恶意软件分析 & URL链接扫描免费在线病毒分析平台

分析任务

分析类型	虚拟机标签	开始时间	结束时间	持续时间
文件 (Windows)	win7-sp1-x64-shaapp02-1	2022-09-24 22:43:27	2022-09-24 22:45:37	130 秒

魔盾分数

10.0

危险的

文件详细信息

文件名	雷鸣霸主.exe
文件大小	8965742 字节
文件类型	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	eadfb9324dfcdc31b0ce09f98161b59a
SHA1	c04b380cd41b2f00427df37c31064113993ce15e
SHA256	1e45c66d841d01ae1b548e6d588580c8a605c6b97b3e5710a5ea977aeeb0134c
SHA512	2c3873e0f8e18fc55dad03025e69ec5b537ee1c2c4e485543db2f4fbb894a9aa9e6cdea02dde716d35f475d49f07d15a2c109ee292bc67a431e00032e0e17dcd
CRC32	CDB59CCE
Ssdeep	196608:k4e9DxJcDKlFBqlAxRK85Xs5XvyCMYpr/nGLtwN9oFM:gxODKlFBqaXsBvyCpLGLtwP
Yara	登录查看Yara规则
	找不到该样本提交误报

登录查看威胁特征

运行截图

访问主机纪录 (可点击查询WPING实时安全评级)

直接	IP	安全评级	地理位置
是	103.44.245.200	中国

域名解析 (可点击查询WPING实时安全评级)

无域名信息.

摘要

登录查看详细行为信息

PE 信息

初始地址	0x00400000
入口地址	0x0045e177
声明校验值	0x00000000
实际校验值	0x008906ef
最低操作系统版本要求	4.0
编译时间	2017-02-28 14:00:26
载入哈希	bb9d495821e6e730a7a07045d899c977

PE 数据组成

名称	虚拟地址	虚拟大小	原始数据大小	特征	熵(Entropy)
.text	0x00001000	0x0007bab6	0x0007c000	IMAGE_SCN_CNT_CODE\|IMAGE_SCN_MEM_EXECUTE\|IMAGE_SCN_MEM_READ	6.59
.rdata	0x0007d000	0x00012c52	0x00013000	IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ	4.58
.data	0x00090000	0x000279a8	0x00012000	IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE	5.07
.rsrc	0x000b8000	0x000260ac	0x00027000	IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ	4.36

覆盖

偏移量	0x000de0ac
大小	0x007aedc2

导入

库: KERNEL32.dll:

• 0x47d170 FreeEnvironmentStringsA

• 0x47d174 UnhandledExceptionFilter

• 0x47d178 GetACP

• 0x47d17c HeapSize

• 0x47d180 TerminateProcess

• 0x47d184 GetLocalTime

• 0x47d188 GetSystemTime

• 0x47d18c GetTimeZoneInformation

• 0x47d190 RaiseException

• 0x47d194 RtlUnwind

• 0x47d198 GetStartupInfoA

• 0x47d19c GetOEMCP

• 0x47d1a0 GetCPInfo

• 0x47d1a4 GetProcessVersion

• 0x47d1a8 SetErrorMode

• 0x47d1ac GlobalFlags

• 0x47d1b0 FreeEnvironmentStringsW

• 0x47d1b4 GetFileTime

• 0x47d1b8 GetFileSize

• 0x47d1bc TlsGetValue

• 0x47d1c0 LocalReAlloc

• 0x47d1c4 TlsSetValue

• 0x47d1c8 TlsFree

• 0x47d1cc GlobalHandle

• 0x47d1d0 TlsAlloc

• 0x47d1d4 LocalAlloc

• 0x47d1d8 lstrcmpA

• 0x47d1dc GetVersion

• 0x47d1e0 GlobalGetAtomNameA

• 0x47d1e4 GlobalAddAtomA

• 0x47d1e8 GlobalFindAtomA

• 0x47d1ec GlobalDeleteAtom

• 0x47d1f0 lstrcmpiA

• 0x47d1f4 SetEndOfFile

• 0x47d1f8 UnlockFile

• 0x47d1fc LockFile

• 0x47d200 FlushFileBuffers

• 0x47d204 SetFilePointer

• 0x47d208 DuplicateHandle

• 0x47d20c lstrcpynA

• 0x47d210 SetLastError

• 0x47d214 FileTimeToLocalFileTime

• 0x47d218 FileTimeToSystemTime

• 0x47d21c LocalFree

• 0x47d220 InterlockedDecrement

• 0x47d224 InterlockedIncrement

• 0x47d228 GetEnvironmentStrings

• 0x47d22c GetEnvironmentStringsW

• 0x47d230 SetHandleCount

• 0x47d234 GetStdHandle

• 0x47d238 GetFileType

• 0x47d23c GetEnvironmentVariableA

• 0x47d240 HeapDestroy

• 0x47d244 HeapCreate

• 0x47d248 VirtualFree

• 0x47d24c SetEnvironmentVariableA

• 0x47d250 LCMapStringA

• 0x47d254 LCMapStringW

• 0x47d258 VirtualAlloc

• 0x47d25c IsBadWritePtr

• 0x47d260 GetStringTypeA

• 0x47d264 GetStringTypeW

• 0x47d268 SetUnhandledExceptionFilter

• 0x47d26c CompareStringA

• 0x47d270 CompareStringW

• 0x47d274 IsBadReadPtr

• 0x47d278 IsBadCodePtr

• 0x47d27c SetStdHandle

• 0x47d280 WideCharToMultiByte

• 0x47d284 MultiByteToWideChar

• 0x47d288 GetCurrentProcess

• 0x47d28c GetWindowsDirectoryA

• 0x47d290 GetSystemDirectoryA

• 0x47d294 CreateSemaphoreA

• 0x47d298 ResumeThread

• 0x47d29c ReleaseSemaphore

• 0x47d2a0 EnterCriticalSection

• 0x47d2a4 LeaveCriticalSection

• 0x47d2a8 GetProfileStringA

• 0x47d2ac WriteFile

• 0x47d2b0 ReadFile

• 0x47d2b4 WaitForMultipleObjects

• 0x47d2b8 CreateFileA

• 0x47d2bc SetEvent

• 0x47d2c0 FindResourceA

• 0x47d2c4 LoadResource

• 0x47d2c8 LockResource

• 0x47d2cc GetModuleFileNameA

• 0x47d2d0 GetCurrentThreadId

• 0x47d2d4 ExitProcess

• 0x47d2d8 GlobalSize

• 0x47d2dc GlobalFree

• 0x47d2e0 DeleteCriticalSection

• 0x47d2e4 InitializeCriticalSection

• 0x47d2e8 lstrcatA

• 0x47d2ec lstrlenA

• 0x47d2f0 WinExec

• 0x47d2f4 lstrcpyA

• 0x47d2f8 FindNextFileA

• 0x47d2fc CloseHandle

• 0x47d300 GlobalReAlloc

• 0x47d304 HeapFree

• 0x47d308 HeapReAlloc

• 0x47d30c GetProcessHeap

• 0x47d310 HeapAlloc

• 0x47d314 GetFullPathNameA

• 0x47d318 FreeLibrary

• 0x47d31c LoadLibraryA

• 0x47d320 GetLastError

• 0x47d324 GetVersionExA

• 0x47d328 WritePrivateProfileStringA

• 0x47d32c CreateThread

• 0x47d330 CreateEventA

• 0x47d334 Sleep

• 0x47d338 GlobalAlloc

• 0x47d33c GlobalLock

• 0x47d340 GlobalUnlock

• 0x47d344 GetTempPathA

• 0x47d348 FindFirstFileA

• 0x47d34c FindClose

• 0x47d350 GetFileAttributesA

• 0x47d354 DeleteFileA

• 0x47d358 SetCurrentDirectoryA

• 0x47d35c GetVolumeInformationA

• 0x47d360 GetModuleHandleA

• 0x47d364 GetProcAddress

• 0x47d368 MulDiv

• 0x47d36c GetCommandLineA

• 0x47d370 GetTickCount

• 0x47d374 WaitForSingleObject

• 0x47d378 GetCurrentThread

库: USER32.dll:

• 0x47d3a0 GetForegroundWindow

• 0x47d3a4 LoadIconA

• 0x47d3a8 TranslateMessage

• 0x47d3ac DrawFrameControl

• 0x47d3b0 DrawEdge

• 0x47d3b4 DrawFocusRect

• 0x47d3b8 WindowFromPoint

• 0x47d3bc GetMessageA

• 0x47d3c0 DispatchMessageA

• 0x47d3c4 SetRectEmpty

• 0x47d3c8 RegisterClipboardFormatA

• 0x47d3cc CreateIconFromResourceEx

• 0x47d3d0 CreateIconFromResource

• 0x47d3d4 DrawIconEx

• 0x47d3d8 CreatePopupMenu

• 0x47d3dc AppendMenuA

• 0x47d3e0 ModifyMenuA

• 0x47d3e4 CreateMenu

• 0x47d3e8 CreateAcceleratorTableA

• 0x47d3ec GetDlgCtrlID

• 0x47d3f0 GetSubMenu

• 0x47d3f4 EnableMenuItem

• 0x47d3f8 ClientToScreen

• 0x47d3fc EnumDisplaySettingsA

• 0x47d400 LoadImageA

• 0x47d404 SystemParametersInfoA

• 0x47d408 ShowWindow

• 0x47d40c IsWindowEnabled

• 0x47d410 TranslateAcceleratorA

• 0x47d414 GetKeyState

• 0x47d418 CopyAcceleratorTableA

• 0x47d41c PostQuitMessage

• 0x47d420 IsZoomed

• 0x47d424 GetClassInfoA

• 0x47d428 DefWindowProcA

• 0x47d42c GetMenu

• 0x47d430 SetMenu

• 0x47d434 PeekMessageA

• 0x47d438 IsIconic

• 0x47d43c SetFocus

• 0x47d440 GetActiveWindow

• 0x47d444 GetWindow

• 0x47d448 DestroyAcceleratorTable

• 0x47d44c SetWindowRgn

• 0x47d450 GetMessagePos

• 0x47d454 ScreenToClient

• 0x47d458 ChildWindowFromPointEx

• 0x47d45c CopyRect

• 0x47d460 LoadBitmapA

• 0x47d464 WinHelpA

• 0x47d468 KillTimer

• 0x47d46c SetTimer

• 0x47d470 ReleaseCapture

• 0x47d474 GetCapture

• 0x47d478 SetCapture

• 0x47d47c GetScrollRange

• 0x47d480 SetScrollRange

• 0x47d484 SetScrollPos

• 0x47d488 SetRect

• 0x47d48c InflateRect

• 0x47d490 IntersectRect

• 0x47d494 DestroyIcon

• 0x47d498 UnregisterClassA

• 0x47d49c OffsetRect

• 0x47d4a0 IsWindowVisible

• 0x47d4a4 EnableWindow

• 0x47d4a8 RedrawWindow

• 0x47d4ac GetWindowLongA

• 0x47d4b0 SetWindowLongA

• 0x47d4b4 GetSysColor

• 0x47d4b8 SetActiveWindow

• 0x47d4bc SetCursorPos

• 0x47d4c0 LoadCursorA

• 0x47d4c4 SetCursor

• 0x47d4c8 GetDC

• 0x47d4cc FillRect

• 0x47d4d0 IsRectEmpty

