分析类型 | 虚拟机标签 | 开始时间 | 结束时间 | 持续时间 |
---|---|---|---|---|
文件 (Windows) | win7-sp1-x64-hpdapp01-1 | 2019-01-22 01:47:26 | 2019-01-22 01:49:54 | 148 秒 |
文件名 | lingesdnrjscq.zip |
---|---|
文件大小 | 1796622 字节 |
文件类型 | Zip archive data, at least v2.0 to extract |
MD5 | d1a78e1b1c929165f9a0535238e78d63 |
SHA1 | cb0a84b82c74ead6e0e3a81bbf7e5828ee4ef9d5 |
SHA256 | 9aaa77cb2381d7b7d3d44d8643ad7fad53928c873acc6b5f1db6d703a6ee0000 |
SHA512 | d27fea3111f2f9bb4c02b348eb60af2088c7b76b3f1462e43171598c2bd72e39cecc79816af9b2e77aa75e3c0abb6627ac676803b3e7719f8a25b34d3e77ae4a |
CRC32 | D4D482F1 |
Ssdeep | 49152:Ih51h9SpiPkw881M9K7Gs63S0gorZOtQ2EUqPYBDd4:Ir1h1PkwUOidgSmELPV |
Yara | 登录查看Yara规则 |
样本下载 提交误报 |
无主机纪录.
无域名信息.
防病毒引擎/厂商 | 病毒名/规则匹配 | 病毒库日期 |
---|---|---|
Bkav | HW32.Packed.2C32 | 20170218 |
MicroWorld-eScan | 未发现病毒 | 20170220 |
nProtect | 未发现病毒 | 20170220 |
CMC | 未发现病毒 | 20170220 |
CAT-QuickHeal | Trojan.Diztakun | 20170220 |
McAfee | Artemis!382555148DB4 | 20170220 |
Malwarebytes | 未发现病毒 | 20170220 |
VIPRE | Trojan.Win32.Generic!BT | 20170220 |
TheHacker | 未发现病毒 | 20170218 |
BitDefender | Trojan.GenericKD.4176308 | 20170220 |
K7GW | Trojan ( 004571581 ) | 20170220 |
K7AntiVirus | Trojan ( 004571581 ) | 20170220 |
Invincea | trojan.win32.orbus.a | 20170203 |
Baidu | 未发现病毒 | 20170220 |
F-Prot | W32/SuspPack.BQ.gen!Eldorado | 20170220 |
Symantec | SecurityRisk.gen1 | 20170219 |
TotalDefense | 未发现病毒 | 20170220 |
TrendMicro-HouseCall | TROJ_GEN.R01BC0VAI17 | 20170220 |
Avast | Win32:Malware-gen | 20170220 |
ClamAV | 未发现病毒 | 20170220 |
Kaspersky | Trojan.Win32.Diztakun.avfj | 20170220 |
Alibaba | 未发现病毒 | 20170220 |
NANO-Antivirus | Trojan.Win32.Diztakun.elcbkf | 20170220 |
ViRobot | Trojan.Win32.Z.Susppack.1847296[h] | 20170220 |
AegisLab | 未发现病毒 | 20170220 |
Rising | Trojan.Diztakun!8.FE (cloud:sO4sQwLsJjV) | 20170220 |
Ad-Aware | Trojan.GenericKD.4176308 | 20170220 |
Sophos | Mal/Generic-S | 20170220 |
Comodo | Virus.Win32.Virut.CE | 20170220 |
F-Secure | Trojan.GenericKD.4176308 | 20170220 |
DrWeb | Trojan.StartPage1.33586 | 20170220 |
Zillya | 未发现病毒 | 20170218 |
TrendMicro | TROJ_GE.08970610 | 20170220 |
McAfee-GW-Edition | 未发现病毒 | 20170220 |
Emsisoft | Trojan.GenericKD.4176308 (B) | 20170220 |
Cyren | W32/SuspPack.BQ.gen!Eldorado | 20170220 |
Jiangmin | Trojan.Diztakun.bxh | 20170220 |
Webroot | 未发现病毒 | 20170220 |
Avira | 未发现病毒 | 20170220 |
Fortinet | 未发现病毒 | 20170220 |
Antiy-AVL | Trojan/Win32.Diztakun | 20170220 |
Kingsoft | 未发现病毒 | 20170220 |
