比较分析...

分析任务

分析类型 虚拟机标签 开始时间 结束时间 持续时间
文件 (Windows) win7-sp1-x64-shaapp02-2 2024-04-26 09:46:23 2024-04-26 09:47:20 57 秒

魔盾分数

10.0

危险的

文件详细信息

文件名 svhsrv.exe
文件大小 22863944 字节
文件类型 PE32+ executable (GUI) x86-64, for MS Windows
MD5 c420499d5dab3d4a579882336f402cf3
SHA1 203d2eb246dcee24cfa548bffc5fd1bd36fbd36f
SHA256 ad5fc62f58647c624fb8ea1d458fa6a4a5e6e58d9c24ef2d7391c39fa6673e72
SHA512 c24b481ac27a3e5383d811d5476cd09729adfa2a3ab18a812978046f1f0c532353ecfe8f82e2cda55943d41143be1e2757bdad0c434455323b81d4e089a5efb6
CRC32 FDC6A093
Ssdeep 196608:e49y4CyQCawjDbuCk6JS1ZbE8bLqRADZlBE9l:e4A4CyQCawjXXk6YZbz2yDZml
Yara 登录查看Yara规则
找不到该样本 提交误报
登录查看威胁特征

运行截图

没有可用的屏幕截图

访问主机纪录 (可点击查询WPING实时安全评级)

直接 IP 安全评级 地理位置
152.195.38.76 美国

域名解析 (可点击查询WPING实时安全评级)

域名 安全评级 响应
cacerts.digicert.com CNAME fp2e7a.wpc.2be4.phicdn.net
CNAME fp2e7a.wpc.phicdn.net
A 152.195.38.76

摘要

登录查看详细行为信息

PE 信息

初始地址 0x140000000
入口地址 0x140fc4ebc
声明校验值 0x015ddda5
最低操作系统版本要求 6.0
PDB路径 C:\home\3eye\client_msvc2019_64\whscon_whstbh_vs2010_release_x64.pdb
编译时间 2022-06-09 11:21:33
载入哈希 2f311084a3dd8bdff79ed5332b4c8cb6
导出DLL库名称 \x31\x31\x31\x39\x31\x31\x39\x31\x31\x31\x31\x39\x31\x39\x31\x31\x35\x34\x34\x34\x39\x31\x31\x31\x31\x39\x31\x31\x39\x31\x35\x35\x34\x31\x31\x31

版本信息

LegalCopyright
FileVersion
CompanyName
ProductName
ProductVersion
FileDescription
OriginalFilename
Translation

微软证书验证 (Sign Tool)

SHA1 时间戳 有效性 错误
None Thu Jun 09 11:25:20 2022
WinVerifyTrust returned error 0x80096005 /
证书链 Certificate Chain 1
发行给 DigiCert Assured ID Root CA
发行人 DigiCert Assured ID Root CA
有效期 Mon Nov 10 080000 2031
SHA1 哈希 0563b8630d62d75abbc8ab1e4bdfb5a899b24d43
证书链 Certificate Chain 2
发行给 DigiCert SHA2 Assured ID Code Signing CA
发行人 DigiCert Assured ID Root CA
有效期 Sun Oct 22 200000 2028
SHA1 哈希 92c1588e85af2201ce7915e8538b492f605b80c6
证书链 Certificate Chain 3
发行给 Zhenjiang Super Network Control Network Technology Co., Ltd.
发行人 DigiCert SHA2 Assured ID Code Signing CA
有效期 Wed May 01 075959 2024
SHA1 哈希 dfec0fadae1991b90f34337f80d435f892f0f057
证书链 Timestamp Chain 1
发行给 DigiCert Trusted Root G4
发行人 DigiCert Trusted Root G4
有效期 Fri Jan 15 200000 2038
SHA1 哈希 ddfb16cd4931c973a2037d3fc83a4d7d775d05e4
证书链 Timestamp Chain 2
发行给 DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA
发行人 DigiCert Trusted Root G4
有效期 Mon Mar 23 075959 2037
SHA1 哈希 b6c8af834d4e53b673c76872aa8c950c7c54df5f
证书链 Timestamp Chain 3
发行给 DigiCert Timestamp 2022 - 2
发行人 DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA
有效期 Tue Mar 15 075959 2033
SHA1 哈希 8508f386515cb3d3077db6b4b7c07f1b4a5e41de

PE 数据组成

名称 虚拟地址 虚拟大小 原始数据大小 特征 熵(Entropy)
.text 0x00001000 0x01158b2c 0x01158c00 IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 6.62
.rodata 0x0115a000 0x00000f60 0x00001000 IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 4.25
.rdata 0x0115b000 0x003b22a8 0x003b2400 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 6.31
.data 0x0150e000 0x00275510 0x0002d600 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 4.38
.pdata 0x01784000 0x0007cc74 0x0007ce00 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 6.75
.qtmetad 0x01801000 0x00000040 0x00000200 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_SHARED|IMAGE_SCN_MEM_READ 1.13
_RDATA 0x01802000 0x00000030 0x00000200 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 0.18
.rsrc 0x01803000 0x00000620 0x00000800 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 3.76
.reloc 0x01804000 0x0001467c 0x00014800 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 5.49

