恶意软件分析 & URL链接扫描免费在线病毒分析平台

分析任务

分析类型	虚拟机标签	开始时间	结束时间	持续时间
文件 (Windows)	win7-sp1-x64-shaapp02-1	2021-01-20 13:00:15	2021-01-20 13:00:18	3 秒

魔盾分数

10.0

危险的

文件详细信息

文件名	黑鲨-V11.22.20.exe
文件大小	21917696 字节
文件类型	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	0871e61579d24d0ae150818986752727
SHA1	e1bd1c3b0b2cc6f2157dcf72576c9a872028d90c
SHA256	82a627dde31e43d61adf218b3bbf68880ed4c7f1946a84a2da6744689b3ff13f
SHA512	c718348fd298d917aead91149af87d219d8b6d7ec0bf18343ee1b78352f0adbc1455ef7ed9d4a989f31c99a1c33c18ba8e47b93128431f7b2e66dce8a49f3ceb
CRC32	2AA635F6
Ssdeep	393216:cyrwAhMBQVkHqG3oJOX4qZw1LLF6lR33CSnK4+iLXp:RKQVkKG1fZK0lR3bHXp
Yara	登录查看Yara规则
	样本下载提交误报

登录查看威胁特征

运行截图

没有可用的屏幕截图

访问主机纪录 (可点击查询WPING实时安全评级)

无主机纪录.

域名解析 (可点击查询WPING实时安全评级)

无域名信息.

摘要

登录查看详细行为信息

PE 信息

初始地址	0x00400000
入口地址	0x0071ca1d
声明校验值	0x00000000
最低操作系统版本要求	4.0
编译时间	2021-01-19 21:39:12
载入哈希	537bd76d3dd80c5b8a4ceb79c66abfe9

PE 数据组成

名称	虚拟地址	虚拟大小	原始数据大小	特征	熵(Entropy)
.text	0x00001000	0x0033da36	0x0033e000	IMAGE_SCN_CNT_CODE\|IMAGE_SCN_MEM_EXECUTE\|IMAGE_SCN_MEM_READ	6.24
.rdata	0x0033f000	0x01136b32	0x01137000	IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ	7.67
.data	0x01476000	0x000ad26a	0x0006b000	IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE	5.48
.rsrc	0x01524000	0x00005ad0	0x00006000	IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ	4.32

导入

库: user32.dll:

• 0x73f998 CreateWindowExA

• 0x73f99c MessageBoxA

• 0x73f9a0 SetPropA

• 0x73f9a4 EnumChildWindows

• 0x73f9a8 SendMessageA

• 0x73f9ac GetMessageA

• 0x73f9b0 GetAncestor

• 0x73f9b4 EnumWindows

• 0x73f9b8 TranslateMessage

• 0x73f9bc GetClassNameA

• 0x73f9c0 GetWindowLongA

• 0x73f9c4 GetWindowRect

• 0x73f9c8 GetDC

• 0x73f9cc UpdateLayeredWindow

• 0x73f9d0 ReleaseDC

• 0x73f9d4 IsWindow

• 0x73f9d8 ShowWindow

• 0x73f9dc CallWindowProcA

• 0x73f9e0 TrackMouseEvent

• 0x73f9e4 GetPropA

• 0x73f9e8 wsprintfA

• 0x73f9ec GetSystemMetrics

• 0x73f9f0 GetCursorPos

• 0x73f9f4 CloseClipboard

• 0x73f9f8 GetClipboardData

• 0x73f9fc OpenClipboard

• 0x73fa00 DispatchMessageA

• 0x73fa04 PeekMessageA

库: kernel32.dll:

• 0x73f814 GetEnvironmentStringsW

• 0x73f818 FreeEnvironmentStringsA

• 0x73f81c DeleteCriticalSection

• 0x73f820 FreeEnvironmentStringsW

• 0x73f824 GetEnvironmentStrings

• 0x73f828 GetStartupInfoA

• 0x73f82c GetFileType

• 0x73f830 GetStdHandle

• 0x73f834 WriteFile

• 0x73f838 GetCPInfo

• 0x73f83c GetOEMCP

• 0x73f840 GetACP

• 0x73f844 GetCommandLineA

• 0x73f848 GetVersion

• 0x73f84c RtlUnwind

• 0x73f850 TerminateProcess

• 0x73f854 HeapReAlloc

• 0x73f858 LeaveCriticalSection

• 0x73f85c EnterCriticalSection

• 0x73f860 InitializeCriticalSection

• 0x73f864 GetStringTypeA

• 0x73f868 GetStringTypeW

• 0x73f86c InterlockedDecrement

• 0x73f870 InterlockedIncrement

• 0x73f874 SetFilePointer

• 0x73f878 SetUnhandledExceptionFilter

• 0x73f87c IsBadCodePtr

• 0x73f880 LCMapStringW

• 0x73f884 SetStdHandle

• 0x73f888 GetCurrentProcess

• 0x73f88c FlushFileBuffers

• 0x73f890 IsBadWritePtr

• 0x73f894 RaiseException

• 0x73f898 HeapCreate

• 0x73f89c HeapDestroy

• 0x73f8a0 GetVersionExA

• 0x73f8a4 LCMapStringA

• 0x73f8a8 LoadLibraryA

• 0x73f8ac SetHandleCount

• 0x73f8b0 GetCurrentDirectoryA

• 0x73f8b4 GetLocalTime

• 0x73f8b8 Sleep

• 0x73f8bc GetFileSize

• 0x73f8c0 ReadFile

• 0x73f8c4 GetTempPathA

• 0x73f8c8 GetTickCount

• 0x73f8cc CreateFileA

• 0x73f8d0 FreeLibrary

• 0x73f8d4 CloseHandle

• 0x73f8d8 GetModuleFileNameA

• 0x73f8dc IsBadReadPtr

• 0x73f8e0 HeapFree

• 0x73f8e4 GetEnvironmentVariableA

• 0x73f8e8 HeapAlloc

• 0x73f8ec ExitProcess

• 0x73f8f0 GetProcessHeap

• 0x73f8f4 VirtualFree

• 0x73f8f8 VirtualAlloc

• 0x73f8fc GetProcAddress

• 0x73f900 LoadLibraryW

• 0x73f904 MapViewOfFile

• 0x73f908 CreateFileMappingA

• 0x73f90c VirtualProtectEx

• 0x73f910 WideCharToMultiByte

• 0x73f914 LocalAlloc

• 0x73f918 LocalSize

• 0x73f91c lstrlenW

• 0x73f920 GlobalFree

• 0x73f924 MultiByteToWideChar

• 0x73f928 GlobalUnlock

• 0x73f92c GlobalLock

• 0x73f930 GlobalAlloc

• 0x73f934 LocalFree

• 0x73f938 RtlMoveMemory

• 0x73f93c GetModuleHandleA

• 0x73f940 GetCurrentThreadId

• 0x73f944 TlsSetValue

• 0x73f948 TlsAlloc

• 0x73f94c TlsFree

• 0x73f950 SetLastError

• 0x73f954 TlsGetValue

• 0x73f958 GetLastError

库: gdi32.dll:

• 0x73f79c SelectObject

• 0x73f7a0 CreateCompatibleDC

• 0x73f7a4 DeleteDC

• 0x73f7a8 CreateDIBSection

• 0x73f7ac DeleteObject

库: gdiplus.dll:

• 0x73f7b4 GdipSetSolidFillColor

• 0x73f7b8 GdipCreateFromHDC

• 0x73f7bc GdipCreateBitmapFromScan0

• 0x73f7c0 GdipGetImageGraphicsContext

• 0x73f7c4 GdipSetSmoothingMode

• 0x73f7c8 GdipGetImageHeight

• 0x73f7cc GdipGetImageWidth

• 0x73f7d0 GdiplusStartup

• 0x73f7d4 GdipGetRegionBounds

• 0x73f7d8 GdipSetTextRenderingHint

• 0x73f7dc GdipDeletePen

• 0x73f7e0 GdipDrawRectangleI

• 0x73f7e4 GdipDeleteBrush

• 0x73f7e8 GdipLoadImageFromFile

• 0x73f7ec GdipCreateSolidFill

• 0x73f7f0 GdipDisposeImage

• 0x73f7f4 GdipLoadImageFromStream

库: ole32.dll:

• 0x73f960 CreateStreamOnHGlobal

• 0x73f964 OleRun

• 0x73f968 CoCreateInstance

• 0x73f96c CLSIDFromString

• 0x73f970 OleUninitialize

• 0x73f974 OleInitialize

• 0x73f978 CLSIDFromString

• 0x73f97c CLSIDFromProgID

库: imm32.dll:

• 0x73f7fc ImmAssociateContext

• 0x73f800 ImmGetContext

• 0x73f804 ImmGetCompositionStringW

• 0x73f808 ImmReleaseContext

• 0x73f80c ImmSetCompositionWindow

库: shell32.dll:

• 0x73f984 SHAppBarMessage

• 0x73f988 ShellExecuteA

库: shlwapi.dll:

• 0x73f990 PathFileExistsA

库: winmm.dll:

• 0x73fa0c PlaySoundA

库: WINMM.dll:

• 0x73f6fc midiOutUnprepareHeader

• 0x73f700 midiStreamOpen

• 0x73f704 midiStreamProperty

• 0x73f708 midiOutPrepareHeader

• 0x73f70c midiStreamOut

• 0x73f710 waveOutUnprepareHeader

• 0x73f714 waveOutPrepareHeader

• 0x73f718 waveOutWrite

• 0x73f71c waveOutOpen

• 0x73f720 waveOutPause

• 0x73f724 waveOutReset

• 0x73f728 waveOutClose

• 0x73f72c waveOutGetNumDevs

• 0x73f730 midiStreamStop

• 0x73f734 midiOutReset

• 0x73f738 midiStreamClose

• 0x73f73c midiStreamRestart

库: WS2_32.dll:

• 0x73f754 WSAAsyncSelect

• 0x73f758 closesocket

• 0x73f75c send

• 0x73f760 select

• 0x73f764 WSACleanup

• 0x73f768 WSAStartup

• 0x73f76c inet_ntoa

• 0x73f770 recvfrom

• 0x73f774 ioctlsocket

• 0x73f778 recv

• 0x73f77c getpeername

• 0x73f780 accept

库: RASAPI32.dll:

• 0x73f438 RasGetConnectStatusA

• 0x73f43c RasHangUpA

库: KERNEL32.dll:

