比较分析...

分析任务

分析类型 虚拟机标签 开始时间 结束时间 持续时间
文件 (Windows) win7-sp1-x64-shaapp02-1 2021-06-18 16:47:11 2021-06-18 16:47:17 6 秒

魔盾分数

7.35

危险的

文件详细信息

文件名 屏幕传输[获取].exe
文件大小 5037056 字节
文件类型 PE32+ executable (GUI) x86-64, for MS Windows
MD5 753ef9b8ee2f6e3b4c124d2e50dddf52
SHA1 f4bfb16a97bb2c23bf759f8b7264c0e46d58e3eb
SHA256 b938881702dd8f273774f240639658138d024892ed223d8eb498c677f9e5eef3
SHA512 0ad57c8ed7825c76cbd58da7f8a3548ffbe39095e0207dfccacbce7bae0e518ef72df4ea23dd901a742711e75a3806bc55203991ddfcc96070807bc75c21245e
CRC32 AD046C3E
Ssdeep 98304:cfZMC+gQ1N9tX2DR2JbcxRFLOAkGkzdnEVomFHKnPJ:o6HhJbcnFLOyomFHKnPJ
Yara 登录查看Yara规则
样本下载 提交误报
登录查看威胁特征

运行截图

没有可用的屏幕截图

访问主机纪录 (可点击查询WPING实时安全评级)

无主机纪录.

域名解析 (可点击查询WPING实时安全评级)

无域名信息.

摘要

登录查看详细行为信息

PE 信息

初始地址 0x140000000
入口地址 0x1401e8320
声明校验值 0x00000000
实际校验值 0x004d1fbf
最低操作系统版本要求 5.2
编译时间 2021-06-18 16:39:03
载入哈希 241fa9391b577422ae4a18f670930afd

版本信息

LegalCopyright
InternalName
FileVersion
CompanyName
ProductName
ProductVersion
FileDescription
OriginalFilename
Translation

PE 数据组成

名称 虚拟地址 虚拟大小 原始数据大小 特征 熵(Entropy)
.text 0x00001000 0x0026ada8 0x0026ae00 IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 6.50
.rodata 0x0026c000 0x00003090 0x00003200 IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 6.05
.rdata 0x00270000 0x000bd426 0x000bd600 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 4.53
.data 0x0032e000 0x00083d40 0x00012400 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 2.44
.pdata 0x003b2000 0x0001a880 0x0001aa00 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 6.24
.gehcont 0x003cd000 0x00000018 0x00000200 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 0.12
.rsrc 0x003ce000 0x00165100 0x00165200 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 7.56
.reloc 0x00534000 0x00010000 0x00010000 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 5.45

