分析类型 | 虚拟机标签 | 开始时间 | 结束时间 | 持续时间 |
---|---|---|---|---|
URL | win7-sp1-x64-shaapp01-1 | 2017-12-15 18:26:35 | 2017-12-15 18:28:54 | 139 秒 |
URL |
---|
URL专业沙箱检测 -> http://orangekks.000webhostapp.com |
直接 | IP | 安全评级 | 地理位置 |
---|---|---|---|
否 | 104.17.176.200 | 未知 | 美国 |
否 | 117.18.237.29 | 亚洲太平洋地区 | |
否 | 145.14.144.61 | 未知 | 荷兰 |
否 | 183.136.212.50 | 未知 | 中国 |
否 | 184.26.142.160 | 未知 | 美国 |
否 | 31.13.85.16 | 未知 | 爱尔兰 |
否 | 65.55.186.113 | 美国 |
Name: Arnas Suopelis Country: CY State: Larnaka City: Larnaca ZIP Code: 6023 Address: 61 Lordou Vironos Street Orginization: Hostinger International Limited Domain Name(s): 000WEBHOSTAPP.COM Creation Date: 2016-05-11 13:34:12 Updated Date: 2017-04-05 08:04:14 2017-04-05 08:09:44 Expiration Date: 2022-05-11 13:34:12 Email(s): abuse@hostinger.com hostmaster@hostinger.com Registrar(s): Hostinger, UAB Name Server(s): DNS1.000WEBHOST.COM DNS2.000WEBHOST.COM dns1.000webhost.com dns2.000webhost.com Referral URL(s): None
直接 | IP | 安全评级 | 地理位置 |
---|---|---|---|
否 | 104.17.176.200 | 未知 | 美国 |
否 | 117.18.237.29 | 亚洲太平洋地区 | |
否 | 145.14.144.61 | 未知 | 荷兰 |
否 | 183.136.212.50 | 未知 | 中国 |
否 | 184.26.142.160 | 未知 | 美国 |
否 | 31.13.85.16 | 未知 | 爱尔兰 |
否 | 65.55.186.113 | 美国 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 49179 | 104.17.176.200 ocsp.msocsp.com | 80 |
192.168.122.201 | 49194 | 117.18.237.29 ocsp.digicert.com | 80 |
192.168.122.201 | 49163 | 145.14.144.61 orangekks.000webhostapp.com | 80 |
192.168.122.201 | 49187 | 145.14.144.61 orangekks.000webhostapp.com | 80 |
192.168.122.201 | 49177 | 183.136.212.50 www.microsoft.com | 80 |
192.168.122.201 | 49181 | 183.136.212.50 www.microsoft.com | 80 |
192.168.122.201 | 49192 | 184.26.142.160 cdn.epg.tvdownload.microsoft.com | 80 |
192.168.122.201 | 49178 | 65.55.186.113 data.tvdownload.microsoft.com | 443 |
192.168.122.201 | 49180 | 65.55.186.113 data.tvdownload.microsoft.com | 443 |
192.168.122.201 | 49182 | 65.55.186.113 data.tvdownload.microsoft.com | 443 |
192.168.122.201 | 49183 | 65.55.186.113 data.tvdownload.microsoft.com | 443 |
192.168.122.201 | 49184 | 65.55.186.113 data.tvdownload.microsoft.com | 443 |
192.168.122.201 | 49185 | 65.55.186.113 data.tvdownload.microsoft.com | 443 |
192.168.122.201 | 49186 | 65.55.186.113 data.tvdownload.microsoft.com | 443 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 49230 | 192.168.122.1 | 53 |
192.168.122.201 | 51070 | 192.168.122.1 | 53 |
192.168.122.201 | 52576 | 192.168.122.1 | 53 |
192.168.122.201 | 52640 | 192.168.122.1 | 53 |
192.168.122.201 | 55542 | 192.168.122.1 | 53 |
192.168.122.201 | 59795 | 192.168.122.1 | 53 |
192.168.122.201 | 61817 | 192.168.122.1 | 53 |
192.168.122.201 | 62669 | 192.168.122.1 | 53 |
