分析任务
| 分析类型 | 虚拟机标签 | 开始时间 | 结束时间 | 持续时间 |
|---|---|---|---|---|
| 文件 (Windows) | win7-sp1-x64-shaapp03-1 | 2020-10-30 20:35:26 | 2020-10-30 20:35:53 | 27 秒 |
魔盾分数
10.0
危险的
文件详细信息
| 文件名 | Iime.dll |
|---|---|
| 文件大小 | 398848 字节 |
| 文件类型 | PE32+ executable (DLL) (GUI) x86-64, for MS Windows |
| MD5 | 5018dbb7e4f9b805b89a5950dcb1bae6 |
| SHA1 | 4f5734109d3cdbf4d045ac8410a42129226e5c56 |
| SHA256 | f7b9119965410e80fa2323506bfad2901c03c02ea182bbd3210e0c10e2700d59 |
| SHA512 | 8166ac0e384e4dedf836a42952d6aa55df8098eafeb6a4f1df71e9fb47eb3f404170ee87c72f4272fe8198c3f8be86203d6c90b98ad8bb4339f5b3b001273aa4 |
| CRC32 | 1EEC75FF |
| Ssdeep | 3072:ke+1unwOco6n2FHPbAZBTBErHk5EY/Qzh5QCF+lRQUVSkGgAj0+ssV0Ijt79J:+1Fo62Fvb6TqrH84z3QCFVgGgHVCL |
| Yara | 登录查看Yara规则 |
| 样本下载 提交误报 |
登录查看威胁特征
运行截图
没有可用的屏幕截图访问主机纪录 (可点击查询WPING实时安全评级)
无主机纪录.
域名解析 (可点击查询WPING实时安全评级)
| 域名 | 安全评级 | 响应 |
|---|---|---|
| acroipm.adobe.com |
A 23.223.195.201 CNAME acroipm.adobe.com.edgesuite.net CNAME a1983.dscd.akamai.net A 23.223.195.194 |
摘要
登录查看详细行为信息PE 信息
| 初始地址 | 0x180000000 |
|---|---|
| 入口地址 | 0x18001f0a4 |
| 声明校验值 | 0x00000000 |
| 实际校验值 | 0x00062cec |
| 最低操作系统版本要求 | 6.0 |
| PDB路径 | D:\IIME\Input Method Library\x64\Release\Iime.pdb |
| 编译时间 | 2020-10-22 11:10:14 |
| 载入哈希 | f8390c44fc53744ad1f195c68ef29975 |
| 图标 |  |
| 图标精确哈希值 | 6689cf05911cf99f8d597240e3144faf |
| 图标相似性哈希值 | 2ea6e36028a97e941194a81892894616 |
| 导出DLL库名称 | Iime.dll |
版本信息
| LegalCopyright | |
|---|---|
| InternalName | |
| FileVersion | |
| CompanyName | |
| LegalTrademarks | |
| ProductName | |
| ProductVersion | |
| FileDescription | |
| OriginalFilename | |
| Translation |
PE 数据组成
| 名称 | 虚拟地址 | 虚拟大小 | 原始数据大小 | 特征 | 熵(Entropy) |
|---|---|---|---|---|---|
| .text | 0x00001000 | 0x0002b20c | 0x0002b400 | IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ | 5.92 |
| .rdata | 0x0002d000 | 0x00014f30 | 0x00015000 | IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ | 4.72 |
| .data | 0x00042000 | 0x00004b98 | 0x00002400 | IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE | 4.14 |
| .pdata | 0x00047000 | 0x00002be0 | 0x00002c00 | IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ | 5.39 |
| .rsrc | 0x0004a000 | 0x0001b21c | 0x0001b400 | IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ | 2.13 |
| .reloc | 0x00066000 | 0x0000096c | 0x00000a00 | IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ | 5.36 |
资源
| 名称 | 偏移量 | 大小 | 语言 | 子语言 | 熵(Entropy) | 文件类型 |
|---|---|---|---|---|---|---|
| RT_ICON | 0x00063d60 | 0x00000468 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 1.40 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x00063d60 | 0x00000468 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 1.40 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x00063d60 | 0x00000468 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 1.40 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x00063d60 | 0x00000468 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 1.40 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x00063d60 | 0x00000468 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 1.40 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x00063d60 | 0x00000468 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 1.40 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x00063d60 | 0x00000468 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 1.40 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x00063d60 | 0x00000468 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 1.40 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x00063d60 | 0x00000468 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 1.40 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x00063d60 | 0x00000468 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 1.40 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x00063d60 | 0x00000468 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 1.40 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x00063d60 | 0x00000468 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 1.40 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x00063d60 | 0x00000468 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 1.40 