 192.168.122.1 53
192.168.122.201 50670 192.168.122.1 53
192.168.122.201 51956 192.168.122.1 53
192.168.122.201 54867 192.168.122.1 53
192.168.122.201 56644 192.168.122.1 53
192.168.122.201 56856 192.168.122.1 53
192.168.122.201 57990 192.168.122.1 53
192.168.122.201 58456 192.168.122.1 53
192.168.122.201 59211 192.168.122.1 53
192.168.122.201 59218 192.168.122.1 53
192.168.122.201 59517 192.168.122.1 53
192.168.122.201 62775 192.168.122.1 53
192.168.122.201 62943 192.168.122.1 53
192.168.122.201 63505 192.168.122.1 53
192.168.122.201 63544 192.168.122.1 53
192.168.122.201 63860 192.168.122.1 53
192.168.122.201 65014 192.168.122.1 53

域名解析 (可点击查询WPING实时安全评级)

域名 安全评级 响应
www.ed2000.com CNAME gdhw12rq.end-ddos.com
CNAME ed2000com.hw98.wdtcp.com
A 43.230.146.102
img.ed2000.com CNAME www.ed2000.com
t.adyun.com A 115.238.154.162
ed2008.kkcaicai.com A 58.218.211.180
gg.qucaigg.com A 221.236.7.139
CNAME 94ec0ddaa8baf6a4.vip.jiasule.org
A 221.236.7.141
res1.adyun.com A 115.238.154.167
bdimg.share.baidu.com CNAME share.jomodns.com
A 180.97.64.48
s.adyun.com
s92.cnzz.com A 222.186.49.224
CNAME all.cnzz.com.danuoyi.tbcache.com
CNAME c.cnzz.com
A 222.73.134.44
A 222.73.134.43
ocsp.globalsign.com CNAME cdn.globalsigncdn.com
A 58.211.137.192
hzs9.cnzz.com CNAME z.cnzz.com
CNAME z10.cnzz.com
CNAME z.gds.cnzz.com
A 42.156.140.84
c.cnzz.com
nsclick.baidu.com CNAME static.n.shifen.com
A 115.239.211.92

TCP

源地址 源端口 目标地址 目标端口
192.168.122.201 49172 115.238.154.162 t.adyun.com 80
192.168.122.201 49183 115.238.154.162 t.adyun.com 80
192.168.122.201 49190 115.238.154.162 t.adyun.com 80
192.168.122.201 49180 115.238.154.167 res1.adyun.com 80
192.168.122.201 49181 115.238.154.167 res1.adyun.com 80
192.168.122.201 49194 115.238.154.167 res1.adyun.com 80
192.168.122.201 49195 115.238.154.167 res1.adyun.com 80
192.168.122.201 49211 115.239.211.92 nsclick.baidu.com 80
192.168.122.201 49184 180.97.64.48 bdimg.share.baidu.com 80
192.168.122.201 49185 180.97.64.48 bdimg.share.baidu.com 80
192.168.122.201 49222 221.236.7.139 gg.qucaigg.com 8080
192.168.122.201 49193 222.73.134.43 s92.cnzz.com 443
192.168.122.201 49209 222.73.134.44 s92.cnzz.com 443
192.168.122.201 49240 23.34.61.40 80
192.168.122.201 49208 42.156.140.84 hzs9.cnzz.com 443
192.168.122.201 49166 43.230.146.102 www.ed2000.com 80
192.168.122.201 49170 43.230.146.102 www.ed2000.com 80
192.168.122.201 49171 43.230.146.102 www.ed2000.com 80
192.168.122.201 49175 43.230.146.102 www.ed2000.com 80
192.168.122.201 49176 43.230.146.102 www.ed2000.com 80
192.168.122.201 49182 43.230.146.102 www.ed2000.com 80
192.168.122.201 49224 43.230.146.102 www.ed2000.com 80
192.168.122.201 49205 58.211.137.192 ocsp.globalsign.com 80
192.168.122.201 49206 58.211.137.192 ocsp.globalsign.com 80
192.168.122.201 49177 58.218.211.180 ed2008.kkcaicai.com 8080

UDP

源地址 源端口 目标地址 目标端口
192.168.122.201 50039 192.168.122.1 53
192.168.122.201 50670 192.168.122.1 53
192.168.122.201 51956 192.168.122.1 53
192.168.122.201 54867 192.168.122.1 53
192.168.122.201 56644 192.168.122.1 53
192.168.122.201 56856 192.168.122.1 53
192.168.122.201 57990 192.168.122.1 53
192.168.122.201 58456 192.168.122.1 53
192.168.122.201 59211 192.168.122.1 53
192.168.122.201 59218 192.168.122.1 53
192.168.122.201 59517 192.168.122.1 53
192.168.122.201 62775 192.168.122.1 53
192.168.122.201 62943 192.168.122.1 53
192.168.122.201 63505 192.168.122.1 53
192.168.122.201 63544 192.168.122.1 53
192.168.122.201 63860 192.168.122.1 53
192.168.122.201 65014 192.168.122.1 53

HTTP 请求

URI HTTP数据
URL专业沙箱检测 -> http://www.ed2000.com/ 
GET / HTTP/1.1
Accept: */*
Referer: http://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=12&ved=0CCEQfjTUFvSUxwTWhCTlRXekFiR2pIRWJo&url=http%3A%2F%2Fwww.ed2000.com&ei=ckp5Z0VteGh1RXpa&usg=AFQjbUxRdkxra3BTelZK
Accept-Language: zh-cn
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: www.ed2000.com
Connection: Keep-Alive
URL专业沙箱检测 -> http://img.ed2000.com/JS/global.js 
GET /JS/global.js HTTP/1.1
Accept: */*
Referer: http://www.ed2000.com/
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: img.ed2000.com
Connection: Keep-Alive
URL专业沙箱检测 -> http://img.ed2000.com/Themes/Default.css 
GET /Themes/Default.css HTTP/1.1
Accept: */*
Referer: http://www.ed2000.com/
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: img.ed2000.com
Connection: Keep-Alive
URL专业沙箱检测 -> http://img.ed2000.com/Images/logo_200x60.png 
GET /Images/logo_200x60.png HTTP/1.1
Accept: */*
Referer: http://www.ed2000.com/
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: img.ed2000.com
Connection: Keep-Alive
URL专业沙箱检测 -> http://t.adyun.com/show_ps3.js 
GET /show_ps3.js HTTP/1.1
Accept: */*
Referer: http://www.ed2000.com/
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: t.adyun.com
Connection: Keep-Alive
URL专业沙箱检测 -> http://t.adyun.com/sspshow?v=3&a=36913152_649150464_4&b=640_60_1&d=8022693&c=148F09F878B3A153C41B83E9669711C020018FE9D4AB2D0B4C51C753C41B&g=0 
GET /sspshow?v=3&a=36913152_649150464_4&b=640_60_1&d=8022693&c=148F09F878B3A153C41B83E9669711C020018FE9D4AB2D0B4C51C753C41B&g=0 HTTP/1.1
Accept: application/x-ms-application, image/jpeg, application/xaml+xml, image/gif, image/pjpeg, application/x-ms-xbap, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
Referer: http://www.ed2000.com/
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: t.adyun.com
Connection: Keep-Alive
Cookie: panshi_user=88a9421430d335387d3dbf469996638f_20170301100144_368ccd38f667a5a3_1
URL专业沙箱检测 -> http://ed2008.kkcaicai.com:8080/960X90.js 
GET /960X90.js HTTP/1.1
Accept: */*
Referer: http://www.ed2000.com/
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: ed2008.kkcaicai.com:8080
Connection: Keep-Alive
URL专业沙箱检测 -> http://t.adyun.com/swfobject.js 
GET /swfobject.js HTTP/1.1
Accept: */*
Referer: http://t.adyun.com/sspshow?v=3&a=36913152_649150464_4&b=640_60_1&d=8022693&c=148F09F878B3A153C41B83E9669711C020018FE9D4AB2D0B4C51C753C41B&g=0
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: t.adyun.com
Connection: Keep-Alive
Cookie: panshi_user=88a9421430d335387d3dbf469996638f_20170301100144_368ccd38f667a5a3_1
URL专业沙箱检测 -> http://img.ed2000.com/images/topmenu_bg.gif 
GET /images/topmenu_bg.gif HTTP/1.1
Accept: */*
Referer: http://www.ed2000.com/
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: img.ed2000.com
Connection: Keep-Alive
URL专业沙箱检测 -> http://img.ed2000.com/images/topmenu_r.gif 
GET /images/topmenu_r.gif HTTP/1.1
Accept: */*
Referer: http://www.ed2000.com/
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: img.ed2000.com
Connection: Keep-Alive
URL专业沙箱检测 -> http://img.ed2000.com/images/topmenu_o.gif 
GET /images/topmenu_o.gif HTTP/1.1
Accept: */*
Referer: http://www.ed2000.com/
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: img.ed2000.com
Connection: Keep-Alive
URL专业沙箱检测 -> http://res1.adyun.com/close.png 
GET /close.png HTTP/1.1
Accept: */*
Referer: http://t.adyun.com/sspshow?v=3&a=36913152_649150464_4&b=640_60_1&d=8022693&c=148F09F878B3A153C41B83E9669711C020018FE9D4AB2D0B4C51C753C41B&g=0
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: res1.adyun.com
Connection: Keep-Alive
Cookie: panshi_user=88a9421430d335387d3dbf469996638f_20170301100144_368ccd38f667a5a3_1
URL专业沙箱检测 -> http://res1.adyun.com/res1/bg.png 
GET /res1/bg.png HTTP/1.1
Accept: */*
Referer: http://t.adyun.com/sspshow?v=3&a=36913152_649150464_4&b=640_60_1&d=8022693&c=148F09F878B3A153C41B83E9669711C020018FE9D4AB2D0B4C51C753C41B&g=0
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: res1.adyun.com
Connection: Keep-Alive
Cookie: panshi_user=88a9421430d335387d3dbf469996638f_20170301100144_368ccd38f667a5a3_1
URL专业沙箱检测 -> http://t.adyun.com/show_ad.html 
GET /show_ad.html HTTP/1.1
Accept: application/x-ms-application, image/jpeg, application/xaml+xml, image/gif, image/pjpeg, application/x-ms-xbap, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
Referer: http://t.adyun.com/sspshow?v=3&a=36913152_649150464_4&b=640_60_1&d=8022693&c=148F09F878B3A153C41B83E9669711C020018FE9D4AB2D0B4C51C753C41B&g=0
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: t.adyun.com
Connection: Keep-Alive
Cookie: panshi_user=88a9421430d335387d3dbf469996638f_20170301100144_368ccd38f667a5a3_1
URL专业沙箱检测 -> http://img.ed2000.com/images/tlist_title.jpg 
GET /images/tlist_title.jpg HTTP/1.1
Accept: */*
Referer: http://www.ed2000.com/
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: img.ed2000.com
Connection: Keep-Alive
URL专业沙箱检测 -> http://img.ed2000.com/images/rlist_title_bg.gif 
GET /images/rlist_title_bg.gif HTTP/1.1
Accept: */*
Referer: http://www.ed2000.com/
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: img.ed2000.com
Connection: Keep-Alive
URL专业沙箱检测 -> http://img.ed2000.com/images/title.gif 
GET /images/title.gif HTTP/1.1
Accept: */*
Referer: http://www.ed2000.com/
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: img.ed2000.com
Connection: Keep-Alive
URL专业沙箱检测 -> http://img.ed2000.com/images/li_icon.gif 
GET /images/li_icon.gif HTTP/1.1
Accept: */*
Referer: http://www.ed2000.com/
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: img.ed2000.com
Connection: Keep-Alive
URL专业沙箱检测 -> http://t.adyun.com/show_url_config.js?v=8 
GET /show_url_config.js?v=8 HTTP/1.1
Accept: */*
Referer: http://t.adyun.com/show_ad.html
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: t.adyun.com
Connection: Keep-Alive
Cookie: panshi_user=88a9421430d335387d3dbf469996638f_20170301100144_368ccd38f667a5a3_1
URL专业沙箱检测 -> http://t.adyun.com/show_ad.js?v=8 
GET /show_ad.js?v=8 HTTP/1.1
Accept: */*
Referer: http://t.adyun.com/show_ad.html
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: t.adyun.com
Connection: Keep-Alive
Cookie: panshi_user=88a9421430d335387d3dbf469996638f_20170301100144_368ccd38f667a5a3_1
URL专业沙箱检测 -> http://bdimg.share.baidu.com/static/js/shell_v2.js?cdnversion=413427 
GET /static/js/shell_v2.js?cdnversion=413427 HTTP/1.1
Accept: */*
Referer: http://www.ed2000.com/
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: bdimg.share.baidu.com
Connection: Keep-Alive
URL专业沙箱检测 -> http://bdimg.share.baidu.com/static/js/logger.js?cdnversion=413427 
GET /static/js/logger.js?cdnversion=413427 HTTP/1.1
Accept: */*
Referer: http://www.ed2000.com/
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: bdimg.share.baidu.com
Connection: Keep-Alive
URL专业沙箱检测 -> http://bdimg.share.baidu.com/static/js/bds_s_v2.js?cdnversion=413427 
GET /static/js/bds_s_v2.js?cdnversion=413427 HTTP/1.1
Accept: */*
Referer: http://www.ed2000.com/
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: bdimg.share.baidu.com
Connection: Keep-Alive
URL专业沙箱检测 -> http://res1.adyun.com/res1/upload/42023/idea/201702/273823_19_640*60.swf 
GET /res1/upload/42023/idea/201702/273823_19_640*60.swf HTTP/1.1
Accept: */*
Accept-Language: zh-CN
Referer: http://t.adyun.com/sspshow?v=3&a=36913152_649150464_4&b=640_60_1&d=8022693&c=148F09F878B3A153C41B83E9669711C020018FE9D4AB2D0B4C51C753C41B&g=
x-flash-version: 24,0,0,194
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)
Host: res1.adyun.com
Connection: Keep-Alive
Cookie: panshi_user=88a9421430d335387d3dbf469996638f_20170301100144_368ccd38f667a5a3_1
URL专业沙箱检测 -> http://bdimg.share.baidu.com/static/css/bdsstyle.css?cdnversion=20131219 
GET /static/css/bdsstyle.css?cdnversion=20131219 HTTP/1.1
Accept: */*
Referer: http://www.ed2000.com/
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: bdimg.share.baidu.com
Connection: Keep-Alive
URL专业沙箱检测 -> http://bdimg.share.baidu.com/static/images/is_32.png?cdnversion=20131219 
GET /static/images/is_32.png?cdnversion=20131219 HTTP/1.1
Accept: */*
Referer: http://www.ed2000.com/
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: bdimg.share.baidu.com
Connection: Keep-Alive
URL专业沙箱检测 -> http://s.adyun.com/show_ps3.js 
GET /show_ps3.js HTTP/1.1
Accept: */*
Referer: http://www.ed2000.com/
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: s.adyun.com
Connection: Keep-Alive
Cookie: panshi_user=88a9421430d335387d3dbf469996638f_20170301100144_368ccd38f667a5a3_1
URL专业沙箱检测 -> http://t.adyun.com/sspshow?v=3&a=36913152_528891904_1&b=960_60_10&d=9229619&c=A372BAF8CF4E145371E432E9D06AA2C097FE3EE961569E0BFBAE765371E4&g=1 
GET /sspshow?v=3&a=36913152_528891904_1&b=960_60_10&d=9229619&c=A372BAF8CF4E145371E432E9D06AA2C097FE3EE961569E0BFBAE765371E4&g=1 HTTP/1.1
Accept: application/x-ms-application, image/jpeg, application/xaml+xml, image/gif, image/pjpeg, application/x-ms-xbap, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
Referer: http://www.ed2000.com/
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: t.adyun.com
Connection: Keep-Alive
Cookie: panshi_user=88a9421430d335387d3dbf469996638f_20170301100144_368ccd38f667a5a3_1; a=649150464_1_0; p=3357716480_1_0; u=3663353856_1_0; i=8753273916253798400_1_0
URL专业沙箱检测 -> http://t.adyun.com/show_ps3.js 
GET /show_ps3.js HTTP/1.1
Accept: */*
Referer: http://www.ed2000.com/
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: t.adyun.com
Connection: Keep-Alive
Cookie: panshi_user=88a9421430d335387d3dbf469996638f_20170301100144_368ccd38f667a5a3_1; a=649150464_1_0; p=3357716480_1_0; u=3663353856_1_0; i=8753273916253798400_1_0
URL专业沙箱检测 -> http://t.adyun.com/sspshow?v=3&a=36913152_3065069568_1&b=160_600_11&d=2372206&c=494DFBF8257157539BD871E93B55E3C07DC37DE98B69DF0B119335539BD8&g=2 
GET /sspshow?v=3&a=36913152_3065069568_1&b=160_600_11&d=2372206&c=494DFBF8257157539BD871E93B55E3C07DC37DE98B69DF0B119335539BD8&g=2 HTTP/1.1
Accept: application/x-ms-application, image/jpeg, application/xaml+xml, image/gif, image/pjpeg, application/x-ms-xbap, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
Referer: http://www.ed2000.com/
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: t.adyun.com
Connection: Keep-Alive
Cookie: panshi_user=88a9421430d335387d3dbf469996638f_20170301100144_368ccd38f667a5a3_1; a=649150464_1_0; p=3357716480_1_0; u=3663353856_1_0; i=8753273916253798400_1_0
URL专业沙箱检测 -> http://res1.adyun.com/res1/upload/41157/idea_201610/14776242901017.jpg 
GET /res1/upload/41157/idea_201610/14776242901017.jpg HTTP/1.1
Accept: */*
Referer: http://t.adyun.com/sspshow?v=3&a=36913152_3065069568_1&b=160_600_11&d=2372206&c=494DFBF8257157539BD871E93B55E3C07DC37DE98B69DF0B119335539BD8&g=2
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: res1.adyun.com
Connection: Keep-Alive
Cookie: panshi_user=88a9421430d335387d3dbf469996638f_20170301100144_368ccd38f667a5a3_1
URL专业沙箱检测 -> http://res1.adyun.com/res1/upload/42199/idea/201702/14867996622332.jpg 
GET /res1/upload/42199/idea/201702/14867996622332.jpg HTTP/1.1
Accept: */*
Referer: http://t.adyun.com/sspshow?v=3&a=36913152_528891904_1&b=960_60_10&d=9229619&c=A372BAF8CF4E145371E432E9D06AA2C097FE3EE961569E0BFBAE765371E4&g=1
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: res1.adyun.com
Connection: Keep-Alive
Cookie: panshi_user=88a9421430d335387d3dbf469996638f_20170301100144_368ccd38f667a5a3_1
URL专业沙箱检测 -> http://bdimg.share.baidu.com/static/images/is.png?cdnversion=20131219 
GET /static/images/is.png?cdnversion=20131219 HTTP/1.1
Accept: */*
Referer: http://www.ed2000.com/
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: bdimg.share.baidu.com
Connection: Keep-Alive
URL专业沙箱检测 -> http://bdimg.share.baidu.com/static/images/pi.gif?cdnversion=20120720 
GET /static/images/pi.gif?cdnversion=20120720 HTTP/1.1
Accept: */*
Referer: http://www.ed2000.com/
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: bdimg.share.baidu.com
Connection: Keep-Alive
URL专业沙箱检测 -> http://ocsp.globalsign.com/rootr1/MEwwSjBIMEYwRDAJBgUrDgMCGgUABBS3V7W2nAf4FiMTjpDJKg6%2BMgGqMQQUYHtmGkUNl8qJUC99BM00qP%2F8%2FUsCCwQAAAAAAURO8EJH 
GET /rootr1/MEwwSjBIMEYwRDAJBgUrDgMCGgUABBS3V7W2nAf4FiMTjpDJKg6%2BMgGqMQQUYHtmGkUNl8qJUC99BM00qP%2F8%2FUsCCwQAAAAAAURO8EJH HTTP/1.1
Cache-Control: max-age = 10800
Connection: Keep-Alive
Accept: */*
If-Modified-Since: Sat, 28 Jan 2017 14:14:29 GMT
If-None-Match: "d7aec46aca5f14c6053ecf20ce8d5de8e725a587"
User-Agent: Microsoft-CryptoAPI/6.1
Host: ocsp.globalsign.com
URL专业沙箱检测 -> http://ocsp2.globalsign.com/gsorganizationvalsha2g2/ME0wSzBJMEcwRTAJBgUrDgMCGgUABBQMnk2cPe3vhNiR6XLHz4QGvBl7BwQUlt5h8b0cFilTHMDMfTuDAEDmGnwCDBisczuS0Hu180XFAA%3D%3D 
GET /gsorganizationvalsha2g2/ME0wSzBJMEcwRTAJBgUrDgMCGgUABBQMnk2cPe3vhNiR6XLHz4QGvBl7BwQUlt5h8b0cFilTHMDMfTuDAEDmGnwCDBisczuS0Hu180XFAA%3D%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: ocsp2.globalsign.com
URL专业沙箱检测 -> http://nsclick.baidu.com/v.gif?pid=307&type=3071&sc=960,2021,800,600&desturl=&apitype=1&linkid=izqbglv51w2&velo_load=26453697&velo_cssload=26450218&velo_jsLoad=3588&cite_uid=699359&cite_type=1&cite_mini=0 
GET /v.gif?pid=307&type=3071&sc=960,2021,800,600&desturl=&apitype=1&linkid=izqbglv51w2&velo_load=26453697&velo_cssload=26450218&velo_jsLoad=3588&cite_uid=699359&cite_type=1&cite_mini=0 HTTP/1.1
Accept: */*
Referer: http://www.ed2000.com/
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: nsclick.baidu.com
Connection: Keep-Alive
URL专业沙箱检测 -> http://gg.qucaigg.com:8080/960-90-1.gif 
GET /960-90-1.gif HTTP/1.1
Accept: */*
Referer: http://www.ed2000.com/
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: gg.qucaigg.com:8080
Connection: Keep-Alive
URL专业沙箱检测 -> http://www.ed2000.com/favicon.ico 
GET /favicon.ico HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)
Host: www.ed2000.com
Connection: Keep-Alive
Cookie: VisitsNumber=1; ASPSESSIONIDSCTBRCQD=BPPFDJMCAHDPHLELMOGBMNMF; adClass0803=1; bdshare_firstime=1488333706782; CNZZDATA947842=cnzz_eid%3D554587883-1488329616-%26ntime%3D1488329616
URL专业沙箱检测 -> http://crl.microsoft.com/pki/crl/products/tspca.crl 
GET /pki/crl/products/tspca.crl HTTP/1.1
Cache-Control: max-age = 900
Connection: Keep-Alive
Accept: */*
If-Modified-Since: Sat, 24 May 2014 05:04:54 GMT
If-None-Match: "8ab194b3d77cf1:0"
User-Agent: Microsoft-CryptoAPI/6.1
Host: crl.microsoft.com
URL专业沙箱检测 -> http://crl.microsoft.com/pki/crl/products/MicCodSigPCA_08-31-2010.crl 
GET /pki/crl/products/MicCodSigPCA_08-31-2010.crl HTTP/1.1
Cache-Control: max-age = 900
Connection: Keep-Alive
Accept: */*
If-Modified-Since: Mon, 12 Dec 2016 06:00:18 GMT
If-None-Match: "7254ef33d54d21:0"
User-Agent: Microsoft-CryptoAPI/6.1
Host: crl.microsoft.com
URL专业沙箱检测 -> http://crl.microsoft.com/pki/crl/products/MicrosoftTimeStampPCA.crl 
GET /pki/crl/products/MicrosoftTimeStampPCA.crl HTTP/1.1
Cache-Control: max-age = 900
Connection: Keep-Alive
Accept: */*
If-Modified-Since: Tue, 17 Jan 2017 06:01:36 GMT
If-None-Match: "df568298770d21:0"
User-Agent: Microsoft-CryptoAPI/6.1
Host: crl.microsoft.com

