分析任务
| 分析类型 | 虚拟机标签 | 开始时间 | 结束时间 | 持续时间 |
|---|---|---|---|---|
| 文件 (Windows) | win7-sp1-x64-hpdapp01-1 | 2019-04-24 11:55:24 | 2019-04-24 11:57:48 | 144 秒 |
魔盾分数
8.25
危险的
文件详细信息
| 文件名 | 视距盾9.8.exe |
|---|---|
| 文件大小 | 1155072 字节 |
| 文件类型 | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 6c759e6b02266ea64777a78658579b08 |
| SHA1 | 67da5c9c57959bdf4619bc5abf7cfda777c8adbb |
| SHA256 | 25dfa6e3504313cb348577c0b944639d6d0508c882825b2aeca16d6ed87be43e |
| SHA512 | 297bfc2a6d12379e16c33b8a15721b9fb35b86e546ef947a6cff2f4a3d2398c67259a953d914b140b7c97cdc5bc29e2641d005152f141200996f831abbcd4ccf |
| CRC32 | FA5C20AB |
| Ssdeep | 12288:W/Q5R8ADAhH34lCXH+MoB00pDHFZvombgd9/R5nWFpPoSVopPkG3xwZd1ElRLn8:W/4LAholmHimKDAm0d9+bgaGhwZd1E4 |
| Yara | 登录查看Yara规则 |
| 样本下载 提交误报 |
登录查看威胁特征
运行截图
访问主机纪录 (可点击查询WPING实时安全评级)
无主机纪录.
域名解析 (可点击查询WPING实时安全评级)
| 域名 | 安全评级 | 响应 |
|---|---|---|
| lao-da.cn |
摘要
登录查看详细行为信息PE 信息
| 初始地址 | 0x00400000 |
|---|---|
| 入口地址 | 0x00480a56 |
| 声明校验值 | 0x00000000 |
| 实际校验值 | 0x0011c2ec |
| 最低操作系统版本要求 | 4.0 |
| 编译时间 | 2019-04-24 11:09:35 |
| 载入哈希 | a4326d13edcc3d590a989e7712ae8ac7 |
版本信息
| LegalCopyright | |
|---|---|
| FileVersion | |
| CompanyName | |
| Comments | |
| ProductName | |
| ProductVersion | |
| FileDescription | |
| Translation |
PE 数据组成
| 名称 | 虚拟地址 | 虚拟大小 | 原始数据大小 | 特征 | 熵(Entropy) |
|---|---|---|---|---|---|
| .text | 0x00001000 | 0x000a15b3 | 0x000a2000 | IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ | 6.55 |
| .rdata | 0x000a3000 | 0x00055f2e | 0x00056000 | IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ | 6.89 |
| .data | 0x000f9000 | 0x0004b7ca | 0x00019000 | IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE | 5.65 |
| .rsrc | 0x00145000 | 0x000075f4 | 0x00008000 | IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ | 5.35 |
导入
库: WINMM.dll:
• 0x4a36b0 midiStreamOut
• 0x4a36b4 midiOutPrepareHeader
• 0x4a36b8 midiStreamProperty
• 0x4a36bc waveOutUnprepareHeader
• 0x4a36c0 waveOutPrepareHeader
• 0x4a36c4 waveOutWrite
• 0x4a36c8 waveOutPause
• 0x4a36cc waveOutReset
• 0x4a36d0 waveOutClose
• 0x4a36d4 waveOutGetNumDevs
• 0x4a36d8 waveOutOpen