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x00063d60 | 0x00000468 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 1.40 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x00063d60 | 0x00000468 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 1.40 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x00063d60 | 0x00000468 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 1.40 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x00063d60 | 0x00000468 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 1.40 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x00063d60 | 0x00000468 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 1.40 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x00063d60 | 0x00000468 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 1.40 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x00063d60 | 0x00000468 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 1.40 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x00063d60 | 0x00000468 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 1.40 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x00063d60 | 0x00000468 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 1.40 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x00063d60 | 0x00000468 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 1.40 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x00063d60 | 0x00000468 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 1.40 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x00063d60 | 0x00000468 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 1.40 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x00063d60 | 0x00000468 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 1.40 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x00063d60 | 0x00000468 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 1.40 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x00063d60 | 0x00000468 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 1.40 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x00063d60 | 0x00000468 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 1.40 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x00063d60 | 0x00000468 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 1.40 | GLS_BINARY_LSB_FIRST |
| RT_GROUP_ICON | 0x00064328 | 0x0000005a | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 2.95 | MS Windows icon resource - 6 icons, 48x48 |
| RT_GROUP_ICON | 0x00064328 | 0x0000005a | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 2.95 | MS Windows icon resource - 6 icons, 48x48 |
| RT_GROUP_ICON | 0x00064328 | 0x0000005a | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 2.95 | MS Windows icon resource - 6 icons, 48x48 |
| RT_VERSION | 0x00064384 | 0x00000664 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 2.14 | data |
| RT_MANIFEST | 0x000649e8 | 0x00000236 | LANG_ENGLISH | SUBLANG_ENGLISH_US | 5.03 | XML 1.0 document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators |
| None | 0x00064c20 | 0x000005fc | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 7.79 | PNG image data, 200 x 80, 8-bit/color RGBA, non-interlaced |
导入
库: KERNEL32.dll:
• 0x18002d078 lstrcpynW
• 0x18002d080 MulDiv
• 0x18002d088 CreateFileW
• 0x18002d090 CompareStringW
• 0x18002d098 lstrcmpW
• 0x18002d0a0 lstrlenW
• 0x18002d0a8 GlobalUnlock
• 0x18002d0b0 RaiseException
• 0x18002d0b8 VerifyVersionInfoW
• 0x18002d0c0 GetLastError
• 0x18002d0c8 GetThreadLocale
• 0x18002d0d0 GetProcAddress
• 0x18002d0d8 HeapSize
• 0x18002d0e0 EnterCriticalSection
• 0x18002d0e8 GlobalFree
• 0x18002d0f0 DecodePointer
• 0x18002d0f8 lstrcatW
• 0x18002d100 FindNextFileW
• 0x18002d108 DeleteCriticalSection
• 0x18002d110 CloseHandle
• 0x18002d118 lstrcpyW
• 0x18002d120 MapViewOfFile
• 0x18002d128 UnmapViewOfFile
• 0x18002d130 ReadFile
• 0x18002d138 CreateFileMappingW
• 0x18002d140 OpenFileMappingW
• 0x18002d148 lstrlenA
• 0x18002d150 lstrcpynA
• 0x18002d158 GetLocalTime
• 0x18002d160 FreeResource
• 0x18002d168 FindResourceW
• 0x18002d170 LoadResource
• 0x18002d178 SizeofResource
• 0x18002d180 LockResource
• 0x18002d188 SetFilePointerEx
• 0x18002d190 SetStdHandle
• 0x18002d198 LeaveCriticalSection
