比较分析...

分析任务

分析类型 虚拟机标签 开始时间 结束时间 持续时间
文件 (Windows) win7-sp1-x64-hpdapp01-2 2019-08-08 15:38:40 2019-08-08 15:41:14 154 秒

魔盾分数

5.8

可疑的

文件详细信息

文件名 猎杀专员.exe
文件大小 1978368 字节
文件类型 PE32 executable (GUI) Intel 80386, for MS Windows
MD5 5b7993e3be6f7f5f8b8b984331a43f6d
SHA1 389ea60bbbe648684be0f5d14a788e6f3d83f242
SHA256 0095214e421cb6db98a95292bb62b5959df4b93e558a69f357ddfdf6fc637ae1
SHA512 f027cd8bbb3b4cc14cb10ee7baf27953be0d98e8c3e0599814db3941ec48d24d56be98b0f64083ee831e61095eaab8c3721602c80297338668434a3507df4261
CRC32 ABD66475
Ssdeep 24576:XTuS/nPZsyphlSLzNfOMaF7ETZaqdiXSp0c02uFG6dAk3HMf7fMexmO:XiSJsYOfNWMDTZaqdwk0c05HGia
Yara 登录查看Yara规则
样本下载 提交漏报
登录查看威胁特征

运行截图

访问主机纪录 (可点击查询WPING实时安全评级)

直接 IP 安全评级 地理位置
114.80.24.200 中国
114.80.24.201 中国
119.3.65.116 香港
120.92.174.135 中国
150.138.97.253 中国

域名解析 (可点击查询WPING实时安全评级)

域名 安全评级 响应
space.bilibili.com A 120.92.174.135
CNAME interface.biliapi.com
A 119.3.65.116
at.alicdn.com CNAME at.alicdn.com.danuoyi.alicdn.com
A 150.138.97.253
A 150.138.97.254
A 183.136.135.241
A 183.136.135.242
s1.hdslb.com 未知 CNAME bstatic.hdslb.com
CNAME s1.hdslb.com.w.kunlunar.com
A 114.80.24.197
A 114.80.24.198
A 114.80.24.202
A 114.80.24.199
A 114.80.24.203
A 114.80.24.200
A 114.80.24.201
A 114.80.24.196

摘要

登录查看详细行为信息

PE 信息

初始地址 0x00400000
入口地址 0x00466bff
声明校验值 0x00000000
实际校验值 0x001e818a
最低操作系统版本要求 4.0
编译时间 2019-04-08 18:44:50
载入哈希 4fb9dd0d24b2fd41c253bac48ef1a907

版本信息

LegalCopyright
FileVersion
CompanyName
Comments
ProductName
ProductVersion
FileDescription
Translation

PE 数据组成

名称 虚拟地址 虚拟大小 原始数据大小 特征 熵(Entropy)
.text 0x00001000 0x00084fae 0x00085000 IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 6.56
.rdata 0x00086000 0x001036c6 0x00104000 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 7.87
.data 0x0018a000 0x0002ec48 0x00012000 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 5.06
.rsrc 0x001b9000 0x00046e58 0x00047000 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 4.61

