分析任务
| 分析类型 | 虚拟机标签 | 开始时间 | 结束时间 | 持续时间 |
|---|---|---|---|---|
| 文件 (Windows) | win7-sp1-x64 | 2016-09-06 14:38:41 | 2016-09-06 14:39:03 | 22 秒 |
魔盾分数
0.5
正常的
文件详细信息
| 文件名 | IMEDICTUPDATEUI.EXE |
|---|---|
| 文件大小 | 267632 字节 |
| 文件类型 | PE32+ executable (GUI) x86-64, for MS Windows |
| MD5 | cdb887cb2b9efd31e3735a1ecb0e2c9d |
| SHA1 | 597613448e278acd610995ced18df3ab223d5dca |
| SHA256 | 8cd47560bcd497af11d590c2bc72dffa4feb0b56087267e06dfb34a2b8c21fee |
| SHA512 | 74f584f2a2d82fa190aedf545c6600658f2f53c8a736813136d5581f6a5c2fc6e1c5c8dc9a5786dbda7c6adfdb5af8855b8eacc3fdac72c815bda2225a736e8f |
| CRC32 | 9E56DE59 |
| Ssdeep | 3072:56aXfwzNRkBl2yKvskfdY43O+U7ITzOAWe7LiCeeOWo8qmu+wS9H6XpDXcmHb9ot:Vfwz+l2yKvDdY43OETKkeeOdlS9H6TxC |
| Yara | 登录查看Yara规则 |
| 样本下载 提交漏报 |
登录查看威胁特征
运行截图
访问主机纪录 (可点击查询WPING实时安全评级)
无主机纪录.
域名解析 (可点击查询WPING实时安全评级)
无域名信息.
摘要
登录查看详细行为信息PE 信息
| 初始地址 | 0x140000000 |
|---|---|
| 入口地址 | 0x140013a28 |
| 声明校验值 | 0x0004a46f |
| 实际校验值 | 0x0004a46f |
| 最低操作系统版本要求 | 5.2 |
| PDB路径 | t:\ime\x64\ship\0\imedictupdateui.pdb\x00\imedictupdateui.exe\bbtopt\imedictupdateuiO.pdb |
| 编译时间 | 2010-01-21 16:16:08 |
| 图标 |  |
| 图标精确哈希值 | 302fb3ad0be913818f0e53d6ebdf00ec |
| 图标相似性哈希值 | be14047913ab6ebf264ad52502eb4fe1 |
版本信息
| LegalCopyright | |
|---|---|
| InternalName | |
| FileVersion | |
| CompanyName | |
| LegalTrademarks | |
| ProductName | |
| ProductVersion | |
| FileDescription | |
| OriginalFilename | |
| Translation |
微软证书验证 (Sign Tool)
| SHA1 | 时间戳 | 有效性 | 错误 |
|---|---|---|---|
| b36a02ef0d4bc04d72002b18378a883b9304a5e3 | Thu Jan 21 16:36:51 2010 | 无 |
| 证书链 | Certificate Chain 1 |
| 发行给 | Microsoft Root Authority |
| 发行人 | Microsoft Root Authority |
| 有效期 | Thu Dec 31 150000 2020 |
| SHA1 哈希 | a43489159a520f0d93d032ccaf37e7fe20a8b419 |
| 证书链 | Certificate Chain 2 |
| 发行给 | Microsoft Code Signing PCA |
| 发行人 | Microsoft Root Authority |
| 有效期 | Sat Aug 25 150000 2012 |
| SHA1 哈希 | 3036e3b25b88a55b86fc90e6e9eaad5081445166 |
| 证书链 | Certificate Chain 3 |
| 发行给 | Microsoft Corporation |
| 发行人 | Microsoft Code Signing PCA |
| 有效期 | Tue Mar 08 064029 2011 |
| SHA1 哈希 | 9617094a1cfb59ae7c1f7dfdb6739e4e7c40508f |
| 证书链 | Timestamp Chain 1 |
| 发行给 | Microsoft Root Authority |
| 发行人 | Microsoft Root Authority |
| 有效期 | Thu Dec 31 150000 2020 |
| SHA1 哈希 | a43489159a520f0d93d032ccaf37e7fe20a8b419 |
| 证书链 | Timestamp Chain 2 |
| 发行给 | Microsoft Timestamping PCA |
| 发行人 | Microsoft Root Authority |
| 有效期 | Sun Sep 15 150000 2019 |
| SHA1 哈希 | 3ea99a60058275e0ed83b892a909449f8c33b245 |
| 证书链 | Timestamp Chain 3 |
| 发行给 | Microsoft Time-Stamp Service |
| 发行人 | Microsoft Timestamping PCA |
| 有效期 | Fri Jul 26 031115 2013 |
| SHA1 哈希 | 4d6f357f0e6434da97b1afc540fb6fdd0e85a89f |
PE 数据组成
| 名称 | 虚拟地址 | 虚拟大小 | 原始数据大小 | 特征 | 熵(Entropy) |
|---|---|---|---|---|---|
| .text | 0x00001000 | 0x0001b0db | 0x0001b200 | IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ | 6.13 |
| .rdata | 0x0001d000 | 0x0000bb88 | 0x0000bc00 | IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ | 4.23 |
| .data | 0x00029000 | 0x000026b8 | 0x00001600 | IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE | 4.45 |
| .pdata | 0x0002c000 | 0x000021fc | 0x00002200 | IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ | 5.14 |
| .rsrc | 0x0002f000 | 0x00014ef0 | 0x00015000 | IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ | 4.82 |
| .reloc | 0x00044000 | 0x00000268 | 0x00000400 | IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ | 3.96 |
覆盖
| 偏移量 | 0x0003fe00 |
| 大小 | 0x00001770 |
资源
| 名称 | 偏移量 | 大小 | 语言 | 子语言 | 熵(Entropy) | 文件类型 |
|---|---|---|---|---|---|---|
| RT_ICON | 0x0003bff8 | 0x00000468 | LANG_NEUTRAL | SUBLANG_DEFAULT | 4.35 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x0003bff8 | 0x00000468 | LANG_NEUTRAL | SUBLANG_DEFAULT | 4.35 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x0003bff8 | 0x00000468 | LANG_NEUTRAL | SUBLANG_DEFAULT | 4.35 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x0003bff8 | 0x00000468 | LANG_NEUTRAL | SUBLANG_DEFAULT | 4.35 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x0003bff8 | 0x00000468 | LANG_NEUTRAL | SUBLANG_DEFAULT | 4.35 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x0003bff8 | 0x00000468 | LANG_NEUTRAL | SUBLANG_DEFAULT | 4.35 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x0003bff8 | 0x00000468 | LANG_NEUTRAL | SUBLANG_DEFAULT | 4.35 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x0003bff8 | 0x00000468 | LANG_NEUTRAL | SUBLANG_DEFAULT | 4.35 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x0003bff8 | 0x00000468 | LANG_NEUTRAL | SUBLANG_DEFAULT | 4.35 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x0003bff8 | 0x00000468 | LANG_NEUTRAL | SUBLANG_DEFAULT | 4.35 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x0003bff8 | 0x00000468 | LANG_NEUTRAL | SUBLANG_DEFAULT | 4.35 | GLS_BINARY_LSB_FIRST |