导入

库: NETAPI32.dll:
0x14115ba70 NetShareDel
0x14115ba78 NetApiBufferFree
0x14115ba80 NetShareEnum
库: PSAPI.DLL:
0x14115bb98 GetModuleFileNameExW
0x14115bba0 GetProcessMemoryInfo
0x14115bba8 GetProcessImageFileNameW
库: quazip.dll:
库: query.dll:
0x141160918 LoadIFilter
库: OLEACC.dll:
0x14115ba90 GetRoleTextA
0x14115ba98 GetStateTextA
0x14115baa0 AccessibleChildren
库: SETUPAPI.dll:
0x14115fad0 CM_Enumerate_Classes
0x14115fae0 CM_Get_DevNode_Status
0x14115fae8 CM_Get_Device_IDW
0x14115faf0 CM_Get_Parent
0x14115fb08 SetupDiOpenDevRegKey
0x14115fb10 SetupDiEnumDeviceInfo
0x14115fb58 SetupDiGetClassDevsW
库: RPCRT4.dll:
0x14115fac0 UuidFromStringW
库: ole32.dll:
0x141160878 CoUninitialize
0x141160880 CLSIDFromProgID
0x141160888 CoCreateInstance
0x141160890 CoInitialize
0x141160898 CoGetMalloc
0x1411608a0 OleSetClipboard
0x1411608a8 CoCreateGuid
0x1411608b0 CoFreeUnusedLibraries
0x1411608b8 CoGetClassObject
0x1411608c0 OleCreateFromFile
0x1411608c8 PropVariantClear
0x1411608d0 CoInitializeEx
0x1411608d8 CoTaskMemFree
0x1411608e0 CLSIDFromString
0x1411608e8 CoSetProxyBlanket
库: OLEAUT32.dll:
0x14115bac0 SafeArrayCreate
0x14115bac8 VariantTimeToSystemTime
0x14115bad0 SystemTimeToVariantTime
0x14115bad8 SysAllocStringLen
0x14115bae0 SysAllocString
0x14115bae8 SysFreeString
0x14115baf0 VariantClear
0x14115baf8 SysStringLen
0x14115bb00 SysAllocStringByteLen
0x14115bb08 SafeArrayGetDim
0x14115bb10 SafeArrayGetUBound
0x14115bb18 SafeArrayGetLBound
0x14115bb20 VariantCopy
0x14115bb28 SafeArrayGetElement
0x14115bb30 SafeArrayAccessData
0x14115bb38 GetActiveObject
0x14115bb40 OleCreateFontIndirect
0x14115bb48 OleCreatePictureIndirect
0x14115bb50 LoadTypeLib
0x14115bb58 SafeArrayDestroy
0x14115bb60 SafeArrayUnaccessData
0x14115bb68 SafeArrayPutElement
0x14115bb70 SafeArrayGetVartype
0x14115bb78 VariantInit
0x14115bb80 SafeArrayCreateVector
0x14115bb88 GetErrorInfo
库: SHLWAPI.dll:
0x14115fbc0 StrCmpW
0x14115fbc8 StrCpyW
库: IPHLPAPI.DLL:
0x14115b270 GetAdaptersAddresses
0x14115b278 GetIfEntry
0x14115b280 GetIfTable
0x14115b288 SendARP
0x14115b290 GetAdaptersInfo
库: SHELL32.dll:
0x14115fb78 ExtractIconExW
0x14115fb80 CommandLineToArgvW
0x14115fb88 None
0x14115fb90 ShellExecuteW
0x14115fb98 SHGetSpecialFolderPathW
0x14115fba0 DragQueryFileA
0x14115fba8 SHGetPathFromIDListW
库: USER32.dll:
0x14115fc08 MapVirtualKeyW
0x14115fc10 GetSystemMetrics
0x14115fc18 SetCursorPos
0x14115fc20 GetCursorInfo
0x14115fc28 SetForegroundWindow
0x14115fc30 SetWindowPos
0x14115fc38 GetAsyncKeyState
0x14115fc40 GetForegroundWindow
0x14115fc48 LoadKeyboardLayoutW
0x14115fc50 mouse_event
0x14115fc58 AttachThreadInput
0x14115fc60 SetFocus
0x14115fc68 GetLastInputInfo
0x14115fc70 SetActiveWindow
0x14115fc78 SetWindowLongW
0x14115fc80 GetWindowThreadProcessId
0x14115fc88 SetWindowsHookExW
0x14115fc90 CallNextHookEx
0x14115fc98 GetDC
0x14115fca0 ReleaseDC
0x14115fca8 KillTimer
0x14115fcb0 SetTimer
0x14115fcc0 SendInput
0x14115fcc8 keybd_event
0x14115fcd0 TranslateMessage
0x14115fcd8 PeekMessageW
0x14115fce0 PostThreadMessageW
0x14115fcf0 PostMessageW
0x14115fcf8 GetCursorPos
0x14115fd00 LockWorkStation
0x14115fd08 LoadCursorW
0x14115fd10 DrawIconEx
0x14115fd18 GetIconInfo
0x14115fd20 MoveWindow
0x14115fd28 BringWindowToTop
0x14115fd30 ShowCursor
0x14115fd38 DestroyIcon
0x14115fd40 CharUpperW
0x14115fd48 CharLowerW
0x14115fd50 EmptyClipboard
0x14115fd58 EnumClipboardFormats
0x14115fd60 SetClipboardData
0x14115fd68 GetClipboardOwner
0x14115fd70 GetTopWindow
0x14115fd78 IsIconic
0x14115fd80 PrintWindow
0x14115fd88 EnumDisplayDevicesW
0x14115fd90 EnumDisplaySettingsW
0x14115fd98 ChangeDisplaySettingsExW
0x14115fda0 GetCursor
0x14115fda8 RegisterClassExW
0x14115fdb0 DispatchMessageW
0x14115fdb8 GetMessageW
0x14115fdc0 GetWindow
0x14115fdc8 SetWindowLongPtrW
0x14115fdd0 GetWindowLongPtrW
0x14115fdd8 RegisterClassW
0x14115fde0 SendMessageTimeoutW
0x14115fde8 RegisterWindowMessageW
0x14115fdf0 SetWinEventHook
0x14115fdf8 FindWindowExW
0x14115fe00 wsprintfW
0x14115fe08 WindowFromPoint
0x14115fe10 EnumWindows
0x14115fe18 IsWindowVisible
0x14115fe20 GetGUIThreadInfo
0x14115fe28 ClientToScreen
0x14115fe30 GetWindowTextW
0x14115fe38 GetKeyboardState
0x14115fe40 GetKeyState
0x14115fe50 OpenInputDesktop
0x14115fe58 GetClassNameW
0x14115fe68 GetClipboardData
0x14115fe70 CloseClipboard
0x14115fe78 OpenClipboard
0x14115fe80 SendMessageW
0x14115fe88 FindWindowW
0x14115fe90 GetProcessWindowStation
0x14115fe98 SetProcessWindowStation
0x14115fea0 CloseWindowStation
0x14115fea8 OpenWindowStationW
0x14115feb0 GetThreadDesktop
0x14115feb8 CloseDesktop
0x14115fec0 SetThreadDesktop
0x14115fec8 OpenDesktopW
0x14115fed0 UnregisterHotKey
0x14115fed8 RegisterHotKey
0x14115fee0 SystemParametersInfoW
0x14115fee8 GetClipboardFormatNameW
