分析类型 | 虚拟机标签 | 开始时间 | 结束时间 | 持续时间 |
---|---|---|---|---|
URL | win7-sp1-x64-shaapp01-1 | 2018-07-19 20:43:38 | 2018-07-19 20:45:58 | 140 秒 |
直接 | IP | 安全评级 | 地理位置 |
---|---|---|---|
否 | 125.56.201.97 | 美国 |
域名 | 安全评级 | 响应 |
---|---|---|
ocsp.comodoca4.com | 未知 |
CNAME ocsp.comodoca4.com.edgesuite.net A 125.56.201.97 A 125.56.201.105 CNAME a875.dscb.akamai.net |
Name: Director of Information Technology Country: US State: NJ City: Clifton ZIP Code: 07013 Address: 1255 Broad Street Orginization: Comodo Security Solutions, Inc. Domain Name(s): COMODOCA4.COM comodoca4.com Creation Date: 2014-09-24 15:38:36 Updated Date: 2017-09-20 05:24:30 2017-10-13 19:09:19 Expiration Date: 2018-09-24 15:38:36 Email(s): domainabuse@cscglobal.com domain-admin@comodogroup.com Registrar(s): CSC CORPORATE DOMAINS, INC. Name Server(s): NS0.COMODODNS.COM NS0.COMODODNS.NET NS1.COMODODNS.COM NS1.COMODODNS.NET ns0.comododns.com ns0.comododns.net ns1.comododns.net ns1.comododns.com Referral URL(s): None
直接 | IP | 安全评级 | 地理位置 |
---|---|---|---|
否 | 125.56.201.97 | 美国 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 49160 | 125.56.201.97 ocsp.comodoca4.com | 80 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 52966 | 192.168.122.1 | 53 |
192.168.122.201 | 60990 | 192.168.122.1 | 53 |
域名 | 安全评级 | 响应 |
---|---|---|
ocsp.comodoca4.com | 未知 |
CNAME ocsp.comodoca4.com.edgesuite.net A 125.56.201.97 A 125.56.201.105 CNAME a875.dscb.akamai.net |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 49160 | 125.56.201.97 ocsp.comodoca4.com | 80 |
源地址 | 源端口 | 目标地址 | 目标端口 |
---|---|---|---|
192.168.122.201 | 52966 | 192.168.122.1 | 53 |
192.168.122.201 | 60990 | 192.168.122.1 | 53 |
URI | HTTP数据 |
---|---|
URL专业沙箱检测 -> http://ocsp.comodoca4.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTrJdiQ%2Ficg9B19asFe73bPYs%2BreAQUdXGnGUgZvJ2d6kFH35TESHeZ03kCEFslzmkHxCZVZtM5DJmpVK0%3D | GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBTrJdiQ%2Ficg9B19asFe73bPYs%2BreAQUdXGnGUgZvJ2d6kFH35TESHeZ03kCEFslzmkHxCZVZtM5DJmpVK0%3D HTTP/1.1 Accept: */* Referer: http://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=29&ved=0CCEQfjckRXdWdQa2hBSnhpSkNH&url=http%3A%2F%2Focsp.comodoca4.com%2FMFEwTzBNMEswSTAJBgUrDgMCGgUABBTrJdiQ%252Ficg9B19asFe73bPYs%252BreAQUdXGnGUgZvJ2d6kFH35TESHeZ03kCEFslzmkHxCZVZtM5DJmpVK0%253D&ei=RGJwTWhHaU5UZnF4&usg=AFQjVXRDcU5RbHRTdlBW Accept-Language: zh-cn User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: ocsp.comodoca4.com Connection: Keep-Alive |
无SMTP流量.
无IRC请求.
无ICMP流量.
无 CIF 结果
无警报
No TLS
No Suricata HTTP
文件名 | frameiconcache.dat |
---|---|
相关文件 |
C:\Users\test\AppData\Local\Microsoft\Internet Explorer\frameiconcache.dat
|
文件大小 | 9148 字节 |
文件类型 | data |
MD5 | e68c4bec159f7493a13d86b7d9074df5 |
SHA1 | 725c8ce3ba9bebc2a0844d61750794ba04c92746 |
SHA256 | aff960513d890aaca6cfc7cf215538b734388dbdebdc8deb7743297d03311f62 |
CRC32 | E0D01FBC |
Ssdeep | 12:vc6l1QF6vEMXAt+prwMk6IJFJy8JTX8JHK8JKcFn8J8YHK8Z6A1JoRyUZdpwpGeq:RqcEMXIgrARicaAVrrU |
魔盾安全分析结果 | 2.0 分析时间:2016-11-17 08:00:32 查看分析报告 |
下载 提交魔盾安全分析 |
文件名 | index.dat |
---|---|
相关文件 |
C:\Users\test\AppData\Local\Microsoft\Feeds Cache\index.dat
|
文件大小 | 32768 字节 |
文件类型 | Internet Explorer cache file version Ver 5.2 |
MD5 | 0aee387ca0a52dcdd8f8a29ea76edb42 |
SHA1 | 5df81547dcadb2a7b8bc689da8e1383ba1a84cb9 |
SHA256 | c31bc37e102b70a472837d530ec80bdaea28b0fefda3e9aa8c8cda98c4200c4e |
