分析类型 | 虚拟机标签 | 开始时间 | 结束时间 | 持续时间 |
---|---|---|---|---|
文件 (Windows) | win7-sp1-x64-1 | 2016-09-06 14:55:48 | 2016-09-06 14:58:01 | 133 秒 |
文件名 | IMESEARCH.EXE |
---|---|
文件大小 | 179040 字节 |
文件类型 | PE32+ executable (GUI) x86-64, for MS Windows |
MD5 | e2d6050df3f8b152415160f70955a10c |
SHA1 | baf0d491887e97ec0f92d731464c34bc5eed0a0e |
SHA256 | 34dbc899cb6c5130f5c5e0d6e93a82dc1b5bb6a257c0fef889bcbfc5de798e37 |
SHA512 | 881f3b1439befcba5226819c4ad14b80f7a503849353f7c362c3c7a0bc7cf25affb738ae0116a659202dd954f78d296f03962ba1b91d91bd308dc76042de8cfa |
CRC32 | B1F7A7C5 |
Ssdeep | 3072:CAjTDfsxV104aTQojPjecZbO0XdpolxA9oPm:Cy4xVihTQojPLbOYdpowF |
Yara | 登录查看Yara规则 |
样本下载 提交漏报 |
直接 | IP | 安全评级 | 地理位置 |
---|---|---|---|
否 | 93.46.8.89 | 意大利 | |
否 | 58.211.137.192 | 中国 | |
否 | 23.44.155.27 | 美国 | |
否 | 198.41.215.185 | 美国 | |
否 | 117.18.237.29 | 亚洲太平洋地区 |
初始地址 | 0x140000000 |
---|---|
入口地址 | 0x14000de64 |
声明校验值 | 0x0002dd4e |
实际校验值 | 0x0002dd4e |
最低操作系统版本要求 | 5.2 |
PDB路径 | t:\ime\x64\ship\0\imesearch.pdb\x00ship\0\imesearch.exe\bbtopt\imesearchO.pdb |
编译时间 | 2010-01-21 16:16:50 |
图标 | |
图标精确哈希值 | 29b9e9e440f7450851e365bb04e9af38 |
图标相似性哈希值 | 9d7ff9ec1850152f0c7fa9b0c36b57c1 |
LegalCopyright | |
---|---|
InternalName | |
FileVersion | |
CompanyName | |
LegalTrademarks | |
ProductName | |
ProductVersion | |
FileDescription | |
OriginalFilename | |
Translation |
SHA1 | 时间戳 | 有效性 | 错误 |
---|---|---|---|
a1dc4eef925b328d19e51b789c6e786ba41e275a | Thu Jan 21 16:36:40 2010 | 无 |
证书链 | Certificate Chain 1 |
发行给 | Microsoft Root Authority |
发行人 | Microsoft Root Authority |
有效期 | Thu Dec 31 150000 2020 |
SHA1 哈希 | a43489159a520f0d93d032ccaf37e7fe20a8b419 |
证书链 | Certificate Chain 2 |
发行给 | Microsoft Code Signing PCA |
发行人 | Microsoft Root Authority |
有效期 | Sat Aug 25 150000 2012 |
SHA1 哈希 | 3036e3b25b88a55b86fc90e6e9eaad5081445166 |
证书链 | Certificate Chain 3 |
发行给 | Microsoft Corporation |
发行人 | Microsoft Code Signing PCA |
有效期 | Tue Mar 08 064029 2011 |
SHA1 哈希 | 9617094a1cfb59ae7c1f7dfdb6739e4e7c40508f |
证书链 | Timestamp Chain 1 |
发行给 | Microsoft Root Authority |
发行人 | Microsoft Root Authority |
有效期 | Thu Dec 31 150000 2020 |
SHA1 哈希 | a43489159a520f0d93d032ccaf37e7fe20a8b419 |
证书链 | Timestamp Chain 2 |
发行给 | Microsoft Timestamping PCA |
发行人 | Microsoft Root Authority |
有效期 | Sun Sep 15 150000 2019 |
SHA1 哈希 | 3ea99a60058275e0ed83b892a909449f8c33b245 |
证书链 | Timestamp Chain 3 |
发行给 | Microsoft Time-Stamp Service |
发行人 | Microsoft Timestamping PCA |
有效期 | Fri Jul 26 031115 2013 |
SHA1 哈希 | 4d6f357f0e6434da97b1afc540fb6fdd0e85a89f |
名称 | 虚拟地址 | 虚拟大小 | 原始数据大小 | 特征 | 熵(Entropy) |
---|---|---|---|---|---|
.text | 0x00001000 | 0x00012bbb | 0x00012c00 | IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ | 6.20 |
