分析任务

分析类型 虚拟机标签 开始时间 结束时间 持续时间
文件 (Windows) win7-sp1-x64-hpdapp01-1 2019-04-24 01:55:32 2019-04-24 01:56:34 62 秒

魔盾分数

8.15

危险的

文件详细信息

文件名 V3Panda.exe
文件大小 6873088 字节
文件类型 PE32 executable (GUI) Intel 80386, for MS Windows
MD5 d95dd898a8c6c530f2810619823aa460
SHA1 35d9da4d2fc45060ba18755a9f16c8c57aa11f29
SHA256 a0675d52788760c98d79678f77afcd2a361baeb40e6012bc31bcb6b970f36f2f
SHA512 2f43a2c8194e694ad2721135332e8c1bcdbebfff23aa79a32176dd675a3fc5f2728bda5f0f7b323a30be1f401116a2c32e97e491705622718bf6b68fc5fd1706
CRC32 50F6E8FD
Ssdeep 196608:LtHhRxy0VFqpf80B9IZLBJIZVXtK49BJpHgxDy9Xw9k:hTnFq5XBCZbIZlcs/qyu
Yara 登录查看Yara规则
样本下载 提交误报

登录查看威胁特征

运行截图


访问主机纪录 (可点击查询WPING实时安全评级)

无主机纪录.

域名解析 (可点击查询WPING实时安全评级)

无域名信息.


摘要

登录查看详细行为信息

PE 信息

初始地址 0x00400000
入口地址 0x008f1848
声明校验值 0x00000000
实际校验值 0x0069345f
最低操作系统版本要求 5.0
编译时间 2019-04-24 00:53:27
载入哈希 6ff280506440edf12bb262ad35d6e01f

PE 数据组成

名称 虚拟地址 虚拟大小 原始数据大小 特征 熵(Entropy)
.text 0x00001000 0x000a9e9a 0x000aa000 IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 6.59
.rdata 0x000ab000 0x00079e52 0x0007a000 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 6.87
.data 0x00125000 0x0003712a 0x00012000 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 5.07
.GRJEKL3 0x0015d000 0x0035107b 0x00352000 IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 7.82
.GRJEKL3 0x004af000 0x001f3b90 0x001f4000 IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 7.65
.rsrc 0x006a3000 0x00010028 0x00011000 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 4.16

