分析类型 | 虚拟机标签 | 开始时间 | 结束时间 | 持续时间 |
---|---|---|---|---|
文件 (Windows) | win7-sp1-x64-shaapp01-1 | 2017-12-15 20:53:31 | 2017-12-15 20:55:51 | 140 秒 |
文件名 | 坎巴拉太空计划.exe |
---|---|
文件大小 | 3207832 字节 |
文件类型 | PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive |
MD5 | 6914adf7190949c74c016e1ed8357e17 |
SHA1 | 3c2f11ee36970372a18338aa08296ab101defb81 |
SHA256 | 84a9222a1722fb5bcefdb8077b05553b811901e972005adfc245cec8bbd8685c |
SHA512 | fc63d1e8ccf1e195221d394d12df7b7c44cfd126b4c9c43f7fcab5ce3daabbb5615eb93cc02dfef87a6bdeb74939a4e2ca32cc6ddd5f227f7e4a2ecb93b5a44a |
CRC32 | 7DC9FEB2 |
Ssdeep | 98304:a0CLNCw9cNRkkt2ui91nYma/bZFmIMVB:aBNz9ykkwD9ra/j/ |
Yara | 登录查看Yara规则 |
样本下载 提交漏报 |
直接 | IP | 安全评级 | 地理位置 |
---|---|---|---|
否 | 104.192.110.216 | 美国 | |
否 | 111.206.66.61 | 中国 | |
否 | 112.74.72.71 | 中国 | |
否 | 123.56.64.121 | 中国 | |
否 | 123.57.50.145 | 中国 | |
否 | 180.163.251.149 | 中国 | |
否 | 182.140.227.162 | 中国 | |
否 | 36.110.213.84 | 未知 | 中国 |
否 | 42.120.217.87 | 未知 | 中国 |
初始地址 | 0x00400000 |
---|---|
入口地址 | 0x0040323c |
声明校验值 | 0x0031ead7 |
实际校验值 | 0x0031ead7 |
最低操作系统版本要求 | 4.0 |
编译时间 | 2009-12-06 06:50:46 |
载入哈希 | 099c0646ea7282d232219f8807883be0 |
图标 | |
图标精确哈希值 | e51d6dcfcc1bf1d69f16316a804dcda9 |
图标相似性哈希值 | a8b55c821312c7fe3cf49c4d24894a04 |
LegalCopyright | |
---|---|
FileVersion | |
CompanyName | |
LegalTrademarks | |
Comments | |
ProductName | |
ProductVersion | |
FileDescription | |
Translation |
SHA1 | 时间戳 | 有效性 | 错误 |
---|---|---|---|
5cd54d0aa36f5a0c22f41281311560aa756467e9 | Fri Jul 15 18:28:55 2016 | 无 |
证书链 | Certificate Chain 1 |
发行给 | StartCom Certification Authority |
发行人 | StartCom Certification Authority |
有效期 | Thu Sep 18 034636 2036 |
SHA1 哈希 | 3e2bf7f2031b96f38ce6c4d8a85d3e2d58476a0f |
证书链 | Certificate Chain 2 |
发行给 | Certification Authority of WoSign |
发行人 | StartCom Certification Authority |
有效期 | Wed Jan 01 075959 2020 |
SHA1 哈希 | b0b68ae97cfe2afacd0dc2010b9d70ace593e8a6 |
证书链 | Certificate Chain 3 |
发行给 | WoSign Class 3 Code Signing CA |
发行人 | Certification Authority of WoSign |
有效期 | Sun Aug 08 090001 2027 |
SHA1 哈希 | 13fa85c20c13b4c71f211f3fc1a841a78c5b979b |
证书链 | Certificate Chain 4 |
发行给 | |
发行人 | WoSign Class 3 Code Signing CA |
有效期 | Mon Aug 12 133528 2019 |
SHA1 哈希 | 0cf64dd12712e52abc18012bbd2fe649c78fafa3 |
证书链 | Timestamp Chain 1 |
发行给 | StartCom Certification Authority |
发行人 | StartCom Certification Authority |
有效期 | Thu Sep 18 034636 2036 |
SHA1 哈希 | 3e2bf7f2031b96f38ce6c4d8a85d3e2d58476a0f |
证书链 | Timestamp Chain 2 |
发行给 | Certification Authority of WoSign |
发行人 | StartCom Certification Authority |
有效期 | Wed Jan 01 075959 2020 |
SHA1 哈希 | b0b68ae97cfe2afacd0dc2010b9d70ace593e8a6 |
证书链 | Timestamp Chain 3 |
发行给 | WoSign Time Stamping Services CA G2 |
发行人 | Certification Authority of WoSign |
有效期 | Tue Apr 08 085858 2025 |
SHA1 哈希 | 2e5e6806c71b367f13da195e3656b9bda793c5c6 |
证书链 | Timestamp Chain 4 |
发行给 | WoSign Time Stamping Signer G2 |
发行人 | WoSign Time Stamping Services CA G2 |
有效期 | Sat Apr 08 090005 2023 |
SHA1 哈希 | 390096c49ce243ebeecfd23c43ff7feb36e9c8f1 |
名称 | 虚拟地址 | 虚拟大小 | 原始数据大小 | 特征 | 熵(Entropy) |
---|---|---|---|---|---|
.text | 0x00001000 | 0x00005a5a | 0x00005c00 | IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ | 6.42 |
.rdata | 0x00007000 | 0x00001190 | 0x00001200 | IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ | 5.18 |
.data | 0x00009000 | 0x0001af98 | 0x00000400 | IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE | 4.71 |
.ndata | 0x00024000 | 0x00008000 | 0x00000000 | IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE | 0.00 |
.rsrc | 0x0002c000 | 0x000082d0 | 0x00008400 | IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ | 6.66 |
偏移量 | 0x0000fa00 |
大小 | 0x002ff898 |
名称 | 偏移量 | 大小 | 语言 | 子语言 | 熵(Entropy) | 文件类型 |
---|---|---|---|---|---|---|
RT_ICON | 0x00032a08 | 0x000010a8 | LANG_ENGLISH | SUBLANG_ENGLISH_US | 6.66 | data |
RT_ICON | 0x00032a08 | 0x000010a8 | LANG_ENGLISH | SUBLANG_ENGLISH_US | 6.66 | data |
RT_ICON | 0x00032a08 | 0x000010a8 | LANG_ENGLISH | SUBLANG_ENGLISH_US | 6.66 | data |
RT_DIALOG | 0x00033cd0 | 0x00000060 | LANG_ENGLISH | SUBLANG_ENGLISH_US | 2.49 | data |
RT_DIALOG | 0x00033cd0 | 0x00000060 | LANG_ENGLISH | SUBLANG_ENGLISH_US | 2.49 | data |
