1.2
低危
53 个模型检测该样本为恶意!
重新分析
更多

26e0dba39a67cf3c7dcab7f74b21254f7ecea3a555a941e03ccec600028e7a62

26e0dba39a67cf3c7dcab7f74b21254f7ecea3a555a941e03ccec600028e7a62.exe

分析耗时

195s

最近分析

373天前

文件大小

59.8KB
静态报毒 动态报毒 CVE FAMILY METATYPE PLATFORM TYPE UNKNOWN WIN32 TROJAN ZUSY
鹰眼引擎
DACN 0.12
FACILE 1.00
IMCLNet 0.74
MFGraph 0.00
静态判定
反病毒引擎
查杀引擎 查杀结果 查杀时间 查杀版本
Alibaba None 20190527 0.3.0.5
Avast Win32:Malware-gen 20200923 18.4.3895.0
Baidu None 20190318 1.0.0.2
CrowdStrike win/malicious_confidence_100% (D) 20190702 1.0
Kingsoft None 20200923 2013.8.14.323
McAfee None 20200922 6.0.6.653
Tencent Malware.Win32.Gencirc.10b0789f 20200923 1.0.0.1
行为判定
动态指标
该二进制文件可能包含加密或压缩数据,表明使用了打包工具 (2 个事件)
section {'name': '', 'virtual_address': '0x00001000', 'virtual_size': '0x00027000', 'size_of_data': '0x0000bc00', 'entropy': 7.663081984917489} entropy 7.663081984917489 description 发现高熵的节
entropy 0.9943390768976489 description 此PE文件的整体熵值较高
网络通信
与未执行 DNS 查询的主机进行通信 (1 个事件)
host 114.114.114.114
文件已被 VirusTotal 上 53 个反病毒引擎识别为恶意 (50 out of 53 个事件)
ALYac Gen:Variant.Ser.Zusy.713
APEX Malicious
AVG Win32:Malware-gen
Acronis suspicious
Ad-Aware Gen:Variant.Ser.Zusy.713
AhnLab-V3 Malware/RL.Generic.R256000
Antiy-AVL GrayWare/Win32.BlackMoon.a
Arcabit Trojan.Ser.Zusy.713
Avast Win32:Malware-gen
Avira TR/Crypt.XPACK.Gen
BitDefender Gen:Variant.Ser.Zusy.713
BitDefenderTheta Gen:NN.ZexaF.34254.diY@ai09iRm
Bkav W32.AIDetectVM.malware1
CAT-QuickHeal Trojan.GenericCS.S5480318
ClamAV Win.Malware.Blackmoon-9625605-0
Comodo Backdoor.Win32.Agent.BVX@8hj67l
CrowdStrike win/malicious_confidence_100% (D)
Cybereason malicious.4ea4b5
Cynet Malicious (score: 100)
Cyren W32/BlackMoon.P.gen!Eldorado
DrWeb Trojan.Inject1.58305
ESET-NOD32 a variant of Win32/Packed.BlackMoon.A potentially unwanted
Elastic malicious (high confidence)
Emsisoft Gen:Variant.Ser.Zusy.713 (B)
F-Secure Trojan.TR/Crypt.XPACK.Gen
FireEye Generic.mg.cba97044ea4b5f33
Fortinet W32/GenKryptik.CZVL!tr
GData Win32.Trojan.PSE.191P5TO
Invincea ML/PE-A + Troj/Agent-BBIM
K7AntiVirus Trojan ( 00568e321 )
K7GW Trojan ( 00568e321 )
Kaspersky HEUR:Trojan.Win32.Generic
MAX malware (ai score=86)
Malwarebytes Trojan.Vundo
McAfee-GW-Edition BehavesLike.Win32.Generic.qc
MicroWorld-eScan Gen:Variant.Ser.Zusy.713
Microsoft Worm:Win32/Ganelp
Panda Trj/Genetic.gen
Qihoo-360 HEUR/QVM19.1.1E31.Malware.Gen
Rising Trojan.Agent!1.B82B (CLASSIC)
Sangfor Malware
SentinelOne DFI - Malicious PE
Sophos Troj/Agent-BBIM
Symantec Trojan Horse
TACHYON Trojan/W32.Blamon
Tencent Malware.Win32.Gencirc.10b0789f
VBA32 Trojan.Blamon
VIPRE Trojan.Win32.Generic!BT
Webroot W32.Trojan.Gen
Yandex Trojan.Agent!UeYn5PMKO2c
可视化分析
二进制图像
数据导入图像 288x288
数据导入图像 224x224
数据导入图像 192x192
数据导入图像 160x160
数据导入图像 128x128
数据导入图像 96x96
数据导入图像 64x64
数据导入图像 32x32
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

2015-01-27 11:56:27

PE Imphash

cdf5bbb8693f29ef22aef04d2a161dd7

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
0x00001000 0x00027000 0x0000bc00 7.663081984917489
petite 0x00028000 0x00000112 0x00000112 3.9970132554243403

