比较分析...

分析任务

分析类型 虚拟机标签 开始时间 结束时间 持续时间
文件 (Windows) win7-sp1-x64-hpdapp01-1 2019-04-23 01:11:03 2019-04-23 01:11:54 51 秒

魔盾分数

8.15

危险的

文件详细信息

文件名 V2Panda.exe
文件大小 6889472 字节
文件类型 PE32 executable (GUI) Intel 80386, for MS Windows
MD5 b40d9644c071e182a08b82e2831d2376
SHA1 7cf32b2b7f4874a3e32254140d9af8f19ba279eb
SHA256 6f832148e354a5f65431614c9e2ed08a83871f110fd5df4c989516dd42ef5d9b
SHA512 444214a3f5bd032157b0af03a613598c4c256644068b9cb7f0767a3801af13a5a97464622e972b8a5936aef099636f6b1ae03fbb282b69f896c9c952d9d56a96
CRC32 56E4755A
Ssdeep 98304:roXYIjSnL4Az7yINVy+AU8euOuNHDc74riuGVOEA009mz+SAp8oRrxaQHyBC4YoM:8UfLC+AjOuhEtuGX4tgQSglZ4k
Yara 登录查看Yara规则
样本下载 提交误报
登录查看威胁特征

运行截图

没有可用的屏幕截图

访问主机纪录 (可点击查询WPING实时安全评级)

无主机纪录.

域名解析 (可点击查询WPING实时安全评级)

无域名信息.

摘要

登录查看详细行为信息

PE 信息

初始地址 0x00400000
入口地址 0x0099db95
声明校验值 0x00000000
实际校验值 0x00696094
最低操作系统版本要求 5.0
编译时间 2019-04-23 01:07:53
载入哈希 6ff280506440edf12bb262ad35d6e01f

PE 数据组成

名称 虚拟地址 虚拟大小 原始数据大小 特征 熵(Entropy)
.text 0x00001000 0x000a9e9a 0x000aa000 IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 6.59
.rdata 0x000ab000 0x0007d2d2 0x0007e000 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 6.86
.data 0x00129000 0x0003712a 0x00012000 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 5.06
.GERDGBJ 0x00161000 0x00353346 0x00354000 IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 7.83
.GERDGBJ 0x004b5000 0x001f1800 0x001f2000 IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 7.72
.rsrc 0x006a7000 0x00010028 0x00011000 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 4.16

