分析任务
| 分析类型 | 虚拟机标签 | 开始时间 | 结束时间 | 持续时间 |
|---|---|---|---|---|
| 文件 (Windows) | win7-sp1-x64-shaapp02-1 | 2022-03-05 15:57:34 | 2022-03-05 15:59:40 | 126 秒 |
魔盾分数
5.15
可疑的
文件详细信息
| 文件名 | Free Glow.exe |
|---|---|
| 文件大小 | 2953216 字节 |
| 文件类型 | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 60dd0b395e6d9eae68c8608222848672 |
| SHA1 | 3b4a02e038acf0b2f219e8c79f9a70c967b80b16 |
| SHA256 | b9cde4af1d51f5152a35e2ffe6b82ac48682f29a596142f2804e36e2c5758c0b |
| SHA512 | 03eb1b921308d1f1241f5f724ed67dd34426a40415588cb9f65bc8fcd19097ebd1224ea3b5fbb184ef2792dbb407cf46f8c05ea21a7a39cf2d74e9b87ffe183a |
| CRC32 | 1042ADDD |
| Ssdeep | 49152:3dK2PDsCleqXqOF2YR3nY37c+s8KuqGaX0ToIBAUZLYo:NK2LsCEqXqOMYSJBAUZLz |
| Yara | 登录查看Yara规则 |
| 找不到该样本 提交漏报 |
登录查看威胁特征
运行截图
访问主机纪录 (可点击查询WPING实时安全评级)
无主机纪录.
域名解析 (可点击查询WPING实时安全评级)
无域名信息.
摘要
登录查看详细行为信息PE 信息
| 初始地址 | 0x00400000 |
|---|---|
| 入口地址 | 0x004a6fb9 |
| 声明校验值 | 0x00000000 |
| 实际校验值 | 0x002d9c34 |
| 最低操作系统版本要求 | 4.0 |
| 编译时间 | 2022-03-05 15:56:56 |
| 载入哈希 | 34016a8c8d08dad206b4b99d2a5c4208 |
版本信息
| LegalCopyright | |
|---|---|
| FileVersion | |
| CompanyName | |
| Comments | |
| ProductName | |
| ProductVersion | |
| FileDescription | |
| Translation |
PE 数据组成
| 名称 | 虚拟地址 | 虚拟大小 | 原始数据大小 | 特征 | 熵(Entropy) |
|---|---|---|---|---|---|
| .text | 0x00001000 | 0x000c757e | 0x000c8000 | IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ | 6.61 |
| .rdata | 0x000c9000 | 0x001d1df2 | 0x001d2000 | IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ | 7.20 |
| .data | 0x0029b000 | 0x000720aa | 0x00020000 | IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE | 5.36 |
| .rsrc | 0x0030e000 | 0x00015944 | 0x00016000 | IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ | 4.58 |
导入
库: WINMM.dll:
• 0x4c9670 midiStreamOut
• 0x4c9674 midiOutPrepareHeader
• 0x4c9678 midiStreamProperty
• 0x4c967c midiStreamOpen
• 0x4c9680 midiOutUnprepareHeader
• 0x4c9684 waveOutOpen
• 0x4c9688 waveOutUnprepareHeader
• 0x4c968c waveOutPrepareHeader
• 0x4c9690 waveOutWrite
• 0x4c9694 waveOutPause
• 0x4c9698 waveOutReset
• 0x4c969c waveOutClose
• 0x4c96a0 waveOutGetNumDevs
• 0x4c96a4 waveOutRestart
• 0x4c96a8 midiOutReset
• 0x4c96ac midiStreamClose
• 0x4c96b0 midiStreamRestart
• 0x4c96b4 midiStreamStop
库: WS2_32.dll:
• 0x4c96cc WSAAsyncSelect
• 0x4c96d0 closesocket
• 0x4c96d4 send
• 0x4c96d8 select
• 0x4c96dc WSAStartup
• 0x4c96e0 inet_ntoa
• 0x4c96e4 recvfrom
• 0x4c96e8 ioctlsocket
• 0x4c96ec recv
• 0x4c96f0 getpeername
• 0x4c96f4 accept
• 0x4c96f8 WSACleanup
• 0x4c96fc ntohl
库: KERNEL32.dll:
• 0x4c9198 SetLastError
• 0x4c919c GetTimeZoneInformation