导入

库: SHLWAPI.dll:
0x9d7000 SHDeleteKeyA
0x9d7004 SHDeleteValueA
库: WINMM.dll:
0x9d7014 waveOutWrite
0x9d7018 waveOutPause
0x9d701c waveOutReset
0x9d7020 waveOutClose
0x9d7024 waveOutGetNumDevs
0x9d7028 waveOutOpen
0x9d7030 midiStreamOut
0x9d7034 midiStreamStop
0x9d7038 midiOutReset
0x9d703c midiStreamClose
0x9d7040 midiStreamRestart
0x9d7048 midiStreamOpen
0x9d704c midiStreamProperty
库: WS2_32.dll:
0x9d7054 WSACleanup
0x9d7058 WSAStartup
0x9d705c gethostbyname
0x9d7060 closesocket
0x9d7064 getpeername
0x9d7068 WSAAsyncSelect
0x9d706c recvfrom
0x9d7070 ioctlsocket
0x9d7074 inet_ntoa
0x9d7078 recv
0x9d707c accept
库: KERNEL32.dll:
0x9d7084 SetFilePointer
0x9d7088 GetFileSize
0x9d708c TerminateProcess
0x9d7090 SetLastError
0x9d7098 GetACP
0x9d709c HeapSize
0x9d70a0 RaiseException
0x9d70a4 GetLocalTime
0x9d70a8 GetSystemTime
0x9d70ac RtlUnwind
0x9d70b0 GetStartupInfoA
0x9d70b4 GetOEMCP
0x9d70b8 GetCPInfo
0x9d70bc GetProcessVersion
0x9d70c0 SetErrorMode
0x9d70c4 GlobalFlags
0x9d70c8 GetCurrentThread
0x9d70cc GetFileTime
0x9d70d0 TlsGetValue
0x9d70d4 LocalReAlloc
0x9d70d8 TlsSetValue
0x9d70dc TlsFree
0x9d70e0 GlobalHandle
0x9d70e4 TlsAlloc
0x9d70e8 LocalAlloc
0x9d70ec lstrcmpA
0x9d70f0 GlobalGetAtomNameA
0x9d70f4 GlobalAddAtomA
0x9d70f8 GlobalFindAtomA
0x9d70fc GlobalDeleteAtom
0x9d7100 lstrcmpiA
0x9d7104 SetEndOfFile
0x9d7108 UnlockFile
0x9d710c LockFile
0x9d7110 FlushFileBuffers
0x9d7114 DuplicateHandle
0x9d7118 lstrcpynA
0x9d7124 LocalFree
0x9d7130 WideCharToMultiByte
0x9d7134 MultiByteToWideChar
0x9d7138 GetCurrentProcess
0x9d7140 CreateSemaphoreA
0x9d7144 ResumeThread
0x9d7148 ReleaseSemaphore
0x9d7154 GetProfileStringA
0x9d7158 WriteFile
0x9d715c ReadFile
0x9d7164 CreateFileA
0x9d7168 SetEvent
0x9d716c FindResourceA
0x9d7170 LoadResource
0x9d7174 LockResource
0x9d7178 lstrlenW
0x9d717c RemoveDirectoryA
0x9d7180 GetModuleFileNameA
0x9d7184 GetCurrentThreadId
0x9d7188 ExitProcess
0x9d718c GlobalSize
0x9d7190 GlobalFree
0x9d719c lstrcatA
0x9d71a0 lstrlenA
0x9d71a4 WinExec
0x9d71a8 lstrcpyA
0x9d71ac FindNextFileA
0x9d71b0 GetDriveTypeA
0x9d71b4 GlobalReAlloc
0x9d71b8 HeapFree
0x9d71bc HeapReAlloc
0x9d71c0 GetProcessHeap
0x9d71c4 InterlockedExchange
0x9d71c8 HeapAlloc
0x9d71cc GetUserDefaultLCID
0x9d71d0 GetFullPathNameA
0x9d71d4 FreeLibrary
0x9d71d8 LoadLibraryA
0x9d71dc GetLastError
0x9d71e0 GetVersionExA
0x9d71e8 CreateThread
0x9d71ec CreateEventA
0x9d71f0 Sleep
0x9d71f8 GlobalAlloc
0x9d71fc GlobalLock
0x9d7200 GlobalUnlock
0x9d7204 GetTempPathA
0x9d7208 FindFirstFileA
0x9d720c FindClose
0x9d7210 SetFileAttributesA
0x9d7214 GetFileAttributesA
0x9d7218 DeleteFileA
0x9d7228 GetModuleHandleA
0x9d722c GetProcAddress
0x9d7230 MulDiv
0x9d7234 GetCommandLineA
0x9d7238 GetTickCount
0x9d723c CreateProcessA
0x9d7240 WaitForSingleObject
0x9d7244 CloseHandle
0x9d725c SetHandleCount
0x9d7260 GetStdHandle
0x9d7264 GetFileType
0x9d726c HeapDestroy
