分析类型 | 虚拟机标签 | 开始时间 | 结束时间 | 持续时间 |
---|---|---|---|---|
URL | win7-sp1-x64-shaapp01-1 | 2018-05-21 23:19:49 | 2018-05-21 23:22:17 | 148 秒 |
直接 | IP | 安全评级 | 地理位置 |
---|---|---|---|
否 | 101.226.90.177 | 未知 | 中国 |
域名 | 安全评级 | 响应 |
---|---|---|
ui.ptlogin2.qq.com |
A 101.226.90.177 CNAME xui.ptlogin2.tencent-cloud.com |
|
www.stopbadware.org |
A 104.25.163.117 A 104.25.164.117 |
Name: Domain Admin Country: CN State: Guang Dong City: Shenzhen ZIP Code: 518057 Address: Tencent Building Kejizhongyi Avenue Hi-tech Park, Nanshan District Orginization: Shenzhen Tencent Computer Systems CO.,Ltd Domain Name(s): QQ.COM qq.com Creation Date: 1995-05-04 04:00:00 1995-05-03 21:00:00-0700 Updated Date: 2018-05-10 02:45:47 2018-05-09 19:41:51-0700 Expiration Date: 2027-07-27 02:09:19 2027-07-26 19:09:19-0700 Email(s): abusecomplaints@markmonitor.com dns@tencent.com Registrar(s): MarkMonitor, Inc. Name Server(s): NS1.QQ.COM NS2.QQ.COM NS3.QQ.COM NS4.QQ.COM ns1.qq.com ns4.qq.com ns3.qq.com ns2.qq.com Referral URL(s): None
防病毒引擎/厂商 | 网站安全分析 |
---|---|
CLEAN MX | Clean Site |
DNS8 | Clean Site |
MalwarePatrol | Clean Site |
ZDB Zeus | Clean Site |
Tencent | Clean Site |
Netcraft | Unrated Site |
desenmascara_me | Clean Site |
Dr_Web | Clean Site |
PhishLabs | Unrated Site |
Zerofox | Clean Site |
K7AntiVirus | Clean Site |
SecureBrain | Clean Site |
Virusdie External Site Scan | Clean Site |
SCUMWARE_org | Clean Site |
Quttera | Clean Site |
AegisLab WebGuard | Clean Site |
MalwareDomainList | Clean Site |
ZeusTracker | Clean Site |
zvelo | Clean Site |
Google Safebrowsing | Clean Site |
Kaspersky | Clean Site |
BitDefender | Clean Site |
Certly | Clean Site |
G-Data | Clean Site |
C-SIRT | Clean Site |
OpenPhish | Clean Site |
Malware Domain Blocklist | Clean Site |
VX Vault | Clean Site |
Webutation | Clean Site |
Trustwave | Clean Site |
Web Security Guard | Clean Site |
CyRadar | Clean Site |
ADMINUSLabs | Clean Site |
Malwarebytes hpHosts | Clean Site |
Opera | Clean Site |
AlienVault | Clean Site |
Emsisoft | Clean Site |
Malc0de Database | Clean Site |
Phishtank | Clean Site |
Malwared | Clean Site |
Avira | Clean Site |
CyberCrime | Clean Site |
Antiy-AVL | Clean Site |
Forcepoint ThreatSeeker | Clean Site |
FraudSense | Clean Site |
malwares_com URL checker | Clean Site |
Comodo Site Inspector | Clean Site |
Malekal | Clean Site |
ESET | Clean Site |
Sophos | Unrated Site |
Yandex Safebrowsing | Clean Site |
Spam404 | Clean Site |
Nucleon | Clean Site |
Sucuri SiteCheck | Clean Site |
Blueliv | Clean Site |
ZCloudsec | Clean Site |
AutoShun | Unrated Site |
ThreatHive | Clean Site |
FraudScore | Clean Site |
Rising | Clean Site |
URLQuery | Unrated Site |
StopBadware | Unrated Site |
Fortinet | Clean Site |
ZeroCERT | Clean Site |
Baidu-International | Clean Site |
securolytics | Clean Site |