192.168.122.201 | 64810 | 192.168.122.1 | 53 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 49179 | 104.17.176.200 ocsp.msocsp.com | 80 |
192.168.122.201 | 49194 | 117.18.237.29 ocsp.digicert.com | 80 |
192.168.122.201 | 49163 | 145.14.144.61 orangekks.000webhostapp.com | 80 |
192.168.122.201 | 49187 | 145.14.144.61 orangekks.000webhostapp.com | 80 |
192.168.122.201 | 49177 | 183.136.212.50 www.microsoft.com | 80 |
192.168.122.201 | 49181 | 183.136.212.50 www.microsoft.com | 80 |
192.168.122.201 | 49192 | 184.26.142.160 cdn.epg.tvdownload.microsoft.com | 80 |
192.168.122.201 | 49178 | 65.55.186.113 data.tvdownload.microsoft.com | 443 |
192.168.122.201 | 49180 | 65.55.186.113 data.tvdownload.microsoft.com | 443 |
192.168.122.201 | 49182 | 65.55.186.113 data.tvdownload.microsoft.com | 443 |
192.168.122.201 | 49183 | 65.55.186.113 data.tvdownload.microsoft.com | 443 |
192.168.122.201 | 49184 | 65.55.186.113 data.tvdownload.microsoft.com | 443 |
192.168.122.201 | 49185 | 65.55.186.113 data.tvdownload.microsoft.com | 443 |
192.168.122.201 | 49186 | 65.55.186.113 data.tvdownload.microsoft.com | 443 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 49230 | 192.168.122.1 | 53 |
192.168.122.201 | 51070 | 192.168.122.1 | 53 |
192.168.122.201 | 52576 | 192.168.122.1 | 53 |
192.168.122.201 | 52640 | 192.168.122.1 | 53 |
192.168.122.201 | 55542 | 192.168.122.1 | 53 |
192.168.122.201 | 59795 | 192.168.122.1 | 53 |
192.168.122.201 | 61817 | 192.168.122.1 | 53 |
192.168.122.201 | 62669 | 192.168.122.1 | 53 |
192.168.122.201 | 64810 | 192.168.122.1 | 53 |
URI | HTTP数据 |
---|---|
URL专业沙箱检测 -> http://orangekks.000webhostapp.com/ | GET / HTTP/1.1 Accept: */* Referer: http://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=2&ved=0CCEQfjS1FhbXljS1dEeWNzb3BV&url=http%3A%2F%2Forangekks.000webhostapp.com&ei=VWRyaG9CcGNtQ25S&usg=AFQjZ2t1TXVkclNLQ3hw Accept-Language: zh-cn User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: orangekks.000webhostapp.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://orangekks.000webhostapp.com/js/jquery-1.11.3.min.js | GET /js/jquery-1.11.3.min.js HTTP/1.1 Accept: */* Referer: http://orangekks.000webhostapp.com/ Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: orangekks.000webhostapp.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://www.microsoft.com/ | GET / HTTP/1.1 Host: www.microsoft.com Connection: Close |
URL专业沙箱检测 -> http://ocsp.msocsp.com/MFQwUjBQME4wTDAJBgUrDgMCGgUABBQphfxhPb4vsBIPXkIOTJ7D1Z79fAQUCP4ln3TqhwTCvLuOqDhfM8bRbGUCEy0AAO%2FxE5PyQlBerOAAAAAA7%2FE%3D | GET /MFQwUjBQME4wTDAJBgUrDgMCGgUABBQphfxhPb4vsBIPXkIOTJ7D1Z79fAQUCP4ln3TqhwTCvLuOqDhfM8bRbGUCEy0AAO%2FxE5PyQlBerOAAAAAA7%2FE%3D HTTP/1.1 Cache-Control: max-age = 10800 Connection: Keep-Alive Accept: */* If-Modified-Since: Wed, 06 Dec 2017 07:11:24 GMT If-None-Match: "a602f001a25d1ece86269d16668acccb0791bbc6" User-Agent: Microsoft-CryptoAPI/6.1 Host: ocsp.msocsp.com |
