比较分析...

分析任务

分析类型 虚拟机标签 开始时间 结束时间 持续时间
文件 (Windows) win7-sp1-x64-shaapp02-1 2021-06-18 23:26:51 2021-06-18 23:26:52 1 秒

魔盾分数

1.75

正常的

文件详细信息

文件名 和平精英热门皮肤获得.exe
文件大小 2023424 字节
文件类型 PE32 executable (GUI) Intel 80386, for MS Windows
MD5 cb21bae3ff676eeaba43800c596d01c2
SHA1 72fe27396cd1ad1bf868bc4dc3eb9948f6d08ae0
SHA256 e4d82bbf7546bbcd2518f3958536b7c77529961124c7c3ed4b7fc64185fa0e41
SHA512 5c27664280cf7743810926ba4edb749d344a8b118098d9322a228096f54a6ac72e8cfc48ee7cb945be4c9882768192f8b6018e60068604fbd61018d60c152b08
CRC32 E827AB26
Ssdeep 49152:EzZisJZTZaqdwk0c05HGiPz0Fxi6X7OsUZR:ENisJZYqdwkLcHHLww6LnUZR
Yara 登录查看Yara规则
样本下载 提交漏报
登录查看威胁特征

运行截图

没有可用的屏幕截图

访问主机纪录 (可点击查询WPING实时安全评级)

无主机纪录.

域名解析 (可点击查询WPING实时安全评级)

无域名信息.

摘要

登录查看详细行为信息

PE 信息

初始地址 0x00400000
入口地址 0x00460fad
声明校验值 0x00000000
实际校验值 0x001fb44f
最低操作系统版本要求 4.0
编译时间 2021-06-18 23:08:29
载入哈希 28a3377f7b10f2ba91e3e1ee820e8b2e

版本信息

LegalCopyright
FileVersion
CompanyName
Comments
ProductName
ProductVersion
FileDescription
Translation

PE 数据组成

名称 虚拟地址 虚拟大小 原始数据大小 特征 熵(Entropy)
.text 0x00001000 0x0007ebbe 0x0007f000 IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 6.57
.rdata 0x00080000 0x001496f8 0x0014a000 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 7.91
.data 0x001ca000 0x00021668 0x00012000 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 4.99
.rsrc 0x001ec000 0x00011984 0x00012000 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 6.46

