分析任务

分析类型 虚拟机标签 开始时间 结束时间 持续时间
文件 (Windows) win7-sp1-x64-shaapp03-2 2021-04-08 23:23:29 2021-04-08 23:25:35 126 秒

魔盾分数

7.7405

危险的

文件详细信息

文件名 3333.exe
文件大小 540160 字节
文件类型 PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 a6a8975c9941af9c46f379036ab40497
SHA1 398680f95a46363a10ac50248294f84255b52141
SHA256 55f7b37cd894713e05fba8b2446452f4770fdccc815ea78145c8a22372cefcba
SHA512 5704ef35bb1deab9c20b635a2c386ebf2bd389ad03187f2065bcfbf5b1123792a5c87a0ccb05020e1347765760c4db632436fe3a6b6fe91067cba0c89e53ae64
CRC32 EA1D1361
Ssdeep 12288:L49IwHcUwqFhF6YeqWK+0yMYeWkEisOsu1ftIU7cp6VzD:LVwHcy6YeqcOYeWRZu1F7c+n
Yara 登录查看Yara规则
样本下载 提交误报

登录查看威胁特征

运行截图


访问主机纪录 (可点击查询WPING实时安全评级)

无主机纪录.

域名解析 (可点击查询WPING实时安全评级)

域名 安全评级 响应
acroipm.adobe.com CNAME acroipm.adobe.com.edgesuite.net
A 23.218.94.163
CNAME a1983.dscd.akamai.net
A 23.218.94.155

摘要

登录查看详细行为信息

PE 信息

初始地址 0x00400000
入口地址 0x0048510a
声明校验值 0x00000000
实际校验值 0x000897b5
最低操作系统版本要求 4.0
编译时间 2021-04-08 06:43:42
载入哈希 f34d5f2d4577ed6d9ceec516c1f5a744

版本信息

Translation
LegalCopyright
Assembly Version
InternalName
FileVersion
CompanyName
LegalTrademarks
Comments
ProductName
ProductVersion
FileDescription
OriginalFilename

PE 数据组成

名称 虚拟地址 虚拟大小 原始数据大小 特征 熵(Entropy)
.text 0x00002000 0x00083110 0x00083200 IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 7.85
.rsrc 0x00086000 0x00000654 0x00000800 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 3.56
.reloc 0x00088000 0x0000000c 0x00000200 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 0.10

资源

名称 偏移量 大小 语言 子语言 熵(Entropy) 文件类型
RT_VERSION 0x00086090 0x000003c4 LANG_NEUTRAL SUBLANG_NEUTRAL 3.36 data
RT_MANIFEST 0x00086464 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL 5.00 XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

导入

库: mscoree.dll:
0x402000 _CorExeMain

装载信息

名称 UNICODEINTPTRSTRING
版本 1.0.0.0

装载参考

名称 版本
mscorlib 2.0.0.0
System 2.0.0.0
Microsoft.VisualBasic 8.0.0.0
System.Windows.Forms 2.0.0.0
System.Drawing 2.0.0.0

