恶意软件分析 & URL链接扫描免费在线病毒分析平台

分析任务

分析类型	虚拟机标签	开始时间	结束时间	持续时间
文件 (Windows)	win7-sp1-x64-hpdapp01-1	2020-07-06 00:30:54	2020-07-06 00:33:30	156 秒

魔盾分数

9.0

危险的

文件详细信息

文件名	YouTubeDownloaderPro.exe
文件大小	2736128 字节
文件类型	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	a07ef10619f235fb614f90f09354b303
SHA1	1220e476f3bb8c363adb8d0c3ee7a8e40c752428
SHA256	fff390a374f3fab1b5e46f2b80ff2755442acb241251dba95328b8001a7248d4
SHA512	0b7e8bfec2c2d1a9d7343ec94f0c076d2aba6442f8dfede6207ea57f318c05fd96dcf7c6b49f05dc0d0aecab53d8b950fbab9ed602ce2d2487b1b9862c4fbaa7
CRC32	67190C0F
Ssdeep	24576:zAd88ZqLmbmVSC6N62OgIUAMABLGbQzEjlfKI4qR1lzFTE6raQlZEFTZE2:zAH4lVZdBLGbQk1FIMasEFT
Yara	登录查看Yara规则
	样本下载提交误报

登录查看威胁特征

运行截图

访问主机纪录 (可点击查询WPING实时安全评级)

无主机纪录.

域名解析 (可点击查询WPING实时安全评级)

域名	安全评级	响应
www.youtubedownloaderpro.com	未知	A 216.146.216.18 CNAME youtubedownloaderpro.com

摘要

登录查看详细行为信息

PE 信息

初始地址	0x00400000
入口地址	0x004c4dce
声明校验值	0x0029e224
实际校验值	0x0029e224
最低操作系统版本要求	4.0
编译时间	2020-06-20 14:37:01
载入哈希	d8b61c9856f4d42ba20db46f644aea37

版本信息

LegalCopyright
InternalName
FileVersion
CompanyName
PrivateBuild
LegalTrademarks
Comments
ProductName
SpecialBuild
ProductVersion
FileDescription
OriginalFilename
Translation

PE 数据组成

名称	虚拟地址	虚拟大小	原始数据大小	特征	熵(Entropy)
.text	0x00001000	0x0014f5e6	0x00150000	IMAGE_SCN_CNT_CODE\|IMAGE_SCN_MEM_EXECUTE\|IMAGE_SCN_MEM_READ	6.68
.rdata	0x00151000	0x0003626a	0x00037000	IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ	4.67
.data	0x00188000	0x000cf2a8	0x000ca000	IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE	1.39
.rsrc	0x00258000	0x0004956e	0x0004a000	IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ	3.23

导入

库: WININET.dll:

• 0x551790 InternetCrackUrlW

• 0x551794 InternetGetConnectedState

• 0x551798 InternetReadFile

• 0x55179c HttpSendRequestW

• 0x5517a0 HttpAddRequestHeadersW

• 0x5517a4 HttpOpenRequestW

• 0x5517a8 InternetConnectW

• 0x5517ac InternetOpenW

• 0x5517b0 HttpQueryInfoW

• 0x5517b4 InternetQueryOptionW

• 0x5517b8 InternetSetOptionW

• 0x5517bc InternetCloseHandle

库: KERNEL32.dll:

• 0x551180 HeapFree

• 0x551184 RaiseException

• 0x551188 HeapAlloc

• 0x55118c GetDriveTypeW

• 0x551190 GetTimeZoneInformation

• 0x551194 GetSystemTime

• 0x551198 GetLocalTime

• 0x55119c HeapReAlloc

• 0x5511a0 SetStdHandle

• 0x5511a4 GetFileType

• 0x5511a8 ExitThread

• 0x5511ac HeapSize

• 0x5511b0 UnhandledExceptionFilter

• 0x5511b4 FreeEnvironmentStringsA

• 0x5511b8 FreeEnvironmentStringsW

• 0x5511bc GetEnvironmentStringsW

• 0x5511c0 GetEnvironmentStrings

• 0x5511c4 GetCommandLineW

• 0x5511c8 GetCommandLineA

• 0x5511cc SetHandleCount

• 0x5511d0 GetStdHandle

• 0x5511d4 GetStartupInfoA

• 0x5511d8 GetModuleFileNameA

• 0x5511dc GetEnvironmentVariableA

• 0x5511e0 GetVersionExA

• 0x5511e4 HeapDestroy

• 0x5511e8 HeapCreate

• 0x5511ec VirtualFree

• 0x5511f0 VirtualAlloc

• 0x5511f4 IsBadWritePtr

• 0x5511f8 SetUnhandledExceptionFilter

• 0x5511fc CompareStringA

• 0x551200 CompareStringW

• 0x551204 GetCurrentDirectoryA

• 0x551208 LCMapStringA

• 0x55120c LCMapStringW

• 0x551210 IsBadReadPtr

• 0x551214 IsBadCodePtr

• 0x551218 GetCPInfo

• 0x55121c RtlUnwind

• 0x551220 IsValidCodePage

• 0x551224 GetLocaleInfoA

• 0x551228 EnumSystemLocalesA

• 0x55122c GetUserDefaultLCID

• 0x551230 GetStringTypeA

• 0x551234 GetStringTypeW

• 0x551238 CreateFileA

• 0x55123c GetDriveTypeA

• 0x551240 GetACP

• 0x551244 GetOEMCP

• 0x551248 SetEnvironmentVariableA

• 0x55124c GetCurrentThreadId

• 0x551250 lstrcmpW

• 0x551254 CreateEventW

• 0x551258 CloseHandle

• 0x55125c SetEvent

• 0x551260 SetThreadPriority

• 0x551264 GetTickCount

• 0x551268 Sleep

• 0x55126c TerminateThread

• 0x551270 WaitForSingleObject

• 0x551274 ResumeThread

• 0x551278 CreateFileW

• 0x55127c GetLastError

• 0x551280 CreateMutexW

• 0x551284 FreeLibrary

• 0x551288 GetProcAddress

• 0x55128c LoadLibraryW

• 0x551290 lstrcpynW

• 0x551294 GetVersionExW

• 0x551298 lstrlenW

• 0x55129c GlobalUnlock

• 0x5512a0 GlobalLock

• 0x5512a4 GlobalAlloc

• 0x5512a8 DeleteFileW

• 0x5512ac InterlockedExchange

• 0x5512b0 GetProfileStringA

• 0x5512b4 GlobalAddAtomA

• 0x5512b8 FindResourceA

• 0x5512bc ExitProcess

• 0x5512c0 GetStartupInfoW

• 0x5512c4 SetErrorMode

• 0x5512c8 GetCurrentDirectoryW

• 0x5512cc FindResourceExW

• 0x5512d0 SystemTimeToFileTime

• 0x5512d4 LocalFileTimeToFileTime

• 0x5512d8 GetProfileIntW

