恶意软件分析 & URL链接扫描免费在线病毒分析平台

分析任务

分析类型	虚拟机标签	开始时间	结束时间	持续时间
URL	win7-sp1-x64-hpdapp03-1	2018-05-21 14:24:17	2018-05-21 14:26:40	143 秒

魔盾分数

1.25

正常的

URL详细信息

URL
URL专业沙箱检测 -> http://www.99hua.cn

登录查看威胁特征

运行截图

访问主机纪录 (可点击查询WPING实时安全评级)

直接	IP	安全评级	地理位置
否	103.47.81.74	未知	中国
否	120.27.176.31	未知	中国
否	216.168.252.240	未知	美国
否	23.35.171.27	未知	美国
否	58.218.215.188	未知	中国

域名解析 (可点击查询WPING实时安全评级)

域名	安全评级	响应
www.99hua.cn	未知	A 103.47.81.74
s.symcd.com	CNAME ocsp-ds.ws.symantec.com.edgekey.net CNAME e8218.dscb1.akamaiedge.net A 23.35.171.27
trustasia2-ocsp.digitalcertvalidation.com	CNAME ee-ocsp-origin.ws.symantec.com A 216.168.252.240
img.99hua.cn	未知	A 120.27.176.31 CNAME 99huacn.oss-cn-hangzhou.aliyuncs.com
s13.cnzz.com	A 58.218.215.188 CNAME all.cnzz.com.danuoyi.tbcache.com CNAME c.cnzz.com
ocsp.globalsign.com	A 124.232.157.102 CNAME global.prd.cdn.globalsign.com CNAME globalsign.com.w.kunlunar.com
crl.globalsign.com

摘要

登录查看详细行为信息

URL分析
防病毒引擎

WHOIS 信息

Name: None
Country: None
State: None
City: None
ZIP Code: None
Address: None

Orginization: None
Domain Name(s):
    99hua.cn
Creation Date:
    None
Updated Date:
    None
Expiration Date:
    None
Email(s):
    1094262686@qq.com

Registrar(s):
    阿里云计算有限公司（万网）
Name Server(s):
    vip1.alidns.com
    vip2.alidns.com
Referral URL(s):
    None

没有防病毒引擎扫描信息!

进程树

iexplore.exe id: 2060
- iexplore.exe id: 2332

iexplore.exe, PID: 2060, 上一级进程 PID: 1896

缺省注册表文件系统网络进程线程服务设备同步加密浏览器全部

iexplore.exe, PID: 2332, 上一级进程 PID: 2060

缺省注册表文件系统网络进程线程服务设备同步加密浏览器全部

下载PCAP包

访问主机纪录 (可点击查询WPING实时安全评级)

直接	IP	安全评级	地理位置
否	103.47.81.74	未知	中国
否	120.27.176.31	未知	中国
否	216.168.252.240	未知	美国
否	23.35.171.27	未知	美国
否	58.218.215.188	未知	中国

TCP

源地址	源端口	目标地址	目标端口
192.168.122.201	49160	103.47.81.74 www.99hua.cn	80
192.168.122.201	49161	103.47.81.74 www.99hua.cn	443
192.168.122.201	49179	103.47.81.74 www.99hua.cn	443
192.168.122.201	49180	103.47.81.74 www.99hua.cn	443
192.168.122.201	49185	103.47.81.74 www.99hua.cn	443
192.168.122.201	49186	103.47.81.74 www.99hua.cn	443
192.168.122.201	49187	103.47.81.74 www.99hua.cn	443
192.168.122.201	49188	103.47.81.74 www.99hua.cn	443
192.168.122.201	49204	103.47.81.74 www.99hua.cn	443
192.168.122.201	49207	104.84.150.159	80
192.168.122.201	49189	120.27.176.31 img.99hua.cn	80
192.168.122.201	49197	124.232.157.102 ocsp.globalsign.com	80
192.168.122.201	49199	124.232.157.102 ocsp.globalsign.com	80
192.168.122.201	49201	124.232.157.102 ocsp.globalsign.com	80
192.168.122.201	49163	216.168.252.240 trustasia2-ocsp.digitalcertvalidation.com	80
192.168.122.201	49162	23.35.171.27 s.symcd.com	80
192.168.122.201	49196	58.218.215.188 s13.cnzz.com	443

UDP

源地址	源端口	目标地址	目标端口
192.168.122.201	49651	192.168.122.1	53
192.168.122.201	49686	192.168.122.1	53
192.168.122.201	50771	192.168.122.1	53
192.168.122.201	51412	192.168.122.1	53
192.168.122.201	52308	192.168.122.1	53
192.168.122.201	52918	192.168.122.1	53
192.168.122.201	53726	192.168.122.1	53
192.168.122.201	54016	192.168.122.1	53
192.168.122.201	56184	192.168.122.1	53
192.168.122.201	57842	192.168.122.1	53

域名解析 (可点击查询WPING实时安全评级)

域名	安全评级	响应
www.99hua.cn	未知	A 103.47.81.74
s.symcd.com	CNAME ocsp-ds.ws.symantec.com.edgekey.net CNAME e8218.dscb1.akamaiedge.net A 23.35.171.27
trustasia2-ocsp.digitalcertvalidation.com	CNAME ee-ocsp-origin.ws.symantec.com A 216.168.252.240
img.99hua.cn	未知	A 120.27.176.31 CNAME 99huacn.oss-cn-hangzhou.aliyuncs.com
s13.cnzz.com	A 58.218.215.188 CNAME all.cnzz.com.danuoyi.tbcache.com CNAME c.cnzz.com
ocsp.globalsign.com	A 124.232.157.102 CNAME global.prd.cdn.globalsign.com CNAME globalsign.com.w.kunlunar.com
crl.globalsign.com

TCP

源地址	源端口	目标地址	目标端口
192.168.122.201	49160	103.47.81.74 www.99hua.cn	80
192.168.122.201	49161	103.47.81.74 www.99hua.cn	443
192.168.122.201	49179	103.47.81.74 www.99hua.cn	443
192.168.122.201	49180	103.47.81.74 www.99hua.cn	443
192.168.122.201	49185	103.47.81.74 www.99hua.cn	443
192.168.122.201	49186	103.47.81.74 www.99hua.cn	443
192.168.122.201	49187	103.47.81.74 www.99hua.cn	443
192.168.122.201	49188	103.47.81.74 www.99hua.cn	443
192.168.122.201	49204	103.47.81.74 www.99hua.cn	443
192.168.122.201	49207	104.84.150.159	80
192.168.122.201	49189	120.27.176.31 img.99hua.cn	80
192.168.122.201	49197	124.232.157.102 ocsp.globalsign.com	80
192.168.122.201	49199	124.232.157.102 ocsp.globalsign.com	80
192.168.122.201	49201	124.232.157.102 ocsp.globalsign.com	80
192.168.122.201	49163	216.168.252.240 trustasia2-ocsp.digitalcertvalidation.com	80
192.168.122.201	49162	23.35.171.27 s.symcd.com	80
192.168.122.201	49196	58.218.215.188 s13.cnzz.com	443