SMTP 流量

无SMTP流量.

IRC 流量

无IRC请求.

ICMP 流量

无ICMP流量.

CIF 报告

无 CIF 结果

网络警报

无警报

TLS

No TLS

Suricata HTTP

No Suricata HTTP

未发现网络提取文件
文件名 stat[1].gif
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\stat[1].gif
文件大小 43 字节
文件类型 GIF image data, version 89a, 1 x 1
MD5 325472601571f31e1bf00674c368d335
SHA1 2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
SHA256 b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
CRC32 9ACCEAB1
Ssdeep 3:CUkwltxlHh/:P/
下载提交魔盾安全分析
文件名 A053CFB63FC8E6507871752236B5CCD5_5FA88EFBA30896FB894CB2FD9F1F99BB
相关文件
C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A053CFB63FC8E6507871752236B5CCD5_5FA88EFBA30896FB894CB2FD9F1F99BB
文件大小 532 字节
文件类型 data
MD5 72ddddeb616257bb19257dd8ca71af81
SHA1 55f3dbc40f3ba03329a3eb3c6857dc156447cd48
SHA256 0da923a4254a1880e173c3d3f9de0ad43c279aed0110c1d063d1895804d49882
CRC32 3F454636
Ssdeep 12:94sRJWzf8ClDC3bgLzK8sFFyOJQlUsyNMaQBuDL:WsRJgEme3ELmvPyOJQ6m9BU
下载提交魔盾安全分析
文件名 test@t.adyun[2].txt
相关文件
C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\test@t.adyun[2].txt
文件大小 418 字节
文件类型 ASCII text
MD5 6c75412b6d307f930129771e9290250a
SHA1 6e66d801244fe57e7f049ecd06d3ae567beb6072
SHA256 847c5224af248c2aca98ba38a11d2dca0eb9c83b35242ba2d452ef5ef714c607
CRC32 066D4AC0
Ssdeep 6:4+0niQ/vYUZtzgTUkcHlrQ/vYUZtz3TUc3Q/vYUZtz/i3TUJn6dqQ/vYUZtz4JVu:4+gi8b0Tbc8b7Tt38bSTMt8bSVTy
下载提交魔盾安全分析显示文本 
a
649150464_1_0%2C3065069568_1_0
t.adyun.com/
2147484752
1840139776
30649619
1690233744
30577261
*
p
3357716480_1_0%2C3109629952_1_0
t.adyun.com/
2147484752
1840139776
30649619
1690393744
30577261
*
u
3663353856_1_0%2C2076284928_1_0
t.adyun.com/
2147484752
1840139776
30649619
1690543744
30577261
*
i
8753273916253798400_1_0%2C14643444842546331648_1_0
t.adyun.com/
2147484752
1840139776
30649619
1690703744
30577261
*
文件名 title[1].gif
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\title[1].gif
文件大小 563 字节
文件类型 GIF image data, version 89a, 220 x 29
MD5 cd20ded17a426a77cc052cfcf1a1d496
SHA1 d9d93b2a04902ce955bf27d798dbf429dcc03d6f
SHA256 fe8c48370abd278400b1c64370983718e87fc3b5dad8d3b93775d164b177a602
CRC32 81DEA402
Ssdeep 12:0t3ZayPU+Ama/H8Ldz6CAhErJIuGBUn61apbWa4UhVmMY:6ZlpbLp6wJIuGeY
下载提交魔盾安全分析
文件名 test@adyun[1].txt
相关文件
C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\test@adyun[1].txt
文件大小 143 字节
文件类型 ASCII text
MD5 63407b7cf7160d1b809eaa151004baa5
SHA1 cde7f35f9179203528639c963785cb5df8325494
SHA256 faa75983d51bd696568af7091042747c7909b58911ce10eeef3fbdd3b1962ec5
CRC32 F8B709DF
Ssdeep 3:bcRERSBWXWPBHVw8VUMlvGgJSEP2BQLy4Xv7YcMVFW5AbQwS36ETU/:c2XW51NIL8Es6bQftTU/
下载提交魔盾安全分析显示文本 
panshi_user
88a9421430d335387d3dbf469996638f_20170301100144_368ccd38f667a5a3_1
adyun.com/
2147484672
1063040000
30650625
1504793744
30577261
*
文件名 960X90[1].js
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\960X90[1].js
文件大小 1091 字节
文件类型 HTML document, ISO-8859 text
MD5 a4992655a36ece8ffa76319fce46091a
SHA1 7a0721fcb725e145dd33c4ab969c06cc11dca0ea
SHA256 19cec15ea985633481c99ee8a2d178006ebe69a93493c67c76d0d8f6a1bdf47b
CRC32 D1EB6DAB
Ssdeep 24:YTAviGMPRccAZohVfFrBL561iySk2Ri8cx5Sco8cGSt:oAv+R5AZ2hP
下载提交魔盾安全分析
文件名 test@t.adyun[1].txt
相关文件
C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\test@t.adyun[1].txt
文件大小 82 字节
文件类型 ASCII text
MD5 746b1004b601c0464c0baf8136cc4b2e
SHA1 376495e845ea4b4d77f7b24a1550af7dcdae4efa
SHA256 c13ea75bc256100ebc26df4f0165ebbc2214a030324f68616245ecfc69914902
CRC32 F11FDA38
Ssdeep 3:4+TcU++qQO4Xv75v70t7SUdli4ETU/:4+wQ/v70t7SH3TU/
下载提交魔盾安全分析显示文本 
a
649150464_1_0
t.adyun.com/
2147484752
1780139776
30649619
1571873744
30577261
*
文件名 test@www.ed2000[1].txt
相关文件
C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\test@www.ed2000[1].txt
文件大小 248 字节
文件类型 ASCII text
MD5 101a0ce88904a984e77e3cd0ec6e8874
SHA1 8a4c2d64f0bdaa497593c0b9fe475075dcdb5df6
SHA256 f64800fc5cf3519026dc37ef57d7add193d0477b324372268de95e6387160964
CRC32 DAAD6615
Ssdeep 6:zFAocVXT4E6dMShItTUgRcVdI8/6CVF1WdXBIlNIQSCcVdMGqpTFVTU/:zFAoc9T4E6mhtTnRcJzqXdHCc8rPTy
下载提交魔盾安全分析显示文本 
VisitsNumber
1
www.ed2000.com/
1024
989075456
30778164
1307773744
30577261
*
adClass0803
1
www.ed2000.com/
1088
4023289600
30577400
3312426096
30577199
*
bdshare_firstime
1488333706782
www.ed2000.com/
1088
3816838656
30944589
1571563744
30577261
*
文件名 is_32[1].png
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\is_32[1].png
文件大小 29226 字节
文件类型 PNG image data, 36 x 2650, 8-bit colormap, non-interlaced
MD5 bcee6e77105bc38cb05584354106c09d
SHA1 65db0d4c7fc301d2ec09d3782580cdc6c3c30dc1
SHA256 622dac03465bc0ec9bc414282864ca50b2331f74209c8eee0dbdc37fcd4dee30
CRC32 8A50F1CA
Ssdeep 768:LGc9H6MHj3Ab0bhRQxJiHQjfowUjg54ORk7Trs:LN9H6MDQbwTQziwjQ2RSTrs
下载提交魔盾安全分析
文件名 960-90-1[1].gif
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\960-90-1[1].gif
文件大小 43007 字节
文件类型 GIF image data, version 89a, 960 x 90
MD5 69c30744c4a7cd04c7274cc291eaf715
SHA1 c7c761c014475d03be495b3abf25bc753e8d9850
SHA256 085700755c97acdeb997651357cc8ed130e919aa0fbfbda6548e1fa01be674e9
CRC32 19FEEE3E
Ssdeep 768:SBQ8ixiGuvJ0urkHNAoaMPkvFpFT/tRA7d34WjTZWc/WOU0rhHxIe8n:SBQhcCavFpV/jOPM3q9ROn
下载提交魔盾安全分析
文件名 test@t.adyun[2].txt
相关文件
C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\test@t.adyun[2].txt
文件大小 165 字节
文件类型 ASCII text
MD5 a2da99fb7d2444d74d556b7e5740daab
SHA1 dc6a37c4ac708888b7c4f812f0bd79fd8daea5dd
SHA256 b9d950e338224a3e6e5512cd15d8d5d2f7d5a5ce6937819a9c2fc81bb24e9d09
CRC32 60B42D5E
Ssdeep 3:4+TcU++qQO4Xv75v70t7SUdli4ETUkXsysqQO4Xv75v70t7SUdli4ETU/:4+wQ/v70t7SH3TUkciQ/v70t7SH3TU/
下载提交魔盾安全分析显示文本 
a
649150464_1_0
t.adyun.com/
2147484752
1780139776
30649619
1571873744
30577261
*
p
3357716480_1_0
t.adyun.com/
2147484752
1780139776
30649619
1571873744
30577261
*
文件名 index.dat
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012017030120170302\index.dat
文件大小 32768 字节
文件类型 Internet Explorer cache file version Ver 5.2
MD5 835bafaa8357ce1d2678a36ce278f901
SHA1 a57c4f26ecdb52eda7286556452618da1c40aa87
SHA256 88f5ba40e03f9a85bbde49e339a20159fdf97f43dd552c5c8f7416bb19eaf2c6
CRC32 5B9693AD
Ssdeep 6:qjyxXKYa63kVLNFYk1KjAWlj40y3kV/I/lvFYk1KjAWl1:qjRB63k9YsKjHG3koYsKjH
下载提交魔盾安全分析
文件名 test@t.adyun[1].txt
相关文件
C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\test@t.adyun[1].txt
文件大小 357 字节
文件类型 ASCII text
MD5 d0bbaec6dcf6fe658cf70091a85603d9
SHA1 b21e7912c42bf09eae28d1d57e82b26e94d33ffc
SHA256 9b80645e13600d3fec3cd16ecdeb5a129c2f749af0fbb73552f8354dde7b4464
CRC32 53373DAD
Ssdeep 6:4+0niQ/vYUZtzgTUkciQ/v70t7SH3TUciQ/v70t7SXHS39TUJCQ/v70t7SXpTU/:4+gi8b0TbR8iK3Tti8iQH2TMC8iQpTy
下载提交魔盾安全分析显示文本 
a
649150464_1_0%2C3065069568_1_0
t.adyun.com/
2147484752
1840139776
30649619
1690233744
30577261
*
p
3357716480_1_0
t.adyun.com/
2147484752
1780139776
30649619
1571873744
30577261
*
u
3663353856_1_0
t.adyun.com/
2147484752
1780139776
30649619
1572033744
30577261
*
i
8753273916253798400_1_0
t.adyun.com/
2147484752
1780139776
30649619
1572193744
30577261
*
文件名 close[1].png
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\close[1].png
文件大小 3091 字节
文件类型 PNG image data, 50 x 20, 8-bit/color RGBA, non-interlaced
MD5 fb26ea9c19b6dbf345c40355669a9c2f
SHA1 15232a89fe03b6ddcadf96db64a3d5e55d7a3e2c
SHA256 972bf1696aa507b35a637f1b8b0ff22407fd2a103b093b6ae2cb6c17e1690924
CRC32 08CCACC2
Ssdeep 96:/gSMllcHitlIxv9vk7C1+I4wWHLihk/xTdWQ:4SHIIHUCD4waZ
下载提交魔盾安全分析
文件名 test@t.adyun[1].txt
相关文件
C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\test@t.adyun[1].txt
文件大小 391 字节
文件类型 ASCII text
MD5 37d21344e0467643786228540f45046e
SHA1 94cb5c67800f8d9ac853adced8d3344c850a20a2
SHA256 a232bbbe7a4b54f68d7fe6ea631ef28c23269acc7bf2a4a755602023b5318bf2
CRC32 75E36B91
Ssdeep 6:4+0niQ/vYUZtzgTUkcHlrQ/vYUZtz3TUc3Q/vYUZtz/i3TUJCQ/v70t7SXpTU/:4+gi8b0Tbc8b7Tt38bSTMC8iQpTy
下载提交魔盾安全分析显示文本 
a
649150464_1_0%2C3065069568_1_0
t.adyun.com/
2147484752
1840139776
30649619
1690233744
30577261
*
p
3357716480_1_0%2C3109629952_1_0
t.adyun.com/
2147484752
1840139776
30649619
1690393744
30577261
*
u
3663353856_1_0%2C2076284928_1_0
t.adyun.com/
2147484752
1840139776
30649619
1690543744
30577261
*
i
8753273916253798400_1_0
t.adyun.com/
2147484752
1780139776
30649619
1572193744
30577261
*
文件名 pi[1].gif
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\pi[1].gif
文件大小 185 字节
文件类型 GIF image data, version 89a, 10 x 10
MD5 f18b3b63d75a8c21474d085298d4960c
SHA1 b66fd1041fe739036cfd6ab5fa387fe74044c9d7
SHA256 e64bd37a9ca311bd9b25ac96abc4be107d1d7c836db7160f9f68c1820b4b7f3e
CRC32 D0C1D03C
Ssdeep 3:C8OfH7XmYFssSe52d+8rhglll/zziE23/tWnJglg7lsNkExyLG:t8CtsSe0QIq5a3lWJglZNkEj
下载提交魔盾安全分析
文件名 index.dat
相关文件
C:\Users\test\AppData\Roaming\Microsoft\Windows\IECompatCache\index.dat
文件大小 65536 字节
文件类型 Internet Explorer cache file version Ver 5.2
MD5 4bd1104576ddc3d70ba592d12ab65bfc
SHA1 01c4857d992167440a8565d61e7262f3a9a4cc9d
SHA256 4afc766e1b9254152ad750c8a5dbcefc542efaa7c3eaf19c6f7d79ab85446d6d
CRC32 D4BC8B24
Ssdeep 384:wEEG/+ow+atLlVV+kpqjEayL8LIqfcFnIyp3Tkz9GAxdtLCkdeB0nuHH5eQpRouy:wEEG/+9+
下载提交魔盾安全分析
文件名 14776242901017[1].jpg
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\14776242901017[1].jpg
文件大小 73403 字节
文件类型 JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 160x600, frames 3
MD5 8800144c3f857b43b613f3ab746f5e8d
SHA1 9cac3b6c142f43e2c4b80147254f1eafb74f7551
SHA256 299455b266fbdf603591ed590b1d48650e970e19d20dd731d03b3564c42a609b
CRC32 77A2DB4B
Ssdeep 1536:YhZNcfcUElGy1mqnqynz5RnImL16We6fwMVhoAl2xe+:y2IG8mMzPpLk6fwMVfl2xe+
下载提交魔盾安全分析
文件名 bds_s_v2[1].js
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\bds_s_v2[1].js
文件大小 26180 字节
文件类型 UTF-8 Unicode text, with very long lines, with no line terminators
MD5 16b162cb4acf16c0a203e80d8e76ef07
SHA1 5f9cc1a30e2e31b99e5505e57da91ca9506fdb9b
SHA256 6840e2b956675f9c0863baaa15d0522ae893dd60482b4af91a46083020578b5b
CRC32 C56EA2A8
Ssdeep 768:nUGMm+sCA8uqR2/rf2H3D7edUAaVV6bRw8W/Wz8O:nGmPTR/rS3DCar6bRw8W/Wz8O
下载提交魔盾安全分析显示文本 
var bdShare=bdShare||{version:"1.0"};(function(){var P=new Date().getTime();var N=new Date().getTime();var L=new Date().getTime();var F=window,V=document,X=V.body,R=V.documentElement,A={},G="",I=V.title,h=[],O="",C={},S=V.getElementById("bdshare_js").attributes.data,K=/MSIE 6.0/.test(navigator.userAgent),g=V.compatMode!="CSS1Compat",S=S.nodeValue.replace(/&amp;/g,"&").split("&")||"";try{var Y=F.location||V.location;A.href=Y.href;A.search=Y.search;A.hash=Y.hash;A.protocol=Y.protocol;A.hostname=Y.hostname;A.pathname=Y.pathname;G=encodeURIComponent(A.href)}catch(f){setTimeout(function(){var B=F.location||V.location;A.href=B.href;A.search=B.search;A.hash=B.hash;A.protocol=B.protocol;A.hostname=B.hostname;A.pathname=B.pathname;G=encodeURIComponent(A.href)},0)}for(var c=S.length;c--;){var b=S[c].split("=");h[b[0]]=b[1]}var Z={bdPref:"bds_",bdNums:h.mini?7:15,bdMini:h.mini||false,bdType:h.type||"",bdLeft:h.pos||"right",bdTitle:"\u5206\u4eab\u5230",bdText:I,weiboText:"",bdMore:"\u66f4\u591a...",bdPopTitle:"\u5206\u4eab\u5230",bdImg:h.img||0,bdImgW:24,bdTop:0,bdIds:"bdshare",bdIdsl:h.mini?"bdshare_m":"bdshare_l",bdUid:h.uid||"",bdPic:"",searchPic:h.searchPic||0,bdComment:"",bdDesc:"",wbUid:"",tongji:"on",review:"on",render:true,snsKey:{},bdHost:"http://bdimg.share.baidu.com/static/",bdJump:"http://share.baidu.com/",bdApi:"http://api.share.baidu.com/",bdStatistics:"http://share.baidu.com/commit",bdCommit:"http://s.share.baidu.com/",bdMshare:"http://s.share.baidu.com/mshare",bdCout:"http://nsclick.baidu.com/v.gif?pid=307",bdWList:"([http|https]://[a-zA-Z0-9_.]+.baidu.com)",bdList:["mshare,\u4e00\u952e\u5206\u4eab,mshare","qzone,QQ\u7a7a\u95f4,qqkj","tsina,\u65b0\u6d6a\u5fae\u535a,xlwb","bdysc,\u767E\u5EA6\u4E91\u6536\u85CF,bdysc","renren,\u4eba\u4eba\u7f51,rrw","tqq,\u817e\u8baf\u5fae\u535a,txwb","bdxc,\u767e\u5ea6\u76f8\u518c,bdxc","kaixin001,\u5f00\u5fc3\u7f51,kxw","tqf,\u817e\u8baf\u670b\u53cb,txpy","tieba,\u767e\u5ea6\u8d34\u5427,bdtb","douban,\u8c46\u74e3\u7f51,db","tsohu,\u641c\u72d0\u5fae\u535a,shwb","bdhome,\u767e\u5ea6\u65b0\u9996\u9875,bdhome","sqq,QQ\u597D\u53CB,sqq","thx,\u548c\u8baf\u5fae\u535a,thx","qq,QQ\u6536\u85cf,qqsc","ibaidu,\u767E\u5EA6\u4E2A\u4EBA\u4E2D\u5FC3,ibaidu","taobao,\u6211\u7684\u6dd8\u5b9d,tjh","hi,\u767e\u5ea6\u7a7a\u95f4,bdkj","baidu,\u767E\u5EA6\u641C\u85CF,bdsc","sohu,\u641c\u72d0\u767d\u793e\u4f1a,shbsh","t163,\u7f51\u6613\u5fae\u535a,wywb","qy,\u5947\u827a\u5947\u8c08,qyqt","meilishuo,\u7f8e\u4e3d\u8bf4,mls","mogujie,\u8611\u83c7\u8857,mgj","diandian,\u70b9\u70b9\u7f51,diandian","huaban,\u82b1\u74e3,huaban","leho,\u7231\u4e50\u6d3b,leho","share189,\u624B\u673A\u5FEB\u4F20,share189","duitang,\u5806\u7cd6,duitang","hx,\u548c\u8baf,hexun","tfh,\u51e4\u51f0\u5fae\u535a,fhwb","fx,\u98de\u4fe1,feixin","youdao,\u6709\u9053\u4e91\u7b14\u8bb0,youdao","sdo,\u9EA6\u5E93\u8BB0\u4E8B,sdo","qingbiji,\u8F7B\u7B14\u8BB0,qingbiji","ifeng,\u51E4\u51F0\u5FEB\u535A,ifeng","people,\u4EBA\u6C11\u5FAE\u535A,people","xinhua,\u65B0\u534E\u5FAE\u535A,xinhua","ff,\u996d\u5426,fanfou","mail,\u90ae\u4ef6\u5206\u4eab,mail","kanshou,\u641C\u72D0\u968F\u8EAB\u770B,kanshou","isohu,\u6211\u7684\u641C\u72D0,isohu","yaolan,\u6447\u7BEE\u7A7A\u95F4,yaolan","wealink,\u82e5\u90bb\u7f51,wealink","xg,\u9c9c\u679c,xianguo","ty,\u5929\u6daf\u793e\u533a,tianya","iguba,\u80A1\u5427,iguba","fbook,Facebook,facebook","twi,Twitter,twitter","deli,delicious,delicious","s51,51\u6E38\u620F\u793e\u533a,51shequ","s139,139\u8bf4\u5ba2,shuoke","linkedin,linkedin,LinkedIn","copy,\u590d\u5236\u7f51\u5740,kaobei","print,\u6253\u5370,print"]}||{},J={_parseJson:function(j){if(typeof j!="string"){return j}j=j.replace(/^\s*{|}\s*$/g,"");var e=j.split(",");var k={};function D(r){if(r.indexOf("{")==0){return J._parseJson(r)}else{var q=r.split(".");var s=window;for(var p=0,o=q.length;p<o;p++){var t=q[p];if(typeof s=="object"&&t in s){s=s[t]}else{return r}}return s}}for(var T=0,W=e.length;T<W;T++){var n=e[T];var U=n.indexOf(":");if(U){var m=n.substring(0,U).replace(/^\s*[\'\"]?|[\"\']?\s*$/g,"");var B=n.substring(U+1).replace(/^\s*/g,"");var l=B.charAt(0);if(l=="'"||l=='"'){do{var E=B.replace(/\s*$/g,"");if(E.substring(E.length-1)==l){break}else{B=B+","+e[++T]}}while(T<e.length-1);B=B.replace(/^\s*[\'\"]?|[\"\']?\s*$/g,"")}else{if(l=="{"){do{var E=B.replace(/\s*$/g,"");if(E.substring(E.length-1)=="}"){break}else{B=B+","+e[++T]}}while(T<e.length-1);B=D(B)}else{if(!/^[0-9]*$/.test(B)){B=D(B)}else{B=B.replace(/^\s*[\'\"]?|[\"\']?\s*$/g,"")}}}k[m]=B}}return k},_createScriptTag:function(D,B,E){D.setAttribute("type","text/javascript");E&&D.setAttribute("charset",E);D.setAttribute("src",B);document.getElementsByTagName("head")[0].appendChild(D)},_removeScriptTag:function(D){if(D.clearAttributes){D.clearAttributes()}else{for(var B in D){if(D.hasOwnProperty(B)&&"parentNode"!