比较分析...

分析任务

分析类型 虚拟机标签 开始时间 结束时间 持续时间
文件 (Windows) win7-sp1-x64-shaapp02-1 2021-03-21 14:53:34 2021-03-21 14:53:36 2 秒

魔盾分数

10.0

危险的

文件详细信息

文件名 DefenderControl.exe
文件大小 5779968 字节
文件类型 PE32 executable (GUI) Intel 80386, for MS Windows
MD5 837df3fee75d044b5f65720b391304de
SHA1 41d9893330bf534ca9740ccaae33ed5964127ed1
SHA256 eceae15265d3064b45e4c91b3438a2e8098c79bc59110a65d64a8488c8876e05
SHA512 ca1de67980e69689e222374986318be3601f8979f36302abf0819fd833ff7aa79178aa4362414ce4882e223b73c7f6e9ea423b363ce975170c843ddab2003ab1
CRC32 0DDECD0D
Ssdeep 98304:xnsmtk2ahWm2AFjHzeHD4iIsM9hpJxdTb9jR1cc1tv5mo1vNjZeT:NLi2kjGBipfdTb9FGm5FVN8
Yara 登录查看Yara规则
样本下载 提交误报
登录查看威胁特征

运行截图

没有可用的屏幕截图

访问主机纪录 (可点击查询WPING实时安全评级)

无主机纪录.

域名解析 (可点击查询WPING实时安全评级)

无域名信息.

摘要

登录查看详细行为信息

PE 信息

初始地址 0x00400000
入口地址 0x00841f6c
声明校验值 0x00000000
实际校验值 0x0058b6b5
最低操作系统版本要求 5.0
编译时间 1992-06-20 06:22:17
载入哈希 8ffae6f3f8317d4945633b4668415f4f
导出DLL库名称 \x37\x39\x38

版本信息

LegalCopyright
InternalName
FileVersion
CompanyName
LegalTrademarks
Comments
ProductName
ProductVersion
FileDescription
OriginalFilename
Translation

PE 数据组成

名称 虚拟地址 虚拟大小 原始数据大小 特征 熵(Entropy)
CODE 0x00001000 0x00099bec 0x00099c00 IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 6.57
DATA 0x0009b000 0x00002e54 0x00003000 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 4.85
BSS 0x0009e000 0x000011e5 0x00000000 IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 0.00
.idata 0x000a0000 0x00002a42 0x00002c00 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 4.92
.tls 0x000a3000 0x00000010 0x00000000 IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 0.00
.rdata 0x000a4000 0x00000039 0x00000200 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_SHARED|IMAGE_SCN_MEM_READ 0.78
ezdun0 0x000a5000 0x00228b17 0x00228c00 IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 7.70
ezdun1 0x002ce000 0x001da0b0 0x001da200 IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 7.68
.rsrc 0x004a9000 0x000e05e8 0x000e0600 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_SHARED|IMAGE_SCN_MEM_READ 6.90

