分析任务

分析类型 虚拟机标签 开始时间 结束时间 持续时间
文件 (Windows) win7-sp1-x64-hpdapp01-1 2020-01-18 19:59:43 2020-01-18 20:00:22 39 秒

魔盾分数

2.05

可疑的

文件详细信息

文件名 MLCWS.dll
文件大小 157696 字节
文件类型 PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 382729894d98667981274e72792e1610
SHA1 99acb416de40345a0ce99db92e585c5f7d23a8da
SHA256 951e28d00e2aa6edbf8d2759a4dba68b7776c023b1982d86a87b7ef20b9d7e8f
SHA512 010a87b29865a7514521938e0416fc30c5d92570f71b1782a6aa6ce92719cc77db3e1662a2915a2993991d59db579cc5179ee6aab79e1466aaffb3293bc9e4f4
CRC32 87FCC071
Ssdeep 1536:9po2YTLiLzx1ROhAcjbSnfTV5apseZHUtjrVtGpSI+wN84gVtp6b6ZH/urfgR5dE:9C2UQcCKe8P2Rn3GE7bgCWs
Yara 登录查看Yara规则
样本下载 提交漏报

登录查看威胁特征

运行截图


访问主机纪录 (可点击查询WPING实时安全评级)

无主机纪录.

域名解析 (可点击查询WPING实时安全评级)

无域名信息.


摘要

登录查看详细行为信息

PE 信息

初始地址 0x20000000
入口地址 0x20000000
声明校验值 0x00000000
实际校验值 0x0002f29e
最低操作系统版本要求 6.1
编译时间 2010-11-10 19:15:09

版本信息

LegalCopyright
InternalName
FileVersion
CompanyName
ProductName
ProductVersion
FileDescription
OriginalFilename
Translation

PE 数据组成

名称 虚拟地址 虚拟大小 原始数据大小 特征 熵(Entropy)
.rsrc 0x00001000 0x00026548 0x00026600 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 3.23