UDP

源地址	源端口	目标地址	目标端口
192.168.122.201	49651	192.168.122.1	53
192.168.122.201	49686	192.168.122.1	53
192.168.122.201	50771	192.168.122.1	53
192.168.122.201	51412	192.168.122.1	53
192.168.122.201	52308	192.168.122.1	53
192.168.122.201	52918	192.168.122.1	53
192.168.122.201	53726	192.168.122.1	53
192.168.122.201	54016	192.168.122.1	53
192.168.122.201	56184	192.168.122.1	53
192.168.122.201	57842	192.168.122.1	53

HTTP 请求

URI	HTTP数据
URL专业沙箱检测 -> http://www.99hua.cn/	GET / HTTP/1.1 Accept: / Referer: http://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=27&ved=0CCEQfjbElwZFVwZ25JWHlhcUdmREdMd3plc292&url=http%3A%2F%2Fwww.99hua.cn&ei=Z2Z2bk1QWURTWmhX&usg=AFQjVmtBVUNOUmlSa2NR Accept-Language: zh-cn User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: www.99hua.cn Connection: Keep-Alive
URL专业沙箱检测 -> http://s.symcd.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBS56bKHAoUD%2BOyl%2B0LhPg9JxyQm4gQUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMCEDoQDn8QnhrFnMX%2F9kDV5EI%3D	GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBS56bKHAoUD%2BOyl%2B0LhPg9JxyQm4gQUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMCEDoQDn8QnhrFnMX%2F9kDV5EI%3D HTTP/1.1 Connection: Keep-Alive Accept: / User-Agent: Microsoft-CryptoAPI/6.1 Host: s.symcd.com
URL专业沙箱检测 -> http://trustasia2-ocsp.digitalcertvalidation.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQU6t%2BBMB%2FDbQ8aI8T6DPv4QwTshQQUbVjHfxrn4T8upoyXNUK79NM4rD8CEDThbjIxA%2BsI1WWsVga%2Fg0A%3D	GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQU6t%2BBMB%2FDbQ8aI8T6DPv4QwTshQQUbVjHfxrn4T8upoyXNUK79NM4rD8CEDThbjIxA%2BsI1WWsVga%2Fg0A%3D HTTP/1.1 Connection: Keep-Alive Accept: / User-Agent: Microsoft-CryptoAPI/6.1 Host: trustasia2-ocsp.digitalcertvalidation.com
URL专业沙箱检测 -> http://img.99hua.cn/data/gallery_album/2/thumb_img/1517251314931877586.jpg	GET /data/gallery_album/2/thumb_img/1517251314931877586.jpg HTTP/1.1 Accept: / Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: img.99hua.cn Connection: Keep-Alive
URL专业沙箱检测 -> http://ocsp.globalsign.com/rootr1/MEwwSjBIMEYwRDAJBgUrDgMCGgUABBS3V7W2nAf4FiMTjpDJKg6%2BMgGqMQQUYHtmGkUNl8qJUC99BM00qP%2F8%2FUsCCwQAAAAAAURO8EJH	GET /rootr1/MEwwSjBIMEYwRDAJBgUrDgMCGgUABBS3V7W2nAf4FiMTjpDJKg6%2BMgGqMQQUYHtmGkUNl8qJUC99BM00qP%2F8%2FUsCCwQAAAAAAURO8EJH HTTP/1.1 Connection: Keep-Alive Accept: / User-Agent: Microsoft-CryptoAPI/6.1 Host: ocsp.globalsign.com
URL专业沙箱检测 -> http://ocsp2.globalsign.com/gsorganizationvalsha2g2/ME0wSzBJMEcwRTAJBgUrDgMCGgUABBQMnk2cPe3vhNiR6XLHz4QGvBl7BwQUlt5h8b0cFilTHMDMfTuDAEDmGnwCDGxjRxAlYW3DKTBxjg%3D%3D	GET /gsorganizationvalsha2g2/ME0wSzBJMEcwRTAJBgUrDgMCGgUABBQMnk2cPe3vhNiR6XLHz4QGvBl7BwQUlt5h8b0cFilTHMDMfTuDAEDmGnwCDGxjRxAlYW3DKTBxjg%3D%3D HTTP/1.1 Connection: Keep-Alive Accept: / User-Agent: Microsoft-CryptoAPI/6.1 Host: ocsp2.globalsign.com
URL专业沙箱检测 -> http://crl.globalsign.com/gs/gsorganizationvalsha2g2.crl	GET /gs/gsorganizationvalsha2g2.crl HTTP/1.1 Connection: Keep-Alive Accept: / User-Agent: Microsoft-CryptoAPI/6.1 Host: crl.globalsign.com
URL专业沙箱检测 -> http://crl.microsoft.com/pki/crl/products/tspca.crl	GET /pki/crl/products/tspca.crl HTTP/1.1 Cache-Control: max-age = 900 Connection: Keep-Alive Accept: / If-Modified-Since: Sat, 24 May 2014 05:04:54 GMT If-None-Match: "8ab194b3d77cf1:0" User-Agent: Microsoft-CryptoAPI/6.1 Host: crl.microsoft.com

SMTP 流量

无SMTP流量.

IRC 流量

无IRC请求.

ICMP 流量

源地址	目标地址	ICMP类型
103.47.81.74	192.168.122.201	3
103.47.81.74	192.168.122.201	3
103.47.81.74	192.168.122.201	3
103.47.81.74	192.168.122.201	3
103.47.81.74	192.168.122.201	3
103.47.81.74	192.168.122.201	3