=B){delete D[B]}}}if(D&&D.parentNode){D.parentNode.removeChild(D)}D=null},callByBrowser:function(i,W,T){var E=document.createElement("SCRIPT"),U=0,l=T||{},D=l.charset,k=W||function(){},j=l.timeOut||0,B;E.onload=E.onreadystatechange=function(){if(U){return }var e=E.readyState;if("undefined"==typeof e||e=="loaded"||e=="complete"){U=1;try{k();clearTimeout(B)}finally{E.onload=E.onreadystatechange=null;J._removeScriptTag(E)}}};if(j){B=setTimeout(function(){E.onload=E.onreadystatechange=null;J._removeScriptTag(E);l.onfailure&&l.onfailure()},j)}J._createScriptTag(E,i,D)},on:function(E,B,D){if(E.addEventListener){E.addEventListener(B,D,false)}else{if(E.attachEvent){E.attachEvent("on"+B,D)}}},unon:function(E,B,D){if(E.removeEventListener){E.removeEventListener(B,D,false)}else{if(E.detachEvent){E.detachEvent("on"+B,D)}}},html:function(D,B){var T=V.createElement(B||"div");for(var E in D){E=="style"?T[E].cssText=D[E]:T[E]=D[E]}if(B=="link"){V.getElementsByTagName("head")[0].appendChild(T)}else{return X.insertBefore(T,(B=="iframe"?X.firstChild:O.nextSibling))}},list:function(E){var T=Z.bdPref,B=E.split(","),W=B[1],D="#",U=T+B[0]+" "+B[2];return{name:W,url:D,cls:U}},list_s:function(j){var i=[],U=inner="",W=Z,B=W.bdList,E=W.bdNums,e=(W.bdNums<B.length)?'<li><a href="#" class="bds_more">'+W.bdMore+"</a></li>":"";while(E--){U=J.list(B[E]),i.push('<a href="'+U.url+'" class="'+U.cls+'">'+U.name+"</a>")}inner='<iframe id="bdsIfr" style="position:absolute;display:none;z-index:9999;" frameborder="0"></iframe>';inner+='<div id="'+W.bdIdsl+'"><div id="'+W.bdIdsl+'_c"><h6>'+W.bdTitle+"</h6>";inner+="<ul><li>"+i.reverse().join("</li><li>")+"</li>"+e+'</ul><p><a href="#" class="goWebsite">\u767e\u5ea6\u5206\u4eab</a></p></div></div>';if(j){var T=J.html({id:"bdshare_s",innerHTML:inner,style:"display:none"});T.style.display="block";var D=J.children(T);T=D[D.length-1];J.on(T,"mouseover",function(p){var p=p||window.event;var o=p.target||p.srcElement;var n=J.getPosition(o);var m=p.relatedTarget||p.fromElement;var l=J.getMousePos(p);var k=l.x-n.l;var q=l.y-n.t;o.buttontype=1;o.x=k;o.y=q;if(J.contains(T,m)){return }T.time=+new Date})}else{return inner}},scroll:function(B,D){J.on(F,"scroll",function(W){var E=J.getSize(),T=Z,U=T.bdTop;if(T.bdType=="slide"){if(K||g){J.setAttr(V.getElementById(T.bdIdsl),"display:block");_bdS.style.top=(E.t+(U==0?(E.h/2-(V.getElementById(T.bdIdsl).offsetHeight-11)/2):parseInt(U)))+"px"}else{if(T.bdTop!=0){_bdS.style.top=parseInt(T.bdTop)+"px"}}}if(D=="pop"&&(K||g)){B.style.top=(E.t+E.h/2-B.offsetHeight/2)+"px";J.setAttr(O,"top:"+B.style.top)}})},getSize:function(){return{t:(X.scrollTop||R.scrollTop),l:(X.scrollLeft||R.scrollLeft),w:(R.clientWidth||X.clientWidth),h:(F.innerHeight||R.clientHeight||X.clientHeight)}},getPosition:function(q){var u=J.getSize(),D=q,n={t:0,l:0},B=/gecko/.test(navigator.userAgent),m=function(o,e){n.t+=o,n.l+=e};if(D&&D!=X){if(D.getBoundingClientRect){var p=D.getBoundingClientRect(),r=q.ownerDocument,W=r.body,T=r.documentElement,E=T.clientTop||W.clientTop||0,k=T.clientLeft||W.clientLeft||0;if(p.top==p.bottom){var U=D.style.display;D.style.display="block";D.style.display=U}m(p.top+u.t-E,p.left+u.l-k)}else{var l=V.defaultView;while(D){m(D.offsetTop,D.offsetLeft);var j=l.getComputedStyle(D,null);if(B){var i=parseInt(j.getPropertyValue("border-left-width"),10)||0,t=parseInt(j.getPropertyValue("border- <truncated>
文件名 MSIMGSIZ.DAT
相关文件
C:\Users\test\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT
文件大小 16384 字节
文件类型 data
MD5 02f3f1f3069874f6bd53b4e4e7bae428
SHA1 488990396dbdb4d8e4af415b413513678bbb613e
SHA256 cccccba6925784c06e07f72faca7abc495448cc3b8c06f6fa58aae41ee4439a4
CRC32 824D2711
Ssdeep 24:jYlIoF7mi7s+BCVKwNazuCIp3NasW9+9K8trW0DXakBcHaFLRR+DkMfinf+wJiUU:j8NV7s+BCVKqaIaz+9K8VTFBc6pzd2
下载提交魔盾安全分析
文件名 bdsstyle[1].css
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\bdsstyle[1].css
文件大小 9779 字节
文件类型 UTF-8 Unicode text, with very long lines, with no line terminators
MD5 75059014a29a3c9a4b71e6fb3d59a747
SHA1 6e8cb5ffcdae6148974a0aa87ddfc973737b2660
SHA256 4067e0bd861b026d7bda9b5b7dfb7d0bd2af96616aeb4313244d47be73c2c7d4
CRC32 7C90F053
Ssdeep 192:WyqkWVWmwhWh5WGW+WENWEWrW9WEW2WHWKxjz96IuzMN0:JqAdxvYIuzMm
下载提交魔盾安全分析显示文本 
@CHARSET "UTF-8";#bdshare ul,#bdshare_s ul,#bdshare ul li,#bdshare_s ul li,#bdshare_l_c ul li,#bdshare_m_c ul li,#bdshare_pop ul,#bdshare_pop ul li{list-style:none;margin:0;padding:0}#bdshare{_overflow-x:hidden;z-index:999999;padding-bottom:2px;font-size:12px;float:left;text-align:left!important;zoom:1}#bdshare a,#bdshare_s a,#bdshare_pop a{text-decoration:none;cursor:pointer}#bdshare a:hover,#bdshare_s a:hover,#bdshare_pop a:hover{color:#333;opacity:.8;filter:alpha(opacity=80)}#bdshare img{border:0;margin:0;padding:0;cursor:pointer}#bdshare h6,#bdshare_s h6{width:100%;font:14px/22px '\xe5\xae\x8b\xe4\xbd\x93';text-indent:.5em;font-weight:700;border-top:1px solid #fbfbfb;border-bottom:1px solid #f2f1f1;background-color:#f6f6f6;float:left;padding:5px 0;margin:0}#bdshare ul,#bdshare_s ul{width:98%;float:left;padding:8px 0;margin-left:2px;overflow:hidden}#bdshare ul li,#bdshare_s ul li{width:47%;_width:41%;float:left;margin:4px 2px}#bdshare ul li a,#bdshare_s ul li a{color:#565656;font:12px '\xe5\xae\x8b\xe4\xbd\x93';display:block;width:98%;padding:6px 0;text-indent:2.4em;*text-indent:1.8em;_text-indent:1.8em;border:1px solid #fff}#bdshare ul li a:hover,#bdshare_s ul li a:hover{background-color:#f3f3f3;border:1px solid #eee;-webkit-border-radius:3px;-moz-border-radius:3px}#bdshare p,#bdshare_s p{width:100%;height:21px;font:12px '\xe5\xae\x8b\xe4\xbd\x93';border-top:1px solid #f2f1f1;background-color:#f8f8f8;float:left;padding:0;margin:0}#bdshare p a,#bdshare_s p a{width:auto;text-align:right;float:right;padding:0 5px}#bdshare_l{width:212px;position:absolute;top:0;background:#fff;text-align:left}#bdshare_l_c{width:210px;float:left;border:1px solid #e9e9e9;text-align:left}#bdshare_l_c ul li{width:47%;height:26px;float:left;margin:2px}#bdshare_l_c ul li a{background:url(../images/is.png?cdnversion=20131219) no-repeat;height:auto!important}#bdshare_m{width:132px;float:right;position:absolute;zoom:1;background:#fff}#bdshare_m_c{width:130px;float:left;border:1px solid #e9e9e9;overflow:hidden;background:#fff}#bdshare_m_c ul li{width:97%;_width:90%;float:left;margin:2px}#bdshare_m_c ul li a{background:url(../images/is.png?cdnversion=20131219) no-repeat;height:auto!important}#bdshare_l,#bdshare_m{-webkit-box-shadow:0 0 7px #eee;-moz-box-shadow:0 0 7px #eee;z-index:99999}#bdshare_pop{width:300px;border:6px solid #8f8f8f;padding:0;background:#f6f6f6;position:absolute;z-index:1000000;text-align:left}#bdshare_pop{-webkit-border-radius:5px;-moz-border-radius:5px}#bdshare_pop{-webkit-box-shadow:0 0 7px #aaa;-moz-box-shadow:0 0 7px #aaa}#bdshare_pop div{border:1px solid #e9e9e9;float:left;overflow:hidden;text-align:left}#bdshare_pop h5{width:100%;height:28px;color:#626262;font:14px/28px '\xe5\xae\x8b\xe4\xbd\x93';font-weight:700;text-indent:.5em;float:left;margin:0;overflow:hidden}#bdshare_pop h5 b{width:22px;height:23px;background:url(../images/pop_c.gif?cdnversion=20120720) no-repeat 0 0;cursor:pointer;position:absolute;right:8px;top:4px}#bdshare_pop ul{width:100%;height:256px;background:#fff;float:left;padding:8px 0;margin:0;border-top:1px solid #f2f1f1;border-bottom:1px solid #f2f1f1;overflow:auto;overflow-x:hidden}#bdshare_pop ul li{width:130px;float:left;padding:2px;margin-left:6px;_margin-left:3px;height:29px;overflow:hidden}#bdshare_pop ul li a{background:url(../images/is.png?cdnversion=20131219) no-repeat;color:#565656;font:12px '\xe5\xae\x8b\xe4\xbd\x93';display:block;width:75%;padding:6px 0 6px 28px;border:1px solid #fff}#bdshare_pop ul li a:hover{background-color:#f3f3f3;border:1px solid #eee;-webkit-border-radius:3px;-moz-border-radius:3px}#bdshare_pop p{width:100%;font:12px '\xe5\xae\x8b\xe4\xbd\x93';float:left;padding:5px 0 8px;margin:0;overflow:hidden}#bdshare_pop p a{width:auto;text-align:right;float:right;padding:0 5px}#bdshare_l_c p a.goWebsite,#bdshare_m_c p a.goWebsite,#bdshare_pop p a.goWebsite{text-align:right;background:url(../images/pi.gif?cdnversion=20120720) no-repeat 0 center;line-height:16px;padding-left:12px;color:#8c8c8c}#bdshare_l_c p a.goWebsite:hover,#bdshare_m_c p a.goWebsite:hover,#bdshare_pop p a.goWebsite:hover{color:#00a9e0}span.bds_more{background:url(../images/is.png?cdnversion=20131219) no-repeat 0 5px!important}span.bds_more,.bds_tools a{display:block;font-family:'\xe5\xae\x8b\xe4\xbd\x93',Arial;height:16px;float:left;cursor:pointer;padding-top:6px;padding-bottom:3px;padding-left:22px}.bds_tools a{background:url(../images/is.png?cdnversion=20131219) no-repeat}.bds_tools_32 a{background:url(../images/is_32.png?cdnversion=20131219) no-repeat;width:37px;height:37px;display:block;float:left;margin-right:3px;text-indent:-100em;cursor:pointer}.bds_tools_32 span.bds_more{background:url(../images/is_32.png?cdnversion=20131219) no-repeat 0 5px!important;width:37px;height:32px;text-indent:-100em;padding-left:0}.bds_tools_24 a{background:url(../images/is_24.png?cdnversion=20131219) no-repeat;width:29px;height:29px;display:block;float:left;margin-right:3px text-indent:-100em;padding-left:0;cursor:pointer}.bds_tools_24 span.bds_more{background:url(../images/is_24.png?cdnversion=20131219) no-repeat 0 5px!important;width:29px;height:24px;text-indent:-100em;padding-left:0}.bds_more{background-image:url(../images/is.png?cdnversion=20131219)!important;background-position:0 4px!important}span.bds_nopic,.bds_tools_32 span.bds_nopic,.bds_tools_24 span.bds_nopic{background-image:none!important;padding-left:3px!important}.bdshare_b img{float:left}.bdshare_b a.shareCount,.bds_tools a.shareCount,.bds_tools_32 a.shareCount,.bds_tools_24 a.shareCount{float:left;background:url(../images/sc.png?cdnversion=20120720) no-repeat!important;margin:0;padding:0;text-align:center;padding-left:5px;color:#454545;font-family:'\xe5\xae\x8b\xe4\xbd\x93'!important}.bdshare_b a.shareCount,.bds_tools_24 a.shareCount{width:39px;height:24px;background-position:0 0;font-size:12px;line-height:24px;margin-left:3px}.bdshare_b a.shareCount:hover,.bds_tools_24 a.shareCount:hover{color:#454545!important;background-position:-44px 0!important;opacity:1!important;filter:alpha(opacity=100)!important}.bds_tools a.shareCount{width:37px;height:16px;background-position:0 -30px!important;margin-top:5px;overflow:hidden;font-size:12px;line-height:16px}.bds_tools a.shareCount:hover{color:#454545!important;background-position:-42px -30px!important;opacity:1!important;filter:alpha(opacity=100)!important}.bds_tools_32 a.shareCount{width:43px;height:32px;background-position:0 -60px!important;margin-top:5px;overflow:hidden;font-size:14px;line-height:32px;text-indent:0!important}.bds_tools_32 a.shareCount:hover{color:#454545!important;background-position:-48px -60px!important;background-position:-48px -60px;opacity:1!important;filter:alpha(opacity=100)!important}.bds_tools_24 a.shareCount{margin-top:5px}.bds_qzone{background-position:0 -75px!important}.bds_tsina{background-position:0 -115px!important}.bds_bdhome{background-position:0 -155px!important}.bds_renren{background-position:0 -195px!important}.bds_tqq{background-position:0 -235px!important}.bds_kaixin001{background-position:0 -275px!important}.bds_tqf{background-position:0 -315px!important}.bds_hi{background-position:0 -355px!important}.bds_douban{background-position:0 -395px!important}.bds_tsohu{background-position:0 -435px!important}.bds_msn{background-position:0 -475px!important}.bds_qq{background-position:0 -515px!important}.bds_taobao{background-position:0 -555px!important}.bds_tieba{background-position:0 -595px!important}.bds_sohu{background-position:0 -675px!important}.bds_t163{background-position:0 -715px!important}.bds_qy{background-position:0 -755px!important}.bds_tfh{background-position:0 -795px!important}.bds_hx{background-position:0 -835px!important}.bds_fx{background-position:0 -875px!important}.bds_ff{background-position:0 -915px!important}.bds_xg{background-position:0 -955px!important}.bds_ty{background-position:0 -995px!important}.bds_s51{background-position:0 -1035px!important}.bds_fbook{background-position:0 -1115px!important}.bds_twi{background-position:0 -1155px!important}.bds_ms{background-position:0 -1195px!important}.bds_deli{background-position:0 -1235px!important}.bds_s139{background-position:0 -1275px!important}.bds_iguba{background-position:0 -1315px!important}.bds_linkedin{background-position:0 -1354px!important}.bds_copy{background-positi <truncated>
文件名 is[1].png
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\is[1].png
文件大小 12294 字节
文件类型 PNG image data, 20 x 2620, 8-bit colormap, non-interlaced
MD5 fee619fb8de49c08487681bd0119fa5c
SHA1 9c7231237e5e5f4e8408623b401dece33f6563ce
SHA256 dc274420601f10bec22ea0dc7e9a1a1425ba67d4a40153d30c864752c09901d2
CRC32 71C46258
Ssdeep 192:+mPLKZPpA7fxY4D9ZMyvd+/k2wcZsaKSKpGIA2G15vQPm3QlATuj0M:+mTUxAT9ZMyU/pn6aKSwGIknOscATuZ
下载提交魔盾安全分析
文件名 core[1].php
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\core[1].php
文件大小 2548 字节
文件类型 HTML document, ASCII text, with very long lines, with CRLF line terminators
MD5 5a6cc330a69442625cd3d16847548362
SHA1 a5887991100cb810724b5083507266243eb8198e
SHA256 22000c17b2ed559973eb1adf78577eeb73ce26eb2a149ecfa2b2646e8290e6f7
CRC32 2FEBFA4C
Ssdeep 48:1rAQL/9l7D+pyVjkTBi2k+oGfrgo+ufW+Emz7jUprCntFar5Tgb5FNSLXiFs5vE:Zpl+s8BntW+Em5/Ggb5FakN
下载提交魔盾安全分析显示文本 
!function(){var p,q,r,a=encodeURIComponent,b="947842",c="",d="",e="online_v3.php",f="hzs9.cnzz.com",g="1",h="text",i="z",j="&#31449;&#38271;&#32479;&#35745;",k=window["_CNZZDbridge_"+b]["bobject"],l="https:",m="1",n=l+"//online.cnzz.com/online/"+e,o=[];o.push("id="+b),o.push("h="+f),o.push("on="+a(d)),o.push("s="+a(c)),n+="?"+o.join("&"),"0"===m&&k["callRequest"]([l+"//cnzz.mmstat.com/9.gif?abc=1"]),g&&(""!==d?k["createScriptIcon"](n,"utf-8"):(q="z"==i?"http://www.cnzz.com/stat/website.php?web_id="+b:"http://quanjing.cnzz.com","pic"===h?(r=l+"//icon.cnzz.com/img/"+c+".gif",p="<a href='"+q+"' target=_blank title='"+j+"'><img border=0 hspace=0 vspace=0 src='"+r+"'></a>"):p="<a href='"+q+"' target=_blank title='"+j+"'>"+j+"</a>",k["createIcon"]([p])))}();(function(){function n(){this.c()}var p=[],e=document,g=window,m=encodeURIComponent,q="unknow",l=null;n.prototype={c:function(){if(!1===this.d())return!1;var a;this.a(e,"mousedown",this.b);a=g.navigator.userAgent;l=e.documentElement&&0!==e.documentElement.clientHeight?e.documentElement:e.body;a=a?a.toLowerCase().replace(/-/g,""):"";for(var b="netscape;se 1.;se 2.;saayaa;360se;tencent;qqbrowser;mqqbrowser;maxthon;myie;theworld;konqueror;firefox;chrome;safari;msie 5.0;msie 5.5;msie 6.0;msie 7.0;msie 8.0;msie 9.0;msie 10.0;Mozilla;opera".split(";"),
d=0;d<b.length;d+=1)if(-1!==a.indexOf(b[d])){q=b[d];break}},a:function(a,b,d){a.addEventListener?a.addEventListener(b,d,!1):a.attachEvent?a.attachEvent("on"+b,d):a["on"+b]=d},b:function(a){a||(a=g[a]);var b=a.target||a.srcElement;"IMG"===b.tagName&&(b=b.parentNode);var b="A"===b.tagName?1:0,d=a.which||a.button,k=a.clientX;a=a.clientY;var f=g.pageYOffset||l.scrollTop,k=k+(g.pageXOffset||l.scrollLeft);a+=f;var f=l.clientWidth||g.innerWidth,r=g.location.href,c=[];c.push("id=947842");c.push("x="+