类型参考

装载 类型名称
Microsoft.VisualBasic Microsoft.VisualBasic.ApplicationServices.ApplicationBase
Microsoft.VisualBasic Microsoft.VisualBasic.ApplicationServices.AssemblyInfo
Microsoft.VisualBasic Microsoft.VisualBasic.ApplicationServices.AuthenticationMode
Microsoft.VisualBasic Microsoft.VisualBasic.ApplicationServices.ShutdownEventHandler
Microsoft.VisualBasic Microsoft.VisualBasic.ApplicationServices.ShutdownMode
Microsoft.VisualBasic Microsoft.VisualBasic.ApplicationServices.User
Microsoft.VisualBasic Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase
Microsoft.VisualBasic Microsoft.VisualBasic.CompilerServices.Conversions
Microsoft.VisualBasic Microsoft.VisualBasic.CompilerServices.DesignerGeneratedAttribute
Microsoft.VisualBasic Microsoft.VisualBasic.CompilerServices.NewLateBinding
Microsoft.VisualBasic Microsoft.VisualBasic.CompilerServices.ObjectFlowControl
Microsoft.VisualBasic Microsoft.VisualBasic.CompilerServices.Operators
Microsoft.VisualBasic Microsoft.VisualBasic.CompilerServices.ProjectData
Microsoft.VisualBasic Microsoft.VisualBasic.CompilerServices.StandardModuleAttribute
Microsoft.VisualBasic Microsoft.VisualBasic.CompilerServices.Utils
Microsoft.VisualBasic Microsoft.VisualBasic.Devices.Computer
Microsoft.VisualBasic Microsoft.VisualBasic.HideModuleNameAttribute
Microsoft.VisualBasic Microsoft.VisualBasic.Information
Microsoft.VisualBasic Microsoft.VisualBasic.Interaction
Microsoft.VisualBasic Microsoft.VisualBasic.MyGroupCollectionAttribute
Microsoft.VisualBasic Microsoft.VisualBasic.Strings
System System.CodeDom.Compiler.GeneratedCodeAttribute
System System.ComponentModel.Component
System System.ComponentModel.ComponentResourceManager
System System.ComponentModel.Container
System System.ComponentModel.Design.HelpKeywordAttribute
System System.ComponentModel.EditorBrowsableAttribute
System System.ComponentModel.EditorBrowsableState
System System.ComponentModel.IContainer
System System.ComponentModel.ISupportInitialize
System System.Configuration.ApplicationSettingsBase
System System.Configuration.SettingsBase
System System.Diagnostics.Debug
System System.Diagnostics.EventLog
System System.Diagnostics.EventLogEntryType
System System.Text.RegularExpressions.Regex
System System.Text.RegularExpressions.RegexOptions
System.Drawing System.Drawing.Bitmap
System.Drawing System.Drawing.Color
System.Drawing System.Drawing.ColorTranslator
System.Drawing System.Drawing.ContentAlignment
System.Drawing System.Drawing.Font
System.Drawing System.Drawing.FontStyle
System.Drawing System.Drawing.GraphicsUnit
System.Drawing System.Drawing.Icon
System.Drawing System.Drawing.Image
System.Drawing System.Drawing.Point
System.Drawing System.Drawing.Size
System.Drawing System.Drawing.SizeF
System.Windows.Forms System.Windows.Forms.AnchorStyles
System.Windows.Forms System.Windows.Forms.Application
System.Windows.Forms System.Windows.Forms.AutoScaleMode
System.Windows.Forms System.Windows.Forms.BorderStyle
System.Windows.Forms System.Windows.Forms.Button
System.Windows.Forms System.Windows.Forms.ButtonBase
System.Windows.Forms System.Windows.Forms.ColumnStyle
System.Windows.Forms System.Windows.Forms.ComboBox
System.Windows.Forms System.Windows.Forms.CommonDialog
System.Windows.Forms System.Windows.Forms.ContainerControl
System.Windows.Forms System.Windows.Forms.Control
System.Windows.Forms System.Windows.Forms.Control/ControlCollection
System.Windows.Forms System.Windows.Forms.DialogResult
System.Windows.Forms System.Windows.Forms.DockStyle
System.Windows.Forms System.Windows.Forms.FileDialog
System.Windows.Forms System.Windows.Forms.Form
System.Windows.Forms System.Windows.Forms.FormBorderStyle
System.Windows.Forms System.Windows.Forms.FormStartPosition
System.Windows.Forms System.Windows.Forms.IButtonControl
System.Windows.Forms System.Windows.Forms.Label
System.Windows.Forms System.Windows.Forms.ListBox
System.Windows.Forms System.Windows.Forms.ListControl
System.Windows.Forms System.Windows.Forms.MessageBox
System.Windows.Forms System.Windows.Forms.MessageBoxButtons