• 0x4c91a0 GetVersion
• 0x4c91a4 FileTimeToSystemTime
• 0x4c91a8 ReleaseMutex
• 0x4c91ac SuspendThread
• 0x4c91b0 GetACP
• 0x4c91b4 RaiseException
• 0x4c91b8 GetLocalTime
• 0x4c91bc GetSystemTime
• 0x4c91c0 RtlUnwind
• 0x4c91c4 GetStartupInfoA
• 0x4c91c8 GetOEMCP
• 0x4c91cc GetCPInfo
• 0x4c91d0 GetProcessVersion
• 0x4c91d4 SetErrorMode
• 0x4c91d8 GlobalFlags
• 0x4c91dc GetCurrentThread
• 0x4c91e0 GetFileTime
• 0x4c91e4 TlsGetValue
• 0x4c91e8 LocalReAlloc
• 0x4c91ec TlsSetValue
• 0x4c91f0 TlsFree
• 0x4c91f4 GlobalHandle
• 0x4c91f8 TlsAlloc
• 0x4c91fc LocalAlloc
• 0x4c9200 lstrcmpA
• 0x4c9204 GlobalGetAtomNameA
• 0x4c9208 GlobalAddAtomA
• 0x4c920c GlobalFindAtomA
• 0x4c9210 GlobalDeleteAtom
• 0x4c9214 lstrcmpiA
• 0x4c9218 SetEndOfFile
• 0x4c921c UnlockFile
• 0x4c9220 LockFile
• 0x4c9224 FlushFileBuffers
• 0x4c9228 DuplicateHandle
• 0x4c922c lstrcpynA
• 0x4c9230 FileTimeToLocalFileTime
• 0x4c9234 LocalFree
• 0x4c9238 InterlockedDecrement
• 0x4c923c InterlockedIncrement
• 0x4c9240 TerminateProcess
• 0x4c9244 GetFileSize
• 0x4c9248 SetFilePointer
• 0x4c924c GetCurrentProcess
• 0x4c9250 GetWindowsDirectoryA
• 0x4c9254 GetSystemDirectoryA
• 0x4c9258 TerminateThread
• 0x4c925c CreateSemaphoreA
• 0x4c9260 ResumeThread
• 0x4c9264 ReleaseSemaphore
• 0x4c9268 EnterCriticalSection
• 0x4c926c LeaveCriticalSection
• 0x4c9270 GetProfileStringA
• 0x4c9274 WriteFile
• 0x4c9278 WaitForMultipleObjects
• 0x4c927c CreateFileA
• 0x4c9280 SetEvent
• 0x4c9284 FindResourceA
• 0x4c9288 LoadResource
• 0x4c928c LockResource
• 0x4c9290 ReadFile
• 0x4c9294 GetModuleFileNameA
• 0x4c9298 WideCharToMultiByte
• 0x4c929c MultiByteToWideChar
• 0x4c92a0 GetCurrentThreadId
• 0x4c92a4 ExitProcess
• 0x4c92a8 GlobalSize
• 0x4c92ac GlobalFree
• 0x4c92b0 DeleteCriticalSection
• 0x4c92b4 InitializeCriticalSection
• 0x4c92b8 lstrcatA
• 0x4c92bc lstrlenA
• 0x4c92c0 WinExec
• 0x4c92c4 lstrcpyA
• 0x4c92c8 FindNextFileA
• 0x4c92cc GlobalReAlloc
• 0x4c92d0 HeapFree
• 0x4c92d4 HeapReAlloc
• 0x4c92d8 GetProcessHeap
• 0x4c92dc HeapAlloc
• 0x4c92e0 GetFullPathNameA
• 0x4c92e4 FreeLibrary
• 0x4c92e8 LoadLibraryA
• 0x4c92ec GetLastError
• 0x4c92f0 GetVersionExA
• 0x4c92f4 WritePrivateProfileStringA
• 0x4c92f8 GetPrivateProfileStringA
• 0x4c92fc CreateThread
• 0x4c9300 CreateEventA
• 0x4c9304 Sleep
• 0x4c9308 GlobalAlloc
• 0x4c930c GlobalLock
• 0x4c9310 InterlockedExchange
• 0x4c9314 GlobalUnlock
• 0x4c9318 GetTempPathA
• 0x4c931c FindFirstFileA
• 0x4c9320 FindClose
• 0x4c9324 GetFileAttributesA
• 0x4c9328 SetCurrentDirectoryA
• 0x4c932c GetVolumeInformationA
• 0x4c9330 GetModuleHandleA
• 0x4c9334 GetProcAddress