Arcabit | Trojan.Generic.D3FB9B4 | 20170220 |
SUPERAntiSpyware | 未发现病毒 | 20170220 |
Microsoft | Trojan:Win32/Dynamer!ac | 20170220 |
AhnLab-V3 | Trojan/Win32.Diztakun.C1746932 | 20170219 |
VBA32 | 未发现病毒 | 20170217 |
WhiteArmor | 未发现病毒 | 20170215 |
Zoner | 未发现病毒 | 20170220 |
ESET-NOD32 | a variant of Win32/FlyStudio.Packed.G potentially unwanted | 20170220 |
Tencent | Win32.Trojan.Bp-startpage.3825 | 20170220 |
Yandex | 未发现病毒 | 20170219 |
Ikarus | Trojan.Win32.Buzus | 20170220 |
GData | Trojan.GenericKD.4176308 | 20170220 |
AVG | SHeur4.CMLJ | 20170220 |
Panda | Trj/CI.A | 20170219 |
Qihoo-360 | 未发现病毒 | 20170220 |
无主机纪录.
无TCP连接纪录.
无UDP连接纪录.
无域名信息.
无TCP连接纪录.
无UDP连接纪录.
未发现HTTP请求.
无SMTP流量.
无IRC请求.
无ICMP流量.
无 CIF 结果
无警报
No TLS
No Suricata HTTP
文件名 | judgment.txt |
---|---|
相关文件 |
C:\Users\test\AppData\Roaming\\xe5\x87\x8c\xe5\x93\xa5\judgment.txt
|
文件大小 | 23 字节 |
文件类型 | ISO-8859 text, with no line terminators |
MD5 | 631bd94d54c3e96e8eadea0cc3a8a05f |
SHA1 | 0cc7112a97d50dc40e8d8c546bfcf5b87a046f29 |
SHA256 | b5b28ed5a4d769d705d6f1715542596d87ec5ad03ffe178358c016daf3649874 |
CRC32 | 777244C9 |
Ssdeep | 3:Ed0QoCSnU:ECQoCSU |
下载 提交魔盾安全分析 |
文件名 | NvBackend.exe |
---|---|
相关文件 |
C:\Users\test\AppData\Roaming\\xe5\x87\x8c\xe5\x93\xa5\NvBackend.exe
|
文件大小 | 2757424 字节 |
文件类型 | PE32 executable (GUI) Intel 80386, for MS Windows |
MD5 | dd37dc13df1224a8719208ae5cde2b63 |
SHA1 | 9d712afd65be680c5dd62be9a4052c4788975d09 |
SHA256 | ea365a7358637c555d8cdedd59bca574c8b6eb8bb3c1b8790fec7d76a37fc4ab |
CRC32 | A8A9D146 |
Ssdeep | 49152:Ln2kD6wuqf2zPoXBGHcBrRKx+vGp9oerbcp/mXVaofLnKgtNUEsoZrIeTCZWP1r4:LFtuqf2zPoXTrRKx+vGp9oerbcp+V3fe |
下载 提交魔盾安全分析 |
文件名 | Launch Internet Explorer Browser.lnk |
---|---|
相关文件 |
C:\Users\test\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
|
文件大小 | 1162 字节 |
文件类型 | MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Archive, ctime=Sat Nov 20 19:25:08 2010, mtime=Sat Nov 20 19:25:08 2010, atime=Sat Nov 20 19:25:08 2010, length=673040, window= |
MD5 | a4ff02b69980709b055be868253ee233 |
SHA1 | f971df32a48ba5b9330c038011042bcc13815c3b |
SHA256 | e39a3523858a89bc78c95d88de99db5f3a6289fe91413685e892946b591dea09 |
CRC32 | E84A93FD |
Ssdeep | 24:8faFdItodOEiXlVEMVNAk1qsQdDEMBzdDEMukUPqhCPx:8ywtodOdVvVG8qHdDvBzdDvyys |
下载 提交魔盾安全分析 |
文件名 | ver.txt |
---|---|
相关文件 |
C:\Users\test\AppData\Roaming\\xe5\x87\x8c\xe5\x93\xa5\ver.txt
|
文件大小 | 3 字节 |
文件类型 | ASCII text, with no line terminators |
MD5 | 56765472680401499c79732468ba4340 |