Imports

Library user32.dll:
0x4280ce MessageBoxA
0x4280d2 wsprintfA
Library kernel32.dll:
0x4280da ExitProcess
0x4280de GetModuleHandleA
0x4280e2 GetProcAddress
0x4280e6 VirtualProtect
0x4280ea VirtualAlloc
0x4280ee VirtualFree
0x4280f2 LoadLibraryA
`petite
R*4Lb|<8?VQNH
d{1BLZ
kWgpVT;
Z1+y8-S
jYx9nU
13$=N
dKt>3!#:zIf
#C~a(D/2
1U>RC%
h8Kf~wWn%}:
{dy[,"
"S#j<){
/FP( 4TQ
0|6a7kk
2VPIg7#
4Gu=Ddcqs$H
JwA6f6bI
]2_<n$q]B
dhI(r*%
*7V-uK
8f_zHb^w
PFzO6v`
Ew$U,_[M_
r/xnGt_ff
[\zv-
!'x'$R
;s"QwW;E
DvH(L4vU/S`l
p*t8fNR
,8vL<
"=#haIBS{z
)`Sp9J_
|{A!==IvW7%{si `
9:qR\oY$
+Po3+n
mJGx,U
\R.E;frTv!5]p]
A=7_;T
skN!'b
[EM'(.~
J?8){.BA
KpXOke
)m2#.C'
-\_Sewq
ErZ>@&Mg
0z#F&}H
G'Eg$9
9~2;(p}9
O4QYJK9
f4BeFY
"8G!qIBgA
Re}$(
"[{vGAb%Ru
8&2y'R
hMwpKy7xM
q'hQ}h*'Z
j"GlPA
)a/w8RO6?7
D!}<0#
'C&ul#7
gk>^t0my]A
|8[Uj\U(
_*MjF0
]/4Ux0NT
HYG+Eh
\rWt%]X>hYg ~
j7&3O"
mf_k6TrOQj&Ts2
Vi/_Ih
9 b@hwo0yNf5k
r5SBu(D
G04`C&<g
36\4n|-
)cVY?J{P
B_`bwVok[><
#6N?\6/W6
%TRo^Y(
*I^||dy
C^!u5;7U'm
Hv|G_ks}
vymqzK
;-V;mE
#Tnm_xx
XPMrK"#=
{>1\pxO
s\b/Ty
w4R&WL
?zIE~t=e
bosQv_
&.F"/T
!]4U7V
OL-(.WbIM
@?YW oA
&~oFMbM@
%<S!
^@AKSiZ|U
"M`Ivy
2^I%Z'a1
\_Z8my
X{'xa2
D#jr)(
xG.cYxp\>;Ob
%H_DQ5
'dEr4PZ:{lk
s3KtQj
Z[cAjlW9)kx
=(TaT>dxL!loH_
0d4V/}4a5M
6NYZ+B{x9
%w3wtah
Y*r#`un5i
{!!")"
3|R:i-vQgk
4Dcx9i
3^Wo=kb
s4hf1On|
7hkJ_G_
,w&X^q
!UkxE?g[i#
WN*<TT
wW:?m
aHyvX
TA(j#u
No(HHQIE
SG/*(&.c
a]nR<Q
@ZXo"z_ki+>`
O!|i5Mb{
&L:Fv1q
.`f{Yc
n:a6}~F]c
#zMq=oc]2
@)EbIl
gVg<~3\hl
^`gzW}bQ
Igz|e3A)53JK_|
.(VLJ'D
O#"WljMQ(U
EpW5xSnu
|5-#wr5v
}XsINA-Ge
"AT&MbbNP
>h<*""
DewN>w
^f~(E.m
+rew>^v
oY^WL^/;C0uS@
n<NnH(;2
YZ{w,{U,G.v
mCo>a:v
|4bSRA
IF3J-2
-z$vo>g
vt/c&cWoZK
.s|Md^A
@:?eIvz;Foo>
Icisv6H
b#Kk;N
MY-YeN
2[U(67
P)C:D=F
Sws9(S
km?+ff c6
H1$`zJ
F2xSs`;
2w1Z+G
$/$yHO
J = i;
!w2oXH4
'U:b,u
Nz+T/|
/O]2r+K
K:AQ1D
3<^U!B
Go&1_e
f2lk_d
&7@*y$'[^
Ie*P_U
,4@)1d
1k4fgQlp
%-?1dT))
B2AVoSFY2$`+)0
m^*R!jkzz
:}Sg)1H
=#gCZw
h*lRz+B}hG
vs~=rf
0$<K7:7%O
Id(%Ujw(XB
2a|KX$
#[^&^.2H
{Z,`0kO^
\aynQ?9
:: Y9%Cufr
d*Z`7f7U
D9*q60z"l
_O%q}
c2DdA3
3xzIcP
{(s"Xu
KDEiEDn@L2
2Ne&]eZT
'l`YF-
h[DQE|9in}0:
zVnR9d
b^;Q_
L>H9wG*m
{0PJB!Jr,?*}J
Wr{i.?*FQ
Vw80k4s,L
}hgu9zJ`z
41NhLc6VeKY%
Z' 5olpap
EJw`o]4o8G1
8YRH;t`_
<oSmk&Nd4?
vjL@!Y'Ej#
71#.mk&EU@dIi
HWJ?E'
fNK~|L
>^}dON@
(MU0drx
+@)V?\
#j^rFb&tU
-=T@H>)
%JT>M#
.1v\0_
<9i8N7
PNDMoGr7
ND]TBj8BQJF^
#E`@S3p
+?;o&!IMg3
naL'yC
wZWLU*u
T{VLt[0
PEDKZ
#]RS+OO/g|_
@X5!$6
-vTmV1
V=Y,a- j*
?a;%8t
f<ez &2(ARn<
b>{n?:
$_A2 F
|Fet(k
tP0},]
k7g:#u
0]OA('
\h'_*#}i]q9tn
ee3^az]Zc
As7\D,'
NOQVz[^{\i(t*+
<i{P HL/Q
NUxShJq#Fq
Ps1Ba67_w
Kpz#Aj
jMJRCnN
iYD +E-
tia"}
T&7z 28H
%B8BU*
0TGjTq@\.
kC+aHz4wJkI
1IpNm5JV
:qA\/d
wA^E@p!
$A?;21
jMxIPqh
&OR@BM
W@5s!c
DOq+ym:
({TqI/
#M93sC
g-bP+M
\s2dC3p
6PSh,\
Ud sv$.]
snHE-Q`
ZyFdh;l
zp&#>w
#>z]I
g>&6rA;\
$ud4vg
1H-u#V\E
Wlkn}2
H.j#e@UI>