System.Windows.Forms System.Windows.Forms.MessageBoxDefaultButton
System.Windows.Forms System.Windows.Forms.MessageBoxIcon
System.Windows.Forms System.Windows.Forms.OpenFileDialog
System.Windows.Forms System.Windows.Forms.Padding
System.Windows.Forms System.Windows.Forms.Panel
System.Windows.Forms System.Windows.Forms.PictureBox
System.Windows.Forms System.Windows.Forms.PictureBoxSizeMode
System.Windows.Forms System.Windows.Forms.RadioButton
System.Windows.Forms System.Windows.Forms.RowStyle
System.Windows.Forms System.Windows.Forms.SaveFileDialog
System.Windows.Forms System.Windows.Forms.ScrollBars
System.Windows.Forms System.Windows.Forms.SizeType
System.Windows.Forms System.Windows.Forms.TableLayoutColumnStyleCollection
System.Windows.Forms System.Windows.Forms.TableLayoutControlCollection
System.Windows.Forms System.Windows.Forms.TableLayoutPanel
System.Windows.Forms System.Windows.Forms.TableLayoutRowStyleCollection
System.Windows.Forms System.Windows.Forms.TextBox
System.Windows.Forms System.Windows.Forms.TextBoxBase
System.Windows.Forms System.Windows.Forms.ToolTip
mscorlib Microsoft.Win32.Registry
mscorlib Microsoft.Win32.RegistryKey
mscorlib System.Activator
mscorlib System.AppDomain
mscorlib System.AppDomainSetup
mscorlib System.ArgumentException
mscorlib System.Array
mscorlib System.AsyncCallback
mscorlib System.Boolean
mscorlib System.Byte
mscorlib System.Collections.Generic.IEnumerable`1
mscorlib System.Collections.Generic.List`1
mscorlib System.Collections.Generic.List`1/Enumerator
mscorlib System.Collections.Hashtable
mscorlib System.Console
mscorlib System.ConsoleColor
mscorlib System.Delegate
mscorlib System.Diagnostics.DebuggableAttribute
mscorlib System.Diagnostics.DebuggableAttribute/DebuggingModes
mscorlib System.Diagnostics.DebuggerBrowsableAttribute
mscorlib System.Diagnostics.DebuggerBrowsableState
mscorlib System.Diagnostics.DebuggerHiddenAttribute
mscorlib System.Diagnostics.DebuggerNonUserCodeAttribute
mscorlib System.Diagnostics.DebuggerStepThroughAttribute
mscorlib System.Enum
mscorlib System.Environment
mscorlib System.Environment/SpecialFolder
mscorlib System.EventArgs
mscorlib System.EventHandler
mscorlib System.Exception
mscorlib System.Globalization.CultureInfo
mscorlib System.IAsyncResult
mscorlib System.IDisposable
mscorlib System.IO.File
mscorlib System.IO.Path
mscorlib System.IO.StreamWriter
mscorlib System.InvalidOperationException
mscorlib System.MulticastDelegate
mscorlib System.Object
mscorlib System.Predicate`1
mscorlib System.Reflection.Assembly
mscorlib System.Reflection.AssemblyCompanyAttribute
mscorlib System.Reflection.AssemblyCopyrightAttribute
mscorlib System.Reflection.AssemblyDescriptionAttribute
mscorlib System.Reflection.AssemblyFileVersionAttribute
mscorlib System.Reflection.AssemblyProductAttribute
mscorlib System.Reflection.AssemblyTitleAttribute
mscorlib System.Reflection.AssemblyTrademarkAttribute
mscorlib System.Reflection.MemberInfo
mscorlib System.Reflection.PropertyInfo
mscorlib System.Reflection.TargetInvocationException
mscorlib System.Resources.ResourceManager
mscorlib System.Runtime.CompilerServices.AccessedThroughPropertyAttribute
mscorlib System.Runtime.CompilerServices.CompilationRelaxationsAttribute
mscorlib System.Runtime.CompilerServices.CompilerGeneratedAttribute
mscorlib System.Runtime.CompilerServices.RuntimeCompatibilityAttribute
mscorlib System.Runtime.CompilerServices.RuntimeHelpers
mscorlib System.Runtime.InteropServices.ComVisibleAttribute
mscorlib System.Runtime.InteropServices.GuidAttribute
mscorlib System.RuntimeTypeHandle
mscorlib System.STAThreadAttribute
mscorlib System.Security.Policy.Evidence
mscorlib System.String
mscorlib System.Text.StringBuilder
mscorlib System.ThreadStaticAttribute
mscorlib System.Threading.ApartmentState
mscorlib System.Threading.Interlocked
mscorlib System.Threading.Monitor
mscorlib System.Threading.Thread
mscorlib System.Threading.ThreadStart
mscorlib System.Type
mscorlib System.ValueType
mscorlib System.Version