SHA1 | 8114b9dabe64741f5700c676da07d4182530a754 |
SHA256 | 77ac319bfe1979e2d799d9e6987e65feb54f61511c03552ebae990826c208590 |
CRC32 | 19380E19 |
Ssdeep | 3:SXn:SX |
下载 提交魔盾安全分析 显示文本 | |
1.2 |
文件名 | Internet Explorer.lnk |
---|---|
相关文件 |
C:\Users\test\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk
|
文件大小 | 1174 字节 |
文件类型 | MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Archive, ctime=Sat Nov 20 19:25:08 2010, mtime=Sat Nov 20 19:25:08 2010, atime=Sat Nov 20 19:25:08 2010, length=673040, window= |
MD5 | 51f790571ca2b525a361376a1ea1e630 |
SHA1 | 5b002472091ea9d10b1facc5ace64ba3b90603fc |
SHA256 | 1ed37615cdd2b7051e4d0dc1206121673521e2d9c6b6529c289e5cccd640788d |
CRC32 | 2FA043DF |
Ssdeep | 24:8faFdItodOEiXlVEMVNAk1qst4dDEMBzdDEMukUPqhCPx:8ywtodOdVvVG8qA4dDvBzdDvyys |
下载 提交魔盾安全分析 |
文件名 | Internet Explorer (64-bit).lnk |
---|---|
相关文件 |
C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
|
文件大小 | 1168 字节 |
文件类型 | MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Archive, ctime=Sat Nov 20 19:25:08 2010, mtime=Sat Nov 20 19:25:08 2010, atime=Sat Nov 20 19:25:08 2010, length=673040, window= |
MD5 | ab4a3e8cabfd16197ceb107871fdea1e |
SHA1 | a2ae303f6b7a0d5095fa3987006e36e44c7cc2b9 |
SHA256 | 530eebf776d062d20c08aaafc8ed7625ddb00e533e79f6f3cf0ba943dff09171 |
CRC32 | 054E588B |
Ssdeep | 24:8faFdItodOEiXlVEMVNAk1qs5dDEMBzdDEMukUPqhCPx:8ywtodOdVvVG8qGdDvBzdDvyys |
下载 提交魔盾安全分析 |
文件名 | detoured.dll |
---|---|
相关文件 |
C:\Users\test\AppData\Roaming\\xe5\x87\x8c\xe5\x93\xa5\detoured.dll
|
文件大小 | 20992 字节 |
文件类型 | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, UPX compressed |
MD5 | 9da9fe20af969d85b9ef40bbb63ffdc5 |
SHA1 | d945e9f52330d0d6d744a1071382b9b68c6d0653 |
SHA256 | 546ffb49b7eddf437e361b44e313a78aee45ee18c4fa8f20188dc9271162fcfd |
CRC32 | 5E20188A |
Ssdeep | 384:watgfw8pnW8EL1SWOsgUPomUvX/HzICOVAK4XSPPF7bStP:watTwgBSWzgBmAvsCOVfM+N7bOP |
下载 提交魔盾安全分析 |
文件名 | google\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8.lnk |
---|---|
相关文件 |
C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\google\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8.lnk
|
文件大小 | 1344 字节 |
文件类型 | MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Archive, ctime=Fri Sep 1 06:19:23 2017, mtime=Fri Sep 1 06:19:23 2017, atime=Fri Jan 25 18:35:08 2013, length=1248208, window= |
MD5 | 917351a97e13d6bcc0e2599c715a26b3 |
SHA1 | d25025725278b03d53e4c42a1243c23297f83928 |
SHA256 | 27cebcd3e69a08b7d83026e6fc6923245329cffa798d1df6d9919ff29d8a00fe |