%2>*WVZ
4>!Gvqo7"5
|'\4` ;
7gSjf-mA@FU
K0zwYu
MW`?HM
XbNQMF
}"m.1@
L(Aq9B#<`r\
e/r!Q}:
=xzpAKjh`P
f}d9{V\
%YJq,|
D?Fx2~pSn?/
@?`va@jY
fF(#2p
8a'Cjz#
&mZ27AY0MMq
Fv}_BF~
AR*MN+lt3
6UbcK@V
vgE(5V]JL
i?3xE^
sV!UD#
bTM08Fi|GFu
-L(2,!Uo
SR(VpYa
NO Ty8hD\/#
[q6 Cr}{r
r3UqVC,
}RrYI\NN2
muM1b7
Iy:}ucY
d:liO0Qf
Ncuo3m@m
zIvD8,
4e?"N+
H?3_6.,8daI
aAJP-$;
z^}bYS-
j{:672
@Rx8G3w
]C#%@+
2&F)b:sTbNh'N
m@3'5qLt!G@>Ji
*A]Q$W
DUK&A
OOiZt?
Is?CUIM,yzmCq\
_"GkS%N/
%hbZ4J#
6K sTwp
PJ@*F{k
kXefB^
=<=?qi
31kKD9KuRin
C+5mb<t
2/<E?>`
g-b*UX7
f{LN|VGNV2YB|+p
/{[W,1
zABAHb
C/DQ,rEa7
t'#CU4
^0Gc:y
HDsKw:X
Jf`e"@
,!?g2i#-BR
0o2A#y
q2xDm/fF5%N
eR!kbu
Av@q71i
tu$trN
j$.A3e
2xh[`zU(
W8KHudWL
RqMxPb'"S`"
{Q(Fe?
_!l3q5I*BnR
y4>Qnd-
K'=4'4
A1/=gP6d
/c<CP"4%
bpME?{PW
PkA Nb];cR
|:f$8%C
zy*";jX
W"+Q=G7u
>$wa8o8
iHC#S$ZWi
KX!#JypyT
5*(B*[T(?
ic(q;L>f
#1'T+N>
C2@>|G
[Q:ux~P
/sw#&n
+HhJd+
P^&'{yc<kV
7MCvO%
_w9y_.A
A^C8@9W#
/e~hD[u
IV`[:cNN
MQIj*ek
g1ugH`
F.4:8I
y9c+c Ov(q&#-SQ`
9&V)Pg*
/,S+M# M%t
1':sI~b_
M~8quxz{
~/tm%t'{
tF:@-3OH6
FcvSQ%vMy
*`M&5d\
H.OZqa^c
k5N#m
rY4(7z
r;Xf3-[
PKp-tb.0wZS,
F0g|mF
-0}lQ>@
X|;%XPc|
Fy[|XxJE
WtC|E9
]eYO4R
Ll&8fV/MzNJ!X
Ed|6!*h
>ZDn?G.%uGc
7kdQU(31
P<Secb
y)*>9;Z,
j[=4*4
%U[,&b5
^<'$\$
|$8c*-
5_9~QV]MsZW
glst[.[
g[QwVE
u:k{laq/
D'ryGl
el8/@KGL9SO
FBoaGKa
D7y&RN
>6#WN$
8m JR\:y>5QW
$OH%+i
~K-<Sr
n"W*ripB))
Gyyw@X:w
|dJrA|'
:UbT
x_K$3s/
uXPk4a
.a^GT
|;a<ieb
c/"6?3Vu)FM
"p^%#T'
ssH=OYvvK
Yt%Cn [>
I&s_6f2L%~|{
8\UQC!S
sw9P2
qc}VC9
jhlOUrE,
.a*U8Qk
EBFb=iH
T,!w4tpc
BO~q?6fCTtUc+p'
^w{=Zb
N"Nj *-z-bi
es%dUk
1H`;r'
8RJn'Wg&
`DE&i9"c
lu=pQV
%OP|v)'
d:,_]:
D;M_^P
E\\-5
G})!|XW
[|_VsxWA5
il4hlm
ga?\vD
Jz/->7
1$,hVWbJ:
D3xUKZ
QNdno9
hALnS<xXn
@p/|WPq;w
b0x`Zhx
J&/XNcTpP5QXME,#E
&UM|jr
EbkO5k
xYl(&:
(,}7j.R
(f fhYtue
ZT1n-4
<k<>s
K3"P7df;7Uy
%rJ,#7
lRje-W
]MG_0oy
$&>|e^
*<^gWb^-U
zM<Az7?
$d7z0UUm9r_,cuP@1.
DNBF|oH
>nP}l(
"!ibA&8
t_Sq/n)
L Hjh>/i#3
m83$ 4]E
UU#}vh
G''6U.
.g9_@}~6
Caf /O
iB~'D1D\$
+.+^Ja(C
Z1,msv
pbLSY@Z?
K .KQ9
=$lp49
S6OPk3N
1#/P8QS
5z\#I!
eJo6M0}brM`WYY(|
As#RHQ(
)#"O,EyA/7
GG=8M:
6igrl$
D]$+=b
hOzkw,
#,LE)x
,Jo~aC/
[:56b%
N9iy#T maReq;
BV|D#s
zo3Noe8x
?('{]m<
\@$r+L
A7|4t+
p:z:Q6
"s~/4V6
9H`rjc|R
.Tj]a]\?5
p<\WA%d
Bzveu+GkjAeM
m*-\8[c
A!H|V5]G,
YXPR<4OP&WlcNM
)3m1\znrKl
BXnlIigbM
0~w'9:B
c:g\Pec~v.
]%q-Pvu
\n+ip%
1A>w_:P(m
E_qi8`D
p]"j7R3`!
Pq|A\$
/'!O-z;raX
TGHl#I
N<:8BL
&E ut'}'1
E;XQ*!
Av@=M!lbJ@
w48K'<
&su&yGMj5^
y(o{a8N;U3
zL6te1k8gP
?-Z0K1!k
$]L&9-%)!D-
4p~/6$
ymIa7xj
PohbZ"
@U2Mms
Ev|u@O
-j<33@znb
/3Q)fDSb$/
U6S4jTp
ygW"2}5`CmijzP(
g)PKXH@Y
M}$o<' fk
4cZkP*
[k-EO 14vz/ovi#D]u
a&*|?|
Bk;&=]4I
|NX7Pb
V"*Gg"
oPw+Qy7
1' {E]fB=
@>8.p9
r~<gkRn(=
sjM,ymOW~
L2Yy:[l9
q%~e"
G4+?Em
0&rO_D
Tg0awl
|3BDwF
&Gwe[i
bQ`RreG
\tDM5Bu
!-8lM}7
/?tL$bOtb.*vO{
6_~ev^
e[h-8'
hd&7E:
N8h|>,/n
c!fyG
4SNfod
EM%[`:yui
