恶意软件分析 & URL链接扫描免费在线病毒分析平台

分析任务

分析类型	虚拟机标签	开始时间	结束时间	持续时间
文件 (Windows)	win7-sp1-x64-hpdapp01-1	2020-01-18 15:22:53	2020-01-18 15:25:17	144 秒

魔盾分数

10.0

Malicious病毒

文件详细信息

文件名	KMSPico 11.1.2.exe
文件大小	3741040 字节
文件类型	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	5473330b7d2ea5d6f331d9a1dcc2c173
SHA1	e1d70c8b754c9fd4fbf9a75e1b72606fb85de168
SHA256	3dca25cb1ca99ba8bf79bf5e0d3e2486e706f031a3e52beb4e65d93f68a69198
SHA512	61cc6c22bb734537e425edd422afcdb653d5781f905a531514f3e1df86f733bf2ded93f3e23f9e7cae1aaaf9dbdaf94738b4b1d00c971b71a481988422f1c842
CRC32	B787060C
Ssdeep	49152:BQc1ptwmKVizny/Zmc5LE5riVZWlgPZd7Qul7sdgYujiP7EnAVC55n6R+Xpbsg9K:BQSrZ+ZIirxd7Q87s0ONoiR+Xpbsbkq
Yara	登录查看Yara规则
	样本下载提交误报

登录查看威胁特征

运行截图

访问主机纪录 (可点击查询WPING实时安全评级)

无主机纪录.

域名解析 (可点击查询WPING实时安全评级)

无域名信息.

摘要

登录查看详细行为信息

PE 信息

初始地址	0x00400000
入口地址	0x00401d20
声明校验值	0x00000000
实际校验值	0x0039851d
最低操作系统版本要求	4.0
编译时间	2011-02-01 01:44:13
载入哈希	d221b1dc8c3a08622f6512e7876527c8

PE 数据组成

名称	虚拟地址	虚拟大小	原始数据大小	特征	熵(Entropy)
.text	0x00001000	0x00000eac	0x00001000	IMAGE_SCN_CNT_CODE\|IMAGE_SCN_MEM_EXECUTE\|IMAGE_SCN_MEM_READ	5.94
.rdata	0x00002000	0x00000488	0x00001000	IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ	1.73
.data	0x00003000	0x00000560	0x00001000	IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE	1.01
.gentee	0x00004000	0x0000f4e8	0x00010000	IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ	7.89
.rsrc	0x00014000	0x00007bbc	0x00008000	IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ	6.47

覆盖

偏移量	0x0001c000
大小	0x00375570

导入

库: KERNEL32.dll:

• 0x402000 CloseHandle

• 0x402004 WriteFile

• 0x402008 CreateDirectoryA

• 0x40200c lstrcpyA

• 0x402010 CreateFileA

• 0x402014 GetFileAttributesA

• 0x402018 lstrlenA

• 0x40201c GetTempPathA

• 0x402020 lstrcmpA

• 0x402024 lstrcatA

• 0x402028 ExitProcess

• 0x40202c DeleteFileA

• 0x402030 FreeLibrary

• 0x402034 GetProcAddress

• 0x402038 LoadLibraryA

• 0x40203c GetModuleHandleA

• 0x402040 GetFileSize

• 0x402044 GetLastError

• 0x402048 CreateMutexA

• 0x40204c GetModuleFileNameA

• 0x402050 VirtualAlloc

• 0x402054 VirtualFree

• 0x402058 GetStartupInfoA

库: USER32.dll:

• 0x402098 MessageBoxA

• 0x40209c wsprintfA

库: MSVCRT.dll:

• 0x402060 _exit

• 0x402064 _XcptFilter

• 0x402068 exit

• 0x40206c _acmdln

• 0x402070 __getmainargs

• 0x402074 _initterm

• 0x402078 __setusermatherr

• 0x40207c _adjust_fdiv

• 0x402080 __p__commode

• 0x402084 __p__fmode

• 0x402088 __set_app_type

• 0x40208c _except_handler3

• 0x402090 _controlfp

.text
`.rdata
@.data
.gentee
@.rsrc
t$HVh
|$LVh40@
Vh40@
Rh`0@
Gentee Launcher
CloseHandle
WriteFile
CreateDirectoryA
lstrcpyA
CreateFileA
GetFileAttributesA
lstrlenA
GetTempPathA
lstrcmpA
lstrcatA
ExitProcess
DeleteFileA
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleHandleA
GetFileSize
GetLastError
CreateMutexA
GetModuleFileNameA
VirtualAlloc
VirtualFree
KERNEL32.dll
wsprintfA
MessageBoxA
USER32.dll
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
MSVCRT.dll
_controlfp
GetStartupInfoA
Cannot create gentee.dll!
c:\temp
%s\genteert.dll
launcher_get
lzge_decode
ERROR: 
The executable file does not have a bytecode!
gentee_call
gentee_set
gentee_load
gentee_deinit
gentee_init
Cannot load %s.
Please download it again and make sure that you do not have viruses.
The application has already run.
az5<c
PAGEA
english.lng
default - 1.bmp
install - 1.bmp
</assembly>PPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDGEA
disk%i.pak
KMSPicoSetup.bat
KMSPicoSetup.exe
1KMSPico.exe
Windows-10-IoT.pdf
.text
`.rdata
@.data
.ndata
.rsrc
v#Vh|,@
ihk;@
SETUP_ICON(
Verdana
msctls_progress32
msctls_progress32
Verdana

防病毒引擎/厂商	病毒名/规则匹配	病毒库日期
Bkav	未发现病毒	20200115
MicroWorld-eScan	Trojan.Agent.EBXD	20200116
CMC	未发现病毒	20190321
CAT-QuickHeal	Trojan.Biodata	20200115
McAfee	Artemis!5473330B7D2E	20200116
Cylance	Unsafe	20200116
Zillya	Trojan.Biodata.Win32.6073	20200115
Sangfor	Malware	20200114
K7AntiVirus	Trojan ( 0055cd271 )	20200116
Alibaba	Trojan:Win32/Biodata.93a5b4bc	20190527
K7GW	Trojan ( 0055cd271 )	20200116
CrowdStrike	win/malicious_confidence_80% (D)	20190702
Invincea	heuristic	20191211
Baidu	未发现病毒	20190318
F-Prot	W32/Adload.CI.gen!Eldorado	20200116
ESET-NOD32	a variant of Generik.PZWDWD	20200116
APEX	Malicious	20200116
Paloalto	generic.ml	20200116
ClamAV	未发现病毒	20200115
Kaspersky	Trojan.Win32.Biodata.dqzm	20200115
BitDefender	Trojan.Agent.EBXD	20200116
NANO-Antivirus	未发现病毒	20200116
ViRobot	未发现病毒	20200116
SUPERAntiSpyware	未发现病毒	20200112
Avast	Win32:Trojan-gen	20200116
Tencent	Win32.Trojan.Biodata.Suxn	20200116
Endgame	malicious (high confidence)	20190918
Sophos	Mal/Generic-S	20200116
Comodo	Malware@#2oebzbxgdl8yv	20200116
F-Secure	Trojan.TR/AD.IStartSurf.acgll	20200116
DrWeb	Trojan.MulDrop9.52891	20200116
VIPRE	Trojan.Win32.Generic.pak!cobra	20200116
TrendMicro	TROJ_GEN.R011C0GL619	20200116
McAfee-GW-Edition	BehavesLike.Win32.Dropper.wc	20200116
Fortinet	W32/Malicious_Behavior.VEX	20200116
Trapmine	malicious.high.ml.score	20191216
FireEye	Generic.mg.5473330b7d2ea5d6	20200116
Emsisoft	Trojan.Agent.EBXD (B)	20200116
Ikarus	Trojan.SuspectCRC	20200115
Cyren	W32/Adload.CI.gen!Eldorado	20200116
Jiangmin	未发现病毒	20200116
Webroot	W32.Hacktool.Kms	20200116
MAX	malware (ai score=83)	20200116
Antiy-AVL	未发现病毒	20200116
Kingsoft	未发现病毒	20200116
Arcabit	Trojan.Agent.EBXD	20200116
AegisLab	未发现病毒	20200116
ZoneAlarm	Trojan.Win32.Biodata.dqzm	20200116
Avast-Mobile	未发现病毒	20200114
Microsoft	Trojan:Win32/Tiggre!rfn	20200114
AhnLab-V3	未发现病毒	20200115
Acronis	未发现病毒	20200113
VBA32	未发现病毒	20200115
ALYac	Trojan.Agent.EBXD	20200116
TACHYON	未发现病毒	20200116
Ad-Aware	Trojan.Agent.EBXD	20200116
Zoner	未发现病毒	20200116
TrendMicro-HouseCall	TROJ_GEN.R011C0GL619	20200116
Rising	Dropper.Generic!8.35E (CLOUD)	20200116
Yandex	Trojan.Biodata!	20200115
SentinelOne	DFI - Malicious PE	20191218
eGambit	Unsafe.AI_Score_94%	20200116
GData	Trojan.Agent.EBXD (2x)	20200116
BitDefenderTheta	未发现病毒	20200113
AVG	Win32:Trojan-gen	20200116
Cybereason	malicious.b754c9	20190616
Panda	Trj/CI.A	20200115
Qihoo-360	Win32/Trojan.908	20200116