k);c.push("y="+a);c.push("w="+f);c.push("s="+g.screen.width+"x"+g.screen.height);c.push("b="+q);c.push("c="+d);c.push("r="+m(e.referrer));c.push("a="+b);c.push("p="+m(r));c.push("random="+m(Date()));var b=c.join("&"),h=new Image;h.onload=h.onerror=h.onabort=function(){h=h.onload=h.onerror=h.onabort=null};h.src="https://hm3.cnzz.com/heatmap.gif?"+b;return!0},d:function(){var a=g.location.href,b=!1,d="([{\\^$|)?+.]}".split("");g.location.pathname||(a+="/");for(var k=0;k<p.length;k++){var f=
p[k];if(-1!==f.indexOf("*")){for(var e=0;e<d.length;e++)var c="/\\"+d[e]+"/g",f=f.replace(eval(c),"\\"+d[e]);c="/\\*/g";f=f.replace(eval(c),"(.*)");c=RegExp(f,"i");if(c.test(a)){b=!0;break}}else if(f===a){b=!0;break}}return b}};new n})();
文件名 test@t.adyun[1].txt
相关文件
C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\test@t.adyun[1].txt
文件大小 434 字节
文件类型 ASCII text
MD5 94e3a46b9f814fdeda24f31c4357a5e4
SHA1 4a150e99124b1769c2122208c501f00bebb224bc
SHA256 cf1b9c18c9d3734600f7f8206ba0fe8afbc162888fd816be4a59b5e299cfc1d2
CRC32 BEE371CE
Ssdeep 6:4+0nBBrQ/vYUZtJ39TUkcHlrQ/vYUZtz3TUc3Q/vYUZtz/i3TUJn6dqQ/vYUZtzj:4+gBl8b59Tbc8b7Tt38bSTMt8bSVTy
下载提交魔盾安全分析显示文本 
a
649150464_1_0%2C3065069568_1_0%2C528891904_1_0
t.adyun.com/
2147484752
1840139776
30649619
1691013744
30577261
*
p
3357716480_1_0%2C3109629952_1_0
t.adyun.com/
2147484752
1840139776
30649619
1690393744
30577261
*
u
3663353856_1_0%2C2076284928_1_0
t.adyun.com/
2147484752
1840139776
30649619
1690543744
30577261
*
i
8753273916253798400_1_0%2C14643444842546331648_1_0
t.adyun.com/
2147484752
1840139776
30649619
1690703744
30577261
*
文件名 test@t.adyun[2].txt
相关文件
C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\test@t.adyun[2].txt
文件大小 451 字节
文件类型 ASCII text
MD5 a22c67f481f573a5554818900612bf53
SHA1 2b24d023f127fd704aa1256bd32e19eeb5b84eef
SHA256 9596b7594519c8f9408479567230a7f2d342801b37a20dff5769944a6e9a1278
CRC32 EC825295
Ssdeep 6:4+0nBBrQ/vYUZtJ39TUkcH2RsQ/vYUZtUTUc3Q/vYUZtz/i3TUJn6dqQ/vYUZtzj:4+gBl8b59TbZRs8bUTt38bSTMt8bSVTy
下载提交魔盾安全分析显示文本 
a
649150464_1_0%2C3065069568_1_0%2C528891904_1_0
t.adyun.com/
2147484752
1840139776
30649619
1691013744
30577261
*
p
3357716480_1_0%2C3109629952_1_0%2C3572281344_1_0
t.adyun.com/
2147484752
1840139776
30649619
1691173744
30577261
*
u
3663353856_1_0%2C2076284928_1_0
t.adyun.com/
2147484752
1840139776
30649619
1690543744
30577261
*
i
8753273916253798400_1_0%2C14643444842546331648_1_0
t.adyun.com/
2147484752
1840139776
30649619
1690703744
30577261
*
文件名 bg[1].png
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\bg[1].png
文件大小 1031 字节
文件类型 PNG image data, 138 x 18, 8-bit colormap, non-interlaced
MD5 a9d8bb8b108b90d5026a3d202990b833
SHA1 b93ffb91e5966a768dc863f6470127c0c7191b5b
SHA256 2cbe602e2bc5d1ba80ad0d2617149b1fe153733bbf492882e26f4b8cb1fb2088
CRC32 C0EA14B8
Ssdeep 24:h+tnBmazglqgZ8GU2pma3rvKNppu7QvgQwSCg1EP8:hOBmGglZ8GZm6vKNppyQwqEP8
下载提交魔盾安全分析
文件名 test@t.adyun[1].txt
相关文件
C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\test@t.adyun[1].txt
文件大小 248 字节
文件类型 ASCII text
MD5 8ccd090305b886c94ac698b408e29663
SHA1 54e4ff8b8d4b29893d94ba29d3be0a2bf25e61e2
SHA256 b333bde861f7ca25da21479d2a8babaca1ab57e2e43000d67dca56c4adf5e8ef
CRC32 565762A2
Ssdeep 6:4+wQ/v70t7SH3TUkciQ/v70t7SH3TUciQ/v70t7SXHS39TU/:4+w8iK3TbR8iK3Tti8iQH2Ty
下载提交魔盾安全分析显示文本 
a
649150464_1_0
t.adyun.com/
2147484752
1780139776
30649619
1571873744
30577261
*
p
3357716480_1_0
t.adyun.com/
2147484752
1780139776
30649619
1571873744
30577261
*
u
3663353856_1_0
t.adyun.com/
2147484752
1780139776
30649619
1572033744
30577261
*
文件名 topmenu_r[1].gif
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\topmenu_r[1].gif
文件大小 120 字节
文件类型 GIF image data, version 89a, 960 x 4
MD5 2afcebfdefd676796708f4e7d2d245e4
SHA1 539851ffdb2ddeb66204bdc62c2936e5f5b8a0ff
SHA256 3d07ef27e181019b7432b9e629197d4f69187f2513768544bc7acc8306a11d4b
CRC32 E3EAC6C5
Ssdeep 3:Cz0DkCSxlTvIqGD1CkcrSOpv9W51kXS+E:w0FSj8qGD1WrOV
下载提交魔盾安全分析
文件名 ACF244F1A10D4DBED0D88EBA0C43A9B5_16756CC7371BB76A269719AA1471E96C
相关文件
C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\ACF244F1A10D4DBED0D88EBA0C43A9B5_16756CC7371BB76A269719AA1471E96C
文件大小 492 字节
文件类型 data
MD5 e89454c6f22251f4884b3817807eb024
SHA1 7a607ddf990a33b96f7e4b0fbc00e6f8ce7d177a
SHA256 da5f280f2e7e48ecf3e008e4da8fae75b535e13dabd25b963da727b67d8aa163
CRC32 7765C29F
Ssdeep 12:fvO/wSDWzF0Y1oOkksFyR7uE9SsAUOlJCZxCWx:HGJDgF0WoLnYRd8JUKYNx
下载提交魔盾安全分析
文件名 logger[1].js
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\logger[1].js
文件大小 5881 字节
文件类型 ASCII text, with very long lines, with no line terminators
MD5 6145620717ddbcb0ff067548919c5104
SHA1 117809d3a976ac3681f49f7984bd209eb1c4ade6
SHA256 6f1c9b5885df8bec5df7e730b10304c252e18804462c14fd0724e865ef25c654
CRC32 17422486
Ssdeep 96:WbsGT3L7A8x1nefv5108u66M0JAAAJIM5gAhIOno7KNjUX006RJCuk/ZXG:wiYPMyVMe/eNjEpRZXG
下载提交魔盾安全分析显示文本 
var bdShare=bdShare||{};bdShare._LogPool=bdShare._LogPool||[],bdShare.ApiPVLogger||function(e){function u(e,t){var n=[];for(var r in t){var i=typeof t[r];i!="function"&&i!="object"&&t.hasOwnProperty(r)&&n.push(e+"_"+r+"="+t[r])}return n.join("&")}function a(){var e=bdShare._LogPool||[],t={};for(var n=e.length-1;n>=0;n--){var r=e[n],i=t[r.key];i?(i.linkid=i.linkid||r.api.linkid,i.type=(i.type||0)|(r.api.type||0)):t[r.key]=r.api}e=[];for(var s in t)t.hasOwnProperty(s)&&e.push({key:s,api:t[s]});return bdShare._LogPool=e,e}function f(){var e=bdShare._LogPool||[],t=e.length;if(t>0){e=a(),t=e.length;var n=[],i="",s=null,f=[0,0,0,0,0,0,0,0];for(var l=0;l<t;l++)s=e[l],f[r[s.key]]=1,s.api.linkid&&(i=s.api.linkid,delete s.api.linkid),n.push(u(s.key,s.api));n.unshift("linkid="+i),n.unshift("apitype="+parseInt(f.reverse().join(""),2)),o(n.join("&"))}}function c(){l=!0,t.dom.ready(function(){setTimeout(function(){p(),h()},1e3)})}var t,n=t=n||{version:"1.5.2.2"};n.guid="$BAIDU$",n.$$=window[n.guid]=window[n.guid]||{global:{}},n.ajax=n.ajax||{},n.fn=n.fn||{},n.fn.blank=function(){},n.ajax.request=function(e,t){function v(){if(d.readyState==4){try{var e=d.status}catch(t){g("failure");return}g(e),e>=200&&e<300||e==304||e==1223?g("success"):g("failure"),window.setTimeout(function(){d.onreadystatechange=n.fn.blank,s&&(d=null)},0)}}function m(){if(window.ActiveXObject)try{return new ActiveXObject("Msxml2.XMLHTTP")}catch(e){try{return new ActiveXObject("Microsoft.XMLHTTP")}catch(e){}}if(window.XMLHttpRequest)return new XMLHttpRequest}function g(e){e="on"+e;var t=c[e],r=n.ajax[e];if(t){h&&clearTimeout(h);if(e!="onsuccess")t(d);else{try{d.responseText}catch(i){return t(d)}t(d,d.responseText)}}else if(r){if(e=="onsuccess")return;r(d)}}var r=t||{},i=r.data||"",s=r.async!==!1,o=r.username||"",u=r.password||"",a=(r.method||"GET").toUpperCase(),f=r.headers||{},l=r.timeout||0,c={},h,p,d;for(p in r)c[p]=r[p];f["X-Requested-With"]="XMLHttpRequest";try{d=m(),a=="GET"&&(i&&(e+=(e.indexOf("?")>=0?"&":"?")+i,i=null),r.noCache&&(e+=(e.indexOf("?")>=0?"&":"?")+"b"+ +(new Date)+"=1")),o?d.open(a,e,s,o,u):d.open(a,e,s),s&&(d.onreadystatechange=v),a=="POST"&&d.setRequestHeader("Content-Type",f["Content-Type"]||"application/x-www-form-urlencoded");for(p in f)f.hasOwnProperty(p)&&d.setRequestHeader(p,f[p]);g("beforerequest"),l&&(h=setTimeout(function(){d.onreadystatechange=n.fn.blank,d.abort(),g("timeout")},l)),d.send(i),s||v()}catch(y){g("failure")}return d},n.browser=n.browser||{},function(){var e=navigator.userAgent;n.browser.safari=/(\d+\.\d)?(?:\.\d)?\s+safari\/?(\d+\.\d+)?/i.test(e)&&!/chrome/i.test(e)?+(RegExp.$1||RegExp.$2):undefined}(),n.browser.ie=n.ie=/msie (\d+\.\d+)/i.test(navigator.userAgent)?document.documentMode||+RegExp.$1:undefined,n.browser.opera=/opera(\/| )(\d+(\.\d+)?)(.+?(version\/(\d+(\.\d+)?)))?/i.test(navigator.userAgent)?+(RegExp.$6||RegExp.$2):undefined,n.dom=n.dom||{},function(){var e=n.dom.ready=function(){function r(){if(!r.isReady){r.isReady=!0;for(var e=0,n=t.length;e<n;e++)t[e]()}}function i(){try{document.documentElement.doScroll("left")}catch(e){setTimeout(i,1);return}r()}function s(){if(e)return;e=!0;if(document.readyState==="complete")r.isReady=!0;else if(document.addEventListener)document.addEventListener("DOMContentLoaded",n,!1),window.addEventListener("load",r,!1);else if(document.attachEvent){document.attachEvent("onreadystatechange",n),window.attachEvent("onload",r);var t=!1;try{t=window.frameElement==null}catch(s){}document.documentElement.doScroll&&t&&i()}}var e=!1,t=[],n;return document.addEventListener?n=function(){document.removeEventListener("DOMContentLoaded",n,!1),r()}:document.attachEvent&&(n=function(){document.readyState==="complete"&&(document.detachEvent("onreadystatechange",n),r())}),s(),function(e){r.isReady?e():t.push(e)}}();e.isReady=!1}(),t.undope=!0;var r={cite:0,img:1,addto:2,video:3},i=window.location||document.location,s=function(){var e=[];return function(t){var n="bdsharelog__"+(new Date).getTime(),r=e[n]=new Image;r.onload=r.onerror=function(){e[n]=null},r.src=t,r=null}}(),o=function(e){var t=document.body.offsetWidth,n=document.body.offsetHeight,r=window.screen.availWidth,i=window.screen.availHeight,o=[t,n,r,i].join(","),u="http://nsclick.baidu.com/v.gif?pid=307&type=3071&sc="+o+"&desturl="+encodeURIComponent(document.referrer)+"&";s(u+e)},l=!1,h=function(){var e=+(new Date),n={spendTime:0,scrollTop:0,viewHeight:0},r=+(new Date),i=function(){var e=new Date-r;if(e>n.spendTime){var t=document.compatMode=="BackCompat"?document.body:document.documentElement;n={spendTime:e,scrollTop:window.pageYOffset||document.documentElement.scrollTop||document.body.scrollTop,viewHeight:t.clientHeight}}r=new Date},o=function(e,t,n){e.addEventListener?e.addEventListener(t,n,!1):e.attachEvent&&e.attachEvent("on"+t,n)},u=0,a=1e3;setInterval(function(){document.hasFocus()&&u++},a),o(window,"scroll",i),o(window,"beforeunload",function(){var r=new Date-e;if(r==0)return;i();var o=["http://nsclick.baidu.com/v.gif?pid=307","type=3075","l="+r,"t="+n.scrollTop,"s="+n.spendTime,"v="+n.viewHeight,"f="+u*a,"r="+encodeURIComponent(document.referrer),"u="+encodeURIComponent(window.location.href)].join("&");/firefox\/(\d+\.\d+)/i.test(navigator.userAgent)?t.ajax.request(o,{async:!1,timeout:300}):s(o)})},p=function(){var e=0;return function(){if(bdShare.velocity&&(!bdShare.velocity.mainJsLoaded||!bdShare.velocity.cssLoadEnd)&&e++<3)setTimeout(p,1e3);else{if(bdShare.velocity){var t=Math.max(bdShare.velocity.cssLoadEnd,bdShare.velocity.mainJsLoaded)-bdShare.velocity.start||0,n=bdShare.velocity.cssLoadEnd-bdShare.velocity.cssLoadStart||0,r=bdShare.velocity.mainJsLoaded-bdShare.velocity.start||0;bdShare._LogPool.length>0&&bdShare._LogPool.push({key:"velo",api:{load:t,cssload:n,jsLoad:r}})}f()}}}();e.ApiPVLogger={add:function(e,t){bdShare._LogPool.push({key:e,api:t})}},l||c()}(bdShare);
文件名 RecoveryStore.{E03A5043-FE22-11E6-ADB4-525400AF6CFF}.dat
相关文件
C:\Users\test\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{E03A5043-FE22-11E6-ADB4-525400AF6CFF}.dat
文件大小 3584 字节
文件类型 Composite Document File V2 Document, Cannot read section info
MD5 bf884420506b8af954520d06129abdd7
SHA1 0c899c16f9b5994a68054b4d1f35836e668109b8
SHA256 ae7bae3584b7ad46bdd8da0077581061d5b092e5eca817b604090ae182d61a42
CRC32 C10D3B6F
Ssdeep 12:rl0YmGF2AQlYrEg5+IaCrI017+FoDrEgmf+IaCy8qgQNlTqo:rIJO5//Gv/TQNlWo
下载提交魔盾安全分析
文件名 topmenu_bg[1].gif
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\topmenu_bg[1].gif
文件大小 204 字节
文件类型 GIF image data, version 89a, 2 x 80
MD5 f28c0d2e523d54def4cf6a10e1ebfc1b
SHA1 18c88f2d3d9a5edc2a44730e3c6dfc0a6c2e1818
SHA256 a468faae04431e87943e15038ce10ca8cbd5411b2fe3f96b3e5de81620eb9b0a
CRC32 5655E312
Ssdeep 3:CqKR2Uo0Bojjcg8mnBb9ZZeB061yinp/Vll3ymuRlKG/rUP9O/wENuwhXAtKBEn:uQmcR3t9ZgpXp13/uE9O4LtKS
下载提交魔盾安全分析
文件名 show_url_config[1].js
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\show_url_config[1].js
文件大小 9900 字节
文件类型 ASCII text
MD5 c83bfaa92cee8709ba2065164b0b3604
SHA1 6c5f535458623f82fd35d35b756a61e5d10edf85
SHA256 63592e623f48f174c4f9104d6e70e26b3ecafa486af8cff9a868bc3fc77e1c76
CRC32 D053C71C
Ssdeep 48:sN0dhnnRu4LcVYvDYi/Jcx58TuiATRUQwK17gYfkpBkPu3BUXsoUbVfeemYIU/AW:Q/1QafkaapS8IWkfZ3bXKEJnvYEmZ4Q
下载提交魔盾安全分析显示文本 
var ad = [ [ 'http://www.newscnr.com/new/', 10 ],
		[ 'http://www.hebei.cm/', 10 ],
		[ 'http://pet.ccf.com.cn/2014/', 10 ],
		[ 'http://www.lesocity.com/', 10 ],
		[ 'http://www.zmgov.com/', 10 ], [ 'http://www.taizhou.com.cn/', 10 ],
		[ 'http://www.0421.net/', 10 ], [ 'http://www.dsqq.cn/', 10 ],
		[ 'http://www.wifixz.com/', 10 ], [ 'http://www.e0514.com/', 10 ],
		[ 'http://www.gzxxw.com/', 10 ],
		[ 'http://www.gdtv.cn/', 10 ], [ 'http://www.tznews.cn/', 10 ],
		[ 'http://www.jsw.com.cn/', 10 ], [ 'http://gold.hexun.com/', 10 ],
		[ 'http://www.ycnews.cn/', 10 ],
		[ 'http://www.hynews.net/', 10 ], [ 'http://www.joyinweb.com/', 1 ],
		[ 'http://www.zhong5.cn', 10 ], [ 'http://www.gmw.cn/', 100 ],
		[ 'http://www.0776.cn/', 10 ], [ 'http://www.wenzhousx.com/', 10 ],
		[ 'http://www.sjwj.com/', 10 ],
		[ 'http://www.happyfishing.com.cn/', 50 ],
		[ 'http://www.yyfeicui.cn/', 10 ],
		[ 'http://grey.tteb.com/2014/', 10 ]
                [ 'http://foodqs.cn/', 10 ],
                [ 'http://www.wzs.org.cn/', 10 ],
                [ 'http://www.haiwainet.cn/', 10 ], [ 'http://house.focus.cn/zhuanti14/dazheloupan/?pvid=eaea80b59563c909', 10 ],
                [ 'http://www.hjzbhs.com/', 10 ], [ 'http://www.cb.com.cn/', 10 ],
                [ 'http://www.byf.com/', 10 ]
                [ 'http://www.nyzyw.com/', 10 ],
                [ 'http://www.shanhuotc.com/', 10 ], [ 'http://www.ihongshu.cn/', 10 ],
                [ 'http://sohunews.net/', 10 ],
                [ 'http://0168.cc/', 10 ],
                [ 'http://www.gjdlbz.com/', 10 ],
                [ 'http://zgqsw.cn/', 10 ],
                [ 'http://www.jkshw.com/', 10 ], [ 'http://www.chinaled114.com/', 10 ],
                [ 'http://www.meijw.com/zaobiao.html/', 10 ],
                [ 'http://www.pm168.net/', 10 ],
                [ 'http://zgncpsbw.com/', 10 ]
                [ 'http://www.cnpmetal.com/', 10 ],
                [ 'http://ecar168.cn/', 10 ], [ 'http://www.agoil.cn/', 1 ],
                [ 'http://cpmin.cn/', 1 ], [ 'http://www.chinawatchnet.com/', 1 ],
                [ 'http://www.taociyun.com/', 10 ],
                [ 'http://cslleather.com/', 2 ],
                [ 'http://www.tybaba.com/', 10 ], [ 'http://star.xiziwang.net/mingxingzixun/13060/', 10 ],
		[ 'http://www.jiudiangong.com/', 10 ], [ 'http://www.pos580.com/', 10 ],
                [ 'http://www.dianpingba.com/', 10 ],
                [ 'http://zhihuimami.com/', 10 ],
                [ 'http://www.zglazhu.com/', 10 ],
                [ 'http://www.cnbjw.com/', 10 ],
                [ 'http://www.zhifang.com/', 10 ], [ 'http://www.qkmk.com/', 10 ],
                [ 'http://www.zsezt.com/tuku/#id=adyun/', 10 ], [ 'http://www.9che.com/', 10 ],