U$~,=hw
Ha h>Sr[/u
>5SSgb(g[xuX
VId]R;R:
~<qc6XD[J
(JTPWvArOcM
*h(v9)
ueT:psd}=
,aC@h8
,7w=J) rqsw]:]/
Z9}SQw
a~fx?X%
[2L@&x
S%Tk pR\<
pI,r"xfjeiFK
YQ{\0R3)S-Lmhg
FLH Ut
2V4x B#}=L
JDnbNWz[:
Ma(f<u
9a#urzi
\DQw%=
g4~m}Mp#Fb
[pj@eV
*va/\qZ
;okn%I
MwJVaY
@1_/1-D
(!vu2xt
'LJhS t.
3r3rze_%|x
L:rlxD
]%&ec'df
JsIPiF
[6mhQ>jo
VpuDqz@):\
[{G|LY
P4112VPIZU,
u~}q"C
-Qu)4K
Mdz`vOXo
*ATh.LT8@
@yf~|da!9h
X\'M@M
deM5bd-,
ZXm`T!e@5
Z*H$*c$*HxQF8YWcD
r2\QT"!c
rS$ oS/
SFvBP+#
<yRUjc
`\cf"%i}
.o0#WY
.9lWv>1
E-8omL:2
Qs{n+svY
VYjP@t
WaY2HmWR
J>3H"u-
V{`l*"=7
E$?%-G"QG?@
^]&Oyh
LAZ9Ih+
S1P}|(\l8s
@8d2R-W
-a]Nap
MZl-LArS{
zV$=<UUD}
*]a)Lm
g&/tiI@VtK
^LM8P<]0+'e
bR%o9~@
J,BnG4
sp>4* 6
-T1X5@
DyW=F/X
>";=8k
[5p-HP
qZ[FZs
5;;42v!;s>>1+n+9%)=!((
&BN@Jc
@FDDH#e
1*3k4@n
Sc"GjKZ:
r=c,}<7
)CT'nD
4T^i,2R9J
U&##2.+
V48^XXXX]
MessageBoxA
wsprintfA
ExitProcess
GetModuleHandleA
GetProcAddress
VirtualProtect
VirtualAlloc
VirtualFree
LoadLibraryA
user32.dll
kernel32.dll
28444664222044486664444860004866484622666606206888228422064688428286204808428822828866862068808604086626486260422606860626004808248244404602668022200680808004028480084666268442642266644086602428428404484460060868028660068424802228022842462226424662466084462442244222442864688824480604028822242242060466424688208846268602646428680262482800600204680880820460640848642222628826822888204642448060648666442000006466802262642202266282082468008680024828460022820626886044020208024682840642466806686206424248824460088228022268840062806802426026864660844484820826648004288266422428602464800488486864246682844244482406286664682644640824264204440488040064044402428648068448084660600466686482648866868420448004662662002206826006822048642262260264808006828446660802222408002464468802466006084042882666086822884484444084284020224044646202648802080860640882046402804866406282444248882802466426024424022200442446480062206402246646408244620644468460868286880640440480844888028408288000082466064202068226068860044268886206426600464064286424242680600442228228202260240084426664604486622022008440802222028844268004682024248688426004228688468002482664268280822424426226800640040202688200440288442804248688024024866422626084244266468880280288824280886426200268004882800086426668824408424280866424266006604424444288822220286680822400802424862048288444408840886686022864288468800248220822048642824040806628022806408626608246006820288480086004066686664420020466428022466248080800022840802844406422000404068802440008646688442662280220460888448682444864282204466080460028080008802022200222686244646008002666020844442062222422004622806660602884062822288868680204004246640882220604684460826208240882440864482026488440800282842808480082024468460444262084606206842462460244884626642444242004664680406440044224846082808686620868804446624206