| RT_ICON | 0x0003bff8 | 0x00000468 | LANG_NEUTRAL | SUBLANG_DEFAULT | 4.35 | GLS_BINARY_LSB_FIRST |
| RT_DIALOG | 0x0003ce80 | 0x00000100 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 3.07 | data |
| RT_DIALOG | 0x0003ce80 | 0x00000100 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 3.07 | data |
| RT_DIALOG | 0x0003ce80 | 0x00000100 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 3.07 | data |
| RT_DIALOG | 0x0003ce80 | 0x00000100 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 3.07 | data |
| RT_DIALOG | 0x0003ce80 | 0x00000100 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 3.07 | data |
| RT_DIALOG | 0x0003ce80 | 0x00000100 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 3.07 | data |
| RT_DIALOG | 0x0003ce80 | 0x00000100 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 3.07 | data |
| RT_DIALOG | 0x0003ce80 | 0x00000100 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 3.07 | data |
| RT_DIALOG | 0x0003ce80 | 0x00000100 | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 3.07 | data |
| RT_STRING | 0x0004356c | 0x0000011e | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.35 | data |
| RT_STRING | 0x0004356c | 0x0000011e | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.35 | data |
| RT_STRING | 0x0004356c | 0x0000011e | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.35 | data |
| RT_STRING | 0x0004356c | 0x0000011e | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.35 | data |
| RT_STRING | 0x0004356c | 0x0000011e | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.35 | data |
| RT_STRING | 0x0004356c | 0x0000011e | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.35 | data |
| RT_STRING | 0x0004356c | 0x0000011e | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.35 | data |
| RT_STRING | 0x0004356c | 0x0000011e | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.35 | data |
| RT_STRING | 0x0004356c | 0x0000011e | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.35 | data |
| RT_STRING | 0x0004356c | 0x0000011e | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.35 | data |
| RT_STRING | 0x0004356c | 0x0000011e | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.35 | data |
| RT_STRING | 0x0004356c | 0x0000011e | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.35 | data |
| RT_STRING | 0x0004356c | 0x0000011e | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.35 | data |
| RT_STRING | 0x0004356c | 0x0000011e | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.35 | data |
| RT_STRING | 0x0004356c | 0x0000011e | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.35 | data |
| RT_STRING | 0x0004356c | 0x0000011e | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.35 | data |
| RT_STRING | 0x0004356c | 0x0000011e | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.35 | data |
| RT_STRING | 0x0004356c | 0x0000011e | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.35 | data |
| RT_STRING | 0x0004356c | 0x0000011e | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.35 | data |
| RT_STRING | 0x0004356c | 0x0000011e | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.35 | data |
| RT_STRING | 0x0004356c | 0x0000011e | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.35 | data |
| RT_STRING | 0x0004356c | 0x0000011e | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.35 | data |
| RT_STRING | 0x0004356c | 0x0000011e | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.35 | data |
| RT_STRING | 0x0004356c | 0x0000011e | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.35 | data |
| RT_STRING | 0x0004356c | 0x0000011e | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.35 | data |
| RT_STRING | 0x0004356c | 0x0000011e | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.35 | data |
| RT_STRING | 0x0004356c | 0x0000011e | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.35 | data |
| RT_STRING | 0x0004356c | 0x0000011e | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.35 | data |
| RT_STRING | 0x0004356c | 0x0000011e | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.35 | data |
| RT_STRING | 0x0004356c | 0x0000011e | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.35 | data |
