分析任务
| 分析类型 | 虚拟机标签 | 开始时间 | 结束时间 | 持续时间 |
|---|---|---|---|---|
| 文件 (Windows) | win7-sp1-x64-hpdapp01-1 | 2020-05-03 16:14:11 | 2020-05-03 16:16:37 | 146 秒 |
魔盾分数
10.0
危险的
文件详细信息
| 文件名 | 自动接受对局v2.0.exe |
|---|---|
| 文件大小 | 2662400 字节 |
| 文件类型 | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 42a29459698961760c27c8540b5327a4 |
| SHA1 | d2a205cdd1a83134f30d970f351c8021ffef09fd |
| SHA256 | d3cbbfc68b6e2c0eaa2bda7e85128320f36eb12fb46df0322b63976707d458ed |
| SHA512 | c29162ccf73a77e2b271affeadd4189e9603f14b6766ac74952c65b56b9a946867d7d5820b5ec900038106b9255135c7a6ae80418b6cbd259825e528a773e30d |
| CRC32 | 585602FA |
| Ssdeep | 49152:RShoDQixWhPbWCsVb6KUpZ+hDg1F2d6H7O5oKZenU7CvCqLfqSH4BSbJ1v0:IqDQixWhPb5SbWf+YFCCO7UgCKgSSH4r |
| Yara | 登录查看Yara规则 |
| 样本下载 提交误报 |
登录查看威胁特征
运行截图
访问主机纪录 (可点击查询WPING实时安全评级)
无主机纪录.
域名解析 (可点击查询WPING实时安全评级)
无域名信息.
摘要
登录查看详细行为信息PE 信息
| 初始地址 | 0x00400000 |
|---|---|
| 入口地址 | 0x00478bd7 |
| 声明校验值 | 0x00000000 |
| 实际校验值 | 0x00294eb4 |
| 最低操作系统版本要求 | 4.0 |
| 编译时间 | 2020-05-03 15:52:05 |
| 载入哈希 | 6c2d4dbf3f2e38f0eb33d7a6e4c27039 |
版本信息
| LegalCopyright | |
|---|---|
| FileVersion | |
| CompanyName | |
| Comments | |
| ProductName | |
| ProductVersion | |
| FileDescription | |
| Translation |
PE 数据组成
| 名称 | 虚拟地址 | 虚拟大小 | 原始数据大小 | 特征 | 熵(Entropy) |
|---|---|---|---|---|---|
| .text | 0x00001000 | 0x0009b6ba | 0x0009c000 | IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ | 6.56 |
| .rdata | 0x0009d000 | 0x001ce8ba | 0x001cf000 | IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ | 7.66 |
| .data | 0x0026c000 | 0x0005040a | 0x00013000 | IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE | 5.16 |
| .rsrc | 0x002bd000 | 0x0000ab0c | 0x0000b000 | IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ | 6.59 |
导入
库: WINMM.dll:
• 0x49d674 midiStreamRestart
• 0x49d678 midiStreamClose
• 0x49d67c midiOutReset
• 0x49d680 midiStreamStop
• 0x49d684 midiStreamOut
• 0x49d688 midiOutPrepareHeader
• 0x49d68c midiStreamProperty
• 0x49d690 midiStreamOpen
• 0x49d694 midiOutUnprepareHeader
• 0x49d698 waveOutOpen
• 0x49d69c waveOutGetNumDevs
• 0x49d6a0 waveOutClose
• 0x49d6a4 waveOutReset
• 0x49d6a8 waveOutPause
• 0x49d6ac waveOutWrite
• 0x49d6b0 waveOutPrepareHeader
• 0x49d6b4 waveOutUnprepareHeader
库: WS2_32.dll:
• 0x49d6cc recvfrom
• 0x49d6d0 WSAAsyncSelect
• 0x49d6d4 recv
• 0x49d6d8 closesocket
• 0x49d6dc getpeername
• 0x49d6e0 send
• 0x49d6e4 select
• 0x49d6e8 WSACleanup
• 0x49d6ec WSAStartup
• 0x49d6f0 accept
• 0x49d6f4 ioctlsocket
• 0x49d6f8 inet_ntoa
库: VERSION.dll:
• 0x49d664 VerLanguageNameA
库: KERNEL32.dll:
• 0x49d174 GetCurrentProcess
• 0x49d178 SetFilePointer