820002466688888484086244842622242646860608646608602446042602804682468848442882446266268262660440684420428228468822080468204420404624660844646424242860042280084666060046008224686448682824000240402088046828088682404680282000482644002806002260264208260424484288284624822626088822082608042286604644026264400488242280826202606268440eqk52w594274hw8068419t31bnn6w0thb68t868qkhh9qh11w0462200422428pm8avgd9g7m50jj6sjmj1mgj0gvpg9vm22adgvp4sjs1pvp4j82av6pa2j19dm39dd71447pa0s9e57eqkq630e3154103q1e3100bbh74k6hee39891w83m306vmspdms7p16967bq776hthb9tcucc4x2ou70875c8ox60cifr5xo336998iffclo5368n58en92t61dpj6jj3p53pmm1vm520m74xxro06uci6l52ww26q2b53ww1h80wkwhh2bbh0890kq6t3x6850llxu3836c10lxl4x0u14l015iliv9a5d92d2d5j766s80880909p3p71gsd8sj2j12234drcr1li60lo1l0cx234o174oroxc15x5535ru890ic36u75asa40vgas7c0u76r857o0721u417lr31oiem7d56gs40gg0rr76411fwb5675a0wknh15fin1sm1p5nxvtgx4xpl8b52u5oc1dn327l43xomp2hnxko14j1if13l2t2dw0q3m88w7xx2m6trc7l4l6duu88028x9o807gcxr7039466j77c37i9g4wt4o6pt95nft31776p0uhnfnf9if726e2p0503fo8150fiiel2k4a27ob41vqq5v422grqe3c68219n31q9onb965952q9wavk3dpd7xt06597hek1d92k642gx9i3a862g36j5c3176h610gtsiu7vgp2ke422994t27c8rhq30mfd0m87qx7odf4i1752nd6dwjb912ug7iho618q1bv665vf2lt3np19hs51vf62s3fx1em8bkl19927u3h2qtrn57fr8uv7tru2oxs3809582p5xqdurn29086ppob3996wvihcr0gafwjdm51g16kv3tegj9m2f72487kjmgmv9jtn9485gx3mvx6tlwk19191xb7p51jj9dxx567cro068b3f954fe642tb4s7w768e17pe6g153bvbgs18393un02939j36u6q6q95l0408469xjedo1o7g2428004446080828466428668682068006848486422402660608202808484688086802224428686208826242080406686684686426406068284fbo7n8a1wwjbt9u254gngm6c3ui29495f9rj2okj46p420xcg33n9nhnxd7533a5sn92v8x55votei94ai76q5xl4f8jik73fri6pub98xw27594pvwq8qfcoxdqb14b26vd37612eo15s05h0tx18nm2i3m03staqkq67u1gi41axiuq7311l093205t4ta1d97b8159cn8kef8d25id88e942v18t758v0kuoo557xov50a8f57og4mk68r7j3en65r2r221vhk307p5iefdmf0p5e915c5uggp10ieukh3w3x58t3b6j59c45407206gk75bm6l2tlpk027f69xa54441d747899537ebef5t4s5l4ah1a9o54k8ct9h9c74grr768t04e6ad13q1q5pdsvo0nc8573u481739001w9g9ofp73q04jstg7ti3wjtr57q5vw18mi7bnc9n1xarr61d81f6ua36qufnq05unubm20if11x52e4dpb998siqrv7u9b74829f6c50nwm5kfr65cna06bm09x40ju43bow4elc7w8060bd5mnj0u15e9v2805s71ec166jqco08vj21tg2frvk1b359ki22e3x0g28eolc76a1h19957gmg757trlgkb2b46pp31l05430q990p837x3ok3vrqu50nw5cr0ekb6mm2lgn640846k0kh1k95s97vp67ms6gmpmjs0d274890gsggv65a085x9c5uxxcru50irc2fx7363c03oc9b195t1e8q5968861gd7g623dm350m678veehnqhhw08k4e8590k4b6th6ewk6ets10aa3a9mgj6ap2aad7sa9m027a67fu09cfccr70ix6f7orf744io03m92djjsgs76x5l2oi8rur60ccfxi2o97r13m7434093ao591iqs5h7vxb90l95hk8fqkv59rw194e15k9888x7775je7ud08f009tg96ufwf485r29j32o9uu396486j06bhlve9lua8072fdu4ho36r809t8mg2eq9i9128n88f925l5u3m3849306416hr913f18jmneqmih3abhswk326hth65iu7s78d4t4ec37vic36858ol2gvcxg4me9m1m3548ujhr39592ig50v02e9h59f2u0a077uiqh2vi237j03rl7ka3ba