• 0x4a36dc midiStreamStop
• 0x4a36e0 midiOutReset
• 0x4a36e4 midiStreamClose
• 0x4a36e8 midiStreamRestart
• 0x4a36ec midiStreamOpen
• 0x4a36f0 midiOutUnprepareHeader
库: WS2_32.dll:
• 0x4a3708 WSAAsyncSelect
• 0x4a370c closesocket
• 0x4a3710 WSACleanup
• 0x4a3714 inet_ntoa
• 0x4a3718 ioctlsocket
• 0x4a371c recvfrom
• 0x4a3720 accept
• 0x4a3724 recv
• 0x4a3728 getpeername
库: KERNEL32.dll:
• 0x4a319c GetACP
• 0x4a31a0 HeapSize
• 0x4a31a4 RaiseException
• 0x4a31a8 GetLocalTime
• 0x4a31ac GetSystemTime
• 0x4a31b0 RtlUnwind
• 0x4a31b4 GetStartupInfoA
• 0x4a31b8 GetOEMCP
• 0x4a31bc GetProcessVersion
• 0x4a31c0 SetErrorMode
• 0x4a31c4 GlobalFlags
• 0x4a31c8 GetCurrentThread
• 0x4a31cc GetFileTime
• 0x4a31d0 TlsGetValue
• 0x4a31d4 LocalReAlloc
• 0x4a31d8 TlsSetValue
• 0x4a31dc TlsFree
• 0x4a31e0 GlobalHandle
• 0x4a31e4 TlsAlloc
• 0x4a31e8 LocalAlloc
• 0x4a31ec lstrcmpA
• 0x4a31f0 GlobalGetAtomNameA
• 0x4a31f4 GlobalAddAtomA
• 0x4a31f8 GlobalFindAtomA
• 0x4a31fc GlobalDeleteAtom
• 0x4a3200 lstrcmpiA
• 0x4a3204 GetThreadLocale
• 0x4a3208 SetEndOfFile
• 0x4a320c UnlockFile
• 0x4a3210 LockFile
• 0x4a3214 FlushFileBuffers
• 0x4a3218 DuplicateHandle
• 0x4a321c lstrcpynA
• 0x4a3220 FileTimeToLocalFileTime
• 0x4a3224 FileTimeToSystemTime
• 0x4a3228 FormatMessageA
• 0x4a322c LocalFree
• 0x4a3230 InterlockedDecrement
• 0x4a3234 InterlockedIncrement
• 0x4a3238 WideCharToMultiByte
• 0x4a323c GetVersion
• 0x4a3240 GetTimeZoneInformation
• 0x4a3244 SetLastError
• 0x4a3248 MultiByteToWideChar
• 0x4a324c TerminateProcess
• 0x4a3250 GetCurrentProcess
• 0x4a3254 GetFileSize
• 0x4a3258 SetFilePointer
• 0x4a325c GetTempFileNameA
• 0x4a3260 CreateSemaphoreA
• 0x4a3264 ResumeThread
• 0x4a3268 ReleaseSemaphore
• 0x4a326c EnterCriticalSection
• 0x4a3270 LeaveCriticalSection
• 0x4a3274 GetProfileStringA
• 0x4a3278 WriteFile
• 0x4a327c ReadFile
• 0x4a3280 WaitForMultipleObjects
• 0x4a3284 CreateFileA
• 0x4a3288 SetEvent
• 0x4a328c FindResourceA
• 0x4a3290 LoadResource
• 0x4a3294 LockResource
• 0x4a3298 RemoveDirectoryA
• 0x4a329c GetModuleFileNameA
• 0x4a32a0 GetCurrentThreadId
• 0x4a32a4 ExitProcess
• 0x4a32a8 GlobalSize