导入

库: KERNEL32.dll:
0x486198 GlobalLock
0x48619c GlobalAlloc
0x4861a0 Sleep
0x4861a4 CreateEventA
0x4861a8 CreateThread
0x4861b0 SetStdHandle
0x4861b4 GlobalUnlock
0x4861b8 IsBadCodePtr
0x4861bc IsBadReadPtr
0x4861c0 CompareStringW
0x4861c4 CompareStringA
0x4861cc GetStringTypeW
0x4861d0 GetStringTypeA
0x4861d4 IsBadWritePtr
0x4861d8 VirtualAlloc
0x4861dc LCMapStringW
0x4861e0 LCMapStringA
0x4861e8 VirtualFree
0x4861ec HeapCreate
0x4861f0 HeapDestroy
0x4861f8 GetFileType
0x4861fc GetStdHandle
0x486200 SetHandleCount
0x486218 GetACP
0x48621c HeapSize
0x486220 TerminateProcess
0x486224 GetLocalTime
0x486228 GetSystemTime
0x48622c GetCurrentProcess
0x486230 DuplicateHandle
0x486234 lstrcpynA
0x486238 SetLastError
0x486244 LocalFree
0x486248 MultiByteToWideChar
0x48624c WideCharToMultiByte
0x486254 CreateSemaphoreA
0x486258 ResumeThread
0x48625c ReleaseSemaphore
0x486268 GetProfileStringA
0x48626c WriteFile
0x486270 ReadFile
0x486274 GetLastError
0x48627c CreateFileA
0x486280 SetEvent
0x486284 FindResourceA
0x486288 LoadResource
0x48628c LockResource
0x486290 GetModuleFileNameA
0x486294 GetCurrentThreadId
0x486298 ExitProcess
0x48629c GlobalSize
0x4862a0 GlobalFree
0x4862ac lstrcatA
0x4862b0 lstrlenA
0x4862b4 WinExec
0x4862b8 lstrcpyA
0x4862bc FindNextFileA
0x4862c0 GlobalReAlloc
0x4862c4 HeapFree
0x4862c8 HeapReAlloc
0x4862cc GetProcessHeap
0x4862d0 HeapAlloc
0x4862d4 GetFullPathNameA
0x4862d8 FreeLibrary
0x4862dc LoadLibraryA
0x4862e0 GetVersionExA
0x4862e8 RaiseException
0x4862ec RtlUnwind
0x4862f0 GetStartupInfoA
0x4862f4 GetOEMCP
0x4862f8 GetCPInfo
0x4862fc GetProcessVersion
0x486300 SetErrorMode
0x486304 GlobalFlags
0x486308 GetCurrentThread
0x48630c GetFileTime
0x486310 GetFileSize
0x486314 TlsGetValue
0x486318 LocalReAlloc
0x48631c TlsSetValue
0x486320 TlsFree
0x486324 GlobalHandle
0x486328 TlsAlloc
0x48632c LocalAlloc
0x486330 lstrcmpA
0x486334 GetVersion
0x486338 FindFirstFileA
0x48633c FindClose
0x486340 SetFileAttributesA
0x486344 GetFileAttributesA
0x486348 GlobalGetAtomNameA
0x48634c GlobalAddAtomA
0x486350 GlobalFindAtomA
0x486354 GlobalDeleteAtom
0x486358 lstrcmpiA
0x48635c SetEndOfFile
0x486360 UnlockFile
0x486364 LockFile
0x486368 FlushFileBuffers
0x48636c SetFilePointer
0x486378 GetModuleHandleA
0x48637c GetProcAddress
0x486380 MulDiv
0x486384 GetCommandLineA
0x486388 GetTickCount
0x48638c WaitForSingleObject
0x486390 CloseHandle
库: USER32.dll:
0x4863c4 EmptyClipboard
0x4863c8 GetSystemMetrics
0x4863cc GetCursorPos
0x4863d0 MessageBoxA
0x4863d4 SetWindowPos
0x4863d8 SendMessageA
0x4863dc DestroyCursor
0x4863e0 SetParent
0x4863e4 IsWindow
0x4863e8 SetClipboardData
0x4863ec GetTopWindow
0x4863f0 GetParent
0x4863f4 GetFocus
0x4863f8 GetClientRect
0x4863fc InvalidateRect
0x486400 ValidateRect
0x486404 UpdateWindow
0x486408 OpenClipboard
0x48640c EqualRect
0x486410 GetWindowRect
0x486414 SetForegroundWindow
0x486418 DestroyMenu
0x48641c GetClipboardData
0x486420 CloseClipboard
0x486424 wsprintfA
0x486428 PostMessageA
0x48642c IsChild
0x486430 ReleaseDC
0x486434 IsRectEmpty
0x486438 FillRect
0x48643c GetDC
0x486440 SetCursor
0x486444 LoadCursorA
0x486448 SetCursorPos
0x48644c SetActiveWindow
0x486450 GetSysColor
0x486454 SetWindowLongA
0x486458 GetWindowLongA
0x48645c RedrawWindow
0x486460 EnableWindow
0x486464 IsWindowVisible
0x486468 OffsetRect
0x48646c PtInRect
0x486470 DestroyIcon
0x486474 IntersectRect
0x486478 InflateRect
0x48647c SetRect
0x486480 SetScrollPos
0x486484 SetScrollRange
0x486488 GetScrollRange
0x48648c SetCapture
0x486490 GetCapture
0x486494 UnregisterHotKey
0x486498 RegisterHotKey
0x48649c CreateWindowExA
0x4864a0 CallWindowProcA
0x4864a4 LoadIconA
0x4864a8 TranslateMessage
0x4864ac DrawFrameControl
0x4864b0 DrawEdge
0x4864b4 DrawFocusRect
0x4864b8 WindowFromPoint
0x4864bc GetMessageA
0x4864c0 DispatchMessageA
0x4864c4 SetRectEmpty
0x4864d4 DrawIconEx
0x4864d8 CreatePopupMenu
0x4864dc AppendMenuA
0x4864e0 ModifyMenuA
0x4864e4 CreateMenu
0x4864ec GetDlgCtrlID
0x4864f0 GetSubMenu
0x4864f4 EnableMenuItem
0x4864f8 ClientToScreen
0x486500 LoadImageA
0x486508 ShowWindow
0x48650c IsWindowEnabled
0x486514 GetKeyState
0x48651c PostQuitMessage
0x486520 IsZoomed
0x486524 GetClassInfoA
0x486528 GetWindowTextA
0x486530 CharUpperA
0x486534 GetWindowDC
0x486538 BeginPaint
0x48653c EndPaint
0x486540 TabbedTextOutA
0x486544 DrawTextA
0x486548 GrayStringA
0x48654c GetDlgItem
0x486550 DestroyWindow
0x486558 EndDialog
0x48655c GetNextDlgTabItem
0x486560 GetWindowPlacement
0x486568 GetForegroundWindow
0x48656c GetLastActivePopup
0x486570 GetMessageTime
0x486574 RemovePropA
0x486578 GetPropA
0x48657c UnhookWindowsHookEx
0x486580 SetPropA
0x486584 GetClassLongA
0x486588 CallNextHookEx
0x48658c SetWindowsHookExA
0x486590 GetMenuItemID
0x486594 GetMenuItemCount
0x486598 RegisterClassA
0x48659c GetScrollPos
0x4865a0 UnregisterClassA
0x4865a4 AdjustWindowRectEx
0x4865a8 MapWindowPoints
0x4865ac SendDlgItemMessageA
0x4865b0 ScrollWindowEx
0x4865b4 IsDialogMessageA
0x4865b8 SetWindowTextA
0x4865bc MoveWindow
0x4865c0 CheckMenuItem
0x4865c4 SetMenuItemBitmaps
0x4865c8 GetMenuState
0x4865d0 GetClassNameA
0x4865d4 GetDesktopWindow
0x4865d8 LoadStringA
0x4865dc GetSysColorBrush
0x4865e0 DefWindowProcA
0x4865e4 GetSystemMenu
0x4865e8 DeleteMenu
0x4865ec GetMenu
0x4865f0 SetMenu
0x4865f4 PeekMessageA
0x4865f8 IsIconic
0x4865fc SetFocus
0x486600 GetActiveWindow
0x486604 GetWindow
0x48660c SetWindowRgn
0x486610 GetMessagePos
0x486614 ScreenToClient
0x48661c CopyRect
0x486620 LoadBitmapA
0x486624 WinHelpA
0x486628 KillTimer
0x48662c SetTimer
0x486630 ReleaseCapture
库: GDI32.dll:
0x486044 SetWindowOrgEx
0x48604c CreateFontA
0x486050 SetBkColor
0x486058 SetStretchBltMode
0x48605c GetClipRgn
0x486060 CreatePolygonRgn
0x486064 SelectClipRgn
0x486068 DeleteObject
0x48606c CreateDIBitmap
0x486074 CreatePalette
0x486078 StretchBlt
0x48607c SelectPalette
0x486080 RealizePalette
0x486084 GetDIBits
0x486088 GetWindowExtEx
0x48608c GetViewportOrgEx
0x486090 GetWindowOrgEx
0x486094 BeginPath
0x486098 EndPath
0x48609c PathToRegion
0x4860a0 CreateEllipticRgn
0x4860a4 CreateRoundRectRgn
0x4860a8 GetTextColor
0x4860ac GetBkMode
0x4860b0 GetBkColor
0x4860b4 GetROP2
0x4860b8 GetStretchBltMode
0x4860bc GetPolyFillMode
0x4860c4 CreateDCA
0x4860c8 CreateBitmap
0x4860cc SelectObject
0x4860d0 GetObjectA
0x4860d4 CreatePen
0x4860d8 PatBlt
0x4860dc CombineRgn
0x4860e0 CreateRectRgn
0x4860e4 FillRgn
0x4860e8 CreateSolidBrush
0x4860ec GetStockObject
0x4860f0 CreateFontIndirectA
0x4860f4 EndPage
0x4860f8 EndDoc
0x4860fc DeleteDC
0x486100 StartDocA
0x486104 StartPage
0x486108 BitBlt
0x48610c CreateCompatibleDC
0x486110 Ellipse
0x486114 Rectangle
0x486118 LPtoDP
0x48611c DPtoLP
0x486120 GetCurrentObject
0x486124 RoundRect
0x48612c GetDeviceCaps
0x486130 SaveDC
0x486134 RestoreDC
0x486138 SetBkMode
0x48613c SetPolyFillMode
0x486140 SetROP2
0x486144 SetTextColor
0x486148 SetMapMode
0x48614c SetViewportOrgEx
0x486150 OffsetViewportOrgEx
0x486154 SetViewportExtEx
0x486158 ScaleViewportExtEx
0x48615c GetTextMetricsA
0x486160 Escape
0x486164 ExtTextOutA
0x486168 TextOutA
0x48616c RectVisible
0x486170 PtVisible
0x486174 GetViewportExtEx
0x486178 ExtSelectClipRgn
0x48617c LineTo
0x486180 MoveToEx
0x486184 ExcludeClipRect
0x486188 GetClipBox
0x48618c ScaleWindowExtEx
0x486190 SetWindowExtEx
库: WINMM.dll:
0x486638 midiStreamRestart
0x48663c midiStreamClose
0x486640 midiOutReset
0x486644 midiStreamStop
0x486648 midiStreamOut
0x486650 midiStreamProperty
0x486654 midiStreamOpen
0x48665c waveOutOpen
0x486660 waveOutGetNumDevs
0x486664 waveOutClose
0x486668 waveOutReset
0x48666c waveOutPause
0x486670 waveOutWrite
库: WINSPOOL.DRV:
0x486680 ClosePrinter
0x486684 DocumentPropertiesA
0x486688 OpenPrinterA
库: ADVAPI32.dll:
0x486000 RegCreateKeyExA
0x486004 RegCloseKey
0x486008 RegOpenKeyExA
0x48600c RegSetValueExA
0x486010 RegQueryValueA
库: SHELL32.dll:
0x4863ac ShellExecuteA
0x4863b0 DragAcceptFiles
0x4863b4 DragFinish
0x4863b8 DragQueryFileA
0x4863bc Shell_NotifyIconA
库: ole32.dll:
0x4866cc OleUninitialize
0x4866d0 OleInitialize
0x4866d4 CLSIDFromString
库: OLEAUT32.dll:
0x48639c RegisterTypeLib
0x4863a0 LoadTypeLib
0x4863a4 UnRegisterTypeLib
库: COMCTL32.dll:
0x486018 ImageList_EndDrag
0x486020 ImageList_DragMove
0x486024 ImageList_DragLeave
0x486028 ImageList_DragEnter
0x48602c ImageList_Destroy
0x486030 ImageList_Create
0x486034 ImageList_BeginDrag
0x486038 ImageList_Add
0x48603c None
库: WS2_32.dll:
0x486690 recvfrom
0x486694 ioctlsocket
0x486698 recv
0x48669c getpeername
0x4866a0 accept
0x4866a4 WSAAsyncSelect
0x4866a8 closesocket
0x4866ac WSACleanup
0x4866b0 inet_ntoa
库: comdlg32.dll:
0x4866b8 GetFileTitleA
0x4866bc GetSaveFileNameA
0x4866c0 GetOpenFileNameA
0x4866c4 ChooseColorA
.text
`.rdata
@.data
.rsrc
8`}<j
DRQPj
T$|Vj
T$th
|$TVj
|$|Vj
T$\Vj
D$@Sj
L$8h
D$8Rj
l$<VWj
T$ Rj
L$4S+L$0Qj
没有防病毒引擎扫描信息!

