魔盾安全分析报告
| 分析类型 | 开始时间 | 结束时间 | 持续时间 | 分析引擎版本 |
|---|---|---|---|---|
| URL | 2019-07-17 01:51:23 | 2019-07-17 01:53:32 | 129 秒 | 1.4-Maldun |
| 虚拟机机器名 | 标签 | 虚拟机管理 | 开机时间 | 关机时间 |
|---|---|---|---|---|
| win7-sp1-x64-hpdapp01-1 | win7-sp1-x64-hpdapp01-1 | KVM | 2019-07-17 01:51:23 | None |
| 魔盾分数 |
|---|
0.7正常的 |
URL信息
| URL | https://www.fdy.cc/daluju/ |
|---|---|
| VirusTotal | VirusTotal查询失败 |
特征
魔盾wping.org 域名信誉系统
Greylist: www.fdy.cc
Greylist: s5.cnzz.com
Greylist: z8.cnzz.com
Greylist: c.cnzz.com
魔盾wping.org IP地址信誉系统
Neutral: 123.157.148.22
Neutral: 180.101.212.39
运行截图
网络分析
访问主机记录
| 直接访问 | IP地址 | 国家名 |
|---|---|---|
| 否 | 101.89.124.234 | China |
| 否 | 123.157.148.22 | China |
| 否 | 180.101.212.103 | China |
| 否 | 180.101.212.39 | China |
| 否 | 180.163.198.48 | China |
| 否 | 203.119.206.97 | China |
| 否 | 59.47.75.152 | China |
域名解析
| 域名 | 响应 |
|---|---|
| www.fdy.cc |
CNAME fdy.cc.xunswl.com
A 123.157.148.22 |
| s5.cnzz.com |
CNAME all.cnzz.com.danuoyi.tbcache.com
A 101.89.124.234 CNAME c.cnzz.com |
| z8.cnzz.com |
A 203.119.206.97
CNAME z.cnzz.com CNAME z.gds.cnzz.com |
| c.cnzz.com | |
| bdimg.share.baidu.com |
CNAME share.jomodns.com
A 180.163.198.48 |
| xunleige.tupian520.net |
CNAME cmcc.xxtt.cc
CNAME 24962-6.p.xxtt.cc A 59.47.75.152 CNAME 24962-6.n.xxtt.cc |
| nsclick.baidu.com |
A 180.101.212.39
CNAME static.n.shifen.com |
| api.share.baidu.com |
CNAME api.share.n.shifen.com
A 180.101.212.103 |
TCP连接
| IP地址 | 端口 |
|---|---|
| 101.89.124.234 | 443 |
| 101.89.124.234 | 443 |
| 123.157.148.22 | 443 |
| 123.157.148.22 | 443 |
| 123.157.148.22 | 443 |
| 123.157.148.22 | 443 |
| 123.157.148.22 | 443 |
| 180.101.212.103 | 80 |
| 180.101.212.39 | 80 |
| 180.163.198.48 | 80 |
| 180.163.198.48 | 80 |
| 180.163.198.48 | 80 |
| 203.119.206.97 | 443 |
| 59.47.75.152 | 443 |
| 59.47.75.152 | 443 |
| 59.47.75.152 | 443 |
| 59.47.75.152 | 443 |
| 59.47.75.152 | 443 |
| 59.47.75.152 | 443 |
| 59.47.75.152 | 443 |
| 59.47.75.152 | 443 |
| 59.47.75.152 | 443 |
| 59.47.75.152 | 443 |
| 59.47.75.152 | 443 |
| 59.47.75.152 | 443 |
| 59.47.75.152 | 443 |
| 59.47.75.152 | 443 |
| 59.47.75.152 | 443 |
| 59.47.75.152 | 443 |
| 59.47.75.152 | 443 |
| 59.47.75.152 | 443 |
| 59.47.75.152 | 443 |
| 59.47.75.152 | 443 |
| 59.47.75.152 | 443 |
| 59.47.75.152 | 443 |
| 59.47.75.152 | 443 |
| 59.47.75.152 | 443 |
| 59.47.75.152 | 443 |
| 59.47.75.152 | 443 |
| 59.47.75.152 | 443 |
| 59.47.75.152 | 443 |
| 59.47.75.152 | 443 |
| 59.47.75.152 | 443 |
UDP连接
| IP地址 | 端口 |
|---|---|
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
| 192.168.122.1 | 53 |
HTTP请求
| URL | HTTP数据 |
|---|---|
| http://bdimg.share.baidu.com/static/api/js/share.js?v=89860593.js?cdnversion=434248 | GET /static/api/js/share.js?v=89860593.js?cdnversion=434248 HTTP/1.1 Accept: */* Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: bdimg.share.baidu.com Connection: Keep-Alive |