• 0x18002d1a0 VerSetConditionMask
• 0x18002d1a8 FlushFileBuffers
• 0x18002d1b0 GetStringTypeW
• 0x18002d1b8 LCMapStringW
• 0x18002d1c0 GetCPInfo
• 0x18002d1c8 GetOEMCP
• 0x18002d1d0 GetACP
• 0x18002d1d8 IsValidCodePage
• 0x18002d1e0 LoadLibraryExW
• 0x18002d1e8 GetModuleFileNameW
• 0x18002d1f0 FreeEnvironmentStringsW
• 0x18002d1f8 GetEnvironmentStringsW
• 0x18002d200 GetSystemTimeAsFileTime
• 0x18002d208 GetCurrentProcessId
• 0x18002d210 QueryPerformanceCounter
• 0x18002d218 GetModuleFileNameA
• 0x18002d220 GetFileType
• 0x18002d228 GetStdHandle
• 0x18002d230 GetStartupInfoW
• 0x18002d238 TlsFree
• 0x18002d240 TlsSetValue
• 0x18002d248 TlsGetValue
• 0x18002d250 TlsAlloc
• 0x18002d258 TerminateProcess
• 0x18002d260 GetCurrentProcess
• 0x18002d268 SetUnhandledExceptionFilter
• 0x18002d270 UnhandledExceptionFilter
• 0x18002d278 RtlVirtualUnwind
• 0x18002d280 RtlCaptureContext
• 0x18002d288 SetLastError
• 0x18002d290 WideCharToMultiByte
• 0x18002d298 MultiByteToWideChar
• 0x18002d2a0 GetModuleHandleExW
• 0x18002d2a8 ExitProcess
• 0x18002d2b0 RtlUnwindEx
• 0x18002d2b8 Sleep
• 0x18002d2c0 InitializeCriticalSectionAndSpinCount
• 0x18002d2c8 LoadLibraryW
• 0x18002d2d0 GlobalAlloc
• 0x18002d2d8 WriteFile
• 0x18002d2e0 GetProcessHeap
• 0x18002d2e8 GetTickCount
• 0x18002d2f0 GetModuleHandleW
• 0x18002d2f8 GlobalLock
• 0x18002d300 HeapFree
• 0x18002d308 GetConsoleMode
• 0x18002d310 HeapAlloc
• 0x18002d318 HeapReAlloc
• 0x18002d320 FindFirstFileW
• 0x18002d328 GetFileSize
• 0x18002d330 GetConsoleCP
• 0x18002d338 RtlLookupFunctionEntry
• 0x18002d340 RtlPcToFileHeader
• 0x18002d348 GetCurrentThreadId
• 0x18002d350 GetCommandLineA
• 0x18002d358 IsProcessorFeaturePresent
• 0x18002d360 EncodePointer
• 0x18002d368 OutputDebugStringW
• 0x18002d370 IsDebuggerPresent
• 0x18002d378 WriteConsoleW
库: USER32.dll:
• 0x18002d3d0 MapVirtualKeyExW
• 0x18002d3d8 ReleaseDC
• 0x18002d3e0 GetKeyboardState
• 0x18002d3e8 GetDC
• 0x18002d3f0 wsprintfW
• 0x18002d3f8 GetFocus
• 0x18002d400 UnregisterClassW
• 0x18002d408 RegisterWindowMessageW
• 0x18002d410 SendInput
• 0x18002d418 CharLowerBuffW
• 0x18002d420 DrawTextW
• 0x18002d428 DefWindowProcW
• 0x18002d430 IsWindow
• 0x18002d438 GetCursorPos
• 0x18002d440 SetWindowPos
• 0x18002d448 SetRect
• 0x18002d450 InflateRect
• 0x18002d458 PtInRect
• 0x18002d460 LoadCursorW
• 0x18002d468 GetKeyState
• 0x18002d470 ScreenToClient
• 0x18002d478 SetCursor
• 0x18002d480 keybd_event
• 0x18002d488 CopyRect
• 0x18002d490 GetMonitorInfoW
• 0x18002d498 UpdateWindow
• 0x18002d4a0 SetWindowLongPtrW
• 0x18002d4a8 IsWindowVisible
• 0x18002d4b0 GetSystemMetrics
• 0x18002d4b8 RegisterClassW
• 0x18002d4c0 ReleaseCapture
• 0x18002d4c8 CreateWindowExW
• 0x18002d4d0 ShowWindow
• 0x18002d4d8 SystemParametersInfoW
• 0x18002d4e0 InvalidateRect
• 0x18002d4e8 OffsetRect
• 0x18002d4f0 BeginPaint
• 0x18002d4f8 GetClientRect
• 0x18002d500 GetWindowLongPtrW
• 0x18002d508 EndPaint
• 0x18002d510 DestroyWindow
• 0x18002d518 MonitorFromWindow
• 0x18002d520 SetCapture
• 0x18002d528 MonitorFromPoint
• 0x18002d530 GetWindowRect
• 0x18002d538 MessageBoxW
• 0x18002d540 GetDesktopWindow
库: GDI32.dll:
• 0x18002d000 BitBlt
• 0x18002d008 DeleteObject
• 0x18002d010 CreateCompatibleDC
• 0x18002d018 CreateCompatibleBitmap
• 0x18002d020 GetTextExtentPoint32W
• 0x18002d028 SetTextColor
• 0x18002d030 SetBkMode
• 0x18002d038 SelectObject
• 0x18002d040 GetObjectA
• 0x18002d048 EnumFontFamiliesW
• 0x18002d050 DeleteDC
• 0x18002d058 CreateFontIndirectW
• 0x18002d060 GetDeviceCaps
• 0x18002d068 GetStockObject
库: SHELL32.dll:
• 0x18002d388 SHGetSpecialFolderPathW
库: SHLWAPI.dll:
• 0x18002d398 StrToIntW
• 0x18002d3a0 PathFileExistsW
• 0x18002d3a8 PathFindFileNameW
• 0x18002d3b0 PathAppendW
• 0x18002d3b8 StrChrW
• 0x18002d3c0 PathRemoveBlanksW
库: gdiplus.dll:
• 0x18002d550 GdipGetDC
• 0x18002d558 GdipReleaseDC
• 0x18002d560 GdipDeleteBrush
• 0x18002d568 GdipFree
• 0x18002d570 GdipDeletePen
• 0x18002d578 GdipCreateFontFromDC
• 0x18002d580 GdipDrawRectangleI
• 0x18002d588 GdipCreatePen1
• 0x18002d590 GdipGetImageWidth
• 0x18002d598 GdipCreatePath
• 0x18002d5a0 GdipDrawLineI
• 0x18002d5a8 GdipCloneImage
• 0x18002d5b0 GdipFillRectangleI
• 0x18002d5b8 GdipStringFormatGetGenericTypographic
