分析任务

分析类型 虚拟机标签 开始时间 结束时间 持续时间
文件 (Windows) win7-sp1-x64-shaapp02-1 2022-08-19 12:08:14 2022-08-19 12:10:27 133 秒

魔盾分数

10.0

危险的

文件详细信息

文件名 Setup.exe
文件大小 8587482 字节
文件类型 PE32 executable (GUI) Intel 80386, for MS Windows
MD5 7d3f6321b670af1cb84af4c1188a1580
SHA1 3c5e770a8619e7efbcf89a8d269436402d38405b
SHA256 25361db1e21ee881a372c1ed78b602372288582da0e696d79da1009a10e7da51
SHA512 659a10173b8d80a14e6eef586e1c36da9a6f35e6b9595deb067eabc3ce095bd289e4432f92b6c734cf7c674efb0e15effe59399afc138946633df8d9025416f8
CRC32 83750BA0
Ssdeep 98304:vxPltKDKWsxd9yT2Wm+CvBExqZhA4xdXd5MBqrBhOzZ1JpSZKzOajFEFdRE:j7xd9yTW3EkXA47oAOzZ/XOajEg
Yara 登录查看Yara规则
找不到该样本 提交误报

登录查看威胁特征

运行截图


访问主机纪录 (可点击查询WPING实时安全评级)

无主机纪录.

域名解析 (可点击查询WPING实时安全评级)

无域名信息.


摘要

登录查看详细行为信息

PE 信息

初始地址 0x00400000
入口地址 0x006b1db0
声明校验值 0x00000000
实际校验值 0x0083e082
最低操作系统版本要求 4.0
编译时间 2018-12-26 18:21:03
载入哈希 5486cdc8c32b0430ab845aa4fbd24a94

版本信息

LegalCopyright
InternalName
FileVersion
CompanyName
PrivateBuild
LegalTrademarks
Comments
ProductName
SpecialBuild
ProductVersion
FileDescription
OriginalFilename
Translation

PE 数据组成

名称 虚拟地址 虚拟大小 原始数据大小 特征 熵(Entropy)
.text 0x00001000 0x002e2d5a 0x002e3000 IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 6.21
.rdata 0x002e4000 0x0003c346 0x0003d000 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 5.90
.data 0x00321000 0x00094851 0x00065000 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 5.52
.rsrc 0x003b6000 0x000047c4 0x00005000 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 6.74