| http://bdimg.share.baidu.com/static/api/js/share/share_api.js?v=226108fe.js | GET /static/api/js/share/share_api.js?v=226108fe.js HTTP/1.1 Accept: */* Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: bdimg.share.baidu.com Connection: Keep-Alive |
| http://bdimg.share.baidu.com/static/api/js/view/share_view.js?v=3ae6026d.js | GET /static/api/js/view/share_view.js?v=3ae6026d.js HTTP/1.1 Accept: */* Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: bdimg.share.baidu.com Connection: Keep-Alive |
| http://bdimg.share.baidu.com/static/api/js/base/tangram.js?v=37768233.js | GET /static/api/js/base/tangram.js?v=37768233.js HTTP/1.1 Accept: */* Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: bdimg.share.baidu.com Connection: Keep-Alive |
| http://bdimg.share.baidu.com/static/api/js/share/api_base.js | GET /static/api/js/share/api_base.js HTTP/1.1 Accept: */* Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: bdimg.share.baidu.com Connection: Keep-Alive |
| http://bdimg.share.baidu.com/static/api/js/view/view_base.js | GET /static/api/js/view/view_base.js HTTP/1.1 Accept: */* Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: bdimg.share.baidu.com Connection: Keep-Alive |
| http://bdimg.share.baidu.com/static/api/js/component/partners.js?v=96dbe85a.js | GET /static/api/js/component/partners.js?v=96dbe85a.js HTTP/1.1 Accept: */* Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: bdimg.share.baidu.com Connection: Keep-Alive |
| http://bdimg.share.baidu.com/static/api/css/share_style0_16.css?v=8105b07e.css | GET /static/api/css/share_style0_16.css?v=8105b07e.css HTTP/1.1 Accept: */* Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: bdimg.share.baidu.com Connection: Keep-Alive |
| http://bdimg.share.baidu.com/static/api/img/share/icons_0_16.png?v=91362611.png | GET /static/api/img/share/icons_0_16.png?v=91362611.png HTTP/1.1 Accept: */* Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: bdimg.share.baidu.com Connection: Keep-Alive |
| http://bdimg.share.baidu.com/static/api/js/trans/logger.js?v=60603cb3.js | GET /static/api/js/trans/logger.js?v=60603cb3.js HTTP/1.1 Accept: */* Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: bdimg.share.baidu.com Connection: Keep-Alive |
| http://nsclick.baidu.com/v.gif?pid=307&type=3071&sign=&desturl=&linkid=jy645ltp5yu&apitype=1 | GET /v.gif?pid=307&type=3071&sign=&desturl=&linkid=jy645ltp5yu&apitype=1 HTTP/1.1 Accept: */* Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: nsclick.baidu.com Connection: Keep-Alive |
| http://api.share.baidu.com/v.gif | GET /v.gif HTTP/1.1 Accept: */* Accept-Language: zh-CN User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Accept-Encoding: gzip, deflate Host: api.share.baidu.com Connection: Keep-Alive |
投放文件
行为分析
互斥量(Mutexes)
无信息
执行的命令
无信息
创建的服务
无信息
启动的服务
无信息
进程
访问的文件
无信息
读取的文件
无信息
修改的文件
无信息
删除的文件
无信息
注册表键
无信息
读取的注册表键
无信息
修改的注册表键
无信息
删除的注册表键
无信息
API解析
无信息