CIF 报告

无 CIF 结果

网络警报

无警报

TLS

Timestamp	Source IP	Source Port	Destination IP	Destination Port	Version	Issuer	Subject	Fingerprint
2018-05-21 14:24:36.527729+0800	192.168.122.201	49161	103.47.81.74	443	TLS 1.2	C=CN, O=TrustAsia Technologies, Inc., OU=Symantec Trust Network, OU=Domain Validated SSL, CN=TrustAsia DV SSL CA - G5	CN=www.99hua.cn	76:ad:ef:60:76:51:01:72:6e:8e:54:33:30:de:22:0c:5b:ea:e7:66
2018-05-21 14:24:42.524567+0800	192.168.122.201	49180	103.47.81.74	443	TLS 1.2	C=CN, O=TrustAsia Technologies, Inc., OU=Symantec Trust Network, OU=Domain Validated SSL, CN=TrustAsia DV SSL CA - G5	CN=www.99hua.cn	76:ad:ef:60:76:51:01:72:6e:8e:54:33:30:de:22:0c:5b:ea:e7:66
2018-05-21 14:24:42.524371+0800	192.168.122.201	49179	103.47.81.74	443	TLS 1.2	C=CN, O=TrustAsia Technologies, Inc., OU=Symantec Trust Network, OU=Domain Validated SSL, CN=TrustAsia DV SSL CA - G5	CN=www.99hua.cn	76:ad:ef:60:76:51:01:72:6e:8e:54:33:30:de:22:0c:5b:ea:e7:66
2018-05-21 14:24:42.749861+0800	192.168.122.201	49187	103.47.81.74	443	TLS 1.2	C=CN, O=TrustAsia Technologies, Inc., OU=Symantec Trust Network, OU=Domain Validated SSL, CN=TrustAsia DV SSL CA - G5	CN=www.99hua.cn	76:ad:ef:60:76:51:01:72:6e:8e:54:33:30:de:22:0c:5b:ea:e7:66
2018-05-21 14:24:42.757780+0800	192.168.122.201	49186	103.47.81.74	443	TLS 1.2	C=CN, O=TrustAsia Technologies, Inc., OU=Symantec Trust Network, OU=Domain Validated SSL, CN=TrustAsia DV SSL CA - G5	CN=www.99hua.cn	76:ad:ef:60:76:51:01:72:6e:8e:54:33:30:de:22:0c:5b:ea:e7:66
2018-05-21 14:24:42.766435+0800	192.168.122.201	49196	58.218.215.188	443	TLS 1.2	C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2	C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.cnzz.com	66:4d:a5:95:02:54:b9:fe:f9:7c:1e:ed:cb:24:ad:d8:5b:8a:06:42
2018-05-21 14:24:42.749425+0800	192.168.122.201	49185	103.47.81.74	443	TLS 1.2	C=CN, O=TrustAsia Technologies, Inc., OU=Symantec Trust Network, OU=Domain Validated SSL, CN=TrustAsia DV SSL CA - G5	CN=www.99hua.cn	76:ad:ef:60:76:51:01:72:6e:8e:54:33:30:de:22:0c:5b:ea:e7:66
2018-05-21 14:24:42.764503+0800	192.168.122.201	49188	103.47.81.74	443	TLS 1.2	C=CN, O=TrustAsia Technologies, Inc., OU=Symantec Trust Network, OU=Domain Validated SSL, CN=TrustAsia DV SSL CA - G5	CN=www.99hua.cn	76:ad:ef:60:76:51:01:72:6e:8e:54:33:30:de:22:0c:5b:ea:e7:66
2018-05-21 14:24:43.403498+0800	192.168.122.201	49204	103.47.81.74	443	TLS 1.2	C=CN, O=TrustAsia Technologies, Inc., OU=Symantec Trust Network, OU=Domain Validated SSL, CN=TrustAsia DV SSL CA - G5	CN=www.99hua.cn	76:ad:ef:60:76:51:01:72:6e:8e:54:33:30:de:22:0c:5b:ea:e7:66

Suricata HTTP

No Suricata HTTP

未发现网络提取文件

文件名	8828F39C7C0CE9A14B25C7EB321181BA_979616258BF86589758CB5080464F37F
相关文件	C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8828F39C7C0CE9A14B25C7EB321181BA_979616258BF86589758CB5080464F37F
文件大小	1754 字节
文件类型	data
MD5	69a53d133545bef3f31745d6bf8a0e54
SHA1	a9873f5ea5ba2dccc73c76266fee1ef2ac9990ba
SHA256	25e19faee43f7bb30760b2371fe94b747feea9cc9ef07af7ad216b88a1ea9213
CRC32	D12B03D5
Ssdeep	48:vJqqe2fYvILLoW+6aCzUzbQUT4Xb6yJo6:vJHkjCzWbLT4L6m/
	下载提交魔盾安全分析

文件名	ectouch_qrcode[1].png
相关文件	C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\ectouch_qrcode[1].png
文件大小	41195 字节
文件类型	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 430x430, frames 3
MD5	7514a395fbea2546d283ca0a54a0c46f
SHA1	d031c0c14ba1956fefd35ba6bc97444528bccb16
SHA256	0a364e8636947c0ddded74bc2762d8eb51b0ecc700eeca647a2a16becd9c594e
CRC32	371D441F
Ssdeep	768:IJyqa/gScFAAQJ25K4Q5gTg8kSS00tCFILt:IhxAAQcICJY00AqLt
	下载提交魔盾安全分析

文件名	1517251314931877586[1].jpg
相关文件	C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\1517251314931877586[1].jpg
文件大小	22312 字节
文件类型	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 240x240, frames 3
MD5	845872b2ced25e6b6bf0d88220e7d0b6
SHA1	02198f797921843d14f48951adee43019ce53ea8
SHA256	d8bf23a947d7cc414a7b4fce1b9f48881a0e326b456ee09fa17273610de5bb90
CRC32	BE68071F
Ssdeep	384:bA1gqvLsf+XCE/rMCZGIuJB7LpPc+a6HZJvEYhft0KF764VGryfbmjOuXAD:bfqvg2XCED6IuJpTnvX8KF764VGxj7AD
	下载提交魔盾安全分析

文件名	test@www.99hua[1].txt
相关文件	C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\test@www.99hua[1].txt
文件大小	86 字节
文件类型	ASCII text
MD5	c3b54b5d502f796929abeb748ae92e0f
SHA1	8101757896e9e9c5111631ca17081700d66ff767
SHA256	0c90c6dab962a4474f675b58f36473bfd3199540f36d5bffe22142e60941361b
CRC32	82D24CCD
Ssdeep	3:iUZBLz/7c7RnM9JXJcaR4S6VbOoDv:jBLz/OMLJz6NOQv
	下载提交魔盾安全分析显示文本
real_ipd 116.226.213.121 www.99hua.cn/ 1024 2599843456 30667039 3798738512 30666978 *