.rdata | 0x00014000 | 0x000086d4 | 0x00008800 | IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ | 4.40 |
.data | 0x0001d000 | 0x00001188 | 0x00000a00 | IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE | 4.17 |
.pdata | 0x0001f000 | 0x00001818 | 0x00001a00 | IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ | 4.69 |
.rsrc | 0x00021000 | 0x0000c458 | 0x0000c600 | IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ | 4.17 |
.reloc | 0x0002e000 | 0x000001bc | 0x00000200 | IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ | 4.86 |
偏移量 | 0x0002a400 |
大小 | 0x00001760 |
名称 | 偏移量 | 大小 | 语言 | 子语言 | 熵(Entropy) | 文件类型 |
---|---|---|---|---|---|---|
REGISTRY | 0x00021690 | 0x00000300 | LANG_ENGLISH | SUBLANG_ENGLISH_US | 5.30 | ASCII text, with CRLF line terminators |
REGISTRY | 0x00021690 | 0x00000300 | LANG_ENGLISH | SUBLANG_ENGLISH_US | 5.30 | ASCII text, with CRLF line terminators |
TYPELIB | 0x00021990 | 0x00000878 | LANG_CHINESE | SUBLANG_CHINESE_TRADITIONAL | 3.75 | data |
RT_ICON | 0x0002ac88 | 0x00000468 | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.55 | GLS_BINARY_LSB_FIRST |
RT_ICON | 0x0002ac88 | 0x00000468 | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.55 | GLS_BINARY_LSB_FIRST |
RT_ICON | 0x0002ac88 | 0x00000468 | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.55 | GLS_BINARY_LSB_FIRST |
RT_ICON | 0x0002ac88 | 0x00000468 | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.55 | GLS_BINARY_LSB_FIRST |
RT_ICON | 0x0002ac88 | 0x00000468 | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.55 | GLS_BINARY_LSB_FIRST |
RT_ICON | 0x0002ac88 | 0x00000468 | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.55 | GLS_BINARY_LSB_FIRST |
RT_ICON | 0x0002ac88 | 0x00000468 | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.55 | GLS_BINARY_LSB_FIRST |
RT_ICON | 0x0002ac88 | 0x00000468 | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.55 | GLS_BINARY_LSB_FIRST |
RT_ICON | 0x0002ac88 | 0x00000468 | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.55 | GLS_BINARY_LSB_FIRST |
RT_ICON | 0x0002ac88 | 0x00000468 | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.55 | GLS_BINARY_LSB_FIRST |
RT_ICON | 0x0002ac88 | 0x00000468 | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.55 | GLS_BINARY_LSB_FIRST |
RT_DIALOG | 0x0002c02c | 0x00000248 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 4.40 | data |
RT_DIALOG | 0x0002c02c | 0x00000248 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 4.40 | data |
RT_DIALOG | 0x0002c02c | 0x00000248 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 4.40 | data |
RT_DIALOG | 0x0002c02c | 0x00000248 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 4.40 | data |
