分析任务
| 分析类型 | 虚拟机标签 | 开始时间 | 结束时间 | 持续时间 |
|---|---|---|---|---|
| 文件 (Windows) | win7-sp1-x64-shaapp02-1 | 2022-07-04 13:40:56 | 2022-07-04 13:41:43 | 47 秒 |
魔盾分数
4.592
可疑的
文件详细信息
| 文件名 | _SolidSQUAD_.zip ==> installs.exe |
|---|---|
| 文件大小 | 97792 字节 |
| 文件类型 | PE32 executable (console) Intel 80386, for MS Windows |
| MD5 | 40ad52111e2997dc064e000dc32ecee3 |
| SHA1 | c233c9da67421734d5aa153ed729c9f2b65a7cf7 |
| SHA256 | 5357844c0f6ca3154ca7f1ea552410738c9bfe92cdc81bfdfdf47f3c06da25ad |
| SHA512 | 2e6737da7f2fdac09daf5594d2bac215e1e8cd0121699dc36a5762f01fbf5c767b3d1e13726c7001dfa980b04c6180f2f32bbff16023185b73a0d880840b8ca3 |
| CRC32 | 4F6DC04C |
| Ssdeep | 1536:sNpz/FLoOsSGItywYm6+nbvQYSiFOyUkBN3uLww2wylY2u:sPrFLngXNyOaPBkkFwylY |
| Yara | 登录查看Yara规则 |
| 找不到该样本 提交漏报 |
登录查看威胁特征
运行截图
访问主机纪录 (可点击查询WPING实时安全评级)
| 直接 | IP | 安全评级 | 地理位置 |
|---|---|---|---|
| 否 | 13.89.179.12 | 美国 |
域名解析 (可点击查询WPING实时安全评级)
| 域名 | 安全评级 | 响应 |
|---|---|---|
| watson.microsoft.com | 未知 |
CNAME onedsblobprdcus17.centralus.cloudapp.azure.com A 13.89.179.12 CNAME legacywatson.trafficmanager.net |
摘要
登录查看详细行为信息.text
P`.data
.rdata
P@.pdata
0@.xdata
0@.bss
.edata
0@.idata
.reloc
!!!!!!!!!!!!!!!!ADAA@@@@@@@@@@@@
@@@@@@@@
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@AAAA@@@
@@@@$$$$$$$$$$$$$$$$@@@@@@@@@@@@@@@@
@A@@@@@@@@@@@@@A@@@@@@@A@AAA@
libgcj-16.dll
_Jv_RegisterClasses
netapi32
\netapi32.dll
DavAddConnection
DavDeleteConnection
DavFlushFile
DavGetExtendedError
DavGetHTTPFromUNCPath
DavGetUNCFromHTTPPath
DsAddressToSiteNamesA
DsAddressToSiteNamesExA
DsAddressToSiteNamesExW
DsAddressToSiteNamesW
DsDeregisterDnsHostRecordsA
DsDeregisterDnsHostRecordsW
DsEnumerateDomainTrustsA
DsEnumerateDomainTrustsW
DsGetDcCloseW
DsGetDcNameA
DsGetDcNameW
DsGetDcNameWithAccountA
DsGetDcNameWithAccountW
DsGetDcNextA
DsGetDcNextW
DsGetDcOpenA
DsGetDcOpenW
DsGetDcSiteCoverageA
DsGetDcSiteCoverageW
DsGetForestTrustInformationW
DsGetSiteNameA
DsGetSiteNameW
DsMergeForestTrustInformationW
DsRoleFreeMemory
DsRoleGetPrimaryDomainInformation
DsValidateSubnetNameA
DsValidateSubnetNameW
I_BrowserDebugCall
I_BrowserDebugTrace
I_BrowserQueryEmulatedDomains
I_BrowserQueryOtherDomains
I_BrowserQueryStatistics
I_BrowserResetNetlogonState
I_BrowserResetStatistics
I_BrowserServerEnum
I_BrowserSetNetlogonState
I_DsUpdateReadOnlyServerDnsRecords
I_NetAccountDeltas
I_NetAccountSync
I_NetChainSetClientAttributes
I_NetChainSetClientAttributes2
I_NetDatabaseDeltas
I_NetDatabaseRedo
I_NetDatabaseSync
I_NetDatabaseSync2
I_NetDfsGetVersion
I_NetDfsIsThisADomainName
I_NetGetDCList
I_NetGetForestTrustInformation
I_NetLogonControl