0x14115fef0 RegisterClipboardFormatW
0x14115fef8 GetDesktopWindow
0x14115ff00 GetWindowRect
0x14115ff08 ShowWindow
0x14115ff10 CreateWindowExW
0x14115ff18 DefWindowProcW
0x14115ff20 CopyIcon
0x14115ff28 DestroyCursor
0x14115ff30 DrawIcon
0x14115ff38 GetWindowLongW
库: USERENV.dll:
0x14115ff48 CreateEnvironmentBlock
库: CRYPT32.dll:
0x14115b178 CertOpenStore
0x14115b198 CryptStringToBinaryA
0x14115b1a0 PFXImportCertStore
0x14115b1a8 CryptDecodeObjectEx
0x14115b1b8 CertFindExtension
0x14115b1c0 CertGetNameStringA
0x14115b1c8 CryptQueryObject
0x14115b1e0 CertGetCertificateChain
0x14115b1e8 CertFreeCertificateChain
0x14115b1f0 CertCloseStore
库: WINMM.dll:
0x141160028 timeBeginPeriod
0x141160030 timeKillEvent
0x141160038 timeGetTime
0x141160040 timeEndPeriod
0x141160048 timeSetEvent
库: Secur32.dll:
0x14115fbd8 CompleteAuthToken
0x14115fbe8 FreeCredentialsHandle
0x14115fbf0 DeleteSecurityContext
库: msdmo.dll:
0x141160850 MoInitMediaType
0x141160858 MoFreeMediaType
库: VERSION.dll:
0x141160008 VerQueryValueW
0x141160010 GetFileVersionInfoSizeW
0x141160018 GetFileVersionInfoW
库: WTSAPI32.dll:
0x1411601f8 WTSEnumerateSessionsW
0x141160200 WTSFreeMemory
0x141160208 WTSEnumerateProcessesW
库: ADVAPI32.dll:
0x14115b000 RegCreateKeyW
0x14115b008 LookupAccountSidW
0x14115b018 OpenProcessToken
0x14115b020 GetTokenInformation
0x14115b028 CloseServiceHandle
0x14115b030 ControlService
0x14115b038 EnumServicesStatusW
0x14115b040 SystemFunction036
0x14115b048 OpenSCManagerW
0x14115b050 OpenServiceW
0x14115b058 QueryServiceConfigW
0x14115b060 QueryServiceConfig2W
0x14115b068 StartServiceW
0x14115b070 CreateProcessAsUserW
0x14115b078 DuplicateTokenEx
0x14115b080 SetTokenInformation
0x14115b088 SetSecurityInfo
0x14115b090 AdjustTokenPrivileges
0x14115b098 LookupPrivilegeValueW
0x14115b0a0 SetEntriesInAclW
0x14115b0a8 GetSecurityInfo
0x14115b0b0 RegCloseKey
0x14115b0b8 CryptDestroyHash
0x14115b0c0 CryptHashData
0x14115b0c8 CryptCreateHash
0x14115b0d0 CryptGetHashParam
0x14115b0d8 CryptAcquireContextA
0x14115b0e0 CryptGenRandom
0x14115b0e8 CryptReleaseContext
0x14115b0f8 SetServiceStatus
0x14115b108 QueryServiceStatus
0x14115b110 CreateServiceW
0x14115b118 ChangeServiceConfig2W
0x14115b128 SetNamedSecurityInfoW
0x14115b130 GetNamedSecurityInfoW
0x14115b138 DeleteService
0x14115b140 GetUserNameW
0x14115b148 RegSetValueExW
0x14115b150 RegEnumKeyExW
0x14115b158 RegQueryValueExW
0x14115b160 RegOpenKeyExW
0x14115b168 RegQueryValueW
库: WS2_32.dll:
0x141160058 getnameinfo
0x141160060 WSAAddressToStringA
0x141160068 WSAStringToAddressA
0x141160070 getsockopt
0x141160078 ioctlsocket
0x141160080 getpeername
0x141160088 listen
0x141160090 shutdown
0x141160098 socket
0x1411600a0 WSAIoctl
0x1411600a8 WSARecv
0x1411600b0 WSASend
0x1411600b8 WSASocketW
0x1411600c0 WSARecvFrom
0x1411600c8 GetAddrInfoW
0x1411600d0 FreeAddrInfoW
0x1411600d8 WSASetLastError
0x1411600e0 sendto
0x1411600e8 WSACreateEvent
0x1411600f0 WSAEnumNetworkEvents
0x1411600f8 WSAEventSelect
0x141160100 WSAResetEvent
0x141160108 WSASetEvent
0x141160110 WSAWaitForMultipleEvents
0x141160118 inet_pton
0x141160120 WSACleanup
0x141160128 __WSAFDIsSet
0x141160130 accept
0x141160138 getaddrinfo
0x141160140 freeaddrinfo
0x141160148 ntohl
0x141160150 recvfrom
0x141160158 send
0x141160160 recv
0x141160168 htons
0x141160170 select
0x141160178 connect
0x141160180 closesocket
0x141160188 bind
0x141160190 getsockname
0x141160198 WSAStartup
0x1411601a0 gethostbyaddr
0x1411601a8 inet_ntoa
0x1411601b0 inet_addr
0x1411601b8 setsockopt
0x1411601c0 htonl
0x1411601c8 ntohs
0x1411601d0 WSAGetLastError
0x1411601d8 WSACloseEvent
0x1411601e0 gethostbyname
0x1411601e8 WSADuplicateSocketW
库: Qt5WinExtras.dll:
库: Qt5Multimedia.dll:
0x14115e2a0 ??1QAudioFormat@@QEAA@XZ
0x14115e2b0 ?start@QCamera@@QEAAXXZ
0x14115e2b8 ?load@QCamera@@QEAAXXZ
0x14115e2e0 ??1QCamera@@UEAA@XZ
0x14115e368 ??1QVideoFrame@@QEAA@XZ
0x14115e3c0 ??1QAudioOutput@@UEAA@XZ
0x14115e3f8 ??1QCameraInfo@@QEAA@XZ
0x14115e438 ??1QAudioInput@@UEAA@XZ
0x14115e4d0 ??0QAudioFormat@@QEAA@XZ
库: GDI32.dll:
0x14115b200 ExtEscape
0x14115b208 GetObjectW
0x14115b210 GetBitmapBits
0x14115b218 CreateDCW
0x14115b220 CreateCompatibleBitmap
0x14115b228 GetDIBits
0x14115b230 CreateDIBSection
0x14115b238 SetDIBits
0x14115b240 SelectObject
0x14115b248 DeleteObject
0x14115b250 DeleteDC
0x14115b258 CreateCompatibleDC
0x14115b260 BitBlt
库: Qt5Widgets.dll:
0x14115ec38 ??1QRadioButton@@UEAA@XZ
0x14115ec58 ??1QTextEdit@@UEAA@XZ
0x14115ec88 ??1QCheckBox@@UEAA@XZ
0x14115eda8 ??1QComboBox@@UEAA@XZ
0x14115ef08 ??1QScrollArea@@UEAA@XZ
0x14115ef38 ?update@QWidget@@QEAAXXZ
0x14115efa0 ?reject@QDialog@@UEAAXXZ
0x14115efc8 ?open@QDialog@@UEAAXXZ
0x14115f088 ?done@QDialog@@UEAAXH@Z