文件名	test@www.99hua[1].txt
相关文件	C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\test@www.99hua[1].txt
文件大小	740 字节
文件类型	ASCII text
MD5	66a7d6ca0b1d1bacaaf379fe8cbd52ac
SHA1	6935369ea967e82be7207c1b16ce839bd6981bd7
SHA256	985e208d7ac77178e4b0ad8b020e3438132607240fbb39b372d7a83dd6a3eb0e
CRC32	32249A72
Ssdeep	12:dLzR92NOjR92NOUBocOK7yV1C7yV1/7yV1rO7yV1rO7yV1UeUPBocfu:dLddtdUBocOKnsOOOOLBocfu
	下载提交魔盾安全分析显示文本
real_ipd 116.226.213.121 www.99hua.cn/ 1024 2599843456 30667039 3798738512 30666978 * dsc_real_ip 116.226.213.121 www.99hua.cn/ 1024 2599843456 30667039 3798888512 30666978 * ECS[visit_times] 1 www.99hua.cn/ 1024 871229056 30740314 3799048512 30666978 * province 25 www.99hua.cn/ 1024 3012273792 30672923 3799048512 30666978 * city 321 www.99hua.cn/ 1024 3012273792 30672923 3799208512 30666978 * district 2703 www.99hua.cn/ 1024 3012273792 30672923 3799358512 30666978 * street 0 www.99hua.cn/ 1024 3012273792 30672923 3799358512 30666978 * street_area 0 www.99hua.cn/ 1024 3012273792 30672923 3799518512 30666978 * session_id_ip 116.226.213.121_8373098dc91fab84f7c3bd36d0183fb8 www.99hua.cn/ 1024 871229056 30740314 3799668512 30666978 *

文件名	56DF9C887E29914A4E2783A18E23D2DD
相关文件	C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\56DF9C887E29914A4E2783A18E23D2DD
文件大小	1615 字节
文件类型	data
MD5	229619ceb9271ef31abccc2a58ff6e7f
SHA1	c58dc54ff55d76d8045f00fedb7860ab3f061f42
SHA256	d8dc75a6bef74bfcf1ba5713960633d20d0774f24039e4464f3a7e03342af49b
CRC32	060932AD
Ssdeep	48:bfTnROau63zyGV/CZtQOmWiTyNbh5HTFS:brRQ6l5CZtQOmWMgTHZS
	下载提交魔盾安全分析

文件名	A053CFB63FC8E6507871752236B5CCD5_2033A640C71BC0AB949022F9AF176D31
相关文件	C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A053CFB63FC8E6507871752236B5CCD5_2033A640C71BC0AB949022F9AF176D31
文件大小	532 字节
文件类型	data
MD5	7d0c84763c8062bd608aba2b1dfbcf18
SHA1	421fdef1f83cac4f247875c4586d6c142a207094
SHA256	7e2892b3aba77f4f6375a4a0af742cf9efc07879065ff731dc323f4c41cf7cfd
CRC32	4BE0D8A0
Ssdeep	12:7bl/JWzf8ClDC3bgLzK8sFFyOJQlUsyrMOU7T+FIa6:7B/JgEme3ELmvPyOJQ6QOU7T+a
	下载提交魔盾安全分析

文件名	MSIMGSIZ.DAT
相关文件	C:\Users\test\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT
文件大小	16384 字节
文件类型	data
MD5	6bd17071798e7b450047a82017bb14e1
SHA1	b79bd3abafddc5b6f8f07ace904ee2ee2250366e
SHA256	1d383c2ce74a9a1c5de2488c8b5fd5f259c343ec2e65dbbe12968a1613f07d21
CRC32	7025AB1D
Ssdeep	48:jGQhN7sXHWrVmqESaakad5PIy+9/8Jrc1jdSM9PdYzz7el:CBXHbbSrka5PIL8mpd7Pwz76
	下载提交魔盾安全分析

文件名	index.dat
相关文件	C:\Users\test\AppData\Roaming\Microsoft\Windows\IECompatCache\index.dat
文件大小	65536 字节
文件类型	Internet Explorer cache file version Ver 5.2
MD5	0ee0d92f5ad9cd4d354a120734ae8e5e
SHA1	a3d2338356b933a1240f053b89efe7f1b5e63353
SHA256	bd15c1573c53ac40e26c307c00be243ace57eb5fd0d2879349b24832d2e7a771
CRC32	36F430F7
Ssdeep	384:wEEG/+oo0M7hPfdoW7QRyUEZeluUFyvp64PBhqNLguX3/5YSHYjitk9t7sub/2Iw:wEEG/+Rg
	下载提交魔盾安全分析

文件名	26FAECAB15AD715CB7849E2211F9473B
相关文件	C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\26FAECAB15AD715CB7849E2211F9473B
文件大小	136817 字节
文件类型	data
MD5	d756a2dbc6ae9bc042215af5e58848dc
SHA1	6f8a2db29467261876a9ba8daa03bc233d2bd5a9
SHA256	82ea8a204699d000a911192929b6fe7aa032ac05546ba64cd15b16684daddaf9
CRC32	A665890E
Ssdeep	1536:tUwZxwB6oFtKkZeuKmcmetlFOGgwpZHv5DxMMAjogTehygLCkAYy4+0H:dPHkZeudDB8P3MbmhygxAYyE
	下载提交魔盾安全分析

文件名	test@www.99hua[1].txt
相关文件	C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\test@www.99hua[1].txt
文件大小	397 字节
文件类型	ASCII text
MD5	aace596260db9a78731095c8bb95c550
SHA1	949e37c83079f2df320c7b2a100afc3b5fe32736
SHA256	fca943229260386c1e02138745eda9b3eeaae327a990bbf7e671645dcdfbd6d7
CRC32	60FCB72C
Ssdeep	6:jBLz/OMLJz6NOQFUz/OMLJz6NOna+R6oMBocz8mKpM7yV1k5n85M7yV1k52v:dLzR92NOjR92NOUBocOK7yV1C7yV1F
	下载提交魔盾安全分析显示文本
real_ipd 116.226.213.121 www.99hua.cn/ 1024 2599843456 30667039 3798738512 30666978 * dsc_real_ip 116.226.213.121 www.99hua.cn/ 1024 2599843456 30667039 3798888512 30666978 * ECS[visit_times] 1 www.99hua.cn/ 1024 871229056 30740314 3799048512 30666978 * province 25 www.99hua.cn/ 1024 3012273792 30672923 3799048512 30666978 * city 321 www.99hua.cn/ 1024 3012273792 30672923 3799208512 30666978 *

文件名	index.dat
相关文件	C:\Users\test\AppData\Local\Microsoft\Feeds Cache\index.dat
文件大小	32768 字节
文件类型	Internet Explorer cache file version Ver 5.2
MD5	0aee387ca0a52dcdd8f8a29ea76edb42
SHA1	5df81547dcadb2a7b8bc689da8e1383ba1a84cb9
SHA256	c31bc37e102b70a472837d530ec80bdaea28b0fefda3e9aa8c8cda98c4200c4e
CRC32	B451CA0B
Ssdeep	12:qjtSaFpbZli3zIoYDPO7em4GZj03W/cKYDPOCG5A30WUsOXQDG9YRm4GZ5:qj4avEIoYTCebGZ7ZYTlEJ0oQQ4bGZ
魔盾安全分析结果	2.0 分析时间：2016-11-06 20:10:20 查看分析报告
	下载提交魔盾安全分析