I_NetLogonControl2
I_NetLogonGetDomainInfo
I_NetLogonSamLogoff
I_NetLogonSamLogon
I_NetLogonSamLogonEx
I_NetLogonSamLogonWithFlags
I_NetLogonSendToSam
I_NetLogonUasLogoff
I_NetLogonUasLogon
I_NetServerAuthenticate
I_NetServerAuthenticate2
I_NetServerAuthenticate3
I_NetServerGetTrustInfo
I_NetServerPasswordGet
I_NetServerPasswordSet
I_NetServerPasswordSet2
I_NetServerReqChallenge
I_NetServerSetServiceBits
I_NetServerSetServiceBitsEx
I_NetServerTrustPasswordsGet
I_NetlogonComputeClientDigest
I_NetlogonComputeServerDigest
NetAccessAdd
NetAccessDel
NetAccessEnum
NetAccessGetInfo
NetAccessGetUserPerms
NetAccessSetInfo
NetAddAlternateComputerName
NetAddServiceAccount
NetAlertRaise
NetAlertRaiseEx
NetApiBufferAllocate
NetApiBufferFree
NetApiBufferReallocate
NetApiBufferSize
NetAuditClear
NetAuditRead
NetAuditWrite
NetBrowserStatisticsGet
NetConfigGet
NetConfigGetAll
NetConfigSet
NetConnectionEnum
NetCreateProvisioningPackage
NetDfsAdd
NetDfsAddFtRoot
NetDfsAddRootTarget
NetDfsAddStdRoot
NetDfsAddStdRootForced
NetDfsEnum
NetDfsGetClientInfo
NetDfsGetDcAddress
NetDfsGetFtContainerSecurity
NetDfsGetInfo
NetDfsGetSecurity
NetDfsGetStdContainerSecurity
NetDfsGetSupportedNamespaceVersion
NetDfsManagerGetConfigInfo
NetDfsManagerInitialize
NetDfsManagerSendSiteInfo
NetDfsMove
NetDfsRemove
NetDfsRemoveFtRoot
NetDfsRemoveFtRootForced
NetDfsRemoveRootTarget
NetDfsRemoveStdRoot
NetDfsRename
NetDfsSetClientInfo
NetDfsSetFtContainerSecurity
NetDfsSetInfo
NetDfsSetSecurity
NetDfsSetStdContainerSecurity
NetEnumerateComputerNames
NetEnumerateServiceAccounts
NetEnumerateTrustedDomains
NetErrorLogClear
NetErrorLogRead
NetErrorLogWrite
NetFileClose
NetFileEnum
NetFileGetInfo
NetFreeAadJoinInformation
NetGetAadJoinInformation
NetGetAnyDCName
NetGetDCName
NetGetDisplayInformationIndex
NetGetJoinInformation
NetGetJoinableOUs
NetGroupAdd
NetGroupAddUser
NetGroupDel
NetGroupDelUser
NetGroupEnum
NetGroupGetInfo
NetGroupGetUsers
NetGroupSetInfo
NetGroupSetUsers
NetIsServiceAccount
NetJoinDomain
NetLocalGroupAdd
NetLocalGroupAddMember
NetLocalGroupAddMembers
NetLocalGroupDel
NetLocalGroupDelMember
NetLocalGroupDelMembers
NetLocalGroupEnum
NetLocalGroupGetInfo
NetLocalGroupGetMembers
NetLocalGroupSetInfo
NetLocalGroupSetMembers
NetLogonGetTimeServiceParentDomain
NetLogonSetServiceBits
NetMessageBufferSend
NetMessageNameAdd
NetMessageNameDel
NetMessageNameEnum
NetMessageNameGetInfo
NetProvisionComputerAccount
NetQueryDisplayInformation
NetQueryServiceAccount
NetRegisterDomainNameChangeNotification
NetRemoteComputerSupports
NetRemoteTOD
NetRemoveAlternateComputerName
NetRemoveServiceAccount