• 0x49d17c GetFileSize
• 0x49d180 TerminateProcess
• 0x49d184 SetLastError
• 0x49d188 GetTimeZoneInformation
• 0x49d18c GetSystemDefaultLangID
• 0x49d190 GetLocaleInfoA
• 0x49d194 GetVersion
• 0x49d198 FileTimeToSystemTime
• 0x49d19c InterlockedIncrement
• 0x49d1a0 InterlockedDecrement
• 0x49d1a4 LocalFree
• 0x49d1a8 FileTimeToLocalFileTime
• 0x49d1ac lstrcpynA
• 0x49d1b0 DuplicateHandle
• 0x49d1b4 FlushFileBuffers
• 0x49d1b8 LockFile
• 0x49d1bc UnlockFile
• 0x49d1c0 lstrcmpiA
• 0x49d1c4 GlobalDeleteAtom
• 0x49d1c8 GlobalFindAtomA
• 0x49d1cc GlobalAddAtomA
• 0x49d1d0 GlobalGetAtomNameA
• 0x49d1d4 lstrcmpA
• 0x49d1d8 LocalAlloc
• 0x49d1dc TlsAlloc
• 0x49d1e0 GlobalHandle
• 0x49d1e4 TlsFree
• 0x49d1e8 TlsSetValue
• 0x49d1ec LocalReAlloc
• 0x49d1f0 TlsGetValue
• 0x49d1f4 GetFileTime
• 0x49d1f8 GetCurrentThread
• 0x49d1fc GlobalFlags
• 0x49d200 SetErrorMode
• 0x49d204 GetProcessVersion
• 0x49d208 GetCPInfo
• 0x49d20c GetOEMCP
• 0x49d210 GetStartupInfoA
• 0x49d214 RtlUnwind
• 0x49d218 GetSystemTime
• 0x49d21c GetLocalTime
• 0x49d220 RaiseException
• 0x49d224 HeapSize
• 0x49d228 GetACP
• 0x49d22c SetStdHandle
• 0x49d230 GetFileType
• 0x49d234 UnhandledExceptionFilter
• 0x49d238 FreeEnvironmentStringsA
• 0x49d23c FreeEnvironmentStringsW
• 0x49d240 GetEnvironmentStrings
• 0x49d244 GetEnvironmentStringsW
• 0x49d248 SetHandleCount
• 0x49d24c GetStdHandle
• 0x49d250 GetEnvironmentVariableA
• 0x49d254 HeapDestroy
• 0x49d258 HeapCreate
• 0x49d25c VirtualFree
• 0x49d260 SetEnvironmentVariableA
• 0x49d264 LCMapStringA
• 0x49d268 LCMapStringW
• 0x49d26c VirtualAlloc
• 0x49d270 IsBadWritePtr
• 0x49d274 SetUnhandledExceptionFilter
• 0x49d278 GetStringTypeA
• 0x49d27c GetStringTypeW
• 0x49d280 CompareStringA
• 0x49d284 CompareStringW
• 0x49d288 IsBadReadPtr
• 0x49d28c IsBadCodePtr
• 0x49d290 IsValidLocale
• 0x49d294 IsValidCodePage
• 0x49d298 EnumSystemLocalesA
• 0x49d29c GetLocaleInfoW
• 0x49d2a0 GetWindowsDirectoryA
• 0x49d2a4 GetSystemDirectoryA
• 0x49d2a8 CreateSemaphoreA
• 0x49d2ac ResumeThread
• 0x49d2b0 ReleaseSemaphore
• 0x49d2b4 EnterCriticalSection
• 0x49d2b8 LeaveCriticalSection
• 0x49d2bc GetProfileStringA
• 0x49d2c0 WriteFile
• 0x49d2c4 WaitForMultipleObjects
• 0x49d2c8 CreateFileA
• 0x49d2cc SetEvent
• 0x49d2d0 FindResourceA
• 0x49d2d4 LoadResource
• 0x49d2d8 LockResource
• 0x49d2dc ReadFile
• 0x49d2e0 lstrlenW
• 0x49d2e4 GetModuleFileNameA
• 0x49d2e8 WideCharToMultiByte
• 0x49d2ec MultiByteToWideChar
• 0x49d2f0 GetCurrentThreadId
• 0x49d2f4 ExitProcess
• 0x49d2f8 GlobalSize
• 0x49d2fc GlobalFree
• 0x49d300 DeleteCriticalSection
• 0x49d304 InitializeCriticalSection
• 0x49d308 lstrcatA