RT_DIALOG | 0x0002c02c | 0x00000248 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 4.40 | data |
RT_DIALOG | 0x0002c02c | 0x00000248 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 4.40 | data |
RT_DIALOG | 0x0002c02c | 0x00000248 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 4.40 | data |
RT_DIALOG | 0x0002c02c | 0x00000248 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 4.40 | data |
RT_STRING | 0x0002ca64 | 0x00000166 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.78 | data |
RT_STRING | 0x0002ca64 | 0x00000166 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.78 | data |
RT_STRING | 0x0002ca64 | 0x00000166 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.78 | data |
RT_STRING | 0x0002ca64 | 0x00000166 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.78 | data |
RT_STRING | 0x0002ca64 | 0x00000166 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.78 | data |
RT_STRING | 0x0002ca64 | 0x00000166 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.78 | data |
RT_STRING | 0x0002ca64 | 0x00000166 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.78 | data |
RT_STRING | 0x0002ca64 | 0x00000166 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.78 | data |
RT_GROUP_ICON | 0x0002cbcc | 0x000000a0 | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.04 | MS Windows icon resource - 11 icons, 48x48, 256-colors |
RT_VERSION | 0x0002cc6c | 0x00000480 | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.47 | 8086 relocatable (Microsoft) |
RT_MANIFEST | 0x0002d0ec | 0x0000036a | LANG_ENGLISH | SUBLANG_ENGLISH_US | 5.07 | ASCII text, with CRLF line terminators |
防病毒引擎/厂商 | 病毒名/规则匹配 | 病毒库日期 |
---|---|---|
Bkav | 未发现病毒 | 20160604 |
MicroWorld-eScan | 未发现病毒 | 20160605 |
nProtect | 未发现病毒 | 20160603 |
CMC | 未发现病毒 | 20160602 |
CAT-QuickHeal | 未发现病毒 | 20160604 |
ALYac | 未发现病毒 | 20160605 |
Malwarebytes | 未发现病毒 | 20160605 |
VIPRE | 未发现病毒 | 20160605 |
TheHacker | 未发现病毒 | 20160604 |
BitDefender | 未发现病毒 | 20160605 |
K7GW | 未发现病毒 | 20160605 |
K7AntiVirus | 未发现病毒 | 20160605 |
Baidu | 未发现病毒 | 20160603 |
F-Prot | 未发现病毒 | 20160605 |
Symantec | 未发现病毒 | 20160605 |
ESET-NOD32 | 未发现病毒 | 20160604 |
TrendMicro-HouseCall | 未发现病毒 | 20160605 |
Avast | 未发现病毒 | 20160605 |
ClamAV | 未发现病毒 | 20160605 |
GData | 未发现病毒 | 20160605 |
Kaspersky | 未发现病毒 | 20160605 |
Alibaba | 未发现病毒 | 20160603 |
NANO-Antivirus | 未发现病毒 | 20160605 |
ViRobot | 未发现病毒 | 20160604 |
SUPERAntiSpyware | 未发现病毒 | 20160605 |
Rising | 未发现病毒 | 20160605 |
Ad-Aware | 未发现病毒 | 20160605 |
Sophos | 未发现病毒 | 20160605 |
Comodo | 未发现病毒 | 20160605 |
F-Secure | 未发现病毒 | 20160604 |
DrWeb | 未发现病毒 | 20160605 |
Zillya | 未发现病毒 | 20160603 |
TrendMicro | 未发现病毒 | 20160605 |
McAfee-GW-Edition | 未发现病毒 | 20160605 |