导入

库: kernel32.dll:
0x78b010 VirtualFree
0x78b014 VirtualAlloc
0x78b018 LocalFree
0x78b01c LocalAlloc
0x78b020 GetTickCount
0x78b028 GetVersion
0x78b02c GetCurrentThreadId
0x78b038 VirtualQuery
0x78b03c WideCharToMultiByte
0x78b044 MultiByteToWideChar
0x78b048 lstrlenA
0x78b04c lstrcpynA
0x78b050 LoadLibraryExA
0x78b054 GetThreadLocale
0x78b058 GetStartupInfoA
0x78b05c GetProcAddress
0x78b060 GetModuleHandleA
0x78b064 GetModuleFileNameA
0x78b068 GetLocaleInfoA
0x78b06c GetLastError
0x78b074 GetCommandLineA
0x78b078 FreeLibrary
0x78b07c FindFirstFileA
0x78b080 FindClose
0x78b084 ExitProcess
0x78b088 ExitThread
0x78b08c CreateThread
0x78b090 WriteFile
0x78b098 SetFilePointer
0x78b09c SetEndOfFile
0x78b0a0 RtlUnwind
0x78b0a4 ReadFile
0x78b0a8 RaiseException
0x78b0ac GetStdHandle
0x78b0b0 GetFileSize
0x78b0b4 GetFileType
0x78b0b8 CreateFileA
0x78b0bc CloseHandle
库: user32.dll:
0x78b0c4 GetKeyboardType
0x78b0c8 LoadStringA
0x78b0cc MessageBoxA
0x78b0d0 CharNextA
库: advapi32.dll:
0x78b0d8 RegQueryValueExA
0x78b0dc RegOpenKeyExA
0x78b0e0 RegCloseKey
库: oleaut32.dll:
0x78b0e8 SysFreeString
0x78b0ec SysReAllocStringLen
0x78b0f0 SysAllocStringLen
库: kernel32.dll:
0x78b0f8 TlsSetValue
0x78b0fc TlsGetValue
0x78b100 LocalAlloc
0x78b104 GetModuleHandleA
库: advapi32.dll:
0x78b10c RegSetValueExA
0x78b110 RegQueryValueExA
0x78b114 RegOpenKeyExA
0x78b11c RegFlushKey
0x78b120 RegDeleteValueA
0x78b124 RegCreateKeyExA
0x78b128 RegCloseKey
0x78b12c OpenProcessToken
0x78b134 GetUserNameA
库: kernel32.dll:
0x78b140 lstrcpyA
0x78b148 WriteFile
0x78b14c WaitForSingleObject
0x78b154 VirtualQuery
0x78b158 VirtualAlloc
0x78b15c UpdateResourceA
0x78b160 UnmapViewOfFile
0x78b164 TerminateProcess
0x78b168 Sleep
0x78b16c SizeofResource
0x78b170 SetThreadLocale
0x78b174 SetFilePointer
0x78b178 SetFileAttributesA
0x78b17c SetEvent
0x78b180 SetErrorMode
0x78b184 SetEndOfFile
0x78b188 ResumeThread
0x78b18c ResetEvent
0x78b190 RemoveDirectoryA
0x78b194 ReadFile
0x78b198 OpenProcess
0x78b19c OpenMutexA
0x78b1a0 MultiByteToWideChar
0x78b1a4 MulDiv
0x78b1a8 MoveFileA
0x78b1ac MapViewOfFile
0x78b1b0 LockResource
0x78b1b4 LoadResource
0x78b1b8 LoadLibraryA
0x78b1c4 GlobalUnlock
0x78b1c8 GlobalReAlloc
0x78b1cc GlobalHandle
0x78b1d0 GlobalLock
0x78b1d4 GlobalFree
0x78b1d8 GlobalFindAtomA
0x78b1dc GlobalDeleteAtom
0x78b1e0 GlobalAlloc
0x78b1e4 GlobalAddAtomA
0x78b1e8 GetVersionExA
0x78b1ec GetVersion
0x78b1f4 GetTickCount
0x78b1f8 GetThreadLocale
0x78b1fc GetTempPathA
0x78b200 GetTempFileNameA
0x78b204 GetSystemInfo
0x78b208 GetSystemDirectoryA
0x78b20c GetStringTypeExA
0x78b210 GetStdHandle
0x78b214 GetProcAddress