• 0x47d4d4 ReleaseDC

• 0x47d4d8 IsChild

• 0x47d4dc DestroyMenu

• 0x47d4e0 SetForegroundWindow

• 0x47d4e4 GetWindowRect

• 0x47d4e8 EqualRect

• 0x47d4ec UpdateWindow

• 0x47d4f0 ValidateRect

• 0x47d4f4 InvalidateRect

• 0x47d4f8 GetClientRect

• 0x47d4fc GetFocus

• 0x47d500 GetWindowTextA

• 0x47d504 GetWindowTextLengthA

• 0x47d508 CharUpperA

• 0x47d50c GetWindowDC

• 0x47d510 BeginPaint

• 0x47d514 EndPaint

• 0x47d518 TabbedTextOutA

• 0x47d51c DrawTextA

• 0x47d520 GrayStringA

• 0x47d524 GetDlgItem

• 0x47d528 DestroyWindow

• 0x47d52c CreateDialogIndirectParamA

• 0x47d530 EndDialog

• 0x47d534 GetNextDlgTabItem

• 0x47d538 GetWindowPlacement

• 0x47d53c RegisterWindowMessageA

• 0x47d540 GetLastActivePopup

• 0x47d544 GetMessageTime

• 0x47d548 RemovePropA

• 0x47d54c CallWindowProcA

• 0x47d550 GetPropA

• 0x47d554 UnhookWindowsHookEx

• 0x47d558 SetPropA

• 0x47d55c GetClassLongA

• 0x47d560 CallNextHookEx

• 0x47d564 SetWindowsHookExA

• 0x47d568 CreateWindowExA

• 0x47d56c GetMenuItemID

• 0x47d570 GetMenuItemCount

• 0x47d574 RegisterClassA

• 0x47d578 GetScrollPos

• 0x47d57c AdjustWindowRectEx

• 0x47d580 MapWindowPoints

• 0x47d584 SendDlgItemMessageA

• 0x47d588 ScrollWindowEx

• 0x47d58c IsDialogMessageA

• 0x47d590 SetWindowTextA

• 0x47d594 MoveWindow

• 0x47d598 CheckMenuItem

• 0x47d59c SetMenuItemBitmaps

• 0x47d5a0 GetMenuState

• 0x47d5a4 GetMenuCheckMarkDimensions

• 0x47d5a8 GetClassNameA

• 0x47d5ac GetDesktopWindow

• 0x47d5b0 LoadStringA

• 0x47d5b4 GetSysColorBrush

• 0x47d5b8 GetParent

• 0x47d5bc GetTopWindow

• 0x47d5c0 PostMessageA

• 0x47d5c4 IsWindow

• 0x47d5c8 SetParent

• 0x47d5cc DestroyCursor

• 0x47d5d0 SendMessageA

• 0x47d5d4 SetWindowPos

• 0x47d5d8 MessageBoxA

• 0x47d5dc GetCursorPos

• 0x47d5e0 GetSystemMetrics

• 0x47d5e4 EmptyClipboard

• 0x47d5e8 SetClipboardData

• 0x47d5ec OpenClipboard

• 0x47d5f0 GetClipboardData

• 0x47d5f4 CloseClipboard

• 0x47d5f8 wsprintfA

• 0x47d5fc PtInRect

库: GDI32.dll:

• 0x47d024 GetTextMetricsA

• 0x47d028 LineTo

• 0x47d02c Escape

• 0x47d030 ExtTextOutA

• 0x47d034 TextOutA

• 0x47d038 RectVisible

• 0x47d03c PtVisible

• 0x47d040 GetViewportExtEx

• 0x47d044 ExtSelectClipRgn

• 0x47d048 SetBkColor

• 0x47d04c CreateRectRgnIndirect

• 0x47d050 SetStretchBltMode

• 0x47d054 GetClipRgn

• 0x47d058 CreatePolygonRgn

• 0x47d05c SelectClipRgn

• 0x47d060 DeleteObject

• 0x47d064 CreateDIBitmap

• 0x47d068 GetSystemPaletteEntries

• 0x47d06c CreatePalette

• 0x47d070 StretchBlt

• 0x47d074 SelectPalette

• 0x47d078 RealizePalette

• 0x47d07c GetDIBits

• 0x47d080 GetWindowExtEx

• 0x47d084 GetViewportOrgEx

• 0x47d088 GetWindowOrgEx

• 0x47d08c BeginPath

• 0x47d090 EndPath

• 0x47d094 PathToRegion

• 0x47d098 CreateEllipticRgn

• 0x47d09c CreateRoundRectRgn

• 0x47d0a0 GetTextColor

• 0x47d0a4 GetBkMode

• 0x47d0a8 GetBkColor

• 0x47d0ac GetROP2

• 0x47d0b0 GetStretchBltMode

• 0x47d0b4 GetPolyFillMode

• 0x47d0b8 CreateCompatibleBitmap

• 0x47d0bc CreateDCA

• 0x47d0c0 CreateBitmap

• 0x47d0c4 SelectObject

• 0x47d0c8 GetObjectA

• 0x47d0cc CreatePen

• 0x47d0d0 PatBlt

• 0x47d0d4 CombineRgn

• 0x47d0d8 CreateRectRgn

• 0x47d0dc FillRgn

• 0x47d0e0 CreateSolidBrush

• 0x47d0e4 MoveToEx

• 0x47d0e8 ExcludeClipRect

• 0x47d0ec GetClipBox

• 0x47d0f0 ScaleWindowExtEx

• 0x47d0f4 SetWindowExtEx

• 0x47d0f8 SetWindowOrgEx

• 0x47d0fc ScaleViewportExtEx

• 0x47d100 SetViewportExtEx

• 0x47d104 OffsetViewportOrgEx

• 0x47d108 SetViewportOrgEx

• 0x47d10c SetMapMode

• 0x47d110 SetTextColor

• 0x47d114 SetROP2

• 0x47d118 SetPolyFillMode

• 0x47d11c SetBkMode

• 0x47d120 RestoreDC

• 0x47d124 SaveDC

• 0x47d128 GetStockObject

• 0x47d12c CreateFontIndirectA

• 0x47d130 EndPage

• 0x47d134 EndDoc

• 0x47d138 DeleteDC

• 0x47d13c StartDocA

• 0x47d140 StartPage

• 0x47d144 BitBlt

• 0x47d148 CreateCompatibleDC

• 0x47d14c Ellipse

• 0x47d150 Rectangle

• 0x47d154 LPtoDP

• 0x47d158 DPtoLP

• 0x47d15c GetCurrentObject

• 0x47d160 RoundRect

• 0x47d164 GetTextExtentPoint32A

• 0x47d168 GetDeviceCaps

库: WINMM.dll:

• 0x47d604 midiOutReset

• 0x47d608 midiStreamRestart

• 0x47d60c midiStreamStop

• 0x47d610 midiStreamOut

• 0x47d614 waveOutUnprepareHeader

• 0x47d618 waveOutPrepareHeader

• 0x47d61c waveOutWrite

• 0x47d620 waveOutPause

• 0x47d624 midiOutPrepareHeader

• 0x47d628 midiStreamProperty

• 0x47d62c waveOutReset

• 0x47d630 waveOutClose

• 0x47d634 waveOutGetNumDevs

• 0x47d638 waveOutOpen

• 0x47d63c midiOutUnprepareHeader

• 0x47d640 midiStreamOpen

• 0x47d644 midiStreamClose

库: WINSPOOL.DRV:

• 0x47d64c ClosePrinter

• 0x47d650 DocumentPropertiesA

• 0x47d654 OpenPrinterA

库: ADVAPI32.dll:

• 0x47d000 RegOpenKeyExA

• 0x47d004 RegCreateKeyExA

• 0x47d008 RegCloseKey

• 0x47d00c RegSetValueExA

• 0x47d010 RegQueryValueA

库: SHELL32.dll:

• 0x47d390 ShellExecuteA

• 0x47d394 Shell_NotifyIconA

• 0x47d398 SHGetSpecialFolderPathA

库: ole32.dll:

• 0x47d698 OleUninitialize

• 0x47d69c OleInitialize

• 0x47d6a0 CLSIDFromString

库: OLEAUT32.dll:

• 0x47d380 UnRegisterTypeLib

• 0x47d384 RegisterTypeLib

• 0x47d388 LoadTypeLib

库: COMCTL32.dll:

• 0x47d018 ImageList_Destroy

• 0x47d01c None

库: WS2_32.dll:

• 0x47d65c inet_ntoa

• 0x47d660 WSACleanup

• 0x47d664 closesocket

• 0x47d668 WSAAsyncSelect

• 0x47d66c recvfrom

• 0x47d670 ioctlsocket

• 0x47d674 recv

• 0x47d678 getpeername

• 0x47d67c accept

库: comdlg32.dll:

• 0x47d684 GetFileTitleA

• 0x47d688 GetSaveFileNameA

• 0x47d68c GetOpenFileNameA

• 0x47d690 ChooseColorA

.text
`.rdata
@.data
.rsrc
8`}<j
T$HhD<I
T$th 
T$|hX<I
D$|hT<I
D$@Sj
L$8h 
D$8Rj
l$<VWj
L$0h|=I
D$,RVhL=I
Qh|=I
u(Uh<>I
Ph(>I
Ph|>I
Ph<>I
T$ Rj
L$4S+L$0Qj
RhpFH
PhHFI
$hPFI
T$,htFI
D$(hhFI
D$$h`FI
}'h  
9^xu5j
T$,Qj
T$0Pj
D$8RPj
D$0h 
T$,Qj
NpRQj
t$<Vj
T$<h 
D$(hF
D$(h 
T$Dhb

没有防病毒引擎扫描信息!

进程树

____________.exe id: 2604
- 雷鸣霸主.exe id: 2748
- stiypan.exe id: 2780

____________.exe, PID: 2604, 上一级进程 PID: 2236

缺省注册表文件系统网络进程线程服务设备同步加密浏览器全部

雷鸣霸主.exe, PID: 2748, 上一级进程 PID: 2604

缺省注册表文件系统网络进程线程服务设备同步加密浏览器全部

stiypan.exe, PID: 2780, 上一级进程 PID: 2604

缺省注册表文件系统网络进程线程服务设备同步加密浏览器全部

下载PCAP包

访问主机纪录 (可点击查询WPING实时安全评级)

直接	IP	安全评级	地理位置
是	103.44.245.200	中国

TCP

源地址	源端口	目标地址	目标端口
192.168.122.201	49163	103.44.245.200	4753
192.168.122.201	49167	103.44.245.200	4753
192.168.122.201	49160	23.193.114.137	80

UDP

源地址	源端口	目标地址	目标端口
192.168.122.201	63246	192.168.122.1	53

域名解析 (可点击查询WPING实时安全评级)

无域名信息.

TCP

源地址	源端口	目标地址	目标端口
192.168.122.201	49163	103.44.245.200	4753
192.168.122.201	49167	103.44.245.200	4753
192.168.122.201	49160	23.193.114.137	80

UDP

源地址	源端口	目标地址	目标端口
192.168.122.201	63246	192.168.122.1	53

HTTP 请求

URI	HTTP数据
URL专业沙箱检测 -> http://acroipm.adobe.com/11/rdr/CHS/win/nooem/none/message.zip	GET /11/rdr/CHS/win/nooem/none/message.zip HTTP/1.1 Accept: / If-Modified-Since: Mon, 08 Nov 2017 08:44:36 GMT User-Agent: IPM Host: acroipm.adobe.com Connection: Keep-Alive Cache-Control: no-cache

SMTP 流量

无SMTP流量.