• 0x18002d5c0 GdipSetInterpolationMode
• 0x18002d5c8 GdipFillPath
• 0x18002d5d0 GdipCreateFromHDC
• 0x18002d5d8 GdipDrawString
• 0x18002d5e0 GdipBitmapGetPixel
• 0x18002d5e8 GdipDeletePath
• 0x18002d5f0 GdipSetPenWidth
• 0x18002d5f8 GdipDisposeImage
• 0x18002d600 GdipAlloc
• 0x18002d608 GdipSetPenColor
• 0x18002d610 GdipCreateSolidFill
• 0x18002d618 GdipAddPathArcI
• 0x18002d620 GdipAddPathLineI
• 0x18002d628 GdipSetStringFormatAlign
• 0x18002d630 GdipGetImageGraphicsContext
• 0x18002d638 GdipDeleteGraphics
• 0x18002d640 GdipDeleteFont
• 0x18002d648 GdipDrawPath
• 0x18002d650 GdipSetPenMode
• 0x18002d658 GdipSetTextRenderingHint
• 0x18002d660 GdipBitmapSetPixel
• 0x18002d668 GdipCreateBitmapFromStream
• 0x18002d670 GdipSetStringFormatLineAlign
• 0x18002d678 GdipMeasureString
• 0x18002d680 GdipFillPolygonI
• 0x18002d688 GdipDrawImageRectRectI
• 0x18002d690 GdipGetImageHeight
• 0x18002d698 GdipCreateFontFromLogfontA
• 0x18002d6a0 GdipCreateBitmapFromStreamICM
• 0x18002d6a8 GdipSetStringFormatFlags
• 0x18002d6b0 GdipCloneBrush
导出
| 序列 | 地址 | 名称 |
|---|---|---|
| 6 | 0x180005030 | ??0CCandidateList@@QEAA@XZ |
| 7 | 0x180004b50 | ??0CCodeEntry@@QEAA@AEBV0@@Z |
| 8 | 0x180004bb0 | ??0CCodeEntry@@QEAA@PEB_W0K@Z |
| 9 | 0x180004b20 | ??0CCodeEntry@@QEAA@XZ |
| 10 | 0x180007a10 | ??0CCodetable@@QEAA@H@Z |
| 11 | 0x1800027b0 | ??0CConfigure@@QEAA@H@Z |
| 12 | 0x180012880 | ??0CGdipuls@@QEAA@PEAUHDC__@@@Z |
| 13 | 0x180012910 | ??0CGdipuls@@QEAA@PEAVBitmap@Gdiplus@@@Z |
| 14 | 0x180002d80 | ??0CSentence@@QEAA@XZ |
| 15 | 0x180002390 | ??0CSoftkbd@@QEAA@AEBV0@@Z |
| 16 | 0x180018320 | ??0CSoftkbd@@QEAA@PEAUHWND__@@PEAUHINSTANCE__@@GUtagRECT@@@Z |
| 17 | 0x180002250 | ??0CWindow@@QEAA@AEBV0@@Z |
| 18 | 0x18001c860 | ??0CWindow@@QEAA@XZ |
| 19 | 0x180005f80 | ??0CWordlibFile@@QEAA@XZ |
| 20 | 0x18000c2b0 | ??0CWordlibrary@@QEAA@H@Z |
| 21 | 0x1800050b0 | ??1CCandidateList@@QEAA@XZ |
| 22 | 0x180004cc0 | ??1CCodeEntry@@QEAA@XZ |
| 23 | 0x180007a60 | ??1CCodetable@@QEAA@XZ |
| 24 | 0x180002b80 | ??1CConfigure@@QEAA@XZ |
| 25 | 0x1800129a0 | ??1CGdipuls@@QEAA@XZ |
| 26 | 0x180002b80 | ??1CSentence@@QEAA@XZ |
| 27 | 0x1800183e0 | ??1CSoftkbd@@UEAA@XZ |
| 28 | 0x18001c8d0 | ??1CWindow@@UEAA@XZ |
| 29 | 0x180005fc0 | ??1CWordlibFile@@QEAA@XZ |
| 30 | 0x18000c310 | ??1CWordlibrary@@QEAA@XZ |
| 31 | 0x180002140 | ??4CCandidateList@@QEAAAEAV0@AEBV0@@Z |
| 32 | 0x180002050 | ??4CCodeEntry@@QEAAAEAV0@AEBV0@@Z |
| 33 | 0x1800021f0 | ??4CCodetable@@QEAAAEAV0@AEBV0@@Z |
| 34 | 0x180002050 | ??4CConfigure@@QEAAAEAV0@AEBV0@@Z |
| 35 | 0x180002140 | ??4CGdipuls@@QEAAAEAV0@AEBV0@@Z |
| 36 | 0x1800020c0 | ??4CSentence@@QEAAAEAV0@AEBV0@@Z |
| 37 | 0x180002560 | ??4CSoftkbd@@QEAAAEAV0@AEBV0@@Z |
| 38 | 0x1800022b0 | ??4CWindow@@QEAAAEAV0@AEBV0@@Z |
| 39 | 0x180002050 | ??4CWordlibFile@@QEAAAEAV0@AEBV0@@Z |
| 40 | 0x1800021f0 | ??4CWordlibrary@@QEAAAEAV0@AEBV0@@Z |
| 41 | 0x180037f18 | ??_7CSoftkbd@@6B@ |
| 42 | 0x180037e60 | ??_7CWindow@@6B@ |
| 43 | 0x180002220 | ??_FCCodetable@@QEAAXXZ |
| 44 | 0x1800020a0 | ??_FCConfigure@@QEAAXXZ |
| 45 | 0x180005a20 | ?Add@CCandidateList@@QEAAXPEB_W0K@Z |
| 46 | 0x1800059d0 | ?Add@CCandidateList@@QEAAXVCCodeEntry@@@Z |
| 47 | 0x18001b1b0 | ?AdjustSoftKeyboardPos@CSoftkbd@@AEAAXXZ |
| 48 | 0x18001cf90 | ?AdjustWindowToDesktop@CWindow@@QEAAXPEAUtagPOINT@@@Z |
| 49 | 0x180005ee0 | ?Append@CCandidateList@@AEAAXVCCodeEntry@@@Z |
| 50 | 0x18000ce70 | ?AppendAssistTable@CWordlibrary@@AEAAHXZ |
| 51 | 0x18000b500 | ?AppendCandidateEntry@CCodetable@@AEAAHPEB_W0KPEAVCCandidateList@@W4TCandTypes@@HH@Z |
| 52 | 0x18000b0a0 | ?AppendCandidateList@CCodetable@@AEAAHPEB_W0KPEAVCCandidateList@@W4TEntryTypes@@HH@Z |
| 53 | 0x18000a0a0 | ?AppendEntry@CCodetable@@QEAAHPEB_W0K@Z |
| 54 | 0x180006870 | ?AppendEntry@CWordlibFile@@QEAAXPEB_W0K@Z |
| 55 | 0x18000d290 | ?AppendEntry@CWordlibrary@@QEAAXPEB_W0K@Z |
| 56 | 0x180006800 | ?AppendLine@CWordlibFile@@QEAAXPEB_W@Z |
| 57 | 0x1800076e0 | ?AppendPhraseRule@CWordlibFile@@AEAAXUTCodetableHeader@@@Z |
| 58 | 0x180006fd0 | ?AppendWordlibHeader@CWordlibFile@@QEAAXUTCodetableHeader@@@Z |
| 59 | 0x180008ba0 | ?AutoEude@CCodetable@@QEAAHPEB_W0PEAVCCandidateList@@@Z |