0x9d7270 HeapCreate
0x9d7274 VirtualFree
0x9d727c LCMapStringA
0x9d7280 LCMapStringW
0x9d7284 VirtualAlloc
0x9d7288 IsBadWritePtr
0x9d7290 GetStringTypeA
0x9d7294 GetStringTypeW
0x9d7298 CompareStringA
0x9d729c CompareStringW
0x9d72a0 IsBadReadPtr
0x9d72a4 IsBadCodePtr
0x9d72a8 SetStdHandle
0x9d72ac GetVersion
库: USER32.dll:
0x9d72b4 SetWindowRgn
0x9d72bc GetWindow
0x9d72c0 GetActiveWindow
0x9d72c4 SetFocus
0x9d72c8 IsIconic
0x9d72cc PeekMessageA
0x9d72d0 SetMenu
0x9d72d4 GetMenu
0x9d72d8 GetMessagePos
0x9d72dc ScreenToClient
0x9d72e4 CopyRect
0x9d72e8 LoadBitmapA
0x9d72ec GetSysColorBrush
0x9d72f0 GetKeyState
0x9d72f4 DefWindowProcA
0x9d72f8 GetClassInfoA
0x9d72fc LoadImageA
0x9d7304 ClientToScreen
0x9d7308 EnableMenuItem
0x9d730c GetSubMenu
0x9d7310 GetDlgCtrlID
0x9d7314 IsZoomed
0x9d7318 PostQuitMessage
0x9d7324 IsWindowEnabled
0x9d7328 ShowWindow
0x9d7334 CreateMenu
0x9d7338 ModifyMenuA
0x9d733c AppendMenuA
0x9d7340 WinHelpA
0x9d7344 KillTimer
0x9d7348 SetTimer
0x9d734c ReleaseCapture
0x9d7350 GetCapture
0x9d7354 SetCapture
0x9d7358 GetScrollRange
0x9d735c SetScrollRange
0x9d7360 SetScrollPos
0x9d7364 SetRect
0x9d7368 InflateRect
0x9d736c IntersectRect
0x9d7370 LoadStringA
0x9d7378 GetMenuState
0x9d737c DestroyIcon
0x9d7380 PtInRect
0x9d7384 OffsetRect
0x9d7388 IsWindowVisible
0x9d738c EnableWindow
0x9d7390 RedrawWindow
0x9d7394 GetWindowLongA
0x9d7398 SetWindowLongA
0x9d739c GetSysColor
0x9d73a0 SetActiveWindow
0x9d73a4 SetCursorPos
0x9d73a8 LoadCursorA
0x9d73ac SetCursor
0x9d73b0 GetDC
0x9d73b4 FillRect
0x9d73b8 IsRectEmpty
0x9d73bc ReleaseDC
0x9d73c0 IsChild
0x9d73c4 DestroyMenu
0x9d73c8 SetForegroundWindow
0x9d73cc GetWindowRect
0x9d73d0 EqualRect
0x9d73d4 UpdateWindow
0x9d73d8 ValidateRect
0x9d73dc InvalidateRect
0x9d73e0 GetClientRect
0x9d73e4 GetFocus
0x9d73e8 GetParent
0x9d73ec GetTopWindow
0x9d73f0 PostMessageA
0x9d73f4 IsWindow
0x9d73f8 SetParent
0x9d73fc DestroyCursor
0x9d7400 SendMessageA
0x9d7404 SetWindowPos
0x9d7408 MessageBoxA
0x9d740c GetCursorPos
0x9d7410 GetSystemMetrics
0x9d7414 EmptyClipboard
0x9d7418 SetClipboardData
0x9d741c OpenClipboard
0x9d7420 GetClipboardData
0x9d7424 CloseClipboard
0x9d7428 wsprintfA
0x9d742c WaitForInputIdle
0x9d7430 CreatePopupMenu
0x9d7434 DrawIconEx
0x9d7440 SetRectEmpty
0x9d7444 DispatchMessageA
0x9d7448 GetMessageA
0x9d744c WindowFromPoint
0x9d7450 DrawFocusRect
0x9d7454 DrawEdge
0x9d7458 DrawFrameControl
0x9d745c LoadIconA
0x9d7460 TranslateMessage
0x9d7464 GetForegroundWindow
0x9d7468 GetDesktopWindow
0x9d746c GetClassNameA
0x9d7470 GetDlgItem
0x9d7474 GetWindowTextA
0x9d7478 UnregisterClassA
0x9d7484 CharUpperA
0x9d7488 GetWindowDC
0x9d748c BeginPaint
0x9d7490 EndPaint
0x9d7494 TabbedTextOutA
0x9d7498 DrawTextA
0x9d749c GrayStringA
0x9d74a0 DestroyWindow
0x9d74a8 EndDialog
0x9d74ac GetNextDlgTabItem
0x9d74b0 GetWindowPlacement
0x9d74b8 GetLastActivePopup
0x9d74bc GetMessageTime