RT_DIALOG | 0x00033cd0 | 0x00000060 | LANG_ENGLISH | SUBLANG_ENGLISH_US | 2.49 | data |
RT_GROUP_ICON | 0x00033d30 | 0x00000030 | LANG_ENGLISH | SUBLANG_ENGLISH_US | 2.52 | MS Windows icon resource - 3 icons, 32x32 |
RT_VERSION | 0x00033d60 | 0x00000294 | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.90 | data |
RT_MANIFEST | 0x00033ff8 | 0x000002d7 | LANG_ENGLISH | SUBLANG_ENGLISH_US | 5.20 | XML 1.0 document, ASCII text, with very long lines, with no line terminators |
直接 | IP | 安全评级 | 地理位置 |
---|---|---|---|
否 | 104.192.110.216 | 美国 | |
否 | 111.206.66.61 | 中国 | |
否 | 112.74.72.71 | 中国 | |
否 | 123.56.64.121 | 中国 | |
否 | 123.57.50.145 | 中国 | |
否 | 180.163.251.149 | 中国 | |
否 | 182.140.227.162 | 中国 | |
否 | 36.110.213.84 | 未知 | 中国 |
否 | 42.120.217.87 | 未知 | 中国 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 49158 | 104.192.110.216 ocsp.startssl.com | 80 |
192.168.122.201 | 49159 | 111.206.66.61 crl.startssl.com | 80 |
192.168.122.201 | 49183 | 112.74.72.71 ext.gdatacube.net | 80 |
192.168.122.201 | 49192 | 112.74.72.71 ext.gdatacube.net | 80 |
192.168.122.201 | 49172 | 123.57.50.145 box.hf-game.com | 80 |
192.168.122.201 | 49186 | 123.57.50.145 box.hf-game.com | 80 |
192.168.122.201 | 49162 | 180.163.251.149 ocsp.wosign.com | 80 |
192.168.122.201 | 49161 | 182.140.227.162 crls.wosign.com | 80 |
192.168.122.201 | 49163 | 182.140.227.162 crls.wosign.com | 80 |
192.168.122.201 | 49160 | 36.110.213.84 ocsp.wosign.com | 80 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 49230 | 192.168.122.1 | 53 |
192.168.122.201 | 51023 | 192.168.122.1 | 53 |
192.168.122.201 | 51070 | 192.168.122.1 | 53 |
192.168.122.201 | 52576 | 192.168.122.1 | 53 |
192.168.122.201 | 59418 | 192.168.122.1 | 53 |
192.168.122.201 | 59795 | 192.168.122.1 | 53 |
192.168.122.201 | 61817 | 192.168.122.1 | 53 |
192.168.122.201 | 62669 | 192.168.122.1 | 53 |
192.168.122.201 | 64810 | 192.168.122.1 | 53 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 49158 | 104.192.110.216 ocsp.startssl.com | 80 |
192.168.122.201 | 49159 | 111.206.66.61 crl.startssl.com | 80 |
192.168.122.201 | 49183 | 112.74.72.71 ext.gdatacube.net | 80 |
192.168.122.201 | 49192 | 112.74.72.71 ext.gdatacube.net | 80 |
192.168.122.201 | 49172 | 123.57.50.145 box.hf-game.com | 80 |
192.168.122.201 | 49186 | 123.57.50.145 box.hf-game.com | 80 |
192.168.122.201 | 49162 | 180.163.251.149 ocsp.wosign.com | 80 |
192.168.122.201 | 49161 | 182.140.227.162 crls.wosign.com | 80 |
192.168.122.201 | 49163 | 182.140.227.162 crls.wosign.com | 80 |
192.168.122.201 | 49160 | 36.110.213.84 ocsp.wosign.com | 80 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 49230 | 192.168.122.1 | 53 |
192.168.122.201 | 51023 | 192.168.122.1 | 53 |
192.168.122.201 | 51070 | 192.168.122.1 | 53 |
192.168.122.201 | 52576 | 192.168.122.1 | 53 |
192.168.122.201 | 59418 | 192.168.122.1 | 53 |
192.168.122.201 | 59795 | 192.168.122.1 | 53 |
192.168.122.201 | 61817 | 192.168.122.1 | 53 |
192.168.122.201 | 62669 | 192.168.122.1 | 53 |
192.168.122.201 | 64810 | 192.168.122.1 | 53 |
URI | HTTP数据 |
---|---|
URL专业沙箱检测 -> http://ocsp.startssl.com/ca/MEgwRjBEMEIwQDAJBgUrDgMCGgUABBRBc6bT2N9qzRkeiWvn5WI5MHBpNQQUTgvvGqRAW6UXaYcwyjRoQ9BBrvICBxnChTDpOzY%3D | GET /ca/MEgwRjBEMEIwQDAJBgUrDgMCGgUABBRBc6bT2N9qzRkeiWvn5WI5MHBpNQQUTgvvGqRAW6UXaYcwyjRoQ9BBrvICBxnChTDpOzY%3D HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: ocsp.startssl.com |
URL专业沙箱检测 -> http://ocsp.startssl.com/ca/MEgwRjBEMEIwQDAJBgUrDgMCGgUABBRBc6bT2N9qzRkeiWvn5WI5MHBpNQQUTgvvGqRAW6UXaYcwyjRoQ9BBrvICBxnChTDpOzY%3D | GET /ca/MEgwRjBEMEIwQDAJBgUrDgMCGgUABBRBc6bT2N9qzRkeiWvn5WI5MHBpNQQUTgvvGqRAW6UXaYcwyjRoQ9BBrvICBxnChTDpOzY%3D HTTP/1.1 Cache-Control: no-cache Connection: Keep-Alive Pragma: no-cache Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: ocsp.startssl.com |
URL专业沙箱检测 -> http://crl.startssl.com/sfsca.crl | GET /sfsca.crl HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: crl.startssl.com |
URL专业沙箱检测 -> http://ocsp.wosign.com/ca/MEUwQzBBMD8wPTAJBgUrDgMCGgUABBS123LceJQIOu0H42J9h%2FERhahaJAQU4WbPDtHxs0u3BiAU%2FocS1fb%2B%2Bz4CBBlt%2BKc%3D | GET /ca/MEUwQzBBMD8wPTAJBgUrDgMCGgUABBS123LceJQIOu0H42J9h%2FERhahaJAQU4WbPDtHxs0u3BiAU%2FocS1fb%2B%2Bz4CBBlt%2BKc%3D HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: ocsp.wosign.com |
