分析任务

分析类型 虚拟机标签 开始时间 结束时间 持续时间
URL win7-sp1-x64-hpdapp01-2 2018-08-29 00:43:34 2018-08-29 00:46:43 189 秒

魔盾分数

7.45

危险的

URL详细信息

URL
URL专业沙箱检测 -> https://www.91wqp.com/dxy

登录查看威胁特征

运行截图


访问主机纪录 (可点击查询WPING实时安全评级)

直接 IP 安全评级 地理位置
117.18.237.29 亚洲太平洋地区
132.232.145.53 英国

域名解析 (可点击查询WPING实时安全评级)

域名 安全评级 响应
www.91wqp.com A 132.232.145.53
ocsp.digicert.com CNAME cs9.wac.phicdn.net
A 117.18.237.29
ocsp2.digicert.com

摘要

登录查看详细行为信息

WHOIS 信息

Name: None
Country: None
State: si chuan
City: cheng du shi
ZIP Code: None
Address: None

Orginization: None
Domain Name(s):
    91WQP.COM
    91wqp.com
Creation Date:
    2016-06-20 01:34:49
Updated Date:
    2018-06-13 04:45:12
Expiration Date:
    2019-06-20 01:34:49
Email(s):
    DomainAbuse@service.aliyun.com

Registrar(s):
    Alibaba Cloud Computing (Beijing) Co., Ltd.
Name Server(s):
    F1G1NS1.DNSPOD.NET
    F1G1NS2.DNSPOD.NET
Referral URL(s):
    None
没有防病毒引擎扫描信息!

进程树


iexplore.exe, PID: 2136, 上一级进程 PID: 304
iexplore.exe, PID: 2272, 上一级进程 PID: 2136

访问主机纪录 (可点击查询WPING实时安全评级)

直接 IP 安全评级 地理位置
117.18.237.29 亚洲太平洋地区
132.232.145.53 英国

TCP

源地址 源端口 目标地址 目标端口
192.168.122.202 49162 117.18.237.29 ocsp.digicert.com 80
192.168.122.202 49163 117.18.237.29 ocsp.digicert.com 80
192.168.122.202 49161 132.232.145.53 www.91wqp.com 443
192.168.122.202 49167 132.232.145.53 www.91wqp.com 443
192.168.122.202 49168 132.232.145.53 www.91wqp.com 443
192.168.122.202 49169 132.232.145.53 www.91wqp.com 443
192.168.122.202 49170 132.232.145.53 www.91wqp.com 443
192.168.122.202 49171 132.232.145.53 www.91wqp.com 443
192.168.122.202 49174 23.46.211.136 80

UDP

源地址 源端口 目标地址 目标端口
192.168.122.202 62207 192.168.122.1 53
192.168.122.202 64548 192.168.122.1 53
192.168.122.202 64974 192.168.122.1 53
192.168.122.202 65069 192.168.122.1 53

域名解析 (可点击查询WPING实时安全评级)

域名 安全评级 响应
www.91wqp.com A 132.232.145.53
ocsp.digicert.com CNAME cs9.wac.phicdn.net
A 117.18.237.29
ocsp2.digicert.com

TCP

源地址 源端口 目标地址 目标端口
192.168.122.202 49162 117.18.237.29 ocsp.digicert.com 80
192.168.122.202 49163 117.18.237.29 ocsp.digicert.com 80
192.168.122.202 49161 132.232.145.53 www.91wqp.com 443
192.168.122.202 49167 132.232.145.53 www.91wqp.com 443
192.168.122.202 49168 132.232.145.53 www.91wqp.com 443
192.168.122.202 49169 132.232.145.53 www.91wqp.com 443
192.168.122.202 49170 132.232.145.53 www.91wqp.com 443
192.168.122.202 49171 132.232.145.53 www.91wqp.com 443
192.168.122.202 49174 23.46.211.136 80

UDP

源地址 源端口 目标地址 目标端口
192.168.122.202 62207 192.168.122.1 53
192.168.122.202 64548 192.168.122.1 53
192.168.122.202 64974 192.168.122.1 53
192.168.122.202 65069 192.168.122.1 53

HTTP 请求

URI HTTP数据
URL专业沙箱检测 -> http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAc%2FyaR7BgIY9uCoaun8Pjs%3D
GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAc%2FyaR7BgIY9uCoaun8Pjs%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: ocsp.digicert.com