0x9d74c0 RemovePropA
0x9d74c4 CallWindowProcA
0x9d74c8 GetPropA
0x9d74cc UnhookWindowsHookEx
0x9d74d0 SetPropA
0x9d74d4 GetClassLongA
0x9d74d8 CallNextHookEx
0x9d74dc SetWindowsHookExA
0x9d74e0 CreateWindowExA
0x9d74e4 GetMenuItemID
0x9d74e8 GetMenuItemCount
0x9d74ec RegisterClassA
0x9d74f0 GetScrollPos
0x9d74f4 AdjustWindowRectEx
0x9d74f8 MapWindowPoints
0x9d74fc SendDlgItemMessageA
0x9d7500 ScrollWindowEx
0x9d7504 IsDialogMessageA
0x9d7508 SetWindowTextA
0x9d750c MoveWindow
0x9d7510 CheckMenuItem
0x9d7514 SetMenuItemBitmaps
库: GDI32.dll:
0x9d751c Escape
0x9d7520 ExtTextOutA
0x9d7524 TextOutA
0x9d7528 RectVisible
0x9d752c PtVisible
0x9d7530 GetViewportExtEx
0x9d7534 ExtSelectClipRgn
0x9d7538 LineTo
0x9d753c MoveToEx
0x9d7540 BitBlt
0x9d7544 CreateCompatibleDC
0x9d7548 Ellipse
0x9d754c Rectangle
0x9d7550 LPtoDP
0x9d7554 DPtoLP
0x9d7558 GetCurrentObject
0x9d755c RoundRect
0x9d7560 GetTextMetricsA
0x9d7568 GetDeviceCaps
0x9d756c CreatePalette
0x9d7570 CreateDIBitmap
0x9d7574 DeleteObject
0x9d7578 SelectClipRgn
0x9d757c CreatePolygonRgn
0x9d7580 GetClipRgn
0x9d7584 SetStretchBltMode
0x9d758c SetBkColor
0x9d7590 ExcludeClipRect
0x9d7594 GetClipBox
0x9d7598 ScaleWindowExtEx
0x9d759c SetWindowExtEx
0x9d75a0 SetWindowOrgEx
0x9d75a4 ScaleViewportExtEx
0x9d75a8 SetViewportExtEx
0x9d75ac OffsetViewportOrgEx
0x9d75b0 SetViewportOrgEx
0x9d75b4 SetMapMode
0x9d75b8 SetTextColor
0x9d75bc StartPage
0x9d75c0 StartDocA
0x9d75c4 DeleteDC
0x9d75c8 EndDoc
0x9d75cc EndPage
0x9d75d0 GetObjectA
0x9d75d4 GetStockObject
0x9d75d8 CreateFontIndirectA
0x9d75dc CreateSolidBrush
0x9d75e0 FillRgn
0x9d75e4 CreateRectRgn
0x9d75e8 CombineRgn
0x9d75ec PatBlt
0x9d75f0 CreatePen
0x9d75f4 SelectObject
0x9d75f8 CreateBitmap
0x9d75fc CreateDCA
0x9d7604 GetPolyFillMode
0x9d7608 GetStretchBltMode
0x9d760c GetROP2
0x9d7610 GetBkColor
0x9d7614 GetBkMode
0x9d7618 GetTextColor
0x9d761c GetWindowOrgEx
0x9d7620 SetROP2
0x9d7624 SetPolyFillMode
0x9d7628 SetBkMode
0x9d762c RestoreDC
0x9d7630 SaveDC
0x9d7634 GetViewportOrgEx
0x9d7638 GetWindowExtEx
0x9d763c CreateRoundRectRgn
0x9d7640 CreateEllipticRgn
0x9d7644 PathToRegion
0x9d7648 EndPath
0x9d764c BeginPath
0x9d7650 GetDIBits
0x9d7654 RealizePalette
0x9d7658 SelectPalette
0x9d7660 StretchBlt
库: WINSPOOL.DRV:
0x9d7668 OpenPrinterA
0x9d766c DocumentPropertiesA
0x9d7670 ClosePrinter
库: ADVAPI32.dll:
0x9d7678 FreeSid
0x9d767c RegQueryValueExA
0x9d7680 RegOpenKeyExA
0x9d7684 RegSetValueExA
0x9d7688 RegDeleteValueA
0x9d768c RegDeleteKeyA
0x9d7690 RegQueryValueA
0x9d7694 RegCreateKeyExA
0x9d7698 GetUserNameA
0x9d769c RegGetKeySecurity
0x9d76a4 InitializeAcl
0x9d76a8 AddAce
0x9d76b4 RegCloseKey
0x9d76c0 GetSidSubAuthority
0x9d76c4 GetTokenInformation
0x9d76c8 GetLengthSid
0x9d76cc CopySid
0x9d76d0 RegSetKeySecurity
0x9d76d4 RegQueryInfoKeyA
0x9d76d8 RegEnumKeyA
0x9d76dc OpenProcessToken
库: SHELL32.dll:
0x9d76e4 ShellExecuteA
0x9d76e8 Shell_NotifyIconA
