分析任务

分析类型 虚拟机标签 开始时间 结束时间 持续时间
文件 (Windows) win7-sp1-x64-hpdapp01-1 2020-02-17 14:14:03 2020-02-17 14:16:31 148 秒

魔盾分数

10.0

危险的

文件详细信息

文件名 小白火线精英辅助.exe
文件大小 3646895 字节
文件类型 PE32 executable (GUI) Intel 80386, for MS Windows
MD5 f1a4b108ba0a5573567456672b11517b
SHA1 b04bfc881aa5f961de389a302e16fd9992826c42
SHA256 f06149962f20d1ba55b3e2bb7b622063742b798ed6a04eca5c6e7fae31c6fb47
SHA512 2a41ec5d1ac431e377538f31dfbbe2003f943949d6a1fc3e2ad9d548fb70e1855b3664acfead3333b3ace94ee9207b2e41089cf41d9aec262f207c3fe2b07fcb
CRC32 AA29F69A
Ssdeep 98304:G4uTo0Z9bwKwiWl2Jw0cUk4qa+AsLAnsmtk2aXKg:G4ezwviWlAw0kmZsiLcj
Yara 登录查看Yara规则
样本下载 提交误报

登录查看威胁特征

运行截图


访问主机纪录 (可点击查询WPING实时安全评级)

无主机纪录.

域名解析 (可点击查询WPING实时安全评级)

域名 安全评级 响应
xred.mooo.com A 101.86.170.36
docs.google.com A 31.13.83.16
freedns.afraid.org A 50.23.197.95
A 204.140.20.21

摘要

登录查看详细行为信息

PE 信息

初始地址 0x00400000
入口地址 0x0045e177
声明校验值 0x00000000
实际校验值 0x003841b8
最低操作系统版本要求 4.0
编译时间 2017-02-28 14:00:26
载入哈希 bb9d495821e6e730a7a07045d899c977

PE 数据组成

名称 虚拟地址 虚拟大小 原始数据大小 特征 熵(Entropy)
.text 0x00001000 0x0007bab6 0x0007c000 IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 6.59
.rdata 0x0007d000 0x00012c52 0x00013000 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 4.58
.data 0x00090000 0x000279a8 0x00012000 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 5.07
.rsrc 0x000b8000 0x00024518 0x00025000 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 3.74