.rsrc
VS_VERSION_INFO
StringFileInfo
040904B0
CompanyName
Windows (R) Win 7 DDK provider
FileDescription
OKI MICROLINE Printer Driver
FileVersion
6.1.7600.16385 built by: WinDDK
InternalName
mlcws.dll
LegalCopyright
Microsoft Corporation. All rights reserved.
OriginalFilename
mlcws.dll
ProductName
Windows (R) Win 7 DDK driver
ProductVersion
6.1.7600.16385
VarFileInfo
Translation
Courier 10cpi
Courier 10cpi
OKIMLWW Courier 10cpi
Courier 10cpi Dbl High
Courier 10cpi Dbl High
OKIMLWW Courier 10cpi Dbl High
Courier 12cpi
Courier 12cpi
OKIMLWW Courier 12cpi
Courier 12cpi Dbl High
Courier 12cpi Dbl High
OKIMLWW Courier 12cpi Dbl High
Courier 15cpi
Courier 15cpi
OKIMLWW Courier 15cpi
Courier 15cpi Dbl High
Courier 15cpi Dbl High
OKIMLWW Courier 15cpi Dbl High
Courier 17cpi
Courier 17cpi
OKIMLWW Courier 17cpi
Courier 17cpi Dbl High
Courier 17cpi Dbl High
OKIMLWW Courier 17cpi Dbl High
Courier 20cpi
Courier 20cpi
OKIMLWW Courier 20cpi
Courier 20cpi Dbl High
Courier 20cpi Dbl High
OKIMLWW Courier 20cpi Dbl High
Courier 5cpi
Courier 5cpi
OKIMLWW Courier 5cpi
Courier 5cpi Dbl High
Courier 5cpi Dbl High
OKIMLWW Courier 5cpi Dbl High
Courier 6cpi
Courier 6cpi
OKIMLWW Courier 6cpi
Courier 6cpi Dbl High
Courier 6cpi Dbl High
OKIMLWW Courier 6cpi Dbl High
Courier 7.5cpi
Courier 7.5cpi
OKIMLWW Courier 7.5cpi
Courier 7.5cpi Dbl High
Courier 7.5cpi Dbl High
OKIMLWW Courier 7.5cpi Dbl High
Courier 8.5cpi
Courier 8.5cpi
OKIMLWW Courier 8.5cpi
Courier 8.5cpi Dbl High
Courier 8.5cpi Dbl High
OKIMLWW Courier 8.5cpi Dbl High
Courier PS
Courier PS
OKIMLWW Courier PS
Courier PS Dbl Wide
Courier PS Dbl Wide
OKIMLWW Courier PS Dbl Wide
Courier PS Dbl High
Courier PS Dbl High
OKIMLWW Courier PS Dbl High
Gothic 10cpi
Gothic 10cpi
OKIMLWW Gothic 10cpi
Gothic 10cpi Dbl High
Gothic 10cpi Dbl High
OKIMLWW Gothic 10cpi Dbl High
Gothic 12cpi
Gothic 12cpi
OKIMLWW Gothic 12cpi
Gothic 12cpi Dbl High
Gothic 12cpi Dbl High
OKIMLWW Gothic 12cpi Dbl High
Gothic 15cpi
Gothic 15cpi
OKIMLWW Gothic 15cpi
Gothic 15cpi Dbl High
Gothic 15cpi Dbl High
OKIMLWW Gothic 15cpi Dbl High
Gothic 17cpi
Gothic 17cpi
OKIMLWW Gothic 17cpi
Gothic 17cpi Dbl High
Gothic 17cpi Dbl High
OKIMLWW Gothic 17cpi Dbl High
Gothic 20cpi
Gothic 20cpi
OKIMLWW Gothic 20cpi
Gothic 20cpi Dbl High
Gothic 20cpi Dbl High
OKIMLWW Gothic 20cpi Dbl High
Gothic 5cpi
Gothic 5cpi
OKIMLWW Gothic 5cpi
Gothic 5cpi Dbl High
Gothic 5cpi Dbl High
OKIMLWW Gothic 5cpi Dbl High
Gothic 6cpi
Gothic 6cpi
OKIMLWW Gothic 6cpi
Gothic 6cpi Dbl High
Gothic 6cpi Dbl High
OKIMLWW Gothic 6cpi Dbl High
Gothic 7.5cpi