| RT_STRING | 0x0004356c | 0x0000011e | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.35 | data |
| RT_STRING | 0x0004356c | 0x0000011e | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.35 | data |
| RT_STRING | 0x0004356c | 0x0000011e | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.35 | data |
| RT_STRING | 0x0004356c | 0x0000011e | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.35 | data |
| RT_STRING | 0x0004356c | 0x0000011e | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.35 | data |
| RT_STRING | 0x0004356c | 0x0000011e | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.35 | data |
| RT_STRING | 0x0004356c | 0x0000011e | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.35 | data |
| RT_STRING | 0x0004356c | 0x0000011e | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.35 | data |
| RT_STRING | 0x0004356c | 0x0000011e | LANG_CHINESE | SUBLANG_CHINESE_SIMPLIFIED | 5.35 | data |
| RT_GROUP_ICON | 0x000436e8 | 0x0000005a | LANG_NEUTRAL | SUBLANG_DEFAULT | 2.95 | MS Windows icon resource - 6 icons, 48x48, 256-colors |
| RT_GROUP_ICON | 0x000436e8 | 0x0000005a | LANG_NEUTRAL | SUBLANG_DEFAULT | 2.95 | MS Windows icon resource - 6 icons, 48x48, 256-colors |
| RT_VERSION | 0x00043744 | 0x000004a8 | LANG_ENGLISH | SUBLANG_ENGLISH_US | 3.50 | data |
| RT_MANIFEST | 0x00043bec | 0x00000302 | LANG_NEUTRAL | SUBLANG_DEFAULT | 5.06 | ASCII text, with very long lines, with no line terminators |
导入
库: KERNEL32.dll:
• 0x14001d000 GlobalFree
• 0x14001d008 GetModuleHandleW
• 0x14001d010 GetProcAddress
• 0x14001d018 GetSystemDefaultLangID
• 0x14001d020 CreateThread
• 0x14001d028 WaitForMultipleObjects
• 0x14001d030 ReleaseMutex
• 0x14001d038 WaitForSingleObject
• 0x14001d040 CreateMutexW
• 0x14001d048 SetEvent
• 0x14001d050 CreateEventW
• 0x14001d058 SizeofResource
• 0x14001d060 GetCommandLineW
• 0x14001d068 LocalFree
• 0x14001d070 GetVersionExW
• 0x14001d078 GetSystemDefaultLCID
• 0x14001d080 CompareStringW
• 0x14001d088 GetModuleFileNameW
• 0x14001d090 CreateProcessW
• 0x14001d098 CloseHandle
• 0x14001d0a0 ExpandEnvironmentStringsW
• 0x14001d0a8 GetLastError
• 0x14001d0b0 lstrlenW
• 0x14001d0b8 GetSystemTime
• 0x14001d0c0 SystemTimeToFileTime
• 0x14001d0c8 FindResourceExW
• 0x14001d0d0 LoadResource
• 0x14001d0d8 LockResource
• 0x14001d0e0 QueryPerformanceCounter
• 0x14001d0e8 HeapSize
• 0x14001d0f0 HeapReAlloc
• 0x14001d0f8 HeapDestroy
• 0x14001d100 RtlCaptureContext
• 0x14001d108 RtlLookupFunctionEntry
• 0x14001d110 RtlVirtualUnwind
• 0x14001d118 IsDebuggerPresent
• 0x14001d120 SetUnhandledExceptionFilter
• 0x14001d128 UnhandledExceptionFilter
• 0x14001d130 GetCurrentProcess
• 0x14001d138 TerminateProcess
• 0x14001d140 GetStartupInfoW
• 0x14001d148 Sleep
• 0x14001d150 LoadLibraryW
• 0x14001d158 HeapAlloc
• 0x14001d160 HeapFree
• 0x14001d168 GetProcessHeap
• 0x14001d170 GetSystemTimeAsFileTime
• 0x14001d178 GetCurrentProcessId
• 0x14001d180 GetCurrentThreadId
• 0x14001d188 GetTickCount
• 0x14001d190 VirtualProtect
库: USER32.dll:
• 0x14001d1a0 LoadStringW
• 0x14001d1a8 SetWindowTextW
• 0x14001d1b0 PostMessageW
• 0x14001d1b8 GetDlgItem
• 0x14001d1c0 GetClientRect
• 0x14001d1c8 EnableWindow
• 0x14001d1d0 SetDlgItemTextW
• 0x14001d1d8 CreateDialogIndirectParamW
• 0x14001d1e0 DialogBoxIndirectParamW
• 0x14001d1e8 GetWindowLongPtrW
• 0x14001d1f0 SetWindowLongPtrW
• 0x14001d1f8 GetParent
• 0x14001d200 GetWindowRect
• 0x14001d208 SetWindowPos
• 0x14001d210 DestroyWindow
• 0x14001d218 EndDialog
• 0x14001d220 MessageBoxW
• 0x14001d228 IsWindow
• 0x14001d230 SendMessageW
库: ADVAPI32.dll:
• 0x14001d240 ReportEventW
• 0x14001d248 ControlService
• 0x14001d250 OpenSCManagerW
• 0x14001d258 OpenServiceW
• 0x14001d260 StartServiceW
• 0x14001d268 CloseServiceHandle
• 0x14001d270 RegEnumValueW
• 0x14001d278 RegEnumKeyExW
• 0x14001d280 RegCloseKey
• 0x14001d288 RegQueryValueExW
• 0x14001d290 RegSetValueExW
• 0x14001d298 RegCreateKeyExW
• 0x14001d2a0 RegOpenKeyExW
• 0x14001d2a8 DeregisterEventSource
• 0x14001d2b0 RegisterEventSourceW
• 0x14001d2b8 OpenProcessToken
• 0x14001d2c0 GetSidSubAuthority
• 0x14001d2c8 GetSidSubAuthorityCount
• 0x14001d2d0 IsValidSid
• 0x14001d2d8 GetTokenInformation
• 0x14001d2e0 ConvertStringSecurityDescriptorToSecurityDescriptorW
• 0x14001d2e8 ConvertSidToStringSidW
库: ole32.dll:
• 0x14001d2f8 CoInitializeEx
• 0x14001d300 CLSIDFromProgID
• 0x14001d308 CoCreateInstance
• 0x14001d310 CoUninitialize
库: SHLWAPI.dll:
• 0x14001d360 SHDeleteKeyW
库: MSVCR90.dll:
• 0x14001d370 exit
• 0x14001d378 _wcmdln
• 0x14001d380 _initterm