直接 | IP | 安全评级 | 地理位置 |
---|---|---|---|
否 | 101.226.90.177 | 未知 | 中国 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 49167 | 101.226.90.177 ui.ptlogin2.qq.com | 443 |
192.168.122.201 | 49168 | 101.226.90.177 ui.ptlogin2.qq.com | 443 |
192.168.122.201 | 49170 | 101.226.90.177 ui.ptlogin2.qq.com | 443 |
192.168.122.201 | 49172 | 101.226.90.177 ui.ptlogin2.qq.com | 443 |
192.168.122.201 | 49173 | 101.226.90.177 ui.ptlogin2.qq.com | 443 |
192.168.122.201 | 49174 | 101.226.90.177 ui.ptlogin2.qq.com | 443 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 52966 | 192.168.122.1 | 53 |
192.168.122.201 | 53222 | 192.168.122.1 | 53 |
192.168.122.201 | 60990 | 192.168.122.1 | 53 |
192.168.122.201 | 63650 | 192.168.122.1 | 53 |
192.168.122.201 | 63715 | 192.168.122.1 | 53 |
192.168.122.201 | 64841 | 192.168.122.1 | 53 |
域名 | 安全评级 | 响应 |
---|---|---|
ui.ptlogin2.qq.com |
A 101.226.90.177 CNAME xui.ptlogin2.tencent-cloud.com |
|
www.stopbadware.org |
A 104.25.163.117 A 104.25.164.117 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 49167 | 101.226.90.177 ui.ptlogin2.qq.com | 443 |
192.168.122.201 | 49168 | 101.226.90.177 ui.ptlogin2.qq.com | 443 |
192.168.122.201 | 49170 | 101.226.90.177 ui.ptlogin2.qq.com | 443 |
192.168.122.201 | 49172 | 101.226.90.177 ui.ptlogin2.qq.com | 443 |
192.168.122.201 | 49173 | 101.226.90.177 ui.ptlogin2.qq.com | 443 |
192.168.122.201 | 49174 | 101.226.90.177 ui.ptlogin2.qq.com | 443 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 52966 | 192.168.122.1 | 53 |
192.168.122.201 | 53222 | 192.168.122.1 | 53 |
192.168.122.201 | 60990 | 192.168.122.1 | 53 |
192.168.122.201 | 63650 | 192.168.122.1 | 53 |
192.168.122.201 | 63715 | 192.168.122.1 | 53 |
192.168.122.201 | 64841 | 192.168.122.1 | 53 |
未发现HTTP请求.
无SMTP流量.
无IRC请求.
无ICMP流量.
无 CIF 结果
无警报
Timestamp | Source IP | Source Port | Destination IP | Destination Port | Version | Issuer | Subject | Fingerprint |
---|---|---|---|---|---|---|---|---|
2018-05-21 23:20:09.416442+0800 | 101.226.90.177 | 443 | 192.168.122.201 | 49168 | TLSv1 | C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 | C=CN, ST=guangdong, L=shenzhen, O=Shenzhen Tencent Computer Systems Company Limited, CN=xui.ptlogin2.qq.com | c2:d1:20:a8:e4:0c:70:44:03:34:8d:69:1d:9e:a3:6d:d7:9e:08:03 |
2018-05-21 23:20:10.746000+0800 | 192.168.122.201 | 49167 | 101.226.90.177 | 443 | TLSv1 | C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 | C=CN, ST=guangdong, L=shenzhen, O=Shenzhen Tencent Computer Systems Company Limited, CN=xui.ptlogin2.qq.com | c2:d1:20:a8:e4:0c:70:44:03:34:8d:69:1d:9e:a3:6d:d7:9e:08:03 |
No Suricata HTTP
文件名 | sHRfRnkemptTqcH4R9AbGA==.ico |
---|---|
相关文件 |
C:\Users\test\AppData\Local\Mozilla\Firefox\Profiles\i072kp8z.default-1494515848972\jumpListCache\sHRfRnkemptTqcH4R9AbGA==.ico