0x78b21c GetModuleHandleA
0x78b220 GetModuleFileNameA
0x78b224 GetLogicalDrives
0x78b228 GetLocaleInfoA
0x78b22c GetLocalTime
0x78b230 GetLastError
0x78b234 GetFullPathNameA
0x78b238 GetFileSize
0x78b23c GetFileAttributesA
0x78b240 GetExitCodeThread
0x78b244 GetDriveTypeA
0x78b248 GetDiskFreeSpaceA
0x78b24c GetDateFormatA
0x78b250 GetCurrentThreadId
0x78b254 GetCurrentProcessId
0x78b258 GetCurrentProcess
0x78b25c GetComputerNameA
0x78b260 GetCPInfo
0x78b264 GetACP
0x78b268 FreeResource
0x78b270 InterlockedExchange
0x78b278 FreeLibrary
0x78b27c FormatMessageA
0x78b280 FindResourceA
0x78b284 FindNextFileA
0x78b288 FindFirstFileA
0x78b28c FindClose
0x78b298 EnumCalendarInfoA
0x78b2a0 EndUpdateResourceA
0x78b2a4 DeleteFileA
0x78b2ac CreateThread
0x78b2b0 CreateProcessA
0x78b2b4 CreatePipe
0x78b2b8 CreateMutexA
0x78b2bc CreateFileMappingA
0x78b2c0 CreateFileA
0x78b2c4 CreateEventA
0x78b2c8 CreateDirectoryA
0x78b2cc CopyFileA
0x78b2d0 CompareStringA
0x78b2d4 CloseHandle
库: version.dll:
0x78b2e0 VerQueryValueA
0x78b2e8 GetFileVersionInfoA
库: gdi32.dll:
0x78b2f0 UnrealizeObject
0x78b2f4 StretchBlt
0x78b2f8 SetWindowOrgEx
0x78b2fc SetWinMetaFileBits
0x78b300 SetViewportOrgEx
0x78b304 SetTextColor
0x78b308 SetStretchBltMode
0x78b30c SetROP2
0x78b310 SetPixel
0x78b314 SetEnhMetaFileBits
0x78b318 SetDIBColorTable
0x78b31c SetBrushOrgEx
0x78b320 SetBkMode
0x78b324 SetBkColor
0x78b328 SelectPalette
0x78b32c SelectObject
0x78b330 SaveDC
0x78b334 RestoreDC
0x78b338 RectVisible
0x78b33c RealizePalette
0x78b340 PlayEnhMetaFile
0x78b344 PatBlt
0x78b348 MoveToEx
0x78b34c MaskBlt
0x78b350 LineTo
0x78b354 IntersectClipRect
0x78b358 GetWindowOrgEx
0x78b35c GetWinMetaFileBits
0x78b360 GetTextMetricsA
0x78b36c GetStockObject
0x78b370 GetPixel
0x78b374 GetPaletteEntries
0x78b378 GetObjectA
0x78b384 GetEnhMetaFileBits
0x78b388 GetDeviceCaps
0x78b38c GetDIBits
0x78b390 GetDIBColorTable
0x78b394 GetDCOrgEx
0x78b39c GetClipBox
0x78b3a0 GetBrushOrgEx
0x78b3a4 GetBitmapBits
0x78b3a8 GdiFlush
0x78b3ac ExcludeClipRect
0x78b3b0 DeleteObject
0x78b3b4 DeleteEnhMetaFile
0x78b3b8 DeleteDC
0x78b3bc CreateSolidBrush
0x78b3c0 CreatePenIndirect
0x78b3c4 CreatePalette
0x78b3cc CreateFontIndirectA
0x78b3d0 CreateDIBitmap
0x78b3d4 CreateDIBSection
0x78b3d8 CreateCompatibleDC
0x78b3e0 CreateBrushIndirect
0x78b3e4 CreateBitmap
0x78b3e8 CopyEnhMetaFileA
0x78b3ec BitBlt
库: user32.dll:
0x78b3f4 CreateWindowExA
0x78b3f8 WindowFromPoint
0x78b3fc WinHelpA
0x78b400 WaitMessage
0x78b404 UpdateWindow
0x78b408 UnregisterClassA
0x78b40c UnhookWindowsHookEx
0x78b410 TranslateMessage
0x78b418 TrackPopupMenu
0x78b41c ToAsciiEx
0x78b424 ShowWindow