URL专业沙箱检测 -> http://ocsp2.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSogLCHz7apMi2guQoYXFYAsgBqRgQUEoZEZiYIVCaPZTeyKU4mIeCTvtsCEA%2BeJAMuYtoLiuCuLsXl5j4%3D
GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBSogLCHz7apMi2guQoYXFYAsgBqRgQUEoZEZiYIVCaPZTeyKU4mIeCTvtsCEA%2BeJAMuYtoLiuCuLsXl5j4%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: ocsp2.digicert.com

URL专业沙箱检测 -> http://crl.microsoft.com/pki/crl/products/tspca.crl
GET /pki/crl/products/tspca.crl HTTP/1.1
Cache-Control: max-age = 900
Connection: Keep-Alive
Accept: */*
If-Modified-Since: Sat, 24 May 2014 05:04:54 GMT
If-None-Match: "8ab194b3d77cf1:0"
User-Agent: Microsoft-CryptoAPI/6.1
Host: crl.microsoft.com

SMTP 流量

无SMTP流量.

IRC 流量

无IRC请求.

ICMP 流量

无ICMP流量.

CIF 报告

无 CIF 结果

网络警报

Timestamp Source IP Source Port Destination IP Destination Port Protocol SID Signature Category
2018-08-29 00:44:49.275278+0800 132.232.145.53 443 192.168.122.202 49161 TCP 2400008 ET DROP Spamhaus DROP Listed Traffic Inbound group 9 Misc Attack

TLS

Timestamp Source IP Source Port Destination IP Destination Port Version Issuer Subject Fingerprint
2018-08-29 00:44:49.404286+0800 192.168.122.202 49161 132.232.145.53 443 TLS 1.2 C=CN, O=TrustAsia Technologies, Inc., OU=Domain Validated SSL, CN=TrustAsia TLS ECC CA CN=www.91wqp.com f5:8e:71:8d:ad:80:ed:e5:b9:9a:c2:ae:5d:8c:ea:7c:6d:9c:63:3c