进程树

____________.exe, PID: 2656, 上一级进程 PID: 2292
iexplore.exe, PID: 2768, 上一级进程 PID: 2656
iexplore.exe, PID: 2972, 上一级进程 PID: 2656
iexplore.exe, PID: 2516, 上一级进程 PID: 2656
iexplore.exe, PID: 724, 上一级进程 PID: 2656
iexplore.exe, PID: 2644, 上一级进程 PID: 2656
iexplore.exe, PID: 1336, 上一级进程 PID: 2656
iexplore.exe, PID: 2728, 上一级进程 PID: 2656
iexplore.exe, PID: 252, 上一级进程 PID: 2656
iexplore.exe, PID: 536, 上一级进程 PID: 2656
iexplore.exe, PID: 2512, 上一级进程 PID: 2656
iexplore.exe, PID: 2692, 上一级进程 PID: 2656
下载PCAP包

访问主机纪录 (可点击查询WPING实时安全评级)

直接 IP 安全评级 地理位置
114.80.24.200 中国
114.80.24.201 中国
119.3.65.116 香港
120.92.174.135 中国
150.138.97.253 中国

TCP

源地址 源端口 目标地址 目标端口
192.168.122.202 49164 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49165 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49166 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49167 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49168 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49169 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49170 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49171 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49176 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49177 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49178 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49179 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49180 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49181 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49182 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49183 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49184 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49185 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49191 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49192 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49193 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49194 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49195 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49198 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49199 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49210 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49211 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49214 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49215 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49216 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49217 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49218 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49219 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49220 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49221 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49223 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49224 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49225 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49226 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49227 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49228 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49229 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49230 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49231 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49232 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49233 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49234 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49235 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49236 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49237 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49204 119.3.65.116 space.bilibili.com 443
192.168.122.202 49205 119.3.65.116 space.bilibili.com 443
192.168.122.202 49206 119.3.65.116 space.bilibili.com 443
192.168.122.202 49243 119.3.65.116 space.bilibili.com 443
192.168.122.202 49245 119.3.65.116 space.bilibili.com 443
192.168.122.202 49161 120.92.174.135 space.bilibili.com 443
192.168.122.202 49173 120.92.174.135 space.bilibili.com 443
192.168.122.202 49188 120.92.174.135 space.bilibili.com 443
192.168.122.202 49189 120.92.174.135 space.bilibili.com 443
192.168.122.202 49190 120.92.174.135 space.bilibili.com 443
192.168.122.202 49197 120.92.174.135 space.bilibili.com 443
192.168.122.202 49241 120.92.174.135 space.bilibili.com 443
192.168.122.202 49162 150.138.97.253 at.alicdn.com 443
192.168.122.202 49163 150.138.97.253 at.alicdn.com 443
192.168.122.202 49174 150.138.97.253 at.alicdn.com 443
192.168.122.202 49175 150.138.97.253 at.alicdn.com 443
192.168.122.202 49208 150.138.97.253 at.alicdn.com 443
192.168.122.202 49209 150.138.97.253 at.alicdn.com 443
192.168.122.202 49212 150.138.97.253 at.alicdn.com 443
192.168.122.202 49213 150.138.97.253 at.alicdn.com 443