覆盖

偏移量 0x003ba7c4
大小 0x00476116

导入

库: kernel32.dll:
0x6e4780 GetFileSize
0x6e4784 ReadFile
0x6e4788 CreateFileA
0x6e478c WriteFile
0x6e4790 CloseHandle
0x6e4794 GetModuleFileNameA
0x6e4798 IsBadReadPtr
0x6e479c HeapFree
0x6e47a0 GetTickCount
0x6e47a4 GetTempPathA
0x6e47a8 Sleep
0x6e47ac GetLocalTime
0x6e47b4 FreeLibrary
0x6e47b8 LoadLibraryA
0x6e47bc LCMapStringA
0x6e47c0 FlushFileBuffers
0x6e47c4 MapViewOfFile
0x6e47c8 LCMapStringW
0x6e47cc IsBadCodePtr
0x6e47d8 HeapAlloc
0x6e47dc LocalSize
0x6e47e0 ExitProcess
0x6e47e4 GetProcessHeap
0x6e47e8 VirtualAlloc
0x6e47ec VirtualProtectEx
0x6e47f0 WideCharToMultiByte
0x6e47f4 LocalAlloc
0x6e47f8 lstrlenW
0x6e47fc HeapReAlloc
0x6e4804 SetFilePointer
0x6e4808 GetStringTypeW
0x6e480c GetStringTypeA
0x6e4810 GetCommandLineA
0x6e4814 GetVersion
0x6e4818 RtlUnwind
0x6e481c TerminateProcess
0x6e4820 GetCurrentProcess
0x6e4824 GetCurrentThreadId
0x6e4828 TlsSetValue
0x6e482c TlsAlloc
0x6e4830 GetModuleHandleA
0x6e4834 SetStdHandle
0x6e4838 RtlMoveMemory
0x6e483c LocalFree
0x6e4840 GlobalAlloc
0x6e4844 GlobalLock
0x6e4848 TlsFree
0x6e484c SetLastError
0x6e4850 TlsGetValue
0x6e4854 GetLastError
0x6e4858 SetHandleCount
0x6e485c GetStdHandle
0x6e4860 GetFileType
0x6e4864 GetStartupInfoA
0x6e4880 GetVersionExA
0x6e4884 HeapDestroy
0x6e4888 HeapCreate
0x6e488c VirtualFree
0x6e4890 RaiseException
0x6e4894 GlobalUnlock
0x6e4898 GlobalFree
0x6e489c LoadLibraryW
0x6e48a0 GetProcAddress
0x6e48a4 MultiByteToWideChar
0x6e48a8 CreateFileMappingA
0x6e48ac IsBadWritePtr
0x6e48bc GetCPInfo
0x6e48c0 GetACP
0x6e48c4 GetOEMCP
库: user32.dll:
0x6e4904 GetWindowRect
0x6e4908 CloseClipboard
0x6e490c GetWindowLongA
0x6e4910 GetClassNameA
0x6e4914 MessageBoxA
0x6e4918 wsprintfA
0x6e491c GetCursorPos
0x6e4920 GetClipboardData
0x6e4924 UpdateLayeredWindow
0x6e4928 TranslateMessage
0x6e492c DispatchMessageA
0x6e4930 OpenClipboard
0x6e4934 GetSystemMetrics
0x6e4938 EnumWindows
0x6e493c GetAncestor
0x6e4940 ReleaseDC
0x6e4944 IsWindow
0x6e4948 CallWindowProcA
0x6e494c SendMessageA
0x6e4950 EnumChildWindows
0x6e4954 TrackMouseEvent
0x6e4958 GetMessageA
0x6e495c GetPropA
0x6e4960 SetPropA
0x6e4964 CreateWindowExA
0x6e4968 PeekMessageA
0x6e496c ShowWindow
0x6e4970 GetDC
库: gdi32.dll:
0x6e4708 CreateCompatibleDC
0x6e470c CreateDIBSection
0x6e4710 SelectObject
0x6e4714 DeleteDC
0x6e4718 DeleteObject
库: gdiplus.dll:
0x6e4724 GdipCreateFromHDC