| 60 | 0x18001d6a0 | ?CalcFitPointAroundTextExtent@CWindow@@AEAAXUtagRECT@@00PEAUtagPOINT@@@Z |
| 61 | 0x18000bfe0 | ?ChineseSearch@CCodetable@@AEAAHKPEA_W@Z |
| 62 | 0x180005190 | ?Clear@CCandidateList@@QEAAXXZ |
| 63 | 0x180004fe0 | ?Clear@CCodeEntry@@QEAAXXZ |
| 64 | 0x180002fd0 | ?ClearSentence@CSentence@@QEAAXXZ |
| 65 | 0x1800146d0 | ?ColorrefToColor@CGdipuls@@AEAA?AVColor@Gdiplus@@K@Z |
| 66 | 0x18000c0f0 | ?CompareCompstr@CCodetable@@AEAAHPEB_W0W4TEntryTypes@@@Z |
| 67 | 0x180005160 | ?Count@CCandidateList@@QEAAIXZ |
| 68 | 0x180002db0 | ?Create@CSentence@@QEAAHXZ |
| 69 | 0x18001ca30 | ?Create@CWindow@@QEAAHKGPEB_WPEAUHINSTANCE__@@HHHHPEAUHWND__@@@Z |
| 70 | 0x180006020 | ?Create@CWordlibFile@@QEAAJPEB_WK@Z |
| 71 | 0x18000c410 | ?Create@CWordlibrary@@QEAAJPEB_W@Z |
| 72 | 0x180018490 | ?CreateSoftKeyboard@CSoftkbd@@QEAAPEAUHWND__@@H@Z |
| 73 | 0x18000a4a0 | ?DFS@CCodetable@@AEAAXPEAKPEB_WV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PEAVCCandidateList@@W4TEntryTypes@@HH@Z |
| 74 | 0x18000ab80 | ?DFS@CCodetable@@AEAAXPEAKV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PEAVCCandidateList@@@Z |
| 75 | 0x18000a8e0 | ?DFS@CCodetable@@AEAAXPEAKV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PEAVCWordlibFile@@H@Z |
| 76 | 0x18000a670 | ?DFS@CCodetable@@AEAAXPEAKV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PEAVCWordlibrary@@@Z |
| 77 | 0x18000b670 | ?DFS@CCodetable@@AEAAXPEAKV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PEB_WPEAVCCandidateList@@@Z |
| 78 | 0x1800088f0 | ?DecimalSearch@CCodetable@@QEAAXPEB_WPEAVCCandidateList@@@Z |
| 79 | 0x18001cb00 | ?Destroy@CWindow@@QEAAXXZ |
| 80 | 0x180018800 | ?DestroySoftKeyboard@CSoftkbd@@QEAAXXZ |
| 81 | 0x180013370 | ?Draw3DRectangle@CGdipuls@@QEAAXUtagRECT@@KKKHH@Z |
| 82 | 0x1800141d0 | ?DrawImage@CGdipuls@@QEAAXPEAVBitmap@Gdiplus@@UtagRECT@@1@Z |
| 83 | 0x180014120 | ?DrawImage@CGdipuls@@QEAAXPEAVBitmap@Gdiplus@@VRect@3@1@Z |
| 84 | 0x18001abf0 | ?DrawKeyChar@CSoftkbd@@AEAAXPEAUHDC__@@PEAVCGdipuls@@I_W@Z |
| 85 | 0x180012a40 | ?DrawLine@CGdipuls@@QEAAXKHHHHH@Z |
| 86 | 0x180012be0 | ?DrawRectangle@CGdipuls@@QEAAXUtagRECT@@KKHHHH@Z |
| 87 | 0x18001ad20 | ?DrawShiftKeyChar@CSoftkbd@@AEAAXPEAUHDC__@@PEAVCGdipuls@@I_W@Z |
| 88 | 0x18001a730 | ?DrawSoftKeys@CSoftkbd@@AEAAXPEAUHDC__@@PEAVCGdipuls@@I@Z |
| 89 | 0x1800142d0 | ?DrawStatusBar@CGdipuls@@QEAAXUtagRECT@@UTConfigure@@KHHH@Z |
| 90 | 0x180013840 | ?DrawTextString@CGdipuls@@QEAAXPEAUHDC__@@PEB_WUtagRECT@@KPEAUHFONT__@@HH@Z |
| 91 | 0x180013100 | ?DrawTriangleArrow@CGdipuls@@QEAAXHHHHK@Z |
| 92 | 0x180008460 | ?EnglishSearch@CCodetable@@QEAAXPEB_WPEAVCCandidateList@@@Z |
| 93 | 0x180002170 | ?Eof@CWordlibFile@@QEAAHXZ |
| 94 | 0x18000d5b0 | ?EstimateCodetableSize@CWordlibrary@@AEAAKUTCodetableHeader@@@Z |
| 95 | 0x180005ac0 | ?ExistsBriefCode@CCandidateList@@QEAAHPEB_W0K@Z |
| 96 | 0x180009ea0 | ?ExportEude@CCodetable@@QEAAXPEAVCCandidateList@@@Z |
| 97 | 0x180009de0 | ?ExportToWordlibFile@CCodetable@@QEAAXPEAVCWordlibFile@@H@Z |
| 98 | 0x180009d40 | ?ExportToWordlibrary@CCodetable@@QEAAXPEAVCWordlibrary@@@Z |
| 99 | 0x18000ccc0 | ?GenerareCodetableTrie@CWordlibrary@@AEAAHXZ |
| 100 | 0x18000c710 | ?GenerateCodetable@CWordlibrary@@QEAAHXZ |
| 101 | 0x18000b7c0 | ?GeneratePredictCompstr@CCodetable@@AEAAXPEA_WPEB_W@Z |
| 102 | 0x18000ca50 | ?GenerateReverseTable@CWordlibrary@@AEAAHXZ |
| 103 | 0x180005320 | ?GetAt@CCandidateList@@QEAAXIPEAVCCodeEntry@@@Z |
| 104 | 0x180014c50 | ?GetButtonRect@CGdipuls@@AEAAXAEAUtagRECT@@IUTConfigure@@HHH@Z |
| 105 | 0x1800056a0 | ?GetCandidateList@CCandidateList@@QEAAXPEAV1@HH@Z |
| 106 | 0x18001cd40 | ?GetClientRectangle@CWindow@@QEAAHPEAUtagRECT@@@Z |
| 107 | 0x180004fc0 | ?GetCodeEntry@CCodeEntry@@QEAAXPEAV1@@Z |
| 108 | 0x180004f40 | ?GetCodeEntry@CCodeEntry@@QEAAXPEA_W0PEAK@Z |
| 109 | 0x1800021d0 | ?GetCodeLength@CCodetable@@QEAAHXZ |
| 110 | 0x180009f70 | ?GetCodeScheme@CCodetable@@QEAAXPEA_W@Z |
| 111 | 0x180009f40 | ?GetCodetableHeader@CCodetable@@QEAAXPEAUTCodetableHeader@@@Z |
| 112 | 0x180006950 | ?GetCodetableHeader@CWordlibFile@@QEAAHPEAUTCodetableHeader@@@Z |
| 113 | 0x180002be0 | ?GetConfigure@CConfigure@@QEAAXPEAUTConfigure@@@Z |