Emsisoft | 未发现病毒 | 20160605 |
Cyren | 未发现病毒 | 20160605 |
Jiangmin | 未发现病毒 | 20160605 |
Avira | 未发现病毒 | 20160604 |
Antiy-AVL | 未发现病毒 | 20160605 |
Kingsoft | 未发现病毒 | 20160605 |
Arcabit | 未发现病毒 | 20160605 |
AegisLab | 未发现病毒 | 20160604 |
AhnLab-V3 | 未发现病毒 | 20160604 |
Microsoft | 未发现病毒 | 20160605 |
TotalDefense | 未发现病毒 | 20160605 |
McAfee | 未发现病毒 | 20160605 |
AVware | 未发现病毒 | 20160604 |
VBA32 | 未发现病毒 | 20160603 |
Panda | 未发现病毒 | 20160605 |
Zoner | 未发现病毒 | 20160605 |
Tencent | 未发现病毒 | 20160605 |
Yandex | 未发现病毒 | 20160604 |
Ikarus | 未发现病毒 | 20160605 |
Fortinet | 未发现病毒 | 20160605 |
AVG | 未发现病毒 | 20160605 |
Baidu-International | 未发现病毒 | 20160604 |
Qihoo-360 | 未发现病毒 | 20160605 |
直接 | IP | 安全评级 | 地理位置 |
---|---|---|---|
否 | 93.46.8.89 | 意大利 | |
否 | 58.211.137.192 | 中国 | |
否 | 23.44.155.27 | 美国 | |
否 | 198.41.215.185 | 美国 | |
否 | 117.18.237.29 | 亚洲太平洋地区 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.70 | 49358 | 111.108.54.16 | 80 |
192.168.122.70 | 49352 | 117.18.237.29 ocsp.digicert.com | 80 |
192.168.122.70 | 49345 | 178.255.83.1 | 80 |
192.168.122.70 | 49353 | 198.41.215.185 ocsp.msocsp.com | 80 |
192.168.122.70 | 49340 | 23.44.155.27 ss.symcd.com | 80 |
192.168.122.70 | 49343 | 23.44.155.27 ss.symcd.com | 80 |
192.168.122.70 | 49354 | 23.44.155.27 ss.symcd.com | 80 |
192.168.122.70 | 49355 | 23.44.155.27 ss.symcd.com | 80 |
192.168.122.70 | 49357 | 23.44.155.27 ss.symcd.com | 80 |
192.168.122.70 | 49341 | 58.211.137.192 ocsp2.globalsign.com | 80 |
192.168.122.70 | 49350 | 58.211.137.192 ocsp2.globalsign.com | 80 |
192.168.122.70 | 49359 | 58.211.137.192 ocsp2.globalsign.com | 80 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.70 | 49587 | 192.168.122.1 | 53 |
192.168.122.70 | 49765 | 192.168.122.1 | 53 |
192.168.122.70 | 50445 | 192.168.122.1 | 53 |
192.168.122.70 | 51014 | 192.168.122.1 | 53 |
192.168.122.70 | 53017 | 192.168.122.1 | 53 |
192.168.122.70 | 54315 | 192.168.122.1 | 53 |
192.168.122.70 | 55256 | 192.168.122.1 | 53 |
192.168.122.70 | 55583 | 192.168.122.1 | 53 |
192.168.122.70 | 57997 | 192.168.122.1 | 53 |
192.168.122.70 | 59456 | 192.168.122.1 | 53 |
192.168.122.70 | 60311 | 192.168.122.1 | 53 |
192.168.122.70 | 60614 | 192.168.122.1 | 53 |
192.168.122.70 | 61230 | 192.168.122.1 | 53 |
192.168.122.70 | 62263 | 192.168.122.1 | 53 |
192.168.122.70 | 63780 | 192.168.122.1 | 53 |
192.168.122.70 | 64732 | 192.168.122.1 | 53 |
192.168.122.70 | 65053 | 192.168.122.1 | 53 |
192.168.122.70 | 65064 | 192.168.122.1 | 53 |
192.168.122.70 | 65276 | 192.168.122.1 | 53 |
192.168.122.70 | 137 | 192.168.122.255 | 137 |
192.168.122.70 | 138 | 192.168.122.255 | 138 |
192.168.122.70 | 5355 | 192.168.122.69 | 53197 |
192.168.122.70 | 49465 | 224.0.0.252 | 5355 |