• 0x14001d388 _initterm_e
• 0x14001d390 _configthreadlocale
• 0x14001d398 __setusermatherr
• 0x14001d3a0 _commode
• 0x14001d3a8 _fmode
• 0x14001d3b0 _encode_pointer
• 0x14001d3b8 __set_app_type
• 0x14001d3c0 __crt_debugger_hook
• 0x14001d3c8 ?terminate@@YAXXZ
• 0x14001d3d0 _unlock
• 0x14001d3d8 __dllonexit
• 0x14001d3e0 _lock
• 0x14001d3e8 _onexit
• 0x14001d3f0 _decode_pointer
• 0x14001d3f8 ?_type_info_dtor_internal_method@type_info@@QEAAXXZ
• 0x14001d400 _cexit
• 0x14001d408 _exit
• 0x14001d410 _XcptFilter
• 0x14001d418 __C_specific_handler
• 0x14001d420 __wgetmainargs
• 0x14001d428 memmove_s
• 0x14001d430 _wcstoi64
• 0x14001d438 _wtoi
• 0x14001d440 ??_U@YAPEAX_K@Z
• 0x14001d448 ??_V@YAXPEAX@Z
• 0x14001d450 _vsnwprintf_s
• 0x14001d458 wcsncat_s
• 0x14001d460 ??0exception@std@@QEAA@AEBV01@@Z
• 0x14001d468 _invalid_parameter_noinfo
• 0x14001d470 ??0exception@std@@QEAA@XZ
• 0x14001d478 ??1exception@std@@UEAA@XZ
• 0x14001d480 ?what@exception@std@@UEBAPEBDXZ
• 0x14001d488 ??0exception@std@@QEAA@AEBQEBD@Z
• 0x14001d490 memset
• 0x14001d498 wcsncpy_s
• 0x14001d4a0 ??2@YAPEAX_K@Z
• 0x14001d4a8 vswprintf_s
• 0x14001d4b0 _vscwprintf
• 0x14001d4b8 _CxxThrowException
• 0x14001d4c0 memcpy_s
• 0x14001d4c8 __CxxFrameHandler3
• 0x14001d4d0 ??3@YAXPEAX@Z
• 0x14001d4d8 _amsg_exit
库: MSVCP90.dll:
• 0x14001d500 ??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NAEBV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
• 0x14001d518 ??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QEAAAEAV01@AEBV01@@Z
• 0x14001d548 ?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QEBA_KAEBV12@_K@Z
.text
`.rdata
@.data
.pdata
@.rsrc
@.reloc
t:\ime\x64\ship\0\imedictupdateui.pdb
\imedictupdateui.exe\bbtopt\imedictupdateuiO.pdb
vector<T> too long
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
+HeapSetInformation
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
MSVCP90.dll
MSVCR90.dll
SHLWAPI.dll
SHELL32.dll
OLEAUT32.dll
ole32.dll
ADVAPI32.dll
USER32.dll
KERNEL32.dll
GlobalFree
GetModuleHandleW
GetProcAddress
GetSystemDefaultLangID
CreateThread
WaitForMultipleObjects
ReleaseMutex
WaitForSingleObject
CreateMutexW
SetEvent
CreateEventW
SizeofResource
GetCommandLineW
LocalFree
GetVersionExW
GetSystemDefaultLCID
CompareStringW
GetModuleFileNameW
CreateProcessW
CloseHandle
ExpandEnvironmentStringsW
GetLastError
lstrlenW
GetSystemTime
SystemTimeToFileTime
FindResourceExW
LoadResource
LockResource
QueryPerformanceCounter
HeapSize
HeapReAlloc
HeapDestroy
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
Sleep
LoadLibraryW
HeapAlloc
HeapFree
GetProcessHeap
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
VirtualProtect
LoadStringW
SetWindowTextW
PostMessageW
GetDlgItem
GetClientRect
EnableWindow
SetDlgItemTextW
CreateDialogIndirectParamW
DialogBoxIndirectParamW
GetWindowLongPtrW
SetWindowLongPtrW
GetParent
GetWindowRect
SetWindowPos
DestroyWindow
EndDialog
MessageBoxW
IsWindow
SendMessageW
ReportEventW
ControlService
OpenSCManagerW
OpenServiceW
StartServiceW
CloseServiceHandle
RegEnumValueW
RegEnumKeyExW
RegCloseKey
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
DeregisterEventSource
RegisterEventSourceW
OpenProcessToken
GetSidSubAuthority
GetSidSubAuthorityCount
IsValidSid
GetTokenInformation
ConvertStringSecurityDescriptorToSecurityDescriptorW
ConvertSidToStringSidW
CoInitializeEx
CLSIDFromProgID
CoCreateInstance
CoUninitialize
CommandLineToArgvW
ShellExecuteW
SHDeleteKeyW
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_commode
_fmode
_encode_pointer
__set_app_type
__crt_debugger_hook
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
_cexit
_exit
_XcptFilter
__C_specific_handler
__wgetmainargs
memmove_s
_wcstoi64
_wtoi
??_U@YAPEAX_K@Z
??_V@YAXPEAX@Z
_vsnwprintf_s
wcsncat_s
??0exception@std@@QEAA@AEBV01@@Z
_invalid_parameter_noinfo
??0exception@std@@QEAA@XZ
??1exception@std@@UEAA@XZ
?what@exception@std@@UEBAPEBDXZ
??0exception@std@@QEAA@AEBQEBD@Z
memset
wcsncpy_s
??2@YAPEAX_K@Z
vswprintf_s
_vscwprintf
_CxxThrowException
memcpy_s
__CxxFrameHandler3
??3@YAXPEAX@Z
_amsg_exit
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2_KB
?swap@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QEAAXAEAV12@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QEAA@AEBV01@@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NAEBV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NAEBV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PEB_W@Z