36b50cd3198had7lgpwu492618qitl3x28a20p7d9n83119ne6nho1dw6ixx891uddidc363l6r3g2k9d513b1411soi0u23d0853k6m84fpd21tvtk3klx48v257cx1ftnli3p1tv1j5ej3c3qg8tci89habrnq3cuu9626e90ik4v2da314d7j653061lxh8981ki5j3msbml59qv2wr710447lp97799u5k2x6hdq8x0572fsg5cf7ik6h04k7fx012abkm8wwxe837rrk731vl1mt757tx732i8f652j5md6i3o78jt7xk7ulpcb2hp4q076o23q51gcc8t23m60q399a4h4r44r1g0627p8370p0m8nmipfr64q0730so1h60uj74861s4m69j6m9ku24145inktb0d0ns58ftqi299840068642420466408488804402420048842480468646260662686862464844028686842868600886422862086806486006028666260424600220668860822262208466802448064e8jk7m101bgdu797w3ro193586i37o0u00hu9hh9i8a3949qo662ja99049ko80g41ttik1d1q1sp070l35m84x513u82341pj30x05te85395i8g7ik7gl6i9h82g1695ruoi6845f3x36fr83no8d2xkl3ep5pp8982xqv6u8iogf6d8k9md28018wao28s9g04xnf112c198h87w2f05j9ao54qk1oklv6o9dcv7rlx8dt2vd5akjghi319g13ixwn2p1quxiirinx4k75v6501dk66789108g5vcira4bfon58rnc8q3slmdchtj0raajob9t4hj8r7tp2ba14f30j2s2x1039l29025309j18ncq97x82ho446009h3ox608q90memove9r43j26udd1t4sq0han8g9xkw3j6x98to51ld8lfrc3j2d26n38v4t93b2719e3r29c63txibw3i28460irv02rqgw92g4rq2jf5c59trk9a7167qakcd093f4386t7t2m8x5f6jwis5337idlx291cf6e60274e901rmmkij87lv6boxh0p3bwegqh3h488o9cgwrsxcvl6nt253nv0h8u700h60kc66n826474q5944jced1158f9qg8n610s64kk8n4ks6t21m30wwik90584e4arjv13v437bkk0432910foq491ds9nclto82mc4tod01ntgdujosw05376921ax167qk9d21jk027h0d89i428j9gm8pbm5up65x57mi393566xc47w7j2c69n1wrm1fpxurl792a382bu9810vi2inwbghs7388v39m609g731bn5ec85560s68k9xvw5g4w0ulh81ew20p753o8019a3rw2wh2bo29vwl3fsfio8xu6uq71c54veq0mq8a55927sa599g594g80bs4p2623k2kl6u077327q7i7r9703h0gi1766o0ekrd4jxh85d732v2vm8wke0qdab6a6ln74gbl2b4u36tv2a93g160nbc7vb7glf6kuf34rc6q2b0q3j2409s2q4049pa7j4b72j16kqv6s19912665hvwo1g5dv3k2f07s2f0tx8t58b8r17g2183agv3105iv2l8k7k3n73b7l7epbf7o8k6044m46j4eq2ah28761ac104c713713ve3o2543hhqoi323s56aog7m3xh762ikkqacop9b940vvxdw2n9h0pn90g33f1ein48xsl4926076n3t24p7w7586r4es68vfccm577b8r0d69h18i0810527017w75t31pudkcsr3vuk6792ea87pvak4ew09v00c0v4bf907449cp937xhq9cbg8v91775n6f7c21aq3wfa2g68ws43rca05wrjd97o31571ah2014sg934w7461q9dvctga16ov45qc9ncks47h84662p22x08u428tmav504pqre50e3r50ew115mbk8ctn091t1hdf260ln0l7aija492204020688682484288848662082488482042288866006440860024602466028222848286222426084460862844800404qu5k610t5ad6c508k4tr0249u65le427sueu61g5hawi828cgapdo6tn431e13633a45hpw8j2l0e0220u57l40a3wfg05b1x67d0lvk85dw33vr9t6jc6v201gw7u6q5kpkw22jj0967ss76dr7jkagu6a5w59muuk557i12944823278g6hk2s9d64019bw17033w5m3ead39o7361xkoj8q79k31dea3a3459a46q11ni7d640241f9u6i4b67lnm2co65e1ck69kmo91ge55mt75dqd33vt4c229g3fa591o3e6dauldl15b65g195b5wfs9l5l8845p7lp3uo82n8b65h9825265a52du5lhp8o4a1fedn660b3bj9u10h04x81xg46c55108ke67182055n7r3r77qcm94d71jjode97dr9lek34ukqm35u271m1ub0ldr07qo02aipwdpm10k9m9927gns16d97insce08cl186b6p0495kpc28t4fdpw5l0289m95ne17s4h04a072c