分析类型 | 虚拟机标签 | 开始时间 | 结束时间 | 持续时间 |
---|---|---|---|---|
URL | win7-sp1-x64-shaapp01-1 | 2018-07-19 15:40:23 | 2018-07-19 15:42:43 | 140 秒 |
URL |
---|
URL专业沙箱检测 -> http://t.ie.2345.com/wangpai/index.php |
直接 | IP | 安全评级 | 地理位置 |
---|---|---|---|
否 | 122.226.166.48 | 中国 | |
是 | 23.48.32.88 | 美国 |
域名 | 安全评级 | 响应 |
---|---|---|
t.ie.2345.com |
A 122.226.166.50 A 122.226.166.52 A 122.226.166.48 A 122.226.166.49 |
Name: None Country: None State: shang hai City: shanghai ZIP Code: None Address: None Orginization: None Domain Name(s): 2345.COM 2345.com Creation Date: 1998-01-19 05:00:00 Updated Date: 2018-01-10 03:52:45 Expiration Date: 2027-01-18 05:00:00 Email(s): DomainAbuse@service.aliyun.com Registrar(s): HiChina Zhicheng Technology Ltd. Name Server(s): DNS1.KABASIJI.COM DNS2.KABASIJI.COM DNS3.50BANG.ORG DNS4.50BANG.ORG Referral URL(s): None
防病毒引擎/厂商 | 网站安全分析 |
---|---|
CLEAN MX | Clean Site |
DNS8 | Clean Site |
VX Vault | Clean Site |
ZDB Zeus | Clean Site |
SCUMWARE_org | Clean Site |
Netcraft | Unrated Site |
desenmascara_me | Clean Site |
CyRadar | Clean Site |
PhishLabs | Unrated Site |
Zerofox | Clean Site |
K7AntiVirus | Clean Site |
Virusdie External Site Scan | Clean Site |
Spamhaus | Clean Site |
Quttera | Clean Site |
AegisLab WebGuard | Clean Site |
MalwareDomainList | Clean Site |
ZeusTracker | Clean Site |
zvelo | Malicious Site |
Google Safebrowsing | Clean Site |
Kaspersky | Clean Site |
BitDefender | Clean Site |
Certly | Clean Site |
G-Data | Clean Site |
OpenPhish | Clean Site |
Malware Domain Blocklist | Clean Site |
MalwarePatrol | Clean Site |
Webutation | Clean Site |
Trustwave | Clean Site |
Web Security Guard | Clean Site |
Dr_Web | Clean Site |
ADMINUSLabs | Clean Site |
Malwarebytes hpHosts | Clean Site |
Opera | Clean Site |
AlienVault | Clean Site |
Emsisoft | Clean Site |
Rising | Clean Site |
Malc0de Database | Clean Site |
Spam404 | Clean Site |
BADWARE_INFO | Clean Site |
Malwared | Clean Site |
Avira | Clean Site |
NotMining | Unrated Site |
CyberCrime | Clean Site |
Antiy-AVL | Clean Site |
Forcepoint ThreatSeeker | Clean Site |
FraudSense | Clean Site |
malwares_com URL checker | Clean Site |
Comodo Site Inspector | Clean Site |
Malekal | Clean Site |
ESET | Clean Site |
Sophos | Unrated Site |
Yandex Safebrowsing | Clean Site |
SecureBrain | Clean Site |
Phishtank | Clean Site |
Sucuri SiteCheck | Clean Site |
Blueliv | Clean Site |
Nucleon | Clean Site |
ZCloudsec | Clean Site |
AutoShun | Unrated Site |
ThreatHive | Clean Site |
FraudScore | Clean Site |
Tencent | Clean Site |
URLQuery | Clean Site |
StopBadware | Unrated Site |
Fortinet | Clean Site |
ZeroCERT | Clean Site |
Baidu-International | Clean Site |
securolytics | Clean Site |
直接 | IP | 安全评级 | 地理位置 |
---|---|---|---|
否 | 122.226.166.48 | 中国 | |
是 | 23.48.32.88 | 美国 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 49160 | 122.226.166.48 t.ie.2345.com | 80 |
192.168.122.201 | 49161 | 122.226.166.48 t.ie.2345.com | 80 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 52966 | 192.168.122.1 | 53 |
192.168.122.201 | 60990 | 192.168.122.1 | 53 |
域名 | 安全评级 | 响应 |
---|---|---|
t.ie.2345.com |
A 122.226.166.50 A 122.226.166.52 A 122.226.166.48 A 122.226.166.49 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 49160 | 122.226.166.48 t.ie.2345.com | 80 |
192.168.122.201 | 49161 | 122.226.166.48 t.ie.2345.com | 80 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 52966 | 192.168.122.1 | 53 |
192.168.122.201 | 60990 | 192.168.122.1 | 53 |
URI | HTTP数据 |
---|---|
URL专业沙箱检测 -> http://t.ie.2345.com/wangpai/index.php | GET /wangpai/index.php HTTP/1.1 Accept: */* Referer: http://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=6&ved=0CCEQfjZFp3dUljYmVKZGNPelBFZnFLQlhO&url=http%3A%2F%2Ft.ie.2345.com%2Fwangpai%2Findex.php&ei=cHRzWnZGd1JUQ2ps&usg=AFQjSG9JWGpCa0NVYkV0 Accept-Language: zh-cn User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: t.ie.2345.com Connection: Keep-Alive |
URL专业沙箱检测 -> http://t.ie.2345.com/favicon.ico | GET /favicon.ico HTTP/1.1 Accept: */* Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Host: t.ie.2345.com Connection: Keep-Alive |
无SMTP流量.