• 0x4a32ac GlobalFree
• 0x4a32b0 DeleteCriticalSection
• 0x4a32b4 InitializeCriticalSection
• 0x4a32b8 lstrcatA
• 0x4a32bc lstrlenA
• 0x4a32c0 WinExec
• 0x4a32c4 lstrcpyA
• 0x4a32c8 FindNextFileA
• 0x4a32cc InterlockedExchange
• 0x4a32d0 GlobalReAlloc
• 0x4a32d4 HeapFree
• 0x4a32d8 HeapReAlloc
• 0x4a32dc GetProcessHeap
• 0x4a32e0 HeapAlloc
• 0x4a32e4 GetFullPathNameA
• 0x4a32e8 FreeLibrary
• 0x4a32ec LoadLibraryA
• 0x4a32f0 GetLastError
• 0x4a32f4 GetVersionExA
• 0x4a32f8 WritePrivateProfileStringA
• 0x4a32fc CreateThread
• 0x4a3300 CreateEventA
• 0x4a3304 Sleep
• 0x4a3308 GlobalAlloc
• 0x4a330c GlobalLock
• 0x4a3310 GlobalUnlock
• 0x4a3314 GetTempPathA
• 0x4a3318 FindFirstFileA
• 0x4a331c FindClose
• 0x4a3320 GetFileAttributesA
• 0x4a3324 DeleteFileA
• 0x4a3328 SetCurrentDirectoryA
• 0x4a332c GetVolumeInformationA
• 0x4a3330 GetModuleHandleA
• 0x4a3334 GetProcAddress
• 0x4a3338 MulDiv
• 0x4a333c GetCommandLineA
• 0x4a3340 GetTickCount
• 0x4a3344 WaitForSingleObject
• 0x4a3348 CloseHandle
• 0x4a334c UnhandledExceptionFilter
• 0x4a3350 FreeEnvironmentStringsA
• 0x4a3354 FreeEnvironmentStringsW
• 0x4a3358 GetEnvironmentStrings
• 0x4a335c GetEnvironmentStringsW
• 0x4a3360 SetHandleCount
• 0x4a3364 GetStdHandle
• 0x4a3368 GetFileType
• 0x4a336c GetEnvironmentVariableA
• 0x4a3370 HeapDestroy
• 0x4a3374 HeapCreate
• 0x4a3378 VirtualFree
• 0x4a337c SetEnvironmentVariableA
• 0x4a3380 LCMapStringA
• 0x4a3384 LCMapStringW
• 0x4a3388 VirtualAlloc
• 0x4a338c IsBadWritePtr
• 0x4a3390 SetUnhandledExceptionFilter
• 0x4a3394 GetStringTypeA
• 0x4a3398 GetStringTypeW
• 0x4a339c CompareStringA
• 0x4a33a0 CompareStringW
• 0x4a33a4 IsBadReadPtr
• 0x4a33a8 IsBadCodePtr
• 0x4a33ac SetStdHandle
• 0x4a33b0 GetCPInfo
库: USER32.dll:
• 0x4a3424 DefWindowProcA
• 0x4a3428 GetSystemMenu
• 0x4a342c GetClassInfoA
• 0x4a3430 IsZoomed
• 0x4a3434 PostQuitMessage
• 0x4a3438 CopyAcceleratorTableA
• 0x4a343c GetKeyState
• 0x4a3440 TranslateAcceleratorA
• 0x4a3444 IsWindowEnabled
• 0x4a3448 ShowWindow
• 0x4a344c SystemParametersInfoA
• 0x4a3450 LoadImageA
• 0x4a3454 EnumDisplaySettingsA
• 0x4a3458 ClientToScreen
• 0x4a345c EnableMenuItem