0x6e4730 GdipCreateSolidFill
0x6e4734 GdipDeleteBrush
0x6e473c GdipGetRegionBounds
0x6e4740 GdiplusStartup
0x6e4744 GdipDisposeImage
0x6e4748 GdipDeletePen
0x6e4750 GdipGetImageHeight
0x6e4754 GdipGetImageWidth
0x6e4758 GdipDrawRectangleI
库: ole32.dll:
0x6e48cc CoCreateInstance
0x6e48d0 OleRun
0x6e48d4 OleUninitialize
0x6e48d8 OleInitialize
0x6e48e0 CLSIDFromString
0x6e48e4 CLSIDFromProgID
0x6e48e8 CLSIDFromString
库: imm32.dll:
0x6e476c ImmReleaseContext
0x6e4770 ImmGetContext
0x6e4778 ImmAssociateContext
库: shell32.dll:
0x6e48f0 ShellExecuteA
0x6e48f4 SHAppBarMessage
库: shlwapi.dll:
0x6e48fc PathFileExistsA
库: winmm.dll:
0x6e4978 PlaySoundA
库: KERNEL32.dll:
0x6e4174 VirtualFree
0x6e4178 HeapCreate
0x6e417c HeapDestroy
0x6e4184 GetFileType
0x6e4188 GetStdHandle
0x6e418c CloseHandle
0x6e4190 WaitForSingleObject
0x6e4194 GetTickCount
0x6e4198 GetCommandLineA
0x6e419c MulDiv
0x6e41a0 GetDiskFreeSpaceA
0x6e41a4 GetProcAddress
0x6e41a8 GetModuleHandleA
0x6e41b8 SetHandleCount
0x6e41bc FindClose
0x6e41c0 FindFirstFileA
0x6e41c4 GetTempPathA
0x6e41c8 GlobalUnlock
0x6e41cc GlobalLock
0x6e41d0 GlobalAlloc
0x6e41d8 Sleep
0x6e41dc CreateEventA
0x6e41e0 CreateThread
0x6e41e8 GetVersionExA
0x6e41ec GetLastError
0x6e41f0 LoadLibraryA
0x6e41f4 FreeLibrary
0x6e41f8 GetFullPathNameA
0x6e41fc GetUserDefaultLCID
0x6e4200 HeapAlloc
0x6e4204 GetProcessHeap
0x6e4208 HeapReAlloc
0x6e420c HeapFree
0x6e4210 GlobalReAlloc
0x6e4214 FindNextFileA
0x6e4218 lstrcpyA
0x6e421c WinExec
0x6e4220 lstrlenA
0x6e4224 lstrcatA
0x6e4230 GlobalFree
0x6e4234 GlobalSize
0x6e4238 ExitProcess
0x6e423c GetCurrentThreadId
0x6e4240 GetModuleFileNameA
0x6e4244 lstrlenW
0x6e4248 LockResource
0x6e424c LoadResource
0x6e4250 FindResourceA
0x6e4254 SetEvent
0x6e4258 CreateFileA
0x6e4260 ReadFile
0x6e4264 WriteFile
0x6e4268 GetProfileStringA
0x6e4274 ReleaseSemaphore
0x6e4278 ResumeThread
0x6e427c CreateSemaphoreA
0x6e4280 CreateMutexA
0x6e4284 ReleaseMutex
0x6e4288 TerminateThread
0x6e428c SuspendThread
0x6e4294 LCMapStringA
0x6e4298 LCMapStringW
0x6e429c VirtualAlloc
0x6e42a0 IsBadWritePtr
0x6e42a8 GetStringTypeA
0x6e42ac GetStringTypeW
0x6e42b0 CompareStringA
0x6e42b4 CompareStringW
0x6e42b8 IsBadReadPtr
0x6e42bc IsBadCodePtr
0x6e42c0 SetStdHandle
0x6e42c4 VirtualProtect
0x6e42c8 VirtualQuery
0x6e42cc GetSystemInfo
0x6e42d4 InterlockedExchange
0x6e42ec GetACP
0x6e42f0 HeapSize
0x6e42f4 TerminateProcess