文件名	test@www.99hua[2].txt
相关文件	C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\test@www.99hua[2].txt
文件大小	617 字节
文件类型	ASCII text
MD5	53ae03e5a5316a4a6a51d931d7541df2
SHA1	1f2fae5fd39fcf235d22afa52dd8bc6baa4310df
SHA256	6a6733debaf1615bd76fd43bfd9b41a285ff0c8ba3d2bcaf95d2569688800043
CRC32	D64AE508
Ssdeep	12:dLzR92NOjR92NOUBocOK7yV1C7yV1/7yV1rO7yV1rO7yV1R:dLddtdUBocOKnsOOOOc
	下载提交魔盾安全分析显示文本
real_ipd 116.226.213.121 www.99hua.cn/ 1024 2599843456 30667039 3798738512 30666978 * dsc_real_ip 116.226.213.121 www.99hua.cn/ 1024 2599843456 30667039 3798888512 30666978 * ECS[visit_times] 1 www.99hua.cn/ 1024 871229056 30740314 3799048512 30666978 * province 25 www.99hua.cn/ 1024 3012273792 30672923 3799048512 30666978 * city 321 www.99hua.cn/ 1024 3012273792 30672923 3799208512 30666978 * district 2703 www.99hua.cn/ 1024 3012273792 30672923 3799358512 30666978 * street 0 www.99hua.cn/ 1024 3012273792 30672923 3799358512 30666978 * street_area 0 www.99hua.cn/ 1024 3012273792 30672923 3799518512 30666978 *

文件名	56DF9C887E29914A4E2783A18E23D2DD
相关文件	C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\56DF9C887E29914A4E2783A18E23D2DD
文件大小	460 字节
文件类型	data
MD5	cef9f5154ad276c691e3bf6b2e15cb3b
SHA1	1678405ed7d4a5c17af3c0d827aae5fe50192d3b
SHA256	447a02828416e3d20e7d6f1b6f5ecbf948d0a5a34100213d7d815c433f054456
CRC32	117252EF
Ssdeep	6:kK5lwMltl3sYO05slCLIm9GlKpivhClroFFqfAl1+ajhyFlLPR1aeshMoolglylr:sktVd75DDiv8sFFqo3fyFZPRQesaoolB
	下载提交魔盾安全分析

文件名	index.dat
相关文件	C:\Users\test\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012018052220180523\index.dat
文件大小	32768 字节
文件类型	Internet Explorer cache file version Ver 5.2
MD5	40b38d28f36d7e2253b3627135d67691
SHA1	b9d501af28d509197b802fdbb8abd216b36ae296
SHA256	ee6e28f4b30d76f517b868ec9a421bf25a6ee2c4d2b89d2ab696256d06b8a6c2
CRC32	8A74AEA2
Ssdeep	6:qjyxXK68lb3StyK6tlnFMtXBi2OLpIsxy3StyK6BFMtXBi6I:qjRf34wFSBi2734ASBi
	下载提交魔盾安全分析

文件名	26FAECAB15AD715CB7849E2211F9473B
相关文件	C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\26FAECAB15AD715CB7849E2211F9473B
文件大小	230 字节
文件类型	data
MD5	fa574dcb7b0fc5e55aed9919a79ed263
SHA1	995100098c3371874f4510afbd6cfc34471ff162
SHA256	0888df3d9c482c2aaea155c73bb8f00388fc5f4c7c93f8d91dfccbdf9efb98f7
CRC32	3B32FF33
Ssdeep	6:kKfNtlqHnI1DpWhliKxlCPiRxElDC3g1j:3NtUo3WzfVClDC3Wj
	下载提交魔盾安全分析

文件名	test@www.99hua[2].txt
相关文件	C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\test@www.99hua[2].txt
文件大小	472 字节
文件类型	ASCII text
MD5	4d9293c27fe96b4b796224526c37f5c5
SHA1	a9fa91f2ef523ce2739b9185e725432634445a82
SHA256	f42803ad948f0e0046c82c3a73916f3bfc1e3965275dfdc18638ec804726e88c
CRC32	9F480AC3
Ssdeep	12:dLzR92NOjR92NOUBocOK7yV1C7yV1/7yV1r/:dLddtdUBocOKnsO/
	下载提交魔盾安全分析显示文本
real_ipd 116.226.213.121 www.99hua.cn/ 1024 2599843456 30667039 3798738512 30666978 * dsc_real_ip 116.226.213.121 www.99hua.cn/ 1024 2599843456 30667039 3798888512 30666978 * ECS[visit_times] 1 www.99hua.cn/ 1024 871229056 30740314 3799048512 30666978 * province 25 www.99hua.cn/ 1024 3012273792 30672923 3799048512 30666978 * city 321 www.99hua.cn/ 1024 3012273792 30672923 3799208512 30666978 * district 2703 www.99hua.cn/ 1024 3012273792 30672923 3799358512 30666978 *

文件名	{963CAD64-5CBF-11E8-91CC-525400E1D82E}.dat
相关文件	C:\Users\test\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{963CAD64-5CBF-11E8-91CC-525400E1D82E}.dat
文件大小	5632 字节
文件类型	Composite Document File V2 Document, Cannot read section info
MD5	142f8b827379610c300b4a935cbbe98a
SHA1	4c9c93bd8ab40cdc5d1ae088651c77b35ce6c1d2
SHA256	0001a2ddf7dad675ddf79115ed429cd2d8d096c22e1e8f450a83bd8b7468c408
CRC32	6B5F8F71
Ssdeep	24:rI0A7oGu8jS7S85MN46llcZTPvnNlVouDOdMHowUbOcIqk08NlVouDbc2ouAQy:rXA7oGRS7SIm6Z7lo0Od8GUo0bcHQy
	下载提交魔盾安全分析

文件名	ACF244F1A10D4DBED0D88EBA0C43A9B5_16756CC7371BB76A269719AA1471E96C
相关文件	C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\ACF244F1A10D4DBED0D88EBA0C43A9B5_16756CC7371BB76A269719AA1471E96C
文件大小	492 字节
文件类型	data
MD5	7193e96fd3310d1c49973c95d5826a06
SHA1	9d7e2808eee7de708b9c8e7e9be4b540c62c6076
SHA256	45fb4906e175c6b9910d974b1379ba12098ea94c2a25e6244787c8df67eb8a25
CRC32	B066E9F8
Ssdeep	12:gppBkXvk3OD7DWzF0Y1oOkksFyR7uE9SsAUOlJCb3jcclmlOM:gpp8D7DgF0WoLnYRd8JUKYL4clm1
	下载提交魔盾安全分析