URL专业沙箱检测 -> http://ocsp.wosign.com/ca/MEUwQzBBMD8wPTAJBgUrDgMCGgUABBS123LceJQIOu0H42J9h%2FERhahaJAQU4WbPDtHxs0u3BiAU%2FocS1fb%2B%2Bz4CBBlt%2BKc%3D | GET /ca/MEUwQzBBMD8wPTAJBgUrDgMCGgUABBS123LceJQIOu0H42J9h%2FERhahaJAQU4WbPDtHxs0u3BiAU%2FocS1fb%2B%2Bz4CBBlt%2BKc%3D HTTP/1.1 Cache-Control: no-cache Connection: Keep-Alive Pragma: no-cache Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: ocsp.wosign.com |
URL专业沙箱检测 -> http://crls.wosign.com/ca.crl | GET /ca.crl HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: crls.wosign.com |
URL专业沙箱检测 -> http://ocsp1.wosign.com/class3/code/ca1/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTqEnJhU5dFi16HHVA7etSPSTXCygQU9QKqS9PgGo53UNYau%2BvfuYNwsE4CEEy2r8T7GgTNfXztZkfbYE4%3D | GET /class3/code/ca1/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTqEnJhU5dFi16HHVA7etSPSTXCygQU9QKqS9PgGo53UNYau%2BvfuYNwsE4CEEy2r8T7GgTNfXztZkfbYE4%3D HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: ocsp1.wosign.com |
URL专业沙箱检测 -> http://ocsp1.wosign.com/class3/code/ca1/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTqEnJhU5dFi16HHVA7etSPSTXCygQU9QKqS9PgGo53UNYau%2BvfuYNwsE4CEEy2r8T7GgTNfXztZkfbYE4%3D | GET /class3/code/ca1/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTqEnJhU5dFi16HHVA7etSPSTXCygQU9QKqS9PgGo53UNYau%2BvfuYNwsE4CEEy2r8T7GgTNfXztZkfbYE4%3D HTTP/1.1 Cache-Control: no-cache Connection: Keep-Alive Pragma: no-cache Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: ocsp1.wosign.com |
URL专业沙箱检测 -> http://crls1.wosign.com/ca1-code-3.crl | GET /ca1-code-3.crl HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: crls1.wosign.com |
URL专业沙箱检测 -> http://box.hf-game.com/api/ip.jsp | GET /api/ip.jsp HTTP/1.1 Accept: */* Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Host: box.hf-game.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://ext.gdatacube.net/dc/rest/online?appId=82198C19A0EEFE02E43DC98A726FBA67&appVersion=2.0.3.31&accountId=4B4C784466BB5BB652FD7A6744809721&platform=3&gameRegion=SG&channel=sgpc&accountType=0&mac=52:54:00:F9:C6:64&imei=4B4C784466BB5BB652FD7A6744809721&gender=0&resolution=800*600&osVersion=6.1.7601&brand=&language=CHS&netType=3&ip=180.173.36.83&loginTime=1502978045&onlineTime=0 | GET /dc/rest/online?appId=82198C19A0EEFE02E43DC98A726FBA67&appVersion=2.0.3.31&accountId=4B4C784466BB5BB652FD7A6744809721&platform=3&gameRegion=SG&channel=sgpc&accountType=0&mac=52:54:00:F9:C6:64&imei=4B4C784466BB5BB652FD7A6744809721&gender=0&resolution=800*600&osVersion=6.1.7601&brand=&language=CHS&netType=3&ip=180.173.36.83&loginTime=1502978045&onlineTime=0 HTTP/1.1 Accept: */* Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Host: ext.gdatacube.net Connection: Keep-Alive |
URL专业沙箱检测 -> http://box.hf-game.com/api/gameinfo.jsp?category=5&sp=gameid:6912001383065138309&req_from=api&resulttype=xml&qd=sgpc | GET /api/gameinfo.jsp?category=5&sp=gameid:6912001383065138309&req_from=api&resulttype=xml&qd=sgpc HTTP/1.1 User-Agent: Hfgame Host: box.hf-game.com Cache-Control: no-cache |
URL专业沙箱检测 -> http://ext.gdatacube.net/dc/rest/online?appId=82198C19A0EEFE02E43DC98A726FBA67&appVersion=2.0.3.31&accountId=4B4C784466BB5BB652FD7A6744809721&platform=3&gameRegion=SG&channel=sgpc&accountType=0&mac=52:54:00:F9:C6:64&imei=4B4C784466BB5BB652FD7A6744809721&gender=0&resolution=800*600&osVersion=6.1.7601&brand=&language=CHS&netType=3&ip=180.173.36.83&loginTime=1502978088&onlineTime=0 | GET /dc/rest/online?appId=82198C19A0EEFE02E43DC98A726FBA67&appVersion=2.0.3.31&accountId=4B4C784466BB5BB652FD7A6744809721&platform=3&gameRegion=SG&channel=sgpc&accountType=0&mac=52:54:00:F9:C6:64&imei=4B4C784466BB5BB652FD7A6744809721&gender=0&resolution=800*600&osVersion=6.1.7601&brand=&language=CHS&netType=3&ip=180.173.36.83&loginTime=1502978088&onlineTime=0 HTTP/1.1 Accept: */* Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Host: ext.gdatacube.net Connection: Keep-Alive |
无SMTP流量.
无IRC请求.
无ICMP流量.
无 CIF 结果
无警报
No TLS
No Suricata HTTP
文件名 | MiniThunderPlatform.exe |
---|---|
相关文件 |
C:\Users\test\AppData\Local\HuofengGameWorld\bin\download\MiniThunderPlatform.exe
|
文件大小 | 268744 字节 |
文件类型 | PE32 executable (GUI) Intel 80386, for MS Windows |
MD5 | e2e9483568dc53f68be0b80c34fe27fb |
