比较分析...

分析任务

分析类型 虚拟机标签 开始时间 结束时间 持续时间
文件 (Windows) win7-sp1-x64-shaapp03-1 2020-10-27 10:50:36 2020-10-27 10:51:39 63 秒

魔盾分数

10.0

危险的

文件详细信息

文件名 WeChatWin.dll
文件大小 28144720 字节
文件类型 PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 f46134a73a1a1f045e580391eb18ebfc
SHA1 131718ca7ce338a50e8c80ceb80eba19c88d50d4
SHA256 79186bbfc4b8d6269dbc32ab726cce89d68a68baccc6f8f7e655f8a22b645e29
SHA512 dc8e3f290be546b9dfe3b11d6b7d14b267214aac84b2904522ec983b0ed5f7224b90b166c3685398ef1798d30645a11215cba040f6616f79e367f71cbcc1c055
CRC32 4B48B695
Ssdeep 393216:C8pMowvqrXLDdbrhQo7pTbou3rgCj/0wKWrtGVbrk9jnWmwFN+MzoJ6OJaIL2Jc3:XpBwSd+oFhKhcXZR6P0/Xjr
Yara 登录查看Yara规则
样本下载 提交误报
登录查看威胁特征

运行截图

没有可用的屏幕截图

访问主机纪录 (可点击查询WPING实时安全评级)

无主机纪录.

域名解析 (可点击查询WPING实时安全评级)

域名 安全评级 响应
acroipm.adobe.com CNAME a1983.dscd.akamai.net
CNAME acroipm.adobe.com.edgesuite.net
A 23.204.147.34
A 23.204.147.18

摘要

登录查看详细行为信息

PE 信息

初始地址 0x10000000
入口地址 0x10e74e9d
声明校验值 0x01adfe8a
最低操作系统版本要求 5.1
编译时间 2020-10-10 15:50:58
载入哈希 ad1fcb070cfb450ca520fc644daa3369
导出DLL库名称 WeChatWin.dll

版本信息

LegalCopyright
InternalName
FileVersion
CompanyName
ProductName
ProductVersion
FileDescription
OriginalFilename
Translation

微软证书验证 (Sign Tool)

SHA1 时间戳 有效性 错误
2d1dbe7df4a4b884c5bd729b9ab1e5064d53291f Sat Oct 10 15:53:05 2020
WinVerifyTrust returned error 0x80096010
证书链 Certificate Chain 1
发行给 DigiCert Assured ID Root CA
发行人 DigiCert Assured ID Root CA
有效期 Mon Nov 10 080000 2031
SHA1 哈希 0563b8630d62d75abbc8ab1e4bdfb5a899b24d43
证书链 Certificate Chain 2
发行给 DigiCert Assured ID Code Signing CA-1
发行人 DigiCert Assured ID Root CA
有效期 Tue Feb 10 200000 2026
SHA1 哈希 409aa4a74a0cda7c0fee6bd0bb8823d16b5f1875
证书链 Certificate Chain 3
发行给 Tencent Technology(Shenzhen) Company Limited
发行人 DigiCert Assured ID Code Signing CA-1
有效期 Wed Jan 20 200000 2021
SHA1 哈希 f293eed3ff3d548262cddc43dce58cfc7f763622
证书链 Timestamp Chain 1
发行给 DigiCert Assured ID Root CA
发行人 DigiCert Assured ID Root CA
有效期 Mon Nov 10 080000 2031
SHA1 哈希 0563b8630d62d75abbc8ab1e4bdfb5a899b24d43
证书链 Timestamp Chain 2
发行给 DigiCert Assured ID CA-1
发行人 DigiCert Assured ID Root CA
有效期 Wed Nov 10 080000 2021
SHA1 哈希 19a09b5a36f4dd99727df783c17a51231a56c117
证书链 Timestamp Chain 3
发行给 DigiCert Timestamp Responder
发行人 DigiCert Assured ID CA-1
有效期 Tue Oct 22 080000 2024
SHA1 哈希 614d271d9102e30169822487fde5de00a352b01d

PE 数据组成

名称 虚拟地址 虚拟大小 原始数据大小 特征 熵(Entropy)
.text 0x00001000 0x013cbe26 0x013cc000 IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 6.55
.rdata 0x013cd000 0x00421ea2 0x00422000 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 5.80
.data 0x017ef000 0x00089da0 0x00059600 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 5.34
.gfids 0x01879000 0x0000116c 0x00001200 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 4.08
_RDATA 0x0187b000 0x00002ce0 0x00002e00 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 5.12
.tls 0x0187e000 0x00000002 0x00000200 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 0.00
.vmp0 0x0187f000 0x001379a0 0x00137a00 IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 7.64
.reloc 0x019b7000 0x0014fddc 0x0014fe00 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 6.62
.rsrc 0x01b07000 0x000004dd 0x00000600 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 3.69

覆盖

偏移量 0x01ad3a00
大小 0x00003a50

资源

名称 偏移量 大小 语言 子语言 熵(Entropy) 文件类型
RT_VERSION 0x01b070a0 0x000002c0 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 3.39 data
RT_MANIFEST 0x01b07360 0x0000017d LANG_ENGLISH SUBLANG_ENGLISH_US 4.91 XML 1.0 document text