0x14115f0b8 ?accept@QDialog@@UEAAXXZ
0x14115f0c8 ??1QDialog@@UEAA@XZ
0x14115f0d8 ??1QVBoxLayout@@UEAA@XZ
0x14115f0e8 ??0QHBoxLayout@@QEAA@XZ
0x14115f100 ??1QGridLayout@@UEAA@XZ
0x14115f108 ??0QGridLayout@@QEAA@XZ
0x14115f110 ??1QSpacerItem@@UEAA@XZ
0x14115f220 ??1QMenu@@UEAA@XZ
0x14115f230 ?clear@QLabel@@QEAAXXZ
0x14115f248 ??1QAction@@UEAA@XZ
0x14115f440 ??1QLineEdit@@UEAA@XZ
0x14115f450 ??1QHBoxLayout@@UEAA@XZ
0x14115f5a8 ??1QLabel@@UEAA@XZ
0x14115f5b8 ??1QPushButton@@UEAA@XZ
0x14115f5d8 ?close@QWidget@@QEAA_NXZ
0x14115f5e8 ?height@QWidget@@QEBAHXZ
0x14115f5f0 ?width@QWidget@@QEBAHXZ
0x14115f750 ??1QMessageBox@@UEAA@XZ
0x14115f760 ?exec@QDialog@@UEAAHXZ
0x14115f788 ?hide@QWidget@@QEAAXXZ
0x14115f7a0 ??1QWidget@@UEAA@XZ
0x14115f7b0 ?show@QWidget@@QEAAXXZ
0x14115f7c0 ?winId@QWidget@@QEBA_KXZ
0x14115f918 ??1QApplication@@UEAA@XZ
0x14115f970 ?x@QWidget@@QEBAHXZ
0x14115f978 ?y@QWidget@@QEBAHXZ
0x14115fa08 ??1QFrame@@UEAA@XZ
0x14115fa38 ??1QToolButton@@UEAA@XZ
库: Qt5Gui.dll:
0x14115dbc0 ?green@QColor@@QEBAHXZ
0x14115dbc8 ?blue@QColor@@QEBAHXZ
0x14115dbd0 ??0QColor@@QEAA@AEBV0@@Z
0x14115dbe8 ?red@QColor@@QEBAHXZ
0x14115dbf0 ?rgba@QColor@@QEBAIXZ
0x14115dc28 ?end@QPainter@@QEAA_NXZ
0x14115dc50 ??0QImage@@QEAA@XZ
0x14115dc68 ??1QImage@@UEAA@XZ
0x14115dc70 ?width@QImage@@QEBAHXZ
0x14115dc78 ?height@QImage@@QEBAHXZ
0x14115dc80 ?bits@QImage@@QEAAPEAEXZ
0x14115dc98 ??0QMatrix@@QEAA@XZ
0x14115dcb0 ?isNull@QImage@@QEBA_NXZ
0x14115dd18 ??1QPixmap@@UEAA@XZ
0x14115dd58 ??1QPainter@@QEAA@XZ
0x14115dd78 ??0QFont@@QEAA@XZ
0x14115dd80 ??1QFont@@QEAA@XZ
0x14115dda0 ??1QKeySequence@@QEAA@XZ
0x14115ddb0 ?width@QPixmap@@QEBAHXZ
0x14115ddb8 ?height@QPixmap@@QEBAHXZ
0x14115ddc0 ??0QPalette@@QEAA@XZ
0x14115ddc8 ??1QPalette@@QEAA@XZ
0x14115dde8 ??1QIcon@@QEAA@XZ
0x14115de30 ??0QPixmap@@QEAA@XZ
0x14115de50 ??0QPixmap@@QEAA@HH@Z
0x14115dea0 ??0QRegion@@QEAA@XZ
0x14115dea8 ??1QRegion@@QEAA@XZ
0x14115df50 ??0QColor@@QEAA@HHHH@Z
0x14115df58 ??0QIcon@@QEAA@XZ
0x14115dfa0 ??0QImage@@QEAA@AEBV0@@Z
0x14115dfa8 ??0QColor@@QEAA@I@Z
0x14115dfd0 ??1QFontMetrics@@QEAA@XZ
0x14115dff8 ?bits@QImage@@QEBAPEBEXZ
0x14115e018 ??1QCursor@@QEAA@XZ
0x14115e038 ??1QBrush@@QEAA@XZ
0x14115e070 ??1QWindow@@UEAA@XZ
0x14115e078 ?winId@QWindow@@QEBA_KXZ
0x14115e170 ?create@QWindow@@QEAAXXZ
0x14115e180 ?width@QWindow@@QEBAHXZ
0x14115e188 ?height@QWindow@@QEBAHXZ
0x14115e1c8 ??0QCursor@@QEAA@XZ
0x14115e1f8 ?weight@QFont@@QEBAHXZ
0x14115e210 ??0QFont@@QEAA@AEBV0@@Z
0x14115e228 ?rgb@QColor@@QEBAIXZ
0x14115e248 ??0QColor@@QEAA@XZ
库: Qt5Sql.dll:
0x14115e8f8 ??1QSqlDatabase@@QEAA@XZ
0x14115e910 ??1QSqlError@@QEAA@XZ
0x14115e920 ??1QSqlRecord@@QEAA@XZ
0x14115e9e0 ??0QSqlDatabase@@QEAA@XZ
0x14115ea98 ??1QSqlQuery@@QEAA@XZ
库: Qt5WebSockets.dll:
0x14115eab8 ??1QWebSocket@@UEAA@XZ
库: Qt5Network.dll:
0x14115e568 ??0QHostAddress@@QEAA@XZ
0x14115e588 ??1QHostAddress@@QEAA@XZ
0x14115e5a8 ??1QUdpSocket@@UEAA@XZ
0x14115e6a0 ??1QTcpServer@@UEAA@XZ
0x14115e6e8 ??1QTcpSocket@@UEAA@XZ
0x14115e780 ??1QLocalServer@@UEAA@XZ
库: Qt5Core.dll:
0x14115bc78 ??BQBitRef@@QEBA_NXZ
0x14115bc80 ??1QBitArray@@QEAA@XZ
0x14115bc90 ??0QBitArray@@QEAA@H_N@Z
0x14115bc98 ??0QBitArray@@QEAA@XZ
0x14115bca8 ??MQUuid@@QEBA_NAEBV0@@Z
0x14115bcb0 ??8QUuid@@QEBA_NAEBV0@@Z
0x14115bcb8 ?isNull@QUuid@@QEBA_NXZ
0x14115bcc8 ??0QUuid@@QEAA@XZ
0x14115bde0 ??0QVariant@@QEAA@I@Z
0x14115be00 ?isValid@QTime@@QEBA_NXZ
0x14115be30 ?qstrcmp@@YAHPEBD0@Z
0x14115be38 ?isValid@QSize@@QEBA_NXZ
0x14115be68 ??1QLockFile@@QEAA@XZ
0x14115be78 ?usleep@QThread@@SAXK@Z
0x14115bec8 ??1QThreadPool@@UEAA@XZ
0x14115bee0 ?restart@QTime@@QEAAHXZ
0x14115bef0 ?isNull@QTime@@QEBA_NXZ
0x14115bef8 ??6QDebug@@QEAAAEAV0@M@Z
0x14115bf00 ??1QRunnable@@UEAA@XZ
0x14115bf08 ??0QRunnable@@QEAA@XZ
0x14115bfc0 ??1QWriteLocker@@QEAA@XZ
0x14115bfd0 ??1QReadLocker@@QEAA@XZ
0x14115bff8 ??1QIODevice@@UEAA@XZ
0x14115c090 ??1QLocale@@QEAA@XZ
0x14115c100 ??1QTranslator@@UEAA@XZ
0x14115c148 ?cdUp@QDir@@QEAA_NXZ
0x14115c210 ??0QVariant@@QEAA@M@Z
0x14115c220 ?sync@QSettings@@QEAAXXZ
0x14115c268 ??9QByteRef@@QEBA_ND@Z
0x14115c320 ??0QVariant@@QEAA@_K@Z
0x14115c3a0 ?at@QByteArray@@QEBADH@Z
0x14115c3a8 ?qChecksum@@YAGPEBDI@Z
0x14115c3b8 ??0QUrl@@QEAA@XZ
0x14115c3c0 ?msec@QTime@@QEBAHXZ
0x14115c3c8 ?second@QTime@@QEBAHXZ
0x14115c450 ??0QJsonValue@@QEAA@N@Z
0x14115c490 ??1QStringRef@@QEAA@XZ
0x14115c498 ??0QJsonValue@@QEAA@_J@Z
0x14115c4f8 ??0QSize@@QEAA@XZ
0x14115c528 ?height@QRectF@@QEBANXZ
0x14115c530 ?width@QRectF@@QEBANXZ
0x14115c540 ??0QRectF@@QEAA@XZ
0x14115c548 ?msleep@QThread@@SAXK@Z
0x14115c578 ?elapsed@QTime@@QEBAHXZ
0x14115c580 ?start@QTime@@QEAAXXZ
0x14115c588 z_deflateInit_
0x14115c590 z_deflateEnd
0x14115c598 z_deflate
0x14115c650 ?minute@QTime@@QEBAHXZ
0x14115c668 ?day@QDate@@QEBAHXZ
