分析任务

分析类型 虚拟机标签 开始时间 结束时间 持续时间
URL win7-sp1-x64-hpdapp01-1 2018-11-18 00:08:56 2018-11-18 00:11:21 145 秒

魔盾分数

0.0

正常的

URL详细信息

URL
URL专业沙箱检测 -> http://www.pcsoft.com.cn/soft/158054.html
登录查看威胁特征

运行截图

访问主机纪录 (可点击查询WPING实时安全评级)

无主机纪录.

域名解析 (可点击查询WPING实时安全评级)

无域名信息.

摘要

登录查看详细行为信息

WHOIS 信息

Name: None
Country: None
State: None
City: None
ZIP Code: None
Address: None

Orginization: None
Domain Name(s):
    pcsoft.com.cn
Creation Date:
    None
Updated Date:
    None
Expiration Date:
    None
Email(s):
    zhushaolong@ydsdnet.com

Registrar(s):
    阿里云计算有限公司(万网)
Name Server(s):
    dns9.hichina.com
    dns10.hichina.com
Referral URL(s):
    None
没有防病毒引擎扫描信息!

访问主机纪录 (可点击查询WPING实时安全评级)

无主机纪录.

TCP

无TCP连接纪录.

UDP

无UDP连接纪录.

域名解析 (可点击查询WPING实时安全评级)

无域名信息.

TCP

无TCP连接纪录.

UDP

无UDP连接纪录.

HTTP 请求

未发现HTTP请求.

SMTP 流量

无SMTP流量.

IRC 流量

无IRC请求.

ICMP 流量

无ICMP流量.

CIF 报告

无 CIF 结果

网络警报

无警报

TLS

Timestamp Source IP Source Port Destination IP Destination Port Version Issuer Subject Fingerprint
2018-11-18 00:09:38.286863+0800 192.168.122.201 49180 47.97.198.105 443 TLS 1.2 C=CN, O=TrustAsia Technologies, Inc., OU=Domain Validated SSL, CN=TrustAsia TLS RSA CA CN=tokenin.cn 92:81:fb:fd:de:66:01:a2:de:74:ba:23:c4:cb:38:c8:53:97:4f:88
2018-11-18 00:09:39.063432+0800 192.168.122.201 49200 47.97.198.105 443 TLS 1.2 C=CN, O=TrustAsia Technologies, Inc., OU=Domain Validated SSL, CN=TrustAsia TLS RSA CA CN=tokenin.cn 92:81:fb:fd:de:66:01:a2:de:74:ba:23:c4:cb:38:c8:53:97:4f:88
2018-11-18 00:09:39.064465+0800 192.168.122.201 49201 47.97.198.105 443 TLS 1.2 C=CN, O=TrustAsia Technologies, Inc., OU=Domain Validated SSL, CN=TrustAsia TLS RSA CA CN=tokenin.cn 92:81:fb:fd:de:66:01:a2:de:74:ba:23:c4:cb:38:c8:53:97:4f:88
2018-11-18 00:09:39.065298+0800 192.168.122.201 49199 47.97.198.105 443 TLS 1.2 C=CN, O=TrustAsia Technologies, Inc., OU=Domain Validated SSL, CN=TrustAsia TLS RSA CA CN=tokenin.cn 92:81:fb:fd:de:66:01:a2:de:74:ba:23:c4:cb:38:c8:53:97:4f:88
2018-11-18 00:09:39.059477+0800 192.168.122.201 49198 47.97.198.105 443 TLS 1.2 C=CN, O=TrustAsia Technologies, Inc., OU=Domain Validated SSL, CN=TrustAsia TLS RSA CA CN=tokenin.cn 92:81:fb:fd:de:66:01:a2:de:74:ba:23:c4:cb:38:c8:53:97:4f:88
2018-11-18 00:09:39.202769+0800 192.168.122.201 49202 47.97.198.105 443 TLS 1.2 C=CN, O=TrustAsia Technologies, Inc., OU=Domain Validated SSL, CN=TrustAsia TLS RSA CA CN=tokenin.cn 92:81:fb:fd:de:66:01:a2:de:74:ba:23:c4:cb:38:c8:53:97:4f:88
2018-11-18 00:09:39.428555+0800 192.168.122.201 49203 58.218.215.188 443 TLS 1.2 C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.cnzz.com 66:4d:a5:95:02:54:b9:fe:f9:7c:1e:ed:cb:24:ad:d8:5b:8a:06:42
2018-11-18 00:09:42.717747+0800 192.168.122.201 49212 58.218.215.120 443 TLS 1.2 C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.cnzz.com 66:4d:a5:95:02:54:b9:fe:f9:7c:1e:ed:cb:24:ad:d8:5b:8a:06:42
2018-11-18 00:09:45.271021+0800 192.168.122.201 49213 106.11.94.30 443 TLS 1.2 C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.mmstat.com 0f:95:1d:03:5e:e7:ba:8e:ff:76:f9:b4:41:c1:1f:15:7d:67:24:7b
2018-11-18 00:09:42.818144+0800 192.168.122.201 49211 203.119.206.95 443 TLS 1.2 C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.cnzz.com 66:4d:a5:95:02:54:b9:fe:f9:7c:1e:ed:cb:24:ad:d8:5b:8a:06:42
2018-11-18 00:09:45.884052+0800 192.168.122.201 49214 220.170.182.31 443 TLS 1.2 C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 C=CN, ST=beijing, L=beijing, OU=service operation department, O=Beijing Baidu Netcom Science Technology Co., Ltd, CN=baidu.com d6:aa:f8:cf:a0:e0:23:65:47:fc:2a:89:4f:89:5e:c9:47:24:a6:0d
2018-11-18 00:09:41.006226+0800 192.168.122.201 49205 104.19.197.151 443 TLS 1.2 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO ECC Domain Validation Secure Server CA 2 OU=Domain Control Validated, OU=PositiveSSL Multi-Domain, CN=ssl412106.cloudflaressl.com 35:22:58:8a:b0:02:bc:4b:80:82:07:85:61:56:dd:ba:0d:1e:33:1b
2018-11-18 00:09:48.752783+0800 192.168.122.201 49215 180.97.33.108 443 TLS 1.2 C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 C=CN, ST=beijing, L=beijing, OU=service operation department, O=Beijing Baidu Netcom Science Technology Co., Ltd, CN=baidu.com d6:aa:f8:cf:a0:e0:23:65:47:fc:2a:89:4f:89:5e:c9:47:24:a6:0d