导入

库: KERNEL32.dll:
0x113cd1f8 GetUserDefaultLCID
0x113cd1fc VirtualAllocEx
0x113cd200 ReadProcessMemory
0x113cd204 VirtualFreeEx
0x113cd208 GlobalMemoryStatusEx
0x113cd20c GetThreadContext
0x113cd210 SetThreadPriority
0x113cd214 CreateDirectoryW
0x113cd218 ResetEvent
0x113cd21c FlushFileBuffers
0x113cd228 CreateSemaphoreW
0x113cd22c GetCurrentThreadId
0x113cd230 GlobalFindAtomW
0x113cd234 GlobalAddAtomW
0x113cd238 FreeResource
0x113cd23c InterlockedExchange
0x113cd240 LeaveCriticalSection
0x113cd244 EnterCriticalSection
0x113cd248 lstrcmpW
0x113cd24c Sleep
0x113cd250 PulseEvent
0x113cd254 LCMapStringW
0x113cd258 LoadLibraryW
0x113cd25c FreeLibrary
0x113cd260 GetCurrentProcessId
0x113cd264 WriteFile
0x113cd268 ReleaseSemaphore
0x113cd26c LocalAlloc
0x113cd270 TlsSetValue
0x113cd274 TlsFree
0x113cd278 LocalFree
0x113cd27c TlsGetValue
0x113cd280 TlsAlloc
0x113cd284 GetDriveTypeW
0x113cd288 Module32NextW
0x113cd28c Module32FirstW
0x113cd290 GetVersionExW
0x113cd294 GetModuleHandleA
0x113cd298 GetNativeSystemInfo
0x113cd29c CreatePipe
0x113cd2a0 WriteConsoleW
0x113cd2a8 GetEnvironmentStringsW
0x113cd2ac GetCommandLineW
0x113cd2b0 GetCommandLineA
0x113cd2b4 GetOEMCP
0x113cd2b8 IsValidCodePage
0x113cd2bc FindNextFileA
0x113cd2c0 FindFirstFileExA
0x113cd2c4 SetStdHandle
0x113cd2c8 EnumSystemLocalesW
0x113cd2cc IsValidLocale
0x113cd2d0 GetDateFormatW
0x113cd2d4 CreateProcessA
0x113cd2d8 GetConsoleCP
0x113cd2dc GetModuleFileNameA
0x113cd2e4 SetConsoleCtrlHandler
0x113cd2e8 FileTimeToSystemTime
0x113cd2ec ExitThread
0x113cd2f0 RtlUnwind
0x113cd2f4 UnregisterWaitEx
0x113cd2f8 QueryDepthSList
0x113cd2fc InterlockedFlushSList
0x113cd308 VirtualProtect
0x113cd30c VirtualFree
0x113cd310 VirtualAlloc
0x113cd314 LoadLibraryExW
0x113cd318 MultiByteToWideChar
0x113cd31c GetThreadTimes
0x113cd320 UnregisterWait
0x113cd328 SetThreadAffinityMask
0x113cd32c GetProcessAffinityMask
0x113cd334 DeleteTimerQueueTimer
0x113cd338 ChangeTimerQueueTimer
0x113cd33c CreateTimerQueueTimer
0x113cd340 GetThreadPriority
0x113cd344 SwitchToThread
0x113cd348 SignalObjectAndWait
0x113cd34c CreateTimerQueue
0x113cd350 lstrlenA
0x113cd354 MapViewOfFileEx
0x113cd35c OpenEventA
0x113cd364 SetWaitableTimer
0x113cd368 CreateWaitableTimerW
0x113cd36c VerifyVersionInfoW
0x113cd370 DeviceIoControl
0x113cd374 CreateSemaphoreA
0x113cd378 CreateEventA
0x113cd37c GetStringTypeExA
0x113cd380 LCMapStringA
0x113cd384 GetStringTypeExW
0x113cd388 VirtualQuery
0x113cd38c SuspendThread
0x113cd390 Thread32First
0x113cd394 SetErrorMode
0x113cd398 Thread32Next
0x113cd39c WriteProcessMemory
0x113cd3a0 SearchPathW
0x113cd3a4 LockFileEx
0x113cd3a8 MoveFileExW
0x113cd3ac CreateFileMappingA
0x113cd3b0 VirtualLock
0x113cd3b4 UnlockFile
0x113cd3b8 HeapCompact
0x113cd3bc DeleteFileA
0x113cd3c0 GetVersionExA
0x113cd3c4 CreateFileA
0x113cd3c8 FlushViewOfFile
0x113cd3cc GetFileAttributesA
0x113cd3d0 GetDiskFreeSpaceA
0x113cd3d4 GetTempPathA
0x113cd3d8 HeapValidate
0x113cd3dc UnlockFileEx
0x113cd3e0 GetFullPathNameA
0x113cd3e4 LockFile
0x113cd3e8 VirtualUnlock
0x113cd3ec GetDiskFreeSpaceW
0x113cd3f4 GetFullPathNameW
0x113cd3f8 GetProcessId
0x113cd3fc DosDateTimeToFileTime
0x113cd400 SetFileTime
0x113cd404 ExitProcess
0x113cd408 GetACP
0x113cd40c GetStartupInfoW
0x113cd41c InitializeSListHead
0x113cd420 VerSetConditionMask
0x113cd424 OutputDebugStringA
0x113cd428 WideCharToMultiByte
0x113cd42c SetCurrentDirectoryW
0x113cd430 GetCurrentDirectoryW
0x113cd434 GetDiskFreeSpaceExW
0x113cd438 CopyFileW
0x113cd43c RemoveDirectoryW
0x113cd440 GetFileSize
0x113cd444 SetEndOfFile
0x113cd448 SetFilePointer
0x113cd44c GetFileSizeEx
0x113cd450 SetFileAttributesW
0x113cd454 DeleteFileW
0x113cd458 MoveFileW
0x113cd45c GetShortPathNameW
0x113cd460 GetModuleFileNameW
0x113cd464 TerminateThread
0x113cd468 DuplicateHandle
0x113cd46c GetCurrentProcess
0x113cd470 QueryDosDeviceW
0x113cd478 GetTimeFormatW
0x113cd47c GetTimeZoneInformation
0x113cd484 FindNextFileW
0x113cd488 FindClose
0x113cd48c FindFirstFileW
0x113cd490 GlobalHandle
0x113cd494 GetSystemPowerStatus
0x113cd498 DecodePointer
0x113cd49c RaiseException
0x113cd4a4 GetProcessTimes
0x113cd4b0 OpenMutexW
0x113cd4b8 OpenProcess
0x113cd4c0 UnmapViewOfFile
0x113cd4c4 MapViewOfFile
0x113cd4c8 CreateFileMappingW
0x113cd4cc GetSystemInfo
0x113cd4d0 WinExec