0x9d76ec SHEmptyRecycleBinA
库: ole32.dll:
0x9d76f8 CLSIDFromProgID
0x9d76fc OleRun
0x9d7700 CoCreateInstance
0x9d7704 CLSIDFromString
0x9d7708 OleUninitialize
0x9d770c OleInitialize
库: OLEAUT32.dll:
0x9d7714 VariantChangeType
0x9d7718 VariantClear
0x9d771c UnRegisterTypeLib
0x9d7720 LoadTypeLib
0x9d7724 LHashValOfNameSys
0x9d7728 RegisterTypeLib
0x9d772c SysAllocString
0x9d7730 VariantInit
0x9d7734 VariantCopyInd
库: COMCTL32.dll:
0x9d773c None
0x9d7740 ImageList_Destroy
库: WININET.dll:
0x9d7748 DeleteUrlCacheEntry
库: comdlg32.dll:
0x9d7758 ChooseColorA
0x9d775c GetFileTitleA
0x9d7760 GetSaveFileNameA
0x9d7764 GetOpenFileNameA
库: WTSAPI32.dll:
0x9d776c WTSSendMessageW
库: KERNEL32.dll:
0x9d7774 VirtualQuery
0x9d777c GetModuleHandleA
0x9d7780 CreateEventA
0x9d7784 GetModuleFileNameW
0x9d7788 LoadLibraryA
0x9d778c TerminateProcess
0x9d7790 GetCurrentProcess
0x9d7798 Thread32First
0x9d779c GetCurrentProcessId
0x9d77a0 GetCurrentThreadId
0x9d77a4 OpenThread
0x9d77a8 Thread32Next
0x9d77ac CloseHandle
0x9d77b0 SuspendThread
0x9d77b4 ResumeThread
0x9d77b8 WriteProcessMemory
0x9d77bc GetSystemInfo
0x9d77c0 VirtualAlloc
0x9d77c4 VirtualProtect
0x9d77c8 VirtualFree
0x9d77d4 GetCurrentThread
0x9d77dc Sleep
0x9d77e0 FreeLibrary
0x9d77e4 GetTickCount
0x9d77e8 GlobalFree
0x9d77ec GetProcAddress
0x9d77f0 LocalAlloc
0x9d77f4 LocalFree
0x9d77f8 ExitProcess
0x9d780c GetModuleHandleW
0x9d7810 LoadResource
0x9d7814 MultiByteToWideChar
0x9d7818 FindResourceExW
0x9d781c FindResourceExA
0x9d7820 WideCharToMultiByte
0x9d7824 GetThreadLocale
0x9d7828 GetUserDefaultLCID
0x9d7830 EnumResourceNamesA
0x9d7834 EnumResourceNamesW
0x9d7840 EnumResourceTypesA
0x9d7844 EnumResourceTypesW
0x9d7848 CreateFileW
0x9d784c LoadLibraryW
0x9d7850 GetLastError
0x9d7854 FlushFileBuffers
0x9d7858 CreateFileA
0x9d785c WriteConsoleW
0x9d7860 GetConsoleOutputCP
0x9d7864 WriteConsoleA
0x9d7868 GetCommandLineA
0x9d786c RaiseException
0x9d7870 RtlUnwind
0x9d7874 HeapFree
0x9d7878 GetCPInfo
0x9d7884 GetACP
0x9d7888 GetOEMCP
0x9d788c IsValidCodePage
0x9d7890 TlsGetValue
0x9d7894 TlsAlloc
0x9d7898 TlsSetValue
0x9d789c TlsFree
0x9d78a0 SetLastError
0x9d78ac IsDebuggerPresent
0x9d78b0 HeapAlloc
0x9d78b4 LCMapStringA
0x9d78b8 LCMapStringW
0x9d78bc SetHandleCount
0x9d78c0 GetStdHandle
0x9d78c4 GetFileType
0x9d78c8 GetStartupInfoA
0x9d78cc GetModuleFileNameA
0x9d78e0 HeapCreate
0x9d78e4 HeapDestroy
0x9d78ec HeapReAlloc
0x9d78f0 GetStringTypeA
0x9d78f4 GetStringTypeW
0x9d78f8 GetLocaleInfoA
0x9d78fc HeapSize
0x9d7900 WriteFile
0x9d7904 SetFilePointer
0x9d7908 GetConsoleCP
0x9d790c GetConsoleMode
0x9d7914 SetStdHandle
库: USER32.dll:
0x9d7920 CharUpperBuffW
0x9d7924 MessageBoxW
库: KERNEL32.dll:
0x9d7930 LocalAlloc
0x9d7934 LocalFree
0x9d7938 GetModuleFileNameW
0x9d7948 Sleep
0x9d794c ExitProcess
0x9d7950 FreeLibrary
0x9d7954 LoadLibraryA
0x9d7958 GetModuleHandleA
0x9d795c GetProcAddress
库: USER32.dll:

.text
`.rdata
@.data
`.rsrc
h-=%Bh
h-=%Bh
PhtfS
PhtfS
没有防病毒引擎扫描信息!

进程树


V3Panda.exe, PID: 2652, 上一级进程 PID: 2300

访问主机纪录 (可点击查询WPING实时安全评级)

无主机纪录.

TCP

无TCP连接纪录.

UDP

无UDP连接纪录.

域名解析 (可点击查询WPING实时安全评级)

无域名信息.

TCP

无TCP连接纪录.

UDP

无UDP连接纪录.

HTTP 请求

未发现HTTP请求.

SMTP 流量

无SMTP流量.

IRC 流量

无IRC请求.

ICMP 流量

无ICMP流量.

CIF 报告

无 CIF 结果

网络警报

无警报

TLS

No TLS

Suricata HTTP

No Suricata HTTP

未发现网络提取文件
抱歉! 没有任何文件投放。
没有发现相似的分析.
HTML 总结报告
(需15-60分钟同步)
下载

Processing ( 46.552 seconds )

  • 20.828 Static
  • 15.511 Suricata
  • 7.768 TargetInfo
  • 1.381 VirusTotal
  • 0.45 peid
  • 0.357 NetworkAnalysis
  • 0.13 AnalysisInfo
  • 0.087 BehaviorAnalysis
  • 0.022 config_decoder
  • 0.015 Strings
  • 0.003 Memory

Signatures ( 0.418 seconds )

  • 0.236 md_bad_drop
  • 0.028 antiav_detectreg
  • 0.02 md_domain_bl
  • 0.02 md_url_bl
  • 0.011 infostealer_ftp
  • 0.007 anomaly_persistence_autorun
  • 0.007 antiav_detectfile
  • 0.007 infostealer_im
  • 0.007 ransomware_files
  • 0.006 antianalysis_detectreg
  • 0.006 ransomware_extensions
  • 0.005 infostealer_bitcoin
  • 0.004 api_spamming
  • 0.004 infostealer_mail
  • 0.003 tinba_behavior
  • 0.003 stealth_decoy_document
  • 0.003 stealth_timeout
  • 0.003 antivm_vbox_files
  • 0.003 geodo_banking_trojan
  • 0.003 disables_browser_warn
  • 0.002 rat_nanocore
  • 0.002 betabot_behavior
  • 0.002 cerber_behavior
  • 0.002 bot_drive
  • 0.002 browser_security
  • 0.002 modify_proxy
  • 0.001 ursnif_behavior
  • 0.001 kibex_behavior
  • 0.001 antivm_generic_scsi
  • 0.001 shifu_behavior
  • 0.001 antianalysis_detectfile
  • 0.001 antidbg_devices
  • 0.001 antivm_generic_diskreg
  • 0.001 antivm_parallels_keys
  • 0.001 antivm_xen_keys
  • 0.001 banker_zeus_mutex
  • 0.001 bot_drive2
  • 0.001 browser_addon
  • 0.001 disables_system_restore
  • 0.001 disables_windows_defender
  • 0.001 darkcomet_regkeys
  • 0.001 office_security
  • 0.001 rat_spynet
  • 0.001 recon_fingerprint
  • 0.001 stealth_hide_notifications
  • 0.001 stealth_modify_uac_prompt

Reporting ( 1.054 seconds )

  • 0.85 ReportHTMLSummary
  • 0.204 Malheur
Task ID 281910
Mongo ID 5cbf520b2f8f2e0441a9c2e3
Cuckoo release 1.4-Maldun