0x6e42f8 GetLocalTime
0x6e42fc GetSystemTime
0x6e4304 RaiseException
0x6e4308 RtlUnwind
0x6e430c GetStartupInfoA
0x6e4310 GetOEMCP
0x6e4314 GetCPInfo
0x6e4318 GetProcessVersion
0x6e431c SetErrorMode
0x6e4320 GlobalFlags
0x6e4324 GetCurrentThread
0x6e4330 WideCharToMultiByte
0x6e4334 MultiByteToWideChar
0x6e4338 LocalFree
0x6e4344 SetLastError
0x6e4348 lstrcpynA
0x6e434c DuplicateHandle
0x6e4350 GetCurrentProcess
0x6e4354 SetFilePointer
0x6e4358 FlushFileBuffers
0x6e435c LockFile
0x6e4360 UnlockFile
0x6e4364 SetEndOfFile
0x6e4368 GetStringTypeExA
0x6e436c lstrcmpiA
0x6e4370 GlobalDeleteAtom
0x6e4374 GlobalFindAtomA
0x6e4378 GlobalAddAtomA
0x6e437c GlobalGetAtomNameA
0x6e4380 GetVersion
0x6e4384 lstrcmpA
0x6e4388 LocalAlloc
0x6e438c TlsAlloc
0x6e4390 GlobalHandle
0x6e4394 TlsFree
0x6e4398 TlsSetValue
0x6e439c LocalReAlloc
0x6e43a0 TlsGetValue
0x6e43a4 GetFileSize
0x6e43a8 GetFileTime
0x6e43ac GetFileAttributesA
库: USER32.dll:
0x6e4400 ScreenToClient
0x6e4408 CopyRect
0x6e440c LoadBitmapA
0x6e4410 WinHelpA
0x6e4414 KillTimer
0x6e4418 SetTimer
0x6e441c ReleaseCapture
0x6e4420 GetCapture
0x6e4424 SetCapture
0x6e4428 GetScrollRange
0x6e442c SetScrollRange
0x6e4430 SetScrollPos
0x6e4434 SetRect
0x6e4438 InflateRect
0x6e443c IntersectRect
0x6e4440 DestroyIcon
0x6e4444 PtInRect
0x6e4448 OffsetRect
0x6e444c UnregisterClassA
0x6e4450 IsWindowVisible
0x6e4454 EnableWindow
0x6e4458 RedrawWindow
0x6e445c GetWindowLongA
0x6e4460 SetWindowLongA
0x6e4464 SetActiveWindow
0x6e4468 SetCursorPos
0x6e446c LoadCursorA
0x6e4470 SetCursor
0x6e4474 GetDC
0x6e4478 FillRect
0x6e447c IsRectEmpty
0x6e4480 ReleaseDC
0x6e4484 IsChild
0x6e4488 DestroyMenu
0x6e448c SetForegroundWindow
0x6e4490 GetWindowRect
0x6e4494 EqualRect
0x6e4498 UpdateWindow
0x6e449c GetWindowTextA
0x6e44a0 ValidateRect
0x6e44a4 InvalidateRect
0x6e44a8 GetClientRect
0x6e44ac GetFocus
0x6e44b0 GetParent
0x6e44b4 GetTopWindow
0x6e44b8 PostMessageA
0x6e44bc IsWindow
0x6e44c0 SetParent
0x6e44c4 DestroyCursor
0x6e44c8 SendMessageA
0x6e44cc SetWindowPos
0x6e44d0 MessageBoxA
0x6e44d4 GetCursorPos
0x6e44d8 GetSystemMetrics
0x6e44dc EmptyClipboard
0x6e44e0 SetClipboardData
0x6e44e4 OpenClipboard
0x6e44e8 GetClipboardData
0x6e44ec CloseClipboard
0x6e44f0 wsprintfA
0x6e44f4 SetFocus
0x6e44fc CharUpperA
0x6e4500 GetWindowDC
0x6e4504 BeginPaint
0x6e4508 EndPaint
0x6e450c TabbedTextOutA
0x6e4510 DrawTextA
0x6e4514 GrayStringA