导入

库: KERNEL32.dll:
0x1402703d8 GetVolumeInformationW
0x1402703e0 GetSystemTimeAsFileTime
0x1402703e8 FileTimeToLocalFileTime
0x1402703f0 FileTimeToSystemTime
0x1402703f8 ResetEvent
0x140270400 CreateThread
0x140270408 CreateEventW
0x140270410 SetThreadPriority
0x140270418 VirtualQuery
0x140270420 WideCharToMultiByte
0x140270428 CopyFileW
0x140270430 GetCurrentDirectoryW
0x140270438 CloseHandle
0x140270440 DeleteFileW
0x140270448 GetFileAttributesExW
0x140270450 MultiByteToWideChar
0x140270458 WriteConsoleW
0x140270460 GetStringTypeW
0x140270468 SetEnvironmentVariableW
0x140270470 FreeEnvironmentStringsW
0x140270478 GetEnvironmentStringsW
0x140270480 GetCPInfo
0x140270488 GetOEMCP
0x140270490 GetACP
0x140270498 IsValidCodePage
0x1402704a0 FindFirstFileExW
0x1402704a8 GetSystemDirectoryW
0x1402704b0 GetFileAttributesW
0x1402704b8 WaitForSingleObject
0x1402704c0 FindClose
0x1402704c8 GetModuleFileNameW
0x1402704d0 TerminateProcess
0x1402704d8 FindNextFileW
0x1402704e0 GetCommandLineW
0x1402704e8 SetLastError
0x1402704f0 FindFirstFileW
0x1402704f8 ReadFile
0x140270500 FreeLibrary
0x140270508 LoadLibraryW
0x140270510 FindResourceW
0x140270518 LoadResource
0x140270520 LockResource
0x140270528 FreeResource
0x140270530 SizeofResource
0x140270538 GlobalReAlloc
0x140270540 MulDiv
0x140270548 GlobalUnlock
0x140270550 GlobalLock
0x140270558 GlobalFree
0x140270560 GlobalAlloc
0x140270568 GlobalSize
0x140270570 LoadLibraryExW
0x140270578 GetVersionExW
0x140270580 GetCurrentProcess
0x140270588 GetModuleHandleW
0x140270590 GetProcAddress
0x140270598 QueryPerformanceCounter
0x1402705a8 lstrcmpiA
0x1402705b0 GetCurrentThreadId
0x1402705c0 IsDebuggerPresent
0x1402705d0 GetTickCount
0x1402705d8 Sleep
0x1402705e0 GetProcessHeap
0x1402705e8 DeleteCriticalSection
0x1402705f0 HeapDestroy
0x1402705f8 DecodePointer
0x140270600 HeapAlloc
0x140270608 RaiseException
0x140270610 GetTimeZoneInformation
0x140270618 LCMapStringW
0x140270620 GetConsoleMode
0x140270628 GetConsoleOutputCP
0x140270630 SetFilePointerEx
0x140270638 GetStdHandle
0x140270640 GetFileType
0x140270648 SetStdHandle
0x140270650 VirtualAlloc
0x140270658 HeapQueryInformation
0x140270660 FreeLibraryAndExitThread
0x140270668 ExitThread
0x140270670 ExitProcess
0x140270678 GetCommandLineA
0x140270680 RtlPcToFileHeader
0x140270688 RtlUnwindEx
0x140270690 OutputDebugStringW
0x140270698 GetStartupInfoW
0x1402706a0 InitializeSListHead
0x1402706b8 UnhandledExceptionFilter
0x1402706c0 RtlVirtualUnwind
0x1402706c8 RtlLookupFunctionEntry
0x1402706d0 RtlCaptureContext
0x1402706d8 WaitForSingleObjectEx
0x1402706e0 GetTempFileNameW
0x1402706e8 HeapReAlloc
0x1402706f0 GetLastError
0x1402706f8 HeapSize
0x140270700 LeaveCriticalSection
0x140270710 GetWindowsDirectoryW
0x140270718 SetErrorMode
0x140270720 GetFileTime
0x140270728 GetFileSizeEx
0x140270738 GetProfileIntW
0x140270740 GetTempPathW
0x140270748 SearchPathW
0x140270750 FindResourceExW
0x140270758 lstrcmpiW
0x140270760 DuplicateHandle
0x140270768 WriteFile
0x140270770 UnlockFile