• 0x49d30c lstrlenA
• 0x49d310 WinExec
• 0x49d314 lstrcpyA
• 0x49d318 FindNextFileA
• 0x49d31c GlobalReAlloc
• 0x49d320 HeapFree
• 0x49d324 HeapReAlloc
• 0x49d328 GetProcessHeap
• 0x49d32c HeapAlloc
• 0x49d330 GetUserDefaultLCID
• 0x49d334 GetFullPathNameA
• 0x49d338 FreeLibrary
• 0x49d33c LoadLibraryA
• 0x49d340 GetLastError
• 0x49d344 GetVersionExA
• 0x49d348 WritePrivateProfileStringA
• 0x49d34c GetPrivateProfileStringA
• 0x49d350 CreateThread
• 0x49d354 CreateEventA
• 0x49d358 Sleep
• 0x49d35c GlobalAlloc
• 0x49d360 GlobalLock
• 0x49d364 GlobalUnlock
• 0x49d368 GetTempPathA
• 0x49d36c FindFirstFileA
• 0x49d370 FindClose
• 0x49d374 GetFileAttributesA
• 0x49d378 SetCurrentDirectoryA
• 0x49d37c GetVolumeInformationA
• 0x49d380 GetModuleHandleA
• 0x49d384 GetProcAddress
• 0x49d388 MulDiv
• 0x49d38c GetCommandLineA
• 0x49d390 GetTickCount
• 0x49d394 CreateProcessA
• 0x49d398 WaitForSingleObject
• 0x49d39c CloseHandle
• 0x49d3a0 InterlockedExchange
• 0x49d3a4 SetEndOfFile
库: USER32.dll:
• 0x49d3f0 ScrollWindowEx
• 0x49d3f4 IsDialogMessageA
• 0x49d3f8 MoveWindow
• 0x49d3fc CheckMenuItem
• 0x49d400 SetMenuItemBitmaps
• 0x49d404 GetMenuState
• 0x49d408 GetMenuCheckMarkDimensions
• 0x49d40c LoadStringA
• 0x49d410 GetSysColorBrush
• 0x49d414 CreateIconFromResourceEx
• 0x49d418 CreateIconFromResource
• 0x49d41c DrawIconEx
• 0x49d420 CreatePopupMenu
• 0x49d424 AppendMenuA
• 0x49d428 ModifyMenuA
• 0x49d42c CreateMenu
• 0x49d430 CreateAcceleratorTableA
• 0x49d434 GetDlgCtrlID
• 0x49d438 GetSubMenu
• 0x49d43c EnableMenuItem
• 0x49d440 ClientToScreen
• 0x49d444 EnumDisplaySettingsA
• 0x49d448 LoadImageA
• 0x49d44c SystemParametersInfoA
• 0x49d450 ShowWindow
• 0x49d454 IsWindowEnabled
• 0x49d458 TranslateAcceleratorA
• 0x49d45c GetKeyState
• 0x49d460 CopyAcceleratorTableA
• 0x49d464 PostQuitMessage
• 0x49d468 IsZoomed
• 0x49d46c GetClassInfoA
• 0x49d470 DefWindowProcA
• 0x49d474 GetSystemMenu
• 0x49d478 DeleteMenu
• 0x49d47c GetMenu
• 0x49d480 SetMenu
• 0x49d484 PeekMessageA
• 0x49d488 IsIconic
• 0x49d48c SetFocus
• 0x49d490 GetActiveWindow
• 0x49d494 GetWindow
• 0x49d498 DestroyAcceleratorTable
• 0x49d49c SetWindowRgn
• 0x49d4a0 GetMessagePos
• 0x49d4a4 ScreenToClient
• 0x49d4a8 ChildWindowFromPointEx
• 0x49d4ac CopyRect
• 0x49d4b0 KillTimer
• 0x49d4b4 SetTimer
• 0x49d4b8 ReleaseCapture
• 0x49d4bc GetCapture
• 0x49d4c0 SetCapture
• 0x49d4c4 GetScrollRange
• 0x49d4c8 SetScrollRange
• 0x49d4cc SetScrollPos
• 0x49d4d0 SetRect
• 0x49d4d4 InflateRect
• 0x49d4d8 IntersectRect
• 0x49d4dc DestroyIcon
• 0x49d4e0 PtInRect
• 0x49d4e4 OffsetRect
• 0x49d4e8 EnableWindow
• 0x49d4ec RedrawWindow