0x6e4518 GetDlgItem
0x6e451c DestroyWindow
0x6e4524 GetMessagePos
0x6e4528 SetWindowRgn
0x6e4530 EndDialog
0x6e4534 GetNextDlgTabItem
0x6e4538 GetWindowPlacement
0x6e4540 GetForegroundWindow
0x6e4544 GetLastActivePopup
0x6e4548 IsIconic
0x6e454c PeekMessageA
0x6e4550 SetMenu
0x6e4554 GetMenu
0x6e4558 DeleteMenu
0x6e455c GetSystemMenu
0x6e4560 DefWindowProcA
0x6e4564 GetClassInfoA
0x6e4568 IsZoomed
0x6e456c PostQuitMessage
0x6e4574 GetKeyState
0x6e457c IsWindowEnabled
0x6e4580 ShowWindow
0x6e4588 LoadImageA
0x6e4590 ClientToScreen
0x6e4594 EnableMenuItem
0x6e4598 TranslateMessage
0x6e459c GetMessageTime
0x6e45a0 RemovePropA
0x6e45a4 CallWindowProcA
0x6e45a8 GetPropA
0x6e45ac UnhookWindowsHookEx
0x6e45b0 SetPropA
0x6e45b4 GetClassLongA
0x6e45b8 CallNextHookEx
0x6e45bc SetWindowsHookExA
0x6e45c0 CreateWindowExA
0x6e45c4 GetMenuItemID
0x6e45c8 GetMenuItemCount
0x6e45cc RegisterClassA
0x6e45d0 GetScrollPos
0x6e45d4 AdjustWindowRectEx
0x6e45d8 MapWindowPoints
0x6e45dc SendDlgItemMessageA
0x6e45e0 ScrollWindowEx
0x6e45e4 IsDialogMessageA
0x6e45e8 SetWindowTextA
0x6e45ec MoveWindow
0x6e45f0 CheckMenuItem
0x6e45f4 SetMenuItemBitmaps
0x6e45f8 GetMenuState
0x6e4600 GetClassNameA
0x6e4604 GetDesktopWindow
0x6e4608 LoadStringA
0x6e460c GetSysColorBrush
0x6e4610 GetWindow
0x6e4614 GetActiveWindow
0x6e4618 LoadIconA
0x6e461c DrawFrameControl
0x6e4620 DrawEdge
0x6e4624 DrawFocusRect
0x6e4628 WindowFromPoint
0x6e462c GetMessageA
0x6e4630 DispatchMessageA
0x6e4634 SetRectEmpty
0x6e4644 DrawIconEx
0x6e4648 CreatePopupMenu
0x6e464c AppendMenuA
0x6e4650 ModifyMenuA
0x6e4654 CreateMenu
0x6e465c GetDlgCtrlID
0x6e4660 GetSubMenu
0x6e4664 GetSysColor
库: GDI32.dll:
0x6e4028 CreateSolidBrush
0x6e402c FillRgn
0x6e4030 CreateRectRgn
0x6e4034 CombineRgn
0x6e4038 PatBlt
0x6e403c Ellipse
0x6e4040 Rectangle
0x6e4044 LPtoDP
0x6e4048 GetTextMetricsA
0x6e404c Escape
0x6e4050 ExtTextOutA
0x6e4054 TextOutA
0x6e4058 RectVisible
0x6e405c PtVisible
0x6e4060 GetViewportExtEx
0x6e4064 ExtSelectClipRgn
0x6e4068 LineTo
0x6e406c MoveToEx
0x6e4070 ExcludeClipRect
0x6e4074 GetClipBox
0x6e4078 ScaleWindowExtEx
0x6e407c SetWindowExtEx
0x6e4080 DPtoLP
0x6e4084 ScaleViewportExtEx
0x6e4088 CreateFontIndirectA
0x6e408c OffsetViewportOrgEx
0x6e4090 SetViewportOrgEx
0x6e4094 SetMapMode
0x6e4098 SetTextColor
0x6e409c SetROP2
0x6e40a0 SetPolyFillMode
0x6e40a4 SetBkMode
0x6e40a8 RestoreDC