0x140270778 SetFilePointer
0x140270780 SetEndOfFile
0x140270788 LockFile
0x140270790 GetFullPathNameW
0x140270798 FlushFileBuffers
0x1402707a0 VerifyVersionInfoW
0x1402707a8 VerSetConditionMask
0x1402707b0 VirtualProtect
0x1402707b8 GlobalFlags
0x1402707c0 GetUserDefaultUILanguage
0x1402707d0 GetLocaleInfoW
0x1402707d8 LocalReAlloc
0x1402707e0 LocalAlloc
0x1402707e8 GlobalHandle
0x1402707f0 TlsFree
0x1402707f8 TlsSetValue
0x140270800 TlsGetValue
0x140270808 TlsAlloc
0x140270810 EnterCriticalSection
0x140270818 HeapFree
0x140270820 GlobalGetAtomNameW
0x140270828 lstrcpyW
0x140270830 GetThreadLocale
0x140270840 GetPrivateProfileStringW
0x140270848 GetPrivateProfileIntW
0x140270850 ResumeThread
0x140270858 CompareStringA
0x140270860 lstrcmpA
0x140270868 GetCurrentThread
0x140270870 FormatMessageW
0x140270878 LocalFree
0x140270880 GetCurrentProcessId
0x140270888 CompareStringW
0x140270890 QueryActCtxW
0x140270898 FindActCtxSectionStringW
0x1402708a0 DeactivateActCtx
0x1402708a8 ActivateActCtx
0x1402708b0 CreateActCtxW
0x1402708b8 GlobalFindAtomW
0x1402708c0 GlobalAddAtomW
0x1402708c8 lstrcmpW
0x1402708d0 GlobalDeleteAtom
0x1402708d8 GetModuleHandleExW
0x1402708e0 EncodePointer
0x1402708e8 OutputDebugStringA
0x1402708f0 UnmapViewOfFile
0x1402708f8 WaitForMultipleObjects
0x140270900 CreateIoCompletionPort
0x140270908 MapViewOfFileEx
0x140270910 CreateFileW
0x140270918 CreateFileMappingW
0x140270920 GetFileSize
0x140270928 CreateSemaphoreW
0x140270930 ReleaseSemaphore
0x140270938 SwitchToThread
0x140270940 GetNativeSystemInfo
0x140270948 GetSystemInfo
0x140270950 SetEvent
0x140270968 GetExitCodeThread
0x140270970 TerminateThread
0x140270978 HeapCreate
库: USER32.dll:
0x140270ae8 CallWindowProcW
0x140270af0 GetScrollBarInfo
0x140270af8 GetWindowRect
0x140270b00 BeginPaint
0x140270b08 EndPaint
0x140270b10 GetThreadDesktop
0x140270b20 OpenInputDesktop
0x140270b28 SetThreadDesktop
0x140270b30 CloseDesktop
0x140270b38 GetCursorPos
0x140270b40 GetCursorInfo
0x140270b48 GetWindowDC
0x140270b50 SetWindowPos
0x140270b58 SetWindowLongPtrW
0x140270b60 GetWindowInfo
0x140270b68 GetClientRect
0x140270b70 ReleaseDC
0x140270b78 SetScrollPos
0x140270b80 AdjustWindowRectEx
0x140270b88 SetCursor
0x140270b90 GetKeyState
0x140270b98 SendMessageW
0x140270ba0 InvalidateRect
0x140270ba8 EnableWindow
0x140270bb0 GetSystemMetrics
0x140270bb8 GetScrollInfo
0x140270bc0 GetWindowLongPtrW
0x140270bc8 IsWindowVisible
0x140270bd0 ShowScrollBar
0x140270bd8 DestroyCursor
0x140270be0 UnregisterClassW
0x140270be8 IsWindow
0x140270bf0 DestroyWindow
0x140270bf8 SetClassLongPtrW
0x140270c00 LoadCursorW
0x140270c08 DrawIconEx
0x140270c10 PostMessageW
0x140270c18 LoadImageW
0x140270c20 LoadIconW
0x140270c28 RegisterClassW
0x140270c30 GetClassInfoW
0x140270c38 LoadStringW
0x140270c40 CreateWindowExW
0x140270c48 DefWindowProcW
0x140270c50 CopyImage
0x140270c58 SetForegroundWindow
0x140270c60 MessageBoxW
0x140270c68 SetScrollInfo
0x140270c70 GetDC
0x140270c78 GetParent
0x140270c80 DestroyIcon
0x140270c88 SetWindowLongW