SHA1 | 8919397fcc5ce4f91fe0dc4e6f55cea5d39e4bb9 |
SHA256 | 205c40f2733ba3e30cc538adc6ac6ee46f4c84a245337a36108095b9280abb37 |
CRC32 | D621E075 |
Ssdeep | 6144:ePH9aqri3YL1Avg3NloWPxFL8QL2Ma8tvT0ecR:eP4qri3YL1Avg3NloWPTnL2f3x |
魔盾安全分析结果 | 0.3 分析时间:2016-08-26 17:02:13 查看分析报告 |
下载 提交魔盾安全分析 |
文件名 | msvcp71.dll |
---|---|
相关文件 |
C:\Users\test\AppData\Local\HuofengGameWorld\bin\download\msvcp71.dll
|
文件大小 | 503808 字节 |
文件类型 | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
MD5 | a94dc60a90efd7a35c36d971e3ee7470 |
SHA1 | f936f612bc779e4ba067f77514b68c329180a380 |
SHA256 | 6c483cbe349863c7dcf6f8cb7334e7d28c299e7d5aa063297ea2f62352f6bdd9 |
CRC32 | 4029812E |
Ssdeep | 12288:b692dAsfQqt4oJcRYRhUgiW6QR7t5k3Ooc8iHkC2ek:bSYACJcRYe3Ooc8iHkC2e |
魔盾安全分析结果 | 2.0 分析时间:2016-05-28 15:07:08 查看分析报告 |
下载 提交魔盾安全分析 |
文件名 | config.dat |
---|---|
相关文件 |
C:\Users\test\AppData\Local\HuofengGameWorld\config.dat
|
文件大小 | 393 字节 |
文件类型 | UTF-8 Unicode text, with CRLF line terminators |
MD5 | 74763b466651a9f061464bf3da5b7707 |
SHA1 | c8ed4bc93bbbbcd5025eec9d31c7091146fbf422 |
SHA256 | 258bcf86763cceb3e535f1d6422d8b2ba8f99a72af0843027ea54df12e7697db |
CRC32 | 4CB6F28F |
Ssdeep | 12:GEbMkZcRTSIZR+cRTqp7cRT+PL99pRL99WRaC:cRRmIZRbRyYRCPLnHLuwC |
下载 提交魔盾安全分析 显示文本 | |
{ "updateHost":"hfgame.aliapp.com", "updatePath":"/api/update.jsp", "updatePort":80, "homeUrl":"http://box.hf-game.com/api/home.jsp", "gameLibUrl":"http://box.hf-game.com/api/gamelib.jsp", "navigateUrl":"http://box.hf-game.com/api/navigate.jsp", "navigateHost":"box.hf-game.com", "navigatePath":"/api/navigate.jsp", "navigatePort":80, "apiHost":"box.hf-game.com", "test":"\xe4\xb8\xad\xe6\x96\x87" } |
文件名 | hfgwupdate.exe |
---|---|
相关文件 |
C:\Users\test\AppData\Local\HuofengGameWorld\hfgwupdate.exe
|
文件大小 | 684208 字节 |
文件类型 | PE32 executable (GUI) Intel 80386, for MS Windows |
MD5 | 7500395f2c1353c49ba2ebf8b5a85546 |
SHA1 | ef0cb174a919d92ce743d7e11e88c84eca19c620 |
SHA256 | 44e2c30372e3563f47b0dda78b8db697b8aa2270633437acb927478cb35073e7 |
CRC32 | A5977219 |
Ssdeep | 12288:15UpeVxh/w3P3bl2Px5wEDVdSha16znPYAKdVRB5fFfkE7Z:15Upec0Px5w0Oha1BAKf5NfH7Z |
下载 提交魔盾安全分析 |
文件名 | MiniTPFw.exe |
---|---|
相关文件 |
C:\Users\test\AppData\Local\HuofengGameWorld\bin\download\MiniTPFw.exe
|
文件大小 | 59848 字节 |
文件类型 | PE32 executable (console) Intel 80386, for MS Windows |
MD5 | 58bb62e88687791ad2ea5d8d6e3fe18b |
SHA1 | 0ffb029064741d10c9cf3f629202aa97167883de |
SHA256 | f02fa7ddab2593492b9b68e3f485e59eb755380a9235f6269705f6d219dff100 |
CRC32 | 0E23C82A |
Ssdeep | 768:BSODywYihzSrVPdQsNruuGYOLO3NNkFlBi1jSZIfjeGdJARt03juFGu:BSKywYDdQsQuG5L27Ui1SPRt0qf |
魔盾安全分析结果 | 3.3 分析时间:2016-08-26 17:02:18 查看分析报告 |
下载 提交魔盾安全分析 |
文件名 | setting.dat |
---|---|
相关文件 |
C:\Users\test\AppData\Local\HuofengGameWorld\setting\setting.dat
|
文件大小 | 530 字节 |
文件类型 | UTF-8 Unicode text, with CRLF line terminators |
MD5 | e759313e404abf86e930b2abdc262ea3 |
SHA1 | b9d816d9b56ae0f2356f3f899285d338ae24ffe1 |
SHA256 | 13a9660b3115924ee645f8088a344e524d699179f4be201078ea849997d6b9f9 |
CRC32 | A6277AF1 |
Ssdeep | 12:NCTR5o7Zu85o7NzmoJIZ935h8eD5o7Fequ85o7dzmoJQEFvhIVy:NCTUAVJIZ9vWUtlKEtmM |
下载 提交魔盾安全分析 显示文本 | |
{"tabs": [{"pic":"http://hfgame.aliapp.com/images/gamebox/tab_mygames.png", "hoverpic":"http://hfgame.aliapp.com/images/gamebox/tab_mygames_hot.png", "righturl":"http://hfgame.aliapp.com/api/home.jsp", "isdefault":"true","name":"mygames","cname":"\xe6\x88\x91\xe7\x9a\x84\xe6\xb8\xb8\xe6\x88\x8f"}, {"pic":"http://hfgame.aliapp.com/images/gamebox/tab_gamelib.png", "hoverpic":"http://hfgame.aliapp.com/images/gamebox/tab_gamelib_hot.png", "righturl":"http://hfgame.aliapp.com/api/gamelib.jsp", "isdefault":"false","name":"gamelib","cname":"\xe6\xb8\xb8\xe6\x88\x8f\xe5\xa4\xa7\xe5\x85\xa8"}]} |
文件名 | atl71.dll |
---|---|
相关文件 |
C:\Users\test\AppData\Local\HuofengGameWorld\bin\download\atl71.dll
|
文件大小 | 89600 字节 |
文件类型 | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
MD5 | 79cb6457c81ada9eb7f2087ce799aaa7 |
SHA1 | 322ddde439d9254182f5945be8d97e9d897561ae |
SHA256 | a68e1297fae2bcf854b47ffa444f490353028de1fa2ca713b6cf6cc5aa22b88a |
CRC32 | 1387F05A |
Ssdeep | 1536:kIlL9T5Xx1ogKMvw5Br7KLKLI+Xe+QnyH4Cc0tR6nGVp/VTbkE0DJ4ZwmroV:BtvBOI+FQny5R6nG//SdaZwms |
魔盾安全分析结果 | 2.8 分析时间:2016-05-28 14:59:30 查看分析报告 |