进程树

KMSPico 11.1.2.exe id: 2632
- cmd.exe id: 2804
  - KMSPicoSetup.exe id: 2876
    - KMSPicoSetup.exe id: 2608
  - KMSPico.exe id: 2736
    - ic-0.ac5463fc4c2e38.exe id: 3068
      - cmd.exe id: 2940
        
        PING.EXE id: 2120
    - ic-0.3e1c9ad4bf0ba.exe id: 628
  - schtasks.exe id: 384
services.exe id: 428
- TrustedInstaller.exe id: 1604

KMSPico 11.1.2.exe, PID: 2632, 上一级进程 PID: 2336

缺省注册表文件系统网络进程线程服务设备同步加密浏览器全部

cmd.exe, PID: 2804, 上一级进程 PID: 2632

缺省注册表文件系统网络进程线程服务设备同步加密浏览器全部

KMSPicoSetup.exe, PID: 2876, 上一级进程 PID: 2804

缺省注册表文件系统网络进程线程服务设备同步加密浏览器全部

KMSPicoSetup.exe, PID: 2608, 上一级进程 PID: 2876

缺省注册表文件系统网络进程线程服务设备同步加密浏览器全部

KMSPico.exe, PID: 2736, 上一级进程 PID: 2804

缺省注册表文件系统网络进程线程服务设备同步加密浏览器全部

ic-0.ac5463fc4c2e38.exe, PID: 3068, 上一级进程 PID: 2736

缺省注册表文件系统网络进程线程服务设备同步加密浏览器全部

ic-0.3e1c9ad4bf0ba.exe, PID: 628, 上一级进程 PID: 2736

缺省注册表文件系统网络进程线程服务设备同步加密浏览器全部

cmd.exe, PID: 2940, 上一级进程 PID: 3068

缺省注册表文件系统网络进程线程服务设备同步加密浏览器全部

PING.EXE, PID: 2120, 上一级进程 PID: 2940

缺省注册表文件系统网络进程线程服务设备同步加密浏览器全部

services.exe, PID: 428, 上一级进程 PID: 332

缺省注册表文件系统网络进程线程服务设备同步加密浏览器全部

TrustedInstaller.exe, PID: 1604, 上一级进程 PID: 428

缺省注册表文件系统网络进程线程服务设备同步加密浏览器全部

schtasks.exe, PID: 384, 上一级进程 PID: 2804

缺省注册表文件系统网络进程线程服务设备同步加密浏览器全部

访问主机纪录 (可点击查询WPING实时安全评级)

无主机纪录.

TCP

无TCP连接纪录.

UDP

无UDP连接纪录.

域名解析 (可点击查询WPING实时安全评级)

无域名信息.

TCP

无TCP连接纪录.

UDP

无UDP连接纪录.

HTTP 请求

未发现HTTP请求.

SMTP 流量

无SMTP流量.

IRC 流量

无IRC请求.

ICMP 流量

无ICMP流量.

CIF 报告

无 CIF 结果

网络警报

Timestamp	Source IP	Source Port	Destination IP	Destination Port	Protocol	SID	Signature	Category
2020-01-18 15:24:24.674550+0800	209.222.30.27	80	192.168.122.201	49179	TCP	2018959	ET POLICY PE EXE or DLL Windows file download HTTP	Potential Corporate Privacy Violation
2020-01-18 15:24:42.849963+0800	192.168.122.201	49184	104.24.120.153	80	TCP	2022896	ET CURRENT_EVENTS SUSPICIOUS Firesale gTLD EXE DL with no Referer June 13 2016	A Network Trojan was detected
2020-01-18 15:24:42.849963+0800	192.168.122.201	49184	104.24.120.153	80	TCP	2019714	ET CURRENT_EVENTS Terse alphanumeric executable downloader high likelihood of being hostile	Potentially Bad Traffic
2020-01-18 15:24:43.021874+0800	104.24.120.153	80	192.168.122.201	49184	TCP	2018959	ET POLICY PE EXE or DLL Windows file download HTTP	Potential Corporate Privacy Violation
2020-01-18 15:24:49.854025+0800	104.18.39.90	80	192.168.122.201	49192	TCP	2020202	ET POLICY Terse Named Filename EXE Download - Possibly Hostile	A Network Trojan was detected
2020-01-18 15:24:50.290255+0800	104.18.39.90	80	192.168.122.201	49192	TCP	2018959	ET POLICY PE EXE or DLL Windows file download HTTP	Potential Corporate Privacy Violation