0x113cd4d4 GetCurrentThread
0x113cd4d8 GetExitCodeThread
0x113cd4dc GetLastError
0x113cd4e0 OutputDebugStringW
0x113cd4e4 InterlockedDecrement
0x113cd4e8 InterlockedIncrement
0x113cd4ec GetLocalTime
0x113cd4f0 GlobalFree
0x113cd4f4 ReadFile
0x113cd4f8 CreateFileW
0x113cd4fc CreateThread
0x113cd500 lstrcatW
0x113cd504 lstrlenW
0x113cd508 GetFileAttributesW
0x113cd50c GetProcAddress
0x113cd510 FindResourceExW
0x113cd514 FindResourceW
0x113cd518 LoadResource
0x113cd51c LockResource
0x113cd520 SizeofResource
0x113cd524 GetProcessHeap
0x113cd528 HeapAlloc
0x113cd52c HeapFree
0x113cd530 HeapReAlloc
0x113cd534 HeapSize
0x113cd538 HeapDestroy
0x113cd53c GlobalAlloc
0x113cd540 GlobalSize
0x113cd544 IsDebuggerPresent
0x113cd548 GetLocaleInfoW
0x113cd54c CompareStringW
0x113cd550 GetCPInfo
0x113cd554 EncodePointer
0x113cd558 GetStringTypeW
0x113cd55c AreFileApisANSI
0x113cd560 SetFilePointerEx
0x113cd564 GetFileAttributesExW
0x113cd56c WaitForSingleObjectEx
0x113cd570 ConvertThreadToFiber
0x113cd574 ConvertFiberToThread
0x113cd57c FormatMessageW
0x113cd580 CreateFiber
0x113cd584 DeleteFiber
0x113cd588 SwitchToFiber
0x113cd58c SetConsoleMode
0x113cd590 ReadConsoleW
0x113cd594 ReadConsoleA
0x113cd598 GetConsoleMode
0x113cd5a0 GetModuleHandleExW
0x113cd5a4 SystemTimeToFileTime
0x113cd5a8 FormatMessageA
0x113cd5ac SetLastError
0x113cd5b0 PeekNamedPipe
0x113cd5b4 GetStdHandle
0x113cd5b8 GetFileType
0x113cd5bc WaitForMultipleObjects
0x113cd5c4 VerifyVersionInfoA
0x113cd5c8 GetSystemDirectoryA
0x113cd5cc LoadLibraryA
0x113cd5d0 SleepEx
0x113cd5d4 GlobalUnlock
0x113cd5d8 GlobalLock
0x113cd5dc MulDiv
0x113cd5e0 GetSystemDirectoryW
0x113cd5e4 GetTempPathW
0x113cd5e8 CreateEventW
0x113cd5ec WaitForSingleObject
0x113cd5f0 CloseHandle
0x113cd5f4 SetEvent
0x113cd5f8 GetModuleHandleW
0x113cd600 GetExitCodeProcess
0x113cd604 TerminateProcess
0x113cd608 CreateProcessW
0x113cd60c HeapCreate
0x113cd610 GetSystemTime
0x113cd614 OpenThread
0x113cd618 ReleaseMutex
0x113cd61c CreateMutexW
0x113cd620 GetFileTime
0x113cd624 DeleteCriticalSection
0x113cd62c GetTickCount
库: USER32.dll:
0x113cd714 RegisterClassExW
0x113cd718 UnregisterHotKey
0x113cd71c RegisterHotKey
0x113cd720 RegisterWindowMessageW
0x113cd724 SetForegroundWindow
0x113cd728 UpdateWindow
0x113cd72c FindWindowExW
0x113cd730 GetMessageW
0x113cd734 TranslateMessage
0x113cd738 DispatchMessageW
0x113cd73c PostThreadMessageW
0x113cd740 PeekMessageW
0x113cd744 SetWindowRgn
0x113cd748 mouse_event
0x113cd74c RegisterClassW
0x113cd750 MessageBoxW
0x113cd754 GetClassNameA
0x113cd758 AttachThreadInput
0x113cd75c GetSysColor
0x113cd760 GetShellWindow
0x113cd764 GetAncestor
0x113cd768 GetLastActivePopup
0x113cd76c GetClassNameW
0x113cd770 EnumChildWindows
0x113cd774 EnumDisplayMonitors
0x113cd778 GetWindowDC
0x113cd77c PrintWindow
0x113cd780 SetParent
0x113cd784 IsHungAppWindow
0x113cd788 FindWindowA
0x113cd78c FindWindowExA
0x113cd790 SystemParametersInfoW
0x113cd794 InflateRect
0x113cd798 GetClassInfoExW
0x113cd79c CallWindowProcW
0x113cd7a0 SetCapture
0x113cd7a4 WindowFromPoint
0x113cd7a8 BeginPaint
0x113cd7ac EndPaint
0x113cd7b0 PostMessageA
0x113cd7b4 CallNextHookEx
0x113cd7b8 SetWindowsHookExW
0x113cd7bc UnhookWindowsHookEx
0x113cd7c0 OffsetRect
0x113cd7c4 MonitorFromRect
0x113cd7c8 GetWindowPlacement
0x113cd7cc CharPrevW
0x113cd7d0 ScreenToClient
0x113cd7d4 SetRect
0x113cd7d8 IsRectEmpty
0x113cd7dc wsprintfW
0x113cd7e0 DefWindowProcW
0x113cd7e8 FindWindowW
0x113cd7ec LoadImageW
0x113cd7f0 DrawTextW
0x113cd7f4 BringWindowToTop
0x113cd7f8 SwitchToThisWindow
0x113cd804 UnregisterClassW
0x113cd808 GetUpdateRect
0x113cd80c GetGUIThreadInfo
0x113cd810 ValidateRect
0x113cd814 GetMessageExtraInfo
0x113cd818 CreateCaret
0x113cd81c ShowCaret
0x113cd820 HideCaret
0x113cd824 SetCaretPos
0x113cd828 InvalidateRgn
0x113cd830 NotifyWinEvent
0x113cd834 LoadStringW
0x113cd838 LoadStringA
0x113cd840 SetClipboardData
0x113cd844 GetClipboardData
0x113cd848 CloseClipboard
0x113cd850 EmptyClipboard
0x113cd854 OpenClipboard
0x113cd858 CharNextW
0x113cd85c SendInput
0x113cd860 GetActiveWindow
0x113cd864 InvalidateRect
0x113cd868 FlashWindowEx
0x113cd86c GetForegroundWindow
0x113cd870 SetWindowTextW
0x113cd874 PostMessageW
0x113cd878 ShowWindow
0x113cd87c LoadCursorW
0x113cd880 SetCursor
0x113cd884 IntersectRect
0x113cd888 ClientToScreen