下载 提交魔盾安全分析 |
文件名 | uninst.exe |
---|---|
相关文件 |
C:\Users\test\AppData\Local\HuofengGameWorld\uninst.exe
|
文件大小 | 65349 字节 |
文件类型 | PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive |
MD5 | f35e8d1b04ac25dc2c09fadd17785d72 |
SHA1 | 78de122ccdc3ddb4e1f08b4911fa122e95a7ffd4 |
SHA256 | 8dc05ad7dc560cdc95ad96ac905b560d4f21b78605659b1f2efee28e342d02ad |
CRC32 | 215C92D6 |
Ssdeep | 1536:SQpQ5EP0ijnRTXJgS3G6dnjXqiz4bPrr79sOlPjmiZIptCm:SQIURTXJgv6V6izCPrfuOFlitCm |
下载 提交魔盾安全分析 |
文件名 | skin.zip |
---|---|
相关文件 |
C:\Users\test\AppData\Local\HuofengGameWorld\skin.zip
|
文件大小 | 456019 字节 |
文件类型 | Zip archive data, at least v2.0 to extract |
MD5 | 7f5f26ba449b6205b02230729349ec71 |
SHA1 | a19c5d28281ef641ef96bc542d68a0372bb45db5 |
SHA256 | 6f02ecbb1aa8ecb8ff2c3d2bc2aca0d19e246c02c884238afd16b027de6f7d96 |
CRC32 | C401F504 |
Ssdeep | 12288:vFp/N2d/gyxR9oCBL1rH8zSOIzRz0SChpy0UB:vigGPHrGT2R9mFUB |
下载 提交魔盾安全分析 |
文件名 | index.dat |
---|---|
相关文件 |
C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
|
文件大小 | 32768 字节 |
文件类型 | Internet Explorer cache file version Ver 5.2 |
MD5 | f73cb7f99b284144c15c5ba148ed1aa5 |
SHA1 | e05fc35d1fba8250c3114ee8e6e7aaa8a3cb6ddf |
SHA256 | 24f381158dc01265e21692c528dd2db7bc1b158d378696b4ed5071a71386052b |
CRC32 | 2D30E01E |
Ssdeep | 96:qv3mQd+kxzWCfJC4m8Mnom8SWd9V58SQ8MnBo6o913aORplQNY23y544KlzSbnzt:m3mQd+kxzjl/n9o9KKORplgzy6c |
下载 提交魔盾安全分析 |
文件名 | sqlite3.dll |
---|---|
相关文件 |
C:\Users\test\AppData\Local\HuofengGameWorld\sqlite3.dll
|
文件大小 | 541360 字节 |
文件类型 | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
MD5 | d12d28dce936a741dc0e01858f9f8ec4 |
SHA1 | 7f04eb55fad0ca0cdf99dabcc00a7eb1634d85c5 |
SHA256 | 38832085b72e6bf16fce077ddc848c0f72e9fb6888a13d0d5cd04ee99ce34d5f |
CRC32 | 9234F38A |
Ssdeep | 12288:VoGlUXWiMO4ESDNZpAiWTfhbpKI29WmyL4DLRmef:VoxMFE4pADXKI2jykwk |
下载 提交魔盾安全分析 |
文件名 | mygames_hot.png |
---|---|
相关文件 |
C:\Users\test\AppData\Local\HuofengGameWorld\setting\mygames_hot.png
|
文件大小 | 1631 字节 |
文件类型 | PNG image data, 80 x 80, 8-bit/color RGB, non-interlaced |
MD5 | 7f7d159e97d63a2e5b1ef6c18869b18c |
SHA1 | 1cb0014172d654a3fc50e21344f8f2f021bba698 |
SHA256 | 79abce6749dd99c51dc8c13a9cba57540125df73582176b08d6990758ec09a68 |
CRC32 | 562C0BB1 |
Ssdeep | 48:mwqQNn2xCtJ39njzaP9GGwSHg5ZKwurKgFJnRKCqf:6Y28Bg9GGwB5YXKg7RK9f |
下载 提交魔盾安全分析 |
文件名 | download_engine.dll |
---|---|
相关文件 |
C:\Users\test\AppData\Local\HuofengGameWorld\bin\download\download_engine.dll
|
文件大小 | 3512776 字节 |
文件类型 | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
MD5 | 1a87ff238df9ea26e76b56f34e18402c |
SHA1 | 2df48c31f3b3adb118f6472b5a2dc3081b302d7c |
SHA256 | abaeb5121548256577ddd8b0fc30c9ff3790649ad6a0704e4e30d62e70a72964 |
CRC32 | 5F5020A4 |
Ssdeep | 49152:O/4yyAd2+awsEL4eyiiDoHHPLvQB0o32Qm6m7VBmurXztN:OVrsEcTiiAvLa0oYkuf/ |
魔盾安全分析结果 | 2.2 分析时间:2016-05-28 15:02:27 查看分析报告 |
下载 提交魔盾安全分析 |
文件名 | gamelib_hot.png |
---|---|
相关文件 |
C:\Users\test\AppData\Local\HuofengGameWorld\setting\gamelib_hot.png
|
文件大小 | 1930 字节 |
文件类型 | PNG image data, 80 x 80, 8-bit/color RGB, non-interlaced |
MD5 | 428ab0566da92e393025855366022ecd |
SHA1 | 04c3bad9fc7eefa952e9bdd8f8780f47f458c1b7 |
SHA256 | 78478d3cb7e8e20e92cea4045b547a931ae0fb36a5a7228d99f4321fa6a1ddb2 |
CRC32 | 7E4EBE02 |
Ssdeep | 48:mwqQNn2xNZcFJ3NXRLOEHYgwfYNoG6RckE:6Y248tG6Rcf |
下载 提交魔盾安全分析 |
文件名 | zlib1.dll |
---|---|
相关文件 |
C:\Users\test\AppData\Local\HuofengGameWorld\bin\download\zlib1.dll
|
文件大小 | 59904 字节 |
文件类型 | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
MD5 | 89f6488524eaa3e5a66c5f34f3b92405 |
SHA1 | 330f9f6da03ae96dfa77dd92aae9a294ead9c7f7 |
SHA256 | bd29d2b1f930e4b660adf71606d1b9634188b7160a704a8d140cadafb46e1e56 |
CRC32 | 0296B7A0 |
Ssdeep | 1536:ZfU1BgfZqvECHUhUMPZVmnToIfxIOjIOG8TI:ZfzfZR2UhUMPZVSTBfbFG6I |
魔盾安全分析结果 | 2.0 分析时间:2016-05-28 15:12:18 查看分析报告 |
下载 提交魔盾安全分析 |
文件名 | HuofengGameWorld.exe |
---|---|
相关文件 |
C:\Users\test\AppData\Local\HuofengGameWorld\HuofengGameWorld.exe
|
文件大小 | 978096 字节 |
文件类型 | PE32 executable (GUI) Intel 80386, for MS Windows |
MD5 | f034531a701044350969d768a825b60c |
SHA1 | 8763743d1d3e4c8a3cf151de06b34e67cec88465 |
SHA256 | 11456913c0f21eeeb78a85ba0e3f6d7e420d1da47774f53c20973ccb89c04584 |
CRC32 | A3BF4482 |
Ssdeep | 24576:af/yTb1kKxB7aQhVWxlvosfW+DwZzOPdF5OFN/wFC5aX:af/gbec7aQme+DwM52+g5aX |