0x6e40ac SaveDC
0x6e40b0 CreatePen
0x6e40b4 SelectObject
0x6e40b8 CreateBitmap
0x6e40bc CreateDCA
0x6e40c4 GetPolyFillMode
0x6e40c8 GetStretchBltMode
0x6e40cc GetROP2
0x6e40d0 GetBkColor
0x6e40d4 GetBkMode
0x6e40d8 GetTextColor
0x6e40dc CreateRoundRectRgn
0x6e40e0 CreateEllipticRgn
0x6e40e4 PathToRegion
0x6e40e8 BeginPath
0x6e40ec GetWindowOrgEx
0x6e40f0 GetViewportOrgEx
0x6e40f4 GetWindowExtEx
0x6e40f8 GetDIBits
0x6e40fc RealizePalette
0x6e4100 SelectPalette
0x6e4104 StretchBlt
0x6e4108 CreatePalette
0x6e4110 CreateDIBitmap
0x6e4114 DeleteObject
0x6e4118 SelectClipRgn
0x6e411c CreatePolygonRgn
0x6e4120 GetClipRgn
0x6e4124 SetStretchBltMode
0x6e412c SetBkColor
0x6e4130 GetDeviceCaps
0x6e4134 GetStockObject
0x6e4138 GetObjectA
0x6e413c EndPage
0x6e4140 EndDoc
0x6e4144 DeleteDC
0x6e4148 StartDocA
0x6e414c StartPage
0x6e4150 BitBlt
0x6e4154 CreateCompatibleDC
0x6e4158 SetViewportExtEx
0x6e415c GetCurrentObject
0x6e4160 RoundRect
0x6e4168 SetWindowOrgEx
0x6e416c EndPath
库: WINMM.dll:
0x6e466c midiStreamRestart
0x6e4674 midiStreamProperty
0x6e4678 midiStreamOpen
0x6e4680 waveOutOpen
0x6e4684 waveOutGetNumDevs
0x6e4688 waveOutClose
0x6e468c waveOutReset
0x6e4690 waveOutPause
0x6e4694 waveOutWrite
0x6e46a0 waveOutRestart
0x6e46a4 midiStreamStop
0x6e46a8 midiOutReset
0x6e46ac midiStreamClose
0x6e46b0 midiStreamOut
库: WINSPOOL.DRV:
0x6e46b8 ClosePrinter
0x6e46bc DocumentPropertiesA
0x6e46c0 OpenPrinterA
库: ADVAPI32.dll:
0x6e4000 RegSetValueExA
0x6e4004 RegOpenKeyExA
0x6e4008 RegQueryValueExA
0x6e400c RegCloseKey
0x6e4010 RegQueryValueA
0x6e4014 RegCreateKeyExA
库: SHELL32.dll:
0x6e43f4 ShellExecuteA
0x6e43f8 Shell_NotifyIconA
库: OLEAUT32.dll:
0x6e43b4 UnRegisterTypeLib
0x6e43b8 LoadTypeLib
0x6e43bc LHashValOfNameSys
0x6e43c0 RegisterTypeLib
0x6e43c4 SysAllocString
0x6e43c8 VariantInit
0x6e43cc VariantCopyInd
0x6e43d0 SafeArrayGetElement
0x6e43d4 SafeArrayAccessData
0x6e43dc SafeArrayGetDim
0x6e43e0 SafeArrayGetLBound
0x6e43e4 SafeArrayGetUBound
0x6e43e8 VariantChangeType
0x6e43ec VariantClear
库: COMCTL32.dll:
0x6e401c None
0x6e4020 ImageList_Destroy
库: WS2_32.dll:
0x6e46c8 WSAAsyncSelect
0x6e46cc closesocket
0x6e46d0 WSACleanup
0x6e46d4 inet_ntoa
0x6e46d8 recvfrom
0x6e46dc ioctlsocket
0x6e46e0 recv
0x6e46e4 getpeername
0x6e46e8 accept
0x6e46ec ntohl
库: comdlg32.dll:
0x6e46f4 GetOpenFileNameA
0x6e46f8 GetSaveFileNameA
0x6e46fc ChooseColorA
0x6e4700 GetFileTitleA

