比较分析...

分析任务

分析类型 虚拟机标签 开始时间 结束时间 持续时间
文件 (Windows) win7-sp1-x64-hpdapp01-1 2020-02-19 09:09:26 2020-02-19 09:11:20 114 秒

魔盾分数

10.0

危险的

文件详细信息

文件名 PO.exe
文件大小 713216 字节
文件类型 PE32 executable (GUI) Intel 80386, for MS Windows
MD5 982964caed7675afc0b853b51ec8b16a
SHA1 105cdaec1adef402d7c24cba53d0624ed14acecc
SHA256 21cbed85dd80d4662073208a52c63bcb7464e7bc28081dd134e59d20e7e51611
SHA512 0834ae34def2a8deb2bb64dcdf436d041316bf7041f3ba51d9ec5fcb798f1117c91259f1abd699605e002b90d81d815b5b867c4597ad9147c593a6d6c03b1b1b
CRC32 A147D746
Ssdeep 12288:qcHgyL6D9Ud63tkMIPpEK/tpv+LB13t0wEtb6z:rdU9ASkJyK1pvct
Yara 登录查看Yara规则
样本下载 提交误报
登录查看威胁特征

运行截图

访问主机纪录 (可点击查询WPING实时安全评级)

无主机纪录.

域名解析 (可点击查询WPING实时安全评级)

无域名信息.

摘要

登录查看详细行为信息

PE 信息

初始地址 0x00400000
入口地址 0x00462ff0
声明校验值 0x00000000
实际校验值 0x000b6d9e
最低操作系统版本要求 4.0
编译时间 1992-01-09 10:40:55
载入哈希 958c2e3e398a0d6a82b85b37bc739288

PE 数据组成

名称 虚拟地址 虚拟大小 原始数据大小 特征 熵(Entropy)
CODE 0x00001000 0x00062038 0x00062200 IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 6.60
DATA 0x00064000 0x00001970 0x00001a00 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 4.57
BSS 0x00066000 0x00000e75 0x00000000 IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 0.00
.idata 0x00067000 0x0000206a 0x00002200 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 4.87
.tls 0x0006a000 0x00000010 0x00000000 IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 0.00
.rdata 0x0006b000 0x00000018 0x00000200 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_SHARED|IMAGE_SCN_MEM_READ 0.20
.reloc 0x0006c000 0x00007338 0x00007400 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_SHARED|IMAGE_SCN_MEM_READ 0.00
.rsrc 0x00074000 0x0004095c 0x00040a00 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_SHARED|IMAGE_SCN_MEM_READ 7.33