• 0x5512dc GlobalFlags

• 0x5512e0 TlsGetValue

• 0x5512e4 LocalReAlloc

• 0x5512e8 TlsSetValue

• 0x5512ec GlobalReAlloc

• 0x5512f0 TlsFree

• 0x5512f4 GlobalHandle

• 0x5512f8 TlsAlloc

• 0x5512fc LocalAlloc

• 0x551300 GetProcessVersion

• 0x551304 lstrcmpiW

• 0x551308 GetThreadLocale

• 0x55130c GetStringTypeExW

• 0x551310 GetVolumeInformationW

• 0x551314 UnlockFile

• 0x551318 LockFile

• 0x55131c DuplicateHandle

• 0x551320 FileTimeToLocalFileTime

• 0x551324 FileTimeToSystemTime

• 0x551328 lstrcmpA

• 0x55132c lstrcmpiA

• 0x551330 GetCurrentThread

• 0x551334 SuspendThread

• 0x551338 GetDiskFreeSpaceW

• 0x55133c GetFileTime

• 0x551340 SetFileTime

• 0x551344 GetFullPathNameW

• 0x551348 GetTempFileNameW

• 0x55134c GetFileAttributesW

• 0x551350 GlobalGetAtomNameW

• 0x551354 MulDiv

• 0x551358 FindNextFileW

• 0x55135c SetLastError

• 0x551360 InterlockedDecrement

• 0x551364 InterlockedIncrement

• 0x551368 GetModuleHandleA

• 0x55136c LoadLibraryA

• 0x551370 lstrlenA

• 0x551374 GetVersion

• 0x551378 lstrcatW

• 0x55137c GlobalAddAtomW

• 0x551380 GlobalFindAtomW

• 0x551384 GlobalDeleteAtom

• 0x551388 lstrcpyW

• 0x55138c FindResourceW

• 0x551390 SizeofResource

• 0x551394 LoadResource

• 0x551398 LockResource

• 0x55139c GlobalSize

• 0x5513a0 CreateThread

• 0x5513a4 FlushFileBuffers

• 0x5513a8 WriteFile

• 0x5513ac ReadFile

• 0x5513b0 SetFilePointer

• 0x5513b4 SetEndOfFile

• 0x5513b8 GetFileSize

• 0x5513bc SetCurrentDirectoryW

• 0x5513c0 GlobalFree

• 0x5513c4 CopyFileW

• 0x5513c8 WritePrivateProfileStringW

• 0x5513cc GetPrivateProfileIntW

• 0x5513d0 MoveFileW

• 0x5513d4 LeaveCriticalSection

• 0x5513d8 EnterCriticalSection

• 0x5513dc DeleteCriticalSection

• 0x5513e0 InitializeCriticalSection

• 0x5513e4 GetModuleFileNameW

• 0x5513e8 GetWindowsDirectoryW

• 0x5513ec CreateProcessW

• 0x5513f0 OpenProcess

• 0x5513f4 TerminateProcess

• 0x5513f8 GetExitCodeProcess

• 0x5513fc MultiByteToWideChar

• 0x551400 WideCharToMultiByte

• 0x551404 GetPrivateProfileStringW

• 0x551408 GetTempPathW

• 0x55140c CreateDirectoryW

• 0x551410 FindFirstFileW

• 0x551414 FindClose

• 0x551418 GetShortPathNameW

• 0x55141c GetCurrentProcess

• 0x551420 GetModuleHandleW

• 0x551424 GetLocaleInfoW

• 0x551428 GetNumberFormatW

• 0x55142c LocalFree

• 0x551430 IsValidLocale

库: USER32.dll:

• 0x5514a0 SetRect

• 0x5514a4 EndPaint

• 0x5514a8 BeginPaint

• 0x5514ac GetWindowDC

• 0x5514b0 wvsprintfW

• 0x5514b4 GetMenuCheckMarkDimensions

• 0x5514b8 GetMenuState

• 0x5514bc ModifyMenuW

• 0x5514c0 SetMenuItemBitmaps

• 0x5514c4 EnableMenuItem

• 0x5514c8 ShowWindow

• 0x5514cc MoveWindow

• 0x5514d0 SetWindowTextW

• 0x5514d4 IsDialogMessageW

• 0x5514d8 IsDlgButtonChecked

• 0x5514dc SetDlgItemTextW

• 0x5514e0 SetDlgItemInt

• 0x5514e4 GetDlgItemInt

• 0x5514e8 CheckDlgButton

• 0x5514ec SendDlgItemMessageW

• 0x5514f0 SendDlgItemMessageA

• 0x5514f4 MapWindowPoints

• 0x5514f8 AdjustWindowRectEx

• 0x5514fc EqualRect

• 0x551500 DeferWindowPos

• 0x551504 GetTopWindow

• 0x551508 MessageBoxW

• 0x55150c IsChild

• 0x551510 WinHelpW

• 0x551514 wsprintfW

• 0x551518 GetClassInfoW

• 0x55151c RegisterClassW

• 0x551520 TrackPopupMenu

• 0x551524 GetWindowTextLengthW

• 0x551528 GetWindowTextW

• 0x55152c CreateWindowExW

• 0x551530 CallWindowProcW

• 0x551534 DefWindowProcW

• 0x551538 GetMessageTime

• 0x55153c GetMessagePos

• 0x551540 GetForegroundWindow

• 0x551544 SetWindowLongW

• 0x551548 IntersectRect

• 0x55154c SystemParametersInfoW

• 0x551550 GetWindowPlacement

• 0x551554 EndDialog

• 0x551558 GetActiveWindow

• 0x55155c SetActiveWindow

• 0x551560 CreateDialogIndirectParamW

• 0x551564 DestroyWindow

• 0x551568 GetWindowLongW

• 0x55156c GetDlgItem

• 0x551570 BeginDeferWindowPos

• 0x551574 EndDeferWindowPos

• 0x551578 DrawAnimatedRects

• 0x55157c AppendMenuW

• 0x551580 RemovePropW

• 0x551584 SetPropW

• 0x551588 SetRectEmpty

• 0x55158c SetMenu

• 0x551590 PeekMessageW

• 0x551594 MsgWaitForMultipleObjects

• 0x551598 IsWindowUnicode

• 0x55159c GetMessageW

• 0x5515a0 TranslateMessage

• 0x5515a4 DispatchMessageW

• 0x5515a8 FindWindowW

• 0x5515ac ExitWindowsEx

• 0x5515b0 EmptyClipboard

• 0x5515b4 SetClipboardData

• 0x5515b8 OpenClipboard

• 0x5515bc GetClipboardData

• 0x5515c0 CloseClipboard

• 0x5515c4 FindWindowExW

• 0x5515c8 CharNextA

• 0x5515cc CallWindowProcA

• 0x5515d0 RemovePropA

• 0x5515d4 SetWindowsHookExA

• 0x5515d8 GetWindowLongA

• 0x5515dc SendMessageA

• 0x5515e0 GetClassNameA

• 0x5515e4 SetWindowLongA

• 0x5515e8 GetDlgCtrlID

• 0x5515ec SetWindowPos

• 0x5515f0 GetMenu

• 0x5515f4 DrawFrameControl

• 0x5515f8 IsWindowEnabled

• 0x5515fc RegisterWindowMessageW

• 0x551600 GetDC

• 0x551604 ReleaseDC

• 0x551608 DrawFocusRect

• 0x55160c KillTimer

• 0x551610 SetTimer

• 0x551614 GetWindow

• 0x551618 GetPropW

• 0x55161c IsIconic

• 0x551620 GetLastActivePopup

• 0x551624 CheckMenuRadioItem

• 0x551628 GetCursorPos

• 0x55162c SetCursor

• 0x551630 LoadAcceleratorsW

• 0x551634 TranslateAcceleratorW

• 0x551638 ReuseDDElParam

• 0x55163c SetParent

• 0x551640 PostThreadMessageW

• 0x551644 LockWindowUpdate

• 0x551648 GetDCEx

• 0x55164c IsClipboardFormatAvailable

• 0x551650 GetClassNameW

• 0x551654 UpdateWindow

• 0x551658 CallNextHookEx

• 0x55165c WindowFromPoint

• 0x551660 ScreenToClient

• 0x551664 SetFocus

• 0x551668 ReleaseCapture

• 0x55166c keybd_event

• 0x551670 SetWindowsHookExW

• 0x551674 UnhookWindowsHookEx

• 0x551678 GetCapture

• 0x55167c SetCapture

• 0x551680 GetMenuStringW

• 0x551684 GetMenuItemCount