192.168.122.70 | 49475 | 224.0.0.252 | 5355 |
192.168.122.70 | 49500 | 224.0.0.252 | 5355 |
192.168.122.70 | 49534 | 224.0.0.252 | 5355 |
192.168.122.70 | 49957 | 224.0.0.252 | 5355 |
192.168.122.70 | 50117 | 224.0.0.252 | 5355 |
192.168.122.70 | 51346 | 224.0.0.252 | 5355 |
192.168.122.70 | 51435 | 224.0.0.252 | 5355 |
192.168.122.70 | 53257 | 224.0.0.252 | 5355 |
192.168.122.70 | 54110 | 224.0.0.252 | 5355 |
192.168.122.70 | 54662 | 224.0.0.252 | 5355 |
192.168.122.70 | 54690 | 224.0.0.252 | 5355 |
192.168.122.70 | 54923 | 224.0.0.252 | 5355 |
192.168.122.70 | 55465 | 224.0.0.252 | 5355 |
192.168.122.70 | 56181 | 224.0.0.252 | 5355 |
192.168.122.70 | 59175 | 224.0.0.252 | 5355 |
192.168.122.70 | 59247 | 224.0.0.252 | 5355 |
192.168.122.70 | 59255 | 224.0.0.252 | 5355 |
192.168.122.70 | 59558 | 224.0.0.252 | 5355 |
192.168.122.70 | 60069 | 224.0.0.252 | 5355 |
192.168.122.70 | 60304 | 224.0.0.252 | 5355 |
192.168.122.70 | 60339 | 224.0.0.252 | 5355 |
192.168.122.70 | 61171 | 224.0.0.252 | 5355 |
192.168.122.70 | 61458 | 224.0.0.252 | 5355 |
192.168.122.70 | 61735 | 224.0.0.252 | 5355 |
192.168.122.70 | 61978 | 224.0.0.252 | 5355 |
192.168.122.70 | 62141 | 224.0.0.252 | 5355 |
192.168.122.70 | 62909 | 224.0.0.252 | 5355 |
192.168.122.70 | 63048 | 224.0.0.252 | 5355 |
192.168.122.70 | 57195 | 239.255.255.250 | 1900 |
192.168.122.70 | 123 | 52.169.179.91 | 123 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.70 | 49358 | 111.108.54.16 | 80 |
192.168.122.70 | 49352 | 117.18.237.29 ocsp.digicert.com | 80 |
192.168.122.70 | 49345 | 178.255.83.1 | 80 |
192.168.122.70 | 49353 | 198.41.215.185 ocsp.msocsp.com | 80 |
192.168.122.70 | 49340 | 23.44.155.27 ss.symcd.com | 80 |
192.168.122.70 | 49343 | 23.44.155.27 ss.symcd.com | 80 |
192.168.122.70 | 49354 | 23.44.155.27 ss.symcd.com | 80 |
192.168.122.70 | 49355 | 23.44.155.27 ss.symcd.com | 80 |
192.168.122.70 | 49357 | 23.44.155.27 ss.symcd.com | 80 |
192.168.122.70 | 49341 | 58.211.137.192 ocsp2.globalsign.com | 80 |
192.168.122.70 | 49350 | 58.211.137.192 ocsp2.globalsign.com | 80 |
192.168.122.70 | 49359 | 58.211.137.192 ocsp2.globalsign.com | 80 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.70 | 49587 | 192.168.122.1 | 53 |
192.168.122.70 | 49765 | 192.168.122.1 | 53 |
192.168.122.70 | 50445 | 192.168.122.1 | 53 |
192.168.122.70 | 51014 | 192.168.122.1 | 53 |
192.168.122.70 | 53017 | 192.168.122.1 | 53 |
192.168.122.70 | 54315 | 192.168.122.1 | 53 |
192.168.122.70 | 55256 | 192.168.122.1 | 53 |
192.168.122.70 | 55583 | 192.168.122.1 | 53 |
192.168.122.70 | 57997 | 192.168.122.1 | 53 |
192.168.122.70 | 59456 | 192.168.122.1 | 53 |
192.168.122.70 | 60311 | 192.168.122.1 | 53 |
192.168.122.70 | 60614 | 192.168.122.1 | 53 |