0x78b428 ShowScrollBar
0x78b42c ShowOwnedPopups
0x78b430 ShowCursor
0x78b434 SetWindowsHookExA
0x78b438 SetWindowTextA
0x78b43c SetWindowPos
0x78b440 SetWindowPlacement
0x78b444 SetWindowLongA
0x78b448 SetTimer
0x78b44c SetScrollRange
0x78b450 SetScrollPos
0x78b454 SetScrollInfo
0x78b458 SetRect
0x78b45c SetPropA
0x78b460 SetParent
0x78b464 SetMenuItemInfoA
0x78b468 SetMenu
0x78b46c SetForegroundWindow
0x78b470 SetFocus
0x78b474 SetCursor
0x78b478 SetClassLongA
0x78b47c SetCapture
0x78b480 SetActiveWindow
0x78b484 SendMessageA
0x78b488 ScrollWindow
0x78b48c ScreenToClient
0x78b490 RemovePropA
0x78b494 RemoveMenu
0x78b498 ReleaseDC
0x78b49c ReleaseCapture
0x78b4a8 RegisterClassA
0x78b4ac RedrawWindow
0x78b4b0 PtInRect
0x78b4b4 PostQuitMessage
0x78b4b8 PostMessageA
0x78b4bc PeekMessageA
0x78b4c0 OffsetRect
0x78b4c4 OemToCharA
0x78b4cc MessageBoxA
0x78b4d0 MapWindowPoints
0x78b4d4 MapVirtualKeyExA
0x78b4d8 MapVirtualKeyA
0x78b4dc LoadStringA
0x78b4e0 LoadKeyboardLayoutA
0x78b4e4 LoadIconA
0x78b4e8 LoadCursorA
0x78b4ec LoadBitmapA
0x78b4f0 KillTimer
0x78b4f4 IsZoomed
0x78b4f8 IsWindowVisible
0x78b4fc IsWindowEnabled
0x78b500 IsWindow
0x78b504 IsRectEmpty
0x78b508 IsIconic
0x78b50c IsDialogMessageA
0x78b510 IsChild
0x78b514 InvalidateRect
0x78b518 IntersectRect
0x78b51c InsertMenuItemA
0x78b520 InsertMenuA
0x78b524 InflateRect
0x78b530 GetWindowTextA
0x78b534 GetWindowRect
0x78b538 GetWindowPlacement
0x78b53c GetWindowLongA
0x78b540 GetWindowDC
0x78b544 GetTopWindow
0x78b548 GetSystemMetrics
0x78b54c GetSystemMenu
0x78b550 GetSysColorBrush
0x78b554 GetSysColor
0x78b558 GetSubMenu
0x78b55c GetScrollRange
0x78b560 GetScrollPos
0x78b564 GetScrollInfo
0x78b568 GetPropA
0x78b56c GetParent
0x78b570 GetWindow
0x78b574 GetMenuStringA
0x78b578 GetMenuState
0x78b57c GetMenuItemInfoA
0x78b580 GetMenuItemID
0x78b584 GetMenuItemCount
0x78b588 GetMenu
0x78b58c GetLastActivePopup
0x78b590 GetKeyboardState
0x78b598 GetKeyboardLayout
0x78b59c GetKeyState
0x78b5a0 GetKeyNameTextA
0x78b5a4 GetIconInfo
0x78b5a8 GetForegroundWindow
0x78b5ac GetFocus
0x78b5b0 GetDesktopWindow
0x78b5b4 GetDCEx
0x78b5b8 GetDC
0x78b5bc GetCursorPos
0x78b5c0 GetCursor
0x78b5c4 GetClipboardData
0x78b5c8 GetClientRect
0x78b5cc GetClassNameA
0x78b5d0 GetClassInfoA
0x78b5d4 GetCapture
0x78b5d8 GetActiveWindow
0x78b5dc FrameRect
0x78b5e0 FindWindowA
0x78b5e4 FillRect
0x78b5e8 EqualRect
0x78b5ec EnumWindows
0x78b5f0 EnumThreadWindows
0x78b5f4 EndPaint
0x78b5f8 EnableWindow
0x78b5fc EnableScrollBar
0x78b600 EnableMenuItem
0x78b604 DrawTextA
0x78b608 DrawMenuBar
0x78b60c DrawIconEx
0x78b610 DrawIcon
0x78b614 DrawFrameControl
0x78b618 DrawEdge