导入

库: KERNEL32.dll:
0x480170 SetEndOfFile
0x480174 UnlockFile
0x480178 LockFile
0x48017c FlushFileBuffers
0x480180 SetFilePointer
0x480184 GetCurrentProcess
0x480188 DuplicateHandle
0x48018c lstrcpynA
0x480190 SetLastError
0x48019c LocalFree
0x4801a0 MultiByteToWideChar
0x4801a4 WideCharToMultiByte
0x4801ac CreateSemaphoreA
0x4801b0 SetStdHandle
0x4801b4 IsBadCodePtr
0x4801b8 IsBadReadPtr
0x4801bc CompareStringW
0x4801c0 CompareStringA
0x4801c8 GetStringTypeW
0x4801cc GetStringTypeA
0x4801d0 IsBadWritePtr
0x4801d4 VirtualAlloc
0x4801d8 LCMapStringW
0x4801dc LCMapStringA
0x4801e4 VirtualFree
0x4801e8 HeapCreate
0x4801ec HeapDestroy
0x4801f4 GetFileType
0x4801f8 GetStdHandle
0x4801fc SetHandleCount
0x480214 GetACP
0x480218 HeapSize
0x48021c ResumeThread
0x480220 ReleaseSemaphore
0x48022c GetProfileStringA
0x480230 WriteFile
0x480234 ReadFile
0x48023c CreateFileA
0x480240 SetEvent
0x480244 FindResourceA
0x480248 LoadResource
0x48024c LockResource
0x480250 GetModuleFileNameA
0x480254 GetCurrentThreadId
0x480258 ExitProcess
0x48025c GlobalSize
0x480260 GlobalFree
0x48026c lstrcatA
0x480270 lstrlenA
0x480274 WinExec
0x480278 lstrcpyA
0x48027c FindNextFileA
0x480280 GlobalReAlloc
0x480284 HeapFree
0x480288 HeapReAlloc
0x48028c GetProcessHeap
0x480290 HeapAlloc
0x480294 GetFullPathNameA
0x480298 FreeLibrary
0x48029c LoadLibraryA
0x4802a0 GetLastError
0x4802a4 GetVersionExA
0x4802ac CreateThread
0x4802b0 CreateEventA
0x4802b4 Sleep
0x4802b8 GlobalAlloc
0x4802bc GlobalLock
0x4802c0 GlobalUnlock
0x4802c4 FindFirstFileA
0x4802c8 FindClose
0x4802cc SetFileAttributesA
0x4802d0 TerminateProcess
0x4802d4 GetLocalTime
0x4802d8 GetSystemTime
0x4802e0 RaiseException
0x4802e4 RtlUnwind
0x4802e8 GetStartupInfoA
0x4802ec GetOEMCP
0x4802f0 GetCPInfo
0x4802f4 GetProcessVersion
0x4802f8 SetErrorMode
0x4802fc GlobalFlags
0x480300 GetCurrentThread
0x480304 GetFileTime
0x480308 GetFileSize
0x48030c TlsGetValue
0x480310 LocalReAlloc
0x480314 TlsSetValue
0x480318 TlsFree
0x48031c GlobalHandle
0x480320 GetFileAttributesA
0x48032c TlsAlloc
0x480330 LocalAlloc
0x480334 lstrcmpA
0x480338 GetVersion
0x48033c GlobalGetAtomNameA
0x480340 GlobalAddAtomA
0x480344 GlobalFindAtomA
0x480348 GlobalDeleteAtom
0x48034c lstrcmpiA
0x480350 GetModuleHandleA
0x480354 GetProcAddress
0x480358 MulDiv
0x48035c GetCommandLineA
0x480360 GetTickCount
0x480364 WaitForSingleObject
0x480368 CloseHandle
库: USER32.dll:
0x480390 OpenClipboard
0x480394 SetClipboardData
0x480398 EmptyClipboard
0x48039c GetSystemMetrics
0x4803a0 GetCursorPos
0x4803a4 MessageBoxA
0x4803a8 SetWindowPos
0x4803ac SendMessageA
0x4803b0 DestroyCursor
0x4803b4 SetParent
0x4803b8 GetClipboardData
0x4803bc PostMessageA
0x4803c0 GetTopWindow
0x4803c4 GetParent
0x4803c8 GetFocus
0x4803cc GetClientRect
0x4803d0 InvalidateRect
0x4803d4 ValidateRect
0x4803d8 UpdateWindow
0x4803dc CloseClipboard
0x4803e0 wsprintfA
0x4803e4 EqualRect
0x4803e8 GetWindowRect
0x4803ec SetForegroundWindow
0x4803f0 IsWindow
0x4803f4 DestroyMenu
0x4803f8 IsChild
0x4803fc ReleaseDC
0x480400 IsRectEmpty
0x480404 FillRect
0x480408 GetDC
0x48040c SetCursor
0x480410 LoadCursorA
0x480414 SetCursorPos
0x480418 SetActiveWindow
0x48041c GetSysColor
0x480420 SetWindowLongA
0x480424 GetWindowLongA
0x480428 RedrawWindow
0x48042c EnableWindow
0x480430 IsWindowVisible
0x480434 OffsetRect
0x480438 PtInRect
0x48043c DestroyIcon
0x480440 IntersectRect
0x480444 InflateRect
0x480448 SetRect
0x48044c SetScrollPos
0x480450 SetScrollRange
0x480454 GetScrollRange
0x480458 SetCapture
0x48045c TranslateMessage
0x480460 LoadIconA
0x480464 DrawFrameControl
0x480468 DrawEdge
0x48046c DrawFocusRect
0x480470 WindowFromPoint
0x480474 GetMessageA
0x480478 DispatchMessageA
0x48047c SetRectEmpty
0x48048c DrawIconEx
0x480490 CreatePopupMenu
0x480494 AppendMenuA
0x480498 ModifyMenuA
0x48049c CreateMenu
0x4804a4 GetDlgCtrlID
0x4804a8 GetSubMenu
0x4804ac EnableMenuItem
0x4804b0 ClientToScreen
0x4804b8 LoadImageA
0x4804c0 ShowWindow
0x4804c4 IsWindowEnabled
0x4804cc GetKeyState
0x4804d4 PostQuitMessage
0x4804d8 IsZoomed
0x4804dc GetClassInfoA
0x4804e0 GetWindowTextA
0x4804e8 CharUpperA
0x4804ec GetWindowDC
0x4804f0 BeginPaint
0x4804f4 EndPaint
0x4804f8 TabbedTextOutA
0x4804fc DrawTextA
0x480500 GrayStringA
0x480504 GetDlgItem
0x480508 DestroyWindow