导入

库: KERNEL32.DLL:
0x467688 Sleep
库: KERNEL32.DLL:
0x4671ec TlsSetValue
0x4671f0 TlsGetValue
0x4671f4 LocalAlloc
0x4671f8 GetModuleHandleA
库: KERNEL32.DLL:
0x467210 lstrcpyA
0x467214 lstrcmpA
0x467218 WriteFile
0x46721c WaitForSingleObject
0x467220 VirtualQuery
0x467224 VirtualProtectEx
0x467228 VirtualFree
0x46722c VirtualAlloc
0x467230 SleepEx
0x467234 Sleep
0x467238 SizeofResource
0x46723c SetThreadLocale
0x467240 SetFilePointer
0x467244 SetEvent
0x467248 SetErrorMode
0x46724c SetEndOfFile
0x467250 ResetEvent
0x467254 ReadFile
0x467258 MulDiv
0x46725c LockResource
0x467260 LoadResource
0x467264 LoadLibraryA
0x467270 GlobalUnlock
0x467274 GlobalReAlloc
0x467278 GlobalHandle
0x46727c GlobalLock
0x467280 GlobalFree
0x467284 GlobalFindAtomA
0x467288 GlobalDeleteAtom
0x46728c GlobalAlloc
0x467290 GlobalAddAtomA
0x467294 GetVersionExA
0x467298 GetVersion
0x46729c GetTickCount
0x4672a0 GetThreadLocale
0x4672a4 GetTempPathA
0x4672a8 GetSystemInfo
0x4672ac GetStringTypeExA
0x4672b0 GetStdHandle
0x4672b4 GetProcAddress
0x4672b8 GetModuleHandleA
0x4672bc GetModuleFileNameA
0x4672c0 GetLocaleInfoA
0x4672c4 GetLocalTime
0x4672c8 GetLastError
0x4672cc GetFullPathNameA
0x4672d0 GetFileSize
0x4672d4 GetDiskFreeSpaceA
0x4672d8 GetDateFormatA
0x4672dc GetCurrentThreadId
0x4672e0 GetCurrentProcessId
0x4672e4 GetCPInfo
0x4672e8 GetACP
0x4672ec FreeResource
0x4672f0 InterlockedExchange
0x4672f4 FreeLibrary
0x4672f8 FormatMessageA
0x4672fc FindResourceA
0x467300 EnumCalendarInfoA
0x46730c CreateThread
0x467310 CreateFileA
0x467314 CreateEventA
0x467318 CompareStringA
0x46731c CloseHandle
库: KERNEL32.DLL:
0x46713c VirtualFree
0x467140 VirtualAlloc
0x467144 LocalFree
0x467148 LocalAlloc
0x46714c GetVersion
0x467150 GetCurrentThreadId
0x46715c VirtualQuery
0x467160 WideCharToMultiByte
0x467164 MultiByteToWideChar
0x467168 lstrlenA
0x46716c lstrcpynA
0x467170 LoadLibraryExA
0x467174 GetThreadLocale
0x467178 GetStartupInfoA
0x46717c GetProcAddress
0x467180 GetModuleHandleA
0x467184 GetModuleFileNameA
0x467188 GetLocaleInfoA
0x46718c GetCommandLineA
0x467190 FreeLibrary
0x467194 FindFirstFileA
0x467198 FindClose
0x46719c ExitProcess
0x4671a0 WriteFile
0x4671a8 RtlUnwind
0x4671ac RaiseException
0x4671b0 GetStdHandle
库: advapi32.dll:
0x467200 RegQueryValueExA
0x467204 RegOpenKeyExA
0x467208 RegCloseKey
库: advapi32.dll:
0x4671cc RegQueryValueExA
0x4671d0 RegOpenKeyExA
0x4671d4 RegCloseKey
库: comctl32.dll:
0x4676d0 ImageList_Write
0x4676d4 ImageList_Read
0x4676e4 ImageList_DragMove
0x4676e8 ImageList_DragLeave
0x4676ec ImageList_DragEnter
0x4676f0 ImageList_EndDrag
0x4676f4 ImageList_BeginDrag
0x4676f8 ImageList_Remove
0x4676fc ImageList_DrawEx
0x467700 ImageList_Draw
0x467710 ImageList_Add
0x467718 ImageList_Destroy
0x46771c ImageList_Create
0x467720 InitCommonControls
库: gdi32.dll:
0x467334 UnrealizeObject
0x467338 StretchBlt
0x46733c SetWindowOrgEx
0x467340 SetViewportOrgEx
0x467344 SetTextColor
0x467348 SetStretchBltMode
0x46734c SetROP2
0x467350 SetPixel
0x467354 SetDIBColorTable
0x467358 SetBrushOrgEx
0x46735c SetBkMode
0x467360 SetBkColor
0x467364 SelectPalette