覆盖

偏移量 0x000dc518
大小 0x0029e097

导入

库: KERNEL32.dll:
0x47d178 GetACP
0x47d17c HeapSize
0x47d180 TerminateProcess
0x47d184 GetLocalTime
0x47d188 GetSystemTime
0x47d190 RaiseException
0x47d194 RtlUnwind
0x47d198 GetStartupInfoA
0x47d19c GetOEMCP
0x47d1a0 GetCPInfo
0x47d1a4 GetProcessVersion
0x47d1a8 SetErrorMode
0x47d1ac GlobalFlags
0x47d1b4 GetFileTime
0x47d1b8 GetFileSize
0x47d1bc TlsGetValue
0x47d1c0 LocalReAlloc
0x47d1c4 TlsSetValue
0x47d1c8 TlsFree
0x47d1cc GlobalHandle
0x47d1d0 TlsAlloc
0x47d1d4 LocalAlloc
0x47d1d8 lstrcmpA
0x47d1dc GetVersion
0x47d1e0 GlobalGetAtomNameA
0x47d1e4 GlobalAddAtomA
0x47d1e8 GlobalFindAtomA
0x47d1ec GlobalDeleteAtom
0x47d1f0 lstrcmpiA
0x47d1f4 SetEndOfFile
0x47d1f8 UnlockFile
0x47d1fc LockFile
0x47d200 FlushFileBuffers
0x47d204 SetFilePointer
0x47d208 DuplicateHandle
0x47d20c lstrcpynA
0x47d210 SetLastError
0x47d21c LocalFree
0x47d230 SetHandleCount
0x47d234 GetStdHandle
0x47d238 GetFileType
0x47d240 HeapDestroy
0x47d244 HeapCreate
0x47d248 VirtualFree
0x47d250 LCMapStringA
0x47d254 LCMapStringW
0x47d258 VirtualAlloc
0x47d25c IsBadWritePtr
0x47d260 GetStringTypeA
0x47d264 GetStringTypeW
0x47d26c CompareStringA
0x47d270 CompareStringW
0x47d274 IsBadReadPtr
0x47d278 IsBadCodePtr
0x47d27c SetStdHandle
0x47d280 WideCharToMultiByte
0x47d284 MultiByteToWideChar
0x47d288 GetCurrentProcess
0x47d290 GetSystemDirectoryA
0x47d294 CreateSemaphoreA
0x47d298 ResumeThread
0x47d29c ReleaseSemaphore
0x47d2a8 GetProfileStringA
0x47d2ac WriteFile
0x47d2b0 ReadFile
0x47d2b8 CreateFileA
0x47d2bc SetEvent
0x47d2c0 FindResourceA
0x47d2c4 LoadResource
0x47d2c8 LockResource
0x47d2cc GetModuleFileNameA
0x47d2d0 GetCurrentThreadId
0x47d2d4 ExitProcess
0x47d2d8 GlobalSize
0x47d2dc GlobalFree
0x47d2e8 lstrcatA
0x47d2ec lstrlenA
0x47d2f0 WinExec
0x47d2f4 lstrcpyA
0x47d2f8 FindNextFileA
0x47d2fc CloseHandle
0x47d300 GlobalReAlloc
0x47d304 HeapFree
0x47d308 HeapReAlloc
0x47d30c GetProcessHeap
0x47d310 HeapAlloc
0x47d314 GetFullPathNameA
0x47d318 FreeLibrary
0x47d31c LoadLibraryA
0x47d320 GetLastError
0x47d324 GetVersionExA
0x47d32c CreateThread
0x47d330 CreateEventA
0x47d334 Sleep
0x47d338 GlobalAlloc
0x47d33c GlobalLock
0x47d340 GlobalUnlock
0x47d344 GetTempPathA
0x47d348 FindFirstFileA
0x47d34c FindClose
0x47d350 GetFileAttributesA
0x47d354 DeleteFileA
0x47d360 GetModuleHandleA
0x47d364 GetProcAddress
0x47d368 MulDiv
0x47d36c GetCommandLineA
0x47d370 GetTickCount
0x47d374 WaitForSingleObject
0x47d378 GetCurrentThread
库: USER32.dll:
0x47d3a0 GetForegroundWindow
0x47d3a4 LoadIconA
0x47d3a8 TranslateMessage
0x47d3ac DrawFrameControl
0x47d3b0 DrawEdge
0x47d3b4 DrawFocusRect
0x47d3b8 WindowFromPoint
0x47d3bc GetMessageA
0x47d3c0 DispatchMessageA
0x47d3c4 SetRectEmpty
0x47d3d4 DrawIconEx
0x47d3d8 CreatePopupMenu
0x47d3dc AppendMenuA
0x47d3e0 ModifyMenuA