Suricata HTTP

No Suricata HTTP

未发现网络提取文件
文件名 RecoveryStore.{85B39B03-AAE1-11E8-A8AC-52540024C8FE}.dat
相关文件
C:\Users\test\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{85B39B03-AAE1-11E8-A8AC-52540024C8FE}.dat
文件大小 3584 字节
文件类型 Composite Document File V2 Document, Cannot read section info
MD5 88ef8c32153c2fc07350779625d3aab1
SHA1 81ff211ddb7615528accf17da65e6e8dd0fd2968
SHA256 3c688e7e5c0edbd2cb5803eaebb9c1682a75f0f9e351783a674155873c48470c
CRC32 C7358DB8
Ssdeep 12:rl0YmGF2CrEg5+IaCrI017+FaG/lsDrEgmf+IaCy8qgQNlTqoxk:rIC5/OlYGv/TQNlWoxk
下载提交魔盾安全分析
文件名 D6BFFC0376182436FD02102800A91CAA
相关文件
C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D6BFFC0376182436FD02102800A91CAA
文件大小 279 字节
文件类型 data
MD5 23ca0963a72286a54cd91f767a4ee18b
SHA1 4072be01af23889bb218e00770baba5d6607aeeb
SHA256 26bc33ba4c9719db52c91856f368e9381b4b779717975c2890b72b93050e393f
CRC32 4D588F86
Ssdeep 6:J0kkTbDsV+X5o7RIDh3gSV+9MALixM/owZmn5N9:JTkQV+5IlmiMA2AorL9
下载提交魔盾安全分析
文件名 download[1].css
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\download[1].css
文件大小 43623 字节
文件类型 ASCII text, with very long lines, with no line terminators
MD5 527494803eb04ab24fd444ce99031972
SHA1 c78d18dc42c42c998a9aedeac8bbae77d015b7e4
SHA256 219049aed3a0abed00980e8438b87b95991aae731671521ccf2ce359b1784af0
CRC32 640D78E2
Ssdeep 768:W3Oee0pCmicAU24LazBCOcGiArQQtu4HBaa2i:Wu5PU24LazBCOcGiYQQtu4Hz
下载提交魔盾安全分析显示文本
a,button{cursor:pointer}.out-container,.pattern{-webkit-transition:all .5s}.main,.out-container{display:block;height:100%}*,.wechat-tips{box-sizing:border-box}@font-face{font-weight:300;font-style:normal;font-family:'Roboto Slab';src:local("Roboto Slab Light"),local("RobotoSlab-Light"),url(roboto-slab-300.woff2) format("woff2");unicode-range:U+0000-00FF,U+0131,U+0152-0153,U+02C6,U+02DA,U+02DC,U+2000-206F,U+2074,U+20AC,U+2212,U+2215,U+E0FF,U+EFFD,U+F000}@font-face{font-weight:400;font-style:normal;font-family:'Roboto Slab';src:local("Roboto Slab Regular"),local("RobotoSlab-Regular"),url(roboto-slab-400.woff2) format("woff2");unicode-range:U+0000-00FF,U+0131,U+0152-0153,U+02C6,U+02DA,U+02DC,U+2000-206F,U+2074,U+20AC,U+2212,U+2215,U+E0FF,U+EFFD,U+F000}@font-face{font-weight:700;font-style:normal;font-family:'Roboto Slab';src:local("Roboto Slab Bold"),local("RobotoSlab-Bold"),url(roboto-slab-700.woff2) format("woff2");unicode-range:U+0000-00FF,U+0131,U+0152-0153,U+02C6,U+02DA,U+02DC,U+2000-206F,U+2074,U+20AC,U+2212,U+2215,U+E0FF,U+EFFD,U+F000}@font-face{font-family:'Open Sans';font-style:normal;font-weight:300;src:local("Open Sans Light"),local("OpenSans-Light"),url(DXI1ORHCpsQm3Vp6mXoaTQ7aC6SjiAOpAWOKfJDfVRY.woff2) format("woff2");unicode-range:U+0460-052F,U+20B4,U+2DE0-2DFF,U+A640-A69F}@font-face{font-family:'Open Sans';font-style:normal;font-weight:300;src:local("Open Sans Light"),local("OpenSans-Light"),url(DXI1ORHCpsQm3Vp6mXoaTRdwxCXfZpKo5kWAx_74bHs.woff2) format("woff2");unicode-range:U+0400-045F,U+0490-0491,U+04B0-04B1,U+2116}@font-face{font-family:'Open