• 0x551688 GetMenuItemID

• 0x55168c DestroyMenu

• 0x551690 IsWindowVisible

• 0x551694 GetSystemMetrics

• 0x551698 TrackPopupMenuEx

• 0x55169c DeleteMenu

• 0x5516a0 GetDesktopWindow

• 0x5516a4 InvalidateRect

• 0x5516a8 OffsetRect

• 0x5516ac GetSysColor

• 0x5516b0 GetFocus

• 0x5516b4 SetPropA

• 0x5516b8 GetPropA

• 0x5516bc InflateRect

• 0x5516c0 GrayStringW

• 0x5516c4 DrawTextW

• 0x5516c8 TabbedTextOutW

• 0x5516cc GetSysColorBrush

• 0x5516d0 CharUpperW

• 0x5516d4 RegisterClipboardFormatW

• 0x5516d8 ShowOwnedPopups

• 0x5516dc PostQuitMessage

• 0x5516e0 MapDialogRect

• 0x5516e4 GetAsyncKeyState

• 0x5516e8 IsZoomed

• 0x5516ec ValidateRect

• 0x5516f0 LoadStringW

• 0x5516f4 BringWindowToTop

• 0x5516f8 SetClassLongW

• 0x5516fc UnpackDDElParam

• 0x551700 CopyRect

• 0x551704 GetParent

• 0x551708 PostMessageW

• 0x55170c LoadMenuW

• 0x551710 GetSubMenu

• 0x551714 ClientToScreen

• 0x551718 PtInRect

• 0x55171c SetMenuDefaultItem

• 0x551720 GetSystemMenu

• 0x551724 InsertMenuW

• 0x551728 GetWindowRect

• 0x55172c CheckMenuItem

• 0x551730 DestroyIcon

• 0x551734 LoadIconW

• 0x551738 LoadImageW

• 0x55173c IsWindow

• 0x551740 GetClientRect

• 0x551744 DestroyCursor

• 0x551748 LoadBitmapW

• 0x55174c LoadCursorW

• 0x551750 GetKeyState

• 0x551754 SendMessageW

• 0x551758 SetForegroundWindow

• 0x55175c EnableWindow

• 0x551760 DefWindowProcA

• 0x551764 DefDlgProcA

• 0x551768 GetClassInfoA

• 0x55176c DrawTextA

• 0x551770 GetWindowTextA

• 0x551774 ExcludeUpdateRgn

• 0x551778 ShowCaret

• 0x55177c HideCaret

• 0x551780 GetWindowTextLengthA

• 0x551784 UnregisterClassW

• 0x551788 GetNextDlgTabItem

库: GDI32.dll:

• 0x55108c SetMapMode

• 0x551090 SetViewportOrgEx

• 0x551094 OffsetViewportOrgEx

• 0x551098 SetViewportExtEx

• 0x55109c ScaleViewportExtEx

• 0x5510a0 SetWindowOrgEx

• 0x5510a4 SetWindowExtEx

• 0x5510a8 ScaleWindowExtEx

• 0x5510ac SelectClipRgn

• 0x5510b0 ExcludeClipRect

• 0x5510b4 IntersectClipRect

• 0x5510b8 MoveToEx

• 0x5510bc LineTo

• 0x5510c0 GetDeviceCaps

• 0x5510c4 CreatePen

• 0x5510c8 CreateSolidBrush

• 0x5510cc CreatePatternBrush

• 0x5510d0 SetRectRgn

• 0x5510d4 GetCharWidthW

• 0x5510d8 CreateFontW

• 0x5510dc GetTextMetricsW

• 0x5510e0 EnumFontFamiliesExW

• 0x5510e4 CopyMetaFileW

• 0x5510e8 CreateRectRgn

• 0x5510ec CombineRgn

• 0x5510f0 SetTextColor

• 0x5510f4 SetBkMode

• 0x5510f8 CreateBitmap

• 0x5510fc SetBkColor

• 0x551100 SaveDC

• 0x551104 GetClipBox

• 0x551108 CreateRectRgnIndirect

• 0x55110c ExtSelectClipRgn

• 0x551110 SetStretchBltMode

• 0x551114 StretchDIBits

• 0x551118 SetDIBitsToDevice

• 0x55111c RestoreDC

• 0x551120 CreateDIBSection

• 0x551124 DeleteDC

• 0x551128 PatBlt

• 0x55112c DeleteObject

• 0x551130 SelectObject

• 0x551134 GetBkMode

• 0x551138 GetBkColor

• 0x55113c GetTextColor

• 0x551140 GetTextExtentPoint32W

• 0x551144 BitBlt

• 0x551148 Escape

• 0x55114c ExtTextOutW

• 0x551150 TextOutW

• 0x551154 RectVisible

• 0x551158 PtVisible

• 0x55115c CreateCompatibleDC

• 0x551160 CreateCompatibleBitmap

• 0x551164 GetStockObject

• 0x551168 GetObjectW

• 0x55116c ExtTextOutA

• 0x551170 GetTextExtentPointA

• 0x551174 CreateDIBitmap

• 0x551178 CreateFontIndirectW

库: comdlg32.dll:

• 0x5517d4 GetFileTitleW

• 0x5517d8 GetSaveFileNameW

• 0x5517dc GetOpenFileNameW

库: WINSPOOL.DRV:

• 0x5517c4 OpenPrinterW

• 0x5517c8 DocumentPropertiesW

• 0x5517cc ClosePrinter

库: ADVAPI32.dll:

• 0x551000 RegCloseKey

• 0x551004 RegQueryValueExW

• 0x551008 RegSetValueExW

• 0x55100c RegQueryValueW

• 0x551010 RegCreateKeyW

• 0x551014 RegSetValueW

• 0x551018 RegDeleteKeyW

• 0x55101c RegEnumKeyW

• 0x551020 RegOpenKeyW

• 0x551024 AdjustTokenPrivileges

• 0x551028 LookupPrivilegeValueW

• 0x55102c OpenProcessToken

• 0x551030 RegOpenKeyExW

• 0x551034 RegDeleteValueW

• 0x551038 SetFileSecurityW

• 0x55103c GetFileSecurityW

• 0x551040 RegCreateKeyExW

库: SHELL32.dll:

• 0x551444 DragAcceptFiles

• 0x551448 DragQueryFileW

• 0x55144c ShellExecuteW

• 0x551450 SHGetPathFromIDListW

• 0x551454 SHBrowseForFolderW

• 0x551458 SHGetMalloc

• 0x55145c SHGetDesktopFolder

• 0x551460 Shell_NotifyIconW

• 0x551464 SHFileOperationW

• 0x551468 ExtractIconW

• 0x55146c SHGetFileInfoW

• 0x551470 DragFinish

• 0x551474 SHGetSpecialFolderPathW

库: COMCTL32.dll:

• 0x551048 ImageList_DragLeave

• 0x55104c ImageList_EndDrag

• 0x551050 ImageList_DragEnter

• 0x551054 ImageList_Draw

• 0x551058 ImageList_AddMasked

• 0x55105c ImageList_BeginDrag

• 0x551060 ImageList_DragMove

• 0x551064 _TrackMouseEvent

• 0x551068 None

• 0x55106c ImageList_Destroy

• 0x551070 ImageList_Create

• 0x551074 ImageList_DrawIndirect

• 0x551078 PropertySheetW

• 0x55107c DestroyPropertySheetPage

• 0x551080 ImageList_GetImageInfo

• 0x551084 CreatePropertySheetPageW

库: oledlg.dll:

• 0x551830 OleUIBusyW

库: ole32.dll:

• 0x5517e4 CoRegisterMessageFilter

• 0x5517e8 OleGetClipboard

• 0x5517ec ReleaseStgMedium

• 0x5517f0 RevokeDragDrop

• 0x5517f4 CoRevokeClassObject

• 0x5517f8 CoFreeUnusedLibraries

• 0x5517fc OleUninitialize

• 0x551800 OleInitialize

• 0x551804 CoInitialize

• 0x551808 CoCreateInstance

• 0x55180c CoUninitialize

• 0x551810 CoCreateGuid

• 0x551814 OleFlushClipboard

• 0x551818 OleIsCurrentClipboard

• 0x55181c OleDuplicateData

• 0x551820 RegisterDragDrop

• 0x551824 CoTaskMemAlloc

• 0x551828 CoLockObjectExternal

库: OLEAUT32.dll:

• 0x551438 SysFreeString

• 0x55143c SysAllocString

库: SHLWAPI.dll:

• 0x55147c PathIsFileSpecW

• 0x551480 PathGetCharTypeW

• 0x551484 PathRemoveFileSpecW

• 0x551488 PathFindExtensionW

• 0x55148c PathIsURLW

• 0x551490 PathFindFileNameW

• 0x551494 PathIsDirectoryW

• 0x551498 PathFileExistsW

.text
`.rdata
@.data
.rsrc
F<@4U
F<@4U
Fh(NU
FD   
P0VVh

防病毒引擎/厂商	病毒名/规则匹配	病毒库日期
Bkav	未发现病毒	20200701
DrWeb	未发现病毒	20200704
MicroWorld-eScan	未发现病毒	20200701
CMC	未发现病毒	20200701
CAT-QuickHeal	未发现病毒	20200701
Qihoo-360	未发现病毒	20200701
ALYac	未发现病毒	20200701
Malwarebytes	未发现病毒	20200701
VIPRE	未发现病毒	20200704
AegisLab	未发现病毒	20200704
Sangfor	未发现病毒	20200423
K7AntiVirus	未发现病毒	20200701
BitDefender	未发现病毒	20200701
K7GW	未发现病毒	20200701
Cybereason	未发现病毒	20190616
TrendMicro	未发现病毒	20200704
BitDefenderTheta	未发现病毒	20200624
Cyren	未发现病毒	20200701
Symantec	未发现病毒	20200701
ESET-NOD32	未发现病毒	20200701
APEX	未发现病毒	20200701
Paloalto	未发现病毒	20200701
ClamAV	未发现病毒	20200630
Kaspersky	未发现病毒	20200704
Alibaba	未发现病毒	20190527
NANO-Antivirus	未发现病毒	20200701
SUPERAntiSpyware	未发现病毒	20200624
Avast	未发现病毒	20200704
Rising	未发现病毒	20200704
Ad-Aware	未发现病毒	20200701
Sophos	未发现病毒	20200704
Comodo	未发现病毒	20200701
F-Secure	未发现病毒	20200704
Baidu	未发现病毒	20190318
Zillya	未发现病毒	20200630
Invincea	未发现病毒	20200502
Fortinet	未发现病毒	20200701
Trapmine	未发现病毒	20200619
FireEye	未发现病毒	20200704
Emsisoft	未发现病毒	20200701
F-Prot	未发现病毒	20200704
Jiangmin	未发现病毒	20200701
Webroot	未发现病毒	20200701
Avira	未发现病毒	20200701
MAX	未发现病毒	20200701
Antiy-AVL	未发现病毒	20200701
Kingsoft	未发现病毒	20200701
Endgame	未发现病毒	20200608
Arcabit	未发现病毒	20200701
ViRobot	未发现病毒	20200701
ZoneAlarm	未发现病毒	20200701
Avast-Mobile	未发现病毒	20200630
Microsoft	未发现病毒	20200704
Cynet	未发现病毒	20200628
AhnLab-V3	未发现病毒	20200701
Acronis	未发现病毒	20200603
McAfee	未发现病毒	20200704
TACHYON	未发现病毒	20200701
VBA32	BScope.Trojan.MSIL.Cryptos	20200630
Cylance	未发现病毒	20200704
Zoner	未发现病毒	20200630
TrendMicro-HouseCall	未发现病毒	20200701
Tencent	未发现病毒	20200701
Yandex	未发现病毒	20200703
SentinelOne	未发现病毒	20200601
eGambit	未发现病毒	20200701
GData	未发现病毒	20200704
AVG	未发现病毒	20200704
Panda	未发现病毒	20200630
CrowdStrike	未发现病毒	20190702
MaxSecure	未发现病毒	20200622

进程树

YouTubeDownloaderPro.exe id: 2688

搜索
YouTubeDownloaderPro.exe (2688)

YouTubeDownloaderPro.exe, PID: 2688, 上一级进程 PID: 2332

缺省注册表文件系统网络进程线程服务设备同步加密浏览器全部

下载PCAP包

访问主机纪录 (可点击查询WPING实时安全评级)

无主机纪录.

TCP

源地址	源端口	目标地址	目标端口
192.168.122.201	49161	216.146.216.18 www.youtubedownloaderpro.com	80

UDP

源地址	源端口	目标地址	目标端口
192.168.122.201	64912	192.168.122.1	53

域名解析 (可点击查询WPING实时安全评级)

域名	安全评级	响应
www.youtubedownloaderpro.com	未知	A 216.146.216.18 CNAME youtubedownloaderpro.com

TCP

源地址	源端口	目标地址	目标端口
192.168.122.201	49161	216.146.216.18 www.youtubedownloaderpro.com	80

UDP

源地址	源端口	目标地址	目标端口
192.168.122.201	64912	192.168.122.1	53

HTTP 请求

URI	HTTP数据
URL专业沙箱检测 -> http://www.youtubedownloaderpro.com/update.xml	GET /update.xml HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.86 Safari/537.36 Host: www.youtubedownloaderpro.com Connection: Keep-Alive

URI

HTTP数据

URL专业沙箱检测 -> http://www.youtubedownloaderpro.com/update.xml

GET /update.xml HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.86 Safari/537.36
Host: www.youtubedownloaderpro.com
Connection: Keep-Alive

SMTP 流量

无SMTP流量.