?length@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QEBA_KXZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QEAAAEAV01@AEBV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QEAA@PEBD@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QEBAPEBDXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QEAA@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QEAA@AEBV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QEAA@PEB_W@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QEBA_KAEBV12@_K@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NAEBV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QEBAPEB_WXZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QEAA@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QEAAAEAV01@PEB_W@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QEAA@XZ
.?AVCDialog@@
.?AVCAtlException@ATL@@
.?AV?$crefcountobj@VCThreadCommand@@@Comutil@@
.?AV?$comptr@VCDictUpdate@@@Comutil@@
.?AV?$comptr@VCDictUpdateItem@@@Comutil@@
.?AVCThreadCommand@@
.?AV?$comptr@VCThreadCommand@@@Comutil@@
.?AVCThreadCmdInstall@@
.?AVCDlgProgressInstall@@
.?AVCThreadCmdSearch@@
.?AVCDlgProgressSearch@@
.?AVCDlgSelectUpdates@@
.?AVbad_alloc@std@@
.?AVexception@std@@
.?AVlogic_error@std@@
.?AV?$comptr@UIComponentPathMgr@@@Comutil@@
.?AVlength_error@std@@
.?AV?$comlist_elemment@VCDictUpdateItem@@@Comutil@@
.?AV?$comlist_elemment@VCDictItemDicts@@@Comutil@@
.?AV?$comlist_elemment@VCDictItemMUNewDicts@@@Comutil@@
.?AVCRegistry@Dictupdatepriv@@
.?AV?$crefcountobj@VCDictItemDicts@@@Comutil@@
.?AV?$crefcountobj@VCDictItemMUNewDicts@@@Comutil@@
.?AV?$comptr@UIImeNotificationUI@@@Comutil@@
.?AV?$comptr@UIImeNotificationIcon@@@Comutil@@
.?AV?$comptr@UIImeNotificationMessage@@@Comutil@@
.?AV?$comptr@UIImeNuiCmdCloseIcon@@@Comutil@@
.?AV?$comptr@UIImeNuiCmdExecProcess@@@Comutil@@
.?AV?$comptr@VCDictItemDicts@@@Comutil@@
.?AV?$comptr@VCDictItemMUNewDicts@@@Comutil@@
.?AVCBStr@Comutil@@
.?AVCDictItemDicts@@
.?AVCDictItemMUNewDicts@@
.?AV?$CDictList@VCDictItemDicts@@@@
.?AV?$comlist@VCDictItemDicts@@@Comutil@@
.?AV?$vector@V?$comlist_elemment@VCDictItemDicts@@@Comutil@@V?$allocator@V?$comlist_elemment@VCDictItemDicts@@@Comutil@@@std@@@std@@
.?AV?$_Vector_val@V?$comlist_elemment@VCDictItemDicts@@@Comutil@@V?$allocator@V?$comlist_elemment@VCDictItemDicts@@@Comutil@@@std@@@std@@
.?AV?$_Container_base_aux_alloc_real@V?$allocator@V?$comlist_elemment@VCDictItemDicts@@@Comutil@@@std@@@std@@
.?AV_Container_base_aux@std@@
.?AV?$CDictList@VCDictItemMUNewDicts@@@@
.?AV?$comlist@VCDictItemMUNewDicts@@@Comutil@@
.?AV?$vector@V?$comlist_elemment@VCDictItemMUNewDicts@@@Comutil@@V?$allocator@V?$comlist_elemment@VCDictItemMUNewDicts@@@Comutil@@@std@@@std@@
.?AV?$_Vector_val@V?$comlist_elemment@VCDictItemMUNewDicts@@@Comutil@@V?$allocator@V?$comlist_elemment@VCDictItemMUNewDicts@@@Comutil@@@std@@@std@@
.?AV?$_Container_base_aux_alloc_real@V?$allocator@V?$comlist_elemment@VCDictItemMUNewDicts@@@Comutil@@@std@@@std@@
.?AVCEvent@Dictupdatepriv@@
.?AVCMutex@Dictupdatepriv@@
.?AVCThreadCommandHandler@@
.?AVtype_info@@
.?AV_com_error@@
.?AV?$crefcountobj@VCDictUpdate@@@Comutil@@
.?AV?$comlist_elemment@VCDictItemMUUpdateFailure@@@Comutil@@
.?AV?$crefcountobj@VCDictItemMUUpdateFailure@@@Comutil@@
.?AV?$comptr@UIDownloadResult@@@Comutil@@
.?AV?$comptr@UIInstallationResult@@@Comutil@@
.?AV?$comptr@UIUpdate@@@Comutil@@
.?AV?$comptr@UIUpdateCollection@@@Comutil@@
.?AV?$comptr@UISearchResult@@@Comutil@@
.?AV?$comptr@UIUpdateDownloader@@@Comutil@@
.?AV?$comptr@UIUpdateInstaller@@@Comutil@@
.?AV?$comptr@UIUpdateSearcher@@@Comutil@@
.?AV?$comptr@UIUpdateSession@@@Comutil@@
.?AV?$comptr@VCDictItemMUUpdateFailure@@@Comutil@@
.?AVCDictItemMUUpdateFailure@@
.?AV?$CDictList@VCDictItemMUUpdateFailure@@@@
.?AV?$comlist@VCDictItemMUUpdateFailure@@@Comutil@@
.?AV?$vector@V?$comlist_elemment@VCDictItemMUUpdateFailure@@@Comutil@@V?$allocator@V?$comlist_elemment@VCDictItemMUUpdateFailure@@@Comutil@@@std@@@std@@
.?AV?$_Vector_val@V?$comlist_elemment@VCDictItemMUUpdateFailure@@@Comutil@@V?$allocator@V?$comlist_elemment@VCDictItemMUUpdateFailure@@@Comutil@@@std@@@std@@
.?AV?$_Container_base_aux_alloc_real@V?$allocator@V?$comlist_elemment@VCDictItemMUUpdateFailure@@@Comutil@@@std@@@std@@
.?AVCDictUpdate@@
.?AVCDictUpdateMgr@@
.?AV?$comptr@UIAutomaticUpdatesSettings@@@Comutil@@
.?AV?$comptr@UIAutomaticUpdates@@@Comutil@@
.?AV?$comptr@UIUpdateService@@@Comutil@@
.?AV?$comptr@UIUpdateServiceCollection@@@Comutil@@
.?AV?$comptr@UIUpdateServiceManager@@@Comutil@@
.?AV?$crefcountobj@VCDictUpdateItem@@@Comutil@@
.?AV?$comptr@UIUpdateIdentity@@@Comutil@@
.?AVCDictUpdateItem@@
.?AVCDictUpdateSettings@@
B<)sRIB!