0x113cd88c GetKeyState
0x113cd890 PtInRect
0x113cd894 GetCursorPos
0x113cd898 GetSystemMetrics
0x113cd89c MoveWindow
0x113cd8a0 GetFocus
0x113cd8a4 GetParent
0x113cd8a8 EndDeferWindowPos
0x113cd8ac DeferWindowPos
0x113cd8b0 BeginDeferWindowPos
0x113cd8b4 IsZoomed
0x113cd8b8 IsIconic
0x113cd8bc IsWindow
0x113cd8c0 GetWindow
0x113cd8c4 KillTimer
0x113cd8c8 IsWindowVisible
0x113cd8cc UpdateLayeredWindow
0x113cd8d0 SetWindowPos
0x113cd8d4 SendMessageW
0x113cd8d8 SetTimer
0x113cd8dc SendMessageTimeoutW
0x113cd8e0 DestroyWindow
0x113cd8e4 ReleaseDC
0x113cd8e8 GetDC
0x113cd8ec ReleaseCapture
0x113cd8f4 SetPropW
0x113cd8f8 GetPropW
0x113cd8fc GetWindowTextA
0x113cd904 SetWindowLongW
0x113cd908 GetWindowTextLengthW
0x113cd90c GetWindowTextW
0x113cd910 IsWindowEnabled
0x113cd914 GetDesktopWindow
0x113cd918 GetWindowLongW
0x113cd91c MapWindowPoints
0x113cd920 SetRectEmpty
0x113cd924 wvsprintfW
0x113cd928 DestroyIcon
0x113cd92c DrawIcon
0x113cd930 FillRect
0x113cd934 GetIconInfo
0x113cd938 CreateWindowExW
0x113cd93c PostQuitMessage
0x113cd940 GetWindowRect
0x113cd944 EqualRect
0x113cd948 GetCaretPos
0x113cd94c MonitorFromWindow
0x113cd950 SetFocus
0x113cd954 EnableWindow
0x113cd958 MonitorFromPoint
0x113cd95c GetMonitorInfoW
0x113cd960 GetClientRect
0x113cd964 UnionRect
库: GDI32.dll:
0x113cd0cc RoundRect
0x113cd0d0 CreateFontIndirectW
0x113cd0d4 CreateEllipticRgn
0x113cd0d8 PtInRegion
0x113cd0dc CreatePolygonRgn
0x113cd0e0 GetPixel
0x113cd0e4 GetCurrentObject
0x113cd0e8 PatBlt
0x113cd0ec CreateBitmap
0x113cd0f0 StretchDIBits
0x113cd0f4 CreateRoundRectRgn
0x113cd0f8 GetDIBits
0x113cd0fc RealizePalette
0x113cd100 SelectPalette
0x113cd104 CreateDCA
0x113cd108 CombineRgn
0x113cd10c SetDIBColorTable
0x113cd110 RestoreDC
0x113cd114 SetDIBitsToDevice
0x113cd118 SaveDC
0x113cd11c GetObjectA
0x113cd120 GetBkColor
0x113cd124 GetTextColor
0x113cd128 SelectClipRgn
0x113cd12c GetCharABCWidthsW
0x113cd130 ExtSelectClipRgn
0x113cd134 CreateRectRgnIndirect
0x113cd138 GetClipBox
0x113cd13c StretchBlt
0x113cd140 SetStretchBltMode
0x113cd144 GetTextExtentPointW
0x113cd148 GetStockObject
0x113cd14c SetBkColor
0x113cd150 GetTextExtentPoint32W
0x113cd154 SetTextColor
0x113cd158 BitBlt
0x113cd15c SetMapMode
0x113cd160 TextOutW
0x113cd164 SetBkMode
0x113cd168 Rectangle
0x113cd16c CreatePen
0x113cd170 CreateSolidBrush
0x113cd174 CreateCompatibleBitmap
0x113cd178 GetObjectW
0x113cd17c GetDeviceCaps
0x113cd180 DeleteObject
0x113cd184 SetWorldTransform
0x113cd188 SetGraphicsMode
0x113cd18c DeleteDC
0x113cd190 SelectObject
0x113cd194 CreateDIBSection
0x113cd198 CreateCompatibleDC
0x113cd19c GdiFlush
0x113cd1a0 SetWindowOrgEx
0x113cd1a4 GetTextMetricsW
0x113cd1a8 GetClipRgn
0x113cd1ac ExtTextOutW
0x113cd1b0 CreatePenIndirect
0x113cd1b4 MoveToEx
0x113cd1b8 LineTo
0x113cd1bc FillRgn
库: COMDLG32.dll:
0x113cd094 GetSaveFileNameW
0x113cd098 GetOpenFileNameW
0x113cd09c CommDlgExtendedError
库: ADVAPI32.dll:
0x113cd000 RegQueryInfoKeyW
0x113cd004 DeregisterEventSource
0x113cd008 ReportEventW
0x113cd00c RegEnumKeyExW
0x113cd010 CryptAcquireContextA
0x113cd014 CryptEnumProvidersW
0x113cd018 CryptSignHashW
0x113cd01c CryptDestroyHash
0x113cd020 CryptCreateHash
0x113cd024 CryptDecrypt
0x113cd028 CryptExportKey
0x113cd02c RegOpenKeyW
0x113cd030 ControlTraceW
0x113cd034 StartTraceW
0x113cd038 ProcessTrace
0x113cd03c OpenTraceW
0x113cd040 CryptReleaseContext
0x113cd044 CryptGenRandom
0x113cd048 CryptAcquireContextW
0x113cd04c RegCreateKeyW
0x113cd050 RegCreateKeyExW
0x113cd054 RegDeleteValueW
0x113cd058 RegEnumValueW
0x113cd05c CryptDestroyKey
0x113cd060 RegSetValueExW
0x113cd064 RegCloseKey
0x113cd068 GetCurrentHwProfileW
0x113cd06c RegQueryValueExW
0x113cd070 RegOpenKeyExW
0x113cd074 CryptGetUserKey
0x113cd078 CryptGetProvParam
0x113cd07c CryptSetHashParam
0x113cd080 RegisterEventSourceW
库: SHELL32.dll:
0x113cd6b4 SHGetFolderPathW
0x113cd6b8 SHAppBarMessage
0x113cd6bc SHFileOperationW
0x113cd6c4 Shell_NotifyIconW
0x113cd6c8 SHCreateDirectoryExW
0x113cd6cc SHGetPathFromIDListW
0x113cd6d0 DragQueryFileW
0x113cd6d4 SHGetFileInfoW
0x113cd6d8 ShellExecuteW
0x113cd6dc SHBrowseForFolderW
库: ole32.dll:
0x113cde74 CoSetProxyBlanket
0x113cde7c CLSIDFromProgID
0x113cde80 CLSIDFromString
0x113cde84 OleLockRunning
0x113cde8c OleDuplicateData
0x113cde90 StgCreateDocfile
0x113cde94 OleUninitialize