UDP

源地址 源端口 目标地址 目标端口
192.168.122.202 51964 192.168.122.1 53
192.168.122.202 55285 192.168.122.1 53
192.168.122.202 58228 192.168.122.1 53
192.168.122.202 63408 192.168.122.1 53
192.168.122.202 64955 192.168.122.1 53

域名解析 (可点击查询WPING实时安全评级)

域名 安全评级 响应
space.bilibili.com A 120.92.174.135
CNAME interface.biliapi.com
A 119.3.65.116
at.alicdn.com CNAME at.alicdn.com.danuoyi.alicdn.com
A 150.138.97.253
A 150.138.97.254
A 183.136.135.241
A 183.136.135.242
s1.hdslb.com 未知 CNAME bstatic.hdslb.com
CNAME s1.hdslb.com.w.kunlunar.com
A 114.80.24.197
A 114.80.24.198
A 114.80.24.202
A 114.80.24.199
A 114.80.24.203
A 114.80.24.200
A 114.80.24.201
A 114.80.24.196

TCP

源地址 源端口 目标地址 目标端口
192.168.122.202 49164 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49165 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49166 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49167 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49168 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49169 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49170 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49171 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49176 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49177 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49178 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49179 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49180 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49181 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49182 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49183 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49184 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49185 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49191 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49192 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49193 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49194 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49195 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49198 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49199 114.80.24.200 s1.hdslb.com 443
192.168.122.202 49210 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49211 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49214 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49215 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49216 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49217 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49218 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49219 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49220 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49221 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49223 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49224 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49225 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49226 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49227 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49228 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49229 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49230 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49231 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49232 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49233 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49234 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49235 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49236 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49237 114.80.24.201 s1.hdslb.com 443
192.168.122.202 49204 119.3.65.116 space.bilibili.com 443
192.168.122.202 49205 119.3.65.116 space.bilibili.com 443
192.168.122.202 49206 119.3.65.116 space.bilibili.com 443
192.168.122.202 49243 119.3.65.116 space.bilibili.com 443
192.168.122.202 49245 119.3.65.116 space.bilibili.com 443
192.168.122.202 49161 120.92.174.135 space.bilibili.com 443
192.168.122.202 49173 120.92.174.135 space.bilibili.com 443
192.168.122.202 49188 120.92.174.135 space.bilibili.com 443
192.168.122.202 49189 120.92.174.135 space.bilibili.com 443
192.168.122.202 49190 120.92.174.135 space.bilibili.com 443
192.168.122.202 49197 120.92.174.135 space.bilibili.com 443
192.168.122.202 49241 120.92.174.135 space.bilibili.com 443
192.168.122.202 49162 150.138.97.253 at.alicdn.com 443
192.168.122.202 49163 150.138.97.253 at.alicdn.com 443
192.168.122.202 49174 150.138.97.253 at.alicdn.com 443
192.168.122.202 49175 150.138.97.253 at.alicdn.com 443
192.168.122.202 49208 150.138.97.253 at.alicdn.com 443
192.168.122.202 49209 150.138.97.253 at.alicdn.com 443
192.168.122.202 49212 150.138.97.253 at.alicdn.com 443
192.168.122.202 49213 150.138.97.253 at.alicdn.com 443

UDP

源地址 源端口 目标地址 目标端口
192.168.122.202 51964 192.168.122.1 53
192.168.122.202 55285 192.168.122.1 53
192.168.122.202 58228 192.168.122.1 53
192.168.122.202 63408 192.168.122.1 53
192.168.122.202 64955 192.168.122.1 53

HTTP 请求

未发现HTTP请求.

SMTP 流量

无SMTP流量.

IRC 流量

无IRC请求.

ICMP 流量

无ICMP流量.