下载 提交魔盾安全分析 |
文件名 | dl_peer_id.dll |
---|---|
相关文件 |
C:\Users\test\AppData\Local\HuofengGameWorld\bin\download\dl_peer_id.dll
|
文件大小 | 92080 字节 |
文件类型 | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
MD5 | dba9a19752b52943a0850a7e19ac600a |
SHA1 | 3485ac30cd7340eccb0457bca37cf4a6dfda583d |
SHA256 | 69a5e2a51094dc8f30788d63243b12a0eb2759a3f3c3a159b85fd422fc00ac26 |
CRC32 | DDA98A20 |
Ssdeep | 1536:5myH1Ar4zLdIoXJED0ySFzyhSU+kcexDCaDRqxAnNQDB:foEZEDDSFzDkce7RqxAnIB |
魔盾安全分析结果 | 2.7 分析时间:2016-05-28 14:59:35 查看分析报告 |
下载 提交魔盾安全分析 |
文件名 | addfav.swf |
---|---|
相关文件 |
C:\Users\test\AppData\Local\HuofengGameWorld\addfav.swf
|
文件大小 | 1419 字节 |
文件类型 | Macromedia Flash data (compressed), version 11 |
MD5 | 6885f9e27bda47306556b52890956d98 |
SHA1 | d24bd59fac2b84154b4a07ef4d4ae862513a9e80 |
SHA256 | 3abc5da36702acd575466ae5081523d95089c0cd398533cdbc71869b2d01e531 |
CRC32 | 72073BA7 |
Ssdeep | 24:Jv72/mZU2q450R/doe7KfGxNoDdXU7NHuRmfOSIR/OCdfYR5BN1bHVioB6J1NB/:JKKVe7HYFl2Cd4NR1iHff |
Yara |
|
下载 提交魔盾安全分析 |
文件名 | index.dat |
---|---|
相关文件 |
C:\Users\test\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
|
文件大小 | 49152 字节 |
文件类型 | Internet Explorer cache file version Ver 5.2 |
MD5 | 857c9fece35bc24772965af3c6950146 |
SHA1 | 34589305537d3bfe816143869b83465d77fe4281 |
SHA256 | 5b002207458e75f2032911d3ade90fb72af811ccd3c9e5306c5cd3ad62cb306f |
CRC32 | 5DCE1202 |
Ssdeep | 96:qlz4YvHtz0T+n18+94WTS1vVBfWlW84GvnLGvnbSWicoya64cQkYQkjWCLn9N91O:uz4Vsormvqvbyett |
下载 提交魔盾安全分析 |
文件名 | IEAux.dll |
---|---|
相关文件 |
C:\Users\test\AppData\Local\HuofengGameWorld\IEAux.dll
|
文件大小 | 66224 字节 |
文件类型 | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
MD5 | 3633de4079190b65d9c1a062db39b882 |
SHA1 | 70b6f944a6711b69b8d1a992456dccb3bc2618f2 |
SHA256 | 71141a084a6ccc601f9ae32b5a56476854efde219bdad3c4abc93865fb5e611b |
CRC32 | 0731C78E |
Ssdeep | 1536:syzCRxaBYqBh9W4rdIEYNvdfej3xkqKOZ0+OEU8Fx:syzCDGYqBh9fLYNvdWj3xkqKOZ0EUy |
下载 提交魔盾安全分析 |
文件名 | \xe5\x9d\x8e\xe5\xb7\xb4\xe6\x8b\x89\xe5\xa4\xaa\xe7\xa9\xba\xe8\xae\xa1\xe5\x88\x92.lnk |
---|---|
相关文件 |
C:\Users\test\Desktop\\xe5\x9d\x8e\xe5\xb7\xb4\xe6\x8b\x89\xe5\xa4\xaa\xe7\xa9\xba\xe8\xae\xa1\xe5\x88\x92.lnk
|
文件大小 | 2147 字节 |
文件类型 | MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Thu Dec 10 10:03:00 2015, mtime=Thu Aug 17 04:53:41 2017, atime=Thu Dec 10 10:03:00 2015, length=978096, window=hide |
MD5 | bd545f06581514832ca3b51ab06b9d6e |
SHA1 | 4fac4f5d39c8bec804b4953f619fce227f8dff32 |
SHA256 | a3714cfa5e61d1a4941855b62d08f612286c396b5e67f8d7b78d9fa930dbeceb |
CRC32 | 7BC288F6 |
Ssdeep | 48:8Mz9xzRbg05xl+yLM7hOiZ55siqM7hWFZI:8kNbwdsMM0 |
下载 提交魔盾安全分析 |
文件名 | msvcp100.dll |
---|---|
相关文件 |
C:\Users\test\AppData\Local\HuofengGameWorld\msvcp100.dll
|
文件大小 | 421200 字节 |
文件类型 | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
MD5 | e3c817f7fe44cc870ecdbcbc3ea36132 |
SHA1 | 2ada702a0c143a7ae39b7de16a4b5cc994d2548b |
SHA256 | d769fafa2b3232de9fa7153212ba287f68e745257f1c00fafb511e7a02de7adf |
CRC32 | 2492E74F |
Ssdeep | 12288:zNb8zxr1aWPaHX7dGP57rhUgiW6QR7t5qv3Ooc8UHkC2ejGH:zNb8Fpa6aHX7dGP5Kv3Ooc8UHkC2eKH |
下载 提交魔盾安全分析 |
文件名 | game.ico |
---|---|
相关文件 |
C:\Users\test\AppData\Local\HuofengGameWorld\gamedata\6912001383065138309\game.ico
|
文件大小 | 30894 字节 |
文件类型 | MS Windows icon resource - 3 icons, 32x32 |
MD5 | f15ee68e7ac612749a6483c3fded608b |
SHA1 | ac0bcefb1079b8419925bf781c9b350cbbb47dba |
SHA256 | 03f4ccc5d39737b599354a0ab3640c2d34758b9854d1c4247cc2a1a48f4e0905 |
CRC32 | 7862FF33 |
Ssdeep | 768:sY726e+wGy76lP0C5msBZhEfS8xTdWGlEdno8dXz2iz4QkPrrdQKu6:sp7OlPjmiZOfS3G6dnjXqiz4bPrr79 |
下载 提交魔盾安全分析 |
文件名 | xldl.dll |
---|---|
相关文件 |
C:\Users\test\AppData\Local\HuofengGameWorld\bin\xldl.dll
|
文件大小 | 293320 字节 |
文件类型 | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
MD5 | 208662418974bca6faab5c0ca6f7debf |
SHA1 | db216fc36ab02e0b08bf343539793c96ba393cf1 |
SHA256 | a7427f58e40c131e77e8a4f226db9c772739392f3347e0fce194c44ad8da26d5 |
CRC32 | D27D783C |
Ssdeep | 6144:qUWWnyka1c7u2SbdYUUvZjWj9gj0U+zlVKy5:qvKa+7u7bqUoZjW5gj0U+z+Y |
魔盾安全分析结果 | 2.8 分析时间:2016-11-16 20:04:13 查看分析报告 |
下载 提交魔盾安全分析 |
文件名 | \xe7\xbd\x91\xe9\xa1\xb5\xe6\xb8\xb8\xe6\x88\x8f\xe5\xa4\xa7\xe5\x85\xa8.url |
---|---|
相关文件 |