文件名	8828F39C7C0CE9A14B25C7EB321181BA_979616258BF86589758CB5080464F37F
相关文件	C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8828F39C7C0CE9A14B25C7EB321181BA_979616258BF86589758CB5080464F37F
文件大小	396 字节
文件类型	data
MD5	f5f615aa7b2e9f120cf6bf29092fd48a
SHA1	3e0a7d169a4fb8a695b5d01a899fe20c3dc230e8
SHA256	2975ab08ae87f48b3fa15f459b706e8bdb8501297d54fb42e7f340c9736ec539
CRC32	7A470220
Ssdeep	6:kKHlvc2syMNsgDkBXivhClroFHP7jDsczlGSuZrgglHnGnylOSn:1syslDyXiv8sFzjD9zlUZrggPlF
	下载提交魔盾安全分析

文件名	test@www.99hua[1].txt
相关文件	C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\test@www.99hua[1].txt
文件大小	542 字节
文件类型	ASCII text
MD5	459390cbe5c36389abb989261826a284
SHA1	c90bf18faf3e4904f83a235e9a2c95629df97ce0
SHA256	d512e3cd2e33f518f3c773a8ff41d4272e2f43d3ed0688cf9a10af52759b978e
CRC32	B9EBF42B
Ssdeep	12:dLzR92NOjR92NOUBocOK7yV1C7yV1/7yV1rO7yV1r/:dLddtdUBocOKnsOOO/
	下载提交魔盾安全分析显示文本
real_ipd 116.226.213.121 www.99hua.cn/ 1024 2599843456 30667039 3798738512 30666978 * dsc_real_ip 116.226.213.121 www.99hua.cn/ 1024 2599843456 30667039 3798888512 30666978 * ECS[visit_times] 1 www.99hua.cn/ 1024 871229056 30740314 3799048512 30666978 * province 25 www.99hua.cn/ 1024 3012273792 30672923 3799048512 30666978 * city 321 www.99hua.cn/ 1024 3012273792 30672923 3799208512 30666978 * district 2703 www.99hua.cn/ 1024 3012273792 30672923 3799358512 30666978 * street 0 www.99hua.cn/ 1024 3012273792 30672923 3799358512 30666978 *

文件名	index.dat
相关文件	C:\Users\test\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
文件大小	262144 字节
文件类型	Internet Explorer cache file version Ver 5.2
MD5	fbe6ba880d1f6cadfd771536120f2c73
SHA1	34b1a30160c6c7675a5c69b62d98661ab7a494bb
SHA256	a2cdabb3fc43f2e94ca47fac764eea7819768bdf094690a6369be41fc4a5fd01
CRC32	E94B92FD
Ssdeep	768:pFFwZHojCtOlWNw3nsiMsieuugxdKOri:rFwZIjCtkWm3siMbeuugxdKoi
	下载提交魔盾安全分析

文件名	test@www.99hua[2].txt
相关文件	C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\test@www.99hua[2].txt
文件大小	175 字节
文件类型	ASCII text
MD5	31e867f14a05bc4492da218361d1b9bd
SHA1	5026074e6ba64d9caeea7ba927667985cf919cf7
SHA256	36824fd46093373b2b18b5aa4475ef1e1aa9141e4f2000871d2b4d43aa372cc9
CRC32	3095A4EF
Ssdeep	3:iUZBLz/7c7RnM9JXJcaR4S6VbOoDeQ/UMQz/7c7RnM9JXJcaR4S6VbOnav:jBLz/OMLJz6NOQFUz/OMLJz6NOnav
	下载提交魔盾安全分析显示文本
real_ipd 116.226.213.121 www.99hua.cn/ 1024 2599843456 30667039 3798738512 30666978 * dsc_real_ip 116.226.213.121 www.99hua.cn/ 1024 2599843456 30667039 3798888512 30666978 *

文件名	dsc-common[1].js
相关文件	C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\dsc-common[1].js
文件大小	141108 字节
文件类型	UTF-8 Unicode text, with very long lines, with CRLF line terminators
MD5	88c963634675ea933ef09de05d4dfb6e
SHA1	73939fc49443dcc40af00607340f825a2e7af572
SHA256	e837dcca7ffb00c963bac7b3bc06ce8552389b5f2ce1fb3c1b510db19bdfd2fe
CRC32	0A87B45D
Ssdeep	1536:SJCnTSR17DSN57qdoKAlU90vabGZxClwEnXbx7GrMw4CcoUSA4:7nTSR1a2dj190vabGZxClwEnXb94
Yara	Rule to detect the no presence of any image Rule to detect the no presence of any attachment Rule to detect the no presence of any url
	下载提交魔盾安全分析显示文本
/* Name:dsc-common.js Author:ecmoban Team sunle Description:Commonly used JS Date:2017-02-06 15:30:30 / / \xe5\x85\xa8\xe5\xb1\x80\xe5\x8f\x98\xe9\x87\x8f / var user_id = $("input[name='user_id']").val(), //\xe4\xbc\x9a\xe5\x91\x98ID goods_id = 0, //\xe5\x95\x86\xe5\x93\x81ID ru_id = 0, //\xe5\x95\x86\xe5\xae\xb6ID store_id = 0, //\xe9\x97\xa8\xe5\xba\x97ID hoverTimer = '', outTimer = '', doc = $(document); $(function(){ /*********************************** \xe9\x80\x9a\xe7\x94\xa8\xe5\x86\x85\xe5\xae\xb9start *************************************/ // \xe9\xa1\xb6\xe9\x83\xa8\xe5\xbf\xab\xe6\x8d\xb7\xe6\xa0\x8f \xe5\x9c\xb0\xe5\x8c\xba\xe5\x88\x87\xe6\x8d\xa2 and \xe7\xbd\x91\xe7\xab\x99\xe5\xaf\xbc\xe8\x88\xaa $("[data-ectype='dorpdown']").hover(function(){ $(this).addClass("hover"); },function(){ $(this).removeClass("hover"); }); //\xe9\xa1\xb6\xe9\x83\xa8\xe5\xbf\xab\xe6\x8d\xb7\xe6\xa0\x8f \xe5\x9c\xb0\xe5\x8c\xba\xe9\x80\x89\xe6\x8b\xa9 $("[data-ectype='dorpdown'] [ectype='dsc-choie']").on("mouseenter",function(){ $("[ectype='dsc-choie-content']").html(load_cart_info); $.jqueryAjax('get_ajax_content.php', 'act=insert_header_region', function(data){ if(data.content){ $("[ectype='dsc-choie-content']").html(data.content); } }); }); // \xe9\x9d\xa2\xe5\x8c\x85\xe5\xb1\x91 $(".crumbs-nav-item .menu-drop").hover(function(){ $(this).addClass("menu-drop-open"); },function(){ $(this).removeClass("menu-drop-open"); }); //\xe8\xbf\x94\xe5\x9b\x9e\xe9\xa1\xb6\xe9\x83\xa8 doc.on("click","[ectype='returnTop']",function(){ $("body,html").animate({scrollTop:0}); }); //top_banner\xe5\x85\xb3\xe9\x97\xad $("*[ectype='close']").click(function(){ $(this).parents(".top-banner").hide(); }); //\xe5\xba\x95\xe9\x83\xa8\xe4\xba\x8c\xe7\xbb\xb4\xe7\xa0\x81\xe5\x88\x87\xe6\x8d\xa2 $(".help-scan .tabs li").hover(function(){ var t = $(this); var index = t.index(); t.addClass("curr").siblings().removeClass("curr"); $(".code").find(".code_tp").eq(index).show().siblings().hide(); }); //\xe4\xbb\xb7\xe6\xa0\xbc\xe7\xad\x9b\xe9\x80\x89 $(".fP-box input").click(function(){ $('.fP-expand').show(); }); //\xe4\xbb\xb7\xe6\xa0\xbc\xe7\xad\x9b\xe9\x80\x89\xe6\x8f\x90\xe4\xba\xa4 $('.ui-btn-submit').click(function(){ var min_price = Number($(".price-min").val()); var max_price = Number($(".price-max").val()); if(min_price == '' && max_price == ''){ pbDialog(json_languages.screen_price,"",0); return false; }else if( <truncated>