0x467368 SelectObject
0x46736c SelectClipRgn
0x467370 SaveDC
0x467374 RestoreDC
0x467378 RectVisible
0x46737c RealizePalette
0x467380 PatBlt
0x467384 MoveToEx
0x467388 MaskBlt
0x46738c LineTo
0x467390 IntersectClipRect
0x467394 GetWindowOrgEx
0x467398 GetTextMetricsA
0x4673a4 GetStockObject
0x4673a8 GetPixel
0x4673ac GetPaletteEntries
0x4673b0 GetObjectA
0x4673b4 GetDeviceCaps
0x4673b8 GetDIBits
0x4673bc GetDIBColorTable
0x4673c0 GetDCOrgEx
0x4673c8 GetClipBox
0x4673cc GetBrushOrgEx
0x4673d0 GetBitmapBits
0x4673d4 ExcludeClipRect
0x4673d8 DeleteObject
0x4673dc DeleteDC
0x4673e0 CreateSolidBrush
0x4673e4 CreatePenIndirect
0x4673e8 CreatePalette
0x4673f0 CreateFontIndirectA
0x4673f4 CreateDIBitmap
0x4673f8 CreateDIBSection
0x4673fc CreateCompatibleDC
0x467404 CreateBrushIndirect
0x467408 CreateBitmap
0x46740c BitBlt
库: ole32.dll:
0x4676b4 CoTaskMemAlloc
0x4676b8 CoCreateInstance
0x4676bc CoUninitialize
0x4676c0 CoInitialize
库: oleaut32.dll:
0x467690 SafeArrayPtrOfIndex
0x467694 SafeArrayGetUBound
0x467698 SafeArrayGetLBound
0x46769c SafeArrayCreate
0x4676a0 VariantChangeType
0x4676a4 VariantCopy
0x4676a8 VariantClear
0x4676ac VariantInit
库: oleaut32.dll:
0x4671dc SysFreeString
0x4671e0 SysReAllocStringLen
0x4671e4 SysAllocStringLen
库: user32.dll:
0x467414 CreateWindowExA
0x467418 WindowFromPoint
0x46741c WinHelpA
0x467420 WaitMessage
0x467424 UpdateWindow
0x467428 UnregisterClassA
0x46742c UnhookWindowsHookEx
0x467430 TranslateMessage
0x467438 TrackPopupMenu
0x467440 ShowWindow
0x467444 ShowScrollBar
0x467448 ShowOwnedPopups
0x46744c ShowCursor
0x467450 SetWindowsHookExA
0x467454 SetWindowTextA
0x467458 SetWindowPos
0x46745c SetWindowPlacement
0x467460 SetWindowLongA
0x467464 SetTimer
0x467468 SetScrollRange
0x46746c SetScrollPos
0x467470 SetScrollInfo
0x467474 SetRect
0x467478 SetPropA
0x46747c SetParent
0x467480 SetMenuItemInfoA
0x467484 SetMenu
0x467488 SetForegroundWindow
0x46748c SetFocus
0x467490 SetCursor
0x467494 SetClassLongA
0x467498 SetCapture
0x46749c SetActiveWindow
0x4674a0 SendMessageA
0x4674a4 ScrollWindow
0x4674a8 ScreenToClient
0x4674ac RemovePropA
0x4674b0 RemoveMenu
0x4674b4 ReleaseDC
0x4674b8 ReleaseCapture
0x4674c4 RegisterClassA
0x4674c8 RedrawWindow
0x4674cc PtInRect
0x4674d0 PostQuitMessage
0x4674d4 PostMessageA
0x4674d8 PeekMessageA
0x4674dc OffsetRect
0x4674e0 OemToCharA
0x4674e4 MessageBoxA
0x4674e8 MapWindowPoints
0x4674ec MapVirtualKeyA
0x4674f0 LoadStringA
0x4674f4 LoadKeyboardLayoutA
0x4674f8 LoadIconA
0x4674fc LoadCursorA
0x467500 LoadBitmapA
0x467504 KillTimer
0x467508 IsZoomed
0x46750c IsWindowVisible
0x467510 IsWindowEnabled
0x467514 IsWindow
0x467518 IsRectEmpty
0x46751c IsIconic
0x467520 IsDialogMessageA
0x467524 IsChild
0x467528 InvalidateRect
0x46752c IntersectRect
0x467530 InsertMenuItemA
0x467534 InsertMenuA
0x467538 InflateRect
0x467540 GetWindowTextA
0x467544 GetWindowRect
0x467548 GetWindowPlacement
0x46754c GetWindowLongA
0x467550 GetWindowDC
0x467554 GetTopWindow
0x467558 GetSystemMetrics
0x46755c GetSystemMenu
0x467560 GetSysColorBrush
0x467564 GetSysColor
0x467568 GetSubMenu
0x46756c GetScrollRange