Sans';font-style:normal;font-weight:300;src:local("Open Sans Light"),local("OpenSans-Light"),url(DXI1ORHCpsQm3Vp6mXoaTZ6vnaPZw6nYDxM4SVEMFKg.woff2) format("woff2");unicode-range:U+1F00-1FFF}@font-face{font-family:'Open Sans';font-style:normal;font-weight:300;src:local("Open Sans Light"),local("OpenSans-Light"),url(DXI1ORHCpsQm3Vp6mXoaTfy1_HTwRwgtl1cPga3Fy3Y.woff2) format("woff2");unicode-range:U+0370-03FF}@font-face{font-family:'Open Sans';font-style:normal;fo <truncated>
文件名 {85B39B04-AAE1-11E8-A8AC-52540024C8FE}.dat
相关文件
C:\Users\test\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{85B39B04-AAE1-11E8-A8AC-52540024C8FE}.dat
文件大小 4608 字节
文件类型 Composite Document File V2 Document, Cannot read section info
MD5 efde3f66467f7b3092849571f5e00455
SHA1 d7992f310df63b46d6371b68155511f1d75cdbe4
SHA256 d661f8398637ce2453b1cfc0da439edf9e569d52715cc0fbb4b13c7758d30a31
CRC32 958C524D
Ssdeep 12:rlfFZ/rrEgmfR16FGlYrEgmfF1qjNlYfOo3+/NlX9oiD+X:rpGplYGoNljowNlNo4
下载提交魔盾安全分析
文件名 3-1534618255[1].png
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\3-1534618255[1].png
文件大小 8260 字节
文件类型 PNG image data, 57 x 57, 8-bit/color RGBA, non-interlaced
MD5 ee2c6bf39d862146017e4e5f579c6e13
SHA1 0e6e9bbfbacd421a419be00855f099aa9e389503
SHA256 e2b200ff6f66b003dc8a2e7cc43996ba76ea2713523598f6a9913df2cc9270de
CRC32 DEDE56F8
Ssdeep 192:pSIsrs5pyAbamUKkhWrsd03d3hI+FfNCvnGMly:Qfr61rUK2K370NA
下载提交魔盾安全分析
文件名 D6BFFC0376182436FD02102800A91CAA
相关文件
C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\D6BFFC0376182436FD02102800A91CAA
文件大小 432 字节
文件类型 data
MD5 545a5042071afa28e3b6429ce8fe5227
SHA1 209990f1f5ca8345b964c410a1dc885934fe2c52
SHA256 13974ed22f0c7f4f33f6edc73a3693222887f41e296c558b9c82772df88cc6e7
CRC32 B103D6A7
Ssdeep 12:u3yh1QxMiv8sFeWEqfQhmDwaYTdcsOWRm:myPQxxvQOfQhKwaYTuMM
下载提交魔盾安全分析
文件名 B398B80134F72209547439DB21AB308D_DB858BAF37417FB2524E7EB9F080713F
相关文件
C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_DB858BAF37417FB2524E7EB9F080713F
文件大小 471 字节
文件类型 data
MD5 58255b53dfd9b8fe9f1c998d1cbfdbd9
SHA1 1929dedf259db6b27042bbc8b63c77611dbb9acb
SHA256 59adcf94e75934da24af346cade754ad70ea1aeb670cd269cb7010abdb04dc8c
CRC32 26A96C86
Ssdeep 12:JD2+5VUUG5J72+n4513rcU0g0o7Z11f2yJUmhCb8xya:JD2+5qtf72+Ayg0o7Lt2ymmhhya
下载提交魔盾安全分析
文件名 favicon[1].ico
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHDRIWWS\favicon[1].ico
文件大小 16958 字节
文件类型 MS Windows icon resource - 1 icon, 64x64
MD5 ee149343b5a2ebe0c6f0a8ac072cd3e5
SHA1 fa6557bfdb50dd3f9ebb7c36929ceb2a13d0efd7
SHA256 5009d0eeabf2d3fcca66eb85c5df51c917a6b6bba2234c01521b4d820494c4b9
CRC32 F31F24C9
Ssdeep 192:1DW+VL/iXcs4t2AXvOynFXVvT7Ac92O0TozmT:hhVKc9kAX3kPThT
下载提交魔盾安全分析
文件名 qrcode[1].png
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\qrcode[1].png
文件大小 300 字节
文件类型 PNG image data, 99 x 99, 1-bit colormap, non-interlaced
MD5 bbe9f6811805d68c0f948e69f539e4de
SHA1 28b24f89cd42a7b6c710a8e6cad6b4c062d580f5