• 0x49d4f0 GetWindowLongA
• 0x49d4f4 SetWindowLongA
• 0x49d4f8 GetSysColor
• 0x49d4fc SetActiveWindow
• 0x49d500 SetCursorPos
• 0x49d504 LoadCursorA
• 0x49d508 SetCursor
• 0x49d50c GetDC
• 0x49d510 FillRect
• 0x49d514 IsRectEmpty
• 0x49d518 ReleaseDC
• 0x49d51c IsChild
• 0x49d520 DestroyMenu
• 0x49d524 SetForegroundWindow
• 0x49d528 GetWindowRect
• 0x49d52c EqualRect
• 0x49d530 UpdateWindow
• 0x49d534 ValidateRect
• 0x49d538 InvalidateRect
• 0x49d53c GetClientRect
• 0x49d540 GetFocus
• 0x49d544 GetParent
• 0x49d548 GetTopWindow
• 0x49d54c PostMessageA
• 0x49d550 IsWindow
• 0x49d554 SetParent
• 0x49d558 DestroyCursor
• 0x49d55c SendMessageA
• 0x49d560 SetWindowPos
• 0x49d564 MessageBoxA
• 0x49d568 GetCursorPos
• 0x49d56c GetSystemMetrics
• 0x49d570 EmptyClipboard
• 0x49d574 SetClipboardData
• 0x49d578 OpenClipboard
• 0x49d57c GetClipboardData
• 0x49d580 CloseClipboard
• 0x49d584 wsprintfA
• 0x49d588 WaitForInputIdle
• 0x49d58c SendDlgItemMessageA
• 0x49d590 MapWindowPoints
• 0x49d594 AdjustWindowRectEx
• 0x49d598 GetScrollPos
• 0x49d59c RegisterClassA
• 0x49d5a0 GetMenuItemCount
• 0x49d5a4 GetMenuItemID
• 0x49d5a8 CreateWindowExA
• 0x49d5ac SetWindowsHookExA
• 0x49d5b0 CallNextHookEx
• 0x49d5b4 GetClassLongA
• 0x49d5b8 SetPropA
• 0x49d5bc UnhookWindowsHookEx
• 0x49d5c0 GetPropA
• 0x49d5c4 CallWindowProcA
• 0x49d5c8 RemovePropA
• 0x49d5cc GetMessageTime
• 0x49d5d0 GetLastActivePopup
• 0x49d5d4 RegisterWindowMessageA
• 0x49d5d8 GetWindowPlacement
• 0x49d5dc GetNextDlgTabItem
• 0x49d5e0 EndDialog
• 0x49d5e4 CreateDialogIndirectParamA
• 0x49d5e8 DestroyWindow
• 0x49d5ec GrayStringA
• 0x49d5f0 DrawTextA
• 0x49d5f4 TabbedTextOutA
• 0x49d5f8 EndPaint
• 0x49d5fc BeginPaint
• 0x49d600 GetWindowDC
• 0x49d604 CharUpperA
• 0x49d608 GetWindowTextLengthA
• 0x49d60c SetWindowTextA
• 0x49d610 GetWindowTextA
• 0x49d614 GetDlgItem
• 0x49d618 UnregisterClassA
• 0x49d61c GetClassNameA
• 0x49d620 GetDesktopWindow
• 0x49d624 GetKeyboardLayout
• 0x49d628 GetForegroundWindow
• 0x49d62c LoadIconA
• 0x49d630 TranslateMessage
• 0x49d634 DrawFrameControl
• 0x49d638 DrawEdge
• 0x49d63c DrawFocusRect
• 0x49d640 WindowFromPoint
• 0x49d644 GetMessageA
• 0x49d648 DispatchMessageA
• 0x49d64c SetRectEmpty
• 0x49d650 WinHelpA
• 0x49d654 RegisterClipboardFormatA
• 0x49d658 LoadBitmapA
• 0x49d65c IsWindowVisible
库: GDI32.dll:
• 0x49d028 RoundRect
• 0x49d02c GetTextMetricsA
• 0x49d030 Escape
• 0x49d034 ExtTextOutA
• 0x49d038 TextOutA
• 0x49d03c RectVisible
• 0x49d040 PtVisible
• 0x49d044 GetViewportExtEx
• 0x49d048 ExtSelectClipRgn
• 0x49d04c GetCurrentObject
• 0x49d050 GetTextExtentPoint32A
• 0x49d054 LPtoDP
• 0x49d058 Rectangle