0x140270c90 IsZoomed
0x140270c98 SetRect
0x140270ca0 GetWindowLongW
0x140270ca8 GetSystemMenu
0x140270cb0 GetWindow
0x140270cb8 GetFocus
0x140270cc0 SetWindowRgn
0x140270cc8 FillRect
0x140270cd0 TranslateMessage
0x140270cd8 DispatchMessageW
0x140270ce0 PeekMessageW
0x140270cf0 RegisterWindowMessageW
0x140270cf8 GetMessagePos
0x140270d00 GetMessageTime
0x140270d08 GetClassInfoExW
0x140270d10 IsMenu
0x140270d18 IsChild
0x140270d20 GetWindowPlacement
0x140270d28 SetWindowPlacement
0x140270d30 BeginDeferWindowPos
0x140270d38 DeferWindowPos
0x140270d40 EndDeferWindowPos
0x140270d48 GetDlgItem
0x140270d50 GetMenu
0x140270d58 GetMenuItemID
0x140270d60 GetMenuItemCount
0x140270d68 GetForegroundWindow
0x140270d70 ValidateRect
0x140270d78 ScrollWindow
0x140270d80 SetPropW
0x140270d88 GetPropW
0x140270d90 RemovePropW
0x140270d98 GetWindowTextW
0x140270da0 GetWindowTextLengthW
0x140270da8 ScreenToClient
0x140270db0 MapWindowPoints
0x140270db8 EqualRect
0x140270dc0 GetClassLongPtrW
0x140270dc8 GetTopWindow
0x140270dd0 GetLastActivePopup
0x140270dd8 SetWindowsHookExW
0x140270de0 UnhookWindowsHookEx
0x140270de8 CallNextHookEx
0x140270df0 GetMenuStringW
0x140270df8 GetMenuState
0x140270e00 RemoveMenu
0x140270e08 DrawTextW
0x140270e10 DrawTextExW
0x140270e18 GrayStringW
0x140270e20 TabbedTextOutW
0x140270e28 ShowWindow
0x140270e30 CheckDlgButton
0x140270e38 SetWindowTextW
0x140270e40 IsDialogMessageW
0x140270e48 CheckMenuItem
0x140270e50 EnableMenuItem
0x140270e58 SetMenuItemBitmaps
0x140270e68 SetMenuItemInfoW
0x140270e70 SystemParametersInfoW
0x140270e78 RegisterClipboardFormatW
0x140270e80 SetWindowContextHelpId
0x140270e88 MapDialogRect
0x140270e90 PostQuitMessage
0x140270e98 GetMessageW
0x140270ea0 ShowOwnedPopups
0x140270ea8 LoadMenuW
0x140270eb8 EndDialog
0x140270ec0 GetKeyNameTextW
0x140270ec8 MapVirtualKeyW
0x140270ed0 CharNextW
0x140270ed8 DrawFocusRect
0x140270ee0 NotifyWinEvent
0x140270ee8 SendDlgItemMessageA
0x140270ef0 SetRectEmpty
0x140270ef8 GetMenuItemInfoW
0x140270f00 InflateRect
0x140270f08 MonitorFromPoint
0x140270f10 GetSysColorBrush
0x140270f18 RealChildWindowFromPoint
0x140270f20 GetAsyncKeyState
0x140270f28 BringWindowToTop
0x140270f30 LoadAcceleratorsW
0x140270f38 InsertMenuItemW
0x140270f40 UnpackDDElParam
0x140270f48 ReuseDDElParam
0x140270f58 EnumDisplayMonitors
0x140270f60 DrawStateW
0x140270f68 TrackMouseEvent
0x140270f70 CharUpperW
0x140270f78 ModifyMenuW
0x140270f80 PostThreadMessageW
0x140270f88 WaitMessage
0x140270f90 ToUnicodeEx
0x140270f98 GetKeyboardLayout
0x140270fa0 GetKeyboardState
0x140270fa8 CopyAcceleratorTableW
0x140270fb0 EnumChildWindows
0x140270fb8 LockWindowUpdate
0x140270fc0 InvalidateRgn
0x140270fc8 GetNextDlgGroupItem
0x140270fd0 DrawEdge
0x140270fd8 DrawFrameControl
0x140270fe0 UnionRect
0x140270fe8 GetIconInfo
0x140270ff0 SetCursorPos
0x140270ff8 CharUpperBuffW
0x140271000 UpdateLayeredWindow
0x140271008 EnableScrollBar
0x140271010 GetMenuDefaultItem
0x140271018 SetMenuDefaultItem
0x140271020 CopyIcon
0x140271028 FrameRect