| 114 | 0x1800020f0 | ?GetDC@CGdipuls@@QEAAPEAUHDC__@@XZ |
| 115 | 0x180014d10 | ?GetIconXY@CGdipuls@@AEAAXAEAUtagPOINT@@HUTConfigure@@K@Z |
| 116 | 0x180006420 | ?GetNextEntry@CWordlibFile@@QEAAXPEA_W0PEAK@Z |
| 117 | 0x180006360 | ?GetNextLine@CWordlibFile@@QEAAXPEA_W@Z |
| 118 | 0x1800074a0 | ?GetPhraseRule@CWordlibFile@@AEAAXPEB_WPEAUTCodetableHeader@@@Z |
| 119 | 0x180018900 | ?GetPressSoftKey@CSoftkbd@@AEAAIUtagPOINT@@@Z |
| 120 | 0x180014730 | ?GetRoundRectanglePath@CGdipuls@@AEAAPEAVGraphicsPath@Gdiplus@@VRect@3@H@Z |
| 121 | 0x18000c1f0 | ?GetSearchRange@CCodetable@@AEAA?AW4TSearchRange@@XZ |
| 122 | 0x180002e40 | ?GetSentence@CSentence@@QEAAXPEA_W@Z |
| 123 | 0x180002160 | ?GetSize@CWordlibFile@@QEAAKXZ |
| 124 | 0x180018780 | ?GetSoftKeyChar@CSoftkbd@@QEAA_WI@Z |
| 125 | 0x18001a6b0 | ?GetSoftKeyIndex@CSoftkbd@@AEAAII@Z |
| 126 | 0x1800190f0 | ?GetSoftKeyRect@CSoftkbd@@AEAA?AUtagRECT@@I@Z |
| 127 | 0x18001b520 | ?GetSoftKeyState@CSoftkbd@@AEAAHI@Z |
| 128 | 0x180009fa0 | ?GetSpecialPrefix@CCodetable@@QEAAXPEA_W@Z |
| 129 | 0x180013660 | ?GetStringSize@CGdipuls@@QEAA?AUtagSIZE@@PEAUHDC__@@PEB_WPEAUHFONT__@@@Z |
| 130 | 0x18000bbf0 | ?GetTrieEntry@CCodetable@@AEAAXPEBUTTrieEntry@@PEAKPEA_W2@Z |
| 131 | 0x18000be40 | ?GetTrieEntrys@CCodetable@@AEAAXPEAUTTrieNode@@PEAVCCandidateList@@PEB_W2@Z |
| 132 | 0x18000bcb0 | ?GetTrieEntrys@CCodetable@@AEAAXPEAUTTrieNode@@PEAVCCandidateList@@PEB_W2W4TEntryTypes@@HH@Z |
| 133 | 0x18000ba10 | ?GetTrieNode@CCodetable@@AEAAHPEB_WPEAPEAUTTrieNode@@PEA_W@Z |
| 134 | 0x18001a560 | ?GetVirtualKey@CSoftkbd@@AEAAII@Z |
| 135 | 0x1800021b0 | ?GetWildChar@CCodetable@@QEAA_WXZ |
| 136 | 0x18001cd70 | ?GetWindowExtent@CWindow@@QEAAJUtagRECT@@0PEAUtagPOINT@@@Z |
| 137 | 0x180002240 | ?GetWindowHandle@CWindow@@QEAAPEAUHWND__@@XZ |
| 138 | 0x18001cd10 | ?GetWindowRectangle@CWindow@@QEAAHPEAUtagRECT@@@Z |
| 139 | 0x18001ced0 | ?GetWorkAreaFromOwner@CWindow@@QEAAXPEAUtagRECT@@PEAUHWND__@@@Z |
| 140 | 0x18001d540 | ?GetWorkAreaFromPoint@CWindow@@AEAAXUtagPOINT@@PEAUtagRECT@@@Z |
| 141 | 0x180013d70 | ?ImageRecoloring@CGdipuls@@QEAAXPEAVBitmap@Gdiplus@@KKKH@Z |
| 142 | 0x18001c910 | ?InitWindowClass@CWindow@@SAHPEB_WPEAGPEAUHINSTANCE__@@@Z |
| 143 | 0x180018c00 | ?Initialization@CSoftkbd@@AEAAXPEAUHWND__@@@Z |
| 144 | 0x180005da0 | ?Insert@CCandidateList@@AEAAXVCCodeEntry@@@Z |
| 145 | 0x1800055b0 | ?Insert@CCandidateList@@QEAAXHVCCodeEntry@@@Z |
| 146 | 0x18001ccd0 | ?Invalidate@CWindow@@QEAAXPEAUtagRECT@@@Z |
| 147 | 0x180009000 | ?IsEntryExists@CCodetable@@QEAAHPEB_W0@Z |
| 148 | 0x180009fd0 | ?IsValidCompstr@CCodetable@@QEAAHPEB_W@Z |
| 149 | 0x18000d210 | ?IsValidElement@CWordlibrary@@AEAAHPEB_W@Z |
| 150 | 0x18001cc70 | ?IsVisible@CWindow@@QEAAHXZ |
| 151 | 0x18000a040 | ?IsWildState@CCodetable@@QEAAHPEB_W@Z |
| 152 | 0x180007a70 | ?LoadCodetable@CCodetable@@QEAAHPEB_W@Z |
| 153 | 0x1800027f0 | ?LoadConfigure@CConfigure@@QEAAHXZ |
| 154 | 0x180013b80 | ?LoadImageFromResource@CGdipuls@@QEAAHPEAUHINSTANCE__@@HHPEAPEAVBitmap@Gdiplus@@@Z |
| 155 | 0x18000c8d0 | ?LoadWordlibFile@CWordlibrary@@AEAAHPEB_W@Z |
| 156 | 0x180007eb0 | ?MainPinyinSearch@CCodetable@@QEAAXPEB_WPEAVCCandidateList@@@Z |
| 157 | 0x180008100 | ?MainSearch@CCodetable@@QEAAXPEB_WPEAVCCandidateList@@@Z |
| 158 | 0x1800189f0 | ?MouseCursorInClient@CSoftkbd@@UEAAHPEAUHWND__@@@Z |
| 159 | 0x18001cb50 | ?Move@CWindow@@UEAAXUtagPOINT@@@Z |
| 160 | 0x180009820 | ?MoveToBack@CCodetable@@QEAAHPEB_W0@Z |
| 161 | 0x1800095e0 | ?MoveToHome@CCodetable@@QEAAHPEB_W0@Z |
| 162 | 0x180009ab0 | ?MoveToPrev@CCodetable@@QEAAHPEB_W0@Z |
| 163 | 0x1800088a0 | ?NumberSearch@CCodetable@@QEAAXPEB_WPEAVCCandidateList@@@Z |
| 164 | 0x18001ae50 | ?OnPaint@CSoftkbd@@UEAAXPEAUHDC__@@@Z |
| 165 | 0x180008d30 | ?PhraseEncode@CCodetable@@QEAAHPEB_WPEA_W@Z |
| 166 | 0x180008530 | ?PinyinSearch@CCodetable@@QEAAXPEB_WPEAVCCandidateList@@@Z |
| 167 | 0x180008930 | ?PredictSearch@CCodetable@@QEAAXPEB_W0PEAVCCandidateList@@@Z |
| 168 | 0x180018a90 | ?ProcessClientMouseMessage@CSoftkbd@@UEAAXPEAUHWND__@@IUtagPOINT@@@Z |
| 169 | 0x18001d3d0 | ?ProcessSetCursorMessage@CWindow@@AEAAXPEAUHWND__@@_J@Z |
| 170 | 0x180008600 | ?RarelySearch@CCodetable@@QEAAXPEB_WPEAVCCandidateList@@@Z |