192.168.122.70 | 61230 | 192.168.122.1 | 53 |
192.168.122.70 | 62263 | 192.168.122.1 | 53 |
192.168.122.70 | 63780 | 192.168.122.1 | 53 |
192.168.122.70 | 64732 | 192.168.122.1 | 53 |
192.168.122.70 | 65053 | 192.168.122.1 | 53 |
192.168.122.70 | 65064 | 192.168.122.1 | 53 |
192.168.122.70 | 65276 | 192.168.122.1 | 53 |
192.168.122.70 | 137 | 192.168.122.255 | 137 |
192.168.122.70 | 138 | 192.168.122.255 | 138 |
192.168.122.70 | 5355 | 192.168.122.69 | 53197 |
192.168.122.70 | 49465 | 224.0.0.252 | 5355 |
192.168.122.70 | 49475 | 224.0.0.252 | 5355 |
192.168.122.70 | 49500 | 224.0.0.252 | 5355 |
192.168.122.70 | 49534 | 224.0.0.252 | 5355 |
192.168.122.70 | 49957 | 224.0.0.252 | 5355 |
192.168.122.70 | 50117 | 224.0.0.252 | 5355 |
192.168.122.70 | 51346 | 224.0.0.252 | 5355 |
192.168.122.70 | 51435 | 224.0.0.252 | 5355 |
192.168.122.70 | 53257 | 224.0.0.252 | 5355 |
192.168.122.70 | 54110 | 224.0.0.252 | 5355 |
192.168.122.70 | 54662 | 224.0.0.252 | 5355 |
192.168.122.70 | 54690 | 224.0.0.252 | 5355 |
192.168.122.70 | 54923 | 224.0.0.252 | 5355 |
192.168.122.70 | 55465 | 224.0.0.252 | 5355 |
192.168.122.70 | 56181 | 224.0.0.252 | 5355 |
192.168.122.70 | 59175 | 224.0.0.252 | 5355 |
192.168.122.70 | 59247 | 224.0.0.252 | 5355 |
192.168.122.70 | 59255 | 224.0.0.252 | 5355 |
192.168.122.70 | 59558 | 224.0.0.252 | 5355 |
192.168.122.70 | 60069 | 224.0.0.252 | 5355 |
192.168.122.70 | 60304 | 224.0.0.252 | 5355 |
192.168.122.70 | 60339 | 224.0.0.252 | 5355 |
192.168.122.70 | 61171 | 224.0.0.252 | 5355 |
192.168.122.70 | 61458 | 224.0.0.252 | 5355 |
192.168.122.70 | 61735 | 224.0.0.252 | 5355 |
192.168.122.70 | 61978 | 224.0.0.252 | 5355 |
192.168.122.70 | 62141 | 224.0.0.252 | 5355 |
192.168.122.70 | 62909 | 224.0.0.252 | 5355 |
192.168.122.70 | 63048 | 224.0.0.252 | 5355 |
192.168.122.70 | 57195 | 239.255.255.250 | 1900 |
192.168.122.70 | 123 | 52.169.179.91 | 123 |
URI | HTTP数据 |
---|---|
URL专业沙箱检测 -> http://ss.symcd.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTRsWSLjJ8N0Wujis0rUBfV%2Bc%2FAZAQUX2DPYZBV34RDFIpgKrL1evRDGO8CEFYLnHjjHwADjD39iRSceNk%3D | GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBTRsWSLjJ8N0Wujis0rUBfV%2Bc%2FAZAQUX2DPYZBV34RDFIpgKrL1evRDGO8CEFYLnHjjHwADjD39iRSceNk%3D HTTP/1.1 Cache-Control: max-age = 471898 Connection: Keep-Alive Accept: */* If-Modified-Since: Fri, 22 Jan 2016 20:24:23 GMT User-Agent: Microsoft-CryptoAPI/6.1 Host: ss.symcd.com |
URL专业沙箱检测 -> http://ocsp2.globalsign.com/gsorganizationvalg2/MFMwUTBPME0wSzAJBgUrDgMCGgUABBReGXQV%2FtqUV3SNMRE%2Bs25eR%2FvhjwQUXUayjcRLdBy77fVztjq3OI91nn4CEhEhyNkSBZL0u2zY4jc9udsWFw%3D%3D | GET /gsorganizationvalg2/MFMwUTBPME0wSzAJBgUrDgMCGgUABBReGXQV%2FtqUV3SNMRE%2Bs25eR%2FvhjwQUXUayjcRLdBy77fVztjq3OI91nn4CEhEhyNkSBZL0u2zY4jc9udsWFw%3D%3D HTTP/1.1 Cache-Control: max-age = 180 Connection: Keep-Alive Accept: */* If-Modified-Since: Sun, 24 Jan 2016 08:12:59 GMT User-Agent: Microsoft-CryptoAPI/6.1 Host: ocsp2.globalsign.com |