文件名	logo[1].gif
相关文件	C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\logo[1].gif
文件大小	8693 字节
文件类型	PNG image data, 243 x 70, 8-bit/color RGBA, non-interlaced
MD5	7aed3b461c82619d9656f8d1b2a5d373
SHA1	ba5f68b0babfef52df378c1858c799589700aeed
SHA256	fa54f8e4ebb5449c2a7692595f6e6057477bf06a721556b1c6b45b5a7c8799e2
CRC32	DC96367F
Ssdeep	192:kXUyUDbjDfuQ3i98I9s5J0lk6pn+Bygni382Q0UC4OJ5ncvstw:cUyUDs9u5J0lkykuQ0UClJ5cMw
	下载提交魔盾安全分析

文件名	touxiang[1].jpg
相关文件	C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\touxiang[1].jpg
文件大小	668192 字节
文件类型	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2017 (Macintosh), datetime=2017:03:20 10:23:29]
MD5	b7d59b3450860e7d62f0254a919410b1
SHA1	f51474cf8c71cf87cc04929704e862d33aeff00d
SHA256	ca46fb6ab1207c1e32e0a7bb45d36b7d4a4861649968ba4d6ff9e9554495f7e2
CRC32	D87CDA4B
Ssdeep	6144:ATSvMtfjWDT0qef8ZunOt0kUBFWg+Yr/xK1:kjWc0Zun6UBN/Q1
	下载提交魔盾安全分析

文件名	1512774347060105383[1].png
相关文件	C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\1512774347060105383[1].png
文件大小	16384 字节
文件类型	PNG image data, 1920 x 459, 8-bit/color RGBA, non-interlaced
MD5	131929a9e61fa14f25e884e1c6f88f46
SHA1	19d11567eb9fd7983d6f6fb49faf290239247639
SHA256	d997160542158523e3749fef77c7656aecd37f78241ad032e755bd38e129faa5
CRC32	D8AFF878
Ssdeep	384:fOz7BcSFI7TKl8MMjf8H5xx9Rl1OKmvoetP+YinYYU:fKBcSsw83jGDll1svoYbYU
	下载提交魔盾安全分析

文件名	ACF244F1A10D4DBED0D88EBA0C43A9B5_16756CC7371BB76A269719AA1471E96C
相关文件	C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\ACF244F1A10D4DBED0D88EBA0C43A9B5_16756CC7371BB76A269719AA1471E96C
文件大小	1517 字节
文件类型	data
MD5	c16c2ebe63ab81db7afc25c711dce67c
SHA1	32253d58489e57d69c1ccb901cbc061bf897527d
SHA256	0a4dc68c995b718541be5e08108f2fd99551a98cb45b176364ce8d8b08ba82cf
CRC32	E448B27A
Ssdeep	24:I6aMpU4HEqPdMFTccuH/bNs7EuPPw4FcKaHTKruWl0yVgSp2hWFionwIcC:gMjHRlGwcuH/bNgEuH1FJaHTGuUg1xot
	下载提交魔盾安全分析

文件名	test@www.99hua[2].txt
相关文件	C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\test@www.99hua[2].txt
文件大小	327 字节
文件类型	ASCII text
MD5	12949bd331fc949037be429c15f4dc89
SHA1	c738f9909035687d0436d6e6ec2232a9ef0627db
SHA256	56c391577e3d48895986360a10d561c2c3ff6a87152709595e9aa36b7269ac97
CRC32	6A5A721C
Ssdeep	6:jBLz/OMLJz6NOQFUz/OMLJz6NOna+R6oMBocz8mKpM7yV1k5n8v:dLzR92NOjR92NOUBocOK7yV1X
	下载提交魔盾安全分析显示文本
real_ipd 116.226.213.121 www.99hua.cn/ 1024 2599843456 30667039 3798738512 30666978 * dsc_real_ip 116.226.213.121 www.99hua.cn/ 1024 2599843456 30667039 3798888512 30666978 * ECS[visit_times] 1 www.99hua.cn/ 1024 871229056 30740314 3799048512 30666978 * province 25 www.99hua.cn/ 1024 3012273792 30672923 3799048512 30666978 *

文件名	favicon[1].png
相关文件	C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\favicon[1].png
文件大小	1552 字节
文件类型	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
MD5	d11759ea7a758952a35512510948dbaf
SHA1	b3954d5386cd05413c4e75878dffe99fd087c459
SHA256	2e6191e2b988c411577c018379f0dcae79cefa07ae7528b5b918e9525d3e8d62
CRC32	BCF5B6FE
Ssdeep	48:C6AcJ45KIECJtTG+h/tbPXv+ShTdO+3qc:wcJDbohGQBfdhTdOi
	下载提交魔盾安全分析

文件名	A053CFB63FC8E6507871752236B5CCD5_2033A640C71BC0AB949022F9AF176D31
相关文件	C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A053CFB63FC8E6507871752236B5CCD5_2033A640C71BC0AB949022F9AF176D31
文件大小	1570 字节
文件类型	data
MD5	d04933f99b6eb8518a30e159c627cadb
SHA1	6eff12950bf6d7d2dcdefdeb61287166f3e16590
SHA256	215da21c2b117c376cf1a5dcc8a3acf7bbe4c2f9b154e27f2463859be871636f
CRC32	3C1758F8
Ssdeep	24:C/NYaAalEJ2nGEUAxEk7HXABK76KBgY6kZ9qBeeCpXsAxOsYPMrIpOhZO/K5Gtat:iailEbEr2GwBCdfjSwIpOhs/Rot
	下载提交魔盾安全分析