| 171 | 0x18001d990 | ?RectInRect@CWindow@@AEAAKPEBUtagRECT@@0@Z |
| 172 | 0x180002110 | ?ReleaseDC@CGdipuls@@QEAAXPEAUHDC__@@@Z |
| 173 | 0x180005c30 | ?Remove@CCandidateList@@AEAAXVCCodeEntry@@@Z |
| 174 | 0x180005250 | ?RemoveAt@CCandidateList@@QEAAXI@Z |
| 175 | 0x1800093b0 | ?RemoveEntry@CCodetable@@QEAAHPEB_W0@Z |
| 176 | 0x18001cbb0 | ?Resize@CWindow@@QEAAXHH@Z |
| 177 | 0x180008b10 | ?ReverseSearch@CCodetable@@QEAAHPEA_WPEB_W@Z |
| 178 | 0x180007340 | ?SaveAsToFile@CWordlibFile@@QEAAHPEB_W@Z |
| 179 | 0x18000c760 | ?SaveToFile@CWordlibrary@@QEAAHPEB_W@Z |
| 180 | 0x18000a300 | ?Search@CCodetable@@AEAAXPEB_WPEAVCCandidateList@@W4TEntryTypes@@HH@Z |
| 181 | 0x1800057e0 | ?SetCandidateList@CCandidateList@@QEAAJPEB_W0KH@Z |
| 182 | 0x180004dd0 | ?SetCodeEntry@CCodeEntry@@QEAAXPEB_W0K@Z |
| 183 | 0x180004ed0 | ?SetCodeEntry@CCodeEntry@@QEAAXV1@@Z |
| 184 | 0x180002c20 | ?SetConfigure@CConfigure@@QEAAXPEB_WUTConfigure@@@Z |
| 185 | 0x1800062c0 | ?SetLibraryStart@CWordlibFile@@QEAAXXZ |
| 186 | 0x18000d080 | ?SetReverseTable@CWordlibrary@@AEAAKPEB_W0@Z |
| 187 | 0x180002e70 | ?SetSentence@CSentence@@QEAAXPEB_W@Z |
| 188 | 0x18001b560 | ?SetSoftKeyData@CSoftkbd@@AEAAXH@Z |
| 189 | 0x18001b2e0 | ?SetSoftKeyState@CSoftkbd@@AEAAXPEAUHWND__@@IH@Z |
| 190 | 0x180005560 | ?SetToHome@CCandidateList@@QEAAXVCCodeEntry@@@Z |
| 191 | 0x18000bae0 | ?SetTrieEntry@CCodetable@@AEAAXPEAUTTrieEntry@@KPEB_W1@Z |
| 192 | 0x18000d4b0 | ?SetTrieEntry@CWordlibrary@@AEAAXPEAUTTrieEntry@@KPEB_W1@Z |
| 193 | 0x18001cc10 | ?Show@CWindow@@QEAAXH@Z |
| 194 | 0x1800086f0 | ?SpecialSearch@CCodetable@@QEAAXPEB_WPEAVCCandidateList@@@Z |
| 195 | 0x180005400 | ?Swap@CCandidateList@@QEAAHIH@Z |
| 196 | 0x18001ca00 | ?UninitWindowClass@CWindow@@SAXGPEAUHINSTANCE__@@@Z |
| 197 | 0x180005fc0 | ?UnloadCodetable@CCodetable@@QEAAXXZ |
| 198 | 0x18001cca0 | ?Update@CWindow@@QEAAHXZ |
| 199 | 0x180018690 | ?UpdateSoftKeyboard@CSoftkbd@@QEAAXH@Z |
| 200 | 0x1800091b0 | ?UpdateWordFreq@CCodetable@@QEAAHPEB_W0@Z |
| 201 | 0x18000add0 | ?WildSearch@CCodetable@@AEAAXPEB_WPEAVCCandidateList@@W4TEntryTypes@@HH@Z |
| 202 | 0x180008360 | ?WildcardSearch@CCodetable@@QEAAXPEB_WPEAVCCandidateList@@HH@Z |
| 203 | 0x180018bc0 | ?WindowProc@CSoftkbd@@UEAA_JPEAUHWND__@@I_K_J@Z |
| 204 | 0x18001d0a0 | ?WndProc@CWindow@@CA_JPEAUHWND__@@I_K_J@Z |
| 205 | 0x180002080 | ?__autoclassinit2@CCandidateList@@QEAAX_K@Z |
| 206 | 0x180002080 | ?__autoclassinit2@CCodeEntry@@QEAAX_K@Z |
| 207 | 0x180002080 | ?__autoclassinit2@CCodetable@@QEAAX_K@Z |
| 208 | 0x180002080 | ?__autoclassinit2@CConfigure@@QEAAX_K@Z |
| 209 | 0x180002080 | ?__autoclassinit2@CGdipuls@@QEAAX_K@Z |
| 210 | 0x180002080 | ?__autoclassinit2@CSentence@@QEAAX_K@Z |
| 211 | 0x180002080 | ?__autoclassinit2@CSoftkbd@@QEAAX_K@Z |
| 212 | 0x180002080 | ?__autoclassinit2@CWindow@@QEAAX_K@Z |
| 213 | 0x180002080 | ?__autoclassinit2@CWordlibFile@@QEAAX_K@Z |
| 214 | 0x180002080 | ?__autoclassinit2@CWordlibrary@@QEAAX_K@Z |
| 5 | 0x1800162c0 | GetCodetableFileName |
| 3 | 0x180016360 | GetConfiguration |
| 1 | 0x1800151a0 | MessageDialog |
| 4 | 0x180016530 | SetConfiguration |
| 2 | 0x180014f70 | SetDefaultConfigure |
.text
`.rdata
@.data
.pdata
@.rsrc
@.reloc
D$ \\\
D$ \\\
| 防病毒引擎/厂商 | 病毒名/规则匹配 | 病毒库日期 |
|---|---|---|
| Bkav | 未发现病毒 | 20201030 |
| Elastic | 未发现病毒 | 20201012 |
| MicroWorld-eScan | Gen:Variant.Mikey.114684 | 20201030 |
| CMC | 未发现病毒 | 20201030 |
| CAT-QuickHeal | 未发现病毒 | 20201030 |
| McAfee | 未发现病毒 | 20201030 |
| Cylance | 未发现病毒 | 20201030 |
| Zillya | 未发现病毒 | 20201030 |
| SUPERAntiSpyware | 未发现病毒 | 20201030 |
| Sangfor | 未发现病毒 | 20201028 |
| CrowdStrike | 未发现病毒 | 20190702 |
| Alibaba | 未发现病毒 | 20190527 |
| K7GW | 未发现病毒 | 20201030 |
| K7AntiVirus | 未发现病毒 | 20201030 |
| Arcabit | Trojan.Mikey.D1BFFC | 20201030 |
| TrendMicro | 未发现病毒 | 20201030 |
| Baidu | 未发现病毒 | 20190318 |
| Cyren | 未发现病毒 | 20201030 |
| Symantec | 未发现病毒 | 20201030 |
| TotalDefense | 未发现病毒 | 20201030 |
| APEX | 未发现病毒 | 20201030 |
| Avast | 未发现病毒 | 20201030 |
| ClamAV | 未发现病毒 | 20201029 |
| Kaspersky | 未发现病毒 | 20201030 |
| BitDefender | Gen:Variant.Mikey.114684 | 20201030 |
| NANO-Antivirus | 未发现病毒 | 20201030 |
| Paloalto | 未发现病毒 | 20201030 |
| AegisLab | 未发现病毒 | 20201030 |