• 0x4c9338 MulDiv
• 0x4c933c GetCommandLineA
• 0x4c9340 GetTickCount
• 0x4c9344 WaitForSingleObject
• 0x4c9348 CloseHandle
• 0x4c934c HeapSize
• 0x4c9350 SetStdHandle
• 0x4c9354 GetFileType
• 0x4c9358 UnhandledExceptionFilter
• 0x4c935c FreeEnvironmentStringsA
• 0x4c9360 FreeEnvironmentStringsW
• 0x4c9364 GetEnvironmentStrings
• 0x4c9368 GetEnvironmentStringsW
• 0x4c936c SetHandleCount
• 0x4c9370 GetStdHandle
• 0x4c9374 GetEnvironmentVariableA
• 0x4c9378 HeapDestroy
• 0x4c937c HeapCreate
• 0x4c9380 VirtualFree
• 0x4c9384 SetEnvironmentVariableA
• 0x4c9388 LCMapStringA
• 0x4c938c LCMapStringW
• 0x4c9390 VirtualAlloc
• 0x4c9394 IsBadWritePtr
• 0x4c9398 SetUnhandledExceptionFilter
• 0x4c939c GetStringTypeA
• 0x4c93a0 GetStringTypeW
• 0x4c93a4 CompareStringA
• 0x4c93a8 CompareStringW
• 0x4c93ac IsBadReadPtr
• 0x4c93b0 IsBadCodePtr
• 0x4c93b4 CreateMutexA
库: USER32.dll:
• 0x4c93f4 SetFocus
• 0x4c93f8 IsIconic
• 0x4c93fc PeekMessageA
• 0x4c9400 SetMenu
• 0x4c9404 GetActiveWindow
• 0x4c9408 GetWindow
• 0x4c940c GetSysColorBrush
• 0x4c9410 LoadStringA
• 0x4c9414 SystemParametersInfoA
• 0x4c9418 LoadImageA
• 0x4c941c EnumDisplaySettingsA
• 0x4c9420 ClientToScreen
• 0x4c9424 EnableMenuItem
• 0x4c9428 GetSubMenu
• 0x4c942c GetDlgCtrlID
• 0x4c9430 CreateAcceleratorTableA
• 0x4c9434 CreateMenu
• 0x4c9438 ModifyMenuA
• 0x4c943c AppendMenuA
• 0x4c9440 CreatePopupMenu
• 0x4c9444 DrawIconEx
• 0x4c9448 CreateIconFromResource
• 0x4c944c CreateIconFromResourceEx
• 0x4c9450 RegisterClipboardFormatA
• 0x4c9454 SetRectEmpty
• 0x4c9458 DispatchMessageA
• 0x4c945c GetMessageA
• 0x4c9460 WindowFromPoint
• 0x4c9464 DrawFocusRect
• 0x4c9468 DrawEdge
• 0x4c946c DestroyAcceleratorTable
• 0x4c9470 SetWindowRgn
• 0x4c9474 GetMessagePos
• 0x4c9478 ScreenToClient
• 0x4c947c ChildWindowFromPointEx
• 0x4c9480 CopyRect
• 0x4c9484 LoadBitmapA
• 0x4c9488 WinHelpA
• 0x4c948c KillTimer
• 0x4c9490 SetTimer
• 0x4c9494 ReleaseCapture
• 0x4c9498 GetCapture
• 0x4c949c SetCapture
• 0x4c94a0 GetScrollRange
• 0x4c94a4 SetScrollRange
• 0x4c94a8 SetScrollPos
• 0x4c94ac SetRect
• 0x4c94b0 InflateRect
• 0x4c94b4 IntersectRect
• 0x4c94b8 DestroyIcon
• 0x4c94bc PtInRect
• 0x4c94c0 OffsetRect
• 0x4c94c4 DrawFrameControl
• 0x4c94c8 EnableWindow
• 0x4c94cc GetMenuCheckMarkDimensions
• 0x4c94d0 GetMenuState
• 0x4c94d4 SetMenuItemBitmaps
• 0x4c94d8 CheckMenuItem
• 0x4c94dc MoveWindow
• 0x4c94e0 IsDialogMessageA
• 0x4c94e4 ScrollWindowEx
• 0x4c94e8 SendDlgItemMessageA
• 0x4c94ec MapWindowPoints
• 0x4c94f0 AdjustWindowRectEx
• 0x4c94f4 GetMenu
• 0x4c94f8 GetScrollPos
• 0x4c94fc RegisterClassA
• 0x4c9500 GetMenuItemCount