C:\Users\test\AppData\Local\Mozilla\Firefox\Profiles\i072kp8z.default-1494515848972\jumpListCache\qoRS7uunTyPuNt5ZB_dUSQ==.ico
|
文件大小 | 137 字节 |
文件类型 | MS Windows icon resource - 1 icon, 16x16 |
MD5 | b66bcbe2cbe33b224622ae9553f2c605 |
SHA1 | b8f3aa4231258e0edcbe0d3830d0549f48bddb3e |
SHA256 | c7e2e730c3cf3bf4fe5b3a50721028e1b82c01855dc30f0f533e4ac79ca3cdc2 |
CRC32 | 2C145BB5 |
Ssdeep | 3:cMl7lk12onv//thPl9vt3lyKLcyDf6Q6Q//9Q1JdiocLll2up:PTk1vv/lhPiQcy76QF/W5ioqeup |
下载 提交魔盾安全分析 |
文件名 | urlclassifier.pset |
---|---|
相关文件 |
C:\Users\test\AppData\Local\Mozilla\Firefox\Profiles\i072kp8z.default-1494515848972\urlclassifier.pset
|
文件大小 | 32 字节 |
文件类型 | data |
MD5 | 8e9dbc6e67b3108b335a6f0d6b7d7373 |
SHA1 | 2873233af908b57aa3ceb1de1ef095ba09a2b0ca |
SHA256 | cd0e673429731ec7845b56680010a5df7aeebf3b6a012d68b7464d139b314545 |
CRC32 | 39B7E3E9 |
Ssdeep | 3:RM/8inqw:RXiB |
下载 提交魔盾安全分析 |
文件名 | urlclassifier3.sqlite |
---|---|
相关文件 |
C:\Users\test\AppData\Local\Mozilla\Firefox\Profiles\i072kp8z.default-1494515848972\urlclassifier3.sqlite
|
文件大小 | 5242880 字节 |
文件类型 | SQLite 3.x database, user version 7 |
MD5 | 78945d1bf7915334616fc863bec9e9ec |
SHA1 | a42667247c98af48dad62c07a5d9f43ebbc3c6cd |
SHA256 | 8d78a3dc0757b793359483cf365c3f6be9405b1f93cca977b31f80948390fda9 |
CRC32 | 3F65B7E1 |
Ssdeep | 24:DL2+w24+zdY1gZCObTENe0SHGES456DlHEEqWERlSTENCfdxv:D6+8Ne0Itr56DlkEqWERlDNKdx |
下载 提交魔盾安全分析 |
文件名 | permissions.sqlite-journal |
---|---|
相关文件 |
C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\i072kp8z.default-1494515848972\permissions.sqlite-journal
|
文件大小 | 66064 字节 |
文件类型 | SQLite Rollback Journal |
MD5 | 74a833bc65add13ba22b8c8bb8c766e5 |
SHA1 | 4bfd5c40366b9fcf1e0ea75fedacfed409163c77 |
SHA256 | 7c1498b6209a2fd8c3d8046db2409ccf75e924e8c004eda8cb22d9403c190da9 |
CRC32 | 9D78DAFC |
Ssdeep | 48:7eDTfYfA+s0J+sjLOMwMnL5Kf9SD96Wa4jL:7ePgLs0wsjLBLMG96WxjL |
下载 提交魔盾安全分析 |
文件名 | permissions.sqlite |
---|---|
相关文件 |
C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\i072kp8z.default-1494515848972\permissions.sqlite
|
文件大小 | 98304 字节 |
文件类型 | SQLite 3.x database, user version 9 |
MD5 | 07242f35bb5d8ea854c9aae160fa0e2b |
SHA1 | df923e29edab1d1e3a5c14a96cb72d71ac913263 |
SHA256 | 434eb4e11b7703260f08b0dcda101630a517f69ff9affb415306d5d6d20fed69 |
CRC32 | A5EF420E |
Ssdeep | 24:DLqqEah76wd4+k6ZkxBhRIN+s0J+sSo+egMHQMHcB6tKfJrHZP0rH424J:DG3a4j9BX0+s0J+s6MwM8gKf9SDE |
下载 提交魔盾安全分析 |
文件名 | _CACHE_MAP_ |
---|---|
相关文件 |
C:\Users\test\AppData\Local\Mozilla\Firefox\Profiles\i072kp8z.default-1494515848972\Cache\_CACHE_MAP_
|
文件大小 | 8468 字节 |
文件类型 | raw G3 data, byte-padded |
MD5 | ca2bce5a65a727ca4fa205cfe6cc2c6e |
SHA1 | bc19bc0212b4d4cc41550691b34363d854ca6113 |
SHA256 | 2d486fc0383f24229d4c6dfd7d90bf9540190308fead00e6d2c4352a07a26801 |
CRC32 | CB9E7A78 |
Ssdeep | 48:/i65fWjrL3njlQQ5IaHQIlY9yDDdnrGRQUelxJ/uTRIKVFCB3/:/injlbJlXdnSKXJ/uTiB |
下载 提交魔盾安全分析 |