IRC 流量

无IRC请求.

ICMP 流量

无ICMP流量.

CIF 报告

无 CIF 结果

网络警报

无警报

TLS

No TLS

Suricata HTTP

No Suricata HTTP

未发现网络提取文件

抱歉! 没有任何文件投放。

没有发现相似的分析.

HTML 总结报告 (需15-60分钟同步)	下载

Processing ( 42.95 seconds )

16.301 Static
10.855 Suricata
9.812 BehaviorAnalysis
2.697 NetworkAnalysis
1.858 TargetInfo
1.076 VirusTotal
0.312 peid
0.017 config_decoder
0.011 Strings
0.009 AnalysisInfo
0.002 Memory

Signatures ( 8.349 seconds )

1.315 md_url_bl
1.041 antiav_detectfile
0.748 infostealer_bitcoin
0.476 api_spamming
0.412 antivm_vbox_files
0.387 stealth_timeout
0.37 infostealer_ftp
0.362 stealth_decoy_document
0.26 infostealer_im
0.248 maldun_anomaly_massive_file_ops
0.192 antidbg_devices
0.165 infostealer_mail
0.139 network_tor
0.132 rat_pcclient
0.103 antiav_avast_libs
0.103 antisandbox_sunbelt_libs
0.086 betabot_behavior
0.083 antisandbox_sboxie_libs
0.081 mimics_filetime
0.081 kazybot_behavior
0.078 antiav_bitdefender_libs
0.078 antivm_vmware_files
0.077 codelux_behavior
0.076 virus
0.074 reads_self
0.067 antivm_generic_disk
0.064 stealth_file
0.062 hawkeye_behavior
0.062 injection_createremotethread
0.061 kibex_behavior
0.059 hancitor_behavior
0.059 sniffer_winpcap
0.054 bootkit
0.045 process_interest
0.043 geodo_banking_trojan
0.04 injection_runpe
0.039 antivm_vpc_files
0.039 malicous_targeted_flame
0.039 network_tor_service
0.038 banker_cridex
0.037 antianalysis_detectfile
0.028 vawtrak_behavior
0.027 shifu_behavior
0.025 antisandbox_sunbelt_files
0.022 kovter_behavior
0.022 antiav_detectreg
0.02 antiemu_wine_func
0.02 process_needed
0.019 infostealer_browser_password
0.019 spreading_autoruninf
0.019 bitcoin_opencl
0.018 antivm_vbox_devices
0.017 antisandbox_fortinet_files
0.017 antisandbox_threattrack_files
0.01 anomaly_persistence_ads
0.01 antisandbox_cuckoo_files
0.01 antisandbox_joe_anubis_files
0.008 md_domain_bl
0.007 antivm_vmware_devices
0.006 anomaly_persistence_autorun
0.005 antianalysis_detectreg
0.005 ransomware_files
0.004 ransomware_extensions
0.003 antivm_vbox_libs
0.003 dridex_behavior
0.003 network_http
0.002 tinba_behavior
0.002 antisandbox_sleep
0.002 antivm_generic_scsi
0.002 exec_crash
0.002 antidbg_windows
0.002 disables_browser_warn
0.001 rat_nanocore
0.001 antivm_vmware_libs
0.001 antivm_generic_services
0.001 anormaly_invoke_kills
0.001 cerber_behavior
0.001 antivm_parallels_keys
0.001 antivm_xen_keys
0.001 bot_drive
0.001 bot_drive2
0.001 browser_security
0.001 modify_proxy
0.001 maldun_malicious_drop_executable_file_to_temp_folder
0.001 md_bad_drop
0.001 network_cnc_http
0.001 stealth_modify_uac_prompt

Reporting ( 0.718 seconds )

0.615 ReportHTMLSummary
0.103 Malheur


Task ID	710646
Mongo ID	632f185bdc327b8d442c8eae
Cuckoo release	1.4-Maldun