NetRenameMachineInDomain
NetReplExportDirAdd
NetReplExportDirDel
NetReplExportDirEnum
NetReplExportDirGetInfo
NetReplExportDirLock
NetReplExportDirSetInfo
NetReplExportDirUnlock
NetReplGetInfo
NetReplImportDirAdd
NetReplImportDirDel
NetReplImportDirEnum
NetReplImportDirGetInfo
NetReplImportDirLock
NetReplImportDirUnlock
NetReplSetInfo
NetRequestOfflineDomainJoin
NetRequestProvisioningPackageInstall
NetScheduleJobAdd
NetScheduleJobDel
NetScheduleJobEnum
NetScheduleJobGetInfo
NetServerAliasAdd
NetServerAliasDel
NetServerAliasEnum
NetServerComputerNameAdd
NetServerComputerNameDel
NetServerDiskEnum
NetServerEnum
NetServerEnumEx
NetServerGetInfo
NetServerSetInfo
NetServerTransportAdd
NetServerTransportAddEx
NetServerTransportDel
NetServerTransportEnum
NetServiceControl
NetServiceEnum
NetServiceGetInfo
NetServiceInstall
NetSessionDel
NetSessionEnum
NetSessionGetInfo
NetSetPrimaryComputerName
NetShareAdd
NetShareCheck
NetShareDel
NetShareDelEx
NetShareDelSticky
NetShareEnum
NetShareEnumSticky
NetShareGetInfo
NetShareSetInfo
NetStatisticsGet
NetUnjoinDomain
NetUnregisterDomainNameChangeNotification
NetUseAdd
NetUseDel
NetUseEnum
NetUseGetInfo
NetUserAdd
NetUserChangePassword
NetUserDel
NetUserEnum
NetUserGetGroups
NetUserGetInfo
NetUserGetLocalGroups
NetUserModalsGet
NetUserModalsSet
NetUserSetGroups
NetUserSetInfo
NetValidateName
NetValidatePasswordPolicy
NetValidatePasswordPolicyFree
NetWkstaGetInfo
NetWkstaSetInfo
NetWkstaTransportAdd
NetWkstaTransportDel
NetWkstaTransportEnum
NetWkstaUserEnum
NetWkstaUserGetInfo
NetWkstaUserSetInfo
NetapipBufferAllocate
Netbios
NetpAddTlnFtinfoEntry
NetpAllocFtinfoEntry
NetpAssertFailed
NetpCleanFtinfoContext
NetpCloseConfigData
NetpCopyFtinfoContext
NetpDbgPrint
NetpGetConfigBool
NetpGetConfigDword
NetpGetConfigTStrArray
NetpGetConfigValue
NetpGetFileSecurity
NetpHexDump
NetpInitFtinfoContext
NetpIsRemote
NetpIsUncComputerNameValid
NetpMergeFtinfo
NetpNetBiosReset
NetpNetBiosStatusToApiStatus
NetpOpenConfigData
NetpSetFileSecurity
NetpwNameCanonicalize
NetpwNameCompare
NetpwNameValidate
NetpwPathCanonicalize
NetpwPathCompare
NetpwPathType
NlBindingAddServerToCache
NlBindingRemoveServerFromCache
NlBindingSetAuthInfo
RxNetAccessAdd
RxNetAccessDel
RxNetAccessEnum
RxNetAccessGetInfo
RxNetAccessGetUserPerms
RxNetAccessSetInfo
RxNetServerEnum
RxNetUserPasswordSet
RxRemoteApi
Address %p has no image-section
VirtualQuery failed for %d bytes at address %p
VirtualProtect failed with code 0x%x
.pdata
netapi32.dll.pre
DavAddConnection
DavDeleteConnection
DavFlushFile
DavGetExtendedError
DavGetHTTPFromUNCPath
DavGetUNCFromHTTPPath
DsAddressToSiteNamesA