85h52wt92eqmkq114s54k3m917qsi91n3qp579eg87l54i2302tdc80aun79xjgqwaexuc5g71c11c0c77dd2619fn131gs618gw4585a3626ewj64b6o57m932mbxc86op76wc599fi30d5mqbx19s36tmq33e80q1jo0w2187xxpthxthhlhphtpdhtdx12892o94fog50rxv1l57a78a94e12aiu89ds1o9j4k5su484fe53tpno6920e7fgjbur1xqvbq4xr6n10l6710632059957l3epwf5wpjq71cd7ja702840s202fubjr1155c1n87ss4m91172rp45x6g9d9i597u603qfw1r1li30hu39d9286gk500a25up7ih05px7uh589ta29cw8o59u5taeba66f8dgj495c9e71a269i3771sf3bum117gu9se02vs99p5r89o2qdo78ufiwtfk5rv33i10h532w15m6e95a13f9frs455wt3kqm3d923h4w99502d77hq807tm109pls044377192c7565vc4a02s6gdmo4j2auooor42banlc52as9c77fs2r5lvcc6a73s30t5lm64g3294b399h995ww7vqg7w9k1aww826tp8w673eo9f2002q71po91gxk1493al5217v0u6gies65lv334o1uk49714q39sq1uq895x93b2i947368psh2pu392f69dl1g6tq2j9wig352f8rhoklm3549ob3du0g9k5e93764549g8ggk8l8292pav90p649mj45js2u764j798arsfa9g07ql6kea718x7sfgix77c5n59q3iom434q6s36851389fs8aw194d6c54m240i28c50seq6ld5okerqeqjwa42het915v5mcw103o8wh5i1kmr3dqmqi5um021ceb82i719j83gqc8g7a881csis1li5137l5505k6568ppq4ehhaeoe54cgb75oqeq2i3lj20d95ffp158e15puufffmcw3c5ph2b0la9577t5p16vu9vqkl2p4eg6q25n10is8j13663h3hw8j68nkrch4d0uc379m0u1e350sj00p3sqxqm321h33wh19uvs86sv5q278l8q8gm199ss7dd293fh4j1791obg7157695ja3323jou85a7tc53x7068ecofxl681181bt03o21fneavie72h8iq84bt491of6k5p0c7750204763c8v861583f6i9t3ca839hgq899lor969d2m8fros31xj3ba51mvglb579iq09nhottu58a0g57f31t4qq0q83orv95w4h4t16onfud51g7105md3f2ewm11gk257rdqii4g12tu6p4i56u36553q75k33sb53ah7rljvp064kge62f983vg74wn1xu61791u58r7093w027e5nre56b0eb658ul38lv90onc3x821ak1269p5ko1keeg7g0s1735sae5fw457jlqnr3ggto27k91w05j67687vcma5s38h8nu2xv360h14qn04109n09tos5u7sc191o319333691l1bu3mesi3x410gif113x7sk7vc84v9pe105l4u069k7ej55h39m9hlf3b96n3n5051t3f1m67791sa2k919150xe56344s3lh8w2f585242q8pg46i1u83ggk7jx7i7pm08go2d0qmcw7uf1468oe8k0x497l24h0q9fa75p338sla0504t5w312k527p8i255xori35rqq677kvj32f58f32fsa33fq86v6c94e42ko56j5ex3gx77xi7tnn99191tsd5m8ap0tev64gpbt2fpc8u2g3h5fu8rn3c2gi5f7dfgv17p764510rn5acd7d96x74jj5u77v625i36og3b9m7c6egipu8q2mk3r906m22h88guv886114df6b2b12g6537f8hwow6602gi78t1m4u3wojbg03o4sq9p1x719qiv31ick495313l7938s7sm5g75rxm7314c75779ea3ciqck04bslgwm935dk68w969311sxpwvahsh6891cu67xlko6gr83s2lpu3j30caamp46xm1oxhu49d207m3s65ka592nx31bh98g9tq5db7s1d30456flpq8s898h4mmee75s440wa1ru4g722r0q578u210714226es932n4932xk9vb2t3gmu041ev06lnvh3d4celf9g211200vac21f36qm23dw0a7j3g739cf152pgbj5a2wkd8p932253lgi64spg8e481k6m2stx4c5e6l77fquqxbb7ph3676k5qq771d32av6jr0c8wla6991s10150e9g9d81n4619510r06tcdq664168v9avs1cm799ob96rjkr936857b75tcwj516xwa25hj712b059cn359m1sh3554ulg2n74kf8q23u662go27d7d2wo5uc790o5cn5r4qm188186kuweb0u0769c9827mlildt7k6789m48pon3i3838481r00mtitsrwo97w4532pl25uw79oxv020h8he086u11en0aoas7ldesj6aao7578781035wi3pc49388u2o079s061i37c4jbb6mx742d67x9a59956k5pms248sl5g59ut3jhjo1e9989k2jru3co7vk0e5aoi7o6192