C:\Users\test\Desktop\\xe7\xbd\x91\xe9\xa1\xb5\xe6\xb8\xb8\xe6\x88\x8f\xe5\xa4\xa7\xe5\x85\xa8.url
|
文件大小 | 118 字节 |
文件类型 | data |
MD5 | dac163882bbab455b77f3902e86b1faa |
SHA1 | ba285c6e4e3a8e82b5a249bf1f42b78dab8c504c |
SHA256 | e1b31175a90c55108edcb8b369127c1bced3bf0881db50a218d210d91f7447ef |
CRC32 | 5692AD2D |
Ssdeep | 3:8uRkiglZlo15gaJal+TlcQlwXK49:7glZyhJaelcQlwaG |
下载 提交魔盾安全分析 |
文件名 | index.dat |
---|---|
相关文件 |
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
|
文件大小 | 245760 字节 |
文件类型 | Internet Explorer cache file version Ver 5.2 |
MD5 | 1ab211ab0a818222569880ed2b390e19 |
SHA1 | cd0468efa8ffd1912ccce520adc9e11e8b1062f6 |
SHA256 | 32c5d1b0c8e70911a647238719cc509b1f962f25cf5d12e302d13188e6fb5244 |
CRC32 | 3069E4EF |
Ssdeep | 3072:fEUyC4qbEMHeTbVNYSOKFP33/TxxQ0UjXV:1wqnHeTbVNYfKFP33/ |
下载 提交魔盾安全分析 |
文件名 | msvcr71.dll |
---|---|
相关文件 |
C:\Users\test\AppData\Local\HuofengGameWorld\bin\download\msvcr71.dll
|
文件大小 | 348160 字节 |
文件类型 | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
MD5 | ca2f560921b7b8be1cf555a5a18d54c3 |
SHA1 | 432dbcf54b6f1142058b413a9d52668a2bde011d |
SHA256 | c4d4339df314a27ff75a38967b7569d9962337b8d4cd4b0db3aba5ff72b2bfbb |
CRC32 | F83AD7CD |
Ssdeep | 6144:cPlV59g81QWguohIP/siMbo8Crn2zzwRFMciFMNrb3YgxS3bCAO5kkG:OlVvN1QWguohInJDrn8zwNF7eCr |
魔盾安全分析结果 | 2.8 分析时间:2016-05-28 15:07:32 查看分析报告 |
下载 提交魔盾安全分析 |
文件名 | msvcr100.dll |
---|---|
相关文件 |
C:\Users\test\AppData\Local\HuofengGameWorld\msvcr100.dll
|
文件大小 | 773968 字节 |
文件类型 | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
MD5 | bf38660a9125935658cfa3e53fdc7d65 |
SHA1 | 0b51fb415ec89848f339f8989d323bea722bfd70 |
SHA256 | 60c06e0fa4449314da3a0a87c1a9d9577df99226f943637e06f61188e5862efa |
CRC32 | 14EE1F12 |
Ssdeep | 12288:yMmCy3nAgPAxN9ueqix/HEmxsvGrif8ZSy+rdQw2QRAtd74/vmYK6H3BV0eAI:dmCy3KxW3ixPEmxsvGrm8Z6r+JQPzV4I |
下载 提交魔盾安全分析 |
文件名 | \xe7\x81\xab\xe5\x87\xa4\xe6\xb8\xb8\xe6\x88\x8f\xe4\xb8\x96\xe7\x95\x8c.lnk |
---|---|
相关文件 |
C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\\xe7\x81\xab\xe5\x87\xa4\xe6\xb8\xb8\xe6\x88\x8f\xe4\xb8\x96\xe7\x95\x8c\\xe7\x81\xab\xe5\x87\xa4\xe6\xb8\xb8\xe6\x88\x8f\xe4\xb8\x96\xe7\x95\x8c.lnk
|
文件大小 | 1125 字节 |
文件类型 | MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Thu Dec 10 10:03:00 2015, mtime=Thu Aug 17 04:53:41 2017, atime=Thu Dec 10 10:03:00 2015, length=978096, window=hide |
MD5 | 8e0c41e575c55895941e1763451374eb |
SHA1 | 0884e069ab2f4a23781bae91259ebafb5c40604f |
SHA256 | b426b376383b78faccb4fcff26852103e3f0b4df0e315a4addba9125cabc690f |
CRC32 | F23550CD |
Ssdeep | 12:8muonnzc064c0CrXJWCARyzA7kihEjAQ105c41V3jl1Q1V8wua4t2YZqI0GX6Qn+:8mLzcaxEX4R89AQ105bpqk6qhniynYl |
下载 提交魔盾安全分析 |
文件名 | gamelib.png |
---|---|
相关文件 |
C:\Users\test\AppData\Local\HuofengGameWorld\setting\gamelib.png
|
文件大小 | 2714 字节 |
文件类型 | PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced |
MD5 | f1cd23cec1ad277e34214d8c7458c226 |
SHA1 | 0c3fa5144536b02657276377989cfb36d4c235de |
SHA256 | 2ca40d953b3df2cb71ad3c649af7da3ef47878d0b647aaf803c4080ca292a797 |
CRC32 | FB145C31 |
Ssdeep | 48:ZwqQNn2xwJ3VJc0ssOoqMQV4L9+rXLggPI1Jxbpc48jtyXhSe:XY26JTsstqMQVQsbI1JRpcDsSe |
下载 提交魔盾安全分析 |
文件名 | \xe7\x81\xab\xe5\x87\xa4\xe6\xb8\xb8\xe6\x88\x8f\xe4\xb8\x96\xe7\x95\x8c.lnk |
---|---|
相关文件 |
C:\Users\test\Desktop\\xe7\x81\xab\xe5\x87\xa4\xe6\xb8\xb8\xe6\x88\x8f\xe4\xb8\x96\xe7\x95\x8c.lnk
C:\Users\test\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\\xe7\x81\xab\xe5\x87\xa4\xe6\xb8\xb8\xe6\x88\x8f\xe4\xb8\x96\xe7\x95\x8c.lnk
C:\Users\test\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\\xe7\x81\xab\xe5\x87\xa4\xe6\xb8\xb8\xe6\x88\x8f\xe4\xb8\x96\xe7\x95\x8c.lnk
|
文件大小 | 1129 字节 |
文件类型 | MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Archive, ctime=Thu Dec 10 10:03:00 2015, mtime=Thu Aug 17 04:53:41 2017, atime=Thu Dec 10 10:03:00 2015, length=978096, window=hide |
MD5 | 87a7bfd5ddaed1fc5f2ce5b98eb81598 |
SHA1 | 11dac600655cc2da597ca4ff14d70b879a83bed8 |
SHA256 | 3d2d9de5c60252a8a0a41ccd6763bc4ba40f7be248877f7a492f4c26bd9f7799 |
CRC32 | E74B86A0 |
Ssdeep | 12:87onnzc064c0CrXJWCARyzA7kihEjAQ105MQ1V3jl1Q1VE8bwua4t2YZqI0GX6Q+:8MzcaxEX4R89AQ105xpqJ6qhniynYl |
下载 提交魔盾安全分析 |
文件名 | putdesktop.swf |
---|---|
相关文件 |
C:\Users\test\AppData\Local\HuofengGameWorld\putdesktop.swf
|