Suricata HTTP

No Suricata HTTP

未发现网络提取文件
抱歉! 没有任何文件投放。
HTML 总结报告
(需15-60分钟同步)		 下载

Processing ( 15.059 seconds )

  • 12.04 Suricata
  • 1.49 VirusTotal
  • 1.373 Static
  • 0.078 Debug
  • 0.07 AnalysisInfo
  • 0.004 BehaviorAnalysis
  • 0.004 Memory

Signatures ( 0.384 seconds )

  • 0.239 md_bad_drop
  • 0.021 antiav_detectreg
  • 0.017 md_url_bl
  • 0.013 md_domain_bl
  • 0.011 persistence_autorun
  • 0.008 antiav_detectfile
  • 0.007 infostealer_ftp
  • 0.007 ransomware_extensions
  • 0.007 ransomware_files
  • 0.005 infostealer_im
  • 0.004 tinba_behavior
  • 0.004 infostealer_bitcoin
  • 0.003 rat_nanocore
  • 0.003 cerber_behavior
  • 0.003 antivm_vbox_files
  • 0.003 disables_browser_warn
  • 0.003 infostealer_mail
  • 0.002 betabot_behavior
  • 0.002 geodo_banking_trojan
  • 0.002 browser_security
  • 0.001 network_tor
  • 0.001 ursnif_behavior
  • 0.001 kazybot_behavior
  • 0.001 kibex_behavior
  • 0.001 shifu_behavior
  • 0.001 modify_uac_prompt
  • 0.001 modify_security_center_warnings
  • 0.001 antivm_parallels_keys
  • 0.001 antivm_xen_keys
  • 0.001 banker_zeus_mutex
  • 0.001 bot_drive
  • 0.001 bot_drive2
  • 0.001 browser_addon
  • 0.001 disables_system_restore
  • 0.001 disables_windows_defender
  • 0.001 ie_martian_children
  • 0.001 office_security
  • 0.001 rat_spynet
  • 0.001 stealth_hiddenreg
  • 0.001 stealth_hide_notifications

Reporting ( 0.0 seconds )

Task ID 214677
Mongo ID 5bf03de52e06332dc87a3ce2
Cuckoo release 1.4-Maldun