0x113cde98 OleInitialize
0x113cde9c StringFromGUID2
0x113cdea0 PropVariantClear
0x113cdea4 CoInitialize
0x113cdeac CoInitializeSecurity
0x113cdeb0 CoInitializeEx
0x113cdeb4 CoUninitialize
0x113cdeb8 CoCreateGuid
0x113cdebc RegisterDragDrop
0x113cdec0 CoTaskMemAlloc
0x113cdec4 CreateStreamOnHGlobal
0x113cdec8 CoCreateInstance
0x113cdecc CoTaskMemFree
0x113cded0 DoDragDrop
0x113cded4 ReleaseStgMedium
0x113cded8 OleSetContainedObject
库: OLEAUT32.dll:
0x113cd648 SysAllocStringByteLen
0x113cd64c SysStringByteLen
0x113cd650 SafeArrayAccessData
0x113cd654 SafeArrayCreateVector
0x113cd658 OleCreatePropertyFrame
0x113cd65c VariantInit
0x113cd660 SysAllocString
0x113cd664 SafeArrayDestroy
0x113cd668 SysFreeString
0x113cd66c SysStringLen
0x113cd670 VariantClear
0x113cd674 SafeArrayUnaccessData
库: WINMM.dll:
0x113cda28 PlaySoundW
0x113cda2c waveOutGetNumDevs
0x113cda30 waveOutPrepareHeader
0x113cda34 waveOutWrite
0x113cda38 waveOutPause
0x113cda3c waveOutRestart
0x113cda40 waveInAddBuffer
0x113cda44 waveInPrepareHeader
0x113cda48 waveOutOpen
0x113cda4c mixerGetLineControlsW
0x113cda54 mixerClose
0x113cda58 waveInOpen
0x113cda5c waveInMessage
0x113cda60 waveInGetDevCapsW
0x113cda64 waveInGetNumDevs
0x113cda68 waveOutReset
0x113cda6c waveOutClose
0x113cda70 waveOutGetDevCapsW
0x113cda74 waveOutSetVolume
0x113cda78 waveOutMessage
0x113cda7c waveOutUnprepareHeader
0x113cda80 waveOutGetVolume
0x113cda84 waveInUnprepareHeader
0x113cda88 waveInClose
0x113cda8c waveInStart
0x113cda90 waveInReset
0x113cda94 waveInStop
0x113cda98 mixerGetDevCapsW
0x113cda9c mixerOpen
0x113cdaa0 mixerGetLineInfoW
0x113cdaa4 timeGetTime
0x113cdaa8 timeBeginPeriod
库: DDRAW.dll:
0x113cd0c4 DirectDrawCreate
库: SETUPAPI.dll:
0x113cd6a0 SetupDiGetClassDevsW
0x113cd6ac SetupDiEnumDeviceInfo
库: WS2_32.dll:
0x113cdaf8 gethostbyname
0x113cdafc inet_ntoa
0x113cdb00 WSACreateEvent
0x113cdb04 WSAGetLastError
0x113cdb08 socket
0x113cdb0c setsockopt
0x113cdb10 closesocket
0x113cdb14 htons
0x113cdb18 sendto
0x113cdb1c gethostname
0x113cdb20 ntohl
0x113cdb24 htonl
0x113cdb28 ntohs
0x113cdb2c connect
0x113cdb30 ioctlsocket
0x113cdb34 __WSAFDIsSet
0x113cdb38 select
0x113cdb3c send
0x113cdb40 recv
0x113cdb44 getsockname
0x113cdb48 getaddrinfo
0x113cdb4c freeaddrinfo
0x113cdb50 WSACloseEvent
0x113cdb54 WSASetLastError
0x113cdb58 bind
0x113cdb5c getpeername
0x113cdb60 getsockopt
0x113cdb64 WSAIoctl
0x113cdb68 accept
0x113cdb6c listen
0x113cdb70 recvfrom
0x113cdb74 WSACleanup
0x113cdb78 WSAStartup
0x113cdb7c getnameinfo
0x113cdb80 WSAEnumNetworkEvents
0x113cdb84 WSAEventSelect
0x113cdb88 WSAResetEvent
0x113cdb8c WSASetEvent
0x113cdb94 inet_addr
库: WLDAP32.dll:
0x113cdab0 None
0x113cdab4 None
0x113cdab8 None
0x113cdabc None
0x113cdac0 None
0x113cdac4 None
0x113cdac8 None
0x113cdacc None
0x113cdad0 None
0x113cdad4 None
0x113cdad8 None
0x113cdadc None
0x113cdae0 None
0x113cdae4 None
0x113cdae8 None
0x113cdaec None
0x113cdaf0 None
库: gdiplus.dll:
0x113cdba8 GdipFillEllipseI
0x113cdbac GdipFillRectangleI
0x113cdbb0 GdipSetSolidFillColor
0x113cdbbc GdipFillPieI
0x113cdbc0 GdipCloneBrush
0x113cdbc4 GdipDeleteBrush
0x113cdbc8 GdipCreateSolidFill
0x113cdbcc GdipDrawEllipseI
0x113cdbd0 GdipDeletePen
0x113cdbd4 GdipCreatePen1
0x113cdbd8 GdipSetSmoothingMode
0x113cdbe0 GdipDisposeImage
0x113cdbe4 GdipDrawImageRectRectI
0x113cdbe8 GdipLoadImageFromFile
0x113cdbec GdipDrawImageRectI
0x113cdbf0 GdipDeleteGraphics
0x113cdbf4 GdipCreateFromHDC
0x113cdbf8 GdipCreateTexture
0x113cdbfc GdipGetImageWidth
0x113cdc00 GdipSetMatrixElements
0x113cdc04 GdipDeleteMatrix
0x113cdc08 GdipCreateMatrix2
0x113cdc0c GdipFree
0x113cdc10 GdipAlloc
0x113cdc14 GdipGetMatrixElements
0x113cdc18 GdipTranslateMatrix
0x113cdc1c GdipRotateMatrix
0x113cdc20 GdipFillPolygonI
0x113cdc24 GdipCreatePath
0x113cdc28 GdipDeletePath
0x113cdc2c GdipCreateMatrix
0x113cdc30 GdipSetWorldTransform
0x113cdc34 GdipBitmapGetPixel
0x113cdc38 GdipBitmapSetPixel
0x113cdc3c GdipCreateFontFromDC
0x113cdc44 GdipDeleteFont
0x113cdc48 GdipCreateStringFormat
0x113cdc4c GdipDeleteStringFormat
0x113cdc60 GdipDrawArcI
0x113cdc64 GdipDrawString
0x113cdc68 GdipDrawImageRectRect
0x113cdc74 GdipImageGetFrameCount
0x113cdc7c GdipGetPropertyItem
0x113cdc80 GdipGetImageFlags
0x113cdc88 GdipResetClip
0x113cdc8c GdipImageRotateFlip
0x113cdc90 GdipDrawLine