0x467570 GetScrollPos
0x467574 GetScrollInfo
0x467578 GetPropA
0x46757c GetParent
0x467580 GetWindow
0x467584 GetMenuStringA
0x467588 GetMenuState
0x46758c GetMenuItemInfoA
0x467590 GetMenuItemID
0x467594 GetMenuItemCount
0x467598 GetMenu
0x46759c GetLastActivePopup
0x4675a0 GetKeyboardState
0x4675a8 GetKeyboardLayout
0x4675ac GetKeyState
0x4675b0 GetKeyNameTextA
0x4675b4 GetInputState
0x4675b8 GetIconInfo
0x4675bc GetForegroundWindow
0x4675c0 GetFocus
0x4675c4 GetDesktopWindow
0x4675c8 GetDCEx
0x4675cc GetDC
0x4675d0 GetCursorPos
0x4675d4 GetCursor
0x4675d8 GetClientRect
0x4675dc GetClassNameA
0x4675e0 GetClassInfoA
0x4675e4 GetCapture
0x4675e8 GetActiveWindow
0x4675ec FrameRect
0x4675f0 FindWindowA
0x4675f4 FillRect
0x4675f8 EqualRect
0x4675fc EnumWindows
0x467600 EnumThreadWindows
0x467604 EndPaint
0x467608 EnableWindow
0x46760c EnableScrollBar
0x467610 EnableMenuItem
0x467614 DrawTextA
0x467618 DrawMenuBar
0x46761c DrawIconEx
0x467620 DrawIcon
0x467624 DrawFrameControl
0x467628 DrawEdge
0x46762c DispatchMessageA
0x467630 DestroyWindow
0x467634 DestroyMenu
0x467638 DestroyIcon
0x46763c DestroyCursor
0x467640 DeleteMenu
0x467644 DefWindowProcA
0x467648 DefMDIChildProcA
0x46764c DefFrameProcA
0x467650 CreatePopupMenu
0x467654 CreateMenu
0x467658 CreateIcon
0x46765c ClientToScreen
0x467660 CheckMenuItem
0x467664 CallWindowProcA
0x467668 CallNextHookEx
0x46766c BeginPaint
0x467670 CharNextA
0x467674 CharLowerA
0x467678 CharToOemA
0x46767c AdjustWindowRectEx
库: user32.dll:
0x4671b8 GetKeyboardType
0x4671bc LoadStringA
0x4671c0 MessageBoxA
0x4671c4 CharNextA
库: version.dll:
0x467324 VerQueryValueA
0x46732c GetFileVersionInfoA
`DATA
.idata
.rdata
P.reloc
P.rsrc
System
IInterface
Uhd"@
SOFTWARE\Borland\Delphi\RTL
FPUMaskValue
UhX2@
Ph>:@
Uh&;@
kernel32.dll
GetLongPathNameA
Software\Borland\Locales
Software\Borland\Delphi\Locales
UhWX@
UhKY@
UhnZ@
Uhy\@
Magellan MSWHEEL
MouseZ
MSWHEEL_ROLLMSG
MSH_WHEELSUPPORT_MSG
MSH_SCROLL_LINES_MSG
Uh=i@
Uhui@
Exception\m@
EInOutErrorln@
ERangeError,p@
False
AM/PM
D$LPj
WUWSj
m/d/yy
mmmm d, yyyy
AMPM
AMPM
:mm:ss
kernel32.dll
GetDiskFreeSpaceExA
oleaut32.dll
VariantChangeTypeEx
VarNeg
VarNot
VarAdd
VarSub
VarMul
VarDiv
VarIdiv
VarMod
VarAnd
VarOr
VarXor
VarCmp
VarI4FromStr
VarR4FromStr
VarR8FromStr
VarDateFromStr
VarCyFromStr
VarBoolFromStr
VarBstrFromCy
VarBstrFromDate
VarBstrFromBool
Variants
Empty
Smallint
Integer
Single
Double
Currency
OleStr
Dispatch
Error
Boolean
Variant
Unknown
Decimal
ShortInt
LongWord
Int64
String
Array
ByRef
t~h$hF
False
TNotifyEvent
TObject
Classes
Classes
Classes
Classes
Classes
Classes
Classes
TFileStream< A
Classes
Uhw2A
UhK3A
UhF5A
Uh&7A
Uhv:A
Uh6;A
UhIDA
Uh}GA
%s[%d]
Uh6IA
UhHOA
Ph8ZA
Strings
Uh\QA
UhDRA
Uh"RA
UhTTA
Uh+UA
UhtVA
UhAWA
Uh$WA
Uh,XA
UhgYA
Uh(ZA
Uh0eA
UhqgA
Owner
Uh5pA
UhoqA
Uh+xA
Uh^{A
Uh,|A
False
%s_%d
ulj@h
TPUtilWindow
Graphics
Graphics
Graphics
Graphics
clBlack
clMaroon
clGreen
clOlive
clNavy
clPurple
clTeal
clGray
clSilver
clRed
clLime
clYellow
clBlue
clFuchsia
clAqua
clWhite
clMoneyGreen
clSkyBlue
clCream
clMedGray
clActiveBorder
clActiveCaption