0x14115c670 ?month@QDate@@QEBAHXZ
0x14115c678 ?year@QDate@@QEBAHXZ
0x14115c6b0 ??AQByteArray@@QEBADH@Z
0x14115c700 ??0QDate@@QEAA@XZ
0x14115c730 ?toLatin1@QChar@@QEBADXZ
0x14115c7b0 ??0QVariant@@QEAA@N@Z
0x14115c7d0 ??0QRegExp@@QEAA@XZ
0x14115c830 ?hour@QTime@@QEBAHXZ
0x14115c878 ??6QDebug@@QEAAAEAV0@N@Z
0x14115c8a0 ??0QDebug@@QEAA@AEBV0@@Z
0x14115c8a8 ??0QTime@@QEAA@XZ
0x14115c900 ?length@QString@@QEBAHXZ
0x14115c908 ?size@QString@@QEBAHXZ
0x14115c918 ?qsrand@@YAXI@Z
0x14115c960 ??8QByteRef@@QEBA_ND@Z
0x14115c968 ??BQByteRef@@QEBADXZ
0x14115c988 ??9QString@@QEBA_NPEBD@Z
0x14115c9e0 ??0QChar@@QEAA@D@Z
0x14115c9f8 ??6QDebug@@QEAAAEAV0@J@Z
0x14115cb10 ??0QSize@@QEAA@HH@Z
0x14115cb28 ?y@QRect@@QEBAHXZ
0x14115cb30 ?x@QRect@@QEBAHXZ
0x14115cb50 ?height@QRect@@QEBAHXZ
0x14115cb58 ?width@QRect@@QEBAHXZ
0x14115cc28 ??0QTime@@QEAA@HHHH@Z
0x14115cc30 ??0QDate@@QEAA@HHH@Z
0x14115cc98 ??0QRect@@QEAA@HHHH@Z
0x14115ccc8 ?run@QThread@@MEAAXXZ
0x14115cd10 ?stop@QTimer@@QEAAXXZ
0x14115cd18 ?start@QTimer@@QEAAXXZ
0x14115cd20 ?start@QTimer@@QEAAXH@Z
0x14115cd30 ??1QTimer@@UEAA@XZ
0x14115cd98 ??1QDataStream@@QEAA@XZ
0x14115cdc8 ??0QDateTime@@QEAA@XZ
0x14115ce48 ??6QDebug@@QEAAAEAV0@G@Z
0x14115ce88 ??0QUrlQuery@@QEAA@XZ
0x14115cee0 ??0QByteArray@@QEAA@HD@Z
0x14115cee8 ?isDigit@QChar@@QEBA_NXZ
0x14115cef0 ??0QChar@@QEAA@XZ
0x14115cf70 ?close@QProcess@@UEAAXXZ
0x14115cf98 ?kill@QProcess@@QEAAXXZ
0x14115cfe0 ??0QFile@@QEAA@XZ
0x14115d0b8 ?bottom@QRect@@QEBAHXZ
0x14115d0c0 ?right@QRect@@QEBAHXZ
0x14115d0c8 ?top@QRect@@QEBAHXZ
0x14115d0d0 ?left@QRect@@QEBAHXZ
0x14115d0d8 ??0QRect@@QEAA@XZ
0x14115d108 ??1QUrlQuery@@QEAA@XZ
0x14115d128 ?exec@QThread@@IEAAHXZ
0x14115d130 ?quit@QThread@@QEAAXXZ
0x14115d138 ??1QThread@@UEAA@XZ
0x14115d178 ??0QJsonObject@@QEAA@XZ
0x14115d1e8 ??0QJsonValue@@QEAA@_N@Z
0x14115d1f0 ?unlock@QMutex@@QEAAXXZ
0x14115d200 ?exists@QDir@@QEBA_NXZ
0x14115d250 ??1QEvent@@UEAA@XZ
0x14115d278 ??0QUrl@@QEAA@AEBV0@@Z
0x14115d2c0 ??1QTextStream@@UEAA@XZ
0x14115d2e0 ?close@QBuffer@@UEAAXXZ
0x14115d308 ??0QVariant@@QEAA@_J@Z
0x14115d3a8 ?clear@QString@@QEAAXXZ
0x14115d410 ?remove@QFile@@QEAA_NXZ
0x14115d438 ??1QSettings@@UEAA@XZ
0x14115d448 ??1QMutex@@QEAA@XZ
0x14115d450 ??0QMutex@@QEAA@XZ
0x14115d458 ?exists@QFile@@QEBA_NXZ
0x14115d478 ??0QVariant@@QEAA@PEBD@Z
0x14115d480 ??0QVariant@@QEAA@_N@Z
0x14115d490 ??1QEventLoop@@UEAA@XZ
0x14115d4f8 ??1QProcess@@UEAA@XZ
0x14115d508 ??1QMutexLocker@@QEAA@XZ
0x14115d510 ?lock@QMutex@@QEAAXXZ
0x14115d520 ??1QDir@@QEAA@XZ
0x14115d558 ??1QFileInfo@@QEAA@XZ
0x14115d560 ?size@QFile@@UEBA_JXZ
0x14115d570 ??6QDebug@@QEAAAEAV0@K@Z
0x14115d580 ??1QDateTime@@QEAA@XZ
0x14115d5b0 ??0QVariant@@QEAA@H@Z
0x14115d5c0 ??1QRegExp@@QEAA@XZ
0x14115d5e0 ??0QString@@QEAA@PEBD@Z
0x14115d668 ??0QChar@@QEAA@H@Z
0x14115d670 ?qrand@@YAHXZ
0x14115d680 ?sleep@QThread@@SAXK@Z
0x14115d698 ??1QFile@@UEAA@XZ
0x14115d6d0 ??1QVariant@@QEAA@XZ
0x14115d6d8 ??0QVariant@@QEAA@XZ
0x14115d6f8 ?height@QSize@@QEBAHXZ
0x14115d700 ?width@QSize@@QEBAHXZ
0x14115d718 ?load@QLibrary@@QEAA_NXZ
0x14115d728 ??1QLibrary@@UEAA@XZ
0x14115d740 ??1QBuffer@@UEAA@XZ
0x14115d780 ?pos@QIODevice@@UEBA_JXZ
0x14115d798 ??6QDebug@@QEAAAEAV0@I@Z
0x14115d7a0 ??6QDebug@@QEAAAEAV0@H@Z
0x14115d7c0 ??1QByteArray@@QEAA@XZ
0x14115d7e0 ??1QString@@QEAA@XZ
0x14115d800 ??M@YA_NAEBVQString@@0@Z
0x14115d870 ??1QDebug@@QEAA@XZ
0x14115d890 ??0QByteArray@@QEAA@XZ
0x14115d900 ??1QObject@@UEAA@XZ
0x14115d948 ?qBadAlloc@@YAXXZ
0x14115d978 ??0QJsonValue@@QEAA@H@Z
0x14115d988 ??1QJsonValue@@QEAA@XZ
0x14115d9b0 ??1QJsonObject@@QEAA@XZ
0x14115d9c8 ??0QString@@QEAA@XZ
0x14115d9d8 ??8QString@@QEBA_NPEBD@Z
0x14115da38 ??0QSemaphore@@QEAA@H@Z
0x14115da40 ??1QSemaphore@@QEAA@XZ
0x14115da70 ??1QUrl@@QEAA@XZ
0x14115da90 ??0QJsonArray@@QEAA@XZ
0x14115da98 ??1QJsonArray@@QEAA@XZ
0x14115db18 ??8@YA_NAEBVQString@@0@Z
0x14115db50 ?size@QListData@@QEBAHXZ
0x14115dbb0 ??6QDebug@@QEAAAEAV0@D@Z
库: MSVCP140.dll:
0x14115b900 _Thrd_detach
0x14115b958 _Mtx_init_in_situ
0x14115b960 _Mtx_destroy_in_situ
0x14115b968 _Mtx_lock
0x14115b970 _Mtx_unlock
0x14115b978 _Cnd_init_in_situ
0x14115b980 _Cnd_destroy_in_situ
0x14115b988 _Cnd_wait
0x14115b990 _Cnd_broadcast
0x14115ba38 _Cnd_timedwait
0x14115ba40 _Mtx_current_owns
0x14115ba48 _Query_perf_frequency
0x14115ba50 _Query_perf_counter
0x14115ba58 _Xtime_get_ticks
库: KERNEL32.dll:
0x14115b2a0 GetModuleHandleA
0x14115b2a8 VerifyVersionInfoW
0x14115b2b8 QueryPerformanceCounter
0x14115b2c0 VerSetConditionMask
0x14115b2c8 ReadDirectoryChangesW
0x14115b2d0 UnregisterWaitEx
0x14115b2d8 SetConsoleCtrlHandler
0x14115b2e0 WriteConsoleInputW
0x14115b2e8 SetConsoleTextAttribute
0x14115b2f0 SetConsoleCursorPosition
0x14115b300 SetConsoleCursorInfo
0x14115b308 GetConsoleCursorInfo
0x14115b320 WriteConsoleW