0x480510 EndDialog
0x480514 GetNextDlgTabItem
0x480518 GetWindowPlacement
0x480520 GetForegroundWindow
0x480524 GetLastActivePopup
0x480528 GetMessageTime
0x48052c RemovePropA
0x480530 CallWindowProcA
0x480534 GetPropA
0x480538 UnhookWindowsHookEx
0x48053c SetPropA
0x480540 GetClassLongA
0x480544 CallNextHookEx
0x480548 SetWindowsHookExA
0x48054c CreateWindowExA
0x480550 GetMenuItemID
0x480554 GetMenuItemCount
0x480558 RegisterClassA
0x48055c GetScrollPos
0x480560 UnregisterClassA
0x480564 AdjustWindowRectEx
0x480568 MapWindowPoints
0x48056c SendDlgItemMessageA
0x480570 ScrollWindowEx
0x480574 IsDialogMessageA
0x480578 SetWindowTextA
0x48057c MoveWindow
0x480580 CheckMenuItem
0x480584 SetMenuItemBitmaps
0x480588 GetMenuState
0x480590 GetClassNameA
0x480594 GetDesktopWindow
0x480598 LoadStringA
0x48059c GetSysColorBrush
0x4805a0 DefWindowProcA
0x4805a4 GetSystemMenu
0x4805a8 DeleteMenu
0x4805ac GetMenu
0x4805b0 SetMenu
0x4805b4 PeekMessageA
0x4805b8 IsIconic
0x4805bc SetFocus
0x4805c0 GetActiveWindow
0x4805c4 GetWindow
0x4805cc SetWindowRgn
0x4805d0 GetMessagePos
0x4805d4 ScreenToClient
0x4805dc CopyRect
0x4805e0 LoadBitmapA
0x4805e4 WinHelpA
0x4805e8 KillTimer
0x4805ec SetTimer
0x4805f0 ReleaseCapture
0x4805f4 GetCapture
库: GDI32.dll:
0x480024 SetStretchBltMode
0x480028 GetClipRgn
0x48002c CreatePolygonRgn
0x480030 SelectClipRgn
0x480034 DeleteObject
0x480038 CreateDIBitmap
0x480040 CreatePalette
0x480044 StretchBlt
0x480048 SelectPalette
0x48004c RealizePalette
0x480050 GetDIBits
0x480054 GetWindowExtEx
0x480058 GetViewportOrgEx
0x48005c GetWindowOrgEx
0x480060 BeginPath
0x480064 EndPath
0x480068 PathToRegion
0x48006c CreateEllipticRgn
0x480070 CreateRoundRectRgn
0x480074 GetTextColor
0x480078 GetBkMode
0x48007c GetBkColor
0x480080 GetROP2
0x480084 GetStretchBltMode
0x480088 GetPolyFillMode
0x480090 CreateDCA
0x480094 CreateBitmap
0x480098 SelectObject
0x48009c GetObjectA
0x4800a0 PatBlt
0x4800a4 CombineRgn
0x4800a8 CreateRectRgn
0x4800ac FillRgn
0x4800b0 CreateSolidBrush
0x4800b4 GetStockObject
0x4800b8 CreateFontIndirectA
0x4800bc EndPage
0x4800c0 EndDoc
0x4800c4 DeleteDC
0x4800c8 StartDocA
0x4800cc StartPage
0x4800d0 BitBlt
0x4800d4 CreateCompatibleDC
0x4800d8 Ellipse
0x4800dc Rectangle
0x4800e0 LPtoDP
0x4800e4 DPtoLP
0x4800e8 GetCurrentObject
0x4800ec RoundRect
0x4800f4 GetDeviceCaps
0x4800f8 SaveDC
0x4800fc RestoreDC
0x480100 SetBkMode
0x480104 SetPolyFillMode
0x480108 SetROP2
0x48010c SetTextColor
0x480110 SetMapMode
0x480114 SetViewportOrgEx
0x480118 OffsetViewportOrgEx
0x48011c SetViewportExtEx
0x480120 ScaleViewportExtEx
0x480124 SetWindowOrgEx
0x480128 SetWindowExtEx
0x48012c ScaleWindowExtEx
0x480130 GetClipBox
0x480134 ExcludeClipRect
0x480138 MoveToEx
0x48013c LineTo
0x480144 SetBkColor
0x480148 CreatePen
0x48014c GetTextMetricsA
0x480150 Escape
0x480154 ExtTextOutA
0x480158 TextOutA
0x48015c RectVisible
0x480160 PtVisible
0x480164 GetViewportExtEx
0x480168 ExtSelectClipRgn
库: WINMM.dll:
0x4805fc midiStreamRestart
0x480600 midiStreamClose
0x480604 midiOutReset
0x480608 midiStreamStop
0x48060c midiStreamOut
0x480614 midiStreamProperty
0x480618 midiStreamOpen
0x480620 waveOutOpen
0x480624 waveOutGetNumDevs
0x480628 waveOutClose
0x48062c waveOutReset
0x480630 waveOutPause
0x480634 waveOutWrite
库: WINSPOOL.DRV:
0x480644 ClosePrinter
0x480648 DocumentPropertiesA
0x48064c OpenPrinterA
库: ADVAPI32.dll:
0x480000 RegCloseKey
0x480004 RegOpenKeyExA
0x480008 RegSetValueExA
0x48000c RegQueryValueA
0x480010 RegCreateKeyExA
库: SHELL32.dll:
0x480384 ShellExecuteA
0x480388 Shell_NotifyIconA
库: ole32.dll:
0x480690 OleUninitialize
0x480694 CLSIDFromString
0x480698 OleInitialize
库: OLEAUT32.dll:
0x480374 UnRegisterTypeLib
0x480378 RegisterTypeLib
0x48037c LoadTypeLib
库: COMCTL32.dll:
0x480018 ImageList_Destroy
0x48001c None
库: WS2_32.dll:
0x480654 recv
0x480658 getpeername
0x48065c accept
0x480660 ioctlsocket
0x480664 recvfrom
0x480668 WSAAsyncSelect
0x48066c closesocket
0x480670 WSACleanup
0x480674 inet_ntoa
库: comdlg32.dll:
0x48067c GetFileTitleA
0x480680 GetSaveFileNameA
0x480684 GetOpenFileNameA
0x480688 ChooseColorA
.text
`.rdata
@.data
.rsrc
8`}<j
T$hVj
DRQPj
T$|Vj
T$th
|$TVj
|$`Vj
D$@Sj
L$8h
D$8Rj
l$<VWj
T$ Rj
L$4S+L$0Qj
Ph0+]
}'h
9^xu5j
T$,Qj
T$0Pj
D$8RPj
jjjjh
没有防病毒引擎扫描信息!