0x140271038 DrawMenuBar
0x140271040 DefFrameProcW
0x140271048 DefMDIChildProcW
0x140271050 TranslateMDISysAccel
0x140271058 IsCharLowerW
0x140271060 MapVirtualKeyExW
0x140271068 SubtractRect
0x140271070 GetUpdateRect
0x140271078 HideCaret
0x140271080 InvertRect
0x140271088 GetDoubleClickTime
0x140271090 GetComboBoxInfo
0x140271098 GetWindowRgn
0x1402710a0 MessageBeep
0x1402710a8 WindowFromPoint
0x1402710b0 GetScrollPos
0x1402710b8 DrawIcon
0x1402710c0 GetActiveWindow
0x1402710c8 OffsetRect
0x1402710d0 GetCapture
0x1402710d8 SetTimer
0x1402710e0 RedrawWindow
0x1402710e8 GetScrollRange
0x1402710f0 CopyRect
0x1402710f8 GetDlgCtrlID
0x140271100 ClientToScreen
0x140271108 GetSysColor
0x140271110 IsWindowEnabled
0x140271118 SetMenu
0x140271120 WinHelpW
0x140271128 LoadBitmapW
0x140271130 IsRectEmpty
0x140271138 IntersectRect
0x140271140 SetFocus
0x140271148 GetClassNameW
0x140271150 SetParent
0x140271158 SetCapture
0x140271160 SetScrollRange
0x140271168 KillTimer
0x140271170 PtInRect
0x140271178 UpdateWindow
0x140271180 ReleaseCapture
0x140271188 IsIconic
0x140271190 GetNextDlgTabItem
0x140271198 DeleteMenu
0x1402711a0 CreatePopupMenu
0x1402711a8 TrackPopupMenu
0x1402711b0 GetSubMenu
0x1402711b8 DestroyAcceleratorTable
0x1402711c0 CreateAcceleratorTableW
0x1402711c8 DestroyMenu
0x1402711d0 TranslateAcceleratorW
0x1402711d8 InsertMenuW
0x1402711e0 AppendMenuW
0x1402711e8 CreateMenu
0x1402711f0 GetWindowThreadProcessId
0x1402711f8 MonitorFromWindow
0x140271200 SetActiveWindow
0x140271208 OpenClipboard
0x140271210 GetMonitorInfoW
0x140271218 CloseClipboard
0x140271220 EmptyClipboard
0x140271228 MoveWindow
0x140271230 SetClipboardData
0x140271238 GetDesktopWindow
库: GDI32.dll:
0x140270088 CreatePatternBrush
0x140270090 GetPixel
0x140270098 CreateBitmap
0x1402700a0 CombineRgn
0x1402700a8 GetViewportOrgEx
0x1402700b0 PatBlt
0x1402700b8 CreateRoundRectRgn
0x1402700c0 GetTextMetricsW
0x1402700c8 CreateRectRgn
0x1402700d0 CreatePen
0x1402700d8 Rectangle
0x1402700e0 Ellipse
0x1402700e8 CreateSolidBrush
0x1402700f0 CreateEllipticRgn
0x1402700f8 RoundRect
0x140270100 FillRgn
0x140270108 GetTextExtentPoint32W
0x140270110 CreateFontIndirectW
0x140270118 SetDIBColorTable
0x140270120 RealizePalette
0x140270128 GetSystemPaletteEntries
0x140270130 SelectPalette
0x140270138 CreatePalette
0x140270140 GetWindowOrgEx
0x140270148 GetDeviceCaps
0x140270150 GetDIBits
0x140270158 CreateCompatibleBitmap
0x140270160 SelectObject
0x140270168 CreateDIBSection
0x140270170 CreateCompatibleDC
0x140270178 CreateHatchBrush
0x140270180 SetStretchBltMode
0x140270188 BitBlt
0x140270190 GetStockObject
0x140270198 DeleteObject
0x1402701a0 DeleteDC
0x1402701a8 SetBkColor
0x1402701b0 SetTextColor
0x1402701b8 CopyMetaFileW
0x1402701c0 CreateDCW
0x1402701c8 Escape
0x1402701d0 ExcludeClipRect
0x1402701d8 GetClipBox
0x1402701e0 GetObjectType
0x1402701e8 GetViewportExtEx
0x1402701f0 IntersectClipRect
0x1402701f8 LineTo
0x140270200 PtVisible
0x140270208 RectVisible
0x140270210 RestoreDC
0x140270218 SaveDC
0x140270220 SelectClipRgn