clAppWorkSpace
clBackground
clBtnFace
clBtnHighlight
clBtnShadow
clBtnText
clCaptionText
clDefault
clGradientActiveCaption
clGradientInactiveCaption
clGrayText
clHighlight
clHighlightText
clHotLight
clInactiveBorder
clInactiveCaption
clInactiveCaptionText
clInfoBk
clInfoText
clMenu
clMenuBar
clMenuHighlight
clMenuText
clNone
clScrollBar
cl3DDkShadow
cl3DLight
clWindow
clWindowFrame
clWindowText
ANSI_CHARSET
DEFAULT_CHARSET
SYMBOL_CHARSET
MAC_CHARSET
SHIFTJIS_CHARSET
HANGEUL_CHARSET
JOHAB_CHARSET
GB2312_CHARSET
CHINESEBIG5_CHARSET
GREEK_CHARSET
TURKISH_CHARSET
HEBREW_CHARSET
ARABIC_CHARSET
BALTIC_CHARSET
RUSSIAN_CHARSET
THAI_CHARSET
EASTEUROPE_CHARSET
OEM_CHARSET
Default
E$PVSj
Graphics
防病毒引擎/厂商 病毒名/规则匹配 病毒库日期
Bkav 未发现病毒 20200217
MicroWorld-eScan Trojan.Agent.ELBU 20200217
CMC 未发现病毒 20190321
CAT-QuickHeal 未发现病毒 20200217
McAfee Fareit-FRB!982964CAED76 20200217
Cylance Unsafe 20200219
Zillya Trojan.Injector.Win32.683071 20200217
SUPERAntiSpyware 未发现病毒 20200214
Sangfor Malware 20200212
K7AntiVirus 未发现病毒 20200217
Alibaba 未发现病毒 20190527
K7GW 未发现病毒 20200217
CrowdStrike win/malicious_confidence_100% (W) 20190702
Arcabit Trojan.Agent.ELBU 20200217
Invincea heuristic 20191211
Baidu 未发现病毒 20190318
Cyren W32/Trojan.QREF-6311 20200217
Symantec ML.Attribute.HighConfidence 20200217
ESET-NOD32 a variant of Win32/Injector.EKIE 20200217
APEX Malicious 20200216
Avast Win32:Trojan-gen 20200217
ClamAV 未发现病毒 20200216
Kaspersky HEUR:Trojan.Win32.Kryptik.gen 20200217
BitDefender Trojan.Agent.ELBU 20200217
NANO-Antivirus Trojan.Win32.Stealer.gyoxgr 20200217
Paloalto 未发现病毒 20200219
ViRobot 未发现病毒 20200217
Rising Malware.Heuristic!ET#95% (RDMK:cmRtazpyFfjOGsw4EWYaqnzHOn7j) 20200217
Ad-Aware Trojan.Agent.ELBU 20200217
Sophos Mal/Fareit-V 20200217
Comodo 未发现病毒 20200217
DrWeb Trojan.PWS.Stealer.27970 20200217
VIPRE 未发现病毒 20200217
TrendMicro 未发现病毒 20200217
McAfee-GW-Edition BehavesLike.Win32.Fareit.jh 20200217
Fortinet W32/Injector.DZGI!tr 20200217
Trapmine malicious.high.ml.score 20200123
FireEye Generic.mg.982964caed7675af 20200217
Emsisoft Trojan.Agent.ELBU (B) 20200217
SentinelOne DFI - Suspicious PE 20191218
F-Prot W32/Trojan2.QBFK 20200217
Jiangmin Trojan.Kryptik.adq 20200217
MaxSecure Trojan.Malware.300983.susgen 20200215
Avira 未发现病毒 20200217
MAX malware (ai score=89) 20200219
Antiy-AVL Trojan/Win32.Kryptik 20200217
Kingsoft 未发现病毒 20200219
Endgame malicious (high confidence) 20200131
AegisLab 未发现病毒 20200217
ZoneAlarm HEUR:Trojan.Win32.Kryptik.gen 20200217
Avast-Mobile 未发现病毒 20200213
AhnLab-V3 Win-Trojan/Delphiless.Exp 20200217
Acronis suspicious 20200217
BitDefenderTheta Gen:NN.ZelphiF.34090.RGW@aaANTuoi 20200211
ALYac Trojan.Agent.ELBU 20200217
TACHYON 未发现病毒 20200217
VBA32 TScope.Trojan.Delf 20200217
Zoner 未发现病毒 20200217
TrendMicro-HouseCall 未发现病毒 20200217
Tencent 未发现病毒 20200219
Yandex 未发现病毒 20200217
Ikarus Trojan.Inject 20200217
eGambit Unsafe.AI_Score_99% 20200219
GData Trojan.Agent.ELBU 20200217
Webroot W32.Trojan.Gen 20200219
AVG Win32:Trojan-gen 20200217
Cybereason malicious.c1adef 20190616
Panda 未发现病毒 20200217
Qihoo-360 HEUR/QVM05.1.5763.Malware.Gen 20200219