URL专业沙箱检测 -> http://orangekks.000webhostapp.com/gallery/favicon.ico | GET /gallery/favicon.ico HTTP/1.1 Accept: */* Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Host: orangekks.000webhostapp.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://cdn.epg.tvdownload.microsoft.com/broadbanddata/Prod/1/805332787786/cn/ALL/131/null-cn_null_131_BBPkg.enc | HEAD /broadbanddata/Prod/1/805332787786/cn/ALL/131/null-cn_null_131_BBPkg.enc HTTP/1.1 Connection: Keep-Alive Accept: */* Accept-Encoding: identity User-Agent: Microsoft BITS/7.5 Host: cdn.epg.tvdownload.microsoft.com |
URL专业沙箱检测 -> http://cdn.epg.tvdownload.microsoft.com/broadbanddata/Prod/1/805332787786/cn/ALL/131/null-cn_null_131_BBPkg.enc | GET /broadbanddata/Prod/1/805332787786/cn/ALL/131/null-cn_null_131_BBPkg.enc HTTP/1.1 Connection: Keep-Alive Accept: */* Accept-Encoding: identity If-Unmodified-Since: Thu, 09 Jul 2015 23:37:37 GMT User-Agent: Microsoft BITS/7.5 Host: cdn.epg.tvdownload.microsoft.com |
URL专业沙箱检测 -> http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom%2FnYB45SPUEwQU5Z1ZMIJHWMys%2BghUNoZ7OrUETfACEAiIzVJfGSRETRSlgpHeuVI%3D | GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBTBL0V27RVZ7LBduom%2FnYB45SPUEwQU5Z1ZMIJHWMys%2BghUNoZ7OrUETfACEAiIzVJfGSRETRSlgpHeuVI%3D HTTP/1.1 Cache-Control: max-age = 172800 Connection: Keep-Alive Accept: */* If-Modified-Since: Wed, 06 Dec 2017 00:22:31 GMT If-None-Match: "5a273847-1d7" User-Agent: Microsoft-CryptoAPI/6.1 Host: ocsp.digicert.com |
无SMTP流量.
无IRC请求.
无ICMP流量.
无 CIF 结果
Timestamp | Source IP | Source Port | Destination IP | Destination Port | Protocol | SID | Signature | Category |
---|---|---|---|---|---|---|---|---|
2017-12-15 18:26:59.991848+0800 | 183.136.212.50 | 80 | 192.168.122.201 | 49177 | TCP | 2012692 | ET POLICY Microsoft user-agent automated process response to automated request | A Network Trojan was detected |
2017-12-15 18:27:06.017029+0800 | 183.136.212.50 | 80 | 192.168.122.201 | 49181 | TCP | 2012692 | ET POLICY Microsoft user-agent automated process response to automated request | A Network Trojan was detected |
Timestamp | Source IP | Source Port | Destination IP | Destination Port | Version | Issuer | Subject | Fingerprint |
---|---|---|---|---|---|---|---|---|
2017-12-15 18:27:01.914655+0800 | 192.168.122.201 | 49178 | 65.55.186.113 | 443 | TLSv1 | C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, OU=Microsoft IT, CN=Microsoft IT TLS CA 5 | C=US, ST=WA, L=Redmond, O=Microsoft Corporation, OU=Microsoft Corporation, CN=data.tvdownload.microsoft.com | a1:ca:16:54:fb:ba:28:d9:f4:a0:c3:b7:5b:b4:f5:2b:63:27:87:e5 |