CIF 报告

无 CIF 结果

网络警报

无警报

TLS

Timestamp Source IP Source Port Destination IP Destination Port Version Issuer Subject Fingerprint
2019-08-08 15:39:30.515083+0800 192.168.122.202 49161 120.92.174.135 443 TLS 1.2 C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 C=CN, ST=上海, L=上海, O=上海幻电信息科技有限公司, CN=*.bilibili.com 8f:52:9b:25:96:c7:16:25:4b:74:43:af:45:45:24:b7:6a:58:38:3a
2019-08-08 15:39:31.753722+0800 192.168.122.202 49163 150.138.97.253 443 TLS 1.2 C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.alicdn.com 01:af:58:f7:9a:f4:0a:47:9b:01:ab:b7:d4:66:57:9e:f2:d7:56:bd
2019-08-08 15:39:31.832186+0800 192.168.122.202 49166 114.80.24.200 443 TLS 1.2 C=CN, O=TrustAsia Technologies, Inc., CN=TrustAsia OV TLS Pro CA C=CN, L=上海, O=上海幻电信息科技有限公司, OU=运维部, CN=*.hdslb.com 95:85:38:b2:53:c3:ea:1f:45:e7:d7:8a:79:75:6c:47:91:1a:57:aa
2019-08-08 15:39:31.848506+0800 192.168.122.202 49164 114.80.24.200 443 TLS 1.2 C=CN, O=TrustAsia Technologies, Inc., CN=TrustAsia OV TLS Pro CA C=CN, L=上海, O=上海幻电信息科技有限公司, OU=运维部, CN=*.hdslb.com 95:85:38:b2:53:c3:ea:1f:45:e7:d7:8a:79:75:6c:47:91:1a:57:aa
2019-08-08 15:39:31.861364+0800 192.168.122.202 49165 114.80.24.200 443 TLS 1.2 C=CN, O=TrustAsia Technologies, Inc., CN=TrustAsia OV TLS Pro CA C=CN, L=上海, O=上海幻电信息科技有限公司, OU=运维部, CN=*.hdslb.com 95:85:38:b2:53:c3:ea:1f:45:e7:d7:8a:79:75:6c:47:91:1a:57:aa
2019-08-08 15:39:31.872932+0800 192.168.122.202 49169 114.80.24.200 443 TLS 1.2 C=CN, O=TrustAsia Technologies, Inc., CN=TrustAsia OV TLS Pro CA C=CN, L=上海, O=上海幻电信息科技有限公司, OU=运维部, CN=*.hdslb.com 95:85:38:b2:53:c3:ea:1f:45:e7:d7:8a:79:75:6c:47:91:1a:57:aa
2019-08-08 15:39:31.885541+0800 192.168.122.202 49168 114.80.24.200 443 TLS 1.2 C=CN, O=TrustAsia Technologies, Inc., CN=TrustAsia OV TLS Pro CA C=CN, L=上海, O=上海幻电信息科技有限公司, OU=运维部, CN=*.hdslb.com 95:85:38:b2:53:c3:ea:1f:45:e7:d7:8a:79:75:6c:47:91:1a:57:aa
2019-08-08 15:39:31.915535+0800 192.168.122.202 49167 114.80.24.200 443 TLS 1.2 C=CN, O=TrustAsia Technologies, Inc., CN=TrustAsia OV TLS Pro CA C=CN, L=上海, O=上海幻电信息科技有限公司, OU=运维部, CN=*.hdslb.com 95:85:38:b2:53:c3:ea:1f:45:e7:d7:8a:79:75:6c:47:91:1a:57:aa
2019-08-08 15:39:31.934998+0800 192.168.122.202 49162 150.138.97.253 443 TLS 1.2 C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.alicdn.com 01:af:58:f7:9a:f4:0a:47:9b:01:ab:b7:d4:66:57:9e:f2:d7:56:bd
2019-08-08 15:39:31.995356+0800 192.168.122.202 49170 114.80.24.200 443 TLS 1.2 C=CN, O=TrustAsia Technologies, Inc., CN=TrustAsia OV TLS Pro CA C=CN, L=上海, O=上海幻电信息科技有限公司, OU=运维部, CN=*.hdslb.com 95:85:38:b2:53:c3:ea:1f:45:e7:d7:8a:79:75:6c:47:91:1a:57:aa
2019-08-08 15:39:33.324226+0800 192.168.122.202 49176 114.80.24.200 443 TLS 1.2 C=CN, O=TrustAsia Technologies, Inc., CN=TrustAsia OV TLS Pro CA C=CN, L=上海, O=上海幻电信息科技有限公司, OU=运维部, CN=*.hdslb.com 95:85:38:b2:53:c3:ea:1f:45:e7:d7:8a:79:75:6c:47:91:1a:57:aa
2019-08-08 15:39:33.328247+0800 192.168.122.202 49175 150.138.97.253 443 TLS 1.2 C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.alicdn.com 01:af:58:f7:9a:f4:0a:47:9b:01:ab:b7:d4:66:57:9e:f2:d7:56:bd
2019-08-08 15:39:33.203561+0800 192.168.122.202 49173 120.92.174.135 443 TLS 1.2 C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 C=CN, ST=上海, L=上海, O=上海幻电信息科技有限公司, CN=*.bilibili.com 8f:52:9b:25:96:c7:16:25:4b:74:43:af:45:45:24:b7:6a:58:38:3a
2019-08-08 15:39:33.309412+0800 192.168.122.202 49177 114.80.24.200 443 TLS 1.2 C=CN, O=TrustAsia Technologies, Inc., CN=TrustAsia OV TLS Pro CA C=CN, L=上海, O=上海幻电信息科技有限公司, OU=运维部, CN=*.hdslb.com 95:85:38:b2:53:c3:ea:1f:45:e7:d7:8a:79:75:6c:47:91:1a:57:aa
2019-08-08 15:39:33.310328+0800 192.168.122.202 49178 114.80.24.200 443 TLS 1.2 C=CN, O=TrustAsia Technologies, Inc., CN=TrustAsia OV TLS Pro CA C=CN, L=上海, O=上海幻电信息科技有限公司, OU=运维部, CN=*.hdslb.com 95:85:38:b2:53:c3:ea:1f:45:e7:d7:8a:79:75:6c:47:91:1a:57:aa
2019-08-08 15:39:33.346583+0800 192.168.122.202 49174 150.138.97.253 443 TLS 1.2 C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.alicdn.com 01:af:58:f7:9a:f4:0a:47:9b:01:ab:b7:d4:66:57:9e:f2:d7:56:bd
2019-08-08 15:39:43.128360+0800 192.168.122.202 49188 120.92.174.135 443 TLS 1.2 C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 C=CN, ST=上海, L=上海, O=上海幻电信息科技有限公司, CN=*.bilibili.com 8f:52:9b:25:96:c7:16:25:4b:74:43:af:45:45:24:b7:6a:58:38:3a
2019-08-08 15:39:43.140439+0800 192.168.122.202 49190 120.92.174.135 443 TLS 1.2 C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 C=CN, ST=上海, L=上海, O=上海幻电信息科技有限公司, CN=*.bilibili.com 8f:52:9b:25:96:c7:16:25:4b:74:43:af:45:45:24:b7:6a:58:38:3a