0x140270228 ExtSelectClipRgn
0x140270230 SetBkMode
0x140270238 SetPolyFillMode
0x140270240 SetROP2
0x140270248 SetTextAlign
0x140270250 SetPixel
0x140270258 GetWindowExtEx
0x140270260 StretchBlt
0x140270268 GetLayout
0x140270270 SetLayout
0x140270278 GetObjectW
0x140270280 SetPixelV
0x140270288 GetTextFaceW
0x140270290 PtInRegion
0x140270298 GetBoundsRect
0x1402702a0 FrameRgn
0x1402702a8 SetPaletteEntries
0x1402702b0 ExtFloodFill
0x1402702b8 LPtoDP
0x1402702c0 GetPaletteEntries
0x1402702c8 GetNearestPaletteIndex
0x1402702d0 EnumFontFamiliesExW
0x1402702d8 Polyline
0x1402702e0 Polygon
0x1402702e8 CreatePolygonRgn
0x1402702f0 OffsetRgn
0x1402702f8 GetRgnBox
0x140270300 GetTextCharsetInfo
0x140270308 EnumFontFamiliesW
0x140270310 CreateDIBitmap
0x140270318 DPtoLP
0x140270320 SetRectRgn
0x140270328 GetMapMode
0x140270330 GetTextColor
0x140270338 GetBkColor
0x140270340 CreateRectRgnIndirect
0x140270348 ScaleWindowExtEx
0x140270350 ScaleViewportExtEx
0x140270358 OffsetWindowOrgEx
0x140270360 OffsetViewportOrgEx
0x140270368 SetWindowOrgEx
0x140270370 SetWindowExtEx
0x140270378 SetViewportOrgEx
0x140270380 SetViewportExtEx
0x140270388 ExtTextOutW
0x140270390 TextOutW
0x140270398 MoveToEx
0x1402703a0 SetMapMode
库: ADVAPI32.dll:
0x140270000 RegDeleteValueW
0x140270008 RegEnumKeyW
0x140270010 RegEnumKeyExW
0x140270018 RegEnumValueW
0x140270020 RegDeleteKeyW
0x140270028 RegQueryValueW
0x140270030 RegCreateKeyExW
0x140270038 RegSetValueExW
0x140270040 RegCloseKey
0x140270048 RegQueryValueExW
0x140270050 RegOpenKeyExW
库: SHELL32.dll:
0x140270a38 DragFinish
0x140270a40 SHAppBarMessage
0x140270a48 SHGetMalloc
0x140270a50 SHGetPathFromIDListW
0x140270a60 SHBrowseForFolderW
0x140270a68 SHGetDesktopFolder
0x140270a70 ShellExecuteW
0x140270a78 SHGetFileInfoW
0x140270a80 Shell_NotifyIconW
0x140270a88 DragQueryFileW
库: ole32.dll:
0x1402714b0 OleFlushClipboard
0x1402714b8 OleIsCurrentClipboard
0x1402714c0 CoRegisterMessageFilter
0x1402714e0 DoDragDrop
0x1402714e8 OleGetClipboard
0x1402714f0 OleLockRunning
0x1402714f8 OleCreateMenuDescriptor
0x140271500 OleDestroyMenuDescriptor
0x140271508 OleTranslateAccelerator
0x140271510 IsAccelerator
0x140271518 CoLockObjectExternal
0x140271520 RegisterDragDrop
0x140271528 RevokeDragDrop
0x140271530 CreateStreamOnHGlobal
0x140271538 CoUninitialize
0x140271540 CoRevokeClassObject
0x140271548 CoGetClassObject
0x140271550 CoDisconnectObject
0x140271558 CoInitialize
0x140271560 CoCreateGuid
0x140271568 OleUninitialize
0x140271570 OleInitialize
0x140271578 CoFreeUnusedLibraries
0x140271580 ReleaseStgMedium
0x140271588 OleDuplicateData
0x140271590 CoTaskMemFree
0x140271598 CoTaskMemAlloc
0x1402715a0 CoInitializeEx
0x1402715a8 CLSIDFromString
0x1402715b0 CLSIDFromProgID
0x1402715b8 CoCreateInstance
库: OLEAUT32.dll:
0x1402709c0 VariantChangeType
0x1402709c8 VarBstrFromDate
0x1402709d0 VariantClear
0x1402709d8 SysStringLen
0x1402709e0 SysAllocStringLen
0x1402709e8 SystemTimeToVariantTime
0x1402709f0 VariantTimeToSystemTime
0x1402709f8 VariantInit
0x140270a00 LoadTypeLib