2017-12-15 18:27:12.856259+0800 | 192.168.122.201 | 49185 | 65.55.186.113 | 443 | TLSv1 | C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, OU=Microsoft IT, CN=Microsoft IT TLS CA 5 | C=US, ST=WA, L=Redmond, O=Microsoft Corporation, OU=Microsoft Corporation, CN=data.tvdownload.microsoft.com | a1:ca:16:54:fb:ba:28:d9:f4:a0:c3:b7:5b:b4:f5:2b:63:27:87:e5 |
2017-12-15 18:27:15.039680+0800 | 192.168.122.201 | 49186 | 65.55.186.113 | 443 | TLSv1 | C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, OU=Microsoft IT, CN=Microsoft IT TLS CA 5 | C=US, ST=WA, L=Redmond, O=Microsoft Corporation, OU=Microsoft Corporation, CN=data.tvdownload.microsoft.com | a1:ca:16:54:fb:ba:28:d9:f4:a0:c3:b7:5b:b4:f5:2b:63:27:87:e5 |
2017-12-15 18:27:10.661296+0800 | 192.168.122.201 | 49184 | 65.55.186.113 | 443 | TLSv1 | C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, OU=Microsoft IT, CN=Microsoft IT TLS CA 5 | C=US, ST=WA, L=Redmond, O=Microsoft Corporation, OU=Microsoft Corporation, CN=data.tvdownload.microsoft.com | a1:ca:16:54:fb:ba:28:d9:f4:a0:c3:b7:5b:b4:f5:2b:63:27:87:e5 |
2017-12-15 18:27:08.503319+0800 | 192.168.122.201 | 49183 | 65.55.186.113 | 443 | TLSv1 | C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, OU=Microsoft IT, CN=Microsoft IT TLS CA 5 | C=US, ST=WA, L=Redmond, O=Microsoft Corporation, OU=Microsoft Corporation, CN=data.tvdownload.microsoft.com | a1:ca:16:54:fb:ba:28:d9:f4:a0:c3:b7:5b:b4:f5:2b:63:27:87:e5 |
No Suricata HTTP
文件名 | RecoveryStore.{6D546903-E182-11E7-A1F7-525400F9C664}.dat |
---|---|
相关文件 |
C:\Users\test\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{6D546903-E182-11E7-A1F7-525400F9C664}.dat
|
文件大小 | 3584 字节 |
文件类型 | Composite Document File V2 Document, Cannot read section info |
MD5 | 8b752211845a91c59559319b571d5ea9 |
SHA1 | 8a57c97a2a73cb22f70dfa63fc16e740b39059aa |
SHA256 | e69203fde2aa5b61ac16178cdc2bd707ff5adc2262e5854fc0bf914204e0e33f |
CRC32 | 5427D932 |
Ssdeep | 12:rl0YmGF29mrEg5+IaCrI017+FpDrEgmf+IaCy8qgQNlTqoKqWiWi:rI9m5/KGv/TQNlWoJ99 |
下载 提交魔盾安全分析 |
文件名 | index.dat |
---|---|
相关文件 |
C:\Users\test\AppData\Local\Microsoft\Feeds Cache\index.dat
|
文件大小 | 32768 字节 |
文件类型 | Internet Explorer cache file version Ver 5.2 |
MD5 | 0aee387ca0a52dcdd8f8a29ea76edb42 |
SHA1 | 5df81547dcadb2a7b8bc689da8e1383ba1a84cb9 |
SHA256 | c31bc37e102b70a472837d530ec80bdaea28b0fefda3e9aa8c8cda98c4200c4e |
CRC32 | B451CA0B |
Ssdeep | 12:qjtSaFpbZli3zIoYDPO7em4GZj03W/cKYDPOCG5A30WUsOXQDG9YRm4GZ5:qj4avEIoYTCebGZ7ZYTlEJ0oQQ4bGZ |
魔盾安全分析结果 | 2.0 分析时间:2016-11-06 20:10:20 查看分析报告 |
下载 提交魔盾安全分析 |
文件名 | MSIMGSIZ.DAT |
---|---|
相关文件 |
C:\Users\test\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT
|
文件大小 | 16384 字节 |
文件类型 | data |