访问主机纪录 (可点击查询WPING实时安全评级)

无主机纪录.

TCP

无TCP连接纪录.

UDP

无UDP连接纪录.

域名解析 (可点击查询WPING实时安全评级)

无域名信息.

TCP

无TCP连接纪录.

UDP

无UDP连接纪录.

HTTP 请求

未发现HTTP请求.

SMTP 流量

无SMTP流量.

IRC 流量

无IRC请求.

ICMP 流量

无ICMP流量.

CIF 报告

无 CIF 结果

网络警报

无警报

TLS

No TLS

Suricata HTTP

No Suricata HTTP

未发现网络提取文件
抱歉! 没有任何文件投放。
没有发现相似的分析.
HTML 总结报告
(需15-60分钟同步)		 下载

Processing ( 6.874 seconds )

  • 4.907 Static
  • 1.008 VirusTotal
  • 0.617 TargetInfo
  • 0.31 peid
  • 0.012 AnalysisInfo
  • 0.012 Strings
  • 0.004 config_decoder
  • 0.002 BehaviorAnalysis
  • 0.002 Memory

Signatures ( 0.078 seconds )

  • 0.011 antiav_detectreg
  • 0.009 md_url_bl
  • 0.008 md_domain_bl
  • 0.006 anomaly_persistence_autorun
  • 0.005 antiav_detectfile
  • 0.005 infostealer_ftp
  • 0.004 ransomware_files
  • 0.003 infostealer_bitcoin
  • 0.003 infostealer_im
  • 0.003 ransomware_extensions
  • 0.002 tinba_behavior
  • 0.002 antianalysis_detectreg
  • 0.002 antivm_vbox_files
  • 0.002 geodo_banking_trojan
  • 0.002 disables_browser_warn
  • 0.002 infostealer_mail
  • 0.001 rat_nanocore
  • 0.001 betabot_behavior
  • 0.001 cerber_behavior
  • 0.001 bot_drive
  • 0.001 bot_drive2
  • 0.001 browser_security
  • 0.001 modify_proxy
  • 0.001 maldun_malicious_drop_executable_file_to_temp_folder
  • 0.001 md_bad_drop

Reporting ( 0.447 seconds )

  • 0.447 ReportHTMLSummary
Task ID 641032
Mongo ID 60ccbb4adc327b0eb0172a59
Cuckoo release 1.4-Maldun