/
Fsysna_behaviour142.json
108 lines (108 loc) · 4.55 KB
/
Fsysna_behaviour142.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
{
"data": [
{
"attributes": {
"analysis_date": 1460236583,
"dns_lookups": [
{
"hostname": "speedtest.api-digital.com",
"resolved_ips": [
"76.164.172.170"
]
},
{
"hostname": "dl.dropboxusercontent.com",
"resolved_ips": [
"108.160.173.69"
]
},
{
"hostname": "www.download.windowsupdate.com",
"resolved_ips": [
"8.253.82.94"
]
},
{
"hostname": "download-new.utorrent.com",
"resolved_ips": [
"67.215.238.66"
]
}
],
"has_html_report": true,
"has_pcap": true,
"http_conversations": [
{
"request_headers": {
"User-Agent": "Mozilla/5.0 (Windows NT 6.2; WOW64; rv:21.0) Gecko/20100101 Firefox/21.0"
},
"request_method": "POST",
"url": "http://speedtest.api-digital.com/speedtest/upload.php"
},
{
"request_headers": {
"User-Agent": "Microsoft-CryptoAPI/5.131.2600.5512"
},
"request_method": "GET",
"url": "http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt"
},
{
"request_headers": {
"User-Agent": "Microsoft-CryptoAPI/5.131.2600.5512"
},
"request_method": "GET",
"url": "http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab"
},
{
"request_headers": {
"User-Agent": "Microsoft-CryptoAPI/5.131.2600.5512"
},
"request_method": "GET",
"url": "http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/2796BAE63F1801E277261BA0D77770028F20EEE4.crt"
},
{
"request_method": "GET",
"url": "http://download-new.utorrent.com/endpoint/bittorrent/os/win/track/stable/"
}
],
"ip_traffic": [
{
"destination_ip": "76.164.172.170",
"destination_port": 80,
"transport_layer_protocol": "TCP"
},
{
"destination_ip": "108.160.173.69",
"destination_port": 443,
"transport_layer_protocol": "TCP"
},
{
"destination_ip": "8.253.82.142",
"destination_port": 80,
"transport_layer_protocol": "TCP"
},
{
"destination_ip": "67.215.238.66",
"destination_port": 80,
"transport_layer_protocol": "TCP"
},
{
"destination_ip": "<MACHINE_DNS_SERVER>",
"destination_port": 53,
"transport_layer_protocol": "UDP"
}
],
"last_modification_date": 1558702471,
"sandbox_name": "VirusTotal Cuckoofork"
},
"id": "8eb1caa11006eef185a5b0befbaf71da6b4a3b134fd5fb706d0098b12d77842c_VirusTotal Cuckoofork",
"links": {
"self": "https://www.virustotal.com/api/v3/file_behaviours/8eb1caa11006eef185a5b0befbaf71da6b4a3b134fd5fb706d0098b12d77842c_VirusTotal Cuckoofork"
},
"type": "file_behaviour"
}
],
"links": {
"self": "https://www.virustotal.com/api/v3/files/8eb1caa11006eef185a5b0befbaf71da6b4a3b134fd5fb706d0098b12d77842c/behaviours?limit=10"
}
}