0x47d3e4 CreateMenu
0x47d3ec GetDlgCtrlID
0x47d3f0 GetSubMenu
0x47d3f4 EnableMenuItem
0x47d3f8 ClientToScreen
0x47d400 LoadImageA
0x47d408 ShowWindow
0x47d40c IsWindowEnabled
0x47d414 GetKeyState
0x47d41c PostQuitMessage
0x47d420 IsZoomed
0x47d424 GetClassInfoA
0x47d428 DefWindowProcA
0x47d42c GetMenu
0x47d430 SetMenu
0x47d434 PeekMessageA
0x47d438 IsIconic
0x47d43c SetFocus
0x47d440 GetActiveWindow
0x47d444 GetWindow
0x47d44c SetWindowRgn
0x47d450 GetMessagePos
0x47d454 ScreenToClient
0x47d45c CopyRect
0x47d460 LoadBitmapA
0x47d464 WinHelpA
0x47d468 KillTimer
0x47d46c SetTimer
0x47d470 ReleaseCapture
0x47d474 GetCapture
0x47d478 SetCapture
0x47d47c GetScrollRange
0x47d480 SetScrollRange
0x47d484 SetScrollPos
0x47d488 SetRect
0x47d48c InflateRect
0x47d490 IntersectRect
0x47d494 DestroyIcon
0x47d498 UnregisterClassA
0x47d49c OffsetRect
0x47d4a0 IsWindowVisible
0x47d4a4 EnableWindow
0x47d4a8 RedrawWindow
0x47d4ac GetWindowLongA
0x47d4b0 SetWindowLongA
0x47d4b4 GetSysColor
0x47d4b8 SetActiveWindow
0x47d4bc SetCursorPos
0x47d4c0 LoadCursorA
0x47d4c4 SetCursor
0x47d4c8 GetDC
0x47d4cc FillRect
0x47d4d0 IsRectEmpty
0x47d4d4 ReleaseDC
0x47d4d8 IsChild
0x47d4dc DestroyMenu
0x47d4e0 SetForegroundWindow
0x47d4e4 GetWindowRect
0x47d4e8 EqualRect
0x47d4ec UpdateWindow
0x47d4f0 ValidateRect
0x47d4f4 InvalidateRect
0x47d4f8 GetClientRect
0x47d4fc GetFocus
0x47d500 GetWindowTextA
0x47d508 CharUpperA
0x47d50c GetWindowDC
0x47d510 BeginPaint
0x47d514 EndPaint
0x47d518 TabbedTextOutA
0x47d51c DrawTextA
0x47d520 GrayStringA
0x47d524 GetDlgItem
0x47d528 DestroyWindow
0x47d530 EndDialog
0x47d534 GetNextDlgTabItem
0x47d538 GetWindowPlacement
0x47d540 GetLastActivePopup
0x47d544 GetMessageTime
0x47d548 RemovePropA
0x47d54c CallWindowProcA
0x47d550 GetPropA
0x47d554 UnhookWindowsHookEx
0x47d558 SetPropA
0x47d55c GetClassLongA
0x47d560 CallNextHookEx
0x47d564 SetWindowsHookExA
0x47d568 CreateWindowExA
0x47d56c GetMenuItemID
0x47d570 GetMenuItemCount
0x47d574 RegisterClassA
0x47d578 GetScrollPos
0x47d57c AdjustWindowRectEx
0x47d580 MapWindowPoints
0x47d584 SendDlgItemMessageA
0x47d588 ScrollWindowEx
0x47d58c IsDialogMessageA
0x47d590 SetWindowTextA
0x47d594 MoveWindow
0x47d598 CheckMenuItem
0x47d59c SetMenuItemBitmaps
0x47d5a0 GetMenuState
0x47d5a8 GetClassNameA
0x47d5ac GetDesktopWindow
0x47d5b0 LoadStringA
0x47d5b4 GetSysColorBrush
0x47d5b8 GetParent
0x47d5bc GetTopWindow
0x47d5c0 PostMessageA
0x47d5c4 IsWindow
0x47d5c8 SetParent
0x47d5cc DestroyCursor
0x47d5d0 SendMessageA
0x47d5d4 SetWindowPos
0x47d5d8 MessageBoxA
0x47d5dc GetCursorPos
0x47d5e0 GetSystemMetrics
0x47d5e4 EmptyClipboard
0x47d5e8 SetClipboardData
0x47d5ec OpenClipboard
0x47d5f0 GetClipboardData
0x47d5f4 CloseClipboard
0x47d5f8 wsprintfA
0x47d5fc PtInRect
库: GDI32.dll:
0x47d024 GetTextMetricsA
0x47d028 LineTo