DsAddressToSiteNamesExA
DsAddressToSiteNamesExW
DsAddressToSiteNamesW
DsDeregisterDnsHostRecordsA
DsDeregisterDnsHostRecordsW
DsEnumerateDomainTrustsA
DsEnumerateDomainTrustsW
DsGetDcCloseW
DsGetDcNameA
DsGetDcNameW
DsGetDcNameWithAccountA
DsGetDcNameWithAccountW
DsGetDcNextA
DsGetDcNextW
DsGetDcOpenA
DsGetDcOpenW
DsGetDcSiteCoverageA
DsGetDcSiteCoverageW
DsGetForestTrustInformationW
DsGetSiteNameA
DsGetSiteNameW
DsMergeForestTrustInformationW
DsRoleFreeMemory
DsRoleGetPrimaryDomainInformation
DsValidateSubnetNameA
DsValidateSubnetNameW
I_BrowserDebugCall
I_BrowserDebugTrace
I_BrowserQueryEmulatedDomains
I_BrowserQueryOtherDomains
I_BrowserQueryStatistics
I_BrowserResetNetlogonState
I_BrowserResetStatistics
I_BrowserServerEnum
I_BrowserSetNetlogonState
I_DsUpdateReadOnlyServerDnsRecords
I_NetAccountDeltas
I_NetAccountSync
I_NetChainSetClientAttributes
I_NetChainSetClientAttributes2
I_NetDatabaseDeltas
I_NetDatabaseRedo
I_NetDatabaseSync
I_NetDatabaseSync2
I_NetDfsGetVersion
I_NetDfsIsThisADomainName
I_NetGetDCList
I_NetGetForestTrustInformation
I_NetLogonControl
I_NetLogonControl2
I_NetLogonGetDomainInfo
I_NetLogonSamLogoff
I_NetLogonSamLogon
I_NetLogonSamLogonEx
I_NetLogonSamLogonWithFlags
I_NetLogonSendToSam
I_NetLogonUasLogoff
I_NetLogonUasLogon
I_NetServerAuthenticate
I_NetServerAuthenticate2
I_NetServerAuthenticate3
I_NetServerGetTrustInfo
I_NetServerPasswordGet
I_NetServerPasswordSet
I_NetServerPasswordSet2
I_NetServerReqChallenge
I_NetServerSetServiceBits
I_NetServerSetServiceBitsEx
I_NetServerTrustPasswordsGet
I_NetlogonComputeClientDigest
I_NetlogonComputeServerDigest
NetAccessAdd
NetAccessDel
NetAccessEnum
NetAccessGetInfo
NetAccessGetUserPerms
NetAccessSetInfo
NetAddAlternateComputerName
NetAddServiceAccount
NetAlertRaise
NetAlertRaiseEx
NetApiBufferAllocate
NetApiBufferFree
NetApiBufferReallocate
NetApiBufferSize
NetAuditClear
NetAuditRead
NetAuditWrite
NetBrowserStatisticsGet
NetConfigGet
NetConfigGetAll
NetConfigSet
NetConnectionEnum
NetCreateProvisioningPackage
NetDfsAdd
NetDfsAddFtRoot
NetDfsAddRootTarget
NetDfsAddStdRoot
NetDfsAddStdRootForced
NetDfsEnum
NetDfsGetClientInfo
NetDfsGetDcAddress
NetDfsGetFtContainerSecurity
NetDfsGetInfo
NetDfsGetSecurity
NetDfsGetStdContainerSecurity
NetDfsGetSupportedNamespaceVersion
NetDfsManagerGetConfigInfo
NetDfsManagerInitialize
NetDfsManagerSendSiteInfo
NetDfsMove
NetDfsRemove
NetDfsRemoveFtRoot
NetDfsRemoveFtRootForced
NetDfsRemoveRootTarget
NetDfsRemoveStdRoot
NetDfsRename
NetDfsSetClientInfo
NetDfsSetFtContainerSecurity
NetDfsSetInfo
NetDfsSetSecurity
NetDfsSetStdContainerSecurity
NetEnumerateComputerNames