文件名	ecjia_qrcode[1].png
相关文件	C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEL4YQ7U\ecjia_qrcode[1].png
文件大小	25309 字节
文件类型	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 344x344, frames 3
MD5	39529fdcc5d1d9673e5aac0b9e14b9bc
SHA1	64e8fe55d2517ebbcef1f2e89f922d67a26abb3f
SHA256	a1d33c7098195fae65a42219c9d22724f4349173d538f3446f521f8f781fe08f
CRC32	C4007506
Ssdeep	384:EtnNNG6UU+fp/mn7Wd3M5Is0QiEDlkNE5SGU0ZrDCs8qYyl2isPH:EtnKU+g7W5UIs0QiA1bse2isf
	下载提交魔盾安全分析

文件名	RecoveryStore.{963CAD63-5CBF-11E8-91CC-525400E1D82E}.dat
相关文件	C:\Users\test\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{963CAD63-5CBF-11E8-91CC-525400E1D82E}.dat
文件大小	3584 字节
文件类型	Composite Document File V2 Document, Cannot read section info
MD5	30cbefceeb90e4d1316a3759781ddfc2
SHA1	cd7be170c756b50df4cea9c0731d0b6b2039fd95
SHA256	f97a8e69960eddd63cca3604918d58c6011c8a723e4c852edbcc5bcf39bebe54
CRC32	51C0DCBE
Ssdeep	12:rl0YmGF2HrEg5+IaCrI017+FuzDrEgmf+IaCy8qgQNlTqopxlJSzxlwxl:rIH5/53Gv/TQNlWoT
	下载提交魔盾安全分析

文件名	test@www.99hua[1].txt
相关文件	C:\Users\test\AppData\Roaming\Microsoft\Windows\Cookies\test@www.99hua[1].txt
文件大小	254 字节
文件类型	ASCII text
MD5	5b7d1ca09c0a995e4be71c9955b09d8e
SHA1	fa3f245fab2dbf844b63398dc6c301a918a5ab47
SHA256	9d9a95dc630acfac38e5628435558e428dc5c8ae319cebaf981f1d4de174397f
CRC32	EFBC2AE5
Ssdeep	6:jBLz/OMLJz6NOQFUz/OMLJz6NOna+R6oMBocz8v:dLzR92NOjR92NOUBocq
	下载提交魔盾安全分析显示文本
real_ipd 116.226.213.121 www.99hua.cn/ 1024 2599843456 30667039 3798738512 30666978 * dsc_real_ip 116.226.213.121 www.99hua.cn/ 1024 2599843456 30667039 3798888512 30666978 * ECS[visit_times] 1 www.99hua.cn/ 1024 871229056 30740314 3799048512 30666978 *

HTML 总结报告 (需15-60分钟同步)	下载

Processing ( 33.235 seconds )

21.242 NetworkAnalysis
7.488 Suricata
1.932 BehaviorAnalysis
1.09 VirusTotal
0.947 Dropped
0.374 AnalysisInfo
0.099 Static
0.062 Debug
0.001 Memory

Signatures ( 3.34 seconds )

1.516 md_url_bl
0.923 md_bad_drop
0.154 antiav_detectreg
0.095 stealth_timeout
0.082 api_spamming
0.057 infostealer_ftp
0.036 antivm_generic_scsi
0.033 infostealer_im
0.032 antianalysis_detectreg
0.029 md_domain_bl
0.02 stealth_file
0.019 antivm_generic_services
0.018 infostealer_mail
0.015 mimics_filetime
0.015 antivm_generic_disk
0.015 antiav_detectfile
0.014 shifu_behavior
0.012 virus
0.011 bootkit
0.01 infostealer_bitcoin
0.009 geodo_banking_trojan
0.008 dridex_behavior
0.008 stealth_network
0.008 betabot_behavior
0.008 kibex_behavior
0.008 antivm_xen_keys
0.008 darkcomet_regkeys
0.007 vawtrak_behavior
0.007 antivm_parallels_keys
0.006 antiemu_wine_func
0.006 hancitor_behavior
0.006 persistence_autorun
0.006 antivm_vbox_files
0.005 infostealer_browser_password
0.005 kovter_behavior
0.005 antivm_generic_diskreg
0.005 ransomware_extensions
0.005 ransomware_files
0.004 clickfraud_cookies
0.004 ransomware_message
0.004 antidbg_windows
0.004 recon_fingerprint
0.003 andromeda_behavior
0.003 hawkeye_behavior
0.003 injection_createremotethread
0.003 antivm_vbox_libs
0.003 dead_connect
0.003 antisandbox_productid
0.003 disables_browser_warn
0.002 tinba_behavior
0.002 network_tor
0.002 rat_nanocore
0.002 antiav_avast_libs
0.002 stack_pivot
0.002 sets_autoconfig_url
0.002 Locky_behavior
0.002 antisandbox_sunbelt_libs
0.002 kazybot_behavior
0.002 cerber_behavior
0.002 injection_runpe
0.002 securityxploded_modules
0.002 cryptowall_behavior
0.002 antidbg_devices
0.002 antivm_xen_keys
0.002 antivm_hyperv_keys
0.002 antivm_vbox_acpi
0.002 antivm_vbox_keys
0.002 antivm_vmware_keys
0.002 antivm_vpc_keys
0.002 browser_security
0.002 bypass_firewall
0.002 network_torgateway
0.002 packer_armadillo_regkey
0.001 internet_dropper
0.001 disables_spdy
0.001 upatre_behavior
0.001 rat_luminosity
0.001 network_anomaly
0.001 injection_explorer
0.001 heapspray_js
0.001 antisandbox_sboxie_libs
0.001 ipc_namedpipe
0.001 antiav_bitdefender_libs
0.001 dyre_behavior
0.001 exec_crash
0.001 antivm_vmware_events
0.001 ispy_behavior
0.001 disables_wfp
0.001 antianalysis_detectfile
0.001 antivm_generic_bios
0.001 antivm_generic_cpu
0.001 antivm_generic_system
0.001 antivm_vmware_files
0.001 bot_drive
0.001 bot_drive2
0.001 browser_addon
0.001 codelux_behavior
0.001 ie_martian_children
0.001 maldun_blacklist
0.001 modify_uac_prompt
0.001 rat_pcclient
0.001 recon_programs

Reporting ( 0.483 seconds )

0.483 ReportHTMLSummary


Task ID	162238
Mongo ID	5b0266daa093ef799d1351cc
Cuckoo release	1.4-Maldun