Gothic 7.5cpi
OKIMLWW Gothic 7.5cpi
Gothic 7.5cpi Dbl High
Gothic 7.5cpi Dbl High
OKIMLWW Gothic 7.5cpi Dbl High
Gothic 8.5cpi
Gothic 8.5cpi
OKIMLWW Gothic 8.5cpi
Gothic 8.5cpi Dbl High
Gothic 8.5cpi Dbl High
OKIMLWW Gothic 8.5cpi Dbl High
Gothic PS
Gothic PS
OKIMLWW Gothic PS
<$<<<HH$00<<$<$<<<<<<<<<<<$$<<<<HHHHHHHHH0<HHTHHHHHHHTHTHH<0<0<<$<H<H<0HH$0H$TH<HH<<0HHT<H<0$0<<<<<<<<<<<<H$<<H<<<<H<<<<0$<<<<0<<<<<<HHHHHHTHHHHH0000HHHHHHH<HTTTTHH<<<<<<<T<<<<<$$$$HH<<<<<<<HHHHHHHTTHHHHH<<<<<$$$HH<<<<<<<<HH
Gothic PS Dbl Wide
Gothic PS Dbl Wide
OKIMLWW Gothic PS Dbl Wide
Gothic PS Dbl High
Gothic PS Dbl High
OKIMLWW Gothic PS Dbl High
Orator 10cpi
Orator 10cpi
OKIMLWW Orator 10cpi
Orator 10cpi Dbl High
Orator 10cpi Dbl High
OKIMLWW Orator 10cpi Dbl High
Orator 12cpi
Orator 12cpi
OKIMLWW Orator 12cpi
Orator 12cpi Dbl High
Orator 12cpi Dbl High
OKIMLWW Orator 12cpi Dbl High
Orator 15cpi
Orator 15cpi
OKIMLWW Orator 15cpi
Orator 15cpi Dbl High
Orator 15cpi Dbl High
OKIMLWW Orator 15cpi Dbl High
Orator 17cpi
Orator 17cpi
OKIMLWW Orator 17cpi
Orator 17cpi Dbl High
Orator 17cpi Dbl High
OKIMLWW Orator 17cpi Dbl High
Orator 20cpi
Orator 20cpi
OKIMLWW Orator 20cpi
Orator 20cpi Dbl High
Orator 20cpi Dbl High
OKIMLWW Orator 20cpi Dbl High
Orator 5cpi
Orator 5cpi
OKIMLWW Orator 5cpi
Orator 5cpi Dbl High
Orator 5cpi Dbl High
OKIMLWW Orator 5cpi Dbl High
Orator 6cpi
Orator 6cpi
OKIMLWW Orator 6cpi
Orator 6cpi Dbl High
Orator 6cpi Dbl High
OKIMLWW Orator 6cpi Dbl High
Orator 7.5cpi
Orator 7.5cpi
OKIMLWW Orator 7.5cpi
Orator 7.5cpi Dbl High
Orator 7.5cpi Dbl High
OKIMLWW Orator 7.5cpi Dbl High
Orator 8.5cpi
Orator 8.5cpi
OKIMLWW Orator 8.5cpi
Orator 8.5cpi Dbl High
Orator 8.5cpi Dbl High
OKIMLWW Orator 8.5cpi Dbl High
Orator PS
Orator PS
OKIMLWW Orator PS
<$<<<HH$00<<$<$<<<<<<<<<<<$$<<<<HHHHHHHHH0<HHTHHHHHHHTHTHH<0<0<<$<H<H<0HH$0H$TH<HH<<0HHT<H<0$0<<<<<<<<<<<<H$<<H<<<<H<<<<0$<<<<0<<<<<<HHHHHHTHHHHH0000HHHHHHH<HTTTTHH<<<<<<<T<<<<<$$$$HH<<<<<<<HHHHHHHTTHHHHH<<<<<$$$HH<<<<<<<<HH
Orator PS Dbl Wide
Orator PS Dbl Wide
OKIMLWW Orator PS Dbl Wide
Orator PS Dbl High
Orator PS Dbl High
OKIMLWW Orator PS Dbl High
Prestige 10cpi
Prestige 10cpi
OKIMLWW Prestige 10cpi
Prestige 10cpi Dbl High
Prestige 10cpi Dbl High
OKIMLWW Prestige 10cpi Dbl High
Prestige 12cpi
Prestige 12cpi
OKIMLWW Prestige 12cpi
Prestige 12cpi Dbl High
Prestige 12cpi Dbl High
OKIMLWW Prestige 12cpi Dbl High
Prestige 15cpi
Prestige 15cpi
OKIMLWW Prestige 15cpi
Prestige 15cpi Dbl High
Prestige 15cpi Dbl High
OKIMLWW Prestige 15cpi Dbl High
Prestige 17cpi
Prestige 17cpi
OKIMLWW Prestige 17cpi