SHA256 eee0a879d997753b82b6860ccce9df0637a14ac17405dec4087efa3b17608bd6
CRC32 87237A5E
Ssdeep 6:6v/lhPFJ+wQ3a1ajErJxXmIcSZVWA9gs33hzc4PTB5vO1qMdnvjp:6v/7dJH1aAbfyAWaJPTDveqMBvN
下载提交魔盾安全分析
文件名 left[1].png
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\left[1].png
文件大小 20820 字节
文件类型 PNG image data, 311 x 1001, 8-bit/color RGBA, non-interlaced
MD5 5243159a489c013aaf434429d7fed591
SHA1 08c92da07245f7544021cf4d9cab584661fc30fe
SHA256 0f52294d3c76b5dcd928379c94194d079acd5f15a1f5db96d38d79e45da0012e
CRC32 F01792A0
Ssdeep 384:Z3viVPzqEUWJzaq+VRNpzDDvOBDAPonHUrFwNCKD8YmVKw2oeNDVJmU7/VSgdmup:9viVPeEU80RzfOBDQ2HUW/3n7/Iglp
下载提交魔盾安全分析
文件名 B398B80134F72209547439DB21AB308D_DB858BAF37417FB2524E7EB9F080713F
相关文件
C:\Users\test\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B398B80134F72209547439DB21AB308D_DB858BAF37417FB2524E7EB9F080713F
文件大小 434 字节
文件类型 data
MD5 2fa2f249dda21bc0e6a75f41e9db969f
SHA1 c35ff7ec7330f6388a1411350882cc43c4fa07d6
SHA256 47062b2f134125b556d21b876a78507e0927a2e20f6d924da588835a825815ea
CRC32 7281D1B8
Ssdeep 12:XzYIu511mxMiv8sFbq0yNYmc3Q2Blc4Q6tfji:XzYII11mxxvummO/W4QUfji
下载提交魔盾安全分析
文件名 index.dat
相关文件
C:\Users\test\AppData\Local\Microsoft\Feeds Cache\index.dat
文件大小 32768 字节
文件类型 Internet Explorer cache file version Ver 5.2
MD5 0aee387ca0a52dcdd8f8a29ea76edb42
SHA1 5df81547dcadb2a7b8bc689da8e1383ba1a84cb9
SHA256 c31bc37e102b70a472837d530ec80bdaea28b0fefda3e9aa8c8cda98c4200c4e
CRC32 B451CA0B
Ssdeep 12:qjtSaFpbZli3zIoYDPO7em4GZj03W/cKYDPOCG5A30WUsOXQDG9YRm4GZ5:qj4avEIoYTCebGZ7ZYTlEJ0oQQ4bGZ
魔盾安全分析结果 2.0分析时间:2016-11-06 20:10:20查看分析报告
下载提交魔盾安全分析
文件名 index.dat
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012018082920180830\index.dat
文件大小 32768 字节
文件类型 Internet Explorer cache file version Ver 5.2
MD5 1ef4f62ed1ef1fee8dfe2515cb4aa75a
SHA1 310883feaf69c6ffc6f97a0ba126a259b04d69d1
SHA256 dba898fa94512305ddcdb6cc4ec9b0d9eaf4ee6648df96a7e52cdc545712a4b3
CRC32 12A540F7
Ssdeep 6:qjyxXKHR2o3QGnjlnFdv2dWvl2OLIIIKzU3QGnVFdv2dWvlTIII:qjRHAo3QI3x992uIH3QIvx99sI
下载提交魔盾安全分析
文件名 index.dat
相关文件
C:\Users\test\AppData\Roaming\Microsoft\Windows\IECompatCache\index.dat
文件大小 65536 字节
文件类型 Internet Explorer cache file version Ver 5.2
MD5 0ee0d92f5ad9cd4d354a120734ae8e5e
SHA1 a3d2338356b933a1240f053b89efe7f1b5e63353
SHA256 bd15c1573c53ac40e26c307c00be243ace57eb5fd0d2879349b24832d2e7a771
CRC32 36F430F7
Ssdeep 384:wEEG/+oo0M7hPfdoW7QRyUEZeluUFyvp64PBhqNLguX3/5YSHYjitk9t7sub/2Iw:wEEG/+Rg
下载提交魔盾安全分析
文件名 right[1].png
相关文件
C:\Users\test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CB4GP22D\right[1].png
文件大小 35824 字节
文件类型 PNG image data, 311 x 1001, 8-bit/color RGBA, non-interlaced
MD5 f792b597b0a14c7d17940dd0b7e12d00
SHA1 36bcfadcafab05cfcca35d221bbed563cadd068a
SHA256 a878fe7f0c657ef56c8d15ba2a719cb57bb3f5baccc2df0827c34653641b7b00
CRC32 D295C444
Ssdeep 384:FPtM/30n6Di67P+ubAtVn30Sfszikqq+Qf2SL7eJB/7ANd5EFW2Fa:5tNnsZDytR05zVN+QfD7u7AzYA
下载提交魔盾安全分析
HTML 总结报告
(需15-60分钟同步)
下载