0x47d02c Escape
0x47d030 ExtTextOutA
0x47d034 TextOutA
0x47d038 RectVisible
0x47d03c PtVisible
0x47d040 GetViewportExtEx
0x47d044 ExtSelectClipRgn
0x47d048 SetBkColor
0x47d050 SetStretchBltMode
0x47d054 GetClipRgn
0x47d058 CreatePolygonRgn
0x47d05c SelectClipRgn
0x47d060 DeleteObject
0x47d064 CreateDIBitmap
0x47d06c CreatePalette
0x47d070 StretchBlt
0x47d074 SelectPalette
0x47d078 RealizePalette
0x47d07c GetDIBits
0x47d080 GetWindowExtEx
0x47d084 GetViewportOrgEx
0x47d088 GetWindowOrgEx
0x47d08c BeginPath
0x47d090 EndPath
0x47d094 PathToRegion
0x47d098 CreateEllipticRgn
0x47d09c CreateRoundRectRgn
0x47d0a0 GetTextColor
0x47d0a4 GetBkMode
0x47d0a8 GetBkColor
0x47d0ac GetROP2
0x47d0b0 GetStretchBltMode
0x47d0b4 GetPolyFillMode
0x47d0bc CreateDCA
0x47d0c0 CreateBitmap
0x47d0c4 SelectObject
0x47d0c8 GetObjectA
0x47d0cc CreatePen
0x47d0d0 PatBlt
0x47d0d4 CombineRgn
0x47d0d8 CreateRectRgn
0x47d0dc FillRgn
0x47d0e0 CreateSolidBrush
0x47d0e4 MoveToEx
0x47d0e8 ExcludeClipRect
0x47d0ec GetClipBox
0x47d0f0 ScaleWindowExtEx
0x47d0f4 SetWindowExtEx
0x47d0f8 SetWindowOrgEx
0x47d0fc ScaleViewportExtEx
0x47d100 SetViewportExtEx
0x47d104 OffsetViewportOrgEx
0x47d108 SetViewportOrgEx
0x47d10c SetMapMode
0x47d110 SetTextColor
0x47d114 SetROP2
0x47d118 SetPolyFillMode
0x47d11c SetBkMode
0x47d120 RestoreDC
0x47d124 SaveDC
0x47d128 GetStockObject
0x47d12c CreateFontIndirectA
0x47d130 EndPage
0x47d134 EndDoc
0x47d138 DeleteDC
0x47d13c StartDocA
0x47d140 StartPage
0x47d144 BitBlt
0x47d148 CreateCompatibleDC
0x47d14c Ellipse
0x47d150 Rectangle
0x47d154 LPtoDP
0x47d158 DPtoLP
0x47d15c GetCurrentObject
0x47d160 RoundRect
0x47d168 GetDeviceCaps
库: WINMM.dll:
0x47d604 midiOutReset
0x47d608 midiStreamRestart
0x47d60c midiStreamStop
0x47d610 midiStreamOut
0x47d61c waveOutWrite
0x47d620 waveOutPause
0x47d628 midiStreamProperty
0x47d62c waveOutReset
0x47d630 waveOutClose
0x47d634 waveOutGetNumDevs
0x47d638 waveOutOpen
0x47d640 midiStreamOpen
0x47d644 midiStreamClose
库: WINSPOOL.DRV:
0x47d64c ClosePrinter
0x47d650 DocumentPropertiesA
0x47d654 OpenPrinterA
库: ADVAPI32.dll:
0x47d000 RegOpenKeyExA
0x47d004 RegCreateKeyExA
0x47d008 RegCloseKey
0x47d00c RegSetValueExA
0x47d010 RegQueryValueA
库: SHELL32.dll:
0x47d390 ShellExecuteA
0x47d394 Shell_NotifyIconA
库: ole32.dll:
0x47d698 OleUninitialize
0x47d69c OleInitialize
0x47d6a0 CLSIDFromString
库: OLEAUT32.dll:
0x47d380 UnRegisterTypeLib
0x47d384 RegisterTypeLib
0x47d388 LoadTypeLib
库: COMCTL32.dll:
0x47d018 ImageList_Destroy
0x47d01c None
库: WS2_32.dll:
0x47d65c inet_ntoa
0x47d660 WSACleanup
0x47d664 closesocket
0x47d668 WSAAsyncSelect
0x47d66c recvfrom
0x47d670 ioctlsocket
0x47d674 recv
0x47d678 getpeername
0x47d67c accept
库: comdlg32.dll:
0x47d684 GetFileTitleA
0x47d688 GetSaveFileNameA
0x47d68c GetOpenFileNameA
0x47d690 ChooseColorA