0x140270a08 SysFreeString
0x140270a10 OleCreateFontIndirect
0x140270a18 SafeArrayDestroy
0x140270a20 VariantCopy
0x140270a28 SysAllocString
库: COMCTL32.dll:
0x140270060 ImageList_AddMasked
0x140270068 InitCommonControlsEx
0x140270070 ImageList_Create
0x140270078 ImageList_Destroy
库: WS2_32.dll:
0x1402712e8 WSAIoctl
0x1402712f0 WSARecv
0x1402712f8 WSASend
0x140271300 WSAAddressToStringW
0x140271308 WSAStringToAddressW
0x140271310 getaddrinfo
0x140271318 freeaddrinfo
0x140271320 bind
0x140271328 listen
0x140271330 socket
0x140271338 WSAStartup
0x140271340 WSASetLastError
0x140271348 WSAGetOverlappedResult
0x140271350 connect
0x140271358 shutdown
0x140271360 setsockopt
0x140271368 send
0x140271370 recv
0x140271378 WSACloseEvent
0x140271380 WSACreateEvent
0x140271388 WSAEnumNetworkEvents
0x140271390 WSAEventSelect
0x140271398 WSAResetEvent
0x1402713a0 WSAWaitForMultipleEvents
0x1402713a8 ntohs
0x1402713b0 ioctlsocket
0x1402713b8 closesocket
0x1402713c0 WSAGetLastError
0x1402713c8 htons
0x1402713d0 getsockopt
0x1402713d8 WSACleanup
0x1402713e0 getsockname
库: IMM32.dll:
0x1402703b0 ImmGetOpenStatus
0x1402703b8 ImmReleaseContext
0x1402703c0 ImmAssociateContext
0x1402703c8 ImmGetContext
库: SHLWAPI.dll:
0x140270a98 PathRemoveFileSpecW
0x140270aa0 PathStripToRootW
0x140270aa8 PathIsUNCW
0x140270ab0 PathFindFileNameW
0x140270ab8 PathFindExtensionW
0x140270ac0 StrPBrkW
0x140270ac8 StrChrW
0x140270ad0 StrFormatByteSizeW
0x140270ad8 StrFormatKBSizeW
库: MSIMG32.dll:
0x140270988 AlphaBlend
0x140270990 TransparentBlt
库: UxTheme.dll:
0x140271248 GetThemeSysColor
0x140271258 GetCurrentThemeName
0x140271260 GetThemeColor
0x140271270 DrawThemeText
0x140271278 GetWindowTheme
0x140271280 IsAppThemed
0x140271288 GetThemePartSize
0x140271290 DrawThemeBackground
0x140271298 CloseThemeData
0x1402712a0 OpenThemeData
库: oledlg.dll:
0x1402715c8 OleUIBusyW
库: gdiplus.dll:
0x1402713f0 GdipCreateFromHDC
0x1402713f8 GdipSetInterpolationMode
0x140271408 GdiplusStartup
0x140271410 GdipGetImageHeight
0x140271418 GdipGetImagePaletteSize
0x140271420 GdipCloneImage
0x140271428 GdipBitmapUnlockBits
0x140271438 GdipAlloc
0x140271440 GdipDisposeImage
0x140271448 GdipGetImagePixelFormat
0x140271450 GdipFree
0x140271458 GdipBitmapLockBits
0x140271468 GdipDeleteGraphics
0x140271470 GdipGetImagePalette
0x140271478 GdipGetImageWidth
0x140271480 GdipCreateBitmapFromFile
0x140271488 GdiplusShutdown
0x140271498 GdipDrawImageI
0x1402714a0 GdipDrawImageRectI
库: WINMM.dll:
0x1402712b0 PlaySoundW
0x1402712b8 timeGetTime
库: OLEACC.dll:
0x1402709a8 LresultFromObject
库: WINSPOOL.DRV:
0x1402712c8 ClosePrinter
0x1402712d0 DocumentPropertiesW
0x1402712d8 OpenPrinterW
.text
`.rodata
`.rdata
@.data
.pdata
@.rsrc
@.reloc
o%F~&
o5W~&
o=B~&
o%jv&
o%Dt&
o-8t&
o5Dt&
o=<w&
o%'r&
o=ls&
o%Ip&
o-Gp&
o5Ep&
o=Cp&
o%\o&
o-Zo&
o5Xo&
o=Vo&
o%nn&
o-ln&
o5jn&
o=hn&
o-~m&
o5|m&
o=zm&
o=~l&
o=Lk&
o-sh&
o%7h&
o-5h&
o53h&
o=1h&
o%fg&
o-dg&
o5bg&
o=`g&
o%+f&
o-)f&
o5'f&
o=%f&
o%Ye&
o-We&
o5Ue&
o=Se&
o=f>&
o5~x%
o5)u%
o5ip%
没有防病毒引擎扫描信息!