• 0x4a3460 GetSubMenu
• 0x4a3464 GetDlgCtrlID
• 0x4a3468 CreateAcceleratorTableA
• 0x4a346c CreateMenu
• 0x4a3470 ModifyMenuA
• 0x4a3474 AppendMenuA
• 0x4a3478 CreatePopupMenu
• 0x4a347c DrawIconEx
• 0x4a3480 CreateIconFromResource
• 0x4a3484 CreateIconFromResourceEx
• 0x4a3488 DeleteMenu
• 0x4a348c GetMenu
• 0x4a3490 SetMenu
• 0x4a3494 PeekMessageA
• 0x4a3498 IsIconic
• 0x4a349c SetFocus
• 0x4a34a0 GetActiveWindow
• 0x4a34a4 GetWindow
• 0x4a34a8 DestroyAcceleratorTable
• 0x4a34ac RegisterClipboardFormatA
• 0x4a34b0 GetMessagePos
• 0x4a34b4 ScreenToClient
• 0x4a34b8 ChildWindowFromPointEx
• 0x4a34bc CopyRect
• 0x4a34c0 LoadBitmapA
• 0x4a34c4 WinHelpA
• 0x4a34c8 KillTimer
• 0x4a34cc SetTimer
• 0x4a34d0 ReleaseCapture
• 0x4a34d4 GetCapture
• 0x4a34d8 SetCapture
• 0x4a34dc GetScrollRange
• 0x4a34e0 SetScrollRange
• 0x4a34e4 SetScrollPos
• 0x4a34e8 SetRect
• 0x4a34ec InflateRect
• 0x4a34f0 IntersectRect
• 0x4a34f4 PostThreadMessageA
• 0x4a34f8 GetNextDlgGroupItem
• 0x4a34fc GetSysColorBrush
• 0x4a3500 DestroyIcon
• 0x4a3504 PtInRect
• 0x4a3508 OffsetRect
• 0x4a350c IsWindowVisible
• 0x4a3510 EnableWindow
• 0x4a3514 RedrawWindow
• 0x4a3518 GetWindowLongA
• 0x4a351c SetWindowLongA
• 0x4a3520 GetSysColor
• 0x4a3524 SetActiveWindow
• 0x4a3528 SetCursorPos
• 0x4a352c LoadCursorA
• 0x4a3530 SetCursor
• 0x4a3534 GetDC
• 0x4a3538 FillRect
• 0x4a353c IsRectEmpty
• 0x4a3540 ReleaseDC
• 0x4a3544 IsChild
• 0x4a3548 DestroyMenu
• 0x4a354c SetForegroundWindow
• 0x4a3550 GetWindowRect
• 0x4a3554 EqualRect
• 0x4a3558 UpdateWindow
• 0x4a355c ValidateRect
• 0x4a3560 InvalidateRect
• 0x4a3564 GetClientRect
• 0x4a3568 GetFocus
• 0x4a356c GetParent
• 0x4a3570 GetTopWindow
• 0x4a3574 PostMessageA
• 0x4a3578 IsWindow
• 0x4a357c SetParent
• 0x4a3580 DestroyCursor
• 0x4a3584 SendMessageA
• 0x4a3588 SetWindowPos
• 0x4a358c MessageBeep
• 0x4a3590 MessageBoxA
• 0x4a3594 GetCursorPos
• 0x4a3598 GetSystemMetrics
• 0x4a359c EmptyClipboard
• 0x4a35a0 SetClipboardData
• 0x4a35a4 OpenClipboard
• 0x4a35a8 GetClipboardData
• 0x4a35ac CloseClipboard
• 0x4a35b0 wsprintfA
• 0x4a35b4 SetRectEmpty
• 0x4a35b8 DispatchMessageA
• 0x4a35bc GetMessageA