URL专业沙箱检测 -> http://tl.symcd.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSFBjxN%2BWY73bfUnSOp7HDKJ%2Fbx0wQUV4abVLi%2BpimK5PbC4hMYiYXN3LcCEFV%2F%2FzzjA%2F6oY6Vtno9bzTU%3D | GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBSFBjxN%2BWY73bfUnSOp7HDKJ%2Fbx0wQUV4abVLi%2BpimK5PbC4hMYiYXN3LcCEFV%2F%2FzzjA%2F6oY6Vtno9bzTU%3D HTTP/1.1 Cache-Control: max-age = 381196 Connection: Keep-Alive Accept: */* If-Modified-Since: Thu, 21 Jan 2016 16:19:41 GMT User-Agent: Microsoft-CryptoAPI/6.1 Host: tl.symcd.com |
URL专业沙箱检测 -> http://ocsp.usertrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBR8sWZUnKvbRO5iJhat9GV793rVlAQUrb2YejS0Jvf6xCZU7wO94CTLVBoCECdm7lbrSfOOq9dwovyE3iI%3D | GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBR8sWZUnKvbRO5iJhat9GV793rVlAQUrb2YejS0Jvf6xCZU7wO94CTLVBoCECdm7lbrSfOOq9dwovyE3iI%3D HTTP/1.1 Cache-Control: max-age = 311241 Connection: Keep-Alive Accept: */* If-Modified-Since: Sat, 23 Jan 2016 23:57:39 GMT User-Agent: Microsoft-CryptoAPI/6.1 Host: ocsp.usertrust.com |
URL专业沙箱检测 -> http://ocsp.globalsign.com/rootr1/MEwwSjBIMEYwRDAJBgUrDgMCGgUABBS3V7W2nAf4FiMTjpDJKg6%2BMgGqMQQUYHtmGkUNl8qJUC99BM00qP%2F8%2FUsCCwQAAAAAAURO8EJH | GET /rootr1/MEwwSjBIMEYwRDAJBgUrDgMCGgUABBS3V7W2nAf4FiMTjpDJKg6%2BMgGqMQQUYHtmGkUNl8qJUC99BM00qP%2F8%2FUsCCwQAAAAAAURO8EJH HTTP/1.1 Cache-Control: max-age = 10800 Connection: Keep-Alive Accept: */* If-Modified-Since: Sun, 24 Jan 2016 05:50:23 GMT If-None-Match: "611749fc10ad79b9b9cd23c4bf787c5ae78576ef" User-Agent: Microsoft-CryptoAPI/6.1 Host: ocsp.globalsign.com |
URL专业沙箱检测 -> http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTfqhLjKLEJQZPin0KCzkdAQpVYowQUsT7DaQP4v0cB1JgmGggC72NkK8MCEAx5qUSwjBGVIJJhX%2BJrHYM%3D | GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBTfqhLjKLEJQZPin0KCzkdAQpVYowQUsT7DaQP4v0cB1JgmGggC72NkK8MCEAx5qUSwjBGVIJJhX%2BJrHYM%3D HTTP/1.1 Cache-Control: max-age = 500863 Connection: Keep-Alive Accept: */* If-Modified-Since: Sat, 23 Jan 2016 22:46:14 GMT If-None-Match: "56a402b6-1d7" User-Agent: Microsoft-CryptoAPI/6.1 Host: ocsp.digicert.com |
URL专业沙箱检测 -> http://ocsp.msocsp.com/MFQwUjBQME4wTDAJBgUrDgMCGgUABBQmECJms4f7i5EbxtN7NbzQCBwAdAQUUa8kJpz0aCJXgCYrO0ZiFXsezKUCE1oAAN43VPPQBXGCMiwAAQAA3jc%3D | GET /MFQwUjBQME4wTDAJBgUrDgMCGgUABBQmECJms4f7i5EbxtN7NbzQCBwAdAQUUa8kJpz0aCJXgCYrO0ZiFXsezKUCE1oAAN43VPPQBXGCMiwAAQAA3jc%3D HTTP/1.1 Cache-Control: max-age = 10800 Connection: Keep-Alive Accept: */* If-Modified-Since: Sun, 24 Jan 2016 06:30:15 GMT If-None-Match: "77a3ed05d7337d023a726d1efae9caf1857cedc9" User-Agent: Microsoft-CryptoAPI/6.1 Host: ocsp.msocsp.com |