0x78b61c DispatchMessageA
0x78b620 DestroyWindow
0x78b624 DestroyMenu
0x78b628 DestroyIcon
0x78b62c DestroyCursor
0x78b630 DeleteMenu
0x78b634 DefWindowProcA
0x78b638 DefMDIChildProcA
0x78b63c DefFrameProcA
0x78b640 CreatePopupMenu
0x78b644 CreateMenu
0x78b648 CreateIcon
0x78b64c ClientToScreen
0x78b650 CheckMenuItem
0x78b654 CallWindowProcA
0x78b658 CallNextHookEx
0x78b65c BeginPaint
0x78b660 CharNextA
0x78b664 CharLowerBuffA
0x78b668 CharLowerA
0x78b66c CharUpperBuffA
0x78b670 CharToOemA
0x78b674 AdjustWindowRectEx
库: ole32.dll:
0x78b680 CLSIDFromString
库: kernel32.dll:
0x78b688 Sleep
库: oleaut32.dll:
0x78b690 SafeArrayPtrOfIndex
0x78b694 SafeArrayGetUBound
0x78b698 SafeArrayGetLBound
0x78b69c SafeArrayCreate
0x78b6a0 VariantChangeType
0x78b6a4 VariantCopyInd
0x78b6a8 VariantCopy
0x78b6ac VariantClear
0x78b6b0 VariantInit
库: ole32.dll:
0x78b6b8 CLSIDFromProgID
0x78b6bc CoCreateInstance
0x78b6c0 CoUninitialize
0x78b6c4 CoInitialize
库: oleaut32.dll:
0x78b6cc GetErrorInfo
0x78b6d0 SysFreeString
库: comctl32.dll:
0x78b6e0 ImageList_Write
0x78b6e4 ImageList_Read
0x78b6f4 ImageList_DragMove
0x78b6f8 ImageList_DragLeave
0x78b6fc ImageList_DragEnter
0x78b700 ImageList_EndDrag
0x78b704 ImageList_BeginDrag
0x78b708 ImageList_Remove
0x78b70c ImageList_DrawEx
0x78b710 ImageList_Draw
0x78b720 ImageList_Add
0x78b728 ImageList_Destroy
0x78b72c ImageList_Create
库: shell32.dll:
0x78b734 ShellExecuteExA
0x78b738 ExtractIconExW
库: wininet.dll:
0x78b744 InternetReadFile
0x78b748 InternetOpenUrlA
0x78b74c InternetOpenA
0x78b750 InternetCloseHandle
库: shell32.dll:
0x78b760 SHGetMalloc
0x78b764 SHGetDesktopFolder
库: advapi32.dll:
0x78b76c OpenSCManagerA
0x78b770 CloseServiceHandle
库: wsock32.dll:
0x78b778 WSACleanup
0x78b77c WSAStartup
0x78b780 gethostname
0x78b784 gethostbyname
0x78b788 inet_ntoa
库: netapi32.dll:
0x78b790 Netbios
库: WTSAPI32.dll:
0x78b798 WTSSendMessageW
库: kernel32.dll:
0x78b7a0 VirtualQuery
0x78b7a8 GetModuleHandleA
0x78b7ac CreateEventA
0x78b7b0 GetModuleFileNameW
0x78b7b4 LoadLibraryA
0x78b7b8 TerminateProcess
0x78b7bc GetCurrentProcess
0x78b7c4 Thread32First
0x78b7c8 GetCurrentProcessId
0x78b7cc GetCurrentThreadId
0x78b7d0 OpenThread
0x78b7d4 Thread32Next
0x78b7d8 CloseHandle
0x78b7dc SuspendThread
0x78b7e0 ResumeThread
0x78b7e4 WriteProcessMemory
0x78b7e8 GetSystemInfo
0x78b7ec VirtualAlloc
0x78b7f0 VirtualProtect
0x78b7f4 VirtualFree
0x78b800 GetCurrentThread
0x78b808 Sleep
0x78b80c FreeLibrary
0x78b810 GetTickCount
0x78b814 GlobalFree
0x78b818 GetProcAddress
0x78b81c LocalAlloc
0x78b820 LocalFree
0x78b824 ExitProcess
0x78b838 GetModuleHandleW
0x78b83c LoadResource
0x78b840 MultiByteToWideChar