Prestige 17cpi Dbl High
Prestige 17cpi Dbl High
OKIMLWW Prestige 17cpi Dbl High
Prestige 20cpi
Prestige 20cpi
OKIMLWW Prestige 20cpi
Prestige 20cpi Dbl High
Prestige 20cpi Dbl High
OKIMLWW Prestige 20cpi Dbl High
Prestige 5cpi
Prestige 5cpi
OKIMLWW Prestige 5cpi
Prestige 5cpi Dbl High
Prestige 5cpi Dbl High
OKIMLWW Prestige 5cpi Dbl High
Prestige 6cpi
Prestige 6cpi
OKIMLWW Prestige 6cpi
Prestige 6cpi Dbl High
Prestige 6cpi Dbl High
OKIMLWW Prestige 6cpi Dbl High
Prestige 7.5cpi
Prestige 7.5cpi
OKIMLWW Prestige 7.5cpi
Prestige 7.5cpi Dbl High
Prestige 7.5cpi Dbl High
OKIMLWW Prestige 7.5cpi Dbl High
Prestige 8.5cpi
Prestige 8.5cpi
OKIMLWW Prestige 8.5cpi
Prestige 8.5cpi Dbl High
Prestige 8.5cpi Dbl High
OKIMLWW Prestige 8.5cpi Dbl High
Prestige PS
Prestige PS
OKIMLWW Prestige PS
Prestige PS Dbl Wide
Prestige PS Dbl Wide
OKIMLWW Prestige PS Dbl Wide
Prestige PS Dbl High
Prestige PS Dbl High
OKIMLWW Prestige PS Dbl High
<$<<<HH$00<<$<$<<<<<<<<<<<$$<<<<HHHHHHHHH0<HHTHHHHHHHTHTHH<0<0<<$<H<H<0HH$0H$TH<HH<<0HHT<H<0$0<<<<<<<<<<<<H$<<H<<<<H<<<<0$<<<<0<<<<<<HHHHHHTHHHHH0000HHHHHHH<HTTTTHH<<<<<<<T<<<<<$$$$HH<<<<<<<HHHHHHHTTHHHHH<<<<<$$$HH<<<<<<<<HH
Roman 10cpi
Roman 10cpi
OKIMLWW Roman 10cpi
Roman 10cpi Dbl High
Roman 10cpi Dbl High
OKIMLWW Roman 10cpi Dbl High
Roman 12cpi
Roman 12cpi
OKIMLWW Roman 12cpi
Roman 12cpi Dbl High
Roman 12cpi Dbl High
OKIMLWW Roman 12cpi Dbl High
Roman 15cpi
Roman 15cpi
OKIMLWW Roman 15cpi
Roman 15cpi Dbl High
Roman 15cpi Dbl High
OKIMLWW Roman 15cpi Dbl High
Roman 17cpi
Roman 17cpi
OKIMLWW Roman 17cpi
Roman 17cpi Dbl High
Roman 17cpi Dbl High
OKIMLWW Roman 17cpi Dbl High
Roman 20cpi
Roman 20cpi
OKIMLWW Roman 20cpi
Roman 20cpi Dbl High
Roman 20cpi Dbl High
OKIMLWW Roman 20cpi Dbl High
Roman 5cpi
Roman 5cpi
OKIMLWW Roman 5cpi
Roman 5cpi Dbl High
Roman 5cpi Dbl High
OKIMLWW Roman 5cpi Dbl High
Roman 6cpi
Roman 6cpi
OKIMLWW Roman 6cpi
Roman 6cpi Dbl High
Roman 6cpi Dbl High
OKIMLWW Roman 6cpi Dbl High
Roman 7.5cpi
Roman 7.5cpi
OKIMLWW Roman 7.5cpi
Roman 7.5cpi Dbl High
Roman 7.5cpi Dbl High
OKIMLWW Roman 7.5cpi Dbl High
Roman 8.5cpi
Roman 8.5cpi
OKIMLWW Roman 8.5cpi
Roman 8.5cpi Dbl High
Roman 8.5cpi Dbl High
OKIMLWW Roman 8.5cpi Dbl High
Roman PS
Roman PS
OKIMLWW Roman PS
<$<<<HH$00<<$<$<<<<<<<<<<<$$<<<<HHHHHHHHH0<HHTHHHHHHHTHTHH<0<0<<$<H<H<0HH$0H$TH<HH<<0HHT<H<0$0<<<<<<<<<<<<H$<<H<<<<H<<<<0$<<<<0<<<<<<HHHHHHTHHHHH0000HHHHHHH<HTTTTHH<<<<<<<T<<<<<$$$$HH<<<<<<<HHHHHHHTTHHHHH<<<<<$$$HH<<<<<<<<HH
Roman PS Dbl Wide
Roman PS Dbl Wide
OKIMLWW Roman PS Dbl Wide
Roman PS Dbl High
Roman PS Dbl High