• 0x73f188 GetStdHandle

• 0x73f18c SetHandleCount

• 0x73f190 GetEnvironmentStringsW

• 0x73f194 GetEnvironmentStrings

• 0x73f198 FreeEnvironmentStringsW

• 0x73f19c FreeEnvironmentStringsA

• 0x73f1a0 UnhandledExceptionFilter

• 0x73f1a4 SetStdHandle

• 0x73f1a8 GetACP

• 0x73f1ac HeapSize

• 0x73f1b0 RaiseException

• 0x73f1b4 GetSystemTime

• 0x73f1b8 RtlUnwind

• 0x73f1bc GetStartupInfoA

• 0x73f1c0 GetOEMCP

• 0x73f1c4 GetCPInfo

• 0x73f1c8 GetEnvironmentVariableA

• 0x73f1cc SetErrorMode

• 0x73f1d0 GlobalFlags

• 0x73f1d4 GetCurrentThread

• 0x73f1d8 GetFileTime

• 0x73f1dc TlsGetValue

• 0x73f1e0 LocalReAlloc

• 0x73f1e4 TlsSetValue

• 0x73f1e8 TlsFree

• 0x73f1ec GlobalHandle

• 0x73f1f0 TlsAlloc

• 0x73f1f4 LocalAlloc

• 0x73f1f8 GlobalGetAtomNameA

• 0x73f1fc GlobalAddAtomA

• 0x73f200 GlobalFindAtomA

• 0x73f204 GlobalDeleteAtom

• 0x73f208 HeapDestroy

• 0x73f20c HeapCreate

• 0x73f210 VirtualFree

• 0x73f214 SetEnvironmentVariableA

• 0x73f218 LCMapStringA

• 0x73f21c CloseHandle

• 0x73f220 WaitForSingleObject

• 0x73f224 CreateProcessA

• 0x73f228 GetTickCount

• 0x73f22c GetCommandLineA

• 0x73f230 MulDiv

• 0x73f234 GetProcAddress

• 0x73f238 GetModuleHandleA

• 0x73f23c GetVolumeInformationA

• 0x73f240 SetCurrentDirectoryA

• 0x73f244 GetCurrentDirectoryA

• 0x73f248 CreateDirectoryA

• 0x73f24c DeleteFileA

• 0x73f250 GetFileAttributesA

• 0x73f254 SetFileAttributesA

• 0x73f258 FindClose

• 0x73f25c FindFirstFileA

• 0x73f260 GetTempPathA

• 0x73f264 GlobalUnlock

• 0x73f268 GlobalLock

• 0x73f26c GlobalAlloc

• 0x73f270 ExpandEnvironmentStringsA

• 0x73f274 Sleep

• 0x73f278 CreateEventA

• 0x73f27c CreateThread

• 0x73f280 GetPrivateProfileStringA

• 0x73f284 WritePrivateProfileStringA

• 0x73f288 GetVersionExA

• 0x73f28c GetLastError

• 0x73f290 LoadLibraryA

• 0x73f294 FreeLibrary

• 0x73f298 GetFullPathNameA

• 0x73f29c GetUserDefaultLCID

• 0x73f2a0 HeapAlloc

• 0x73f2a4 GetProcessHeap

• 0x73f2a8 HeapReAlloc

• 0x73f2ac HeapFree

• 0x73f2b0 GlobalReAlloc

• 0x73f2b4 FindNextFileA

• 0x73f2b8 lstrcpyA

• 0x73f2bc WinExec

• 0x73f2c0 lstrlenA

• 0x73f2c4 lstrcatA

• 0x73f2c8 InitializeCriticalSection

• 0x73f2cc DeleteCriticalSection

• 0x73f2d0 GlobalFree

• 0x73f2d4 GlobalSize

• 0x73f2d8 ExitProcess

• 0x73f2dc GetCurrentThreadId

• 0x73f2e0 GetModuleFileNameA

• 0x73f2e4 RemoveDirectoryA

• 0x73f2e8 lstrlenW

• 0x73f2ec ReadFile

• 0x73f2f0 LockResource

• 0x73f2f4 LoadResource

• 0x73f2f8 FindResourceA

• 0x73f2fc SetEvent

• 0x73f300 CreateFileA

• 0x73f304 WaitForMultipleObjects

• 0x73f308 WriteFile

• 0x73f30c GetProfileStringA

• 0x73f310 LeaveCriticalSection

• 0x73f314 EnterCriticalSection

• 0x73f318 ReleaseSemaphore

• 0x73f31c ResumeThread

• 0x73f320 CreateSemaphoreA

• 0x73f324 GetSystemDirectoryA

• 0x73f328 GetWindowsDirectoryA

• 0x73f32c GetCurrentProcess

• 0x73f330 MultiByteToWideChar

• 0x73f334 WideCharToMultiByte

• 0x73f338 IsDBCSLeadByte

• 0x73f33c lstrcmpA

• 0x73f340 lstrcmpiA

• 0x73f344 lstrcpynA

• 0x73f348 FileTimeToSystemTime

• 0x73f34c FileTimeToLocalFileTime

• 0x73f350 SetFilePointer

• 0x73f354 GetFileSize

• 0x73f358 GetFileType

• 0x73f35c DuplicateHandle

• 0x73f360 SystemTimeToFileTime

• 0x73f364 GetLocalTime

• 0x73f368 DosDateTimeToFileTime

• 0x73f36c SetFileTime

• 0x73f370 Process32Next

• 0x73f374 Process32First

• 0x73f378 CreateToolhelp32Snapshot

• 0x73f37c TerminateProcess

• 0x73f380 OpenProcess

• 0x73f384 SetLastError

• 0x73f388 GetTimeZoneInformation

• 0x73f38c GetVersion

• 0x73f390 InterlockedIncrement

• 0x73f394 InterlockedDecrement

• 0x73f398 GetSystemInfo

• 0x73f39c IsProcessorFeaturePresent

• 0x73f3a0 LCMapStringW

• 0x73f3a4 VirtualAlloc

• 0x73f3a8 IsBadWritePtr

• 0x73f3ac SetUnhandledExceptionFilter

• 0x73f3b0 GetStringTypeA

• 0x73f3b4 GetStringTypeW

• 0x73f3b8 CompareStringA

• 0x73f3bc CompareStringW

• 0x73f3c0 IsBadReadPtr

• 0x73f3c4 IsBadCodePtr

• 0x73f3c8 InterlockedExchange

• 0x73f3cc SetEndOfFile

• 0x73f3d0 UnlockFile

• 0x73f3d4 LockFile

• 0x73f3d8 FlushFileBuffers

• 0x73f3dc LocalFree

• 0x73f3e0 GetProcessVersion

库: USER32.dll:

• 0x73f454 DrawIconEx

• 0x73f458 CreateIconFromResource

• 0x73f45c CreateIconFromResourceEx

• 0x73f460 RegisterClipboardFormatA

• 0x73f464 SetRectEmpty

• 0x73f468 DispatchMessageA

• 0x73f46c GetMessageA

• 0x73f470 WindowFromPoint

• 0x73f474 DrawFocusRect

• 0x73f478 DrawEdge

• 0x73f47c DrawFrameControl

• 0x73f480 TranslateMessage

• 0x73f484 LoadIconA

• 0x73f488 GetForegroundWindow

• 0x73f48c UnregisterClassA

• 0x73f490 CharUpperA

• 0x73f494 GetDesktopWindow

• 0x73f498 GetClassNameA

• 0x73f49c GetWindowThreadProcessId

• 0x73f4a0 FindWindowA

• 0x73f4a4 GetDlgItem

• 0x73f4a8 FindWindowExA

• 0x73f4ac GetWindowTextA

• 0x73f4b0 SetWindowTextA

• 0x73f4b4 EqualRect

• 0x73f4b8 UpdateWindow

• 0x73f4bc CreatePopupMenu

• 0x73f4c0 InvalidateRect

• 0x73f4c4 GetClientRect

• 0x73f4c8 GetFocus

• 0x73f4cc GetParent

• 0x73f4d0 GetTopWindow

• 0x73f4d4 PostMessageA

• 0x73f4d8 IsWindow

• 0x73f4dc SetParent

• 0x73f4e0 DestroyCursor

• 0x73f4e4 SendMessageA

• 0x73f4e8 SetWindowPos

• 0x73f4ec MessageBoxA

• 0x73f4f0 GetCursorPos

• 0x73f4f4 GetSystemMetrics

• 0x73f4f8 EmptyClipboard

• 0x73f4fc SetClipboardData

• 0x73f500 OpenClipboard

• 0x73f504 GetClipboardData

• 0x73f508 CloseClipboard

• 0x73f50c wsprintfA

• 0x73f510 WaitForInputIdle

• 0x73f514 PostQuitMessage

• 0x73f518 IsZoomed

• 0x73f51c GetClassInfoA

• 0x73f520 DefWindowProcA

• 0x73f524 GetSystemMenu

• 0x73f528 DeleteMenu

• 0x73f52c GetMenu

• 0x73f530 SetMenu

• 0x73f534 PeekMessageA

• 0x73f538 IsIconic

• 0x73f53c SetFocus

• 0x73f540 GetActiveWindow

• 0x73f544 GetDlgCtrlID

• 0x73f548 AppendMenuA

• 0x73f54c ModifyMenuA

• 0x73f550 CreateMenu

• 0x73f554 ValidateRect

• 0x73f558 CreateAcceleratorTableA

• 0x73f55c GetWindowTextLengthA

• 0x73f560 GetWindowDC

• 0x73f564 BeginPaint

• 0x73f568 EndPaint

• 0x73f56c TabbedTextOutA

• 0x73f570 DrawTextA

• 0x73f574 GrayStringA

• 0x73f578 DestroyWindow

• 0x73f57c CreateDialogIndirectParamA

• 0x73f580 EndDialog

• 0x73f584 GetNextDlgTabItem

• 0x73f588 GetWindowPlacement

• 0x73f58c RegisterWindowMessageA