B<)sRIB!
0W0f0D0~0Y0&
0f0D0~0Y0&
0-N& 2
vQ-N%
vQ-N%
vQ-N%
vQ-N%
0k0o0
NY0P0
NY0P0
0~0W0_0
0~0W0_0
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"><dependency><dependentAssembly><assemblyIdentity type="win32" name="Microsoft.VC90.CRT" version="9.0.30729.1" processorArchitecture="amd64" publicKeyToken="1fc8b3b9a1e18e3b"></assemblyIdentity></dependentAssembly></dependency><dependency><dependentAssembly><assemblyIdentity type="win32" name="Microsoft.Windows.Common-Controls" version="6.0.0.0" publicKeyToken="6595b64144ccf1df" language="*" processorArchitecture="*"></assemblyIdentity></dependentAssembly></dependency><trustInfo xmlns="urn:schemas-microsoft-com:asm.v3"><security><requestedPrivileges><requestedExecutionLevel level="asInvoker" uiAccess="false"></requestedExecutionLevel></requestedPrivileges></security></trustInfo></assembly>PA
zw9gj
CLSID
IsInstalled=0 and Type='Software' and CategoryIDs contains '8508af86-b85e-450f-a518-3b6f8f204eea'
Version
UseWUServer
Software\Policies\Microsoft\Windows\WindowsUpdate\AU
Software\Policies\Microsoft\Windows\WindowsUpdate
NoWindowsUpdate
Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
DisableWindowsUpdateAccess
Software\Microsoft\Windows\CurrentVersion\Policies\WindowsUpdate
"%s" %s
/f mr
IMSCDicCompiler.exe
"%s" %s %d
verifiedremoval
Software\Microsoft\IMEJP\14.0\DictionaryUpdate\Dicts
Software\Microsoft\IMESC14\Dicts
InstalledUpdatesNum
InstalledDicsNum
AlreadyCheck
install
Software\Microsoft\IMEJP\14.0\DictionaryUpdate\MUNewDictsList
Software\Microsoft\IMESC14\MUNewDictsList
/parentwnd
-parentwnd
IsInstalled=0 and Type='Software' and CategoryIDs contains 'f76b7f51-b762-4fd0-a35c-e04f582acf42'
KERNEL32.DLL
ImeCommonAPIClassFactory%04d.%d
stopservice
startservice
update
check
enableau
kernel32.dll
InsecureQI
Software\Microsoft\Security
Software\Policies\Microsoft\Security
CLSIDInterfaceTest
%s %s %s
%d.%d.%d.%d
Wversion.dll
InprocServer32
{%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x}
EAIME
Software\Microsoft\IMEJP\14.0\DictionaryUpdate\MUUpdateFailureList
JPNIME2010
Software\Microsoft\IMESC14\MUUpdateFailureList
CHSIME2010
7971f918-a847-4430-9279-4a52d1efe18d
Global\bbb7aaf0-7c54-4fe4-93e6-fdd8d72def20
Software\Microsoft\IMEJP\14.0\DictionaryUpdate
Software\Microsoft\IMESC14
Global\f7bb6720-0930-4871-b700-e14b6e78e646
Global\acb7b167-c405-4d40-a060-31812cffb7fc
AutoDicUpdate
LastCheckTimeU
LastCheckTimeN
CheckIntervalNEX
EnableLUA
Software\Microsoft\Windows\CurrentVersion\Policies\System
runas
O:%sD:(A;;GA;;;BA)(A;;GA;;;SY)(A;;GA;;;%s)S:(ML;;0x1;;;ME)
O:%sD:(A;;GA;;;BA)(A;;GA;;;SY)(A;;GA;;;%s)S:(ML;;0x1;;;LW)
O:%sD:(A;;GA;;;BA)(A;;GA;;;SY)(A;;GA;;;%s)S:(ML;;0x1;;;HI)
O:%sD:(A;;GA;;;BA)(A;;GA;;;SY)(A;;GA;;;%s)(A;;GA;;;RC)
ImeDictUpdateService
Microsoft IME
MS Shell Dlg
The following dictionaries found on Microsoft Update are not installed into your computer, you can select to install them:
SysListView32
&Install...
Cancel
Microsoft IME
MS Shell Dlg
SysListView32
(&I)...