文件大小 | 1329 字节 |
文件类型 | Macromedia Flash data (compressed), version 11 |
MD5 | 0571ba1275604adf5d704104a00d51be |
SHA1 | af308ba7bd8bfa9adfe95985bcdb4301136fbc4c |
SHA256 | d4a196da49c78668a36749c868e30759dc8e56d5b8f8c613f864700cd0533ade |
CRC32 | 56CB168D |
Ssdeep | 24:71OU35IrZGklbCkthl5ugKgKrHwvNYzACWdXKq4nA59E94/w5RwFDKFs6yU:7nRk3thrugKXHwvSoXKJA//owDQwU |
Yara |
|
下载 提交魔盾安全分析 |
文件名 | hfg7416.tmp |
---|---|
相关文件 |
C:\Users\test\AppData\Local\Temp\hfg7416.tmp
|
文件大小 | 2708 字节 |
文件类型 | ISO-8859 text, with very long lines, with no line terminators |
MD5 | 8197118a4f423c75d35a188efdd1be38 |
SHA1 | d02d5e61bafa623f53f48bc5281078e55ddcb8a9 |
SHA256 | 3a607eb1a5a50b641f5791d5b8a8aa9b569b69e06d8fbd482f43717336c05cea |
CRC32 | FAFFFAD2 |
Ssdeep | 48:FCL5cwHLLYsLCfp8kDbrgtQ7+fm5gsCI80wmEzFs6LadBq+BP3FOBSQp+CGyaKsV:AL3H+pRD3AQCfFBzFsqadBjB/kBvpcH1 |
下载 提交魔盾安全分析 |
文件名 | id.dat |
---|---|
相关文件 |
C:\Users\test\AppData\Local\HuofengGameWorld\bin\download\id.dat
|
文件大小 | 40 字节 |
文件类型 | ASCII text, with CRLF line terminators |
MD5 | 857163e2b17e92232efe030f677668a1 |
SHA1 | 9ff8f6aa92b696d062f691010066c798a55d4367 |
SHA256 | a6bbbc4ff398ac6b25b7038ea6d1729e40905c4d1e91742f2f301c916679b54c |
CRC32 | 86FEB4B2 |
Ssdeep | 3:q12SVYqYy:q12SVQy |
下载 提交魔盾安全分析 显示文本 | |
[partner] id=80000372 ver = 3.2.1.42 |
文件名 | \xe5\x8d\xb8\xe8\xbd\xbd\xe7\x81\xab\xe5\x87\xa4\xe6\xb8\xb8\xe6\x88\x8f\xe4\xb8\x96\xe7\x95\x8c.lnk |
---|---|
相关文件 |
C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\\xe7\x81\xab\xe5\x87\xa4\xe6\xb8\xb8\xe6\x88\x8f\xe4\xb8\x96\xe7\x95\x8c\\xe5\x8d\xb8\xe8\xbd\xbd\xe7\x81\xab\xe5\x87\xa4\xe6\xb8\xb8\xe6\x88\x8f\xe4\xb8\x96\xe7\x95\x8c.lnk
|
文件大小 | 1030 字节 |
文件类型 | MS Windows shortcut, Item id list present, Has Relative path, Has Working directory, ctime=Sun Dec 31 15:54:17 1600, mtime=Sun Dec 31 15:54:17 1600, atime=Sun Dec 31 15:54:17 1600, length=0, window=hide |
MD5 | ec379e129374e3c0f10a4019b13a3f10 |
SHA1 | 48b23cbc7fda37850a2a71a5e41f32aab0a292e4 |
SHA256 | 451e622775a70d20670f78d79f38f5b09e3a054dc901e76f1d41a1d4375742a9 |
CRC32 | 8A1B756B |
Ssdeep | 12:8wl0aY9/tpf7GyuRq/42d1VITl1Q1Vi/5NJkKAH4t2YZqI0GX:8ppzqRq9dAxqSTHAdq |
下载 提交魔盾安全分析 |
文件名 | HFUILib.dll |
---|---|
相关文件 |
C:\Users\test\AppData\Local\HuofengGameWorld\HFUILib.dll
|
文件大小 | 319664 字节 |
文件类型 | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
MD5 | 010b4d91d539d4e595bc5dfd0cc76d49 |
SHA1 | 0a72003557a8676705ebdbdf23b35f62202d0099 |
SHA256 | 93125bad493948dd0c577623a364751a1c960561a6b933a2c5dfd8b93421dad5 |
CRC32 | BD975B4C |
Ssdeep | 6144:5NJY/UbzDM7Zy1JM+a4E4ttTea21oTJ7VObmXfRR7:2sI9y1JZttL2qTJDX5R7 |
下载 提交魔盾安全分析 |
文件名 | ThunderFW.exe |
---|---|
相关文件 |
C:\Users\test\AppData\Local\HuofengGameWorld\bin\download\ThunderFW.exe
|
文件大小 | 73160 字节 |
文件类型 | PE32 executable (GUI) Intel 80386, for MS Windows |
MD5 | f0372ff8a6148498b19e04203dbb9e69 |
SHA1 | 27fe4b5f8cb9464ab5ddc63e69c3c180b77dbde8 |
SHA256 | 298d334b630c77b70e66cf5e9c1924c7f0d498b02c2397e92e2d9efdff2e1bdf |
CRC32 | 073B7C68 |
Ssdeep | 1536:BG9vRpkFqhyU/v47PZSOKhqTwYu5tEm1n22W:E1RIOAkz5tEmZvW |
魔盾安全分析结果 | 2.8 分析时间:2016-08-26 17:00:50 查看分析报告 |
下载 提交魔盾安全分析 |
文件名 | mygames.png |
---|---|
相关文件 |
C:\Users\test\AppData\Local\HuofengGameWorld\setting\mygames.png
|
文件大小 | 2289 字节 |
文件类型 | PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced |
MD5 | 5cae3b1af2d7fa15a301bd73e57bb6a8 |
SHA1 | 54502662655eac7889fd49b701d2f5f37ea1e219 |
SHA256 | f2af69dd00da4e6b1fe8d930824a892cf0e75c9ae3c7a3132ce66288d17efdcb |
CRC32 | BCA75D22 |
Ssdeep | 48:ZwqQNn2xWJ3GZflvwDtz0lGqD/pod2GGB:XY2DFSolGqlg3GB |
下载 提交魔盾安全分析 |
文件名 | test@hfgame.huofeng[1].txt |
---|---|
相关文件 |
C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\test@hfgame.huofeng[1].txt
|
文件大小 | 85 字节 |
文件类型 | ASCII text |
MD5 | 08a9501f83856d6a315ace0e6e759896 |
SHA1 | 009b0a51c5688345333f164afd47e2105a2725b9 |
SHA256 | 4a2917e99322a9b03424b3c3b9c8adcf1bf81f43cf1d51c03a603d3ed8ae6ff5 |
CRC32 | 99429A0A |
Ssdeep | 3:aAML8BvxWVeWLNNLBvVvmQxmWQFLtWVv:LML8BvQVhPB9zmWQFpWF |
下载 提交魔盾安全分析 显示文本 | |
hfgameinstalled yes hfgame.huofeng.site/ 0 1998739072 31079493 1717974384 30611296 * |
HTML 总结报告 (需15-60分钟同步) |
下载 |
---|
Task ID | 122636 |
---|---|
Mongo ID | 5a33c69ebb7d5720df12a42b |
Cuckoo release | 1.4-Maldun |