.text
`.rsrc
@.reloc
v2.0.50727
#Strings
#GUID
#Blob
_Closure$__40-0
_Closure$__60-0
_Closure$__42-0
_Closure$__43-0
_Closure$__14-0
_Closure$__15-0
_Closure$__36-0
_Closure$__17-0
_Closure$__37-0
_Closure$__38-0
_Closure$__39-0
_Closure$__59-0
_Lambda$__0
_Lambda$__1
IEnumerable`1
Predicate`1
ThreadSafeObjectProvider`1
List`1
get_Label1
set_Label1
Microsoft.Win32
ToWin32
_Lambda$__2
get_Label2
set_Label2
get_ListBox2
set_ListBox2
_Lambda$__3
get_Label3
set_Label3
_Lambda$__4
get_Label4
set_Label4
_Lambda$__5
get_Label5
set_Label5
get_Label6
set_Label6
get_GetEnumeratord17
get_Label7
set_Label7
get_Label8
set_Label8
<Module>
IS_PROTECTED
DELTE_LOG_AND_SOURCE
IS_STANDARD_SOURCE
SOURCE_CREATE
SOURCE_DELETE
LOG_DELETE
KEYLENGT_RESERVE
SizeF
UNICODEINTPTRSTRING
DELTE_LOG
get_btnOK
set_btnOK
DEL_ALL_SWITCH_ALL_CREATE_ALL
DELTE_ALL_SWITCH_ALL
CHILDS_ARE_OWN
SOURCE_TO_OWN
SOUCRE_TO_OWN
LOG_TO_OWN
LOG_ALL_TO_OWN
LOG_ONLY_TO_OWN
IS_OWN
System.IO
SOURCE_TO_OTHER
LOG_TO_OTHER
LOG_ALL_TO_OTHER
LOG_ONLY_TO_OTHER
DELTE_ALL_SWITCH_LOG_OWNER
REGKEY_LENGTH_FITS
CHARSET_FITS
SHORT_NAME_EXISTS
COMBOBOX
LISTBOX
EventLogX
$VB$Local_evtLogX
EventLogsX
IS_PROTECTED_FULLY
Dispose__Instance__
Create__Instance__
value__
ProjectData
mscorlib
System.Collections.Generic
Microsoft.VisualBasic
get_pnlSrc
set_pnlSrc
get_txtSrc
set_txtSrc
CloseThread
ThisFormThread
Form1_Load
add_Load
MainForm_Load
AboutBox_Load
get_btnSrcLoad
set_btnSrcLoad
txtSrc_TextChanged
add_TextChanged
remove_TextChanged
txtTgt_TextChanged
SourceText_TextChanged
LogText_TextChanged
add_SelectedIndexChanged
remove_SelectedIndexChanged
Sources_SelectedIndexChanged
Logs_SelectedIndexChanged
get_Checked
set_Checked
set_ReadOnlyChecked
Interlocked
set_Enabled
set_FormattingEnabled
get_IsDisposed
m_FormBeingCreated
get_TxtSourceSelected
set_TxtSourceSelected
Synchronized
Append
TargetMethod
$VB$Me
Replace
set_IsSingleInstance
CreateInstance
get_GetInstance
defaultInstance
instance
Evidence
set_DataSource
AddSource
ThisSelectedSource
selectedSource
StateTypeSource
CreateSource
DeleteSource
LogSource
get_lblSource
set_lblSource
get_BtnDelSource
set_BtnDelSource
sSource
CreateEventSource
DeleteEventSource
get_BtnNewSource
set_BtnNewSource
GetHashCode
sHtmlCode
set_AutoScaleMode
set_SizeMode
PictureBoxSizeMode
AuthenticationMode
ShutdownMode
set_Image
get_Message
AddRange
CompareExchange
EndInvoke
BeginInvoke
IDisposable
Hashtable
RuntimeTypeHandle
GetTypeFromHandle
ReadFile
SaveFile
LoadFromFile
SaveOutputToFile
Console
get_Title
set_Title
DockStyle
ColumnStyle
set_ShutdownStyle
set_BorderStyle
set_FormBorderStyle
FontStyle
RowStyle
get_Name
set_Name
get_SourceName
set_SourceName
ownSourceName
get_TipSourceName
set_TipSourceName
CurrentSourceName
get_TxtSourceName
set_TxtSourceName
$VB$Local_MySourceName
$VB$Local_sourceName
get_FileName
get_LogName
set_LogName
ownLogName
get_TipLogName
set_TipLogName
CurrentLogName
get_TxtLogName
set_TxtLogName
$VB$Local_MyLogName
$VB$Local_logName
get_ProductName
get_LabelProductName
set_LabelProductName
get_ShortName
get_AssemblyName
get_CompanyName
get_LabelCompanyName
set_LabelCompanyName
sFilename
ReadLine
WriteLine
Combine
LocalMachine
set_Multiline
get_ReflectedType
CheckForSyncLockOnValueType
SizeType
ControlType
FormatType
GetType
EventLogEntryType
get_Culture
set_Culture
resourceCulture
WindowsFormsApplicationBase
ButtonBase
ApplicationSettingsBase
TextBoxBase
Close
Dispose
Reverse
Validate
ValidateSourceCreate
ShowCreate
MulticastDelegate
DelegateAsyncState
get_SourceState
SetSourceState
DebuggerBrowsableState
EditorBrowsableState
get_LogState
SetLogState
GeneralState
get_ActionState
GetOwnerState
SetApartmentState
ValidateSourceDelete
ValidateLogDelete
Write
vbQuote
ThreadStaticAttribute
STAThreadAttribute
CompilerGeneratedAttribute
DesignerGeneratedAttribute
GuidAttribute
HelpKeywordAttribute
GeneratedCodeAttribute
DebuggerNonUserCodeAttribute
DebuggableAttribute
DebuggerBrowsableAttribute
EditorBrowsableAttribute
ComVisibleAttribute
AssemblyTitleAttribute
StandardModuleAttribute
HideModuleNameAttribute
DebuggerStepThroughAttribute
AssemblyTrademarkAttribute
DebuggerHiddenAttribute