TLS

Timestamp	Source IP	Source Port	Destination IP	Destination Port	Version	Issuer	Subject	Fingerprint
2020-01-18 15:24:07.551514+0800	192.168.122.201	49167	104.28.25.59	443	TLS 1.2	C=US, ST=CA, L=San Francisco, O=CloudFlare, Inc., CN=CloudFlare Inc ECC CA-2	C=US, ST=CA, L=San Francisco, O=Cloudflare, Inc., CN=sni.cloudflaressl.com	44:a1:32:d7:27:00:c9:48:d5:64:d8:8c:91:70:84:48:af:a7:8c:0a
2020-01-18 15:24:09.282386+0800	192.168.122.201	49169	104.28.25.59	443	TLS 1.2	C=US, ST=CA, L=San Francisco, O=CloudFlare, Inc., CN=CloudFlare Inc ECC CA-2	C=US, ST=CA, L=San Francisco, O=Cloudflare, Inc., CN=sni.cloudflaressl.com	44:a1:32:d7:27:00:c9:48:d5:64:d8:8c:91:70:84:48:af:a7:8c:0a
2020-01-18 15:24:10.203709+0800	192.168.122.201	49171	104.28.25.59	443	TLS 1.2	C=US, ST=CA, L=San Francisco, O=CloudFlare, Inc., CN=CloudFlare Inc ECC CA-2	C=US, ST=CA, L=San Francisco, O=Cloudflare, Inc., CN=sni.cloudflaressl.com	44:a1:32:d7:27:00:c9:48:d5:64:d8:8c:91:70:84:48:af:a7:8c:0a
2020-01-18 15:24:46.693009+0800	192.168.122.201	49187	103.88.45.51	443	TLSv1	C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA	OU=Domain Control Validated, OU=ShinoSaki DV, CN=api.ip.sb	3a:45:a5:f2:64:df:3a:8c:8a:22:f1:92:02:3a:c9:76:90:d2:13:16
2020-01-18 15:24:52.220025+0800	192.168.122.201	49194	52.218.208.24	443	TLSv1	C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Baltimore CA-2 G2	C=US, ST=Washington, L=Seattle, O=Amazon.com, Inc., CN=*.s3-us-west-2.amazonaws.com	e8:ee:a0:d0:24:8e:9c:2e:de:11:82:37:25:83:da:d7:5b:d0:50:4c
2020-01-18 15:24:54.867371+0800	192.168.122.201	49200	104.27.143.207	443	TLS 1.2	C=US, ST=CA, L=San Francisco, O=CloudFlare, Inc., CN=CloudFlare Inc ECC CA-2	C=US, ST=CA, L=San Francisco, O=Cloudflare, Inc., CN=sni.cloudflaressl.com	ca:af:f1:ee:38:c6:7f:f9:c9:e3:0d:50:cd:03:31:35:f8:92:d3:9f
2020-01-18 15:24:58.949415+0800	192.168.122.201	49211	104.31.69.235	443	TLS 1.2	C=US, ST=CA, L=San Francisco, O=CloudFlare, Inc., CN=CloudFlare Inc ECC CA-2	C=US, ST=CA, L=San Francisco, O=CloudFlare, Inc., CN=sni.cloudflaressl.com	5a:31:5b:76:2d:dd:ea:fd:3b:ee:21:5a:c6:aa:a5:15:94:02:d6:4a
2020-01-18 15:25:00.162270+0800	192.168.122.201	49212	203.208.50.68	443	TLS 1.2	C=US, O=Google Trust Services, CN=GTS CA 1O1	C=US, ST=California, L=Mountain View, O=Google LLC, CN=*.storage.googleapis.com	7b:bd:9c:ba:37:4d:6a:e9:8f:85:9f:2f:54:6b:5d:cf:26:e1:51:19

Suricata HTTP

No Suricata HTTP

未发现网络提取文件

抱歉! 没有任何文件投放。

没有发现相似的分析.