• 0x4a35c0 WindowFromPoint
• 0x4a35c4 DrawFocusRect
• 0x4a35c8 DrawEdge
• 0x4a35cc DrawFrameControl
• 0x4a35d0 LoadIconA
• 0x4a35d4 TranslateMessage
• 0x4a35d8 CallWindowProcA
• 0x4a35dc CreateWindowExA
• 0x4a35e0 RegisterHotKey
• 0x4a35e4 UnregisterHotKey
• 0x4a35e8 GetDesktopWindow
• 0x4a35ec GetClassNameA
• 0x4a35f0 GetDlgItem
• 0x4a35f4 GetWindowTextA
• 0x4a35f8 UnregisterClassA
• 0x4a35fc GetForegroundWindow
• 0x4a3600 SetWindowRgn
• 0x4a3604 GetWindowTextLengthA
• 0x4a3608 CharUpperA
• 0x4a360c GetWindowDC
• 0x4a3610 BeginPaint
• 0x4a3614 EndPaint
• 0x4a3618 TabbedTextOutA
• 0x4a361c DrawTextA
• 0x4a3620 GrayStringA
• 0x4a3624 DestroyWindow
• 0x4a3628 CreateDialogIndirectParamA
• 0x4a362c EndDialog
• 0x4a3630 GetNextDlgTabItem
• 0x4a3634 GetWindowPlacement
• 0x4a3638 RegisterWindowMessageA
• 0x4a363c GetLastActivePopup
• 0x4a3640 GetMessageTime
• 0x4a3644 RemovePropA
• 0x4a3648 GetPropA
• 0x4a364c UnhookWindowsHookEx
• 0x4a3650 SetPropA
• 0x4a3654 GetClassLongA
• 0x4a3658 CallNextHookEx
• 0x4a365c SetWindowsHookExA
• 0x4a3660 GetMenuItemID
• 0x4a3664 GetMenuItemCount
• 0x4a3668 RegisterClassA
• 0x4a366c GetScrollPos
• 0x4a3670 AdjustWindowRectEx
• 0x4a3674 MapWindowPoints
• 0x4a3678 SendDlgItemMessageA
• 0x4a367c ScrollWindowEx
• 0x4a3680 IsDialogMessageA
• 0x4a3684 SetWindowTextA
• 0x4a3688 MoveWindow
• 0x4a368c CheckMenuItem
• 0x4a3690 SetMenuItemBitmaps
• 0x4a3694 GetMenuState
• 0x4a3698 GetMenuCheckMarkDimensions
• 0x4a369c CharNextA
• 0x4a36a0 SetWindowContextHelpId
• 0x4a36a4 MapDialogRect
• 0x4a36a8 LoadStringA
库: GDI32.dll:
• 0x4a3044 ExtSelectClipRgn
• 0x4a3048 SelectObject
• 0x4a304c GetObjectA
• 0x4a3050 CreatePen
• 0x4a3054 PatBlt
• 0x4a3058 CombineRgn
• 0x4a305c CreateRectRgn
• 0x4a3060 FillRgn
• 0x4a3064 CreateSolidBrush
• 0x4a3068 GetStockObject
• 0x4a306c CreateFontIndirectA
• 0x4a3070 EndPage
• 0x4a3074 EndDoc
• 0x4a3078 DeleteDC
• 0x4a307c StartDocA
• 0x4a3080 StartPage
• 0x4a3084 BitBlt
• 0x4a3088 CreateCompatibleDC
• 0x4a308c Ellipse
• 0x4a3090 Rectangle
• 0x4a3094 DPtoLP
• 0x4a3098 GetCurrentObject
• 0x4a309c RoundRect
• 0x4a30a0 GetTextExtentPoint32A