0x113cdc98 GdipDrawLineI
0x113cdc9c GdipGetImageHeight
0x113cdca0 GdipGetPenLineJoin
0x113cdca4 GdipDrawPath
0x113cdcac GdipSetPenLineJoin
0x113cdcb0 GdipResetPath
0x113cdcb4 GdipDrawRectangleI
0x113cdcc4 GdipSaveImageToFile
0x113cdcc8 GdiplusStartup
0x113cdccc GdiplusShutdown
0x113cdcd4 GdipCreatePen2
0x113cdce0 GdipGetImagePalette
0x113cdce4 GdipBitmapLockBits
0x113cdce8 GdipBitmapUnlockBits
0x113cdcec GdipDrawImageI
0x113cdcf0 GdipCreateLineBrushI
0x113cdcf4 GdipGetImageThumbnail
0x113cdcf8 GdipSaveImageToStream
0x113cdd00 GdipGetImageEncoders
0x113cdd08 GdipAddPathArcI
0x113cdd0c GdipFillPath
0x113cdd10 GdipAddPathLineI
0x113cdd14 GdipCloneImage
库: SHLWAPI.dll:
0x113cd6e4 AssocQueryStringA
0x113cd6e8 StrCpyW
0x113cd6ec SHCreateStreamOnFileEx
0x113cd6f0 StrCmpW
0x113cd6f4 PathIsDirectoryW
0x113cd6f8 PathRemoveFileSpecW
0x113cd6fc PathFileExistsW
0x113cd700 StrStrIW
0x113cd704 PathFindExtensionW
0x113cd708 StrCatW
0x113cd70c PathCombineW
库: IMM32.dll:
0x113cd1c4 ImmNotifyIME
0x113cd1c8 ImmReleaseContext
0x113cd1cc ImmGetContext
0x113cd1d4 ImmSetCompositionFontW
库: urlmon.dll:
0x113cdee0 URLDownloadToFileW
库: MSIMG32.dll:
0x113cd634 AlphaBlend
库: PSAPI.DLL:
0x113cd684 GetModuleFileNameExW
0x113cd688 EnumProcessModules
0x113cd68c GetModuleInformation
0x113cd690 QueryWorkingSet
0x113cd694 GetPerformanceInfo
库: WINHTTP.dll:
0x113cd9e8 WinHttpCloseHandle
0x113cd9ec WinHttpGetProxyForUrl
0x113cd9f4 WinHttpOpen
0x113cd9f8 WinHttpCrackUrl
0x113cd9fc WinHttpSetTimeouts
库: USERENV.dll:
库: IPHLPAPI.DLL:
0x113cd1dc NotifyAddrChange
0x113cd1e0 GetIpAddrTable
0x113cd1e4 GetAdaptersInfo
0x113cd1e8 GetAdaptersAddresses
0x113cd1ec GetIpForwardTable
0x113cd1f0 GetNetworkParams
库: VERSION.dll:
0x113cd978 GetFileVersionInfoW
0x113cd97c VerQueryValueW
库: COMCTL32.dll:
0x113cd088 _TrackMouseEvent
0x113cd08c None
库: VoipEngine.dll:
0x113cd988 isWxGF
0x113cd98c wxam2pic
0x113cd990 getWxGFInfo
0x113cd99c SKP_Silk_SDK_Decode
0x113cd9b4 CreateEngineInstance
0x113cd9b8 CreateChannelInstance
库: libFFmpeg.dll:
0x113cdd24 avcodec_close
0x113cdd28 av_opt_set_bin
0x113cdd2c av_opt_set
0x113cdd30 av_opt_set_defaults
0x113cdd44 avfilter_inout_free
0x113cdd48 avfilter_inout_alloc
0x113cdd4c avfilter_graph_free
0x113cdd50 avfilter_graph_config
0x113cdd58 avfilter_graph_alloc
0x113cdd5c avfilter_get_by_name
0x113cdd60 avfilter_register_all
0x113cdd64 av_dump_format
0x113cdd68 av_write_trailer
0x113cdd70 avformat_write_header
0x113cdd78 avformat_seek_file
0x113cdd7c avio_feof
0x113cdd80 av_read_frame
0x113cdd84 avcodec_flush_buffers
0x113cdd88 av_seek_frame
0x113cdd8c av_free
0x113cdd94 avcodec_decode_audio4
0x113cdd98 av_frame_unref
0x113cdd9c audio_resample
0x113cdda0 av_audio_resample_init
0x113cdda4 swr_convert
0x113cdda8 swr_init
0x113cddac swr_alloc_set_opts
0x113cddbc av_gettime
0x113cddc4 sws_scale
0x113cddc8 avcodec_decode_video2
0x113cddcc sws_getContext
0x113cddd0 avpicture_fill
0x113cddd4 avpicture_get_size
0x113cddd8 av_dict_get
0x113cdddc avcodec_open2
0x113cdde0 avcodec_find_decoder
0x113cdde4 avformat_close_input
0x113cdde8 avformat_new_stream
0x113cddec avformat_free_context
0x113cddf0 avio_closep
0x113cddf4 avio_open
0x113cddf8 avcodec_encode_video2
0x113cddfc avcodec_encode_audio2
0x113cde00 avcodec_find_encoder
0x113cde04 av_frame_alloc
0x113cde08 sws_freeContext
0x113cde0c audio_resample_close
0x113cde10 swr_free
0x113cde14 av_frame_free
0x113cde1c avformat_open_input
0x113cde20 av_lockmgr_register
0x113cde24 av_log_set_level
0x113cde28 av_register_all
0x113cde2c avformat_network_init
0x113cde30 av_free_packet
0x113cde34 av_malloc
0x113cde38 av_strerror
0x113cde3c av_packet_rescale_ts
0x113cde40 av_packet_unref
0x113cde44 av_mallocz
0x113cde48 av_strdup
0x113cde4c av_rescale_q
0x113cde50 av_log
0x113cde54 av_log_set_callback
0x113cde58 av_get_sample_fmt_name
0x113cde5c av_dict_set
0x113cde60 av_dict_free
0x113cde64 av_frame_get_buffer
0x113cde68 avcodec_copy_context
0x113cde6c av_init_packet
库: OLEACC.dll:
0x113cd63c LresultFromObject
库: WININET.dll:
0x113cda04 InternetOpenW
0x113cda08 InternetReadFile
0x113cda0c InternetCloseHandle
0x113cda10 InternetConnectW
0x113cda14 HttpOpenRequestW
0x113cda18 HttpSendRequestW
0x113cda20 InternetOpenUrlW
库: WSOCK32.dll:
0x113cdb9c shutdown
库: CRYPT32.dll:
0x113cd0ac CertCloseStore
0x113cd0bc CertOpenStore