OKIMLWW Roman PS Dbl High
<$<<<HH$00<<$<$<<<<<<<<<<<$$<<<<HHHHHHHHH0<HHTHHHHHHHTHTHH<0<0<<$<H<H<0HH$0H$TH<HH<<0HHT<H<0$0<<<<<<<<<<<<H$<<H<<<<H<<<<0$<<<<0<<<<<<HHHHHHTHHHHH0000HHHHHHH<HTTTTHH<<<<<<<T<<<<<$$$$HH<<<<<<<HHHHHHHTTHHHHH<<<<<$$$HH<<<<<<<<HH
Swiss 10cpi
Swiss 10cpi
OKIMLWW Swiss 10cpi
Swiss 10cpi Dbl High
Swiss 10cpi Dbl High
OKIMLWW Swiss 10cpi Dbl High
Swiss 12cpi
Swiss 12cpi
OKIMLWW Swiss 12cpi
Swiss 12cpi Dbl High
Swiss 12cpi Dbl High
OKIMLWW Swiss 12cpi Dbl High
Swiss 15cpi
Swiss 15cpi
OKIMLWW Swiss 15cpi
Swiss 15cpi Dbl High
Swiss 15cpi Dbl High
OKIMLWW Swiss 15cpi Dbl High
Swiss 17cpi
Swiss 17cpi
OKIMLWW Swiss 17cpi
Swiss 17cpi Dbl High
Swiss 17cpi Dbl High
OKIMLWW Swiss 17cpi Dbl High
Swiss 20cpi
Swiss 20cpi
OKIMLWW Swiss 20cpi
Swiss 20cpi Dbl High
Swiss 20cpi Dbl High
OKIMLWW Swiss 20cpi Dbl High
Swiss 5cpi
Swiss 5cpi
OKIMLWW Swiss 5cpi
Swiss 5cpi Dbl High
Swiss 5cpi Dbl High
OKIMLWW Swiss 5cpi Dbl High
Swiss 6cpi
Swiss 6cpi
OKIMLWW Swiss 6cpi
Swiss 6cpi Dbl High
Swiss 6cpi Dbl High
OKIMLWW Swiss 6cpi Dbl High
Swiss 7.5cpi
Swiss 7.5cpi
OKIMLWW Swiss 7.5cpi
Swiss 7.5cpi Dbl High
Swiss 7.5cpi Dbl High
OKIMLWW Swiss 7.5cpi Dbl High
Swiss 8.5cpi
Swiss 8.5cpi
OKIMLWW Swiss 8.5cpi
Swiss 8.5cpi Dbl High
Swiss 8.5cpi Dbl High
OKIMLWW Swiss 8.5cpi Dbl High
Swiss PS
Swiss PS
OKIMLWW Swiss PS
<$<<<HH$00<<$<$<<<<<<<<<<<$$<<<<HHHHHHHHH0<HHTHHHHHHHTHTHH<0<0<<$<H<H<0HH$0H$TH<HH<<0HHT<H<0$0<<<<<<<<<<<<H$<<H<<<<H<<<<0$<<<<0<<<<<<HHHHHHTHHHHH0000HHHHHHH<HTTTTHH<<<<<<<T<<<<<$$$$HH<<<<<<<HHHHHHHTTHHHHH<<<<<$$$HH<<<<<<<<HH
Swiss PS Dbl Wide
Swiss PS Dbl Wide
OKIMLWW Swiss PS Dbl Wide
Swiss PS Dbl High
Swiss PS Dbl High
OKIMLWW Swiss PS Dbl High
<$<<<HH$00<<$<$<<<<<<<<<<<$$<<<<HHHHHHHHH0<HHTHHHHHHHTHTHH<0<0<<$<H<H<0HH$0H$TH<HH<<0HHT<H<0$0<<<<<<<<<<<<H$<<H<<<<H<<<<0$<<<<0<<<<<<HHHHHHTHHHHH0000HHHHHHH<HTTTTHH<<<<<<<T<<<<<$$$$HH<<<<<<<HHHHHHHTTHHHHH<<<<<$$$HH<<<<<<<<HH
Swiss Bold 10cpi
Swiss Bold 10cpi
OKIMLWW Swiss Bold 10cpi
Swiss Bold 10cpi Dbl High
Swiss Bold 10cpi Dbl High
OKIMLWW Swiss Bold 10cpi Dbl High
Swiss Bold 12cpi
Swiss Bold 12cpi
OKIMLWW Swiss Bold 12cpi
Swiss Bold 12cpi Dbl High
Swiss Bold 12cpi Dbl High
OKIMLWW Swiss Bold 12cpi Dbl High
Swiss Bold 15cpi
Swiss Bold 15cpi
OKIMLWW Swiss Bold 15cpi
Swiss Bold 15cpi Dbl High
Swiss Bold 15cpi Dbl High
OKIMLWW Swiss Bold 15cpi Dbl High
Swiss Bold 17cpi
Swiss Bold 17cpi
OKIMLWW Swiss Bold 17cpi
Swiss Bold 17cpi Dbl High
Swiss Bold 17cpi Dbl High
OKIMLWW Swiss Bold 17cpi Dbl High
Swiss Bold 20cpi
Swiss Bold 20cpi
OKIMLWW Swiss Bold 20cpi
Swiss Bold 20cpi Dbl High