• 0x4c9504 GetMenuItemID
• 0x4c9508 SetWindowsHookExA
• 0x4c950c CallNextHookEx
• 0x4c9510 GetClassLongA
• 0x4c9514 SetPropA
• 0x4c9518 UnhookWindowsHookEx
• 0x4c951c GetPropA
• 0x4c9520 RemovePropA
• 0x4c9524 GetMessageTime
• 0x4c9528 GetLastActivePopup
• 0x4c952c RegisterWindowMessageA
• 0x4c9530 GetWindowPlacement
• 0x4c9534 GetNextDlgTabItem
• 0x4c9538 EndDialog
• 0x4c953c CreateDialogIndirectParamA
• 0x4c9540 DestroyWindow
• 0x4c9544 RedrawWindow
• 0x4c9548 GetWindowLongA
• 0x4c954c SetWindowLongA
• 0x4c9550 GetSysColor
• 0x4c9554 SetActiveWindow
• 0x4c9558 SetCursorPos
• 0x4c955c LoadCursorA
• 0x4c9560 SetCursor
• 0x4c9564 GetDC
• 0x4c9568 FillRect
• 0x4c956c IsRectEmpty
• 0x4c9570 ReleaseDC
• 0x4c9574 IsChild
• 0x4c9578 DestroyMenu
• 0x4c957c SetForegroundWindow
• 0x4c9580 GetWindowRect
• 0x4c9584 EqualRect
• 0x4c9588 UpdateWindow
• 0x4c958c ValidateRect
• 0x4c9590 InvalidateRect
• 0x4c9594 GetClientRect
• 0x4c9598 GetFocus
• 0x4c959c GetParent
• 0x4c95a0 GetTopWindow
• 0x4c95a4 PostMessageA
• 0x4c95a8 IsWindow
• 0x4c95ac SetParent
• 0x4c95b0 DestroyCursor
• 0x4c95b4 SendMessageA
• 0x4c95b8 SetWindowPos
• 0x4c95bc MessageBoxA
• 0x4c95c0 GetCursorPos
• 0x4c95c4 GetSystemMetrics
• 0x4c95c8 EmptyClipboard
• 0x4c95cc SetClipboardData
• 0x4c95d0 OpenClipboard
• 0x4c95d4 GetClipboardData
• 0x4c95d8 CloseClipboard
• 0x4c95dc wsprintfA
• 0x4c95e0 DeleteMenu
• 0x4c95e4 GetSystemMenu
• 0x4c95e8 DefWindowProcA
• 0x4c95ec GetClassInfoA
• 0x4c95f0 IsZoomed
• 0x4c95f4 PostQuitMessage
• 0x4c95f8 CopyAcceleratorTableA
• 0x4c95fc TranslateMessage
• 0x4c9600 LoadIconA
• 0x4c9604 GetForegroundWindow
• 0x4c9608 GetDesktopWindow
• 0x4c960c GetClassNameA
• 0x4c9610 UnregisterClassA
• 0x4c9614 GetDlgItem
• 0x4c9618 GetWindowTextA
• 0x4c961c SetWindowTextA
• 0x4c9620 CallWindowProcA
• 0x4c9624 CreateWindowExA
• 0x4c9628 RegisterHotKey
• 0x4c962c UnregisterHotKey
• 0x4c9630 GetKeyState
• 0x4c9634 TranslateAcceleratorA
• 0x4c9638 IsWindowEnabled
• 0x4c963c ShowWindow
• 0x4c9640 IsWindowVisible
• 0x4c9644 GetWindowTextLengthA
• 0x4c9648 CharUpperA
• 0x4c964c GetWindowDC
• 0x4c9650 BeginPaint
• 0x4c9654 EndPaint
• 0x4c9658 TabbedTextOutA
• 0x4c965c DrawTextA
• 0x4c9660 GrayStringA
库: GDI32.dll:
• 0x4c9044 LineTo
• 0x4c9048 MoveToEx
• 0x4c904c ExcludeClipRect
• 0x4c9050 GetClipBox
• 0x4c9054 ScaleWindowExtEx
• 0x4c9058 CreateFontIndirectA
• 0x4c905c GetStockObject
• 0x4c9060 GetObjectA
• 0x4c9064 EndPage
• 0x4c9068 EndDoc
• 0x4c906c DeleteDC
• 0x4c9070 StartDocA
• 0x4c9074 StartPage
• 0x4c9078 BitBlt
• 0x4c907c CreateCompatibleDC
• 0x4c9080 Ellipse
• 0x4c9084 Rectangle
• 0x4c9088 LPtoDP
• 0x4c908c DPtoLP