2019-08-08 15:39:43.156051+0800 192.168.122.202 49189 120.92.174.135 443 TLS 1.2 C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 C=CN, ST=上海, L=上海, O=上海幻电信息科技有限公司, CN=*.bilibili.com 8f:52:9b:25:96:c7:16:25:4b:74:43:af:45:45:24:b7:6a:58:38:3a
2019-08-08 15:39:45.157815+0800 192.168.122.202 49197 120.92.174.135 443 TLS 1.2 C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 C=CN, ST=上海, L=上海, O=上海幻电信息科技有限公司, CN=*.bilibili.com 8f:52:9b:25:96:c7:16:25:4b:74:43:af:45:45:24:b7:6a:58:38:3a
2019-08-08 15:40:09.471610+0800 192.168.122.202 49205 119.3.65.116 443 TLS 1.2 C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 C=CN, ST=上海, L=上海, O=上海幻电信息科技有限公司, CN=*.bilibili.com 8f:52:9b:25:96:c7:16:25:4b:74:43:af:45:45:24:b7:6a:58:38:3a
2019-08-08 15:40:09.483514+0800 192.168.122.202 49204 119.3.65.116 443 TLS 1.2 C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 C=CN, ST=上海, L=上海, O=上海幻电信息科技有限公司, CN=*.bilibili.com 8f:52:9b:25:96:c7:16:25:4b:74:43:af:45:45:24:b7:6a:58:38:3a
2019-08-08 15:40:09.474388+0800 192.168.122.202 49206 119.3.65.116 443 TLS 1.2 C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 C=CN, ST=上海, L=上海, O=上海幻电信息科技有限公司, CN=*.bilibili.com 8f:52:9b:25:96:c7:16:25:4b:74:43:af:45:45:24:b7:6a:58:38:3a
2019-08-08 15:40:10.394259+0800 192.168.122.202 49209 150.138.97.253 443 TLS 1.2 C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.alicdn.com 01:af:58:f7:9a:f4:0a:47:9b:01:ab:b7:d4:66:57:9e:f2:d7:56:bd
2019-08-08 15:40:10.480527+0800 192.168.122.202 49211 114.80.24.201 443 TLS 1.2 C=CN, O=TrustAsia Technologies, Inc., CN=TrustAsia OV TLS Pro CA C=CN, L=上海, O=上海幻电信息科技有限公司, OU=运维部, CN=*.hdslb.com 95:85:38:b2:53:c3:ea:1f:45:e7:d7:8a:79:75:6c:47:91:1a:57:aa
2019-08-08 15:40:10.401072+0800 192.168.122.202 49208 150.138.97.253 443 TLS 1.2 C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.alicdn.com 01:af:58:f7:9a:f4:0a:47:9b:01:ab:b7:d4:66:57:9e:f2:d7:56:bd
2019-08-08 15:40:10.485500+0800 192.168.122.202 49210 114.80.24.201 443 TLS 1.2 C=CN, O=TrustAsia Technologies, Inc., CN=TrustAsia OV TLS Pro CA C=CN, L=上海, O=上海幻电信息科技有限公司, OU=运维部, CN=*.hdslb.com 95:85:38:b2:53:c3:ea:1f:45:e7:d7:8a:79:75:6c:47:91:1a:57:aa
2019-08-08 15:40:10.515130+0800 192.168.122.202 49214 114.80.24.201 443 TLS 1.2 C=CN, O=TrustAsia Technologies, Inc., CN=TrustAsia OV TLS Pro CA C=CN, L=上海, O=上海幻电信息科技有限公司, OU=运维部, CN=*.hdslb.com 95:85:38:b2:53:c3:ea:1f:45:e7:d7:8a:79:75:6c:47:91:1a:57:aa
2019-08-08 15:40:10.571119+0800 192.168.122.202 49216 114.80.24.201 443 TLS 1.2 C=CN, O=TrustAsia Technologies, Inc., CN=TrustAsia OV TLS Pro CA C=CN, L=上海, O=上海幻电信息科技有限公司, OU=运维部, CN=*.hdslb.com 95:85:38:b2:53:c3:ea:1f:45:e7:d7:8a:79:75:6c:47:91:1a:57:aa
2019-08-08 15:40:10.571785+0800 192.168.122.202 49217 114.80.24.201 443 TLS 1.2 C=CN, O=TrustAsia Technologies, Inc., CN=TrustAsia OV TLS Pro CA C=CN, L=上海, O=上海幻电信息科技有限公司, OU=运维部, CN=*.hdslb.com 95:85:38:b2:53:c3:ea:1f:45:e7:d7:8a:79:75:6c:47:91:1a:57:aa
2019-08-08 15:40:10.521008+0800 192.168.122.202 49215 114.80.24.201 443 TLS 1.2 C=CN, O=TrustAsia Technologies, Inc., CN=TrustAsia OV TLS Pro CA C=CN, L=上海, O=上海幻电信息科技有限公司, OU=运维部, CN=*.hdslb.com 95:85:38:b2:53:c3:ea:1f:45:e7:d7:8a:79:75:6c:47:91:1a:57:aa
2019-08-08 15:40:10.669225+0800 192.168.122.202 49218 114.80.24.201 443 TLS 1.2 C=CN, O=TrustAsia Technologies, Inc., CN=TrustAsia OV TLS Pro CA C=CN, L=上海, O=上海幻电信息科技有限公司, OU=运维部, CN=*.hdslb.com 95:85:38:b2:53:c3:ea:1f:45:e7:d7:8a:79:75:6c:47:91:1a:57:aa
2019-08-08 15:40:10.538330+0800 192.168.122.202 49213 150.138.97.253 443 TLS 1.2 C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.alicdn.com 01:af:58:f7:9a:f4:0a:47:9b:01:ab:b7:d4:66:57:9e:f2:d7:56:bd
2019-08-08 15:40:10.552217+0800 192.168.122.202 49212 150.138.97.253 443 TLS 1.2 C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.alicdn.com 01:af:58:f7:9a:f4:0a:47:9b:01:ab:b7:d4:66:57:9e:f2:d7:56:bd
2019-08-08 15:40:10.692421+0800 192.168.122.202 49221 114.80.24.201 443 TLS 1.2 C=CN, O=TrustAsia Technologies, Inc., CN=TrustAsia OV TLS Pro CA C=CN, L=上海, O=上海幻电信息科技有限公司, OU=运维部, CN=*.hdslb.com 95:85:38:b2:53:c3:ea:1f:45:e7:d7:8a:79:75:6c:47:91:1a:57:aa
2019-08-08 15:40:10.669860+0800 192.168.122.202 49219 114.80.24.201 443 TLS 1.2 C=CN, O=TrustAsia Technologies, Inc., CN=TrustAsia OV TLS Pro CA C=CN, L=上海, O=上海幻电信息科技有限公司, OU=运维部, CN=*.hdslb.com 95:85:38:b2:53:c3:ea:1f:45:e7:d7:8a:79:75:6c:47:91:1a:57:aa
2019-08-08 15:40:10.688515+0800 192.168.122.202 49220 114.80.24.201 443 TLS 1.2 C=CN, O=TrustAsia Technologies, Inc., CN=TrustAsia OV TLS Pro CA C=CN, L=上海, O=上海幻电信息科技有限公司, OU=运维部, CN=*.hdslb.com 95:85:38:b2:53:c3:ea:1f:45:e7:d7:8a:79:75:6c:47:91:1a:57:aa