进程树

PO.exe, PID: 2708, 上一级进程 PID: 2332
下载PCAP包

访问主机纪录 (可点击查询WPING实时安全评级)

无主机纪录.

TCP

无TCP连接纪录.

UDP

无UDP连接纪录.

域名解析 (可点击查询WPING实时安全评级)

无域名信息.

TCP

无TCP连接纪录.

UDP

无UDP连接纪录.

HTTP 请求

未发现HTTP请求.

SMTP 流量

无SMTP流量.

IRC 流量

无IRC请求.

ICMP 流量

无ICMP流量.

CIF 报告

无 CIF 结果

网络警报

无警报

TLS

No TLS

Suricata HTTP

No Suricata HTTP

未发现网络提取文件
抱歉! 没有任何文件投放。
没有发现相似的分析.
HTML 总结报告
(需15-60分钟同步)		 下载

Processing ( 23.189 seconds )

  • 16.448 Suricata
  • 3.579 Static
  • 1.527 VirusTotal
  • 0.502 TargetInfo
  • 0.493 peid
  • 0.343 NetworkAnalysis
  • 0.179 BehaviorAnalysis
  • 0.097 AnalysisInfo
  • 0.016 Strings
  • 0.003 Memory
  • 0.002 config_decoder

Signatures ( 0.19 seconds )

  • 0.019 md_url_bl
  • 0.018 antiav_detectreg
  • 0.016 md_domain_bl
  • 0.013 api_spamming
  • 0.011 stealth_decoy_document
  • 0.011 stealth_timeout
  • 0.008 antiav_detectfile
  • 0.008 infostealer_ftp
  • 0.007 anomaly_persistence_autorun
  • 0.007 ransomware_extensions
  • 0.007 ransomware_files
  • 0.005 infostealer_bitcoin
  • 0.005 infostealer_im
  • 0.004 antisandbox_sleep
  • 0.004 antianalysis_detectreg
  • 0.003 tinba_behavior
  • 0.003 antivm_vbox_files
  • 0.003 disables_browser_warn
  • 0.003 infostealer_mail
  • 0.002 rat_nanocore
  • 0.002 cerber_behavior
  • 0.002 geodo_banking_trojan
  • 0.002 browser_security
  • 0.002 modify_proxy
  • 0.002 md_bad_drop
  • 0.001 antiemu_wine_func
  • 0.001 network_tor
  • 0.001 betabot_behavior
  • 0.001 ursnif_behavior
  • 0.001 kibex_behavior
  • 0.001 shifu_behavior
  • 0.001 kovter_behavior
  • 0.001 antianalysis_detectfile
  • 0.001 antidbg_devices
  • 0.001 antivm_parallels_keys
  • 0.001 antivm_xen_keys
  • 0.001 banker_zeus_mutex
  • 0.001 bot_drive
  • 0.001 bot_drive2
  • 0.001 browser_addon
  • 0.001 disables_system_restore
  • 0.001 disables_windows_defender
  • 0.001 maldun_malicious_drop_executable_file_to_temp_folder
  • 0.001 office_security
  • 0.001 rat_pcclient
  • 0.001 rat_spynet
  • 0.001 recon_fingerprint
  • 0.001 stealth_modify_uac_prompt

Reporting ( 1.523 seconds )

  • 0.843 ReportHTMLSummary
  • 0.68 Malheur
Task ID 513079
Mongo ID 5e4c8b5c2f8f2e0dfd6c76e1
Cuckoo release 1.4-Maldun