• 0x4a30a4 GetDeviceCaps
• 0x4a30a8 LineTo
• 0x4a30ac MoveToEx
• 0x4a30b0 ExcludeClipRect
• 0x4a30b4 GetClipBox
• 0x4a30b8 ScaleWindowExtEx
• 0x4a30bc SetWindowExtEx
• 0x4a30c0 SetWindowOrgEx
• 0x4a30c4 GetViewportExtEx
• 0x4a30c8 PtVisible
• 0x4a30cc RectVisible
• 0x4a30d0 TextOutA
• 0x4a30d4 ExtTextOutA
• 0x4a30d8 Escape
• 0x4a30dc GetTextMetricsA
• 0x4a30e0 GetMapMode
• 0x4a30e4 CreateBitmap
• 0x4a30e8 CreateDCA
• 0x4a30ec CreateCompatibleBitmap
• 0x4a30f0 GetPolyFillMode
• 0x4a30f4 GetStretchBltMode
• 0x4a30f8 GetROP2
• 0x4a30fc GetBkColor
• 0x4a3100 GetBkMode
• 0x4a3104 GetTextColor
• 0x4a3108 CreateRoundRectRgn
• 0x4a310c CreateEllipticRgn
• 0x4a3110 PathToRegion
• 0x4a3114 EndPath
• 0x4a3118 BeginPath
• 0x4a311c ScaleViewportExtEx
• 0x4a3120 SetViewportExtEx
• 0x4a3124 OffsetViewportOrgEx
• 0x4a3128 SetViewportOrgEx
• 0x4a312c SetMapMode
• 0x4a3130 SetTextColor
• 0x4a3134 SetROP2
• 0x4a3138 SetPolyFillMode
• 0x4a313c GetWindowOrgEx
• 0x4a3140 GetViewportOrgEx
• 0x4a3144 GetWindowExtEx
• 0x4a3148 GetDIBits
• 0x4a314c RealizePalette
• 0x4a3150 SelectPalette
• 0x4a3154 StretchBlt
• 0x4a3158 CreatePalette
• 0x4a315c GetSystemPaletteEntries
• 0x4a3160 CreateDIBitmap
• 0x4a3164 DeleteObject
• 0x4a3168 SelectClipRgn
• 0x4a316c CreatePolygonRgn
• 0x4a3170 GetClipRgn
• 0x4a3174 SetStretchBltMode
• 0x4a3178 CreateRectRgnIndirect
• 0x4a317c SetBkColor
• 0x4a3180 CreateFontA
• 0x4a3184 TranslateCharsetInfo
• 0x4a3188 LPtoDP
• 0x4a318c SetBkMode
• 0x4a3190 RestoreDC
• 0x4a3194 SaveDC
库: ADVAPI32.dll:
• 0x4a3000 RegOpenKeyExA
• 0x4a3004 RegSetValueExA
• 0x4a3008 RegQueryValueA
• 0x4a300c RegCreateKeyExA
• 0x4a3010 RegCloseKey
库: SHELL32.dll:
• 0x4a340c ShellExecuteA
• 0x4a3410 Shell_NotifyIconA
• 0x4a3414 DragAcceptFiles
• 0x4a3418 DragFinish
• 0x4a341c DragQueryFileA
库: ole32.dll:
• 0x4a3744 StgCreateDocfileOnILockBytes
• 0x4a3748 CreateILockBytesOnHGlobal
• 0x4a374c CoFreeUnusedLibraries
• 0x4a3750 CoRegisterMessageFilter
• 0x4a3754 CoRevokeClassObject
• 0x4a3758 OleFlushClipboard
• 0x4a375c OleIsCurrentClipboard
• 0x4a3760 StgOpenStorageOnILockBytes
• 0x4a3764 CoTaskMemFree
• 0x4a3768 CoTaskMemAlloc