无IRC请求.
无ICMP流量.
无 CIF 结果
无警报
No TLS
No Suricata HTTP
文件名 | index.dat |
---|---|
相关文件 |
C:\Users\test\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012018071920180720\index.dat
|
文件大小 | 32768 字节 |
文件类型 | Internet Explorer cache file version Ver 5.2 |
MD5 | 5fcc5d1b2881fe5700d0a2eb7c9589ed |
SHA1 | bed603a99dc6cb2c744b73cb144cdc9891ad6902 |
SHA256 | c314fe4e3e677cdf3ec16feced070186b13b49b5be8f11880c81df01b1be58c4 |
CRC32 | 26827C2A |
Ssdeep | 6:qjyxXKCet3o5y/5FuXvUylfL1iFqHar3UnBFuXvUylhZXiM:qjR7t3oCOM2jj6r3COM2b |
下载 提交魔盾安全分析 |
文件名 | index.dat |
---|---|
相关文件 |
C:\Users\test\AppData\Roaming\Microsoft\Windows\IECompatCache\index.dat
|
文件大小 | 65536 字节 |
文件类型 | Internet Explorer cache file version Ver 5.2 |
MD5 | 0ee0d92f5ad9cd4d354a120734ae8e5e |
SHA1 | a3d2338356b933a1240f053b89efe7f1b5e63353 |
SHA256 | bd15c1573c53ac40e26c307c00be243ace57eb5fd0d2879349b24832d2e7a771 |
CRC32 | 36F430F7 |
Ssdeep | 384:wEEG/+oo0M7hPfdoW7QRyUEZeluUFyvp64PBhqNLguX3/5YSHYjitk9t7sub/2Iw:wEEG/+Rg |
下载 提交魔盾安全分析 |
文件名 | RecoveryStore.{FF54A6A3-8B26-11E8-912A-5254001C66F4}.dat |
---|---|
相关文件 |
C:\Users\test\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{FF54A6A3-8B26-11E8-912A-5254001C66F4}.dat
|
文件大小 | 3584 字节 |
文件类型 | Composite Document File V2 Document, Cannot read section info |
MD5 | f8c5b9b35854a5302b31db22d862e7b7 |
SHA1 | 412807e15485978646323d419fc2a1ae67b3b6ae |
SHA256 | 8e0666dc3f642d31acbf6a914d74f2127042ea0fa6943b722a99565b90fe41c0 |
CRC32 | 0F6F5C08 |
Ssdeep | 12:rl0YmGF26OrEg5+IaCrI017+FNsDrEgmf+IaCy8qgQNlTqo3lHzT:rI6O5/SYGv/TQNlWod |
下载 提交魔盾安全分析 |
文件名 | favicon[1].ico |
---|---|
相关文件 |
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\favicon[1].ico
|
文件大小 | 0 字节 |
文件类型 | empty |
MD5 | d41d8cd98f00b204e9800998ecf8427e |
SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
CRC32 | 00000000 |
Ssdeep | 3:: |
魔盾安全分析结果 | 6.0 分析时间:2016-05-08 17:55:55 查看分析报告 |
文件名 | index.dat |
---|---|
相关文件 |
C:\Users\test\AppData\Local\Microsoft\Feeds Cache\index.dat
|
文件大小 | 32768 字节 |
文件类型 | Internet Explorer cache file version Ver 5.2 |
MD5 | 0aee387ca0a52dcdd8f8a29ea76edb42 |
SHA1 | 5df81547dcadb2a7b8bc689da8e1383ba1a84cb9 |
SHA256 | c31bc37e102b70a472837d530ec80bdaea28b0fefda3e9aa8c8cda98c4200c4e |
CRC32 | B451CA0B |
Ssdeep | 12:qjtSaFpbZli3zIoYDPO7em4GZj03W/cKYDPOCG5A30WUsOXQDG9YRm4GZ5:qj4avEIoYTCebGZ7ZYTlEJ0oQQ4bGZ |
魔盾安全分析结果 | 2.0 分析时间:2016-11-06 20:10:20 查看分析报告 |
下载 提交魔盾安全分析 |
文件名 | {FF54A6A4-8B26-11E8-912A-5254001C66F4}.dat |
---|---|
相关文件 |
C:\Users\test\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{FF54A6A4-8B26-11E8-912A-5254001C66F4}.dat
|
文件大小 | 4608 字节 |
文件类型 | Composite Document File V2 Document, Cannot read section info |
MD5 | 3d3730eee3ebfda87f9abe2735fe43f3 |
SHA1 | ff8c63d1a182ca99e8eb69eb5c90e21f4ab0a2f6 |
SHA256 | 3fbc5d850e94f2929e0ef5469ebbd6f460d5fb4780d374c1008747f50b558d7c |
CRC32 | F0415C06 |
Ssdeep | 12:rlfFJrrEgmfR16FgkCYrEgmfp1qjNlYfOo3+/Nlr9ord:rRGeCYGsNljowNlJo |
下载 提交魔盾安全分析 |
HTML 总结报告 (需15-60分钟同步) |
下载 |
---|
Task ID | 171108 |
---|---|
Mongo ID | 5b50411dbb7d57488105b721 |
Cuckoo release | 1.4-Maldun |