URL专业沙箱检测 -> http://ss.symcd.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTRsWSLjJ8N0Wujis0rUBfV%2Bc%2FAZAQUX2DPYZBV34RDFIpgKrL1evRDGO8CEC7Ss3YcBffkpx9UsN1ZWpU%3D | GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBTRsWSLjJ8N0Wujis0rUBfV%2Bc%2FAZAQUX2DPYZBV34RDFIpgKrL1evRDGO8CEC7Ss3YcBffkpx9UsN1ZWpU%3D HTTP/1.1 Cache-Control: max-age = 535551 Connection: Keep-Alive Accept: */* If-Modified-Since: Sat, 23 Jan 2016 14:04:33 GMT User-Agent: Microsoft-CryptoAPI/6.1 Host: ss.symcd.com |
URL专业沙箱检测 -> http://s.symcd.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBS56bKHAoUD%2BOyl%2B0LhPg9JxyQm4gQUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMCEBkaMst1nJe4z6wRjdUSf0k%3D | GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBS56bKHAoUD%2BOyl%2B0LhPg9JxyQm4gQUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMCEBkaMst1nJe4z6wRjdUSf0k%3D HTTP/1.1 Cache-Control: max-age = 584283 Connection: Keep-Alive Accept: */* If-Modified-Since: Sun, 24 Jan 2016 03:35:04 GMT User-Agent: Microsoft-CryptoAPI/6.1 Host: s.symcd.com |
URL专业沙箱检测 -> http://ocsp.verisign.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRIt2RJ89X%2B%2BhEzqoBeQg8PymQ2UQQUANhaTCXBIuWLMe9tuvPMXynxDWECEDWXMYfzhzoHMn7OWAybfto%3D | GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBRIt2RJ89X%2B%2BhEzqoBeQg8PymQ2UQQUANhaTCXBIuWLMe9tuvPMXynxDWECEDWXMYfzhzoHMn7OWAybfto%3D HTTP/1.1 Cache-Control: max-age = 361610 Connection: Keep-Alive Accept: */* If-Modified-Since: Thu, 21 Jan 2016 13:39:51 GMT User-Agent: Microsoft-CryptoAPI/6.1 Host: ocsp.verisign.com |
URL专业沙箱检测 -> http://crl.microsoft.com/pki/crl/products/MicCodSigPCA_08-31-2010.crl | GET /pki/crl/products/MicCodSigPCA_08-31-2010.crl HTTP/1.1 Cache-Control: max-age = 900 Connection: Keep-Alive Accept: */* If-Modified-Since: Sat, 28 Nov 2015 06:02:10 GMT If-None-Match: "4ea8b151a229d11:0" User-Agent: Microsoft-CryptoAPI/6.1 Host: crl.microsoft.com |
URL专业沙箱检测 -> http://ocsp2.globalsign.com/gsorganizationvalsha2g2/MFMwUTBPME0wSzAJBgUrDgMCGgUABBQMnk2cPe3vhNiR6XLHz4QGvBl7BwQUlt5h8b0cFilTHMDMfTuDAEDmGnwCEhEhGuAGlWtDRHAtLRzCaILaCA%3D%3D | GET /gsorganizationvalsha2g2/MFMwUTBPME0wSzAJBgUrDgMCGgUABBQMnk2cPe3vhNiR6XLHz4QGvBl7BwQUlt5h8b0cFilTHMDMfTuDAEDmGnwCEhEhGuAGlWtDRHAtLRzCaILaCA%3D%3D HTTP/1.1 Cache-Control: max-age = 180 Connection: Keep-Alive Accept: */* If-Modified-Since: Sun, 24 Jan 2016 03:25:57 GMT User-Agent: Microsoft-CryptoAPI/6.1 Host: ocsp2.globalsign.com |
无SMTP流量.
无IRC请求.
无ICMP流量.
无 CIF 结果
无警报
No TLS
No Suricata HTTP
HTML 总结报告 (需15-60分钟同步) |
下载 |
---|
Task ID | 16175 |
---|---|
Mongo ID | 57ce692a4d3bd048e498298a |
Cuckoo release | 1.4-Maldun |