• 0x4a376c CLSIDFromProgID
• 0x4a3770 CLSIDFromString
• 0x4a3774 OleUninitialize
• 0x4a3778 OleInitialize
• 0x4a377c CoGetClassObject
库: OLEAUT32.dll:
• 0x4a33b8 VariantChangeType
• 0x4a33bc VariantClear
• 0x4a33c0 SafeArrayGetUBound
• 0x4a33c4 VariantTimeToSystemTime
• 0x4a33c8 SysStringLen
• 0x4a33cc SysAllocStringLen
• 0x4a33d0 SysAllocStringByteLen
• 0x4a33d4 SafeArrayGetElemsize
• 0x4a33d8 SafeArrayGetLBound
• 0x4a33dc SafeArrayGetDim
• 0x4a33e0 SysFreeString
• 0x4a33e4 OleCreateFontIndirect
• 0x4a33e8 VariantCopy
• 0x4a33ec LoadTypeLib
• 0x4a33f0 RegisterTypeLib
• 0x4a33f4 UnRegisterTypeLib
• 0x4a33f8 SafeArrayCreate
• 0x4a33fc SysAllocString
• 0x4a3400 SafeArrayAccessData
• 0x4a3404 SafeArrayUnaccessData
库: COMCTL32.dll:
• 0x4a3018 ImageList_Add
• 0x4a301c ImageList_BeginDrag
• 0x4a3020 ImageList_Create
• 0x4a3024 ImageList_Destroy
• 0x4a3028 ImageList_DragEnter
• 0x4a302c ImageList_DragLeave
• 0x4a3030 ImageList_DragMove
• 0x4a3034 ImageList_DragShowNolock
• 0x4a3038 ImageList_EndDrag
• 0x4a303c None
库: oledlg.dll:
• 0x4a3784 None
库: comdlg32.dll:
• 0x4a3730 ChooseColorA
• 0x4a3734 GetOpenFileNameA
• 0x4a3738 GetSaveFileNameA
• 0x4a373c GetFileTitleA
.text
`.rdata
@.data
.rsrc
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
3h8fJ
8`}<j
T$hVj
T$th
|$TVj
|$LVj
|$`Vj
F<HRN
D$@Sj
L$8h
F4hRN
D$8Rj
l$<VWj
jjjjh
访问主机纪录 (可点击查询WPING实时安全评级)
无主机纪录.
TCP
无TCP连接纪录.
UDP
| 源地址 | 源端口 | 目标地址 | 目标端口 |
|---|---|---|---|
| 192.168.122.201 | 53932 | 192.168.122.1 | 53 |
| 192.168.122.201 | 58181 | 192.168.122.1 | 53 |
| 192.168.122.201 | 61698 | 192.168.122.1 | 53 |
| 192.168.122.201 | 62233 | 192.168.122.1 | 53 |
域名解析 (可点击查询WPING实时安全评级)
| 域名 | 安全评级 | 响应 |
|---|---|---|
| lao-da.cn |
TCP
无TCP连接纪录.
UDP
| 源地址 | 源端口 | 目标地址 | 目标端口 |
|---|---|---|---|
| 192.168.122.201 | 53932 | 192.168.122.1 | 53 |
| 192.168.122.201 | 58181 | 192.168.122.1 | 53 |
| 192.168.122.201 | 61698 | 192.168.122.1 | 53 |
| 192.168.122.201 | 62233 | 192.168.122.1 | 53 |
HTTP 请求
未发现HTTP请求.
SMTP 流量
无SMTP流量.
IRC 流量
无IRC请求.
ICMP 流量
无ICMP流量.
CIF 报告
无 CIF 结果
网络警报
无警报
TLS
No TLS
Suricata HTTP
No Suricata HTTP
未发现网络提取文件
抱歉! 没有任何文件投放。
没有发现相似的分析.