文件名 | 8D9XF2FiId5BiBvlVUc6Ag==.ico |
---|---|
相关文件 |
C:\Users\test\AppData\Local\Mozilla\Firefox\Profiles\i072kp8z.default-1494515848972\jumpListCache\8D9XF2FiId5BiBvlVUc6Ag==.ico
|
文件大小 | 424 字节 |
文件类型 | MS Windows icon resource - 1 icon, 16x16 |
MD5 | 6506fd27172f6da2d8b281cdad29532e |
SHA1 | 9cfb0754248517a50dfee4cefbe14f6758c5d0b6 |
SHA256 | d0d8db6f04dc8587f81a0e398c02c3ce6de45a7a796437e8a46c58dd0857551a |
CRC32 | CA2B2D3E |
Ssdeep | 12:P8v/7qgepUp5xDKKZB+QlTaBJF+hQ5QL3d76sc:fgepXw4QZKJF+OY3d7c |
下载 提交魔盾安全分析 |
文件名 | sessionstore.bak |
---|---|
相关文件 |
C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\i072kp8z.default-1494515848972\sessionstore.bak
|
文件大小 | 6326 字节 |
文件类型 | ASCII text, with very long lines, with no line terminators |
MD5 | 844013dacaf226bc059296292393a192 |
SHA1 | 5c91af2851a08ffa2af8f74f81047433bac8abc1 |
SHA256 | 7da0693e49ef52e7082249cdaf1331a4c9b8dcc97bf48f9290a800b2eb7788e0 |
CRC32 | 3704F62A |
Ssdeep | 96:/9OXi1OPHXi1zMUrmas7WvgKyGHXi1z7JrMVs7WvgK+TviKqkaYtTBtzLYtTBtzZ:/OiGiGZuiRBDzyz9Zi2SU |
下载 提交魔盾安全分析 显示文本 | |
{"windows":[{"tabs":[{"entries":[{"url":"http://www.microsoft.com/zh-cn/download/details.aspx?id=3988","title":"Download Microsoft Core XML Services (MSXML) 6.0 from Official Microsoft Download Center","ID":0,"docshellID":5,"docIdentifier":0,"children":[{"url":"about:blank","ID":2,"docshellID":7,"docIdentifier":2}]},{"url":"https://www.microsoft.com/zh-cn/download/confirmation.aspx?id=3988","title":"Download Microsoft Core XML Services (MSXML) 6.0 from Official Microsoft Download Center","subframe":true,"ID":5,"docshellID":5,"referrer":"http://www.microsoft.com/zh-cn/download/details.aspx?id=3988","docIdentifier":5,"children":[{"url":"https://a3698060313.cdn.optimizely.com/client_storage/a3698060313.html","subframe":true,"ID":6,"docshellID":10,"referrer":"https://www.microsoft.com/zh-cn/download/confirmation.aspx?id=3988","docIdentifier":6},{"url":"about:blank","subframe":true,"ID":7,"docshellID":11,"docIdentifier":7},{"url":"https://c1.microsoft.com/c.gif?DI=4050&did=1&t=","subframe":true,"ID":8,"docshellID":12,"referrer":"https://www.microsoft.com/zh-cn/download/confirmation.aspx?id=3988","docIdentifier":8},{"url":"https://login.microsoftonline.com/common/oauth2/authorize?client_id=28b567f6-162c-4f54-99a0-6887f387bbcc&response_mode=form_post&response_type=code+id_token&scope=openid+profile&state=OpenIdConnect.AuthenticationProperties%3dGu_LgsZo3Aey7lhBGS-eFRv41xYcG-_mMZEf3v3YvvQAlfqpuIyEWT0sSC31bnmqqOC3M0vFsjkLyPaffNEfzwoP4Fxq0Xb1CI9kc1zqS9zeMiw3NCv4VqOZg7-LCApVugoEkBAX_GJZxhbwl25o321OOYM&nonce=636399660362079496.YzY5ZTgzMDAtNTc2Yy00YjEzLTg3ODEtNDg3NDViYmU4ODRhOWM2MTgwMmUtODQ5ZS00ZDRlLWJhZmMtMTA5YjhhMDFhNDI5&msafed=0&post_logout_redirect_uri=https%3a%2f%2fwww.microsoft.com%2fzh-cn%2fdownload%2fconfirmation.aspx%3fid%3d3988&redirect_uri=https%3a%2f%2fwww.microsoft.com%2fen-us%2fsilentauth%3fsilentauth%3daad&prompt=none","ID":10,"docshellID":14,"referrer":"https://www.microsoft.com/zh-cn/download/confirmation.aspx?id=3988","docIdentifier":10}]},{"url":"https://www.microsoft.com/zh-cn/download/confirmation.aspx?id <truncated> |