NetEnumerateServiceAccounts
NetEnumerateTrustedDomains
NetErrorLogClear
NetErrorLogRead
NetErrorLogWrite
NetFileClose
NetFileEnum
NetFileGetInfo
NetFreeAadJoinInformation
NetGetAadJoinInformation
NetGetAnyDCName
NetGetDCName
NetGetDisplayInformationIndex
NetGetJoinInformation
NetGetJoinableOUs
NetGroupAdd
NetGroupAddUser
NetGroupDel
NetGroupDelUser
NetGroupEnum
NetGroupGetInfo
NetGroupGetUsers
NetGroupSetInfo
NetGroupSetUsers
NetIsServiceAccount
NetJoinDomain
NetLocalGroupAdd
NetLocalGroupAddMember
NetLocalGroupAddMembers
NetLocalGroupDel
NetLocalGroupDelMember
NetLocalGroupDelMembers
NetLocalGroupEnum
NetLocalGroupGetInfo
NetLocalGroupGetMembers
NetLocalGroupSetInfo
NetLocalGroupSetMembers
NetLogonGetTimeServiceParentDomain
NetLogonSetServiceBits
NetMessageBufferSend
NetMessageNameAdd
NetMessageNameDel
NetMessageNameEnum
NetMessageNameGetInfo
NetProvisionComputerAccount
NetQueryDisplayInformation
NetQueryServiceAccount
NetRegisterDomainNameChangeNotification
NetRemoteComputerSupports
NetRemoteTOD
NetRemoveAlternateComputerName
NetRemoveServiceAccount
NetRenameMachineInDomain
NetReplExportDirAdd
NetReplExportDirDel
NetReplExportDirEnum
NetReplExportDirGetInfo
NetReplExportDirLock
NetReplExportDirSetInfo
NetReplExportDirUnlock
NetReplGetInfo
NetReplImportDirAdd
NetReplImportDirDel
NetReplImportDirEnum
NetReplImportDirGetInfo
NetReplImportDirLock
NetReplImportDirUnlock
NetReplSetInfo
NetRequestOfflineDomainJoin
NetRequestProvisioningPackageInstall
NetScheduleJobAdd
NetScheduleJobDel
NetScheduleJobEnum
NetScheduleJobGetInfo
NetServerAliasAdd
NetServerAliasDel
NetServerAliasEnum
NetServerComputerNameAdd
NetServerComputerNameDel
NetServerDiskEnum
NetServerEnum
NetServerEnumEx
NetServerGetInfo
NetServerSetInfo
NetServerTransportAdd
NetServerTransportAddEx
NetServerTransportDel
NetServerTransportEnum
NetServiceControl
NetServiceEnum
NetServiceGetInfo
NetServiceInstall
NetSessionDel
NetSessionEnum
NetSessionGetInfo
NetSetPrimaryComputerName
NetShareAdd
NetShareCheck
NetShareDel
NetShareDelEx
NetShareDelSticky
NetShareEnum
NetShareEnumSticky
NetShareGetInfo
NetShareSetInfo
NetStatisticsGet
NetUnjoinDomain
NetUnregisterDomainNameChangeNotification
NetUseAdd
NetUseDel
NetUseEnum
NetUseGetInfo
NetUserAdd
NetUserChangePassword
NetUserDel
NetUserEnum
NetUserGetGroups
NetUserGetInfo
NetUserGetLocalGroups
NetUserModalsGet
NetUserModalsSet
NetUserSetGroups
NetUserSetInfo
NetValidateName
NetValidatePasswordPolicy
NetValidatePasswordPolicyFree
NetWkstaGetInfo
NetWkstaSetInfo
NetWkstaTransportAdd
NetWkstaTransportDel
NetWkstaTransportEnum
NetWkstaUserEnum
NetWkstaUserGetInfo
NetWkstaUserSetInfo