AssemblyFileVersionAttribute
MyGroupCollectionAttribute
AssemblyDescriptionAttribute
CompilationRelaxationsAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyCompanyAttribute
RuntimeCompatibilityAttribute
AccessedThroughPropertyAttribute
m_ThreadStaticValue
WithEventsValue
GetObjectValue
AutoPropertyValue
get_btnTgtSave
set_btnTgtSave
IsChildMove
Remove
UNICODEINTPTRSTRING.exe
get_Size
set_Size
set_MaximumSize
set_AutoSize
set_ClientSize
ISupportInitialize
get_rbSrcRtf
set_rbSrcRtf
ConvertRtfToRtf
ConvertHtmlToRtf
ConvertTextToRtf
get_rbTgtRtf
set_rbTgtRtf
GetSourcesFromReg
InitReg
System.Threading
set_Padding
NewLateBinding
IsNothing
get_UseCompatibleTextRendering
GetResourceString
CompareString
ToString
GetString
disposing
System.Drawing
get_Log
ThisSelectedLog
selectedLog
StateTypeLog
DeleteLog
get_BtnDelLog
set_BtnDelLog
ThisEventLog
$VB$Local_evtLog
get_LoadFileDialog
set_LoadFileDialog
get_SaveFileDialog
set_SaveFileDialog
OpenFileDialog
CommonDialog
ShowDialog
ThisForeColorOrg
ThisBackColorOrg
ErrorMsg
Debug
get_tbSearch
set_tbSearch
IsMatch
BtnSourceSwitch
BtnLogSwitch
get_BtnRefresh
set_BtnRefresh
GetFolderPath
get_Width
AsyncCallback
DelegateCallback
btnSrcLoad_Click
add_Click
BtnDelSource_Click
BtnNewSource_Click
btnTgtSave_Click
remove_Click
BtnDelLog_Click
BtnRefresh_Click
btnCancel_Click
OKButton_Click
btnGo_Click
btnAbout_Click
set_Dock
Label
get_btnCancel
set_btnCancel
System.ComponentModel
get_TableLayoutPanel
set_TableLayoutPanel
confirmingLevel
ConfirmLevel
GetPixel
FindAll
set_AutoScroll
ThisProtectedLogsFull
get_rbSrcHtml
set_rbSrcHtml
ConvertRtfToHtml
ConvertHtmlToHtml
ConvertTextToHtml
get_rbTgtHtml
set_rbTgtHtml
IButtonControl
ContainerControl
ListControl
ObjectFlowControl
get_SelectedItem
System
m_SearchTerm
get_SearchTerm
set_SearchTerm
CloseForm
LayerWinForm
m_MainForm
get_MainForm
set_MainForm
OnCreateMainForm
InitForm
get_ParentForm
set_ParentForm
parentForm
OwnerEnum
resourceMan
Boolean
SetRowSpan
get_TxtSourceWritten
set_TxtSourceWritten
set_TextAlign
System.ComponentModel.Design
CreateDomain
AppDomain
set_Margin
set_Icon
MessageBoxIcon
GetFileNameWithoutExtension
get_Version
get_LabelVersion
set_LabelVersion
ManageConversion
get_Application
MyApplication
set_Location
get_TipSourceName_TrayLocation
get_TipLogName_TrayLocation
BuilderInstantiation
Information
System.Configuration
System.Globalization
Interaction
System.Reflection
TableLayoutColumnStyleCollection
TableLayoutRowStyleCollection
TableLayoutControlCollection
set_StartPosition
FormStartPosition
TargetInvocationException
InvalidOperationException
get_InnerException
ArgumentException
get_Description
get_TextBoxDescription
set_TextBoxDescription
get_OKButton
set_OKButton
set_CancelButton
RadioButton
MessageBoxDefaultButton
set_AcceptButton
ValidateSourceToOwn
get_BtnSourceToOwn
set_BtnSourceToOwn
ValidateLogToOwn
comboOwn
get_BtnLogtoOwn
set_BtnLogtoOwn
get_CmbSourcesOwn
set_CmbSourcesOwn
get_LstSourcesOwn
set_LstSourcesOwn
sourcesOwn
get_CmbLogsOwn
set_CmbLogsOwn
get_LstLogsOwn
set_LstLogsOwn
logsOwn
listOwn
add_Shutdown
get_btnGo
set_btnGo
get_Info
CultureInfo
MemberInfo
AssemblyInfo
PropertyInfo
CompatibilityMap
Bitmap
set_WordWrap
Sleep
ToolTip
set_TabStop
EndApp
AppDomainSetup
set_ShowInTaskbar
Clear
set_ValueMember
m_AppObjectProvider
m_UserObjectProvider
m_ComputerObjectProvider
m_MyWebServicesObjectProvider
m_MyFormsObjectProvider
StringBuilder
SpecialFolder
sender
get_ResourceManager
ComponentResourceManager
ToInteger
ValidateSourceToOther
get_BtnSourceToOther
set_BtnSourceToOther
ValidateLogToOther
get_BtnLogToOther
set_BtnLogToOther
comboOther
get_CmbSourcesOther
set_CmbSourcesOther
get_LstSourcesOther
set_LstSourcesOther
sourcesOther
get_CmbLogsOther
set_CmbLogsOther
get_LstLogsOther
set_LstLogsOther
logsOther
listOther
addedHandler
ShutdownEventHandler
DummyEventHandler
System.CodeDom.Compiler
IContainer
get_Owner
SetOwner
newOwner
$VB$Local_owner
get_User
StreamWriter
set_Filter
Enter
FormatConverter
get_Computer
MyComputer
ToLower
set_Anchor
get_Interior
get_ForegroundColor
set_ForegroundColor
get_BackgroundColor
set_BackgroundColor
ConsoleColor
set_UseVisualStyleBackColor