773v13ajrbc17d75p1htl46u5lm519701919j5n19798axw45693hb0j01l6qh85q1a4ouvqu9808q592uk5o61cw933t0awq9m3362dlps12dc1cp0q143k0c34iu750s364a95ddga3tq8a24xsq8423a6a793hk278ee5t4b8qowcd9hqfv3l82nbfuv58u4x6s895h9ojd14w0qwc3iagc09w7806660206686682640288624880484420086226202286422200468464662464628080880682200668288248288466244684440602006048086680464222268824802084004024624208026026246248402400242084rram7w4l0m28728nl1697cp18nigghfh8bf464u9dsgrgki72tw1vnxg4172jgnvgcs8439a2wu719u5xo6l9rxg4f0ln86m94b97gmrfw8s62kr15m929r9f98877pj6m717mti5xdf9l8901pejcjb0u7863o61b1218a973wj519343a42o3eepb89e8gmgc7v5i5v5j7j3k2ib485v800k8135m10g961wne178147do5s39265o7nffh6po95xh15moe285592he2l7011b23n4f77r2m7mx6a9a9734h77b29w417x2i75qhkevaafq3ecci5emddrt004esc9796qk1gu69e9if8ie61o05vn967a4xdi57nucw6vwbx1x48wa4f3sxq6n683s909bwb5bqagd7l46836ukrqhh0449br90c8v291766rju8br80q8i8062dt6x5701n3v99a8280tqjv6b5h431d19kk7hj5mb4n6p2rb31pl10h531a81uo0pr9751f1n917eicuk13g3l59337sgv617obu8nuwmnat192644mc38d83461m36se7u5a8v0f3n32aiqfp2h91u635763dfer2w59b3u7xjo3unmwv46u91o717fcbx7v8a88143m04m3co8l187m55r8ror1788q4sai0g39610s0ofixto71g5ic48l954464w9ffok6m54jmo400hwdvr1ae606c41tcf6fbbitp96438k9sh6a0w53wb4c1uh003q0wecgjw42k9lao135o0988k394cv1hj6o680a1peipqpg48pf033feh785gmf8wl31e0xlt382s06qb6cjkjx5inmv295i658812361vbv8ee5e8o21d7gcswblg62aei85hl4621assv403fb06u0tc8oi0m624lt2k014pu568q3j1dq254op7f5dc29sa3e0ijus2nl64wlx9vb3xq86j1qcuhxixw4fu78c75u413wsg39ccv59ii3ore9f8ll7fi4oi4g39u99wjm6896il70694uq6epe695iqr3k165r8ahu2u04stfk2n3ji279157ncbpog71pem6ni071nwr187af2h6i4a369nnt13u2o46o1s77ll015ppg503f48f734qkk4h45519p55o70112nop65295d0rqlids5k12c1781k717pp1x3bbdg4jc5082de8u17ra3wu24s5aaq6xsp3c9253173lv929m0m3898i3rr7jo11q9x5oe4x7t55a311u0kub206vtj5t1b722v9877f670u1vu789g7xfqk2720pw641rin6rpbh12e8q6n6tu2k8lq7a1184dbf97m1847hjli714i4n4234gpcoi9krhvw282k010na0n8v32dlsbc7er280alej4k1vx90nl850x0j486exq9968cf4hx1xfi6c3411arp7v0m01eobg618gntpjcan7t905h74e9e9bq2vg0m2i9np0fd51d4h55uta1odri9x5fu985k2ki9u004nua4x7ehu35pw2q0wx28u4rwf5090btd2l89h3n76vbjj09b5h6x0u00p4mi73e87gkedx5c88725v6v1vleed7veqefvmf78s7cs69b6d0gt41d650598373j9vc5x3u109uf35968c8i7f49q25w5f7wa73j4685u2hq7w86ttu5w3xbb1gflq7k65o39o1e3al20nbtw97h3n8q9m1q0281i2c3c25cechw2k6m41r1kqb0q292xi8ia7hg17

DNS

Name Response Post-Analysis Lookup
dns.msftncsi.com A 131.107.255.255 131.107.255.255
dns.msftncsi.com AAAA fd3e:4f5a:5b81::1 131.107.255.255

TCP

No TCP connections recorded.

UDP

Source Source Port Destination Destination Port
192.168.56.101 53179 224.0.0.252 5355
192.168.56.101 49642 224.0.0.252 5355
192.168.56.101 137 192.168.56.255 137
192.168.56.101 61714 114.114.114.114 53
192.168.56.101 56933 114.114.114.114 53
192.168.56.101 138 192.168.56.255 138

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.