导出

序列 地址 名称
1 0x1008fd40 ??0IChannelLogWriter@@QAE@$$QAV0@@Z
2 0x1008fd40 ??0IChannelLogWriter@@QAE@ABV0@@Z
3 0x1008fd30 ??0IChannelLogWriter@@QAE@XZ
4 0x1007c880 ??4IChannelLogWriter@@QAEAAV0@$$QAV0@@Z
5 0x1007c880 ??4IChannelLogWriter@@QAEAAV0@ABV0@@Z
6 0x1007c880 ??4ILogWriter@@QAEAAV0@$$QAV0@@Z
7 0x1007c880 ??4ILogWriter@@QAEAAV0@ABV0@@Z
8 0x115473a4 ??_7IChannelLogWriter@@6B@
9 0x10a97630 ?AddExtraMem@TXBugReport@@YAHKI@Z
10 0x10a97730 ?AddExtraMem@TXBugReport@@YAHPAXI@Z
11 0x10a97740 ?AddIgnoreHookCheckModule@TXBugReport@@YAXPB_W@Z
12 0x10a98cd0 ?AddReleaseMonitorPoint@TXBugReport@@YAXPAJ@Z
13 0x10a98a50 ?DoBugReport@TXBugReport@@YAJPAU_EXCEPTION_POINTERS@@PB_W@Z
14 0x10a973a0 ?GetBugReportFlag@TXBugReport@@YAKXZ
15 0x10a97620 ?GetBugReportInfo@TXBugReport@@YAPAUtagBugReportInfo@1@XZ
16 0x10a96f20 ?GetCustomFiltFunc@TXBugReport@@YAP6AHPAU_EXCEPTION_POINTERS@@@ZXZ
17 0x10a97dd0 ?InitBugReport@TXBugReport@@YAXPB_W000GGKHHKKP6GHPAUtagBugReportInfo@1@PBD200PAPAXPAKPAX@Z@Z
18 0x10a97820 ?InitBugReportEx@TXBugReport@@YAXPB_W000GGKHHKKP6GHPAUtagBugReportInfo@1@PBD200PAPAXPAKPAX@ZH@Z
19 0x10a98ca0 ?RaiseSelfFatalException@TXBugReport@@YAXW4SelfException@1@@Z
20 0x10a98d10 ?RecordCallStackIfNeed@TXBugReport@@YAXPAJ@Z
21 0x10a97380 ?SetBugReportFlag@TXBugReport@@YAHK@Z
22 0x10a97150 ?SetBugReportPath@TXBugReport@@YAHPB_W@Z
23 0x10a98be0 ?SetBugReportUin@TXBugReport@@YAXKH@Z
24 0x10a96f10 ?SetCustomFiltFunc@TXBugReport@@YAXP6AHPAU_EXCEPTION_POINTERS@@@Z@Z
25 0x10a97100 ?SetExtInfo@TXBugReport@@YAHKKPB_W@Z
26 0x10a972e0 ?SetExtRptFilePath@TXBugReport@@YAHPB_W0@Z
27 0x10a97540 ?SetLogFileMd5Dir@TXBugReport@@YAHPB_W00@Z
28 0x10a97e60 ?UninitBugReport@TXBugReport@@YAXXZ
29 0x10a98b50 ?ValidateBugReport@TXBugReport@@YAXXZ
30 0x11858424 ?pfPostBugReport@TXBugReport@@3P6AXXZA
31 0x11858428 ?pfPreBugReport@TXBugReport@@3P6AXXZA
32 0x10d079a0 SignWith3Des
33 0x1096a970 StartWachat
34 0x10574210 _TlsGetData@12
35 0x105741e0 _TlsStoreData@12
36 0x10ec6e10 __ASSERT
.text
`.rdata
@.data
.gfids
@_RDATA
@.tls
.vmp0
`.reloc
@.rsrc
QVSVSj
PVSVSj
t*PWh
t*PVh
防病毒引擎/厂商 病毒名/规则匹配 病毒库日期
Bkav 未发现病毒 20201027
Elastic 未发现病毒 20201012
MicroWorld-eScan 未发现病毒 20201027
CMC 未发现病毒 20201026
CAT-QuickHeal 未发现病毒 20201026
McAfee 未发现病毒 20201026
Malwarebytes 未发现病毒 20201027
Zillya 未发现病毒 20201026
SUPERAntiSpyware 未发现病毒 20201023
Sangfor 未发现病毒 20201021
CrowdStrike 未发现病毒 20190702
Alibaba 未发现病毒 20190527
K7GW 未发现病毒 20201026
K7AntiVirus 未发现病毒 20201027
Arcabit 未发现病毒 20201026
Invincea 未发现病毒 20201027
Baidu 未发现病毒 20190318
Cyren 未发现病毒 20201026
Symantec 未发现病毒 20201026
ESET-NOD32 未发现病毒 20201027
APEX 未发现病毒 20201025
Avast 未发现病毒 20201027
ClamAV 未发现病毒 20201026
Kaspersky 未发现病毒 20201027
BitDefender 未发现病毒 20201027
NANO-Antivirus 未发现病毒 20201027
Paloalto 未发现病毒 20201027
ViRobot 未发现病毒 20201026
Tencent 未发现病毒 20201027
Ad-Aware 未发现病毒 20201027
Sophos 未发现病毒 20201027
Comodo 未发现病毒 20201026
F-Secure 未发现病毒 20201026
DrWeb 未发现病毒 20201027
VIPRE 未发现病毒 20201027
TrendMicro 未发现病毒 20201027
McAfee-GW-Edition 未发现病毒 20201026
FireEye 未发现病毒 20201027
Emsisoft 未发现病毒 20201027
Ikarus 未发现病毒 20201026
Jiangmin 未发现病毒 20201026
Webroot 未发现病毒 20201027
Avira 未发现病毒 20201027
MAX 未发现病毒 20201027
Antiy-AVL 未发现病毒 20201027
Kingsoft 未发现病毒 20201027
Microsoft 未发现病毒 20201027
AegisLab 未发现病毒 20201027
ZoneAlarm 未发现病毒 20201027
GData 未发现病毒 20201027
Cynet 未发现病毒 20201027
AhnLab-V3 未发现病毒 20201026
Acronis 未发现病毒 20201023
BitDefenderTheta 未发现病毒 20201023
ALYac 未发现病毒 20201027
TACHYON 未发现病毒 20201027
VBA32 未发现病毒 20201026
Cylance 未发现病毒 20201027
Zoner 未发现病毒 20201026
TrendMicro-HouseCall 未发现病毒 20201027
Rising 未发现病毒 20201026
Yandex 未发现病毒 20201024
SentinelOne 未发现病毒 20201008
eGambit PE.Heur.InvalidSig 20201027
Fortinet 未发现病毒 20201027
MaxSecure 未发现病毒 20201026
AVG 未发现病毒 20201027
Panda 未发现病毒 20201026
Qihoo-360 未发现病毒 20201027