Swiss Bold 20cpi Dbl High
OKIMLWW Swiss Bold 20cpi Dbl High
Swiss Bold 5cpi
Swiss Bold 5cpi
OKIMLWW Swiss Bold 5cpi
Swiss Bold 5cpi Dbl High
Swiss Bold 5cpi Dbl High
OKIMLWW Swiss Bold 5cpi Dbl High
Swiss Bold 6cpi
Swiss Bold 6cpi
OKIMLWW Swiss Bold 6cpi
Swiss Bold 6cpi Dbl High
Swiss Bold 6cpi Dbl High
OKIMLWW Swiss Bold 6cpi Dbl High
Swiss Bold 7.5cpi
Swiss Bold 7.5cpi
OKIMLWW Swiss Bold 7.5cpi
Swiss Bold 7.5cpi Dbl High
Swiss Bold 7.5cpi Dbl High
OKIMLWW Swiss Bold 7.5cpi Dbl High
Swiss Bold 8.5cpi
Swiss Bold 8.5cpi
OKIMLWW Swiss Bold 8.5cpi
Swiss Bold 8.5cpi Dbl High
Swiss Bold 8.5cpi Dbl High
OKIMLWW Swiss Bold 8.5cpi Dbl High
Swiss Bold PS
Swiss Bold PS
OKIMLWW Swiss Bold PS
<$<<<HH$00<<$<$<<<<<<<<<<<$$<<<<HHHHHHHHH0<HHTHHHHHHHTHTHH<0<0<<$<H<H<0HH$0H$TH<HH<<0HHT<H<0$0<<<<<<<<<<<<H$<<H<<<<H<<<<0$<<<<0<<<<<<HHHHHHTHHHHH0000HHHHHHH<HTTTTHH<<<<<<<T<<<<<$$$$HH<<<<<<<HHHHHHHTTHHHHH<<<<<$$$HH<<<<<<<<HH
Swiss Bold PS Dbl Wide
Swiss Bold PS Dbl Wide
OKIMLWW Swiss Bold PS Dbl Wide
Swiss Bold PS Dbl High
Swiss Bold PS Dbl High
OKIMLWW Swiss Bold PS Dbl High
OCR-A 10cpi
OCR-A 10cpi
OKIMLWW OCR-A 10cpi
OCR-A 10cpi Dbl High
OCR-A 10cpi Dbl High
OKIMLWW OCR-A 10cpi Dbl High
OCR-A 12cpi
OCR-A 12cpi
OKIMLWW OCR-A 12cpi
OCR-A 12cpi Dbl High
OCR-A 12cpi Dbl High
OKIMLWW OCR-A 12cpi Dbl High
OCR-A 15cpi
OCR-A 15cpi
OKIMLWW OCR-A 15cpi
OCR-A 15cpi Dbl High
OCR-A 15cpi Dbl High
OKIMLWW OCR-A 15cpi Dbl High
OCR-A 17cpi
OCR-A 17cpi
OKIMLWW OCR-A 17cpi
OCR-A 17cpi Dbl High
OCR-A 17cpi Dbl High
OKIMLWW OCR-A 17cpi Dbl High
OCR-A 20cpi
OCR-A 20cpi
OKIMLWW OCR-A 20cpi
OCR-A 20cpi Dbl High
OCR-A 20cpi Dbl High
OKIMLWW OCR-A 20cpi Dbl High
OCR-A 5cpi
OCR-A 5cpi
OKIMLWW OCR-A 5cpi
OCR-A 5cpi Dbl High
OCR-A 5cpi Dbl High
OKIMLWW OCR-A 5cpi Dbl High
OCR-A 6cpi
OCR-A 6cpi
OKIMLWW OCR-A 6cpi
OCR-A 6cpi Dbl High
OCR-A 6cpi Dbl High
OKIMLWW OCR-A 6cpi Dbl High
OCR-A 7.5cpi
OCR-A 7.5cpi
OKIMLWW OCR-A 7.5cpi
OCR-A 7.5cpi Dbl High
OCR-A 7.5cpi Dbl High
OKIMLWW OCR-A 7.5cpi Dbl High
OCR-A 8.5cpi
OCR-A 8.5cpi
OKIMLWW OCR-A 8.5cpi
OCR-A 8.5cpi Dbl High
OCR-A 8.5cpi Dbl High
OKIMLWW OCR-A 8.5cpi Dbl High
OCR-A PS
OCR-A PS
OKIMLWW OCR-A PS
<$<<<HH$00<<$<$<<<<<<<<<<<$$<<<<HHHHHHHHH0<HHTHHHHHHHTHTHH<0<0<<$<H<H<0HH$0H$TH<HH<<0HHT<H<0$0<<<<<<<<<<<<H$<<H<<<<H<<<<0$<<<<0<<<<<<HHHHHHTHHHHH0000HHHHHHH<HTTTTHH<<<<<<<T<<<<<$$$$HH<<<<<<<HHHHHHHTTHHHHH<<<<<$$$HH<<<<<<<<HH
OCR-A PS Dbl Wide
OCR-A PS Dbl Wide
OKIMLWW OCR-A PS Dbl Wide
OCR-A PS Dbl High
OCR-A PS Dbl High
OKIMLWW OCR-A PS Dbl High