IRC 流量

无IRC请求.

ICMP 流量

无ICMP流量.

CIF 报告

无 CIF 结果

网络警报

无警报

TLS

No TLS

Suricata HTTP

No Suricata HTTP

未发现网络提取文件

抱歉! 没有任何文件投放。

没有发现相似的分析.

HTML 总结报告 (需15-60分钟同步)	下载

Processing ( 40.895 seconds )

15.561 Suricata
10.485 NetworkAnalysis
9.507 Static
3.025 VirusTotal
0.947 TargetInfo
0.778 BehaviorAnalysis
0.432 peid
0.131 AnalysisInfo
0.018 Strings
0.008 config_decoder
0.003 Memory

Signatures ( 24.394 seconds )

22.089 network_http
1.885 md_url_bl
0.061 antiav_detectreg
0.042 api_spamming
0.037 stealth_decoy_document
0.035 stealth_timeout
0.025 md_domain_bl
0.024 infostealer_ftp
0.014 infostealer_im
0.013 antianalysis_detectreg
0.009 antiav_detectfile
0.008 anomaly_persistence_autorun
0.008 antivm_generic_scsi
0.008 infostealer_mail
0.008 ransomware_files
0.007 geodo_banking_trojan
0.007 ransomware_extensions
0.006 antidbg_windows
0.006 infostealer_bitcoin
0.005 antivm_generic_services
0.005 anormaly_invoke_kills
0.005 network_torgateway
0.004 antivm_vbox_files
0.004 disables_browser_warn
0.003 tinba_behavior
0.003 betabot_behavior
0.003 kibex_behavior
0.003 antivm_parallels_keys
0.003 antivm_xen_keys
0.003 recon_fingerprint
0.002 rat_nanocore
0.002 mimics_filetime
0.002 cerber_behavior
0.002 antivm_generic_diskreg
0.002 browser_security
0.002 modify_proxy
0.002 darkcomet_regkeys
0.002 md_bad_drop
0.002 network_cnc_http
0.001 network_tor
0.001 antivm_vbox_libs
0.001 bootkit
0.001 stealth_file
0.001 antivm_vbox_window
0.001 reads_self
0.001 ursnif_behavior
0.001 ransomeware_modifies_desktop_wallpaper
0.001 shifu_behavior
0.001 antivm_generic_disk
0.001 virus
0.001 kovter_behavior
0.001 hancitor_behavior
0.001 bypass_firewall
0.001 antianalysis_detectfile
0.001 antidbg_devices
0.001 antisandbox_productid
0.001 antivm_generic_system
0.001 antivm_xen_keys
0.001 antivm_hyperv_keys
0.001 antivm_vbox_acpi
0.001 antivm_vbox_keys
0.001 antivm_vmware_keys
0.001 antivm_vpc_keys
0.001 banker_zeus_mutex
0.001 bot_drive
0.001 bot_drive2
0.001 browser_addon
0.001 disables_system_restore
0.001 disables_windows_defender
0.001 maldun_malicious_drop_executable_file_to_temp_folder
0.001 maldun_anomaly_invoke_vb_vba
0.001 maldun_network_blacklist
0.001 office_security
0.001 packer_armadillo_regkey
0.001 ransomware_radamant
0.001 rat_pcclient
0.001 rat_spynet
0.001 recon_programs
0.001 stealth_hiddenreg
0.001 stealth_hide_notifications
0.001 stealth_modify_uac_prompt
0.001 stealth_modify_security_center_warnings

Reporting ( 1.295 seconds )

0.897 ReportHTMLSummary
0.398 Malheur


Task ID	557782
Mongo ID	5f02012a2f8f2e385e6631ff
Cuckoo release	1.4-Maldun