HTML 总结报告 (需15-60分钟同步)	下载

Processing ( 38.053 seconds )

15.818 Suricata
9.711 Static
9.001 BehaviorAnalysis
1.529 VirusTotal
1.239 TargetInfo
0.556 peid
0.168 AnalysisInfo
0.019 Strings
0.009 config_decoder
0.003 Memory

Signatures ( 4.65 seconds )

0.827 antiav_detectreg
0.445 api_spamming
0.366 stealth_timeout
0.343 stealth_decoy_document
0.286 infostealer_ftp
0.173 antianalysis_detectreg
0.165 infostealer_im
0.125 antivm_generic_scsi
0.121 mimics_filetime
0.113 stealth_file
0.11 reads_self
0.104 virus
0.09 infostealer_mail
0.088 bootkit
0.078 antivm_generic_services
0.078 antivm_generic_disk
0.073 hancitor_behavior
0.069 anormaly_invoke_kills
0.044 kibex_behavior
0.042 darkcomet_regkeys
0.041 antivm_xen_keys
0.04 antivm_parallels_keys
0.032 recon_fingerprint
0.031 betabot_behavior
0.031 kovter_behavior
0.031 geodo_banking_trojan
0.028 antivm_generic_diskreg
0.026 infostealer_browser_password
0.026 antiav_detectfile
0.024 antiemu_wine_func
0.022 antisandbox_productid
0.021 maldun_anomaly_massive_file_ops
0.02 injection_createremotethread
0.018 infostealer_bitcoin
0.016 antidbg_windows
0.016 md_domain_bl
0.015 anomaly_persistence_autorun
0.015 antivm_vbox_keys
0.015 antivm_vmware_keys
0.014 antivm_vpc_keys
0.013 antivm_vbox_libs
0.013 infostealer_browser
0.013 injection_runpe
0.013 bypass_firewall
0.013 antivm_xen_keys
0.013 antivm_hyperv_keys
0.013 antivm_vbox_acpi
0.013 maldun_anormaly_invoke_vb_vba
0.013 packer_armadillo_regkey
0.011 stealth_network
0.011 md_url_bl
0.011 recon_programs
0.01 shifu_behavior
0.01 antivm_generic_bios
0.01 antivm_generic_cpu
0.01 antivm_generic_system
0.01 antivm_vbox_files
0.009 maldun_malicious_write_executeable_under_temp_to_regrun
0.009 maldun_anomaly_write_exe_and_obsfucate_extension
0.008 dridex_behavior
0.008 ransomware_extensions
0.007 antiav_avast_libs
0.007 heapspray_js
0.007 antisandbox_sunbelt_libs
0.007 maldun_anomaly_write_exe_and_dll_under_winroot_run
0.007 exec_crash
0.007 ransomware_files
0.006 injection_explorer
0.006 ipc_namedpipe
0.005 hawkeye_behavior
0.005 rat_luminosity
0.005 virtualcheck_js
0.005 process_interest
0.005 antisandbox_sboxie_libs
0.005 antiav_bitdefender_libs
0.005 h1n1_behavior
0.005 disables_browser_warn
0.004 vawtrak_behavior
0.004 antidbg_devices
0.003 tinba_behavior
0.003 network_tor
0.003 rat_nanocore
0.003 anomaly_persistence_bootexecute
0.003 antivm_vmware_libs
0.003 anomaly_reset_winsock
0.003 antivm_vbox_window
0.003 sets_autoconfig_url
0.003 browser_security
0.003 modify_proxy
0.003 rat_pcclient
0.002 ransomware_message
0.002 creates_largekey
0.002 kazybot_behavior
0.002 dead_connect
0.002 creates_nullvalue
0.002 cerber_behavior
0.002 antisandbox_script_timer
0.002 process_needed
0.002 securityxploded_modules
0.002 antivm_vmware_files
0.002 antiemu_wine_reg
0.002 browser_addon
0.002 codelux_behavior
0.002 maldun_malicious_drop_executable_file_to_temp_folder
0.002 md_bad_drop
0.001 disables_spdy
0.001 network_anomaly
0.001 Locky_behavior
0.001 ursnif_behavior
0.001 ransomeware_modifies_desktop_wallpaper
0.001 dyre_behavior
0.001 java_js
0.001 js_phish
0.001 disables_wfp
0.001 nymaim_behavior
0.001 silverlight_js
0.001 js_suspicious_redirect
0.001 sniffer_winpcap
0.001 antianalysis_detectfile
0.001 antivm_vpc_files
0.001 banker_cridex
0.001 banker_zeus_mutex
0.001 bot_drive
0.001 bot_drive2
0.001 disables_system_restore
0.001 disables_windows_defender
0.001 malicous_targeted_flame
0.001 network_tor_service
0.001 office_security
0.001 rat_spynet
0.001 stealth_hiddenreg
0.001 stealth_hide_notifications
0.001 stealth_modify_uac_prompt
0.001 stealth_modify_security_center_warnings

Reporting ( 1.513 seconds )

1.044 ReportHTMLSummary
0.469 Malheur


Task ID	488310
Mongo ID	5e22b3742f8f2e4bef6378af
Cuckoo release	1.4-Maldun