MD5 | 133feee5310e20e4ba94e459bae8b3e4 |
SHA1 | 3683dd609fb29ed26d3f41f0f943914d29b6ffae |
SHA256 | 7cbd32f4a41694695e78f9ac3af6fe2e8afca7dc966f7904fa498269572d68b6 |
CRC32 | 4F400BC6 |
Ssdeep | 48:jGQhN7sXHWrVmqESaakad5PIy+9/8JrcVjdS6gPdY4z7el:CBXHbbSrka5PIL8mJdcPzz76 |
下载 提交魔盾安全分析 |
文件名 | {6D546904-E182-11E7-A1F7-525400F9C664}.dat |
---|---|
相关文件 |
C:\Users\test\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{6D546904-E182-11E7-A1F7-525400F9C664}.dat
|
文件大小 | 5632 字节 |
文件类型 | Composite Document File V2 Document, Cannot read section info |
MD5 | b095d4dc0cf61e56012a0850c81bfe06 |
SHA1 | 7d3e29d77e4bbc185d542c634860aea87b5c2576 |
SHA256 | 3f421ede3652fd47c896707dc8df4bd5c27c63678763f713e6daeef2bb44f5ba |
CRC32 | C830C049 |
Ssdeep | 24:rILiyGt87Mohxf/oh+f/ohZLf/ohlwtFNlRoCohVZ4ohlJxDSNlRoCohQMohW4Z/:rciyG0dxO+OZLOmojP4ohLhkojQdWY/ |
下载 提交魔盾安全分析 |
文件名 | jquery-1.11.3.min[1].js |
---|---|
相关文件 |
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDL4J1KW\jquery-1.11.3.min[1].js
|
文件大小 | 95957 字节 |
文件类型 | ASCII text, with very long lines |
MD5 | 895323ed2f7258af4fae2c738c8aea49 |
SHA1 | 276c87ff3e1e3155679c318938e74e5c1b76d809 |
SHA256 | ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8 |
CRC32 | 9365860E |
Ssdeep | 1536:OP10iSi65U/dXXeyhzeBuG+HYE0WEeLDFoNqLTW8+S5VRZIVI6xSb8xh2ZbQnRmc:R+41ZqLTW8xRrqSb8qGH77da98Hrf |
Yara |
|
下载 提交魔盾安全分析 显示文本 | |
/*! jQuery v1.11.3 | (c) 2005, 2015 jQuery Foundation, Inc. | jquery.org/license */ !function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){var c=[],d=c.slice,e=c.concat,f=c.push,g=c.indexOf,h={},i=h.toString,j=h.hasOwnProperty,k={},l="1.11.3",m=function(a,b){return new m.fn.init(a,b)},n=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g,o=/^-ms-/,p=/-([\da-z])/gi,q=function(a,b){return b.toUpperCase()};m.fn=m.prototype={jquery:l,constructor:m,selector:"",length:0,toArray:function(){return d.call(this)},get:function(a){return null!=a?0>a?this[a+this.length]:this[a]:d.call(this)},pushStack:function(a){var b=m.merge(this.constructor(),a);return b.prevObject=this,b.context=this.context,b},each:function(a,b){return m.each(this,a,b)},map:function(a){return this.pushStack(m.map(this,function(b,c){return a.call(b,c,b)}))},slice:function(){return this.pushStack(d.apply(this,arguments))},first:function(){return this.eq(0)},last:function(){return this.eq(-1)},eq:function(a){var b=this.length,c=+a+(0>a?b:0);return this.pushStack(c>=0&&b>c?[this[c]]:[])},end:function(){return this.prevObject||this.constructor(null)},push:f,sort:c.sort,splice:c.splice},m.extend=m.fn.extend=function(){var a,b,c,d,e,f,g=arguments[0]||{},h=1,i=arguments.length,j=!1;for("boolean"==typeof g&&(j=g,g=arguments[h]||{},h++),"object"==typeof g||m.isFunction(g)||(g={}),h===i&&(g=this,h--);i>h;h++)if(null!