                [ 'http://www.06mama.com/', 10 ],
                [ 'http://www.zgksw.net/', 10 ],
                [ 'http://www.yejs.com.cn/', 10 ],
                [ 'http://www.huanqiuauto.com/', 10 ], [ 'http://www.dasdai.com.cn/', 10 ],
                [ 'http://www.autoeconomy.com.cn/', 10 ], [ 'http://www.hahachild.com/', 10 ],
                [ 'http://www.m6go.com/', 10 ], [ 'http://www.hbhjcw.com/', 10 ],
                [ 'http://www.toypf.com/', 10 ],
                [ 'http://www.caichongwang.com/', 10 ], [ 'http://www.chinayinpin.com/', 10 ],
                [ 'http://www.chekb.com/', 10 ],
                [ 'http://www.chinasigns.cn/', 10 ],
                [ 'http://www.lssp.com/', 10 ], [ 'http://www.huoyunwang.cn/busscenter/', 10 ],
                [ 'http://liangzidai.com/index.do/', 10 ],
                [ 'http://www.bz-e.com/', 10 ],
                [ 'http://www.buylamps.cn/', 10 ], [ 'http://www.28yq.com/', 5 ],
                [ 'http://www.meishi1jia1.com/', 8 ],
                [ 'http://www.jdypgxw.com/', 10 ], [ 'http://www.songziwang.com/', 5 ],
                [ 'http://www.jt996.com/', 5 ],
                [ 'http://item.taobao.com/item.htm?id=43096122047/', 5 ], [ 'http://www.funxun.com/', 10 ],
                [ 'http://www.hao60.net/', 10 ],
                [ 'http://www.thinkpadstore.cn/', 10 ], [ 'http://www.haowuliu123.com/', 5 ],
                [ 'http://www.bxd365.com/nproduct/custom/ver/3.1/?from=union-cn/', 5 ], [ 'http://www.simuwang.com/', 10 ],
                [ 'http://act.9666.cn/2014/12/26/?fromid=promote20141230&utm_source=ps&utm_medium=ps&utm_campaign=promote20141230/', 10 ], [ 'http://www.0572tmsf.com/', 10 ],
                [ 'http://www.ctei.cn/', 5 ], [ 'http://www.spaxy.cn/', 10 ],
                [ 'http://www.yihufushi.com/', 2 ],
                [ 'http://www.jdw001.com/', 10 ],
                [ 'http://www.orgcc.com/artist/index.html/', 5 ], [ 'http://www.pibuwang.com/', 5 ],
                [ 'http://www.cnfzflw.com/', 5 ], [ 'http://www.1039ok.com/', 5 ],
                [ 'http://www.ctn1986.com/', 5 ], [ 'http://www.nadiyi.com/', 5 ],
                [ 'http://www.saichuan.net/index.html/', 5 ], [ 'http://www.itdcw.com/', 10 ],
                [ 'http://uc.forex.com.cn/forexDxRegEvent/', 10 ],
                [ 'http://www.nadiyi.com/', 10 ], [ 'http://www.cphoto.net/', 10 ],
                [ 'http://www.zgws.net/', 10 ], [ 'http://www.shucar.com/', 10 ],
                [ 'http://www.yyb56.com/', 5 ], [ 'http://www.yzhli.com/', 1 ],
                [ 'http://www.neixiang8.com/', 10 ], [ 'http://www.zgqcc88.com/', 10 ],
                [ 'http://www.zhoumonet.com/', 10 ], [ 'http://www.huacaoshumu.net/', 10 ],
                [ 'http://www.haoyonghaowan.com/', 10 ], [ 'http://www.chinacar.com.cn/', 10 ],
                [ 'http://www.jn720.com/', 10 ],
                [ 'http://www.movecar.com.cn/Violation.html/', 10 ],
                [ 'http://www.dushunet.com/?adyun/', 5 ], [ 'http://riji.d88k.com/', 10 ],
                [ 'http://www.gushitiandi.com/', 1 ], [ 'http://www.maomiguan.com/', 1 ],
                [ 'http://www.cnlai.com/', 10 ], [ 'http://www.snecn.com/', 5 ],
                [ 'http://www.zhushihuisuo.com/', 5 ],
                [ 'http://weike.mahoupao.net/', 5 ], [ 'http://hp.hxnews.com/', 6 ],
                [ 'http://www.tlb2b.com/', 5 ],
                [ 'http://www.vsufu.com/', 5 ],
                [ 'http://asphaltrecycling.cn/', 5 ], [ 'http://www.cngansu.cn/', 5 ],
                [ 'http://www.yga168.com/', 2 ],
                [ 'http://www.cyb800.com/', 10 ], [ 'http://www.oemresource.com/', 5 ],
                [ 'http://www.hg180.com/', 5 ],[ 'http://www.chinazg.net/news.asp?id=5545/', 1 ],
                [ 'http://www.teapie.com/', 5 ],
                [ 'http://www.chajie.com/', 10 ], [ 'http://www.nongminw.cn/', 10 ],
                [ 'http://www.foodo.net/', 8 ], [ 'http://www.znds.com/', 10 ],
                [ 'http://www.traderbus.cn/skin/switcher/pur/logo.png/', 10 ], [ 'http://www.jiucn.com/', 10 ],
                [ 'http://www.yangstt.com/', 2 ], [ 'http://www.meishios.com/', 2 ],
                [ 'http://www.tripc.net/', 1 ],
                [ 'http://www.kaibanle.com/', 5 ], [ 'http://www.schoolside.net/', 3 ],
                [ 'http://www.myship.cn/', 10 ],
                [ 'http://www.ttachi.com/', 5 ], [ 'http://www.hetao8.com/', 5 ],
                [ 'http://www.199001.com/member_new/', 10 ],
                [ 'http://www.yzooo.com/', 5 ], [ 'http://www.huanongwang.com/', 5 ],
                [ 'http://shijie.dachanet.com/', 5 ], [ 'http://zghllmw.com/', 5 ],
                [ 'http://www.teainfo.wang', 5 ], [ 'http://huamucheng.com/', 5 ],
                [ 'http://www.168mmw.com', 5 ], [ 'http://www.ftgqw.com/', 5 ],
                [ 'http://www.cn-hjw.com', 10 ], [ 'http://www.680.com/vk/198', 10 ],
                [ 'http://www.chinawj.com.cn', 5 ], [ 'http://www.cnhhw.net/', 5 ],
		[ 'http://www.968309.com', 5 ],
                [ 'http://www.xiangshu.com/lv', 10 ], [ 'http://wabao.edushi.com/', 10 ],
                [ 'http://www.shangdingdai.com', 5 ], [ 'http://fair.china.cn/', 5 ],
                [ 'http://www.jjzg365.com', 5 ], [ 'http://www.cnjzjj.com/', 5 ],
                [ 'http://www.wbiao.cn/app/wbapp.html', 5 ], [ 'http://www.52huaiyunw.com/', 3 ],
                [ 'http://www.17maoyi.com', 5 ], [ 'http://www.c <truncated>
文件名 global[1].js
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\global[1].js
文件大小 20511 字节
文件类型 HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF, CR line terminators
MD5 abc31fa238755b4182ad2a40eb34f92f
SHA1 d4ebdeddd7057cbb472e39c63e5df3b224acd5fd
SHA256 a9bb252a9760da7a76ebb2a25256a963e36cee0b5bb8daddcd4a04a5993393f7
CRC32 CA73FBC3
Ssdeep 384:6+n3Ea0Z54+s1gJ26B4XFiCiM2PG4/wPO/VRDi3NFqEMVf2x:6+Bt1gJdXrM2JwPmMCm
下载提交魔盾安全分析
文件名 test@t.adyun[1].txt
相关文件
C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\test@t.adyun[1].txt
文件大小 468 字节
文件类型 ASCII text
MD5 fbdb83594314a48d2567088b79fde351
SHA1 f55efea3be1ba304353d00faabd068d5a8b719d9
SHA256 e859d0496473a20c2a068c70157ad469b9c8c323892ec8a66a18352cbd0f070e
CRC32 DB7BE4C6
Ssdeep 12:4+gBl8b59TbZRs8bUTtY88bRTMt8bSVTy:4PBl8b5y8b988bat8bf
下载提交魔盾安全分析显示文本 
a
649150464_1_0%2C3065069568_1_0%2C528891904_1_0
t.adyun.com/
2147484752
1840139776
30649619
1691013744
30577261
*
p
3357716480_1_0%2C3109629952_1_0%2C3572281344_1_0
t.adyun.com/
2147484752
1840139776
30649619
1691173744
30577261
*
u
3663353856_1_0%2C2076284928_1_0%2C3123861504_1_0
t.adyun.com/
2147484752
1840139776
30649619
1691323744
30577261
*
i
8753273916253798400_1_0%2C14643444842546331648_1_0
t.adyun.com/
2147484752
1840139776
30649619
1690703744
30577261
*
文件名 stat[1].php
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\stat[1].php
文件大小 9943 字节
文件类型 ASCII text, with very long lines
MD5 e4e51923f6e89a855d4c34da6c313642
SHA1 e99f3955b8f91da482fa1d53bcf19ad4875d92f4
SHA256 57aa612bb24f8c43fcc8259570d86a4abbc2901ef1e9271af2db51560a9f31f8
CRC32 5DDEF5DE
Ssdeep 192:1FxhtQCO5emu9Fxf5m1mbi4s5pHx8oVBDeaJGg8lEkWwB9rP11kCAt:1FxhtQCO1u7hs1kxO3hx8CUn7kCAt
下载提交魔盾安全分析显示文本 
(function(){function k(){this.c="947842";this.R="z";this.N="";this.K="";this.M="";this.r="1488329616";this.P="hzs9.cnzz.com";this.L="";this.u="CNZZDATA"+this.c;this.t="_CNZZDbridge_"+this.c;this.F="_cnzz_CV"+this.c;this.G="CZ_UUID"+this.c;this.v="0";this.A={};this.a={};this.la()}function g(a,b){try{var c=
[];c.push("siteid=947842");c.push("name="+f(a.name));c.push("msg="+f(a.message));c.push("r="+f(h.referrer));c.push("page="+f(e.location.href));c.push("agent="+f(e.navigator.userAgent));c.push("ex="+f(b));c.push("rnd="+Math.floor(2147483648*Math.random()));(new Image).src="http://jserr.cnzz.com/log.php?"+c.join("&")}catch(d){}}var h=document,e=window,f=encodeURIComponent,l=decodeURIComponent,n=unescape;k.prototype={la:function(){try{this.U(),this.J(),this.ia(),this.H(),this.o(),this.ga(),
this.fa(),this.ja(),this.j(),this.ea(),this.ha(),this.ka(),this.ca(),this.aa(),this.da(),this.pa(),e[this.t]=e[this.t]||{},this.ba("_cnzz_CV")}catch(a){g(a,"i failed")}},na:function(){try{var a=this;e._czc={push:function(){return a.B.apply(a,arguments)}}}catch(b){g(b,"oP failed")}},aa:function(){try{var a=e._czc;if("[object Array]"==={}.toString.call(a))for(var b=0;b<a.length;b++){var c=a[b];switch(c[0]){case "_setAccount":e._cz_account="[object String]"==={}.toString.call(c[1])?c[1]:String(c[1]);
break;case "_setAutoPageview":"boolean"===typeof c[1]&&(e._cz_autoPageview=c[1])}}}catch(d){g(d,"cS failed")}},pa:function(){try{if("undefined"===typeof e._cz_account||e._cz_account===this.c){e._cz_account=this.c;if("[object Array]"==={}.toString.call(e._czc))for(var a=e._czc,b=0,c=a.length;b<c;b++)this.B(a[b]);this.na()}}catch(d){g(d,"pP failed")}},B:function(a){try{if("[object Array]"==={}.toString.call(a))switch(a[0]){case "_trackPageview":if(a[1]){this.a.d="https://"+e.location.host;
"/"!==a[1].charAt(0)&&(this.a.d+="/");this.a.d+=a[1];if(""===a[2])this.a.e="";else if(a[2]){var b=a[2];"http"!==b.substr(0,4)&&(b="https://"+e.location.host,"/"!==a[2].charAt(0)&&(b+="/"),b+=a[2]);this.a.e=b}this.k();"undefined"!==typeof this.a.e&&delete this.a.e;"undefined"!==typeof this.a.d&&delete this.a.d}break;case "_trackEvent":var c=[];a[1]&&a[2]&&(c.push(f(a[1])),c.push(f(a[2])),c.push(a[3]?f(a[3]):""),a[4]=parseFloat(a[4]),c.push(isNaN(a[4])?0:a[4]),c.push(a[5]?f(a[5]):""),
this.m=c.join("|"),this.k(),delete this.m);break;case "_setCustomVar":if(3<=a.length){if(!a[1]||!a[2])return!1;var d=a[1],q=a[2],h=a[3]||0;a=0;for(var l in this.a.b)a++;if(5<=a)return!1;var k;k=0==h?"p":-1==h||-2==h?h:(new Date).getTime()+1E3*h;this.a.b[d]={};this.a.b[d].S=q;this.a.b[d].f=k;this.w()}break;case "_deleteCustomVar":2<=a.length&&(d=a[1],this.a.b[d]&&(delete this.a.b[d],this.w()));break;case "_trackPageContent":a[1]&&(this.s=a[1],this.k(),delete this.s);case "_trackPageAction":c=[];a[1]&&
a[2]&&(c.push(f(a[1])),c.push(f(a[2])),this.l=c.join("|"),this.k(),delete this.l);break;case "_setUUid":var m=a[1];if(128<m.length)return!1;var n=new Date;n.setTime(n.getTime()+157248E5);this.sa(this.G,m,n)}}catch(p){g(p,"aC failed")}},da:function(){try{var a=this.n(this.F),b,c;this.a.b={};if(a)for(var d=a.split("&"),a=0;a<d.length;a++)c=l(d[a]),b=c.split("|"),this.a.b[l(b[0])]={},this.a.b[l(b[0])].S=l(b[1]),this.a.b[l(b[0])].f=l(b[2])}catch(f){g(f,"gCV failed")}},V:function(){try{var a=(new Date).getTime(),
b;for(b in this.a.b)"p"===this.a.b[b].f?this.a.b[b].f=0:"-1"!==this.a.b[b].f&&a>this.a.b[b].f&&delete this.a.b[b];this.w()}catch(c){g(c,"cCV failed")}},w:function(){try{var a=[],b,c,d;for(d in this.a.b){var e=[];e.push(d);e.push(this.a.b[d].S);e.push(this.a.b[d].f);b=e.join("|");a.push(b)}if(0===a.length)return!0;var k=new Date;k.setTime(k.getTime()+157248E5);c=this.F+"=";this.b=f(a.join("&"));c+=this.b;c+="; expires="+k.toUTCString();h.cookie=c+"; path=/"}catch(l){g(l,"sCV failed")}},ca:function(){try{if(""!==
e.location.hash)return this.D=e.location.href}catch(a){g(a,"gCP failed")}},j:function(){try{return this.a.qa=h.referrer||""}catch(a){g(a,"gR failed")}},ea:function(){try{return this.a.p=e.navigator.systemLanguage||e.navigator.language,this.a.p=this.a.p.toLowerCase(),this.a.p}catch(a){g(a,"gL failed")}},ha:function(){try{return this.a.Q=e.screen.width&&e.screen.height?e.screen.width+"x"+e.screen.height:"0x0",this.a.Q}catch(a){g(a,"gS failed")}},o:function(){try{return this.a.ma=this.g("ntime")||"none"}catch(a){g(a,
"gLVST failed")}},I:function(){try{return this.a.T=this.g("ltime")||(new Date).getTime()}catch(a){g(a,"gFVBT failed")}},ga:function(){try{var a=this.g("cnzz_a");if(null===a)a=0;else{var b=1E3*this.o(),c=new Date;c.setTime(b);(new Date).getDate()===c.getDate()?a++:a=0}return this.a.va=a}catch(d){g(d,"gRT failed")}},fa:function(){try{return this.a.q=this.g("rtime"),null===this.a.q&&(this.a.q=0),0<this.I()&&432E5<(new Date).getTime()-this.I()&&(this.a.q++,this.a.T=(new Date).getTime()),this.a.q}catch(a){g(a,
"gRVT failed")}},ja:function(){try{return"none"===this.o()?this.a.ua=0:this.a.ua=parseInt(((new Date).getTime()-1E3*this.o())/1E3)}catch(a){g(a,"gST failed")}},ia:function(){try{var a=this.g("sin")||"none";if(!h.domain)return this.a.ta="none";this.j().split("/")[2]!==h.domain&&(a=this.j());return this.a.ta=a}catch(b){g(b,"gS failed")}},H:function(){try{return this.a.i=this.g("cnzz_eid")||"none"}catch(a){g(a,"gC failed")}},ra:function(){try{var a="https://c.cnzz.com/core.php?",b=[];b.push("web_id="+
f(this.c));this.N&&b.push("show="+f(this.N));this.M&&b.push("online="+f(this.M));this.K&&b.push("l="+f(this.K));this.R&&b.push("t="+this.R);a+=b.join("&");this.Y(a,"utf-8")}catch(c){g(c,"rN failed")}},U:function(){try{return!1===e.navigator.cookieEnabled?this.a.X=!1:this.a.X=!0}catch(a){g(a,"cCE failed")}},sa:function(a,b,c,d,e,g){a=f(a)+"="+f(b);c instanceof Date&&(a+="; expires="+c.toGMTString());d&&(a+="; path="+d);e&&(a+="; domain="+e);g&&(a+="; secure");h.cookie=a},n:function(a){try{a+="=";var b=
h.cookie,c=b.indexOf(a),d="";if(-1<c){var e=b.indexOf(";",c);-1===e&&(e=b.length);d=l(b.substring(c+a.length,e))}return d?d:""}catch(f){g(f,"gAC failed")}},ba:function(a){try{h.cookie=a+"=; expires="+(new Date(0)).toUTCString()+"; path=/"}catch(b){g(b,"dAC failed")}},ka:function(){try{var a=h.title;40<a.length&&(a=a.substr(0,40),a+="...");this.a.oa=a}catch(b){g(b,"gT failed")}},C:function(a){try{return"http"!==a.substr(0,4)?"":/https:\/\/.*?\//i.exec(a)}catch(b){g(b,"cH failed")}},J:function(){try{var a=
this.u,b={},c=this.n(this.u);if(0<c.length)if(1E8<this.c){var d=c.split("|");b.cnzz_eid=l(d[0]);b.ntime=l(d[1])}else for(var d=c.split("&"),e=0,f=d.length;e<f;e++){var h=d[e].split("=");b[l(h[0])]=l(h[1])}this.A=b}catch(k){g(k,"iC failed:"+a+":"+c)}},O:function(){try{var a=this.u+"=",b=[],c=new Date;c.setTime(c.getTime()+157248E5);if(1E8<this.c){if("none"!==this.a.i)b.push(f(this.a.i));else{var d=Math.floor(2147483648*Math.random())+"-"+this.r+"-"+this.C(this.j());b.push(f(d))}b.push(this.r);0<b.length?
(a+=f(b.join("|")),a+="; expires="+c.toUTCString(),a+="; path=/"):a+="; expires="+(new Date(0)).toUTCString()}else"none"!==this.a.i?b.push("cnzz_eid="+f(this.a.i)):(d=Math.floor(2147483648*Math.random())+"-"+this.r+"-"+this.C(this.j()),b.push("cnzz_eid="+f(d))),b.push("ntime="+this.r),0<b.length?(a+=f(b.join("&")),a+="; expires="+c.toUTCString(),a+="; path=/"):a+="; expires="+(new Date(0)).toUTCString();h.cookie=a}catch(e){g(e,"sS failed")}},g:function(a){try{return"undefined"!==typeof this.A[a]?
this.A[a]:null}catch(b){g(b,"gCPa failed")}},Y:function(a,b){try{if(b=b||"utf-8","1"===this.v){var c=h.createElement("script");c.type="text/javascript";c.async=!0;c.charset=b;c.src=a;var d=h.getElementsByTagName("script")[0];d.parentNode&&d.parentNode.insertBefore(c,d)}else h.write(n("%3Cscript src='"+a+"' charset='"+b+"' type='text/javascript'%3E%3C/script%3E"))}catch(e){g(e,"cAS failed")}},$:function(a,b){try{var c=h.getElementById("cnzz_stat_icon_"+this.c);if(c){var d=h.createElement("script");