Microsoft IME
MS Shell Dlg
SysListView32
Microsoft IME
MS Shell Dlg
msctls_progress32
Cancel
Microsoft IME
MS Shell Dlg
msctls_progress32
Microsoft IME
MS Shell Dlg
msctls_progress32
Microsoft IME
MS Shell Dlg
msctls_progress32
Cancel
Microsoft IME
MS Shell Dlg
msctls_progress32
Microsoft IME
MS Shell Dlg
msctls_progress32
+Microsoft Office IME 2010 Dictionary Update+Microsoft Pinyin IME 2010 Dictionary Update+Microsoft Office IME 2010 Dictionary Update1Microsoft Pinyin IME 2010 Dictionary Installation+Microsoft Office IME 2010 Dictionary Update/Microsoft Pinyin IME 2010 Dictionary Management
/Microsoft Pinyin IME 2010 Dictionary Management
%d new dictionaries are found1No new dictionaries are available for your system
Installing new dictionaries...
'%d/%d dictionary is being downloaded...
Installation finished! %sOInstallation finished! The following %d dictionary failed to be installed. %s%sQInstallation finished! The following %d dictionaries failed to be installed. %s%s
Please try again from Dictionary Update dialog. Dictionary Update dialog is launched from other tab on Microsoft Office IME 2010 properties:
...
Please try again from Dictionary Update dialog. Dictionary Update dialog is launched from other tab on Microsoft Office IME 2010 properties:
...'. View details in Dictionary Management
&View details in Dictionary Management.
...'. View details in Dictionary Management
(. View details in Dictionary Management.
...
...HDictionary update finished! %d dictionary was updated successfully. %s%sKDictionary update finished! %d dictionaries were updated successfully. %s%slDictionary update finished! %d dictionary was updated successfully, but the following %d update failed. %s%smDictionary update finished! %d dictionary was updated successfully, but the following %d updates failed. %s%s
oDictionary update finished! %d dictionaries were updated successfully, but the following %d update failed. %s%spDictionary update finished! %d dictionaries were updated successfully, but the following %d updates failed. %s%s
Please try again from Dictionary Update dialog. Dictionary Update dialog is launched from other tab on Microsoft Office IME 2010 properties:&View details in Dictionary Management:WView details on the Dictionary/Auto-tuning tab on Microsoft Office IME 2010 properties:
:WView details on the Dictionary/Auto-tuning tab on Microsoft Office IME 2010 properties:
Microsoft Pinyin IME 2010 updates dictionaries through Microsoft Update, but only if Microsoft Update is enabled, then you can come back here to update dictionaries. Do you want to enable Microsoft Update now?,http://go.microsoft.com/fwlink/?linkid=40747
Microsoft Pinyin IME 2010 updates dictionaries through Microsoft Update, but only if Microsoft Update is enabled, then you can come back here to update dictionaries. Do you want to enable Microsoft Update now?,http://go.microsoft.com/fwlink/?linkid=40747
?,http://go.microsoft.com/fwlink/?linkid=40747
CYou must have Administrator privileges to install new dictionaries.
GYou must have Administrator privileges to manually update dictionaries.
>You must have Administrator priviliges to change this setting.
OError(s) found in dictionary update (Error Code: %08x). Please try again later.UError(s) found in dictionary installation (Error Code: %08x). Please try again later.wYou cannot install new dictionaries while IME is checking, installing or updating dictionaries. Please try again later.yYou cannot install dictionary updates while IME is checking, installing or updating dictionaries. Please try again later.
VS_VERSION_INFO
StringFileInfo
000004b0
CompanyName
Microsoft Corporation
FileDescription
Microsoft Office IME 2010
FileVersion
14.0.4734.1000
InternalName
IMEDictUpdateUI.exe
LegalCopyright
All rights reserved.
LegalTrademarks
Microsoft(R) is a registered trademark of Microsoft Corporation. Windows(R) is a registered trademark of Microsoft Corporation.
OriginalFilename
IMEDictUpdateUI.exe
ProductName
Microsoft Office IME 2010
ProductVersion
14.0.4734.1000
VarFileInfo
Translation
| 防病毒引擎/厂商 | 病毒名/规则匹配 | 病毒库日期 |
|---|---|---|
| Bkav | 未发现病毒 | 20160428 |