0x78b844 FindResourceExW
0x78b848 FindResourceExA
0x78b84c WideCharToMultiByte
0x78b850 GetThreadLocale
0x78b854 GetUserDefaultLCID
0x78b85c EnumResourceNamesA
0x78b860 EnumResourceNamesW
0x78b86c EnumResourceTypesA
0x78b870 EnumResourceTypesW
0x78b874 CreateFileW
0x78b878 LoadLibraryW
0x78b87c GetLastError
0x78b880 FlushFileBuffers
0x78b884 CreateFileA
0x78b888 WriteConsoleW
0x78b88c GetConsoleOutputCP
0x78b890 WriteConsoleA
0x78b894 GetCommandLineA
0x78b898 RaiseException
0x78b89c RtlUnwind
0x78b8a0 HeapFree
0x78b8a4 GetCPInfo
0x78b8b0 GetACP
0x78b8b4 GetOEMCP
0x78b8b8 IsValidCodePage
0x78b8bc TlsGetValue
0x78b8c0 TlsAlloc
0x78b8c4 TlsSetValue
0x78b8c8 TlsFree
0x78b8cc SetLastError
0x78b8d8 IsDebuggerPresent
0x78b8dc HeapAlloc
0x78b8e0 LCMapStringA
0x78b8e4 LCMapStringW
0x78b8e8 SetHandleCount
0x78b8ec GetStdHandle
0x78b8f0 GetFileType
0x78b8f4 GetStartupInfoA
0x78b8f8 GetModuleFileNameA
0x78b90c HeapCreate
0x78b910 HeapDestroy
0x78b918 HeapReAlloc
0x78b91c GetStringTypeA
0x78b920 GetStringTypeW
0x78b924 GetLocaleInfoA
0x78b928 HeapSize
0x78b92c WriteFile
0x78b930 SetFilePointer
0x78b934 GetConsoleCP
0x78b938 GetConsoleMode
0x78b940 SetStdHandle
库: user32.dll:
0x78b94c CharUpperBuffW
0x78b950 MessageBoxW
库: kernel32.dll:
0x78b95c LocalAlloc
0x78b960 LocalFree
0x78b964 GetModuleFileNameW
0x78b974 Sleep
0x78b978 ExitProcess
0x78b97c FreeLibrary
0x78b980 LoadLibraryA
0x78b984 GetModuleHandleA
0x78b988 GetProcAddress
库: user32.dll:
`DATA
.idata
.rdata
Pezdun0
`ezdun1
`.rsrc
System
IInterface
UhI'@
UhY+@
F$P-@
SOFTWARE\Borland\Delphi\RTL
FPUMaskValue
Uh$=@
PhdA@
Ph"E@
UhjF@
kernel32.dll
GetLongPathNameA
Software\Borland\Locales
Software\Borland\Delphi\Locales
Uhoi@
Uhcj@
Uh.k@
Magellan MSWHEEL
MouseZ
MSWHEEL_ROLLMSG
MSH_WHEELSUPPORT_MSG
MSH_SCROLL_LINES_MSG
UhY|@
SysUtils
False
AM/PM
D$LPj
WUWSj
m/d/yy
mmmm d, yyyy
AMPM
AMPM
:mm:ss
kernel32.dll
GetDiskFreeSpaceExA
oleaut32.dll
VariantChangeTypeEx
VarNeg
VarNot
VarAdd
VarSub
VarMul
VarDiv
VarIdiv
VarMod
VarAnd
VarOr
VarXor
VarCmp
VarI4FromStr
VarR4FromStr
VarR8FromStr
VarDateFromStr
VarCyFromStr
VarBoolFromStr
VarBstrFromCy
VarBstrFromDate
VarBstrFromBool
Variants
UhW!A
UhX'A
Uha,A
Uhj>A
Uh7?A
UhcEA
Uh~FA
UhDGA
Uh'GA
Uh:RA
UhDTA
Uh/VA
UhyWA
Uh5XA
UhH[A
Uh7eA
UhmhA
Uh]iA
Empty
Smallint
Integer
Single
Double
Currency
OleStr
Dispatch
Error
Boolean
Variant
Unknown
Decimal
ShortInt
LongWord
Int64
String
Array
ByRef
UhspA
UhwsA
Uh!tA
UhquA
False
Uh$yA
Uh&zA
tagEXCEPINFO
UhU~A
TNotifyEvent
TObject
Classes
Classes
Classes
Classes
Classes
TStrings
Classes
Classes
Classes
EThread
Classes
%s[%d]
Strings
Owner
False
%s_%d
没有防病毒引擎扫描信息!