=(e=arguments[h]))for(d in e)a=g[d],c=e[d],g!==c&&(j&&c&&(m.isPlainObject(c)||(b=m.isArray(c)))?(b?(b=!1,f=a&&m.isArray(a)?a:[]):f=a&&m.isPlainObject(a)?a:{},g[d]=m.extend(j,f,c)):void 0!==c&&(g[d]=c));return g},m.extend({expando:"jQuery"+(l+Math.random()).replace(/\D/g,""),isReady:!0,error:function(a){throw new Error(a)},noop:function(){},isFunction:function(a){return"function"===m.type(a)},isArray:Array.isArray||function(a){return"array"===m.type(a)},isWindow:function(a){return null!=a&&a==a.window},isNumeric:function(a){return!m.isArray(a)&&a-parseFloat(a)+1>=0},isEmptyObject:function(a){var b;for(b in a)return!1;return!0},isPlainObject:function(a){var b;if(!a||"object"!==m.type(a)||a.nodeType||m.isWindow(a))return!1;try{if(a.constructor&&!j.call(a,"constructor")&&!j.call(a.constructor.prototype,"isPrototypeOf"))return!1}catch(c){return!1}if(k.ownLast)for(b in a)return j.call(a,b);for(b in a);return void 0===b||j.call(a,b)},type:function(a){return null==a?a+"":"object"==typeof a||"function"==typeof a?h[i.call(a)]||"object":typeof a},globalEval:function(b){b&&m.trim(b)&&(a.execScript||function(b){a.eval.call(a,b)})(b)},camelCase:function(a){return a.replace(o,"ms-").replace(p,q)},nodeName:function(a,b){return a.nodeName&&a.nodeName.toLowerCase()===b.toLowerCase()},each:function(a,b,c){var d,e=0,f=a.length,g=r(a);if(c){if(g){for(;f>e;e++)if(d=b.apply(a[e],c),d===!1)break}else for(e in a)if(d=b.apply(a[e],c),d===!1)break}else if(g){for(;f>e;e++)if(d=b.call(a[e],e,a[e]),d===!1)break}else for(e in a)if(d=b.call(a[e],e,a[e]),d===!1)break;return a},trim:function(a){return null==a?"":(a+"").replace(n,"")},makeArray:function(a,b){var c=b||[];return null!=a&&(r(Object(a))?m.merge(c,"string"==typeof a?[a]:a):f.call(c,a)),c},inArray:function(a,b,c){var d;if(b){if(g)return g.call(b,a,c);for(d=b.length,c=c?0>c?Math.max(0,d+c):c:0;d>c;c++)if(c in b&&b[c]===a)return c}return-1},merge:function(a,b){var c=+b.length,d=0,e=a.length;while(c>d)a[e++]=b[d++];if(c!==c)while(void 0!==b[d])a[e++]=b[d++];return a.length=e,a},grep:function(a,b,c){for(var d,e=[],f=0,g=a.length,h=!c;g>f;f++)d=!b(a[f],f),d!==h&&e.push(a[f]);return e},map:function(a,b,c){var d,f=0,g=a.length,h=r(a),i=[];if(h)for(;g>f;f++)d=b(a[f],f,c),null!=d&&i.push(d);else for(f in a)d=b(a[f],f,c),null!=d&&i.push(d);return e.apply([],i)},guid:1,proxy:function(a,b){var c,e,f;return"string"==typeof b&&(f=a[b],b=a,a=f),m.isFunction(a)?