Processing ( 23.138 seconds )

  • 12.025 Suricata
  • 6.838 NetworkAnalysis
  • 1.89 BehaviorAnalysis
  • 1.85 Static
  • 0.369 AnalysisInfo
  • 0.115 Dropped
  • 0.048 Debug
  • 0.003 Memory

Signatures ( 4.007 seconds )

  • 2.115 md_url_bl
  • 0.632 md_bad_drop
  • 0.255 antiav_detectreg
  • 0.101 stealth_timeout
  • 0.096 infostealer_ftp
  • 0.081 api_spamming
  • 0.053 antianalysis_detectreg
  • 0.053 infostealer_im
  • 0.051 antivm_generic_scsi
  • 0.031 infostealer_mail
  • 0.03 stealth_file
  • 0.026 antivm_generic_services
  • 0.023 antiav_detectfile
  • 0.021 md_domain_bl
  • 0.016 antivm_generic_disk
  • 0.016 infostealer_bitcoin
  • 0.015 mimics_filetime
  • 0.015 geodo_banking_trojan
  • 0.014 betabot_behavior
  • 0.014 kibex_behavior
  • 0.013 antivm_xen_keys
  • 0.013 darkcomet_regkeys
  • 0.012 vawtrak_behavior
  • 0.012 virus
  • 0.012 antivm_parallels_keys
  • 0.011 bootkit
  • 0.01 antiemu_wine_func
  • 0.01 persistence_autorun
  • 0.009 antivm_generic_diskreg
  • 0.009 antivm_vbox_files
  • 0.008 kovter_behavior
  • 0.008 ransomware_files
  • 0.008 recon_fingerprint
  • 0.007 dridex_behavior
  • 0.007 shifu_behavior
  • 0.007 infostealer_browser_password
  • 0.007 ransomware_extensions
  • 0.006 andromeda_behavior
  • 0.006 hancitor_behavior
  • 0.006 antidbg_windows
  • 0.005 ransomware_message
  • 0.005 stealth_network
  • 0.005 antivm_vbox_libs
  • 0.005 antisandbox_productid
  • 0.005 disables_browser_warn
  • 0.004 injection_createremotethread
  • 0.004 Locky_behavior
  • 0.004 antidbg_devices
  • 0.004 antivm_xen_keys
  • 0.004 antivm_hyperv_keys
  • 0.004 antivm_vbox_acpi
  • 0.004 antivm_vbox_keys
  • 0.004 antivm_vmware_keys
  • 0.004 antivm_vpc_keys
  • 0.004 bypass_firewall
  • 0.004 network_torgateway
  • 0.004 packer_armadillo_regkey
  • 0.003 tinba_behavior
  • 0.003 hawkeye_behavior
  • 0.003 network_tor
  • 0.003 rat_nanocore
  • 0.003 antiav_avast_libs
  • 0.003 sets_autoconfig_url
  • 0.003 kazybot_behavior
  • 0.003 antivm_vmware_events
  • 0.003 cerber_behavior
  • 0.003 cryptowall_behavior
  • 0.003 browser_security
  • 0.002 stack_pivot
  • 0.002 network_anomaly
  • 0.002 antisandbox_sunbelt_libs
  • 0.002 antisandbox_sboxie_libs
  • 0.002 antiav_bitdefender_libs
  • 0.002 dyre_behavior
  • 0.002 exec_crash
  • 0.002 injection_runpe
  • 0.002 antivm_generic_bios
  • 0.002 antivm_generic_cpu
  • 0.002 antivm_generic_system
  • 0.002 rat_pcclient
  • 0.002 recon_programs
  • 0.001 ransomware_dmalocker
  • 0.001 persistence_bootexecute
  • 0.001 upatre_behavior
  • 0.001 rat_luminosity
  • 0.001 antivm_vmware_libs
  • 0.001 clickfraud_cookies
  • 0.001 antivm_vbox_window
  • 0.001 injection_explorer
  • 0.001 modifies_desktop_wallpaper
  • 0.001 dead_connect
  • 0.001 ipc_namedpipe
  • 0.001 ursnif_behavior
  • 0.001 ispy_behavior
  • 0.001 securityxploded_modules
  • 0.001 antianalysis_detectfile
  • 0.001 antivm_vmware_files
  • 0.001 banker_cridex
  • 0.001 banker_zeus_mutex
  • 0.001 bot_drive
  • 0.001 bot_drive2
  • 0.001 browser_addon
  • 0.001 codelux_behavior
  • 0.001 disables_system_restore
  • 0.001 disables_windows_defender
  • 0.001 ie_martian_children
  • 0.001 maldun_blacklist
  • 0.001 modify_security_center_warnings
  • 0.001 modify_uac_prompt
  • 0.001 network_tor_service
  • 0.001 office_security
  • 0.001 rat_spynet
  • 0.001 sniffer_winpcap
  • 0.001 stealth_hiddenreg
  • 0.001 stealth_hide_notifications
  • 0.001 targeted_flame
  • 0.001 whois_create

Reporting ( 0.657 seconds )

  • 0.657 ReportHTMLSummary
Task ID 181096
Mongo ID 5b857cd72e06337e0696f74a
Cuckoo release 1.4-Maldun