.text
`.rdata
@.data
.rsrc
VWQPh@
VWQPh@
3hiwn
VWQPh@
D$$@^p
D$(@^p
D$(@^p
D$<@^p
D$P@^p
D$0@^p
D$0@^p
D$D@^p
RhP$q
D$0@^p
PhP$q
RhP$q
8`}<j
T$th
D$@Sj
L$8h
t<hHNr
F4`wp
D$8Rj
l$<VWj
D$LD^p
D$L@^p
没有防病毒引擎扫描信息!

进程树


Setup.exe, PID: 2592, 上一级进程 PID: 2256

访问主机纪录 (可点击查询WPING实时安全评级)

无主机纪录.

TCP

源地址 源端口 目标地址 目标端口
192.168.122.201 49158 184.30.30.64 80

UDP

源地址 源端口 目标地址 目标端口
192.168.122.201 63246 192.168.122.1 53

域名解析 (可点击查询WPING实时安全评级)

无域名信息.

TCP

源地址 源端口 目标地址 目标端口
192.168.122.201 49158 184.30.30.64 80

UDP

源地址 源端口 目标地址 目标端口
192.168.122.201 63246 192.168.122.1 53

HTTP 请求

URI HTTP数据
URL专业沙箱检测 -> http://acroipm.adobe.com/11/rdr/CHS/win/nooem/none/message.zip
GET /11/rdr/CHS/win/nooem/none/message.zip HTTP/1.1
Accept: */*
If-Modified-Since: Mon, 08 Nov 2017 08:44:36 GMT
User-Agent: IPM
Host: acroipm.adobe.com
Connection: Keep-Alive
Cache-Control: no-cache

SMTP 流量

无SMTP流量.

IRC 流量

无IRC请求.

ICMP 流量

无ICMP流量.

CIF 报告

无 CIF 结果

网络警报

无警报

TLS

No TLS

Suricata HTTP

No Suricata HTTP

未发现网络提取文件
抱歉! 没有任何文件投放。
没有发现相似的分析.
HTML 总结报告
(需15-60分钟同步)
下载

Processing ( 33.114 seconds )

  • 16.449 Static
  • 10.828 Suricata
  • 1.709 TargetInfo
  • 1.445 NetworkAnalysis
  • 1.191 VirusTotal
  • 0.743 BehaviorAnalysis
  • 0.385 AnalysisInfo
  • 0.333 peid
  • 0.018 config_decoder
  • 0.011 Strings
  • 0.002 Memory

Signatures ( 1.625 seconds )

  • 1.364 md_url_bl
  • 0.043 api_spamming
  • 0.035 stealth_decoy_document
  • 0.034 stealth_timeout
  • 0.018 antiav_detectreg
  • 0.011 injection_createremotethread
  • 0.008 infostealer_ftp
  • 0.008 md_domain_bl
  • 0.008 ransomware_files
  • 0.007 injection_runpe
  • 0.007 ransomware_extensions
  • 0.006 antiav_detectfile
  • 0.005 anomaly_persistence_autorun
  • 0.005 infostealer_im
  • 0.005 network_http
  • 0.004 antianalysis_detectreg
  • 0.004 geodo_banking_trojan
  • 0.004 infostealer_bitcoin
  • 0.003 antidbg_windows
  • 0.003 infostealer_mail
  • 0.002 tinba_behavior
  • 0.002 antiemu_wine_func
  • 0.002 mimics_filetime
  • 0.002 reads_self
  • 0.002 infostealer_browser_password
  • 0.002 kovter_behavior
  • 0.002 antivm_vbox_files
  • 0.002 disables_browser_warn
  • 0.002 network_cnc_http
  • 0.001 antivm_vbox_libs
  • 0.001 bootkit
  • 0.001 rat_nanocore
  • 0.001 antiav_avast_libs
  • 0.001 infostealer_browser
  • 0.001 stealth_file
  • 0.001 betabot_behavior
  • 0.001 antisandbox_sunbelt_libs
  • 0.001 antisandbox_sboxie_libs
  • 0.001 antiav_bitdefender_libs
  • 0.001 kibex_behavior
  • 0.001 antivm_generic_disk
  • 0.001 cerber_behavior
  • 0.001 virus
  • 0.001 antianalysis_detectfile
  • 0.001 antivm_parallels_keys
  • 0.001 antivm_xen_keys
  • 0.001 banker_zeus_mutex
  • 0.001 bot_drive
  • 0.001 bot_drive2
  • 0.001 browser_addon
  • 0.001 browser_security
  • 0.001 modify_proxy
  • 0.001 maldun_malicious_drop_executable_file_to_temp_folder
  • 0.001 md_bad_drop

Reporting ( 0.545 seconds )

  • 0.544 ReportHTMLSummary
  • 0.001 Malheur
Task ID 704744
Mongo ID 62ff0d63dc327beba8e015e8
Cuckoo release 1.4-Maldun