0x14115b328 ReadConsoleW
0x14115b330 ReadConsoleInputW
0x14115b340 CreateFileA
0x14115b348 FormatMessageA
0x14115b350 QueueUserWorkItem
0x14115b358 GetCurrentThread
0x14115b360 SwitchToThread
0x14115b368 GetNamedPipeHandleStateW
0x14115b370 PeekNamedPipe
0x14115b378 SetNamedPipeHandleState
0x14115b380 ConnectNamedPipe
0x14115b388 DuplicateHandle
0x14115b390 UnregisterWait
0x14115b3a0 TlsSetValue
0x14115b3a8 TlsGetValue
0x14115b3b0 GetThreadPriority
0x14115b3b8 ResumeThread
0x14115b3c0 TryEnterCriticalSection
0x14115b3c8 GetConsoleMode
0x14115b3d0 CreateIoCompletionPort
0x14115b3d8 CreateEventA
0x14115b3e0 GetProcessHeap
0x14115b3e8 HeapFree
0x14115b3f0 HeapAlloc
0x14115b3f8 CreateSemaphoreW
0x14115b400 ReleaseSemaphore
0x14115b408 ResetEvent
0x14115b418 VirtualFree
0x14115b420 VirtualAlloc
0x14115b428 WaitForMultipleObjects
0x14115b430 LeaveCriticalSection
0x14115b438 EnterCriticalSection
0x14115b440 SetFilePointer
0x14115b448 GetFileSize
0x14115b450 FindFirstFileW
0x14115b458 GetTempPathW
0x14115b460 SetFileAttributesW
0x14115b468 GetTempFileNameW
0x14115b470 GetFullPathNameW
0x14115b478 DeleteFileW
0x14115b480 GetCurrentDirectoryW
0x14115b488 WaitCommEvent
0x14115b490 SetCommTimeouts
0x14115b498 SetCommMask
0x14115b4a0 SetCommConfig
0x14115b4a8 GetCommState
0x14115b4b0 GetCommModemStatus
0x14115b4b8 SleepEx
0x14115b4c0 GetSystemDirectoryA
0x14115b4c8 MoveFileExA
0x14115b4d0 GetEnvironmentVariableA
0x14115b4d8 VerifyVersionInfoA
0x14115b4e0 GetFileSizeEx
0x14115b4e8 DebugBreak
0x14115b4f0 OpenThread
0x14115b4f8 IsDebuggerPresent
0x14115b500 OutputDebugStringA
0x14115b508 GetStartupInfoW
0x14115b510 CreateSemaphoreA
0x14115b518 GetProcessAffinityMask
0x14115b520 GetSystemTimeAsFileTime
0x14115b528 SetErrorMode
0x14115b530 GetCommConfig
0x14115b538 EscapeCommFunction
0x14115b540 ClearCommError
0x14115b548 CancelIo
0x14115b550 GetOverlappedResult
0x14115b558 FlushFileBuffers
0x14115b560 lstrcatW
0x14115b568 lstrcmpiW
0x14115b570 GetProcessIoCounters
0x14115b578 GetSystemInfo
0x14115b580 CreateFileMappingW
0x14115b588 ReleaseMutex
0x14115b598 GetExitCodeProcess
0x14115b5a0 CreateThread
0x14115b5a8 CreateEventW
0x14115b5b0 SetEvent
0x14115b5b8 GlobalSize
0x14115b5c0 CreateTimerQueueTimer
0x14115b5c8 CreateTimerQueue
0x14115b5d0 lstrlenW
0x14115b5d8 DeviceIoControl
0x14115b5e0 GetLogicalDriveStringsW
0x14115b5e8 QueueUserAPC
0x14115b5f0 LoadLibraryW
0x14115b5f8 GetCurrentThreadId
0x14115b608 GlobalFree
0x14115b610 GlobalAlloc
0x14115b618 SetSystemTime
0x14115b620 ProcessIdToSessionId
0x14115b628 GetCurrentProcessId
0x14115b630 GetCurrentProcess
0x14115b638 GetSystemTimes
0x14115b640 CreateProcessW
0x14115b648 Sleep
0x14115b650 GetNativeSystemInfo
0x14115b660 WakeAllConditionVariable
0x14115b668 SleepConditionVariableCS
0x14115b678 InitOnceBeginInitialize
0x14115b680 InitOnceComplete
0x14115b688 InitializeSRWLock
0x14115b690 ReleaseSRWLockExclusive
0x14115b698 ReleaseSRWLockShared
0x14115b6a0 AcquireSRWLockExclusive
0x14115b6a8 AcquireSRWLockShared
0x14115b6b0 InitOnceExecuteOnce
0x14115b6b8 RtlVirtualUnwind
0x14115b6c0 WakeConditionVariable
0x14115b6c8 WaitForSingleObjectEx
0x14115b6d0 RtlCaptureContext
0x14115b6d8 RtlLookupFunctionEntry
0x14115b6e0 UnhandledExceptionFilter
0x14115b6f0 InitializeSListHead
0x14115b6f8 GetModuleHandleW
0x14115b700 GlobalMemoryStatusEx
0x14115b708 OpenProcess
0x14115b710 TerminateProcess
0x14115b718 GetLastError
0x14115b720 CloseHandle
0x14115b728 GetDriveTypeW
0x14115b730 GetDiskFreeSpaceExW
0x14115b738 LoadLibraryA
0x14115b740 GetProcAddress
0x14115b748 GetVersionExW
0x14115b750 GetTickCount
0x14115b758 SetThreadPriority
0x14115b760 TlsAlloc
0x14115b768 GetShortPathNameW
0x14115b770 GetLongPathNameW
0x14115b778 GetEnvironmentVariableW
0x14115b780 GetLocalTime
0x14115b798 MultiByteToWideChar
0x14115b7a0 CreateMutexW
0x14115b7a8 GetCommandLineW
0x14115b7b0 QueryDosDeviceW
0x14115b7b8 UnmapViewOfFile
0x14115b7c0 MapViewOfFile
0x14115b7c8 OpenFileMappingW
0x14115b7d0 WideCharToMultiByte
0x14115b7d8 OutputDebugStringW
0x14115b7e0 lstrlenA
0x14115b7e8 FindNextFileW
0x14115b7f0 FindFirstFileExW
0x14115b7f8 FindClose
0x14115b800 GetModuleFileNameW
0x14115b808 CreateNamedPipeW
0x14115b810 FormatMessageW
0x14115b818 WaitForSingleObject
0x14115b820 WaitNamedPipeW
0x14115b828 CreatePipe
0x14115b830 SetLastError
0x14115b838 SetHandleInformation
0x14115b840 LocalFree
0x14115b848 LocalAlloc
0x14115b850 lstrcpyW
0x14115b858 GlobalLock
0x14115b860 GlobalUnlock
0x14115b868 WriteFile
0x14115b870 ReadFile
0x14115b878 GetStdHandle
0x14115b880 GetModuleHandleExA
0x14115b888 DeleteCriticalSection
0x14115b898 RaiseException
0x14115b8a0 FreeLibrary
0x14115b8a8 MoveFileExW
0x14115b8b0 SetFileTime
0x14115b8b8 CreateFileW