get_RestrictedError
CreateProjectError
ClearProjectError
SetProjectError
ColorTranslator
get_ValueEnumerator
GetEnumerator
Activator
.ctor
.cctor
Monitor
System.Diagnostics
withChilds
Microsoft.VisualBasic.Devices
get_WebServices
MyWebServices
Microsoft.VisualBasic.ApplicationServices
System.Runtime.InteropServices
Microsoft.VisualBasic.CompilerServices
System.Runtime.CompilerServices
get_Sources
set_Sources
SetDataSources
get_ChildSources
InstanceLogsAndSources
GetSources
ShowSources
System.Resources
FormatConverter.My.Resources
FormatConverter.SearchTerm.resources
FormatConverter.MainForm.resources
FormatConverter.Resources.resources
FormatConverter.FrmThinClient.resources
FormatConverter.AboutBox.resources
DebuggingModes
GetAssemblies
set_EnableVisualStyles
get_ColumnStyles
AnchorStyles
get_RowStyles
GetSubKeyNames
ActionTypes
GetTypes
SetStates
Strings
get_Settings
AutoSaveSettings
MySettings
get_Logs
set_Logs
ThisProtectedLogs
GetLogs
ThisEventLogs
GetEventLogs
get_MyEventLogs
set_MyEventLogs
ShowLogs
EventArgs
Globals
ReferenceEquals
WriteCreateLogAndSourceDetails
Utils
get_Controls
SetControls
System.Windows.Forms
get_Forms
MyForms
set_AutoScaleDimensions
Conversions
System.Text.RegularExpressions
ShowActions
System.Collections
RegexOptions
MessageBoxButtons
set_ScrollBars
RuntimeHelpers
Operators
components
SourceLists
LogLists
SourceExists
LogExists
Concat
Format
addedHandlerLockObject
GetObject
TargetObject
MyProject
LateGet
get_lblTgt
set_lblTgt
get_pnlTgt
set_pnlTgt
get_txtTgt
set_txtTgt
get_Height
set_ItemHeight
get_Copyright
get_LabelCopyright
set_LabelCopyright
EndInit
BeginInit
GraphicsUnit
get_SaveMySettingsOnExit
set_SaveMySettingsOnExit
get_Default
SetCompatibleTextRenderingDefault
IAsyncResult
DelegateAsyncResult
set_DialogResult
m_FrmThinClient
get_FrmThinClient
set_FrmThinClient
ThisFrmThinClient
ShowFrmThinClient
ContentAlignment
Environment
InitializeComponent
get_Parent
parent
get_Current
DummyEvent
Point
Print
set_Font
set_ColumnCount
set_RowCount
get_Root
ShowRoot
ThreadStart
ModStart
IConvert
Abort
get_SourceList
set_SourceList
AddingSourceList
get_LogList
set_LogList
ConfirmLevelList
get_btnAbout
set_btnAbout
SuspendLayout
ResumeLayout
PerformLayout
MoveNext
System.Text
get_Text
set_Text
get_rbSrcText
set_rbSrcText
get_TxtLogSelectedText
set_TxtLogSelectedText
ReadAllText
get_TxtLogWrittenText
set_TxtLogWrittenText
ConvertRtfToText
ConvertHtmlToText
ConvertTextToText
sText
get_rbTgtText
set_rbTgtText
ThisEv
set_TabIndex
set_FilterIndex
Regex
MessageBox
get_LogoPictureBox
set_LogoPictureBox
set_MinimizeBox
set_MaximizeBox
ComboBox
ListBox
m_AboutBox
get_AboutBox
set_AboutBox
TextBox
FormatConverter.My
set_InitialDelay
set_AutoPopDelay
set_ReshowDelay
Array
System.Security.Policy
OpenSubKey
ContainsKey
get_RegRootKey
RegistryKey
get_Assembly
set_ReadOnly
add_Dummy
remove_Dummy
ReadOnlyDictionary
Requery
set_InitialDirectory
WriteEntry
ISectionEntry
Registry
MySettingsProperty
GetProperty
Format Converter
'Converts one textual format to another.
BobbleSoft
2018
$03f624bb-41c2-4b72-b870-ccd665abbd41
1.0.0.0
TableLayoutPanel
LogoPictureBox
LabelProductName
LabelVersion
LabelCompanyName
TextBoxDescription
OKButton
LabelCopyright
LstLogsOther
TxtLogName
TxtSourceName
BtnNewSource
ListBox2
TipLogName
TipSourceName
LstSourcesOther
LstLogsOwn
BtnDelSource
LstSourcesOwn
BtnDelLog
BtnLogtoOwn
BtnLogToOther
Label1
Label2
Label3
Label4
Label5
Label6
Label7
Label8
BtnSourceToOwn
BtnSourceToOther
BtnRefresh
ParentForm
MyEventLogs
Sources
lblSource
txtSrc
rbSrcText
rbSrcHtml
rbSrcRtf
pnlSrc
txtTgt
lblTgt
pnlTgt
rbTgtText
rbTgtRtf
rbTgtHtml
btnGo
btnAbout
btnSrcLoad
btnTgtSave
LoadFileDialog
SaveFileDialog
tbSearch
btnOK
btnCancel
CmbLogsOwn
CmbLogsOther
TxtLogSelectedText
TxtLogWrittenText
CmbSourcesOwn
CmbSourcesOther
TxtSourceSelected
TxtSourceWritten
11.0.0.0
16.0.0.0
16.7.0.0
My.MyProject.Forms
Dispose__Instance__
My.Computer
My.Application
My.User
My.Forms
My.WebServices
My.Settings
}DI[E
Customize the application's assembly information in the Application pane of Project Designer.)BR
height
`'a4f5l9r
LogoPictureBox.Image
$this.Icon
GetEnumeratord17
没有防病毒引擎扫描信息!