(c=d.call(arguments,2),e=function(){return a.apply(b||this,c.concat(d.call(arguments)))},e.guid=a.guid=a.guid||m.guid++,e):void 0},now:function(){return+new Date},support:k}),m.each("Boolean Number String Function Array Date RegExp Object Error".split(" "),function(a,b){h["[object "+b+"]"]=b.toLowerCase()});function r(a){var b="length"in a&&a.length,c=m.type(a);return"function"===c||m.isWindow(a)?!1:1===a.nodeType&&b?!0:"array"===c||0===b||"number"==typeof b&&b>0&&b-1 in a}var s=function(a){var b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u="sizzle"+1*new Date,v=a.document,w=0,x=0,y=ha(),z=ha(),A=ha(),B=function(a,b){return a===b&&(l=!0),0},C=1<<31,D={}.hasOwnProperty,E=[],F=E.pop,G=E.push,H=E.push,I=E.slice,J=function(a,b){for(var c=0,d=a.length;d>c;c++)if(a[c]===b)return c;return-1},K="checked|selected|async|autofocus|autoplay|controls|defer|disabled|hidden|ismap|loop|multiple|open|readonly|required|scoped",L="[\\x20\\t\\r\\n\\f]",M="(?:\\\\.|[\\w-]|[^\\x00-\\xa0])+",N=M.replace("w","w#"),O="\\["+L+"*("+M+")(?:"+L+"*([*^$|!~]?=)"+L+"*(?:'((?:\\\\.|[^\\\\'])*)'|\"((?:\\\\.|[^\\\\\"])*)\"|("+N+"))|)"+L+"*\\]",P=":("+M+")(?:\\((('((?:\\\\.|[^\\\\'])*)'|\"((?:\\\\.|[^\\\\\"])*)\")|((?:\\\\.|[^\\\\()[\\]]|"+O+")*)|.*)\\)|)",Q=new RegExp(L+"+","g"),R=new RegExp("^"+L+"+|((?:^|[^\\\\])(?:\\\\.)*)"+L+"+$","g"),S=new RegExp("^"+L+"*,"+L+"*"),T=new RegExp("^"+L+"*([>+~]|"+L+")"+L+"*"),U=new RegExp("="+L+"*([^\\]'\"]*?)"+L+"*\\]","g"),V=new RegExp(P),W=new RegExp("^"+N+"$"),X={ID:new RegExp("^#("+M+")"),CLASS:new RegExp("^\\.("+M+")"),TAG:new RegExp("^("+M.replace("w","w*")+")"),ATTR:new RegExp("^"+O),PSEUDO:new RegExp("^"+P),CHILD:new RegExp("^:(only|first|last|nth|nth-last)-(child|of-type)(?:\\("+L+"*(even|odd|(([+-]|)(\\d*)n|)"+L+"*(?:([+-]|)"+L+"*(\\d+)|))"+L+"*\\)|)","i"),bool:new RegExp("^(?:"+K+")$","i"),needsContext:new RegExp("^"+L+"*[>+~]|:(even|odd|eq|gt|lt|nth|first|last)(?:\\("+L+"*((?:-\\d)?\\d*)"+L+"*\\)|)(?=[^-]|$)","i")},Y=/^(?:input|select|textarea|button)$/i,Z=/^h\d$/i,$=/^[^{]+\{\s*\[native \w/,_=/^(?:#([\w-]+)|(\w+)|\.([\w-]+))$/,aa=/[+~]/,ba=/'|\\/g,ca=new RegExp("\\\\([\\da-f]{1,6}"+L+"?|("+L+")|.)","ig"),da=function(a,b,c){var d="0x"+b-65536;return d!==d||c?b:0>d?String.fromCharCode(d+65536):String.fromCharCode(d>>10|55296,1023&d|56320)},ea=function(){m()};try{H.apply(E=I.call(v.childNodes),v.childNodes),E[v.childNodes.length].nodeType}catch(fa){H={apply:E.length?function(a,b){G.apply(a,I.call(b))}:function(a,b){var c=a.length,d=0;while(a[c++]=b[d++]);a.length=c-1}}}function ga(a,b,d,e){var f,h,j,k,l,o,r,s,w,x;if((b?b.ownerDocument||b:v)!==n&&m(b),b=b||n,d=d||[],k=b.nodeType,"string"!=typeof a||!a||1!==k&&9!==k&&11!==k)return d;if(!e&&p){if(11!==k&&(f=_.exec(a)))if(j=f[1]){if(9===k){if(h=b.getElementById(j),!h||!h.parentNode)return d;if(h.id===j)return d.push(h),d}else if(b.ownerDocument&&(h=b.ownerDocument.getElementById(j))&&t(b,h)&&h.id===j)return d.push(h),d}else{if(f[2])return H.apply(d,b.getElementsByTagName(a)),d;if((j=f[3])&&c.getElementsByClassName)return H.apply(d,b.getElementsByClassName(j)),d}if(c.qsa&&(!q||!q.test(a))){if(s=r=u,w=b,x=1!