.text
`.rdata
@.data
.rsrc
8`}<j
T$HhD<I
T$th
T$|hX<I
D$|hT<I
D$@Sj
L$8h
D$8Rj
l$<VWj
L$0h|=I
D$,RVhL=I
Qh|=I
u(Uh<>I
Ph(>I
Ph|>I
Ph<>I
T$ Rj
L$4S+L$0Qj
RhpFH
PhHFI
$hPFI
T$,htFI
D$(hhFI
D$$h`FI
}'h
9^xu5j
T$,Qj
T$0Pj
D$8RPj
D$0h
T$,Qj
NpRQj
t$<Vj
T$<h
D$(hF
D$(h
T$Dhb
没有防病毒引擎扫描信息!

进程树


________________________.exe, PID: 2752, 上一级进程 PID: 2340
小白付费版..exe, PID: 2836, 上一级进程 PID: 2752
D3D绘制.exe, PID: 2896, 上一级进程 PID: 2752
._cache_D3D绘制.exe, PID: 1908, 上一级进程 PID: 2896
Synaptics.exe, PID: 2432, 上一级进程 PID: 2896
services.exe, PID: 428, 上一级进程 PID: 332
sainbox.exe, PID: 1316, 上一级进程 PID: 428
sainbox.exe, PID: 2536, 上一级进程 PID: 1316
cmd.exe, PID: 2484, 上一级进程 PID: 1908
PING.EXE, PID: 1384, 上一级进程 PID: 2484
mscorsvw.exe, PID: 3016, 上一级进程 PID: 428
mscorsvw.exe, PID: 2816, 上一级进程 PID: 428

访问主机纪录 (可点击查询WPING实时安全评级)

无主机纪录.

TCP

源地址 源端口 目标地址 目标端口
192.168.122.201 49175 139.9.227.38 8080
192.168.122.201 49170 204.140.20.21 freedns.afraid.org 80

UDP

源地址 源端口 目标地址 目标端口
192.168.122.201 49310 192.168.122.1 53
192.168.122.201 49608 192.168.122.1 53
192.168.122.201 64912 192.168.122.1 53

域名解析 (可点击查询WPING实时安全评级)

域名 安全评级 响应
xred.mooo.com A 101.86.170.36
docs.google.com A 31.13.83.16
freedns.afraid.org A 50.23.197.95
A 204.140.20.21

TCP

源地址 源端口 目标地址 目标端口
192.168.122.201 49175 139.9.227.38 8080
192.168.122.201 49170 204.140.20.21 freedns.afraid.org 80

UDP

源地址 源端口 目标地址 目标端口
192.168.122.201 49310 192.168.122.1 53
192.168.122.201 49608 192.168.122.1 53
192.168.122.201 64912 192.168.122.1 53

HTTP 请求

URI HTTP数据
URL专业沙箱检测 -> http://freedns.afraid.org/api/?action=getdyndns&sha=a30fa98efc092684e8d1c5cff797bcc613562978
GET /api/?action=getdyndns&sha=a30fa98efc092684e8d1c5cff797bcc613562978 HTTP/1.1
User-Agent: MyApp
Host: freedns.afraid.org
Cache-Control: no-cache

SMTP 流量

无SMTP流量.

IRC 流量

无IRC请求.

ICMP 流量

无ICMP流量.

CIF 报告

无 CIF 结果

网络警报

无警报

TLS

No TLS

Suricata HTTP

No Suricata HTTP

未发现网络提取文件
抱歉! 没有任何文件投放。
没有发现相似的分析.
HTML 总结报告
(需15-60分钟同步)
下载

Processing ( 40.274 seconds )

  • 17.499 Suricata
  • 9.98 Static
  • 7.514 BehaviorAnalysis
  • 1.978 NetworkAnalysis
  • 1.534 VirusTotal
  • 1.229 TargetInfo
  • 0.437 peid
  • 0.076 AnalysisInfo
  • 0.015 Strings
  • 0.009 config_decoder
  • 0.003 Memory

Signatures ( 6.095 seconds )