• 0x49d05c Ellipse
• 0x49d060 CreateCompatibleDC
• 0x49d064 BitBlt
• 0x49d068 StartPage
• 0x49d06c StartDocA
• 0x49d070 DeleteDC
• 0x49d074 EndDoc
• 0x49d078 EndPage
• 0x49d07c GetObjectA
• 0x49d080 GetStockObject
• 0x49d084 CreateFontIndirectA
• 0x49d088 CreateSolidBrush
• 0x49d08c FillRgn
• 0x49d090 CreateRectRgn
• 0x49d094 CombineRgn
• 0x49d098 PatBlt
• 0x49d09c CreatePen
• 0x49d0a0 SelectObject
• 0x49d0a4 CreateBitmap
• 0x49d0a8 CreateDCA
• 0x49d0ac CreateCompatibleBitmap
• 0x49d0b0 GetPolyFillMode
• 0x49d0b4 GetStretchBltMode
• 0x49d0b8 GetROP2
• 0x49d0bc GetBkColor
• 0x49d0c0 GetBkMode
• 0x49d0c4 GetTextColor
• 0x49d0c8 CreateRoundRectRgn
• 0x49d0cc CreateEllipticRgn
• 0x49d0d0 PathToRegion
• 0x49d0d4 EndPath
• 0x49d0d8 BeginPath
• 0x49d0dc GetWindowOrgEx
• 0x49d0e0 GetViewportOrgEx
• 0x49d0e4 GetWindowExtEx
• 0x49d0e8 GetDIBits
• 0x49d0ec RealizePalette
• 0x49d0f0 SelectPalette
• 0x49d0f4 StretchBlt
• 0x49d0f8 DPtoLP
• 0x49d0fc CreatePalette
• 0x49d100 GetSystemPaletteEntries
• 0x49d104 CreateDIBitmap
• 0x49d108 DeleteObject
• 0x49d10c SelectClipRgn
• 0x49d110 CreatePolygonRgn
• 0x49d114 GetClipRgn
• 0x49d118 SetStretchBltMode
• 0x49d11c CreateRectRgnIndirect
• 0x49d120 SetBkColor
• 0x49d124 SaveDC
• 0x49d128 RestoreDC
• 0x49d12c SetBkMode
• 0x49d130 SetPolyFillMode
• 0x49d134 SetROP2
• 0x49d138 SetTextColor
• 0x49d13c SetMapMode
• 0x49d140 SetViewportOrgEx
• 0x49d144 OffsetViewportOrgEx
• 0x49d148 SetViewportExtEx
• 0x49d14c ScaleViewportExtEx
• 0x49d150 SetWindowOrgEx
• 0x49d154 SetWindowExtEx
• 0x49d158 ScaleWindowExtEx
• 0x49d15c GetClipBox
• 0x49d160 ExcludeClipRect
• 0x49d164 MoveToEx
• 0x49d168 LineTo
• 0x49d16c GetDeviceCaps
库: comdlg32.dll:
• 0x49d700 GetFileTitleA
• 0x49d704 GetSaveFileNameA
• 0x49d708 GetOpenFileNameA
• 0x49d70c ChooseColorA
库: ADVAPI32.dll:
• 0x49d000 GetUserNameA
• 0x49d004 RegQueryValueA
• 0x49d008 RegSetValueExA
• 0x49d00c RegOpenKeyExA
• 0x49d010 RegCloseKey
• 0x49d014 RegCreateKeyExA
库: SHELL32.dll:
• 0x49d3e0 SHGetSpecialFolderPathA
• 0x49d3e4 Shell_NotifyIconA
• 0x49d3e8 ShellExecuteA
库: ole32.dll:
• 0x49d714 CLSIDFromProgID
• 0x49d718 OleInitialize
• 0x49d71c OleUninitialize
• 0x49d720 CLSIDFromString
• 0x49d724 CoCreateInstance
• 0x49d728 OleRun
库: OLEAUT32.dll:
• 0x49d3ac UnRegisterTypeLib
• 0x49d3b0 LoadTypeLib
• 0x49d3b4 VariantCopyInd
• 0x49d3b8 VariantInit
• 0x49d3bc SysAllocString
• 0x49d3c0 RegisterTypeLib
• 0x49d3c4 LHashValOfNameSys
• 0x49d3c8 VariantClear
• 0x49d3cc VariantChangeType
库: WININET.dll:
• 0x49d66c InternetCloseHandle
.text
`.rdata
@.data
.rsrc
8`}<j
T$th
|$`Vj
D$@Sj
L$8h
D$8Rj
l$<VWj
访问主机纪录 (可点击查询WPING实时安全评级)
无主机纪录.