NetapipBufferAllocate
Netbios
NetpAddTlnFtinfoEntry
NetpAllocFtinfoEntry
NetpAssertFailed
NetpCleanFtinfoContext
NetpCloseConfigData
NetpCopyFtinfoContext
NetpDbgPrint
NetpGetConfigBool
NetpGetConfigDword
NetpGetConfigTStrArray
NetpGetConfigValue
NetpGetFileSecurity
NetpHexDump
NetpInitFtinfoContext
NetpIsRemote
NetpIsUncComputerNameValid
NetpMergeFtinfo
NetpNetBiosReset
NetpNetBiosStatusToApiStatus
NetpOpenConfigData
NetpSetFileSecurity
NetpwNameCanonicalize
NetpwNameCompare
NetpwNameValidate
NetpwPathCanonicalize
NetpwPathCompare
NetpwPathType
NlBindingAddServerToCache
NlBindingRemoveServerFromCache
NlBindingSetAuthInfo
RxNetAccessAdd
RxNetAccessDel
RxNetAccessEnum
RxNetAccessGetInfo
RxNetAccessGetUserPerms
RxNetAccessSetInfo
RxNetServerEnum
RxNetUserPasswordSet
RxRemoteApi
RegOpenKeyExW
CreateMutexA
DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentVariableW
GetLastError
GetModuleHandleA
GetModuleHandleExA
GetProcAddress
GetSystemDirectoryA
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
OpenMutexA
QueryPerformanceCounter
RtlAddFunctionTable
RtlCaptureContext
RtlCaptureStackBackTrace
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
__dllonexit
__iob_func
_amsg_exit
_initterm
_lock
_onexit
_snprintf
_unlock
abort
calloc
fwrite
malloc
memcpy
memset
signal
strcat
strlen
strncmp
vfprintf
wcsncmp
ADVAPI32.dll
KERNEL32.dll
msvcrt.dll
.text
P`.data
.rdata
P@.pdata
0@.xdata
0@.bss
.edata
0@.idata
.reloc
LM_LICENSE_FILE
SOFTWARE\FLEXlm License Manager
访问主机纪录 (可点击查询WPING实时安全评级)
| 直接 | IP | 安全评级 | 地理位置 |
|---|---|---|---|
| 否 | 13.89.179.12 | 美国 |
TCP
| 源地址 | 源端口 | 目标地址 | 目标端口 |
|---|---|---|---|
| 192.168.122.201 | 49160 | 23.59.190.8 | 80 |
UDP
| 源地址 | 源端口 | 目标地址 | 目标端口 |
|---|---|---|---|
| 192.168.122.201 | 63246 | 192.168.122.1 | 53 |
| 192.168.122.201 | 63472 | 192.168.122.1 | 53 |
域名解析 (可点击查询WPING实时安全评级)
| 域名 | 安全评级 | 响应 |
|---|---|---|
| watson.microsoft.com | 未知 |
CNAME onedsblobprdcus17.centralus.cloudapp.azure.com A 13.89.179.12 CNAME legacywatson.trafficmanager.net |
TCP
| 源地址 | 源端口 | 目标地址 | 目标端口 |
|---|---|---|---|
| 192.168.122.201 | 49160 | 23.59.190.8 | 80 |
UDP
| 源地址 | 源端口 | 目标地址 | 目标端口 |
|---|---|---|---|
| 192.168.122.201 | 63246 | 192.168.122.1 | 53 |
| 192.168.122.201 | 63472 | 192.168.122.1 | 53 |
HTTP 请求
| URI | HTTP数据 |
|---|---|
| URL专业沙箱检测 -> http://acroipm.adobe.com/11/rdr/CHS/win/nooem/none/message.zip | GET /11/rdr/CHS/win/nooem/none/message.zip HTTP/1.1 Accept: */* If-Modified-Since: Mon, 08 Nov 2017 08:44:36 GMT User-Agent: IPM Host: acroipm.adobe.com Connection: Keep-Alive Cache-Control: no-cache |
SMTP 流量
无SMTP流量.