d.type="text/javascript";d.async=!0;d.charset=b;d.src=a;c.appendChild(d)}else"0"===this.v&&h.write(n("%3Cscript src='"+a+"' charset='"+b+"' type='text/javascript'%3E%3C/script%3E"))}catch(e){g(e,"cSI failed")}},Z:function(a){try{for(var b=a.length,c="",d=0;d<b;d++)a[d]&&(c+=n(a[d]));var e=h.getElementByI <truncated>
文件名 14867996622332[1].jpg
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\14867996622332[1].jpg
文件大小 85467 字节
文件类型 JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 960x60, frames 3
MD5 ca90b66444eed5ecd16e70c4557156bd
SHA1 51c6c24200b0736a9147a0b4cf8f0c87a18cfe6b
SHA256 85b4f042131c7ce40ef0697ced91f67973a0be12307d1e546f425ac353ec2ab3
CRC32 2DD67DFD
Ssdeep 1536:Kyr4BBPC4C04qJAU3ZoKyH3/KUsPFOKUFNnOAG9aJtiBZAyMAwW:7r4BBUDU3ByvWPbUFNOITsa1m
下载提交魔盾安全分析
文件名 test@t.adyun[2].txt
相关文件
C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\test@t.adyun[2].txt
文件大小 340 字节
文件类型 ASCII text
MD5 9bd3b6e2c43954d54b7d9262558f2e37
SHA1 fbbbaab701ad5406c0a0954129b802c5d48cec27
SHA256 e8ac026742b7409ff28fa7e55461b84bf33e37c56b80e1d8bb3050ce3f734b40
CRC32 04586C78
Ssdeep 6:4+wQ/v70t7SH3TUkciQ/v70t7SH3TUciQ/v70t7SXHS39TUJCQ/v70t7SXpTU/:4+w8iK3TbR8iK3Tti8iQH2TMC8iQpTy
下载提交魔盾安全分析显示文本 
a
649150464_1_0
t.adyun.com/
2147484752
1780139776
30649619
1571873744
30577261
*
p
3357716480_1_0
t.adyun.com/
2147484752
1780139776
30649619
1571873744
30577261
*
u
3663353856_1_0
t.adyun.com/
2147484752
1780139776
30649619
1572033744
30577261
*
i
8753273916253798400_1_0
t.adyun.com/
2147484752
1780139776
30649619
1572193744
30577261
*
文件名 index.dat
相关文件
C:\Users\test\AppData\Local\Microsoft\Feeds Cache\index.dat
文件大小 32768 字节
文件类型 Internet Explorer cache file version Ver 5.2
MD5 0aee387ca0a52dcdd8f8a29ea76edb42
SHA1 5df81547dcadb2a7b8bc689da8e1383ba1a84cb9
SHA256 c31bc37e102b70a472837d530ec80bdaea28b0fefda3e9aa8c8cda98c4200c4e
CRC32 B451CA0B
Ssdeep 12:qjtSaFpbZli3zIoYDPO7em4GZj03W/cKYDPOCG5A30WUsOXQDG9YRm4GZ5:qj4avEIoYTCebGZ7ZYTlEJ0oQQ4bGZ
魔盾安全分析结果 2.0分析时间:2016-11-06 20:10:20查看分析报告
下载提交魔盾安全分析
文件名 show_ps3[1].js
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\show_ps3[1].js
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\show_ps3[1].js
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\show_ps3[2].js
文件大小 13524 字节
文件类型 ASCII text, with very long lines, with CRLF line terminators
MD5 f2749c464ca3c47dba5c85b7a5ebfd14
SHA1 3251fb397a9ff9140608ce47c62675540bc054f0
SHA256 809f9536d9b785b928b8aeeb235f363ba32123b83a9dd9268a012a54ac173946
CRC32 E44E7AC9
Ssdeep 192:6bUG9OcK+RC83BEngNYappIBb66ZhY/OKdRjJw2doNruuLg/OH/HEQjH9KWk:6bU8Xt3RYapyBb66ZhmINruuLg8/psP
下载提交魔盾安全分析显示文本 
(function(c,a){
    /*! Copyright 2014 Panshi Inc. All Rights Reserved. */
    ;var b={version:"3",adUrl:"//t.adyun.com/sspshow?v=3"};b.ad=b.ad||{seed:0,iframe_preffix:"panshi_ad_frame"};b.ad.image=b.ad.image||{minWidth:300,minHeight:200,containerId:null,arrList:[]};b.ad.kinds={TD:1,SIDE:3,BUTTON:4,WINDOW:5,PATCH:9,BANNERH:10,BANNERV:11,BANNERR:12,FLOAT:13};b.lang=b.lang||{};b.lang.isString=function(d){return"[object String]"==Object.prototype.toString.call(d)};b.isString=b.lang.isString;b.lang.isFunction=function(d){return"[object Function]"==Object.prototype.toString.call(d)};b.lang.isArray=function(d){return"[object Array]"==Object.prototype.toString.call(d)};b.lang.gc=function(d){return d!=null?'"'+d+'"':'""'};b.gc=b.lang.gc;b.lang.getDate=function(){return new Date()};b.gt=b.lang.getDate;b.lang.encode=function(m,d){var f;var g;var h=[];var n=[121,113,105,97,89,81,73,65,57,49,41,33,25,17,9,1,255,247,239,231,223,215,207,199,191,183,175,167,159,151,143,135,123,115,107,99,91,83,75,67,59,51,43,35,27,19,11,3,249,241,233,225,217,209,201,193,185,177,169,161,153,145,137,129,125,117,109,101,93,85,77,69,61,53,45,37,29,21,13,5,251,243,235,227,219,211,203,195,187,179,171,163,155,147,139,131,127,119,111,103,95,87,79,71,63,55,47,39,31,23,15,7,248,240,232,224,216,208,200,192,184,176,168,160,152,144,136,128,120,112,104,96,88,80,72,64,56,48,40,32,24,16,8,0,252,244,236,228,220,212,204,196,188,180,172,164,156,148,140,132,122,114,106,98,90,82,74,66,58,50,42,34,26,18,10,2,254,246,238,230,222,214,206,198,190,182,174,166,158,150,142,134,124,116,108,100,92,84,76,68,60,52,44,36,28,20,12,4,253,245,237,229,221,213,205,197,189,181,173,165,157,149,141,133,126,118,110,102,94,86,78,70,62,54,46,38,30,22,14,6,250,242,234,226,218,210,202,194,186,178,170,162,154,146,138,130];var e=new Array();e[0]=(m&255);e[1]=(m>>8&255);e[2]=(m>>16&255);e[3]=(m>>24&255);var l=0;var k=0;while(l<d.length){f=d.charCodeAt(l);f^=e[k];g=n[f].toString(16);if(g.length==1){h.push("0")}h.push(g);k++;k%=4;l++}return h.join("").toUpperCase()};b.lang.dwrite=function(d){document.write(d)};b.wr=b.lang.dwrite;b.lang.string=b.lang.string||{};b.lang.string.toCamelCase=function(d){if(d.indexOf("-")<0&&d.indexOf("_")<0){return d}return d.replace(/[-_][^-_]/g,function(e){return e.charAt(1).toUpperCase()})};b.string=b.lang.string;b.array=b.array||{};b.array.removeAt=function(d,e){return d.splice(e,1)[0]};b.lang.toArray=function(d){if(d===null||d===undefined){return[]}if(b.lang.isArray(d)){return d}if(typeof d.length!=="number"||typeof d==="string"||b.lang.isFunction(d)){return[d]}if(d.item){var e=d.length,f=new Array(e);while(e--){f[e]=d[e]}return f}return[].slice.call(d)};b.browser=b.browser||{};b.browser.ie=b.ie=/msie (\d+\.\d+)/i.test(navigator.userAgent)?document.documentMode||+parseFloat(RegExp["$1"]):0;b.browser.opera=/opera(\/| )(\d+(\.\d+)?)(.+?(version\/(\d+(\.\d+)?)))?/i.test(navigator.userAgent)?+(RegExp["$6"]||RegExp["$2"]):0;b.browser.isWebkit=/webkit/i.test(navigator.userAgent);b.browser.isGecko=/gecko/i.test(navigator.userAgent)&&!/like gecko/i.test(navigator.userAgent);b.browser.isMobile=/AppleWebKit.*Mobile.*/i.test(navigator.userAgent);b.browser.isIos=/\(i[^;]+;( U;)? CPU.+Mac OS X/i.test(navigator.userAgent);b.browser.isAndroid=/android/i.test(navigator.userAgent);b.browser.isStrict=document.compatMode=="CSS1Compat";b.dom=b.dom||{backCompat:"BackCompat",documentElement:"documentElement"};b.dom.g=function(d){if(b.isString(d)){return document.getElementById(d)}else{if(d&&d.nodeName&&(d.nodeType==1||d.nodeType==9)){return d}}return null};b.g=b.dom.g;b.dom.getDocument=function(d){d=b.dom.g(d)||window;return d.nodeType==9?d:d.ownerDocument||d.document};b.gd=b.dom.getDocument;b.dom.createElement=function(d,g){var f=b.isString(d)?document.createElement(d):d;g=b.isString(g)?b.g(g):(g||document.body);g.appendChild(f);return f};b.c=b.dom.createElement;b.dom.getComputedStyle=function(e,f){e=b.dom.g(e);var g=b.dom.getDocument(e),h;if(g.defaultView&&g.defaultView.getComputedStyle){h=g.defaultView.getComputedStyle(e,null);if(h){return h[f]||h.getPropertyValue(f)}}return""};b.dom.styleFixer=b.dom.styleFixer||{};b.dom.styleFilter=b.dom.styleFilter||[];b.dom.styleFilter.filter=function(g,j,i){for(var h=0,k=b.dom.styleFilter,l;l=k[h];h++){if(l=l[i]){j=l(g,j)}}return j};b.dom.getStyle=function(j,f){var h=b.dom;j=h.g(j);f=b.string.toCamelCase(f);var i=j.style[f]||(j.currentStyle?j.currentStyle[f]:"")||h.getComputedStyle(j,f);if(!i){var g=h.styleFixer[f];if(g){i=g.get?g.get(j):b.dom.getStyle(j,g)}}if(g=h.styleFilter){i=g.filter(f,i,"get")}return i};b.dom.setStyle=function(f,d,h){var g=b.g(f);g.style[d]=h};b.dom.getPosition=function(x){x=b.dom.g(x);var o=b.dom.getDocument(x),u=b.browser,r=b.dom.getStyle,v=u.isGecko>0&&o.getBoxObjectFor&&r(x,"position")=="absolute"&&(x.style.top===""||x.style.left===""),q={left:0,top:0},s=u.ie&&!u.isStrict?o.body:o.documentElement,n,w;if(x==s){return q}if(x.getBoundingClientRect){w=x.getBoundingClientRect();q.left=Math.floor(w.left)+Math.max(o.documentElement.scrollLeft,o.body.scrollLeft);q.top=Math.floor(w.top)+Math.max(o.documentElement.scrollTop,o.body.scrollTop);q.left-=o.documentElement.clientLeft;q.top-=o.documentElement.clientTop;var p=o.body,m=parseInt(r(p,"borderLeftWidth")),t=parseInt(r(p,"borderTopWidth"));if(u.ie&&!u.isStrict){q.left-=isNaN(m)?2:m;q.top-=isNaN(t)?2:t}}else{n=x;do{q.left+=n.offsetLeft;q.top+=n.offsetTop;if(u.isWebkit>0&&r(n,"position")=="fixed"){q.left+=o.body.scrollLeft;q.top+=o.body.scrollTop;break}n=n.offsetParent}while(n&&n!=x);if(u.opera>0||u.isWebkit>0&&r(x,"position")=="absolute"){q.top-=o.body.offsetTop}n=x.offsetParent;while(n&&n!=o.body){q.left-=n.scrollLeft;if(!u.opera||n.tagName!="TR"){q.top-=n.scrollTop}n=n.offsetParent}}return q};b.gp=b.dom.getPosition;b.dom.addEvent=function(g,e,h){var i=function(){h.call(g,e)};e=e.replace(/^on/i,"").toLowerCase();b.isString(g)&&(g=b.g(g));g.addEventListener?g.addEventListener(e,i,!1):g.attachEvent&&g.attachEvent("on"+e,i)};b.ae=b.dom.addEvent;b.page=b.page||{};b.page.getLocation=function(){return window.preview_site||window.location.href};b.page.getQuery=function(){return window.location.search};b.page.getViewHeight=function(){var d=document,e=d.compatMode=="BackCompat"?d.body:d.documentElement;return e.clientHeight};b.page.getViewWidth=function(){var d=document,e=d.compatMode=="BackCompat"?d.body:d.documentElement;return e.clientWidth};b.page.getScrollLeft=function(){var d=document;return window.pageXOffset||d.documentElement.scrollLeft||d.body.scrollLeft};b.page.getScrollTop=function(){var d=document;return window.pageYOffset||d.documentElement.scrollTop||d.body.scrollTop};b.cookie=b.cookie||{};b.cookie._isValidKey=function(d){return new RegExp('^[^\\x00-\\x20\\x7f\\(\\)<>@,;:\\\\\\"\\[\\]\\?=\\{\\}\\/\\u0080-\\uffff]+$').test(d)};b.cookie.set=function(h,g,e){if(!b.cookie._isValidKey(h)){return}e=e||{};var f=e.expires;if("number"==typeof e.expires){f=new Date();f.setTime(f.getTime()+e.expires)}document.cookie=encodeURIComponent(h)+"="+encodeURIComponent(g)+(e.path?"; path="+e.path:"; path=/")+(f?"; expires="+f.toUTCString():"")+(e.domain?"; domain="+e.domain:"")+(e.secure?"; secure":"")};b.cookie.get=function(d){if(b.cookie._isValidKey(d)){var f=new RegExp("(^| )"+encodeURIComponent(d)+"=([^;]*)(;|$)"),e=f.exec(document.cookie);if(e){return decodeURIComponent(e[2])||null}}return null};b.ad.getIndex=function(e,f){window[e]!=null?++window[e]:window[e]=f;return window[e]};b.ad.GC=function(){return this.getIndex("conIndex",1)};b.ad.GA=function(){return this.getIndex("adIndex",0)};b.ad.getUrl=function(e,d,f){this.seed=Math.ceil(Math.random()*10000000);return b.adUrl+["&a="+e,"b="+d,"d="+this.seed,"c="+b.lang.encode(this.seed,encodeURIComponent(f)),"g="+this.GA()].join("&")};b.ad.GF=function(e,k,l){var j=+e;var d=+k;var f;var g=this.iframe_preffix+"_"+this.GC();if(this.device===2){f=document.documentElement.clientWidth;d=(f/j)*d;j=f}return["<iframe id=",b.gc(g)," name=",b.gc(g)," width=",b.gc(j)," height=",b.gc(d),'frameborder="0" src=',b.gc(l),' marginwidth="0" marginheight="0" vspace="0" hspace="0" allowtransparency="true" scrolling="no"></iframe>'].join("")};b.ad.css=b.ad.css||{};b.ad.css.box={all <truncated>
文件名 test@www.ed2000[2].txt
相关文件
C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\test@www.ed2000[2].txt
文件大小 380 字节
文件类型 ASCII text
MD5 8cc2827a95673f789ee29cb11ef2f51d
SHA1 c7bc1a3fc92c6d1b53af6aa1c88c836709778e93
SHA256 fe5c08c64f4ecf479ae07c587252b7bafb14b8bdbb9cc56d8bfdb45047754a77
CRC32 44C256C9
Ssdeep 6:zFAocVXT4E6dMShItTUgRcVdI8/6CVF1WdXBIlNIQSCcVdMGqpTFVTUwgBKUpeI/:zFAoc9T4E6mhtTnRcJzqXdHCc8rPTyFv
下载提交魔盾安全分析显示文本 
VisitsNumber
1
www.ed2000.com/
1024
989075456
30778164
1307773744
30577261
*
adClass0803
1
www.ed2000.com/
1088
4023289600
30577400
3312426096
30577199
*
bdshare_firstime
1488333706782
www.ed2000.com/
1088
3816838656
30944589
1571563744
30577261
*
CNZZDATA947842
cnzz_eid%3D554587883-1488329616-%26ntime%3D1488329616
www.ed2000.com/
1088
4049074944
30613811
1708023744
30577261
*
文件名 logo_200x60[1].png
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\logo_200x60[1].png
文件大小 4828 字节
文件类型 PNG image data, 200 x 60, 8-bit colormap, non-interlaced
MD5 e49ae52439333035bd9ca90955141fcc
SHA1 0d9f20fc192c1af54cd61921fc5fc8de51d25774
SHA256 a8e0aa4ef89768afb3428f5f741fc60c9aedf75ed83a299811c788edd519b246
CRC32 B65CD775
Ssdeep 96:ETN4nJ4lHJ9PP/z45ZmwanWByJjv/rmRbdXFMN990Jo4Mqnp+5b/SBlTQewG3Pe:ETsErwmfn3FCRbrkqEqnQ5b/YlzW
下载提交魔盾安全分析
文件名 rlist_title_bg[1].gif
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\rlist_title_bg[1].gif
文件大小 524 字节
文件类型 GIF image data, version 89a, 360 x 28
MD5 8765374eda82ca1fe32016df188d9250
SHA1 f02e114c1137a1550363bf38199aab218b5f447c
SHA256 13d925de409b201b1f7b42af469296f43b5f05b12624cf73a19e41a7094a29c5
CRC32 34D37CCF
Ssdeep 12:n+tSsEnY+48nn6BulexaAGOqGS4yRGxnNyP8Ck:nWEdn6IlexqDHs0Vk
下载提交魔盾安全分析
文件名 li_icon[1].gif
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\li_icon[1].gif
文件大小 89 字节
文件类型 GIF image data, version 89a, 9 x 9
MD5 8b01dcf65542eb81042a677c95aca716
SHA1 b6404436cce35f224d025db31c045a22f3a9fb35
SHA256 a02bd3ec604b494ea29715fb30993411639c6b73bf3addaf8b167d9cdfdc2b37
CRC32 8EA3E5FA
Ssdeep 3:CMC6m3l//FziEnptemDe:/tsXBdtBe
下载提交魔盾安全分析
文件名 shell_v2[1].js
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\shell_v2[1].js
文件大小 1135 字节
文件类型 ASCII text, with very long lines, with no line terminators
MD5 22589e4e13247c72d03abfcf26321152
SHA1 54add8ab3c97313ed67cca6db4284f36db5507c0
SHA256 96e94fab37c4307d249cf2582540f86e433162b2e537cd54c7e888ca8d93c214
CRC32 3B82BBFF
Ssdeep 24:kXN7tlDuiyX2lnX0NgI7XV5CuHvgkGRWZu1dtB/TrRRh9dRRc:Op6DX22NgEPg5w4dtB/nt9do
下载提交魔盾安全分析显示文本 
var bdShare=bdShare||{version:"1.0"};bdShare.ready=bdShare.ready||function(B,C){C=C||document;if(/complete/.test(C.readyState)){B()}else{if(C.addEventListener){if("interactive"==C.readyState){B()}else{C.addEventListener("DOMContentLoaded",B,false)}}else{var A=function(){A=new Function;B()};void function(){try{C.body.doScroll("left")}catch(D){return setTimeout(arguments.callee,10)}A()}();C.attachEvent("onreadystatechange",function(){("complete"==C.readyState)&&A()})}}};bdShare.loadScript=bdShare.loadScript||function(B){var A=document.createElement("script");A.src=B;bdShare.ready(function(){document.getElementsByTagName("script")[0].parentNode.appendChild(A)})};if(bdShare.fn&&bdShare.fn.init){bdShare.fn.init()}else{bdShare.velocity={start:+new Date};if(!bdShare.ApiPVLogger){bdShare.loadScript("http://bdimg.share.baidu.com/static/js/logger.js?cdnversion="+Math.ceil(new Date()/3600000))}document.getElementById("bdshare_js").src="http://bdimg.share.baidu.com/static/js/bds_s_v2.js?cdnversion="+Math.ceil(new Date()/3600000)}if(+[1,]){var shell=document.getElementById("bdshell_js");shell&&shell.parentNode.removeChild(shell)};
文件名 tlist_title[1].jpg
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\tlist_title[1].jpg
文件大小 2956 字节
文件类型 JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 360x27, frames 3
MD5 2d86adc76dac18fefa4fabfb9b4099a5
SHA1 4a416b9aa12877036e1dafb24b87a1e545a00306