  • 1.887 md_url_bl
  • 0.835 antiav_detectreg
  • 0.37 api_spamming
  • 0.301 stealth_timeout
  • 0.29 infostealer_ftp
  • 0.282 stealth_decoy_document
  • 0.174 antianalysis_detectreg
  • 0.162 infostealer_im
  • 0.091 infostealer_mail
  • 0.077 antivm_generic_scsi
  • 0.063 kovter_behavior
  • 0.059 stealth_file
  • 0.055 antiemu_wine_func
  • 0.055 infostealer_browser_password
  • 0.054 mimics_filetime
  • 0.051 reads_self
  • 0.05 antivm_vbox_libs
  • 0.045 virus
  • 0.043 antivm_xen_keys
  • 0.043 darkcomet_regkeys
  • 0.042 kibex_behavior
  • 0.041 antivm_generic_disk
  • 0.041 antivm_parallels_keys
  • 0.039 bootkit
  • 0.037 recon_fingerprint
  • 0.035 geodo_banking_trojan
  • 0.034 injection_createremotethread
  • 0.034 antivm_generic_services
  • 0.033 antisandbox_sunbelt_libs
  • 0.032 betabot_behavior
  • 0.031 antiav_avast_libs
  • 0.031 anormaly_invoke_kills
  • 0.029 hancitor_behavior
  • 0.029 antivm_generic_diskreg
  • 0.027 md_domain_bl
  • 0.026 antisandbox_sboxie_libs
  • 0.026 antiav_bitdefender_libs
  • 0.025 antisandbox_productid
  • 0.024 exec_crash
  • 0.024 antiav_detectfile
  • 0.022 injection_runpe
  • 0.02 process_interest
  • 0.019 vawtrak_behavior
  • 0.017 shifu_behavior
  • 0.017 infostealer_bitcoin
  • 0.015 antivm_vbox_keys
  • 0.015 antivm_vmware_keys
  • 0.014 antivm_xen_keys
  • 0.014 antivm_hyperv_keys
  • 0.014 antivm_vbox_acpi
  • 0.014 antivm_vpc_keys
  • 0.014 maldun_anormaly_invoke_vb_vba
  • 0.014 packer_armadillo_regkey
  • 0.013 antivm_vmware_libs
  • 0.013 bypass_firewall
  • 0.012 anomaly_persistence_autorun
  • 0.012 antivm_generic_bios
  • 0.012 antivm_generic_system
  • 0.012 recon_programs
  • 0.011 process_needed
  • 0.011 antivm_generic_cpu
  • 0.01 infostealer_browser
  • 0.01 antisandbox_sleep
  • 0.01 antivm_vbox_files
  • 0.008 maldun_anomaly_massive_file_ops
  • 0.007 ransomware_extensions
  • 0.007 ransomware_files
  • 0.006 antidbg_windows
  • 0.006 network_http
  • 0.005 maldun_malicious_write_executeable_under_temp_to_regrun
  • 0.005 maldun_anomaly_write_exe_and_obsfucate_extension
  • 0.004 injection_explorer
  • 0.004 maldun_anomaly_write_exe_and_dll_under_winroot_run
  • 0.004 antidbg_devices
  • 0.004 disables_browser_warn
  • 0.003 tinba_behavior
  • 0.003 network_tor
  • 0.003 ipc_namedpipe
  • 0.003 network_torgateway
  • 0.002 andromeda_behavior
  • 0.002 rat_nanocore
  • 0.002 dridex_behavior
  • 0.002 rat_luminosity
  • 0.002 anomaly_persistence_bootexecute
  • 0.002 anomaly_reset_winsock
  • 0.002 sets_autoconfig_url
  • 0.002 creates_largekey
  • 0.002 kazybot_behavior
  • 0.002 creates_nullvalue
  • 0.002 cerber_behavior
  • 0.002 antiemu_wine_reg
  • 0.002 browser_security
  • 0.002 modify_proxy
  • 0.002 md_bad_drop
  • 0.002 network_cnc_http
  • 0.002 rat_pcclient
  • 0.001 hawkeye_behavior
  • 0.001 ransomware_message
  • 0.001 antivm_vbox_window
  • 0.001 Locky_behavior
  • 0.001 ursnif_behavior
  • 0.001 antivm_vmware_events
  • 0.001 nymaim_behavior
  • 0.001 h1n1_behavior
  • 0.001 securityxploded_modules
  • 0.001 cryptowall_behavior
  • 0.001 sniffer_winpcap
  • 0.001 antianalysis_detectfile
  • 0.001 antivm_vmware_files
  • 0.001 banker_cridex
  • 0.001 banker_zeus_mutex
  • 0.001 bot_drive
  • 0.001 bot_drive2
  • 0.001 browser_addon
  • 0.001 disables_system_restore
  • 0.001 disables_windows_defender
  • 0.001 codelux_behavior
  • 0.001 maldun_malicious_drop_executable_file_to_temp_folder
  • 0.001 malicous_targeted_flame
  • 0.001 network_tor_service
  • 0.001 rat_spynet
  • 0.001 stealth_hide_notifications
  • 0.001 stealth_modify_uac_prompt

Reporting ( 1.441 seconds )

  • 1.066 ReportHTMLSummary
  • 0.375 Malheur
Task ID 512019
Mongo ID 5e4a30192f8f2e0df56c69ce
Cuckoo release 1.4-Maldun