CRC32 | 0883DFDD |
Ssdeep | 24:8rCxodOEa/qCdmPRhA+1qiedRZN0RndRZNLkUPqhCP:8+xodOHiCdgRyKqied/KRnd/nys |
下载 提交魔盾安全分析 |
文件名 | google\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8.lnk |
---|---|
相关文件 |
C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\google\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8.lnk
C:\Users\test\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\google\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8.lnk
|
文件大小 | 1338 字节 |
文件类型 | MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Archive, ctime=Fri Sep 1 06:19:23 2017, mtime=Fri Sep 1 06:19:23 2017, atime=Fri Jan 25 18:35:08 2013, length=1248208, window= |
MD5 | 30e0244b84611df0a5f5bcdf7b7dd1b8 |
SHA1 | 6a1e970e849058dbeeabec96c5915828601bc70a |
SHA256 | e24c42b3201e93468bd29728db18dca60dc05e122d6b7ba0a22765a279fffb9d |
CRC32 | 27B7E47E |
Ssdeep | 24:8rCxodOEa/qCdmPRhA+1qiWYdRZN0RndRZNLkUPqhCP:8+xodOHiCdgRyKqiWYd/KRnd/nys |
下载 提交魔盾安全分析 |
文件名 | google\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8.lnk |
---|---|
相关文件 |
C:\Users\test\Desktop\google\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8.lnk
|
文件大小 | 1314 字节 |
文件类型 | MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Archive, ctime=Fri Sep 1 06:19:23 2017, mtime=Fri Sep 1 06:19:23 2017, atime=Fri Jan 25 18:35:08 2013, length=1248208, window= |
MD5 | 9e84c3f00964dc49e3f3498fcb701591 |
SHA1 | 9cab6c07ee0d21749a2dffc36f23bb9ea0c46008 |
SHA256 | 1f05eeec2d70813d714b08ae2d2359d5ad5ef25c0f7bf460d1da698f72050b8d |
CRC32 | 70408CEE |
Ssdeep | 24:8rCxodOEa/qCdmPRhA+1qizdRZN0RndRZNLkUPqhCP:8+xodOHiCdgRyKqizd/KRnd/nys |
下载 提交魔盾安全分析 |
文件名 | google\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8.lnk |
---|---|
相关文件 |
C:\Users\test\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\google\xe6\xb5\x8f\xe8\xa7\x88\xe5\x99\xa8.lnk
|
文件大小 | 1350 字节 |
文件类型 | MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Archive, ctime=Fri Sep 1 06:19:23 2017, mtime=Fri Sep 1 06:19:23 2017, atime=Fri Jan 25 18:35:08 2013, length=1248208, window= |
MD5 | 26b0080ef8d239d5fdb5cb3f7d4f22f9 |
SHA1 | 96ee0cb7ce5ce220bf8f01538d8e83efbe7f677a |
SHA256 | 812e9d9c866edb8e6c47928df9a13b4680c694bc2d0ae56de3a12e909b5f971e |
CRC32 | C8EA9CAC |
Ssdeep | 24:8rCxodOEa/qCdmPRhA+1qi8idRZN0RndRZNLkUPqhCP:8+xodOHiCdgRyKqi8id/KRnd/nys |
下载 提交魔盾安全分析 |
HTML 总结报告 (需15-60分钟同步) |
下载 |
---|
Task ID | 234127 |
---|---|
Mongo ID | 5c46066f2f8f2e05bd5a2838 |
Cuckoo release | 1.4-Maldun |