• 0x4c9090 GetCurrentObject
• 0x4c9094 RoundRect
• 0x4c9098 GetTextExtentPoint32A
• 0x4c909c GetDeviceCaps
• 0x4c90a0 GetSystemPaletteEntries
• 0x4c90a4 CreateDIBitmap
• 0x4c90a8 DeleteObject
• 0x4c90ac SelectClipRgn
• 0x4c90b0 CreatePolygonRgn
• 0x4c90b4 GetClipRgn
• 0x4c90b8 SetStretchBltMode
• 0x4c90bc CreateRectRgnIndirect
• 0x4c90c0 SetBkColor
• 0x4c90c4 CreateFontA
• 0x4c90c8 TranslateCharsetInfo
• 0x4c90cc SetWindowExtEx
• 0x4c90d0 SetWindowOrgEx
• 0x4c90d4 ScaleViewportExtEx
• 0x4c90d8 SetViewportExtEx
• 0x4c90dc OffsetViewportOrgEx
• 0x4c90e0 SetViewportOrgEx
• 0x4c90e4 SetMapMode
• 0x4c90e8 SetTextColor
• 0x4c90ec SetROP2
• 0x4c90f0 SetPolyFillMode
• 0x4c90f4 SetBkMode
• 0x4c90f8 ExtSelectClipRgn
• 0x4c90fc GetViewportExtEx
• 0x4c9100 PtVisible
• 0x4c9104 RectVisible
• 0x4c9108 TextOutA
• 0x4c910c ExtTextOutA
• 0x4c9110 Escape
• 0x4c9114 GetTextMetricsA
• 0x4c9118 CreateSolidBrush
• 0x4c911c FillRgn
• 0x4c9120 CreateRectRgn
• 0x4c9124 CombineRgn
• 0x4c9128 PatBlt
• 0x4c912c CreatePen
• 0x4c9130 SelectObject
• 0x4c9134 CreateBitmap
• 0x4c9138 RestoreDC
• 0x4c913c SaveDC
• 0x4c9140 CreateDCA
• 0x4c9144 CreateCompatibleBitmap
• 0x4c9148 GetPolyFillMode
• 0x4c914c GetStretchBltMode
• 0x4c9150 GetROP2
• 0x4c9154 GetBkColor
• 0x4c9158 GetBkMode
• 0x4c915c GetTextColor
• 0x4c9160 CreateRoundRectRgn
• 0x4c9164 CreateEllipticRgn
• 0x4c9168 PathToRegion
• 0x4c916c EndPath
• 0x4c9170 BeginPath
• 0x4c9174 GetWindowOrgEx
• 0x4c9178 GetViewportOrgEx
• 0x4c917c GetWindowExtEx
• 0x4c9180 GetDIBits
• 0x4c9184 RealizePalette
• 0x4c9188 SelectPalette
• 0x4c918c StretchBlt
• 0x4c9190 CreatePalette
库: ADVAPI32.dll:
• 0x4c9000 RegOpenKeyExA
• 0x4c9004 RegSetValueExA
• 0x4c9008 RegQueryValueA
• 0x4c900c RegCreateKeyExA
• 0x4c9010 RegCloseKey
库: SHELL32.dll:
• 0x4c93d8 DragQueryFileA
• 0x4c93dc SHGetSpecialFolderPathA
• 0x4c93e0 DragFinish
• 0x4c93e4 DragAcceptFiles
• 0x4c93e8 ShellExecuteA
• 0x4c93ec Shell_NotifyIconA
库: COMCTL32.dll:
• 0x4c9018 ImageList_Add
• 0x4c901c ImageList_BeginDrag
• 0x4c9020 ImageList_Create
• 0x4c9024 ImageList_Destroy
• 0x4c9028 ImageList_DragEnter
• 0x4c902c ImageList_DragLeave
• 0x4c9030 ImageList_DragMove
• 0x4c9034 ImageList_DragShowNolock
• 0x4c9038 ImageList_EndDrag
• 0x4c903c None
库: WININET.dll:
• 0x4c9668 InternetCloseHandle
库: comdlg32.dll:
• 0x4c9704 ChooseColorA
• 0x4c9708 GetFileTitleA
• 0x4c970c GetSaveFileNameA
• 0x4c9710 GetOpenFileNameA
.text
`.rdata
@.data
.rsrc
VMProtect begin
VMProtect end
3hy V
3hy V
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
8`}<j
T$hVj
T$th
|$LVj
|$`Vj
jjjjh
访问主机纪录 (可点击查询WPING实时安全评级)
无主机纪录.