IRC 流量
无IRC请求.
ICMP 流量
无ICMP流量.
CIF 报告
无 CIF 结果
网络警报
无警报
TLS
No TLS
Suricata HTTP
No Suricata HTTP
未发现网络提取文件
| 文件名 | installs.exe |
|---|---|
| 相关文件 |
C:\Users\test\AppData\Local\Temp\zip-tmp\installs.exe
|
| 文件大小 | 97792 字节 |
| 文件类型 | PE32 executable (console) Intel 80386, for MS Windows |
| MD5 | 40ad52111e2997dc064e000dc32ecee3 |
| SHA1 | c233c9da67421734d5aa153ed729c9f2b65a7cf7 |
| SHA256 | 5357844c0f6ca3154ca7f1ea552410738c9bfe92cdc81bfdfdf47f3c06da25ad |
| CRC32 | 4F6DC04C |
| Ssdeep | 1536:sNpz/FLoOsSGItywYm6+nbvQYSiFOyUkBN3uLww2wylY2u:sPrFLngXNyOaPBkkFwylY |
| 魔盾安全分析结果 | 6.4 分析时间:2021-05-11 14:17:01 查看分析报告 |
| 下载 提交魔盾安全分析 |
没有发现相似的分析.
| HTML 总结报告 (需15-60分钟同步) |
下载 |
|---|
Processing ( 24.782 seconds )
- 12.357 NetworkAnalysis
- 10.709 Suricata
- 1.389 VirusTotal
- 0.274 TargetInfo
- 0.016 BehaviorAnalysis
- 0.011 Strings
- 0.01 AnalysisInfo
- 0.007 Dropped
- 0.007 Static
- 0.002 Memory
Signatures ( 1.43 seconds )
- 1.351 md_url_bl
- 0.012 antiav_detectreg
- 0.009 md_domain_bl
- 0.005 anomaly_persistence_autorun
- 0.005 antiav_detectfile
- 0.005 infostealer_ftp
- 0.004 geodo_banking_trojan
- 0.004 ransomware_extensions
- 0.004 ransomware_files
- 0.003 infostealer_bitcoin
- 0.003 infostealer_im
- 0.003 network_http
- 0.002 tinba_behavior
- 0.002 antianalysis_detectreg
- 0.002 antivm_vbox_files
- 0.002 disables_browser_warn
- 0.002 infostealer_mail
- 0.002 network_torgateway
- 0.001 rat_nanocore
- 0.001 betabot_behavior
- 0.001 cerber_behavior
- 0.001 bot_drive
- 0.001 bot_drive2
- 0.001 browser_security
- 0.001 modify_proxy
- 0.001 maldun_malicious_drop_executable_file_to_temp_folder
- 0.001 md_bad_drop
- 0.001 network_cnc_http
Reporting ( 0.488 seconds )
- 0.488 ReportHTMLSummary
| Task ID | 697850 |
|---|---|
| Mongo ID | 62c27dbbdc327b97d405034c |
| Cuckoo release | 1.4-Maldun |
沪公网安备 31011502009736号