<$<<<HH$00<<$<$<<<<<<<<<<<$$<<<<HHHHHHHHH0<HHTHHHHHHHTHTHH<0<0<<$<H<H<0HH$0H$TH<HH<<0HHT<H<0$0<<<<<<<<<<<<H$<<H<<<<H<<<<0$<<<<0<<<<<<HHHHHHTHHHHH0000HHHHHHH<HTTTTHH<<<<<<<T<<<<<$$$$HH<<<<<<<HHHHHHHTTHHHHH<<<<<$$$HH<<<<<<<<HH
OCR-B 10cpi
OCR-B 10cpi
OKIMLWW OCR-B 10cpi
OCR-B 10cpi Dbl High
OCR-B 10cpi Dbl High
OKIMLWW OCR-B 10cpi Dbl High
OCR-B 12cpi
OCR-B 12cpi
OKIMLWW OCR-B 12cpi
OCR-B 12cpi Dbl High
OCR-B 12cpi Dbl High
OKIMLWW OCR-B 12cpi Dbl High
OCR-B 15cpi
OCR-B 15cpi
OKIMLWW OCR-B 15cpi
OCR-B 15cpi Dbl High
OCR-B 15cpi Dbl High
OKIMLWW OCR-B 15cpi Dbl High
OCR-B 17cpi
OCR-B 17cpi
OKIMLWW OCR-B 17cpi
OCR-B 17cpi Dbl High
OCR-B 17cpi Dbl High
OKIMLWW OCR-B 17cpi Dbl High
OCR-B 20cpi
OCR-B 20cpi
OKIMLWW OCR-B 20cpi
OCR-B 20cpi Dbl High
OCR-B 20cpi Dbl High
OKIMLWW OCR-B 20cpi Dbl High
OCR-B 5cpi
OCR-B 5cpi
OKIMLWW OCR-B 5cpi
OCR-B 5cpi Dbl High
OCR-B 5cpi Dbl High
OKIMLWW OCR-B 5cpi Dbl High
OCR-B 6cpi
OCR-B 6cpi
OKIMLWW OCR-B 6cpi
OCR-B 6cpi Dbl High
OCR-B 6cpi Dbl High
OKIMLWW OCR-B 6cpi Dbl High
OCR-B 7.5cpi
OCR-B 7.5cpi
OKIMLWW OCR-B 7.5cpi
OCR-B 7.5cpi Dbl High
OCR-B 7.5cpi Dbl High
OKIMLWW OCR-B 7.5cpi Dbl High
OCR-B 8.5cpi
OCR-B 8.5cpi
OKIMLWW OCR-B 8.5cpi
OCR-B 8.5cpi Dbl High
OCR-B 8.5cpi Dbl High
OKIMLWW OCR-B 8.5cpi Dbl High
OCR-B PS
OCR-B PS
OKIMLWW OCR-B PS
防病毒引擎/厂商 病毒名/规则匹配 病毒库日期
Bkav 未发现病毒 20151218
TotalDefense 未发现病毒 20151218
MicroWorld-eScan 未发现病毒 20151219
nProtect 未发现病毒 20151218
CMC 未发现病毒 20151217
CAT-QuickHeal 未发现病毒 20151217
McAfee 未发现病毒 20151219
Malwarebytes 未发现病毒 20151218
Zillya 未发现病毒 20151218
SUPERAntiSpyware 未发现病毒 20151219
K7AntiVirus 未发现病毒 20151218
Alibaba 未发现病毒 20151208
K7GW 未发现病毒 20151218
TheHacker 未发现病毒 20151218
Arcabit 未发现病毒 20151218
Agnitum 未发现病毒 20151218
F-Prot 未发现病毒 20151219
Symantec 未发现病毒 20151217
ESET-NOD32 未发现病毒 20151219
TrendMicro-HouseCall 未发现病毒 20151219
Avast 未发现病毒 20151218
ClamAV 未发现病毒 20151217
Kaspersky 未发现病毒 20151218
BitDefender 未发现病毒 20151219
NANO-Antivirus 未发现病毒 20151218
AegisLab 未发现病毒 20151218
Ad-Aware 未发现病毒 20151219
Emsisoft 未发现病毒 20151219
Comodo 未发现病毒 20151219
F-Secure 未发现病毒 20151218
DrWeb 未发现病毒 20151218
VIPRE 未发现病毒 20151219
TrendMicro 未发现病毒 20151219
McAfee-GW-Edition 未发现病毒 20151219
Sophos 未发现病毒 20151219
Cyren 未发现病毒 20151219
Jiangmin 未发现病毒 20151218
Avira 未发现病毒 20151219
Antiy-AVL 未发现病毒 20151218
Microsoft 未发现病毒 20151218
ViRobot 未发现病毒 20151219
AhnLab-V3 未发现病毒 20151218
GData 未发现病毒 20151219
ByteHero 未发现病毒 20151219
VBA32 未发现病毒 20151218
AVware 未发现病毒 20151218
Baidu-International 未发现病毒 20151218
Zoner 未发现病毒 20151218
Rising 未发现病毒 20151218
Ikarus 未发现病毒 20151219
Fortinet 未发现病毒 20151219
AVG 未发现病毒 20151218
Panda 未发现病毒 20151218