0x14115b8c0 Process32NextW
0x14115b8c8 Process32FirstW
0x14115b8d0 CreateToolhelp32Snapshot
库: dbghelp.dll:
0x141160840 MiniDumpWriteDump
库: VCRUNTIME140.dll:
0x14115ff58 __current_exception
0x14115ff60 longjmp
0x14115ff68 strrchr
0x14115ff70 memchr
0x14115ff78 wcsrchr
0x14115ff80 __C_specific_handler
0x14115ff88 strstr
0x14115ff90 strchr
0x14115ff98 memcmp
0x14115ffa0 memset
0x14115ffa8 __std_terminate
0x14115ffb0 _purecall
0x14115ffb8 __intrinsic_setjmp
0x14115ffc0 memmove
0x14115ffc8 memcpy
0x14115ffd0 _CxxThrowException
0x14115ffd8 __std_exception_destroy
0x14115ffe0 __std_exception_copy
库: VCRUNTIME140_1.dll:
0x14115fff8 __CxxFrameHandler4
库: api-ms-win-crt-runtime-l1-1-0.dll:
0x1411604f0 _crt_atexit
0x1411604f8 _cexit
0x141160500 _seh_filter_exe
0x141160508 strerror
0x141160510 _set_app_type
0x141160520 _initterm
0x141160528 _initterm_e
0x141160530 _exit
0x141160538 _c_exit
0x141160550 _initialize_onexit_table
0x141160558 _beginthreadex
0x141160560 terminate
0x141160568 _errno
0x141160570 _invoke_watson
0x141160588 abort
0x141160590 _configure_narrow_argv
0x141160598 _wassert
0x1411605a8 __sys_nerr
0x1411605b0 perror
0x1411605b8 exit
库: api-ms-win-crt-heap-l1-1-0.dll:
0x1411602b8 _aligned_free
0x1411602c0 _aligned_malloc
0x1411602c8 _aligned_realloc
0x1411602d0 malloc
0x1411602d8 realloc
0x1411602e0 _callnewh
0x1411602e8 free
0x1411602f0 _set_new_mode
0x1411602f8 calloc
库: api-ms-win-crt-stdio-l1-1-0.dll:
0x1411605c8 ftell
0x1411605d8 fseek
0x1411605e0 fgets
0x1411605e8 _close
0x1411605f0 _fileno
0x1411605f8 _isatty
0x141160600 fputc
0x141160608 __stdio_common_vfwprintf
0x141160610 __stdio_common_vsprintf
0x141160618 __stdio_common_vsscanf
0x141160620 _write
0x141160630 __stdio_common_vswprintf
0x141160638 _set_fmode
0x141160640 fflush
0x141160648 fclose
0x141160650 _ftelli64
0x141160658 _fseeki64
0x141160660 _wfopen
0x141160668 fopen
0x141160670 __acrt_iob_func
0x141160678 fputs
0x141160680 feof
0x141160688 __stdio_common_vfprintf
0x141160690 fread
0x141160698 __p__fmode
0x1411606a0 _get_osfhandle
0x1411606a8 fwrite
0x1411606b8 __stdio_common_vfscanf
0x1411606c0 __p__commode
库: api-ms-win-crt-time-l1-1-0.dll:
0x1411607c8 _localtime64_s
0x1411607d0 _ftime64
0x1411607d8 strftime
0x1411607e0 _localtime64
0x1411607e8 _time64
0x1411607f0 _gmtime64
0x1411607f8 clock
0x141160800 _gmtime64_s
0x141160808 _mktime64
库: api-ms-win-crt-multibyte-l1-1-0.dll:
0x1411604c0 _mbsnbcmp
0x1411604c8 _mbsnbcpy
0x1411604d0 _mbschr
0x1411604d8 _mbsicmp
0x1411604e0 _mbspbrk
库: api-ms-win-crt-math-l1-1-0.dll:
0x141160318 exp2f
0x141160320 cbrt
0x141160328 cbrtf
0x141160330 round
0x141160338 powf
0x141160340 log2f
0x141160348 fmax
0x141160350 nan
0x141160358 copysignf
0x141160360 log2
0x141160368 floorf
0x141160370 log10f
0x141160378 atan2f
0x141160380 tanhf
0x141160388 llrintf
0x141160390 rint
0x141160398 ceilf
0x1411603a0 expf
0x1411603a8 ceil
0x1411603b0 trunc
0x1411603b8 __setusermatherr
0x1411603c0 exp2
0x1411603c8 tanh
0x1411603d0 tan
0x1411603d8 sinh
0x1411603e0 fabs
0x1411603e8 exp
0x1411603f0 cosh
0x1411603f8 atan
0x141160400 lrintf
0x141160408 sqrt
0x141160410 log
0x141160418 cos
0x141160420 sin
0x141160428 asin
0x141160430 log10
0x141160438 acos
0x141160440 atan2
0x141160448 llrint
0x141160450 hypot
0x141160458 roundf
0x141160460 sqrtf
0x141160468 lrint
0x141160470 logf
0x141160478 atanf
0x141160480 expm1
0x141160488 pow
0x141160490 sinf
0x141160498 cosf
0x1411604a0 frexp
0x1411604a8 _dclass
0x1411604b0 floor
库: api-ms-win-crt-string-l1-1-0.dll:
0x1411606d0 strncmp
0x1411606d8 _wcsicmp
0x1411606e0 wcscpy_s
0x1411606e8 _wcsnicmp
0x1411606f0 wcscat_s
0x1411606f8 isxdigit
0x141160700 strcpy_s
0x141160708 isdigit
0x141160710 toupper
0x141160718 strspn
0x141160720 wcsncpy
0x141160728 strtok_s
0x141160730 _stricmp
0x141160738 _strnicmp
0x141160740 isalnum
0x141160748 isalpha
0x141160750 wcsncmp
0x141160758 isspace
0x141160760 tolower
0x141160768 strnlen
0x141160770 islower
0x141160778 isupper
0x141160780 strpbrk
0x141160788 _strdup
0x141160790 strncpy_s
0x141160798 wcsncpy_s
0x1411607a0 strcmp
0x1411607a8 _memicmp
0x1411607b0 strcspn
0x1411607b8 strncpy
库: api-ms-win-crt-convert-l1-1-0.dll:
0x141160220 strtol
0x141160228 wcstombs
0x141160230 strtod
0x141160238 strtoll
0x141160240 strtof
0x141160248 strtoul
0x141160250 atoi
0x141160258 strtoull
库: api-ms-win-crt-environment-l1-1-0.dll:
0x141160268 getenv
0x141160270 _putenv
库: api-ms-win-crt-utility-l1-1-0.dll:
0x141160818 rand
0x141160820 qsort
0x141160828 bsearch
0x141160830 srand
库: api-ms-win-crt-filesystem-l1-1-0.dll:
0x141160280 _unlink
0x141160288 _stat64
0x141160290 _access
0x141160298 _wrename
0x1411602a0 _wunlink
0x1411602a8 _fstat64
库: api-ms-win-crt-locale-l1-1-0.dll:
0x141160308 _configthreadlocale