| HTML 总结报告 (需15-60分钟同步) |
下载 |
|---|
Processing ( 56.176 seconds )
- 18.378 NetworkAnalysis
- 16.454 Suricata
- 12.065 BehaviorAnalysis
- 5.433 Static
- 1.997 TargetInfo
- 1.311 VirusTotal
- 0.457 peid
- 0.06 AnalysisInfo
- 0.014 Strings
- 0.004 config_decoder
- 0.003 Memory
Signatures ( 5.478 seconds )
- 0.763 api_spamming
- 0.615 stealth_timeout
- 0.554 process_interest
- 0.524 stealth_decoy_document
- 0.509 injection_createremotethread
- 0.394 md_bad_drop
- 0.361 injection_runpe
- 0.341 vawtrak_behavior
- 0.244 process_needed
- 0.206 antidbg_windows
- 0.159 antiav_detectreg
- 0.061 infostealer_ftp
- 0.056 antivm_vbox_window
- 0.046 browser_needed
- 0.044 antisandbox_script_timer
- 0.032 antianalysis_detectreg
- 0.032 infostealer_im
- 0.03 stealth_file
- 0.03 injection_explorer
- 0.024 antivm_generic_scsi
- 0.021 mimics_filetime
- 0.021 infostealer_mail
- 0.021 md_domain_bl
- 0.019 antiav_detectfile
- 0.018 antivm_generic_services
- 0.018 reads_self
- 0.018 md_url_bl
- 0.017 virus
- 0.016 antivm_generic_disk
- 0.016 anormaly_invoke_kills
- 0.014 bootkit
- 0.013 ransomware_extensions
- 0.012 hancitor_behavior
- 0.011 infostealer_bitcoin
- 0.011 ransomware_files
- 0.008 antivm_vbox_libs
- 0.008 anomaly_persistence_autorun
- 0.008 kibex_behavior
- 0.008 kovter_behavior
- 0.008 antivm_xen_keys
- 0.008 geodo_banking_trojan
- 0.007 antiemu_wine_func
- 0.007 betabot_behavior
- 0.007 antivm_parallels_keys
- 0.007 darkcomet_regkeys
- 0.006 infostealer_browser_password
- 0.006 antivm_vbox_files
- 0.005 antivm_generic_diskreg
- 0.005 recon_fingerprint
- 0.004 dridex_behavior
- 0.004 exec_crash
- 0.004 maldun_suspicious
- 0.004 disables_browser_warn
- 0.004 network_torgateway
- 0.004 packer_armadillo_regkey
- 0.003 tinba_behavior
- 0.003 rat_nanocore
- 0.003 antiav_avast_libs
- 0.003 heapspray_js
- 0.003 antisandbox_sunbelt_libs
- 0.003 antisandbox_productid
- 0.002 network_tor
- 0.002 antivm_vmware_libs
- 0.002 virtualcheck_js
- 0.002 antisandbox_sboxie_libs
- 0.002 antiav_bitdefender_libs
- 0.002 shifu_behavior
- 0.002 cerber_behavior
- 0.002 bypass_firewall
- 0.002 antidbg_devices
- 0.002 antivm_xen_keys
- 0.002 antivm_hyperv_keys
- 0.002 antivm_vbox_acpi
- 0.002 antivm_vbox_keys
- 0.002 antivm_vmware_keys
- 0.002 antivm_vpc_keys
- 0.002 browser_security
- 0.002 modify_proxy
- 0.002 rat_pcclient
- 0.002 recon_programs
- 0.002 stealth_modify_uac_prompt
- 0.001 malicious_write_executeable_under_temp_to_regrun
- 0.001 hawkeye_behavior
- 0.001 sets_autoconfig_url
- 0.001 ursnif_behavior
- 0.001 kazybot_behavior
- 0.001 silverlight_js
- 0.001 antianalysis_detectfile
- 0.001 antivm_generic_bios
- 0.001 antivm_generic_cpu
- 0.001 antivm_generic_system
- 0.001 antivm_vmware_files
- 0.001 banker_zeus_mutex
- 0.001 bot_drive
- 0.001 bot_drive2
- 0.001 browser_addon
- 0.001 disables_system_restore
- 0.001 disables_windows_defender
- 0.001 codelux_behavior
- 0.001 malicious_drop_executable_file_to_temp_folder
- 0.001 malicous_targeted_flame
- 0.001 office_security
- 0.001 ransomware_radamant
- 0.001 rat_spynet
- 0.001 stealth_hiddenreg
- 0.001 stealth_hide_notifications
- 0.001 stealth_modify_security_center_warnings
- 0.001 stealth_web_history
Reporting ( 1.264 seconds )
- 0.982 ReportHTMLSummary
- 0.282 Malheur
| Task ID | 282068 |
|---|---|
| Mongo ID | 5cbfdf352f8f2e0443a9cf99 |
| Cuckoo release | 1.4-Maldun |
沪公网安备 31011502009736号