文件名 | cookies.sqlite-shm |
---|---|
相关文件 |
C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\i072kp8z.default-1494515848972\cookies.sqlite-shm
|
文件大小 | 32768 字节 |
文件类型 | data |
MD5 | 424a493811f84361bc9d4eb775b83547 |
SHA1 | 2b4ef97f1212de4b0e8fffcec8168edac76b9a0c |
SHA256 | 8b2f2e4af936a542e9e86b978c149fa13a25a7cc9ef3f41538a1acd705ca2c63 |
CRC32 | 22B0A9BB |
Ssdeep | 3:Gtlst13H9uRCDqEbm/3lst13H9uRCDqEbZlxR9//jll+l:GtWtmMrW3WtmMrZlr9XW |
下载 提交魔盾安全分析 |
文件名 | 0u9zG3TzKYoRkKqp30_ljA==.ico |
---|---|
相关文件 |
C:\Users\test\AppData\Local\Mozilla\Firefox\Profiles\i072kp8z.default-1494515848972\jumpListCache\0u9zG3TzKYoRkKqp30_ljA==.ico
|
文件大小 | 274 字节 |
文件类型 | MS Windows icon resource - 1 icon, 16x16 |
MD5 | dcd222d15ecf16ca231f20a0a57f46e3 |
SHA1 | 2b16ef96de5d0d54a94fb4a1c7bf9004676b311e |
SHA256 | e14b374ed072672e3801851d47f12d8b8405dca79bc5bc7cf26b36e0341998c8 |
CRC32 | 60E0B5AD |
Ssdeep | 6:Ai1vv/lhPVtIm8DTYHB5gozAUXM/xVUBQUqFnhsBaFLu4027p:A4v/7N2qoPVUGUHcy0 |
下载 提交魔盾安全分析 |
文件名 | cookies.sqlite-wal |
---|---|
相关文件 |
C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\i072kp8z.default-1494515848972\cookies.sqlite-wal
|
文件大小 | 32824 字节 |
文件类型 | SQLite Write-Ahead Log, version 3007000 |
MD5 | f54077ff145b0845fdf6678d160a27d3 |
SHA1 | 6251e88a13d94e135c34f51fbda423495b3a6a5d |
SHA256 | 282778c0220980865fe7bf27916c089b50447ddab92a616d213edd070e27807d |
CRC32 | 98FE1CF9 |
Ssdeep | 96:GssaJsH+einm7zwMbktJHgVaui9fGN09x6CeTrZ0X4I8zdNRi+DZmLTo:h7tfnCc9fu0GTneIF5FDkQ |
下载 提交魔盾安全分析 |
文件名 | urlclassifier3.sqlite-journal |
---|---|
相关文件 |
C:\Users\test\AppData\Local\Mozilla\Firefox\Profiles\i072kp8z.default-1494515848972\urlclassifier3.sqlite-journal
|
文件大小 | 164392 字节 |
文件类型 | SQLite Rollback Journal |
MD5 | de1f069e7383bee4809aa4214e43684e |
SHA1 | b0d5a2f154dbf83c0e376a5e9fe7ab2982cdc65c |
SHA256 | 0e047bdac0c773b0380292c689cba91a31b90f38b701ebd4cef4cd2225c00e6d |
CRC32 | 5C4B2A36 |
Ssdeep | 24:7+/JuQql6LcIw24+zdY1gZCObTENe0SHGES456DlHEEqWERlSTEN0y:7e4Qg6gI8Ne0Itr56DlkEqWERlDN0y |
下载 提交魔盾安全分析 |
文件名 | places.sqlite-shm |
---|---|
相关文件 |
C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\i072kp8z.default-1494515848972\places.sqlite-shm
|
文件大小 | 32768 字节 |
文件类型 | data |
MD5 | b7c14ec6110fa820ca6b65f5aec85911 |
SHA1 | 608eeb7488042453c9ca40f7e1398fc1a270f3f4 |
SHA256 | fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb |
CRC32 | DDC506B6 |
Ssdeep | 3:G8lQs2TSlElQs2TtPRp//:G0QjSaQjrpX |
下载 提交魔盾安全分析 |
HTML 总结报告 (需15-60分钟同步) |
下载 |
---|
Task ID | 162371 |
---|---|
Mongo ID | 5b02e450bb7d5735a4f7f7d6 |
Cuckoo release | 1.4-Maldun |