SHA256 20c1a9d9b8c8e9a759616d93d1da29f2ede976a8cd97e3ccc8485d90f7918fd6
CRC32 C0214B14
Ssdeep 48:yA4wB8//GEm//16tDf7lac3BF2pl4jdj4G0Ijww2IlYuYkRyeCV/GO+Bv:V2//Rm/dWTlac337f0I7yeCVAl
下载提交魔盾安全分析
文件名 index.dat
相关文件
C:\Users\test\AppData\Roaming\Microsoft\Windows\PrivacIE\index.dat
文件大小 98304 字节
文件类型 Internet Explorer cache file version Ver 5.2
MD5 9a2939efb71944ace0fb8b8ae3fbcbf9
SHA1 5dfae21d8254921ad2798e353d730d2de4fdf796
SHA256 0871986d854ee7122ed8fe9e7a0408bdd674e7fb54a1e9df61bdee3e8d8d6f4f
CRC32 D63BDC94
Ssdeep 192:dyR5+qebIRgG+85FTmi9pEqWjF5S/TcdU2L:dyH4UqG5T99pEvATc
下载提交魔盾安全分析
文件名 A053CFB63FC8E6507871752236B5CCD5_5FA88EFBA30896FB894CB2FD9F1F99BB
相关文件
C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A053CFB63FC8E6507871752236B5CCD5_5FA88EFBA30896FB894CB2FD9F1F99BB
文件大小 1570 字节
文件类型 data
MD5 90ce2cfc1b8d1f3f550272f4e2871e45
SHA1 853542466864074d2c7e21d8c11f72ddd3b52ae5
SHA256 7200e2239bd1c46f4e2eb5b1046e8e8e404223d98be059e34a318605b10127ea
CRC32 973A5720
Ssdeep 24:CIEdCHcvxnnrCO6QVUAx2rXABK76KBgY6kZ9qBeeCpXsAxOsYPMrIqXKggvaAKn:1EdCCBLDrkMBCdfjSwIYgW
下载提交魔盾安全分析
文件名 test@t.adyun[2].txt
相关文件
C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\test@t.adyun[2].txt
文件大小 374 字节
文件类型 ASCII text
MD5 0eae5b4ddf1da0283bd369b9e3f91987
SHA1 7cb576bf9636c7d4e71696fc33676ed9935711f9
SHA256 40e9f4b1f949b77edff51ebdf7fd6047514e7ee979ce307b93d90971b532a5d0
CRC32 38F30B11
Ssdeep 6:4+0niQ/vYUZtzgTUkcHlrQ/vYUZtz3TUciQ/v70t7SXHS39TUJCQ/v70t7SXpTU/:4+gi8b0Tbc8b7Tti8iQH2TMC8iQpTy
下载提交魔盾安全分析显示文本 
a
649150464_1_0%2C3065069568_1_0
t.adyun.com/
2147484752
1840139776
30649619
1690233744
30577261
*
p
3357716480_1_0%2C3109629952_1_0
t.adyun.com/
2147484752
1840139776
30649619
1690393744
30577261
*
u
3663353856_1_0
t.adyun.com/
2147484752
1780139776
30649619
1572033744
30577261
*
i
8753273916253798400_1_0
t.adyun.com/
2147484752
1780139776
30649619
1572193744
30577261
*
文件名 ACF244F1A10D4DBED0D88EBA0C43A9B5_16756CC7371BB76A269719AA1471E96C
相关文件
C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\ACF244F1A10D4DBED0D88EBA0C43A9B5_16756CC7371BB76A269719AA1471E96C
文件大小 1518 字节
文件类型 data
MD5 cec21e9fb7899bb9314982175c815628
SHA1 a40d4c1d56f07c4ba7b08da8484303918c4f2f03
SHA256 e4e85e388fb9c4a919fd4e998ee20c8389ba54127a8a5269a4b144f38e9f5eab
CRC32 534AAECB
Ssdeep 24:hdJac62g0A8Mg0cux2NcK79yBL/1yQ9ZruW6yVTfLXsINg14vbKNx:hOC1wcu8NZQBr1y4tuQThNgeuNx
下载提交魔盾安全分析
文件名 test@t.adyun[2].txt
相关文件
C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\test@t.adyun[2].txt
文件大小 495 字节
文件类型 ASCII text
MD5 c92609e996c840eb5eeec803f4bb5afe
SHA1 ee970ad5b2d2cdc94894e19f76a51495ae16ed6f
SHA256 dadf993811135a5a2c577ba6d989ede1d25933c5321a134579ea0b7e46fc06d3
CRC32 3DEB521E
Ssdeep 12:4+gBl8b59TbZRs8bUTtY88bRTMhs8bU9Ty:4PBl8b5y8b988bahs8bUQ
下载提交魔盾安全分析显示文本 
a
649150464_1_0%2C3065069568_1_0%2C528891904_1_0
t.adyun.com/
2147484752
1840139776
30649619
1691013744
30577261
*
p
3357716480_1_0%2C3109629952_1_0%2C3572281344_1_0
t.adyun.com/
2147484752
1840139776
30649619
1691173744
30577261
*
u
3663353856_1_0%2C2076284928_1_0%2C3123861504_1_0
t.adyun.com/
2147484752
1840139776
30649619
1691323744
30577261
*
i
8753273916253798400_1_0%2C14643444842546331648_1_0%2C13331886624917684224_1_0
t.adyun.com/
2147484752
1840139776
30649619
1691483744
30577261
*
文件名 swfobject[1].js
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\swfobject[1].js
文件大小 10220 字节
文件类型 ASCII text, with very long lines
MD5 892a543f3abb54e8ec1ada55be3b0649
SHA1 5847ed101f55d51c53538a7078971e7de8fb6762
SHA256 8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4
CRC32 C1200AA1
Ssdeep 192:dEBsWGAZvwGxP1hNWwI9V0YOOsFbkRHeZmyIVyX8c727LMoOyXoy7NgvZ4xsnyQ/:dAsWGAZvwGxP1hNWwI9V0YO1NkRHe4yV
下载提交魔盾安全分析显示文本 
/*	SWFObject v2.2 <http://code.google.com/p/swfobject/> 
	is released under the MIT License <http://www.opensource.org/licenses/mit-license.php> 
*/
var swfobject=function(){var D="undefined",r="object",S="Shockwave Flash",W="ShockwaveFlash.ShockwaveFlash",q="application/x-shockwave-flash",R="SWFObjectExprInst",x="onreadystatechange",O=window,j=document,t=navigator,T=false,U=[h],o=[],N=[],I=[],l,Q,E,B,J=false,a=false,n,G,m=true,M=function(){var aa=typeof j.getElementById!=D&&typeof j.getElementsByTagName!=D&&typeof j.createElement!=D,ah=t.userAgent.toLowerCase(),Y=t.platform.toLowerCase(),ae=Y?/win/.test(Y):/win/.test(ah),ac=Y?/mac/.test(Y):/mac/.test(ah),af=/webkit/.test(ah)?parseFloat(ah.replace(/^.*webkit\/(\d+(\.\d+)?).*$/,"$1")):false,X=!+"\v1",ag=[0,0,0],ab=null;if(typeof t.plugins!=D&&typeof t.plugins[S]==r){ab=t.plugins[S].description;if(ab&&!(typeof t.mimeTypes!=D&&t.mimeTypes[q]&&!t.mimeTypes[q].enabledPlugin)){T=true;X=false;ab=ab.replace(/^.*\s+(\S+\s+\S+$)/,"$1");ag[0]=parseInt(ab.replace(/^(.*)\..*$/,"$1"),10);ag[1]=parseInt(ab.replace(/^.*\.(.*)\s.*$/,"$1"),10);ag[2]=/[a-zA-Z]/.test(ab)?parseInt(ab.replace(/^.*[a-zA-Z]+(.*)$/,"$1"),10):0}}else{if(typeof O.ActiveXObject!=D){try{var ad=new ActiveXObject(W);if(ad){ab=ad.GetVariable("$version");if(ab){X=true;ab=ab.split(" ")[1].split(",");ag=[parseInt(ab[0],10),parseInt(ab[1],10),parseInt(ab[2],10)]}}}catch(Z){}}}return{w3:aa,pv:ag,wk:af,ie:X,win:ae,mac:ac}}(),k=function(){if(!M.w3){return}if((typeof j.readyState!=D&&j.readyState=="complete")||(typeof j.readyState==D&&(j.getElementsByTagName("body")[0]||j.body))){f()}if(!J){if(typeof j.addEventListener!=D){j.addEventListener("DOMContentLoaded",f,false)}if(M.ie&&M.win){j.attachEvent(x,function(){if(j.readyState=="complete"){j.detachEvent(x,arguments.callee);f()}});if(O==top){(function(){if(J){return}try{j.documentElement.doScroll("left")}catch(X){setTimeout(arguments.callee,0);return}f()})()}}if(M.wk){(function(){if(J){return}if(!/loaded|complete/.test(j.readyState)){setTimeout(arguments.callee,0);return}f()})()}s(f)}}();function f(){if(J){return}try{var Z=j.getElementsByTagName("body")[0].appendChild(C("span"));Z.parentNode.removeChild(Z)}catch(aa){return}J=true;var X=U.length;for(var Y=0;Y<X;Y++){U[Y]()}}function K(X){if(J){X()}else{U[U.length]=X}}function s(Y){if(typeof O.addEventListener!=D){O.addEventListener("load",Y,false)}else{if(typeof j.addEventListener!=D){j.addEventListener("load",Y,false)}else{if(typeof O.attachEvent!=D){i(O,"onload",Y)}else{if(typeof O.onload=="function"){var X=O.onload;O.onload=function(){X();Y()}}else{O.onload=Y}}}}}function h(){if(T){V()}else{H()}}function V(){var X=j.getElementsByTagName("body")[0];var aa=C(r);aa.setAttribute("type",q);var Z=X.appendChild(aa);if(Z){var Y=0;(function(){if(typeof Z.GetVariable!=D){var ab=Z.GetVariable("$version");if(ab){ab=ab.split(" ")[1].split(",");M.pv=[parseInt(ab[0],10),parseInt(ab[1],10),parseInt(ab[2],10)]}}else{if(Y<10){Y++;setTimeout(arguments.callee,10);return}}X.removeChild(aa);Z=null;H()})()}else{H()}}function H(){var ag=o.length;if(ag>0){for(var af=0;af<ag;af++){var Y=o[af].id;var ab=o[af].callbackFn;var aa={success:false,id:Y};if(M.pv[0]>0){var ae=c(Y);if(ae){if(F(o[af].swfVersion)&&!(M.wk&&M.wk<312)){w(Y,true);if(ab){aa.success=true;aa.ref=z(Y);ab(aa)}}else{if(o[af].expressInstall&&A()){var ai={};ai.data=o[af].expressInstall;ai.width=ae.getAttribute("width")||"0";ai.height=ae.getAttribute("height")||"0";if(ae.getAttribute("class")){ai.styleclass=ae.getAttribute("class")}if(ae.getAttribute("align")){ai.align=ae.getAttribute("align")}var ah={};var X=ae.getElementsByTagName("param");var ac=X.length;for(var ad=0;ad<ac;ad++){if(X[ad].getAttribute("name").toLowerCase()!="movie"){ah[X[ad].getAttribute("name")]=X[ad].getAttribute("value")}}P(ai,ah,Y,ab)}else{p(ae);if(ab){ab(aa)}}}}}else{w(Y,true);if(ab){var Z=z(Y);if(Z&&typeof Z.SetVariable!=D){aa.success=true;aa.ref=Z}ab(aa)}}}}}function z(aa){var X=null;var Y=c(aa);if(Y&&Y.nodeName=="OBJECT"){if(typeof Y.SetVariable!=D){X=Y}else{var Z=Y.getElementsByTagName(r)[0];if(Z){X=Z}}}return X}function A(){return !a&&F("6.0.65")&&(M.win||M.mac)&&!(M.wk&&M.wk<312)}function P(aa,ab,X,Z){a=true;E=Z||null;B={success:false,id:X};var ae=c(X);if(ae){if(ae.nodeName=="OBJECT"){l=g(ae);Q=null}else{l=ae;Q=X}aa.id=R;if(typeof aa.width==D||(!/%$/.test(aa.width)&&parseInt(aa.width,10)<310)){aa.width="310"}if(typeof aa.height==D||(!/%$/.test(aa.height)&&parseInt(aa.height,10)<137)){aa.height="137"}j.title=j.title.slice(0,47)+" - Flash Player Installation";var ad=M.ie&&M.win?"ActiveX":"PlugIn",ac="MMredirectURL="+O.location.toString().replace(/&/g,"%26")+"&MMplayerType="+ad+"&MMdoctitle="+j.title;if(typeof ab.flashvars!=D){ab.flashvars+="&"+ac}else{ab.flashvars=ac}if(M.ie&&M.win&&ae.readyState!=4){var Y=C("div");X+="SWFObjectNew";Y.setAttribute("id",X);ae.parentNode.insertBefore(Y,ae);ae.style.display="none";(function(){if(ae.readyState==4){ae.parentNode.removeChild(ae)}else{setTimeout(arguments.callee,10)}})()}u(aa,ab,X)}}function p(Y){if(M.ie&&M.win&&Y.readyState!=4){var X=C("div");Y.parentNode.insertBefore(X,Y);X.parentNode.replaceChild(g(Y),X);Y.style.display="none";(function(){if(Y.readyState==4){Y.parentNode.removeChild(Y)}else{setTimeout(arguments.callee,10)}})()}else{Y.parentNode.replaceChild(g(Y),Y)}}function g(ab){var aa=C("div");if(M.win&&M.ie){aa.innerHTML=ab.innerHTML}else{var Y=ab.getElementsByTagName(r)[0];if(Y){var ad=Y.childNodes;if(ad){var X=ad.length;for(var Z=0;Z<X;Z++){if(!(ad[Z].nodeType==1&&ad[Z].nodeName=="PARAM")&&!(ad[Z].nodeType==8)){aa.appendChild(ad[Z].cloneNode(true))}}}}}return aa}function u(ai,ag,Y){var X,aa=c(Y);if(M.wk&&M.wk<312){return X}if(aa){if(typeof ai.id==D){ai.id=Y}if(M.ie&&M.win){var ah="";for(var ae in ai){if(ai[ae]!=Object.prototype[ae]){if(ae.toLowerCase()=="data"){ag.movie=ai[ae]}else{if(ae.toLowerCase()=="styleclass"){ah+=' class="'+ai[ae]+'"'}else{if(ae.toLowerCase()!="classid"){ah+=" "+ae+'="'+ai[ae]+'"'}}}}}var af="";for(var ad in ag){if(ag[ad]!=Object.prototype[ad]){af+='<param name="'+ad+'" value="'+ag[ad]+'" />'}}aa.outerHTML='<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000"'+ah+">"+af+"</object>";N[N.length]=ai.id;X=c(ai.id)}else{var Z=C(r);Z.setAttribute("type",q);for(var ac in ai){if(ai[ac]!=Object.prototype[ac]){if(ac.toLowerCase()=="styleclass"){Z.setAttribute("class",ai[ac])}else{if(ac.toLowerCase()!="classid"){Z.setAttribute(ac,ai[ac])}}}}for(var ab in ag){if(ag[ab]!=Object.prototype[ab]&&ab.toLowerCase()!="movie"){e(Z,ab,ag[ab])}}aa.parentNode.replaceChild(Z,aa);X=Z}}return X}function e(Z,X,Y){var aa=C("param");aa.setAttribute("name",X);aa.setAttribute("value",Y);Z.appendChild(aa)}function y(Y){var X=c(Y);if(X&&X.nodeName=="OBJECT"){if(M.ie&&M.win){X.style.display="none";(function(){if(X.readyState==4){b(Y)}else{setTimeout(arguments.callee,10)}})()}else{X.parentNode.removeChild(X)}}}function b(Z){var Y=c(Z);if(Y){for(var X in Y){if(typeof Y[X]=="function"){Y[X]=null}}Y.parentNode.removeChild(Y)}}function c(Z){var X=null;try{X=j.getElementById(Z)}catch(Y){}return X}function C(X){return j.createElement(X)}function i(Z,X,Y){Z.attachEvent(X,Y);I[I.length]=[Z,X,Y]}function F(Z){var Y=M.pv,X=Z.split(".");X[0]=parseInt(X[0],10);X[1]=parseInt(X[1],10)||0;X[2]=parseInt(X[2],10)||0;return(Y[0]>X[0]||(Y[0]==X[0]&&Y[1]>X[1])||(Y[0]==X[0]&&Y[1]==X[1]&&Y[2]>=X[2]))?true:false}function v(ac,Y,ad,ab){if(M.ie&&M.mac){return}var aa=j.getElementsByTagName("head")[0];if(!aa){return}var X=(ad&&typeof ad=="string")?ad:"screen";if(ab){n=null;G=null}if(!n||G!=X){var Z=C("style");Z.setAttribute("type","text/css");Z.setAttribute("media",X);n=aa.appendChild(Z);if(M.ie&&M.win&&typeof j.styleSheets!=D&&j.styleSheets.length>0){n=j.styleSheets[j.styleSheets.length-1]}G=X}if(M.ie&&M.win){if(n&&typeof n.addRule==r){n.addRule(ac,Y)}}else{if(n&&typeof j.createTextNode!=D){n.appendChild(j.createTextNode(ac+" {"+Y+"}"))}}}function w(Z,X){if(!m){return}var Y=X?"visible":"hidden";if(J&&c(Z)){c(Z).style.visibility=Y}else{v("#"+Z,"visibility:"+Y)}}function L(Y){var Z=/[\\\"<>\.;]/;var X=Z.exec(Y)!=null;return X&&typeof encodeURIComponent!=D?encodeURIComponent(Y):Y}var d=function(){if(M.ie&&M.win <truncated>
文件名 index.dat
相关文件
C:\Users\test\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
文件大小 262144 字节
文件类型 Internet Explorer cache file version Ver 5.2
MD5 fbe6ba880d1f6cadfd771536120f2c73
SHA1 34b1a30160c6c7675a5c69b62d98661ab7a494bb
SHA256 a2cdabb3fc43f2e94ca47fac764eea7819768bdf094690a6369be41fc4a5fd01
CRC32 E94B92FD
Ssdeep 768:pFFwZHojCtOlWNw3nsiMsieuugxdKOri:rFwZIjCtkWm3siMbeuugxdKoi
下载提交魔盾安全分析
文件名 topmenu_o[1].gif
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\topmenu_o[1].gif
文件大小 124 字节
文件类型 GIF image data, version 89a, 17 x 9
MD5 4263e3ed9cd7352a97c29d66e6f65aa9
SHA1 e17aa068e74cf0131ad95b0a0cd04e9737634c57
SHA256 b2aac1aebc70f2bb8a37bd02d24e245c89047970b5733da8399688ca2c01fd2d
CRC32 8F6AD34F
Ssdeep 3:C/SiUUMNqYaR/l/ryi0T//dlIGm51WVh/0Huzj9xzo/e:tkw8/tt0TNiGWShQ8j9xH
下载提交魔盾安全分析
文件名 show_ad[1].js
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\show_ad[1].js
文件大小 1049 字节
文件类型 ASCII text, with very long lines
MD5 fb53a5e63cd62e12d577d556c351b696
SHA1 906759545ad3ac0acf8b8714133d05bdbbffa761
SHA256 5970f09dd90dcaeb13d24baedb52e7ba5fe602fb1a6fc5df5e4e5ea411db040b
CRC32 DC6A6462
Ssdeep 24:MB/cdYciIN+iAUx/CYqxMKLSTlmqtpI3Nu+L8K+itu:dwIQiTA1xzWz7wN8Kno
下载提交魔盾安全分析显示文本 
eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--){d[e(c)]=k[c]||e(c)}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('(c(){2 d=n t();2 b=d.s();2 r=d.u();9(!(b>0&&b<6))g v;2 3=a.y;2 7=n x(3+1);2 5=0;j(2 i=0;i<3;i++){7[i]=5;5+=a[i][1]}7[3]=5;2 l=k.q(k.z()*5);2 4=0;j(;4<3;4++){9(7[4+1]>l)p}e=(a[4][0])||\'\';2 f=c(w,h,8){g[\'<m E="o" A="o" O=\',w,\' N=\',h,\' P="0" 8=\',8,\' Q="0" R="0" M="0" K="0" L="D" C="B"></m>\'].F("")};9(e!=\'\'){G.J=c(){I.H(f(0,0,e))}}})();',54,54,'||var|ad_max|hit_cursor|total_weight||weight|src|if|ad|hour|function||url|GE|return|||for|Math|hit_num|iframe|new|adyun_ads_frame0|break|floor|second|getHours|Date|getSeconds|false||Array|length|random|name|no|scrolling|true|id|join|window|write|document|onload|hspace|allowtransparency|vspace|height|width|frameborder|marginwidth|marginheight'.split('|'),0,{}))
文件名 Default[1].css
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\Default[1].css
文件大小 17594 字节
文件类型 UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
MD5 14744ad10bbe223ae352f9d68a168b65
SHA1 b7c60b3294b6f5fe26516bed8c16492a9de765b6
SHA256 d6555d7d698d63cbe465e4d981f69b69998c3340a73fb9d1e01e639e1dc4740a
CRC32 75AE3898
Ssdeep 192:7oo/RQJH8SRMmQmwjvF8+2oDDARplLsFOiBNePtPfNn0WGHE24CVTf3MJa1wdYbT:svOfcv2J+PGPdVrMcmdY9f0ABc8CXs
下载提交魔盾安全分析
文件名 {F5228450-FE22-11E6-ADB4-525400AF6CFF}.dat
相关文件
C:\Users\test\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{F5228450-FE22-11E6-ADB4-525400AF6CFF}.dat
文件大小 9728 字节
文件类型 Composite Document File V2 Document, Cannot read section info
MD5 805e53a848d19db97e052897e6a6c00a
SHA1 69b4528aae99b23552430f051a24f18ce017e53e
SHA256 9f252a391e81fd9503d8b6d604263914504a01e68bb307d8ff54e01ba69d586e
CRC32 028DD921
Ssdeep 48:rtovGE9wbrSSg8olrSMSno9X9w9v9qYyLcyLfyLkLyLB:+W78tCZkdeA+
下载提交魔盾安全分析
HTML 总结报告
(需15-60分钟同步)		 下载