2019-08-08 15:40:11.304414+0800 192.168.122.202 49226 114.80.24.201 443 TLS 1.2 C=CN, O=TrustAsia Technologies, Inc., CN=TrustAsia OV TLS Pro CA C=CN, L=上海, O=上海幻电信息科技有限公司, OU=运维部, CN=*.hdslb.com 95:85:38:b2:53:c3:ea:1f:45:e7:d7:8a:79:75:6c:47:91:1a:57:aa
2019-08-08 15:40:11.265563+0800 192.168.122.202 49223 114.80.24.201 443 TLS 1.2 C=CN, O=TrustAsia Technologies, Inc., CN=TrustAsia OV TLS Pro CA C=CN, L=上海, O=上海幻电信息科技有限公司, OU=运维部, CN=*.hdslb.com 95:85:38:b2:53:c3:ea:1f:45:e7:d7:8a:79:75:6c:47:91:1a:57:aa
2019-08-08 15:40:11.302442+0800 192.168.122.202 49227 114.80.24.201 443 TLS 1.2 C=CN, O=TrustAsia Technologies, Inc., CN=TrustAsia OV TLS Pro CA C=CN, L=上海, O=上海幻电信息科技有限公司, OU=运维部, CN=*.hdslb.com 95:85:38:b2:53:c3:ea:1f:45:e7:d7:8a:79:75:6c:47:91:1a:57:aa
2019-08-08 15:40:11.277886+0800 192.168.122.202 49224 114.80.24.201 443 TLS 1.2 C=CN, O=TrustAsia Technologies, Inc., CN=TrustAsia OV TLS Pro CA C=CN, L=上海, O=上海幻电信息科技有限公司, OU=运维部, CN=*.hdslb.com 95:85:38:b2:53:c3:ea:1f:45:e7:d7:8a:79:75:6c:47:91:1a:57:aa
2019-08-08 15:40:11.278821+0800 192.168.122.202 49225 114.80.24.201 443 TLS 1.2 C=CN, O=TrustAsia Technologies, Inc., CN=TrustAsia OV TLS Pro CA C=CN, L=上海, O=上海幻电信息科技有限公司, OU=运维部, CN=*.hdslb.com 95:85:38:b2:53:c3:ea:1f:45:e7:d7:8a:79:75:6c:47:91:1a:57:aa
2019-08-08 15:40:11.357615+0800 192.168.122.202 49228 114.80.24.201 443 TLS 1.2 C=CN, O=TrustAsia Technologies, Inc., CN=TrustAsia OV TLS Pro CA C=CN, L=上海, O=上海幻电信息科技有限公司, OU=运维部, CN=*.hdslb.com 95:85:38:b2:53:c3:ea:1f:45:e7:d7:8a:79:75:6c:47:91:1a:57:aa
2019-08-08 15:40:11.391696+0800 192.168.122.202 49229 114.80.24.201 443 TLS 1.2 C=CN, O=TrustAsia Technologies, Inc., CN=TrustAsia OV TLS Pro CA C=CN, L=上海, O=上海幻电信息科技有限公司, OU=运维部, CN=*.hdslb.com 95:85:38:b2:53:c3:ea:1f:45:e7:d7:8a:79:75:6c:47:91:1a:57:aa
2019-08-08 15:40:11.450824+0800 192.168.122.202 49232 114.80.24.201 443 TLS 1.2 C=CN, O=TrustAsia Technologies, Inc., CN=TrustAsia OV TLS Pro CA C=CN, L=上海, O=上海幻电信息科技有限公司, OU=运维部, CN=*.hdslb.com 95:85:38:b2:53:c3:ea:1f:45:e7:d7:8a:79:75:6c:47:91:1a:57:aa
2019-08-08 15:40:11.472489+0800 192.168.122.202 49234 114.80.24.201 443 TLS 1.2 C=CN, O=TrustAsia Technologies, Inc., CN=TrustAsia OV TLS Pro CA C=CN, L=上海, O=上海幻电信息科技有限公司, OU=运维部, CN=*.hdslb.com 95:85:38:b2:53:c3:ea:1f:45:e7:d7:8a:79:75:6c:47:91:1a:57:aa
2019-08-08 15:40:11.416429+0800 192.168.122.202 49231 114.80.24.201 443 TLS 1.2 C=CN, O=TrustAsia Technologies, Inc., CN=TrustAsia OV TLS Pro CA C=CN, L=上海, O=上海幻电信息科技有限公司, OU=运维部, CN=*.hdslb.com 95:85:38:b2:53:c3:ea:1f:45:e7:d7:8a:79:75:6c:47:91:1a:57:aa
2019-08-08 15:40:11.392986+0800 192.168.122.202 49230 114.80.24.201 443 TLS 1.2 C=CN, O=TrustAsia Technologies, Inc., CN=TrustAsia OV TLS Pro CA C=CN, L=上海, O=上海幻电信息科技有限公司, OU=运维部, CN=*.hdslb.com 95:85:38:b2:53:c3:ea:1f:45:e7:d7:8a:79:75:6c:47:91:1a:57:aa
2019-08-08 15:40:11.458032+0800 192.168.122.202 49233 114.80.24.201 443 TLS 1.2 C=CN, O=TrustAsia Technologies, Inc., CN=TrustAsia OV TLS Pro CA C=CN, L=上海, O=上海幻电信息科技有限公司, OU=运维部, CN=*.hdslb.com 95:85:38:b2:53:c3:ea:1f:45:e7:d7:8a:79:75:6c:47:91:1a:57:aa
2019-08-08 15:40:11.523665+0800 192.168.122.202 49235 114.80.24.201 443 TLS 1.2 C=CN, O=TrustAsia Technologies, Inc., CN=TrustAsia OV TLS Pro CA C=CN, L=上海, O=上海幻电信息科技有限公司, OU=运维部, CN=*.hdslb.com 95:85:38:b2:53:c3:ea:1f:45:e7:d7:8a:79:75:6c:47:91:1a:57:aa
2019-08-08 15:40:11.549248+0800 192.168.122.202 49236 114.80.24.201 443 TLS 1.2 C=CN, O=TrustAsia Technologies, Inc., CN=TrustAsia OV TLS Pro CA C=CN, L=上海, O=上海幻电信息科技有限公司, OU=运维部, CN=*.hdslb.com 95:85:38:b2:53:c3:ea:1f:45:e7:d7:8a:79:75:6c:47:91:1a:57:aa
2019-08-08 15:40:11.874931+0800 192.168.122.202 49237 114.80.24.201 443 TLS 1.2 C=CN, O=TrustAsia Technologies, Inc., CN=TrustAsia OV TLS Pro CA C=CN, L=上海, O=上海幻电信息科技有限公司, OU=运维部, CN=*.hdslb.com 95:85:38:b2:53:c3:ea:1f:45:e7:d7:8a:79:75:6c:47:91:1a:57:aa
2019-08-08 15:40:42.323681+0800 192.168.122.202 49241 120.92.174.135 443 TLS 1.2 C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 C=CN, ST=上海, L=上海, O=上海幻电信息科技有限公司, CN=*.bilibili.com 8f:52:9b:25:96:c7:16:25:4b:74:43:af:45:45:24:b7:6a:58:38:3a
2019-08-08 15:40:44.080361+0800 192.168.122.202 49243 119.3.65.116 443 TLS 1.2 C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 C=CN, ST=上海, L=上海, O=上海幻电信息科技有限公司, CN=*.bilibili.com 8f:52:9b:25:96:c7:16:25:4b:74:43:af:45:45:24:b7:6a:58:38:3a
2019-08-08 15:40:46.479149+0800 192.168.122.202 49245 119.3.65.116 443 TLS 1.2 C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 C=CN, ST=上海, L=上海, O=上海幻电信息科技有限公司, CN=*.bilibili.com 8f:52:9b:25:96:c7:16:25:4b:74:43:af:45:45:24:b7:6a:58:38:3a