• 0x73f590 GetLastActivePopup

• 0x73f594 GetMessageTime

• 0x73f598 RemovePropA

• 0x73f59c CallWindowProcA

• 0x73f5a0 GetPropA

• 0x73f5a4 UnhookWindowsHookEx

• 0x73f5a8 SetPropA

• 0x73f5ac GetClassLongA

• 0x73f5b0 CallNextHookEx

• 0x73f5b4 SetWindowsHookExA

• 0x73f5b8 CreateWindowExA

• 0x73f5bc GetMenuItemID

• 0x73f5c0 GetMenuItemCount

• 0x73f5c4 RegisterClassA

• 0x73f5c8 GetScrollPos

• 0x73f5cc AdjustWindowRectEx

• 0x73f5d0 MapWindowPoints

• 0x73f5d4 SendDlgItemMessageA

• 0x73f5d8 ScrollWindowEx

• 0x73f5dc IsDialogMessageA

• 0x73f5e0 MoveWindow

• 0x73f5e4 CheckMenuItem

• 0x73f5e8 SetMenuItemBitmaps

• 0x73f5ec GetMenuState

• 0x73f5f0 GetMenuCheckMarkDimensions

• 0x73f5f4 LoadStringA

• 0x73f5f8 GetSysColorBrush

• 0x73f5fc GetSubMenu

• 0x73f600 DestroyAcceleratorTable

• 0x73f604 SetWindowRgn

• 0x73f608 GetMessagePos

• 0x73f60c ScreenToClient

• 0x73f610 ChildWindowFromPointEx

• 0x73f614 CopyRect

• 0x73f618 LoadBitmapA

• 0x73f61c WinHelpA

• 0x73f620 EnableMenuItem

• 0x73f624 ClientToScreen

• 0x73f628 EnumDisplaySettingsA

• 0x73f62c LoadImageA

• 0x73f630 SystemParametersInfoA

• 0x73f634 ShowWindow

• 0x73f638 IsWindowEnabled

• 0x73f63c TranslateAcceleratorA

• 0x73f640 GetKeyState

• 0x73f644 GetWindow

• 0x73f648 CopyAcceleratorTableA

• 0x73f64c KillTimer

• 0x73f650 SetTimer

• 0x73f654 ReleaseCapture

• 0x73f658 GetCapture

• 0x73f65c SetCapture

• 0x73f660 GetScrollRange

• 0x73f664 SetScrollRange

• 0x73f668 SetScrollPos

• 0x73f66c SetRect

• 0x73f670 InflateRect

• 0x73f674 IntersectRect

• 0x73f678 DestroyIcon

• 0x73f67c PtInRect

• 0x73f680 OffsetRect

• 0x73f684 IsWindowVisible

• 0x73f688 EnableWindow

• 0x73f68c RedrawWindow

• 0x73f690 GetWindowLongA

• 0x73f694 SetWindowLongA

• 0x73f698 GetSysColor

• 0x73f69c SetActiveWindow

• 0x73f6a0 SetCursorPos

• 0x73f6a4 LoadCursorA

• 0x73f6a8 SetCursor

• 0x73f6ac GetDC

• 0x73f6b0 FillRect

• 0x73f6b4 IsRectEmpty

• 0x73f6b8 ReleaseDC

• 0x73f6bc IsChild

• 0x73f6c0 DestroyMenu

• 0x73f6c4 SetForegroundWindow

• 0x73f6c8 GetWindowRect

库: GDI32.dll:

• 0x73f02c LineTo

• 0x73f030 MoveToEx

• 0x73f034 ExcludeClipRect

• 0x73f038 GetClipBox

• 0x73f03c ScaleWindowExtEx

• 0x73f040 SetWindowExtEx

• 0x73f044 SetWindowOrgEx

• 0x73f048 ScaleViewportExtEx

• 0x73f04c SetViewportExtEx

• 0x73f050 OffsetViewportOrgEx

• 0x73f054 SetViewportOrgEx

• 0x73f058 SetMapMode

• 0x73f05c SetTextColor

• 0x73f060 SetROP2

• 0x73f064 SetPolyFillMode

• 0x73f068 SetBkMode

• 0x73f06c RestoreDC

• 0x73f070 SaveDC

• 0x73f074 ExtSelectClipRgn

• 0x73f078 GetViewportExtEx

• 0x73f07c PtVisible

• 0x73f080 RectVisible

• 0x73f084 TextOutA

• 0x73f088 ExtTextOutA

• 0x73f08c Escape

• 0x73f090 GetTextMetricsA

• 0x73f094 GetTextExtentPoint32A

• 0x73f098 RoundRect

• 0x73f09c GetCurrentObject

• 0x73f0a0 DPtoLP

• 0x73f0a4 SetBkColor

• 0x73f0a8 CreateRectRgnIndirect

• 0x73f0ac CreateDIBSection

• 0x73f0b0 SetPixel

• 0x73f0b4 ExtCreateRegion

• 0x73f0b8 SetStretchBltMode

• 0x73f0bc GetClipRgn

• 0x73f0c0 CreatePolygonRgn

• 0x73f0c4 SelectClipRgn

• 0x73f0c8 DeleteObject

• 0x73f0cc CreateDIBitmap

• 0x73f0d0 GetSystemPaletteEntries

• 0x73f0d4 CreatePalette

• 0x73f0d8 StretchBlt

• 0x73f0dc SelectPalette

• 0x73f0e0 RealizePalette

• 0x73f0e4 GetDIBits

• 0x73f0e8 GetWindowExtEx

• 0x73f0ec GetViewportOrgEx

• 0x73f0f0 GetWindowOrgEx

• 0x73f0f4 BeginPath

• 0x73f0f8 EndPath

• 0x73f0fc PathToRegion

• 0x73f100 LPtoDP

• 0x73f104 Rectangle

• 0x73f108 Ellipse

• 0x73f10c CreateCompatibleDC

• 0x73f110 GetPixel

• 0x73f114 BitBlt

• 0x73f118 StartPage

• 0x73f11c StartDocA

• 0x73f120 DeleteDC

• 0x73f124 EndDoc

• 0x73f128 EndPage

• 0x73f12c GetObjectA

• 0x73f130 GetStockObject

• 0x73f134 CreateFontIndirectA

• 0x73f138 CreateSolidBrush

• 0x73f13c CreateEllipticRgn

• 0x73f140 CreateRoundRectRgn

• 0x73f144 GetTextColor

• 0x73f148 GetBkMode

• 0x73f14c GetBkColor

• 0x73f150 GetROP2

• 0x73f154 GetStretchBltMode

• 0x73f158 GetPolyFillMode

• 0x73f15c CreateCompatibleBitmap

• 0x73f160 CreateDCA

• 0x73f164 FillRgn

• 0x73f168 CreateRectRgn

• 0x73f16c CombineRgn

• 0x73f170 PatBlt

• 0x73f174 CreatePen

• 0x73f178 SelectObject

• 0x73f17c CreateBitmap

• 0x73f180 GetDeviceCaps

库: WINSPOOL.DRV:

• 0x73f744 DocumentPropertiesA

• 0x73f748 OpenPrinterA

• 0x73f74c ClosePrinter

库: ADVAPI32.dll:

• 0x73f000 RegCreateKeyExA

• 0x73f004 RegOpenKeyA

• 0x73f008 RegQueryValueA

• 0x73f00c RegCloseKey

• 0x73f010 RegQueryValueExA

• 0x73f014 RegOpenKeyExA

• 0x73f018 RegSetValueExA

库: SHELL32.dll:

• 0x73f444 SHGetSpecialFolderPathA

• 0x73f448 Shell_NotifyIconA

• 0x73f44c ShellExecuteA

库: OLEAUT32.dll:

• 0x73f3e8 UnRegisterTypeLib

• 0x73f3ec LoadTypeLib

• 0x73f3f0 LHashValOfNameSys

• 0x73f3f4 RegisterTypeLib

• 0x73f3f8 SafeArrayPutElement

• 0x73f3fc SafeArrayCreate

• 0x73f400 SafeArrayDestroy

• 0x73f404 SysAllocString

• 0x73f408 VariantInit

• 0x73f40c VariantCopyInd

• 0x73f410 SafeArrayGetElement

• 0x73f414 SafeArrayAccessData

• 0x73f418 SafeArrayUnaccessData

• 0x73f41c SafeArrayGetDim

• 0x73f420 SafeArrayGetLBound

• 0x73f424 VariantChangeType

• 0x73f428 VariantClear

• 0x73f42c VariantCopy

• 0x73f430 SafeArrayGetUBound

库: COMCTL32.dll:

• 0x73f020 ImageList_Destroy

• 0x73f024 None

库: WININET.dll:

• 0x73f6d0 InternetCloseHandle

• 0x73f6d4 InternetOpenA

• 0x73f6d8 InternetSetOptionA

• 0x73f6dc InternetConnectA

• 0x73f6e0 InternetReadFile

• 0x73f6e4 HttpQueryInfoA

• 0x73f6e8 HttpSendRequestA

• 0x73f6ec HttpOpenRequestA

• 0x73f6f0 InternetCrackUrlA

• 0x73f6f4 InternetCanonicalizeUrlA

库: comdlg32.dll:

• 0x73f788 GetSaveFileNameA

• 0x73f78c GetOpenFileNameA

• 0x73f790 ChooseColorA

• 0x73f794 GetFileTitleA

K$qYM"qRichXM"q
.text
`.rdata
@.data
.rsrc
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end

没有防病毒引擎扫描信息!

访问主机纪录 (可点击查询WPING实时安全评级)

无主机纪录.

TCP

无TCP连接纪录.

UDP

无UDP连接纪录.

域名解析 (可点击查询WPING实时安全评级)

无域名信息.

TCP

无TCP连接纪录.

UDP

无UDP连接纪录.

HTTP 请求

未发现HTTP请求.

SMTP 流量

无SMTP流量.

IRC 流量

无IRC请求.

ICMP 流量

无ICMP流量.

CIF 报告

无 CIF 结果

网络警报

无警报

TLS

No TLS

Suricata HTTP

No Suricata HTTP

未发现网络提取文件

抱歉! 没有任何文件投放。

没有发现相似的分析.

HTML 总结报告 (需15-60分钟同步)	下载

Processing ( 40.808 seconds )

36.169 Static
4.219 TargetInfo
0.325 peid
0.067 config_decoder
0.014 Strings
0.01 AnalysisInfo
0.002 BehaviorAnalysis
0.002 Memory

Signatures ( 0.078 seconds )

0.013 antiav_detectreg
0.009 md_url_bl
0.008 md_domain_bl
0.005 anomaly_persistence_autorun
0.005 antiav_detectfile
0.005 infostealer_ftp
0.004 ransomware_extensions
0.004 ransomware_files
0.003 infostealer_bitcoin
0.003 infostealer_im
0.002 tinba_behavior
0.002 antianalysis_detectreg
0.002 antivm_vbox_files
0.002 disables_browser_warn
0.002 infostealer_mail
0.001 rat_nanocore
0.001 cerber_behavior
0.001 geodo_banking_trojan
0.001 bot_drive
0.001 bot_drive2
0.001 browser_security
0.001 modify_proxy
0.001 maldun_malicious_drop_executable_file_to_temp_folder
0.001 md_bad_drop

Reporting ( 0.502 seconds )

0.456 ReportHTMLSummary
0.046 Malheur


Task ID	614683
Mongo ID	6007b92fdc327b57a9e206d3
Cuckoo release	1.4-Maldun