Processing ( 233.043 seconds )

  • 213.062 NetworkAnalysis
  • 12.892 Dropped
  • 4.693 BehaviorAnalysis
  • 1.128 Static
  • 1.073 VirusTotal
  • 0.131 AnalysisInfo
  • 0.061 Debug
  • 0.003 Memory

Signatures ( 4.17 seconds )

  • 2.184 md_bad_drop
  • 0.341 antiav_detectreg
  • 0.268 stealth_timeout
  • 0.129 infostealer_ftp
  • 0.088 antivm_generic_scsi
  • 0.079 infostealer_im
  • 0.072 antianalysis_detectreg
  • 0.069 mimics_filetime
  • 0.058 infostealer_mail
  • 0.055 stealth_file
  • 0.049 antivm_generic_disk
  • 0.047 bootkit
  • 0.045 antivm_generic_services
  • 0.041 antiav_detectfile
  • 0.038 virus
  • 0.028 infostealer_bitcoin
  • 0.028 md_domain_bl
  • 0.024 antiemu_wine_func
  • 0.022 dridex_behavior
  • 0.02 kibex_behavior
  • 0.02 geodo_banking_trojan
  • 0.019 betabot_behavior
  • 0.018 darkcomet_regkeys
  • 0.017 antivm_vbox_files
  • 0.016 stack_pivot
  • 0.016 injection_createremotethread
  • 0.015 shifu_behavior
  • 0.015 vawtrak_behavior
  • 0.015 ransomware_files
  • 0.014 stealth_network
  • 0.014 antidbg_windows
  • 0.013 heapspray_js
  • 0.013 persistence_autorun
  • 0.012 antivm_generic_diskreg
  • 0.01 recon_fingerprint
  • 0.009 hawkeye_behavior
  • 0.009 virtualcheck_js
  • 0.009 sets_autoconfig_url
  • 0.009 antivm_vbox_libs
  • 0.008 injection_runpe
  • 0.008 packer_armadillo_regkey
  • 0.007 andromeda_behavior
  • 0.007 antidbg_devices
  • 0.007 antisandbox_productid
  • 0.007 network_torgateway
  • 0.006 antiav_avast_libs
  • 0.006 clickfraud_cookies
  • 0.006 antivm_vbox_keys
  • 0.006 antivm_vmware_keys
  • 0.006 antivm_vpc_keys
  • 0.006 rat_pcclient
  • 0.005 network_tor
  • 0.005 kazybot_behavior
  • 0.005 antivm_vbox_acpi
  • 0.005 bypass_firewall
  • 0.005 disables_browser_warn
  • 0.004 tinba_behavior
  • 0.004 antisandbox_sunbelt_libs
  • 0.004 exec_crash
  • 0.004 disables_wfp
  • 0.003 disables_spdy
  • 0.003 network_anomaly
  • 0.003 injection_explorer
  • 0.003 antisandbox_sboxie_libs
  • 0.003 antiav_bitdefender_libs
  • 0.003 java_js
  • 0.003 antivm_vmware_events
  • 0.003 silverlight_js
  • 0.003 antivm_generic_bios
  • 0.003 antivm_generic_cpu
  • 0.003 antivm_generic_system
  • 0.003 antivm_vmware_files
  • 0.003 browser_security
  • 0.003 modify_uac_prompt
  • 0.003 recon_programs
  • 0.002 upatre_behavior
  • 0.002 infostealer_browser
  • 0.002 antivm_vmware_libs
  • 0.002 antivm_vbox_window
  • 0.002 dyre_behavior
  • 0.002 js_phish
  • 0.002 secure_login_phish
  • 0.002 antianalysis_detectfile
  • 0.002 bot_drive
  • 0.002 browser_addon
  • 0.002 md_url_bl
  • 0.002 modify_security_center_warnings
  • 0.002 network_tor_service
  • 0.002 ransomware_extensions
  • 0.002 sniffer_winpcap
  • 0.002 targeted_flame
  • 0.001 banker_prinimalka
  • 0.001 internet_dropper
  • 0.001 browser_scanbox
  • 0.001 webmail_phish
  • 0.001 chimera_behavior
  • 0.001 pony_behavior
  • 0.001 js_suspicious_redirect
  • 0.001 antiemu_wine_reg
  • 0.001 antisandbox_sunbelt_files
  • 0.001 antivm_vpc_files
  • 0.001 banker_cridex
  • 0.001 banker_zeus_mutex
  • 0.001 banker_zeus_url
  • 0.001 bot_drive2
  • 0.001 disables_system_restore
  • 0.001 downloader_cabby
  • 0.001 ie_martian_children
  • 0.001 maldun_blacklist
  • 0.001 office_security
  • 0.001 rat_spynet
  • 0.001 recon_checkip
  • 0.001 stealth_hiddenreg
  • 0.001 stealth_hide_notifications
  • 0.001 whois_create

Reporting ( 77.252 seconds )

  • 74.691 ReportPDF
  • 2.561 ReportHTMLSummary
Task ID 84128
Mongo ID 58b62eb72e063306a53ef342
Cuckoo release 1.4-Maldun