TCP
| 源地址 | 源端口 | 目标地址 | 目标端口 |
|---|---|---|---|
| 192.168.122.201 | 49159 | 23.78.141.146 | 80 |
UDP
| 源地址 | 源端口 | 目标地址 | 目标端口 |
|---|---|---|---|
| 192.168.122.201 | 63246 | 192.168.122.1 | 53 |
域名解析 (可点击查询WPING实时安全评级)
无域名信息.
TCP
| 源地址 | 源端口 | 目标地址 | 目标端口 |
|---|---|---|---|
| 192.168.122.201 | 49159 | 23.78.141.146 | 80 |
UDP
| 源地址 | 源端口 | 目标地址 | 目标端口 |
|---|---|---|---|
| 192.168.122.201 | 63246 | 192.168.122.1 | 53 |
HTTP 请求
| URI | HTTP数据 |
|---|---|
| URL专业沙箱检测 -> http://acroipm.adobe.com/11/rdr/CHS/win/nooem/none/message.zip | GET /11/rdr/CHS/win/nooem/none/message.zip HTTP/1.1 Accept: */* If-Modified-Since: Mon, 08 Nov 2017 08:44:36 GMT User-Agent: IPM Host: acroipm.adobe.com Connection: Keep-Alive Cache-Control: no-cache |
SMTP 流量
无SMTP流量.
IRC 流量
无IRC请求.
ICMP 流量
无ICMP流量.
CIF 报告
无 CIF 结果
网络警报
无警报
TLS
No TLS
Suricata HTTP
No Suricata HTTP
未发现网络提取文件
抱歉! 没有任何文件投放。
没有发现相似的分析.
| HTML 总结报告 (需15-60分钟同步) |
下载 |
|---|
Processing ( 26.718 seconds )
- 11.329 Suricata
- 6.574 Static
- 6.317 VirusTotal
- 1.148 TargetInfo
- 0.947 NetworkAnalysis
- 0.371 peid
- 0.011 AnalysisInfo
- 0.011 Strings
- 0.006 config_decoder
- 0.002 BehaviorAnalysis
- 0.002 Memory
Signatures ( 1.438 seconds )
- 1.354 md_url_bl
- 0.011 antiav_detectreg
- 0.009 md_domain_bl
- 0.006 anomaly_persistence_autorun
- 0.006 infostealer_ftp
- 0.005 antiav_detectfile
- 0.004 geodo_banking_trojan
- 0.004 ransomware_extensions
- 0.004 ransomware_files
- 0.003 infostealer_bitcoin
- 0.003 infostealer_mail
- 0.003 infostealer_im
- 0.003 network_http
- 0.002 tinba_behavior
- 0.002 rat_nanocore
- 0.002 antianalysis_detectreg
- 0.002 antivm_vbox_files
- 0.002 browser_security
- 0.002 disables_browser_warn
- 0.001 betabot_behavior
- 0.001 shifu_behavior
- 0.001 cerber_behavior
- 0.001 antivm_parallels_keys
- 0.001 bot_drive
- 0.001 bot_drive2
- 0.001 browser_addon
- 0.001 modify_proxy
- 0.001 maldun_malicious_drop_executable_file_to_temp_folder
- 0.001 md_bad_drop
- 0.001 network_cnc_http
Reporting ( 0.659 seconds )
- 0.631 ReportHTMLSummary
- 0.028 Malheur
| Task ID | 679966 |
|---|---|
| Mongo ID | 62231894dc327bf1b827a419 |
| Cuckoo release | 1.4-Maldun |
沪公网安备 31011502009736号