| MicroWorld-eScan | 未发现病毒 | 20160428 |
| nProtect | 未发现病毒 | 20160428 |
| CMC | 未发现病毒 | 20160428 |
| CAT-QuickHeal | 未发现病毒 | 20160428 |
| ALYac | 未发现病毒 | 20160428 |
| Malwarebytes | 未发现病毒 | 20160428 |
| Zillya | 未发现病毒 | 20160428 |
| TheHacker | 未发现病毒 | 20160426 |
| BitDefender | 未发现病毒 | 20160428 |
| K7GW | 未发现病毒 | 20160428 |
| K7AntiVirus | 未发现病毒 | 20160428 |
| Baidu | 未发现病毒 | 20160428 |
| F-Prot | 未发现病毒 | 20160428 |
| Symantec | 未发现病毒 | 20160428 |
| ESET-NOD32 | 未发现病毒 | 20160428 |
| TrendMicro-HouseCall | 未发现病毒 | 20160428 |
| Avast | 未发现病毒 | 20160428 |
| ClamAV | 未发现病毒 | 20160427 |
| GData | 未发现病毒 | 20160428 |
| Kaspersky | 未发现病毒 | 20160428 |
| Alibaba | 未发现病毒 | 20160428 |
| NANO-Antivirus | 未发现病毒 | 20160428 |
| ViRobot | 未发现病毒 | 20160428 |
| SUPERAntiSpyware | 未发现病毒 | 20160428 |
| Rising | 未发现病毒 | 20160428 |
| Ad-Aware | 未发现病毒 | 20160428 |
| Emsisoft | 未发现病毒 | 20160428 |
| Comodo | 未发现病毒 | 20160428 |
| F-Secure | 未发现病毒 | 20160428 |
| DrWeb | 未发现病毒 | 20160428 |
| VIPRE | 未发现病毒 | 20160428 |
| TrendMicro | 未发现病毒 | 20160428 |
| McAfee-GW-Edition | 未发现病毒 | 20160428 |
| Sophos | 未发现病毒 | 20160428 |
| Cyren | 未发现病毒 | 20160428 |
| Jiangmin | 未发现病毒 | 20160428 |
| Avira | 未发现病毒 | 20160428 |
| Antiy-AVL | 未发现病毒 | 20160428 |
| Kingsoft | 未发现病毒 | 20160428 |
| Arcabit | 未发现病毒 | 20160428 |
| AegisLab | 未发现病毒 | 20160428 |
| Microsoft | 未发现病毒 | 20160428 |
| AhnLab-V3 | 未发现病毒 | 20160428 |
| McAfee | 未发现病毒 | 20160428 |
| AVware | 未发现病毒 | 20160428 |
| VBA32 | 未发现病毒 | 20160428 |
| Panda | 未发现病毒 | 20160428 |
| Zoner | 未发现病毒 | 20160428 |
| Tencent | 未发现病毒 | 20160428 |
| Yandex | 未发现病毒 | 20160428 |
| Ikarus | 未发现病毒 | 20160428 |
| Fortinet | 未发现病毒 | 20160428 |
| AVG | 未发现病毒 | 20160428 |
| Baidu-International | 未发现病毒 | 20160428 |
| Qihoo-360 | 未发现病毒 | 20160428 |
访问主机纪录 (可点击查询WPING实时安全评级)
无主机纪录.
TCP
无TCP连接纪录.
UDP
| 源地址 | 源端口 | 目标地址 | 目标端口 |
|---|---|---|---|
| 192.168.122.69 | 52766 | 192.168.122.1 | 53 |
| 192.168.122.69 | 57129 | 192.168.122.1 | 53 |
| 192.168.122.69 | 58105 | 192.168.122.1 | 53 |
| 192.168.122.69 | 58396 | 192.168.122.1 | 53 |
| 192.168.122.69 | 62204 | 192.168.122.1 | 53 |
| 192.168.122.69 | 63333 | 192.168.122.1 | 53 |
| 192.168.122.69 | 53197 | 224.0.0.252 | 5355 |
| 192.168.122.69 | 64810 | 224.0.0.252 | 5355 |
| 192.168.122.69 | 50619 | 239.255.255.250 | 1900 |
| 192.168.122.69 | 123 | 52.169.179.91 | 123 |
域名解析 (可点击查询WPING实时安全评级)
无域名信息.
TCP
无TCP连接纪录.
UDP
| 源地址 | 源端口 | 目标地址 | 目标端口 |
|---|---|---|---|
| 192.168.122.69 | 52766 | 192.168.122.1 | 53 |
| 192.168.122.69 | 57129 | 192.168.122.1 | 53 |
| 192.168.122.69 | 58105 | 192.168.122.1 | 53 |
| 192.168.122.69 | 58396 | 192.168.122.1 | 53 |
| 192.168.122.69 | 62204 | 192.168.122.1 | 53 |
| 192.168.122.69 | 63333 | 192.168.122.1 | 53 |
| 192.168.122.69 | 53197 | 224.0.0.252 | 5355 |
| 192.168.122.69 | 64810 | 224.0.0.252 | 5355 |
| 192.168.122.69 | 50619 | 239.255.255.250 | 1900 |
| 192.168.122.69 | 123 | 52.169.179.91 | 123 |
HTTP 请求
未发现HTTP请求.
SMTP 流量
无SMTP流量.
IRC 流量
无IRC请求.
ICMP 流量
无ICMP流量.
CIF 报告
无 CIF 结果
网络警报
无警报
TLS
No TLS
Suricata HTTP
No Suricata HTTP
未发现网络提取文件
抱歉! 没有任何文件投放。
没有发现相似的分析.
| HTML 总结报告 (需15-60分钟同步) |
下载 |
|---|
Processing ( 6.894 seconds )
- 3.398 NetworkAnalysis
- 2.281 VirusTotal
- 0.617 Static
- 0.233 peid
- 0.217 TargetInfo
- 0.052 Strings
- 0.043 BehaviorAnalysis
- 0.022 AnalysisInfo
- 0.016 config_decoder
- 0.009 Debug
- 0.003 Dropped
- 0.002 Memory
- 0.001 ProcessMemory
Signatures ( 0.056 seconds )
- 0.012 antiav_detectreg
- 0.005 persistence_autorun
- 0.005 antiav_detectfile
- 0.005 infostealer_ftp
- 0.003 disables_browser_warn
- 0.003 infostealer_bitcoin
- 0.003 infostealer_im
- 0.002 tinba_behavior
- 0.002 antianalysis_detectreg
- 0.002 antivm_vbox_files
- 0.002 geodo_banking_trojan
- 0.002 bot_drive
- 0.002 browser_security
- 0.002 infostealer_mail
- 0.001 betabot_behavior
- 0.001 banker_zeus_mutex
- 0.001 bot_drive2
- 0.001 modify_proxy
- 0.001 disables_system_restore
- 0.001 ransomware_files
Reporting ( 1.657 seconds )
- 1.093 ReportPDF
- 0.533 ReportHTMLSummary
- 0.031 Malheur
| Task ID | 16151 |
|---|---|
| Mongo ID | 57ce648f4d3bd048e49827b0 |
| Cuckoo release | 1.4-Maldun |
沪公网安备 31011502009736号