进程树


rundll32.exe, PID: 2640, 上一级进程 PID: 2332

访问主机纪录 (可点击查询WPING实时安全评级)

无主机纪录.

TCP

无TCP连接纪录.

UDP

无UDP连接纪录.

域名解析 (可点击查询WPING实时安全评级)

无域名信息.

TCP

无TCP连接纪录.

UDP

无UDP连接纪录.

HTTP 请求

未发现HTTP请求.

SMTP 流量

无SMTP流量.

IRC 流量

无IRC请求.

ICMP 流量

无ICMP流量.

CIF 报告

无 CIF 结果

网络警报

无警报

TLS

No TLS

Suricata HTTP

No Suricata HTTP

未发现网络提取文件
抱歉! 没有任何文件投放。
没有发现相似的分析.
HTML 总结报告
(需15-60分钟同步)
下载

Processing ( 20.187 seconds )

  • 15.54 Suricata
  • 2.212 VirusTotal
  • 1.006 Static
  • 0.455 TargetInfo
  • 0.423 peid
  • 0.356 NetworkAnalysis
  • 0.104 BehaviorAnalysis
  • 0.061 AnalysisInfo
  • 0.027 Strings
  • 0.003 Memory

Signatures ( 0.193 seconds )

  • 0.029 antiav_detectreg
  • 0.02 md_url_bl
  • 0.019 md_domain_bl
  • 0.012 infostealer_ftp
  • 0.007 anomaly_persistence_autorun
  • 0.007 antiav_detectfile
  • 0.007 infostealer_im
  • 0.007 ransomware_extensions
  • 0.007 ransomware_files
  • 0.006 antianalysis_detectreg
  • 0.005 infostealer_bitcoin
  • 0.004 api_spamming
  • 0.004 infostealer_mail
  • 0.003 tinba_behavior
  • 0.003 stealth_decoy_document
  • 0.003 stealth_timeout
  • 0.003 antivm_vbox_files
  • 0.003 geodo_banking_trojan
  • 0.003 disables_browser_warn
  • 0.002 rat_nanocore
  • 0.002 betabot_behavior
  • 0.002 cerber_behavior
  • 0.002 browser_security
  • 0.002 modify_proxy
  • 0.002 md_bad_drop
  • 0.001 network_tor
  • 0.001 mimics_filetime
  • 0.001 reads_self
  • 0.001 ursnif_behavior
  • 0.001 kibex_behavior
  • 0.001 shifu_behavior
  • 0.001 antivm_generic_disk
  • 0.001 virus
  • 0.001 antianalysis_detectfile
  • 0.001 antidbg_devices
  • 0.001 antivm_generic_diskreg
  • 0.001 antivm_parallels_keys
  • 0.001 antivm_xen_keys
  • 0.001 banker_zeus_mutex
  • 0.001 bot_drive
  • 0.001 bot_drive2
  • 0.001 browser_addon
  • 0.001 disables_system_restore
  • 0.001 disables_windows_defender
  • 0.001 darkcomet_regkeys
  • 0.001 maldun_malicious_drop_executable_file_to_temp_folder
  • 0.001 office_security
  • 0.001 rat_pcclient
  • 0.001 rat_spynet
  • 0.001 recon_fingerprint
  • 0.001 stealth_hiddenreg
  • 0.001 stealth_hide_notifications
  • 0.001 stealth_modify_uac_prompt
  • 0.001 stealth_modify_security_center_warnings

Reporting ( 1.228 seconds )

  • 0.872 ReportHTMLSummary
  • 0.356 Malheur
Task ID 488340
Mongo ID 5e22f3732f8f2e4bec636d67
Cuckoo release 1.4-Maldun