访问主机纪录 (可点击查询WPING实时安全评级)

无主机纪录.

TCP

无TCP连接纪录.

UDP

无UDP连接纪录.

域名解析 (可点击查询WPING实时安全评级)

无域名信息.

TCP

无TCP连接纪录.

UDP

无UDP连接纪录.

HTTP 请求

未发现HTTP请求.

SMTP 流量

无SMTP流量.

IRC 流量

无IRC请求.

ICMP 流量

无ICMP流量.

CIF 报告

无 CIF 结果

网络警报

无警报

TLS

No TLS

Suricata HTTP

No Suricata HTTP

未发现网络提取文件
抱歉! 没有任何文件投放。
没有发现相似的分析.
HTML 总结报告
(需15-60分钟同步)		 下载

Processing ( 17.092 seconds )

  • 14.536 Static
  • 1.18 TargetInfo
  • 0.978 VirusTotal
  • 0.359 peid
  • 0.012 config_decoder
  • 0.012 Strings
  • 0.011 AnalysisInfo
  • 0.002 BehaviorAnalysis
  • 0.002 Memory

Signatures ( 0.078 seconds )

  • 0.011 antiav_detectreg
  • 0.009 md_url_bl
  • 0.008 anomaly_persistence_autorun
  • 0.007 md_domain_bl
  • 0.005 antiav_detectfile
  • 0.005 infostealer_ftp
  • 0.004 ransomware_files
  • 0.003 infostealer_bitcoin
  • 0.003 infostealer_im
  • 0.003 ransomware_extensions
  • 0.002 tinba_behavior
  • 0.002 antianalysis_detectreg
  • 0.002 antivm_vbox_files
  • 0.002 disables_browser_warn
  • 0.002 infostealer_mail
  • 0.001 rat_nanocore
  • 0.001 betabot_behavior
  • 0.001 cerber_behavior
  • 0.001 geodo_banking_trojan
  • 0.001 bot_drive
  • 0.001 bot_drive2
  • 0.001 browser_security
  • 0.001 modify_proxy
  • 0.001 maldun_malicious_drop_executable_file_to_temp_folder
  • 0.001 md_bad_drop

Reporting ( 0.46 seconds )

  • 0.452 ReportHTMLSummary
  • 0.008 Malheur
Task ID 640986
Mongo ID 60cc5dacdc327b0eb3172ace
Cuckoo release 1.4-Maldun