TCP
无TCP连接纪录.
UDP
无UDP连接纪录.
域名解析 (可点击查询WPING实时安全评级)
无域名信息.
TCP
无TCP连接纪录.
UDP
无UDP连接纪录.
HTTP 请求
未发现HTTP请求.
SMTP 流量
无SMTP流量.
IRC 流量
无IRC请求.
ICMP 流量
无ICMP流量.
CIF 报告
无 CIF 结果
网络警报
无警报
TLS
No TLS
Suricata HTTP
No Suricata HTTP
未发现网络提取文件
抱歉! 没有任何文件投放。
没有发现相似的分析.
| HTML 总结报告 (需15-60分钟同步) |
下载 |
|---|
Processing ( 30.026 seconds )
- 16.423 Suricata
- 8.956 Static
- 1.759 VirusTotal
- 0.976 BehaviorAnalysis
- 0.959 TargetInfo
- 0.429 peid
- 0.358 NetworkAnalysis
- 0.136 AnalysisInfo
- 0.019 Strings
- 0.008 config_decoder
- 0.003 Memory
Signatures ( 0.454 seconds )
- 0.046 api_spamming
- 0.037 stealth_timeout
- 0.036 antiav_detectreg
- 0.032 stealth_decoy_document
- 0.03 kovter_behavior
- 0.028 antiemu_wine_func
- 0.025 infostealer_browser_password
- 0.02 md_url_bl
- 0.018 md_domain_bl
- 0.015 infostealer_ftp
- 0.009 anomaly_persistence_autorun
- 0.009 antiav_detectfile
- 0.009 infostealer_im
- 0.007 antivm_vbox_libs
- 0.007 antianalysis_detectreg
- 0.007 ransomware_extensions
- 0.007 ransomware_files
- 0.006 infostealer_bitcoin
- 0.005 infostealer_mail
- 0.004 mimics_filetime
- 0.004 reads_self
- 0.004 exec_crash
- 0.004 antivm_vbox_files
- 0.004 disables_browser_warn
- 0.003 tinba_behavior
- 0.003 stealth_file
- 0.003 geodo_banking_trojan
- 0.003 browser_security
- 0.002 bootkit
- 0.002 rat_nanocore
- 0.002 antiav_avast_libs
- 0.002 infostealer_browser
- 0.002 antivm_vmware_libs
- 0.002 antivm_generic_services
- 0.002 betabot_behavior
- 0.002 antisandbox_sunbelt_libs
- 0.002 antisandbox_sboxie_libs
- 0.002 antiav_bitdefender_libs
- 0.002 kibex_behavior
- 0.002 antivm_generic_scsi
- 0.002 antivm_generic_disk
- 0.002 antidbg_windows
- 0.002 cerber_behavior
- 0.002 virus
- 0.002 antivm_parallels_keys
- 0.002 antivm_xen_keys
- 0.002 modify_proxy
- 0.002 md_bad_drop
- 0.001 network_tor
- 0.001 anomaly_persistence_bootexecute
- 0.001 maldun_anomaly_massive_file_ops
- 0.001 injection_createremotethread
- 0.001 ursnif_behavior
- 0.001 shifu_behavior
- 0.001 anormaly_invoke_kills
- 0.001 injection_runpe
- 0.001 hancitor_behavior
- 0.001 antianalysis_detectfile
- 0.001 antidbg_devices
- 0.001 antivm_generic_diskreg
- 0.001 banker_zeus_mutex
- 0.001 bot_drive
- 0.001 bot_drive2
- 0.001 browser_addon
- 0.001 disables_system_restore
- 0.001 disables_windows_defender
- 0.001 darkcomet_regkeys
- 0.001 maldun_malicious_drop_executable_file_to_temp_folder
- 0.001 office_security
- 0.001 ransomware_radamant
- 0.001 rat_pcclient
- 0.001 rat_spynet
- 0.001 recon_fingerprint
- 0.001 stealth_hiddenreg
- 0.001 stealth_hide_notifications
- 0.001 stealth_modify_uac_prompt
- 0.001 stealth_modify_security_center_warnings
Reporting ( 1.198 seconds )
- 0.886 ReportHTMLSummary
- 0.312 Malheur
| Task ID | 541965 |
|---|---|
| Mongo ID | 5eae7e152f8f2e1dca20cca5 |
| Cuckoo release | 1.4-Maldun |
沪公网安备 31011502009736号