访问主机纪录 (可点击查询WPING实时安全评级)

无主机纪录.

TCP

无TCP连接纪录.

UDP

无UDP连接纪录.

域名解析 (可点击查询WPING实时安全评级)

无域名信息.

TCP

无TCP连接纪录.

UDP

无UDP连接纪录.

HTTP 请求

未发现HTTP请求.

SMTP 流量

无SMTP流量.

IRC 流量

无IRC请求.

ICMP 流量

无ICMP流量.

CIF 报告

无 CIF 结果

网络警报

无警报

TLS

No TLS

Suricata HTTP

No Suricata HTTP

未发现网络提取文件
抱歉! 没有任何文件投放。
没有发现相似的分析.
HTML 总结报告
(需15-60分钟同步)		 下载

Processing ( 16.151 seconds )

  • 12.858 Static
  • 1.612 VirusTotal
  • 1.293 TargetInfo
  • 0.336 peid
  • 0.019 AnalysisInfo
  • 0.013 config_decoder
  • 0.011 Strings
  • 0.005 Memory
  • 0.004 BehaviorAnalysis

Signatures ( 0.101 seconds )

  • 0.012 antiav_detectreg
  • 0.011 md_url_bl
  • 0.009 md_domain_bl
  • 0.006 infostealer_bitcoin
  • 0.005 anomaly_persistence_autorun
  • 0.005 infostealer_ftp
  • 0.004 tinba_behavior
  • 0.004 antiav_detectfile
  • 0.004 disables_browser_warn
  • 0.004 infostealer_mail
  • 0.004 ransomware_extensions
  • 0.004 ransomware_files
  • 0.003 rat_nanocore
  • 0.003 infostealer_im
  • 0.002 cerber_behavior
  • 0.002 antianalysis_detectreg
  • 0.002 antivm_vbox_files
  • 0.002 geodo_banking_trojan
  • 0.002 browser_security
  • 0.002 modify_proxy
  • 0.001 betabot_behavior
  • 0.001 kibex_behavior
  • 0.001 shifu_behavior
  • 0.001 banker_zeus_mutex
  • 0.001 bot_drive
  • 0.001 bot_drive2
  • 0.001 browser_addon
  • 0.001 disables_system_restore
  • 0.001 disables_windows_defender
  • 0.001 maldun_malicious_drop_executable_file_to_temp_folder
  • 0.001 md_bad_drop

Reporting ( 0.514 seconds )

  • 0.507 ReportHTMLSummary
  • 0.007 Malheur
Task ID 625508
Mongo ID 6056ed89dc327b3e75ed82a2
Cuckoo release 1.4-Maldun