CRC32 | B451CA0B |
Ssdeep | 12:qjtSaFpbZli3zIoYDPO7em4GZj03W/cKYDPOCG5A30WUsOXQDG9YRm4GZ5:qj4avEIoYTCebGZ7ZYTlEJ0oQQ4bGZ |
魔盾安全分析结果 | 2.0 分析时间:2016-11-06 20:10:20 查看分析报告 |
下载 提交魔盾安全分析 |
文件名 | index.dat |
---|---|
相关文件 |
C:\Users\test\AppData\Roaming\Microsoft\Windows\IECompatCache\index.dat
|
文件大小 | 65536 字节 |
文件类型 | Internet Explorer cache file version Ver 5.2 |
MD5 | 0ee0d92f5ad9cd4d354a120734ae8e5e |
SHA1 | a3d2338356b933a1240f053b89efe7f1b5e63353 |
SHA256 | bd15c1573c53ac40e26c307c00be243ace57eb5fd0d2879349b24832d2e7a771 |
CRC32 | 36F430F7 |
Ssdeep | 384:wEEG/+oo0M7hPfdoW7QRyUEZeluUFyvp64PBhqNLguX3/5YSHYjitk9t7sub/2Iw:wEEG/+Rg |
下载 提交魔盾安全分析 |
文件名 | RecoveryStore.{5B662203-8B51-11E8-912A-5254001C66F4}.dat |
---|---|
相关文件 |
C:\Users\test\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5B662203-8B51-11E8-912A-5254001C66F4}.dat
|
文件大小 | 5120 字节 |
文件类型 | Composite Document File V2 Document, Cannot read section info |
MD5 | fe154bd2bba427c205e767c318f5495f |
SHA1 | 9eb0d15c25f29c8a90df343c20ceda4581fddb83 |
SHA256 | a3df1d3949620a8bbf994615df5ab0d3eacbf1f2a00e5f9117844065815f26a2 |
CRC32 | 059B3423 |
Ssdeep | 12:rl0oGF2OviTrEgmZ+IaCrI0CIc8GbiF26OrEg5+IaCrI0CI7uoeMiqI77vNlTqo7:rLOviTG5/k8y6O5/OMkNlWoTiQNlWoT |
下载 提交魔盾安全分析 |
文件名 | JavaDeployReg.log |
---|---|
相关文件 |
C:\Users\test\AppData\Local\Temp\JavaDeployReg.log
|
文件大小 | 1068 字节 |
文件类型 | ASCII text, with CRLF line terminators |
MD5 | 32ab5f9ed4a614e571a5bfb743f3b0b7 |
SHA1 | a86a870be3b370088daf5c056994e6ad1beeee30 |
SHA256 | bc5dc04ea7cc0903e47f71a9fe69c9eb5075277711cf80f97eed0d85fc502f08 |
CRC32 | 00587507 |
Ssdeep | 24:odn9LnnMm8uA8XlZQfU78Tc49PX/+1S0JbI:odn9LnnMruA8XlZQfU78Tc49PX/+A0K |
下载 提交魔盾安全分析 显示文本 | |
[2017/06/01 16:29:23.649] Latest deploy version: [2017/06/01 16:29:23.649] 11.121.2 [2017/06/01 16:30:14.832] Latest deploy version: [2017/06/01 16:30:14.832] 11.121.2 [2017/06/01 16:40:25.052] Latest deploy version: [2017/06/01 16:40:25.052] 11.121.2 [2017/06/08 18:03:28.677] Latest deploy version: [2017/06/08 18:03:28.677] 11.121.2 [2017/06/08 18:15:11.176] Latest deploy version: [2017/06/08 18:15:11.176] 11.121.2 [2017/06/08 18:17:04.791] Latest deploy version: [2017/06/08 18:17:04.791] 11.121.2 [2017/09/01 16:11:55.188] Latest deploy version: [2017/09/01 16:11:55.188] 11.121.2 [2017/09/01 20:28:25.900] Latest deploy version: [2017/09/01 20:28:25.900] 11.121.2 [2017/09/01 22:02:42.198] Latest deploy version: [2017/09/01 22:02:42.198] 11.121.2 [2017/09/03 00:16:45.426] Latest deploy version: [2017/09/03 00:16:45.426] 11.121.2 [2017/09/03 11:22:53.307] Latest deploy version: [2017/09/03 11:22:53.307] 11.121.2 [2018/07/20 04:24:51.366] Latest deploy version: [2018/07/20 04:24:51.382] 11.121.2 |
文件名 | {5B662204-8B51-11E8-912A-5254001C66F4}.dat |
---|---|
相关文件 |
C:\Users\test\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5B662204-8B51-11E8-912A-5254001C66F4}.dat
|
文件大小 | 4096 字节 |
文件类型 | Composite Document File V2 Document, Cannot read section info |
MD5 | 62583450ff60d657bfdb9f1dbb958d5a |
SHA1 | c380a5b9dbac49425743566b7ba11d21b707a666 |
SHA256 | 129131073c4bab46a3ba3b9fd3db458907f09fa8d35d0723819d9a46ea39f065 |
CRC32 | A99EB961 |
Ssdeep | 12:rl0YmGFTrEgm8GL7KFPODZrEgm8Gz7qPNlCgrNl26ao:rdG8WDZG8JNlLrNlIo |
下载 提交魔盾安全分析 |
HTML 总结报告 (需15-60分钟同步) |
下载 |
---|
Task ID | 171145 |
---|---|
Mongo ID | 5b50883cbb7d57488005c0a5 |
Cuckoo release | 1.4-Maldun |