进程树

rundll32.exe, PID: 2416, 上一级进程 PID: 2264
下载PCAP包

访问主机纪录 (可点击查询WPING实时安全评级)

无主机纪录.

TCP

源地址 源端口 目标地址 目标端口
192.168.122.201 49158 23.204.147.18 acroipm.adobe.com 80

UDP

源地址 源端口 目标地址 目标端口
192.168.122.201 59401 192.168.122.1 53

域名解析 (可点击查询WPING实时安全评级)

域名 安全评级 响应
acroipm.adobe.com CNAME a1983.dscd.akamai.net
CNAME acroipm.adobe.com.edgesuite.net
A 23.204.147.34
A 23.204.147.18

TCP

源地址 源端口 目标地址 目标端口
192.168.122.201 49158 23.204.147.18 acroipm.adobe.com 80

UDP

源地址 源端口 目标地址 目标端口
192.168.122.201 59401 192.168.122.1 53

HTTP 请求

URI HTTP数据
URL专业沙箱检测 -> http://acroipm.adobe.com/11/rdr/CHS/win/nooem/none/message.zip 
GET /11/rdr/CHS/win/nooem/none/message.zip HTTP/1.1
Accept: */*
If-Modified-Since: Mon, 08 Nov 2017 08:44:36 GMT
User-Agent: IPM
Host: acroipm.adobe.com
Connection: Keep-Alive
Cache-Control: no-cache

SMTP 流量

无SMTP流量.

IRC 流量

无IRC请求.

ICMP 流量

无ICMP流量.

CIF 报告

无 CIF 结果

网络警报

无警报

TLS

No TLS

Suricata HTTP

No Suricata HTTP

未发现网络提取文件
抱歉! 没有任何文件投放。
没有发现相似的分析.
HTML 总结报告
(需15-60分钟同步)		 下载

Processing ( 54.507 seconds )

  • 35.175 Static
  • 10.551 Suricata
  • 5.586 TargetInfo
  • 1.963 VirusTotal
  • 0.757 NetworkAnalysis
  • 0.245 peid
  • 0.104 config_decoder
  • 0.103 BehaviorAnalysis
  • 0.012 Strings
  • 0.009 AnalysisInfo
  • 0.002 Memory

Signatures ( 1.439 seconds )

  • 1.311 md_url_bl
  • 0.019 antiav_detectreg
  • 0.009 md_domain_bl
  • 0.008 infostealer_ftp
  • 0.007 antiav_detectfile
  • 0.006 api_spamming
  • 0.005 anomaly_persistence_autorun
  • 0.005 stealth_timeout
  • 0.005 infostealer_bitcoin
  • 0.005 infostealer_im
  • 0.004 stealth_decoy_document
  • 0.004 antianalysis_detectreg
  • 0.004 geodo_banking_trojan
  • 0.004 ransomware_extensions
  • 0.004 ransomware_files
  • 0.003 antivm_vbox_files
  • 0.003 infostealer_mail
  • 0.003 network_http
  • 0.002 tinba_behavior
  • 0.002 disables_browser_warn
  • 0.002 network_torgateway
  • 0.001 bootkit
  • 0.001 rat_nanocore
  • 0.001 mimics_filetime
  • 0.001 stealth_file
  • 0.001 injection_createremotethread
  • 0.001 betabot_behavior
  • 0.001 reads_self
  • 0.001 kibex_behavior
  • 0.001 antivm_generic_disk
  • 0.001 cerber_behavior
  • 0.001 injection_runpe
  • 0.001 virus
  • 0.001 hancitor_behavior
  • 0.001 antidbg_devices
  • 0.001 antivm_parallels_keys
  • 0.001 antivm_xen_keys
  • 0.001 banker_zeus_mutex
  • 0.001 bot_drive
  • 0.001 bot_drive2
  • 0.001 browser_security
  • 0.001 modify_proxy
  • 0.001 maldun_malicious_drop_executable_file_to_temp_folder
  • 0.001 md_bad_drop
  • 0.001 network_cnc_http

Reporting ( 0.507 seconds )

  • 0.505 ReportHTMLSummary
  • 0.002 Malheur
Task ID 583373
Mongo ID 5f978b787e769a0a9008e763
Cuckoo release 1.4-Maldun