进程树


3333.exe, PID: 2548, 上一级进程 PID: 2224
3333.exe, PID: 2500, 上一级进程 PID: 2548
dw20.exe, PID: 2960, 上一级进程 PID: 2500

访问主机纪录 (可点击查询WPING实时安全评级)

无主机纪录.

TCP

源地址 源端口 目标地址 目标端口
192.168.122.202 49160 23.218.94.163 acroipm.adobe.com 80

UDP

源地址 源端口 目标地址 目标端口
192.168.122.202 50785 192.168.122.1 53

域名解析 (可点击查询WPING实时安全评级)

域名 安全评级 响应
acroipm.adobe.com CNAME acroipm.adobe.com.edgesuite.net
A 23.218.94.163
CNAME a1983.dscd.akamai.net
A 23.218.94.155

TCP

源地址 源端口 目标地址 目标端口
192.168.122.202 49160 23.218.94.163 acroipm.adobe.com 80

UDP

源地址 源端口 目标地址 目标端口
192.168.122.202 50785 192.168.122.1 53

HTTP 请求

URI HTTP数据
URL专业沙箱检测 -> http://acroipm.adobe.com/11/rdr/CHS/win/nooem/none/message.zip
GET /11/rdr/CHS/win/nooem/none/message.zip HTTP/1.1
Accept: */*
If-Modified-Since: Mon, 08 Nov 2017 08:44:36 GMT
User-Agent: IPM
Host: acroipm.adobe.com
Connection: Keep-Alive
Cache-Control: no-cache

SMTP 流量

无SMTP流量.

IRC 流量

无IRC请求.

ICMP 流量

无ICMP流量.