导出

序列 地址 名称
1 0x1402baf70 FreeUPNPUrls
2 0x1402bafc0 GetUPNPUrls
3 0x1402bb370 UPNPIGD_IsConnected
4 0x1402b8340 UPNP_AddPortMapping
5 0x1402b8550 UPNP_DeletePortMapping
6 0x1402b86c0 UPNP_GetConnectionTypeInfo
7 0x1402b87f0 UPNP_GetExternalIPAddress
8 0x1402b8930 UPNP_GetGenericPortMappingEntry
9 0x1402bb3f0 UPNP_GetIGDFromUrl
10 0x1402b8c50 UPNP_GetLinkLayerMaxBitRates
11 0x1402b8df0 UPNP_GetPortMappingNumberOfEntries
12 0x1402b8f10 UPNP_GetSpecificPortMappingEntry
13 0x1402b9100 UPNP_GetStatusInfo
14 0x1402b9300 UPNP_GetTotalBytesReceived
15 0x1402b93c0 UPNP_GetTotalBytesSent
16 0x1402b9480 UPNP_GetTotalPacketsReceived
17 0x1402b9540 UPNP_GetTotalPacketsSent
18 0x1402bb4e0 UPNP_GetValidIGD
19 0x1402bb740 freeUPNPDevlist
20 0x1402bacb0 miniwget
21 0x1402bad50 miniwget_getaddr
22 0x1402bb770 parserootdesc
23 0x14049f680 qt_plugin_instance
24 0x14049f780 qt_plugin_query_metadata
25 0x1402b8230 strupnperror
26 0x1402bbc70 upnpDiscover
.text
`.rodata
`.rdata
@.data
.pdata
@.qtmetad@
P_RDATA
@.rsrc
@.reloc
没有防病毒引擎扫描信息!
下载PCAP包

访问主机纪录 (可点击查询WPING实时安全评级)

直接 IP 安全评级 地理位置
152.195.38.76 美国

TCP

源地址 源端口 目标地址 目标端口
192.168.122.202 49159 152.195.38.76 cacerts.digicert.com 80
192.168.122.202 49157 23.33.33.178 80

UDP

源地址 源端口 目标地址 目标端口
192.168.122.202 60917 192.168.122.1 53
192.168.122.202 63030 192.168.122.1 53

域名解析 (可点击查询WPING实时安全评级)

域名 安全评级 响应
cacerts.digicert.com CNAME fp2e7a.wpc.2be4.phicdn.net
CNAME fp2e7a.wpc.phicdn.net
A 152.195.38.76

TCP

源地址 源端口 目标地址 目标端口
192.168.122.202 49159 152.195.38.76 cacerts.digicert.com 80
192.168.122.202 49157 23.33.33.178 80

UDP

源地址 源端口 目标地址 目标端口
192.168.122.202 60917 192.168.122.1 53
192.168.122.202 63030 192.168.122.1 53

HTTP 请求

URI HTTP数据
URL专业沙箱检测 -> http://acroipm.adobe.com/11/rdr/CHS/win/nooem/none/message.zip 
GET /11/rdr/CHS/win/nooem/none/message.zip HTTP/1.1
Accept: */*
If-Modified-Since: Mon, 08 Nov 2017 08:44:36 GMT
User-Agent: IPM
Host: acroipm.adobe.com
Connection: Keep-Alive
Cache-Control: no-cache
URL专业沙箱检测 -> http://cacerts.digicert.com/DigiCertTrustedRootG4.crt 
GET /DigiCertTrustedRootG4.crt HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: cacerts.digicert.com

SMTP 流量

无SMTP流量.

IRC 流量

无IRC请求.

ICMP 流量

无ICMP流量.

CIF 报告

无 CIF 结果

网络警报

无警报

TLS

No TLS

Suricata HTTP

No Suricata HTTP

未发现网络提取文件
抱歉! 没有任何文件投放。
没有发现相似的分析.
HTML 总结报告
(需15-60分钟同步)		 下载

Processing ( 55.131 seconds )

  • 36.077 Static
  • 10.77 Suricata
  • 5.318 TargetInfo
  • 2.471 NetworkAnalysis
  • 0.403 peid
  • 0.066 config_decoder
  • 0.011 AnalysisInfo
  • 0.011 Strings
  • 0.002 BehaviorAnalysis
  • 0.002 Memory

Signatures ( 11.654 seconds )

  • 10.208 network_http
  • 1.369 proprietary_url_bl
  • 0.012 antiav_detectreg
  • 0.01 proprietary_domain_bl
  • 0.005 anomaly_persistence_autorun
  • 0.005 antiav_detectfile
  • 0.005 infostealer_ftp
  • 0.004 geodo_banking_trojan
  • 0.004 ransomware_extensions
  • 0.004 ransomware_files
  • 0.003 infostealer_bitcoin
  • 0.003 infostealer_im
  • 0.002 tinba_behavior
  • 0.002 antianalysis_detectreg
  • 0.002 antivm_vbox_files
  • 0.002 disables_browser_warn
  • 0.002 infostealer_mail
  • 0.002 network_torgateway
  • 0.001 rat_nanocore
  • 0.001 betabot_behavior
  • 0.001 cerber_behavior
  • 0.001 bot_drive
  • 0.001 bot_drive2
  • 0.001 browser_security
  • 0.001 modify_proxy
  • 0.001 proprietary_malicious_drop_executable_file_to_temp_folder
  • 0.001 proprietary_bad_drop
  • 0.001 network_cnc_http

Reporting ( 0.486 seconds )

  • 0.477 ReportHTMLSummary
  • 0.009 Malheur
Task ID 744329
Mongo ID 662b0814dc327b93ae415aad
Cuckoo release 1.4-Maldun