| Rising | 未发现病毒 | 20201030 |
| Ad-Aware | Gen:Variant.Mikey.114684 | 20201030 |
| TACHYON | 未发现病毒 | 20201030 |
| Sophos | 未发现病毒 | 20201030 |
| Comodo | 未发现病毒 | 20201030 |
| F-Secure | 未发现病毒 | 20201030 |
| DrWeb | 未发现病毒 | 20201030 |
| VIPRE | 未发现病毒 | 20201030 |
| Invincea | 未发现病毒 | 20201030 |
| McAfee-GW-Edition | 未发现病毒 | 20201029 |
| FireEye | Gen:Variant.Mikey.114684 | 20201030 |
| Emsisoft | Gen:Variant.Mikey.114684 (B) | 20201030 |
| Ikarus | 未发现病毒 | 20201030 |
| Jiangmin | 未发现病毒 | 20201030 |
| Webroot | 未发现病毒 | 20201030 |
| Avira | 未发现病毒 | 20201030 |
| Antiy-AVL | 未发现病毒 | 20201030 |
| Kingsoft | 未发现病毒 | 20201030 |
| Gridinsoft | 未发现病毒 | 20201030 |
| Microsoft | 未发现病毒 | 20201030 |
| ViRobot | 未发现病毒 | 20201030 |
| ZoneAlarm | 未发现病毒 | 20201030 |
| GData | Gen:Variant.Mikey.114684 | 20201030 |
| Cynet | 未发现病毒 | 20201030 |
| AhnLab-V3 | 未发现病毒 | 20201030 |
| Acronis | 未发现病毒 | 20201023 |
| BitDefenderTheta | 未发现病毒 | 20201023 |
| ALYac | Gen:Variant.Mikey.114684 | 20201030 |
| MAX | malware (ai score=82) | 20201030 |
| VBA32 | 未发现病毒 | 20201030 |
| Malwarebytes | 未发现病毒 | 20201030 |
| Zoner | 未发现病毒 | 20201029 |
| ESET-NOD32 | 未发现病毒 | 20201030 |
| TrendMicro-HouseCall | 未发现病毒 | 20201030 |
| Tencent | 未发现病毒 | 20201030 |
| Yandex | 未发现病毒 | 20201028 |
| SentinelOne | 未发现病毒 | 20201029 |
| eGambit | 未发现病毒 | 20201030 |
| Fortinet | 未发现病毒 | 20201030 |
| MaxSecure | 未发现病毒 | 20201030 |
| AVG | 未发现病毒 | 20201030 |
| Panda | 未发现病毒 | 20201030 |
| Qihoo-360 | Generic/Trojan.198 | 20201030 |
访问主机纪录 (可点击查询WPING实时安全评级)
无主机纪录.
TCP
| 源地址 | 源端口 | 目标地址 | 目标端口 |
|---|---|---|---|
| 192.168.122.201 | 49160 | 23.223.195.194 acroipm.adobe.com | 80 |
UDP
| 源地址 | 源端口 | 目标地址 | 目标端口 |
|---|---|---|---|
| 192.168.122.201 | 59401 | 192.168.122.1 | 53 |
域名解析 (可点击查询WPING实时安全评级)
| 域名 | 安全评级 | 响应 |
|---|---|---|
| acroipm.adobe.com |
A 23.223.195.201 CNAME acroipm.adobe.com.edgesuite.net CNAME a1983.dscd.akamai.net A 23.223.195.194 |
TCP
| 源地址 | 源端口 | 目标地址 | 目标端口 |
|---|---|---|---|
| 192.168.122.201 | 49160 | 23.223.195.194 acroipm.adobe.com | 80 |
UDP
| 源地址 | 源端口 | 目标地址 | 目标端口 |
|---|---|---|---|
| 192.168.122.201 | 59401 | 192.168.122.1 | 53 |
HTTP 请求
| URI | HTTP数据 |
|---|---|
| URL专业沙箱检测 -> http://acroipm.adobe.com/11/rdr/CHS/win/nooem/none/message.zip | GET /11/rdr/CHS/win/nooem/none/message.zip HTTP/1.1 Accept: */* If-Modified-Since: Mon, 08 Nov 2017 08:44:36 GMT User-Agent: IPM Host: acroipm.adobe.com Connection: Keep-Alive Cache-Control: no-cache |
SMTP 流量
无SMTP流量.
IRC 流量
无IRC请求.
ICMP 流量
无ICMP流量.
CIF 报告
无 CIF 结果
网络警报
无警报
TLS
No TLS
Suricata HTTP
No Suricata HTTP
未发现网络提取文件
抱歉! 没有任何文件投放。
没有发现相似的分析.
| HTML 总结报告 (需15-60分钟同步) |
下载 |
|---|
Processing ( 16.193 seconds )
- 10.771 Suricata
- 2.55 VirusTotal
- 0.955 Static
- 0.762 NetworkAnalysis
- 0.428 peid
- 0.333 AnalysisInfo
- 0.287 TargetInfo
- 0.092 BehaviorAnalysis
- 0.012 Strings
- 0.002 Memory
- 0.001 config_decoder
Signatures ( 1.452 seconds )
- 1.319 md_url_bl
- 0.019 antiav_detectreg
- 0.011 infostealer_ftp
- 0.01 md_domain_bl
- 0.007 infostealer_bitcoin
- 0.007 ransomware_files
- 0.006 ransomware_extensions
- 0.005 anomaly_persistence_autorun
- 0.005 antiav_detectfile
- 0.005 infostealer_im
- 0.005 network_http
- 0.004 api_spamming
- 0.004 antianalysis_detectreg
- 0.004 geodo_banking_trojan
- 0.004 disables_browser_warn
- 0.003 stealth_decoy_document
- 0.003 stealth_timeout
- 0.003 infostealer_mail
- 0.003 network_torgateway
- 0.002 tinba_behavior
- 0.002 antivm_vbox_files
- 0.002 network_cnc_http
- 0.001 rat_nanocore
- 0.001 betabot_behavior
- 0.001 kibex_behavior
- 0.001 cerber_behavior
- 0.001 antivm_parallels_keys
- 0.001 antivm_xen_keys
- 0.001 bot_drive
- 0.001 bot_drive2
- 0.001 browser_security
- 0.001 modify_proxy
- 0.001 disables_system_restore
- 0.001 disables_windows_defender
- 0.001 maldun_malicious_drop_executable_file_to_temp_folder
- 0.001 md_bad_drop
- 0.001 rat_pcclient
- 0.001 rat_spynet
- 0.001 recon_fingerprint
- 0.001 stealth_hide_notifications
- 0.001 stealth_modify_uac_prompt
Reporting ( 0.524 seconds )
- 0.522 ReportHTMLSummary
- 0.002 Malheur
| Task ID | 584195 |
|---|---|
| Mongo ID | 5f9c08be7e769a0a900910db |
| Cuckoo release | 1.4-Maldun |
沪公网安备 31011502009736号