Suricata HTTP

No Suricata HTTP

未发现网络提取文件
抱歉! 没有任何文件投放。
没有发现相似的分析.
HTML 总结报告
(需15-60分钟同步)		 下载

Processing ( 45.976 seconds )

  • 15.73 NetworkAnalysis
  • 15.525 Suricata
  • 7.107 Static
  • 3.26 BehaviorAnalysis
  • 2.534 TargetInfo
  • 1.32 VirusTotal
  • 0.429 peid
  • 0.049 AnalysisInfo
  • 0.014 Strings
  • 0.005 config_decoder
  • 0.003 Memory

Signatures ( 1.23 seconds )

  • 0.169 api_spamming
  • 0.138 stealth_timeout
  • 0.123 stealth_decoy_document
  • 0.076 antiav_detectreg
  • 0.058 antivm_generic_scsi
  • 0.041 stealth_file
  • 0.037 antivm_generic_services
  • 0.034 mimics_filetime
  • 0.034 anormaly_invoke_kills
  • 0.031 md_domain_bl
  • 0.029 reads_self
  • 0.029 infostealer_ftp
  • 0.028 virus
  • 0.027 dridex_behavior
  • 0.027 antivm_generic_disk
  • 0.023 bootkit
  • 0.021 hancitor_behavior
  • 0.019 md_url_bl
  • 0.018 kovter_behavior
  • 0.017 infostealer_im
  • 0.016 antianalysis_detectreg
  • 0.015 antiemu_wine_func
  • 0.014 injection_createremotethread
  • 0.014 infostealer_browser_password
  • 0.01 antiav_detectfile
  • 0.01 infostealer_mail
  • 0.009 antivm_vbox_libs
  • 0.009 injection_runpe
  • 0.008 antidbg_windows
  • 0.007 anomaly_persistence_autorun
  • 0.007 infostealer_bitcoin
  • 0.007 ransomware_extensions
  • 0.007 ransomware_files
  • 0.006 maldun_suspicious
  • 0.005 geodo_banking_trojan
  • 0.004 antiav_avast_libs
  • 0.004 betabot_behavior
  • 0.004 antisandbox_sunbelt_libs
  • 0.004 kibex_behavior
  • 0.004 exec_crash
  • 0.004 antivm_parallels_keys
  • 0.004 antivm_vbox_files
  • 0.004 antivm_xen_keys
  • 0.004 network_torgateway
  • 0.003 tinba_behavior
  • 0.003 injection_explorer
  • 0.003 antisandbox_sboxie_libs
  • 0.003 antiav_bitdefender_libs
  • 0.003 disables_browser_warn
  • 0.003 darkcomet_regkeys
  • 0.002 rat_nanocore
  • 0.002 antivm_vmware_libs
  • 0.002 cerber_behavior
  • 0.002 h1n1_behavior
  • 0.002 antivm_generic_diskreg
  • 0.002 browser_security
  • 0.002 modify_proxy
  • 0.002 md_bad_drop
  • 0.002 recon_fingerprint
  • 0.001 malicious_write_executeable_under_temp_to_regrun
  • 0.001 hawkeye_behavior
  • 0.001 network_tor
  • 0.001 antivm_vbox_window
  • 0.001 ursnif_behavior
  • 0.001 shifu_behavior
  • 0.001 antisandbox_script_timer
  • 0.001 bypass_firewall
  • 0.001 antianalysis_detectfile
  • 0.001 antidbg_devices
  • 0.001 antisandbox_productid
  • 0.001 antivm_generic_bios
  • 0.001 antivm_generic_cpu
  • 0.001 antivm_generic_system
  • 0.001 antivm_xen_keys
  • 0.001 antivm_hyperv_keys
  • 0.001 antivm_vbox_acpi
  • 0.001 antivm_vbox_keys
  • 0.001 antivm_vmware_keys
  • 0.001 antivm_vpc_keys
  • 0.001 banker_zeus_mutex
  • 0.001 bot_drive
  • 0.001 bot_drive2
  • 0.001 browser_addon
  • 0.001 disables_system_restore
  • 0.001 disables_windows_defender
  • 0.001 malicious_drop_executable_file_to_temp_folder
  • 0.001 maldun_network_blacklist
  • 0.001 office_security
  • 0.001 packer_armadillo_regkey
  • 0.001 rat_pcclient
  • 0.001 rat_spynet
  • 0.001 recon_programs
  • 0.001 stealth_hide_notifications
  • 0.001 stealth_modify_uac_prompt

Reporting ( 1.302 seconds )

  • 1.019 ReportHTMLSummary
  • 0.283 Malheur
Task ID 351644
Mongo ID 5d4bd27a2f8f2e1f417cdcc8
Cuckoo release 1.4-Maldun