CIF 报告

无 CIF 结果

网络警报

无警报

TLS

No TLS

Suricata HTTP

No Suricata HTTP

未发现网络提取文件
抱歉! 没有任何文件投放。
没有发现相似的分析.
HTML 总结报告
(需15-60分钟同步)
下载

Processing ( 17.501 seconds )

  • 11.812 Suricata
  • 1.578 VirusTotal
  • 1.105 BehaviorAnalysis
  • 1.069 Static
  • 0.768 NetworkAnalysis
  • 0.454 static_dotnet
  • 0.373 TargetInfo
  • 0.311 peid
  • 0.018 Strings
  • 0.01 AnalysisInfo
  • 0.002 Memory
  • 0.001 config_decoder

Signatures ( 2.076 seconds )

  • 1.404 md_url_bl
  • 0.078 api_spamming
  • 0.067 stealth_decoy_document
  • 0.067 stealth_timeout
  • 0.058 antiav_detectreg
  • 0.025 injection_createremotethread
  • 0.023 infostealer_ftp
  • 0.022 infostealer_im
  • 0.015 antiav_detectfile
  • 0.014 kovter_behavior
  • 0.013 antiemu_wine_func
  • 0.013 antivm_generic_scsi
  • 0.012 mimics_filetime
  • 0.012 infostealer_browser_password
  • 0.012 antianalysis_detectreg
  • 0.011 injection_explorer
  • 0.01 infostealer_bitcoin
  • 0.01 md_domain_bl
  • 0.009 stealth_file
  • 0.009 reads_self
  • 0.009 antivm_generic_disk
  • 0.009 virus
  • 0.009 infostealer_mail
  • 0.008 bootkit
  • 0.007 antivm_generic_services
  • 0.006 anomaly_persistence_autorun
  • 0.006 anormaly_invoke_kills
  • 0.006 hancitor_behavior
  • 0.006 antivm_vbox_files
  • 0.006 geodo_banking_trojan
  • 0.005 antivm_vbox_libs
  • 0.005 maldun_anomaly_massive_file_ops
  • 0.005 ransomware_extensions
  • 0.004 antiav_avast_libs
  • 0.004 betabot_behavior
  • 0.004 antisandbox_sunbelt_libs
  • 0.004 exec_crash
  • 0.004 antidbg_windows
  • 0.004 injection_runpe
  • 0.004 antivm_parallels_keys
  • 0.004 network_http
  • 0.004 ransomware_files
  • 0.003 rat_nanocore
  • 0.003 antisandbox_sboxie_libs
  • 0.003 antiav_bitdefender_libs
  • 0.003 kibex_behavior
  • 0.003 darkcomet_regkeys
  • 0.002 tinba_behavior
  • 0.002 hawkeye_behavior
  • 0.002 network_tor
  • 0.002 antidbg_devices
  • 0.002 antivm_generic_diskreg
  • 0.002 antivm_xen_keys
  • 0.002 bot_drive2
  • 0.002 disables_browser_warn
  • 0.002 network_torgateway
  • 0.002 rat_pcclient
  • 0.002 recon_fingerprint
  • 0.001 maldun_malicious_write_executeable_under_temp_to_regrun
  • 0.001 rat_luminosity
  • 0.001 antivm_vmware_libs
  • 0.001 maldun_anomaly_write_exe_and_obsfucate_extension
  • 0.001 antisandbox_sleep
  • 0.001 kazybot_behavior
  • 0.001 shifu_behavior
  • 0.001 maldun_anomaly_write_exe_and_dll_under_winroot_run
  • 0.001 vawtrak_behavior
  • 0.001 cerber_behavior
  • 0.001 h1n1_behavior
  • 0.001 bypass_firewall
  • 0.001 sniffer_winpcap
  • 0.001 antianalysis_detectfile
  • 0.001 antisandbox_productid
  • 0.001 antivm_xen_keys
  • 0.001 antivm_hyperv_keys
  • 0.001 antivm_vbox_acpi
  • 0.001 antivm_vbox_keys
  • 0.001 antivm_vmware_files
  • 0.001 antivm_vmware_keys
  • 0.001 banker_zeus_mutex
  • 0.001 bot_drive
  • 0.001 browser_addon
  • 0.001 browser_security
  • 0.001 modify_proxy
  • 0.001 codelux_behavior
  • 0.001 maldun_malicious_drop_executable_file_to_temp_folder
  • 0.001 maldun_anomaly_invoke_vb_vba
  • 0.001 md_bad_drop
  • 0.001 network_cnc_http
  • 0.001 packer_armadillo_regkey

Reporting ( 0.627 seconds )

  • 0.62 ReportHTMLSummary
  • 0.007 Malheur
Task ID 628813
Mongo ID 606f208e7e769a06abeb2c4d
Cuckoo release 1.4-Maldun