==k&&a,1===k&&"object"!==b.nodeName.toLowerCase()){o=g(a),(r=b.getAttribute("id"))?s=r.replace(ba,"\\$&"):b.setAttribute("id",s),s="[id='"+s+"'] ",l=o.length;while(l--)o[l]=s+ra(o[l]);w=aa.test(a)&&pa(b.parentNode)||b,x=o.join(",")}if(x)try{return H.apply(d,w.querySelectorAll(x)),d}catch(y){}finally{r||b.removeAttribute("id")}}}return i(a.replace(R,"$1"),b,d,e)}function ha(){var a=[];function b(c,e){return a.push(c+" ")>d.cacheLength&&delete b[a.shift()],b[c+" "]=e}return b}function ia(a){return a[u]=!0,a}function ja(a){var b=n.createElement("div");try{return!!a(b)}catch(c){return!1}finally{b.parentNode&&b.parentNode.removeChild(b),b=null}}function ka(a,b){var c=a.split("|"),e=a.length;while(e--)d.attrHandle[c[e]]=b}function la(a,b){var c=b&&a,d=c&&1===a.nodeType&&1===b.nodeType&&(~b.sourceIndex||C)-(~a.sourceIndex||C);if(d)return d;if(c)while(c=c.nextSibling)if(c===b)return-1;return a?1:-1}function ma(a){return function(b){var c=b.nodeName.toLowerCase();return"input"===c&&b.type===a}}function na(a){return function(b){var c=b.nodeName.toLowerCase();return("input"=== <truncated> |
文件名 | favicon[2].ico |
---|---|
相关文件 |
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\favicon[2].ico
|
文件大小 | 1406 字节 |
文件类型 | MS Windows icon resource - 1 icon, 16x16 |
MD5 | cb5a8479654dba0a97c3d3cc42739a8e |
SHA1 | 4de620f03cb50d11a5cb96b164cc54f1eb3590bc |
SHA256 | e75f65ccc052be9a54779fa7ee3d3087f10a0e4aca637a943fccb5a89518bc48 |
CRC32 | BC948775 |
Ssdeep | 6:4ULVO/rKOi+anUzBEt2ffjZ0oHink01qYZw8ibClqulR/tH5n:4gV0KUhzBEIflvsk01aZuXtZn |
下载 提交魔盾安全分析 |
文件名 | index.dat |
---|---|
相关文件 |
C:\Users\test\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012017121620171217\index.dat
|
文件大小 | 32768 字节 |
文件类型 | Internet Explorer cache file version Ver 5.2 |
MD5 | 0ada6358296ba7a93365b91a7f617694 |
SHA1 | 22fe9176da8541fbb76a0abdbe2aa6fc27f0e30e |
SHA256 | fd2265ebe0c91671df52f02f95e4040ac9e34e892c802bdc8ff7a0f20b3d3b9b |
CRC32 | C7AD7916 |
Ssdeep | 6:qjyxXKEPmR36SpNFt3dUlsB7erV36OFt3dUlVAB7er:qjRhR3hV3UlsB7erV3Z3UlVAB7er |
下载 提交魔盾安全分析 |
文件名 | index.dat |
---|---|
相关文件 |
C:\Users\test\AppData\Roaming\Microsoft\Windows\IECompatCache\index.dat
|
文件大小 | 65536 字节 |
文件类型 | Internet Explorer cache file version Ver 5.2 |
MD5 | 191d3d20f356bf520a7d1ed07b1bc08b |
SHA1 | bdba37ad96d8801e8d2c9e30e68afaf3822b0e4a |
SHA256 | d2eae7eeb07f08972ec78e59eaf73b6cfa48e92121748f61a394a28e33e36788 |
CRC32 | BFF870C9 |
Ssdeep | 384:wEEG/+oBMgfh3+EIOTcxi8kB+JuE1uPFykblh2F/0mjv3Bw2LI/u1sVdvM2zLOY4:wEEG/+xo |
下载 提交魔盾安全分析 |
HTML 总结报告 (需15-60分钟同步) |
下载 |
---|
Task ID | 122620 |
---|---|
Mongo ID | 5a33a411bb7d5720df129c5a |
Cuckoo release | 1.4-Maldun |