导入

库: SHLWAPI.dll:
0x8f7000 SHDeleteKeyA
0x8f7004 SHDeleteValueA
库: WINMM.dll:
0x8f7014 waveOutWrite
0x8f7018 waveOutPause
0x8f701c waveOutReset
0x8f7020 waveOutClose
0x8f7024 waveOutGetNumDevs
0x8f7028 waveOutOpen
0x8f7030 midiStreamOut
0x8f7034 midiStreamStop
0x8f7038 midiOutReset
0x8f703c midiStreamClose
0x8f7040 midiStreamRestart
0x8f7048 midiStreamOpen
0x8f704c midiStreamProperty
库: WS2_32.dll:
0x8f7054 WSACleanup
0x8f7058 WSAStartup
0x8f705c gethostbyname
0x8f7060 closesocket
0x8f7064 getpeername
0x8f7068 WSAAsyncSelect
0x8f706c recvfrom
0x8f7070 ioctlsocket
0x8f7074 inet_ntoa
0x8f7078 recv
0x8f707c accept
库: KERNEL32.dll:
0x8f7084 SetFilePointer
0x8f7088 GetFileSize
0x8f708c TerminateProcess
0x8f7090 SetLastError
0x8f7098 GetACP
0x8f709c HeapSize
0x8f70a0 RaiseException
0x8f70a4 GetLocalTime
0x8f70a8 GetSystemTime
0x8f70ac RtlUnwind
0x8f70b0 GetStartupInfoA
0x8f70b4 GetOEMCP
0x8f70b8 GetCPInfo
0x8f70bc GetProcessVersion
0x8f70c0 SetErrorMode
0x8f70c4 GlobalFlags
0x8f70c8 GetCurrentThread
0x8f70cc GetFileTime
0x8f70d0 TlsGetValue
0x8f70d4 LocalReAlloc
0x8f70d8 TlsSetValue
0x8f70dc TlsFree
0x8f70e0 GlobalHandle
0x8f70e4 TlsAlloc
0x8f70e8 LocalAlloc
0x8f70ec lstrcmpA
0x8f70f0 GlobalGetAtomNameA
0x8f70f4 GlobalAddAtomA
0x8f70f8 GlobalFindAtomA
0x8f70fc GlobalDeleteAtom
0x8f7100 lstrcmpiA
0x8f7104 SetEndOfFile
0x8f7108 UnlockFile
0x8f710c LockFile
0x8f7110 FlushFileBuffers
0x8f7114 DuplicateHandle
0x8f7118 lstrcpynA
0x8f7124 LocalFree
0x8f7130 WideCharToMultiByte
0x8f7134 MultiByteToWideChar
0x8f7138 GetCurrentProcess
0x8f7140 CreateSemaphoreA
0x8f7144 ResumeThread
0x8f7148 ReleaseSemaphore
0x8f7154 GetProfileStringA
0x8f7158 WriteFile
0x8f715c ReadFile
0x8f7164 CreateFileA
0x8f7168 SetEvent
0x8f716c FindResourceA
0x8f7170 LoadResource
0x8f7174 LockResource
0x8f7178 lstrlenW
0x8f717c RemoveDirectoryA
0x8f7180 GetModuleFileNameA
0x8f7184 GetCurrentThreadId
0x8f7188 ExitProcess
0x8f718c GlobalSize
0x8f7190 GlobalFree
0x8f719c lstrcatA
0x8f71a0 lstrlenA
0x8f71a4 WinExec
0x8f71a8 lstrcpyA
0x8f71ac FindNextFileA
0x8f71b0 GetDriveTypeA
0x8f71b4 GlobalReAlloc
0x8f71b8 HeapFree
0x8f71bc HeapReAlloc
0x8f71c0 GetProcessHeap
0x8f71c4 InterlockedExchange
0x8f71c8 HeapAlloc
0x8f71cc GetUserDefaultLCID
0x8f71d0 GetFullPathNameA
0x8f71d4 FreeLibrary
0x8f71d8 LoadLibraryA
0x8f71dc GetLastError
0x8f71e0 GetVersionExA
0x8f71e8 CreateThread
0x8f71ec CreateEventA
0x8f71f0 Sleep
0x8f71f8 GlobalAlloc
0x8f71fc GlobalLock
0x8f7200 GlobalUnlock
0x8f7204 GetTempPathA
0x8f7208 FindFirstFileA
0x8f720c FindClose
0x8f7210 SetFileAttributesA
0x8f7214 GetFileAttributesA
0x8f7218 DeleteFileA
0x8f7228 GetModuleHandleA
0x8f722c GetProcAddress
0x8f7230 MulDiv
0x8f7234 GetCommandLineA
0x8f7238 GetTickCount
0x8f723c CreateProcessA
0x8f7240 WaitForSingleObject
0x8f7244 CloseHandle
0x8f725c SetHandleCount
0x8f7260 GetStdHandle
0x8f7264 GetFileType
0x8f726c HeapDestroy
0x8f7270 HeapCreate
0x8f7274 VirtualFree
0x8f727c LCMapStringA
0x8f7280 LCMapStringW
0x8f7284 VirtualAlloc
0x8f7288 IsBadWritePtr
0x8f7290 GetStringTypeA
0x8f7294 GetStringTypeW
0x8f7298 CompareStringA
0x8f729c CompareStringW
0x8f72a0 IsBadReadPtr
0x8f72a4 IsBadCodePtr
0x8f72a8 SetStdHandle
0x8f72ac GetVersion
库: USER32.dll:
0x8f72b4 SetWindowRgn
0x8f72bc GetWindow
0x8f72c0 GetActiveWindow
0x8f72c4 SetFocus
0x8f72c8 IsIconic
0x8f72cc PeekMessageA
0x8f72d0 SetMenu
0x8f72d4 GetMenu
0x8f72d8 GetMessagePos
0x8f72dc ScreenToClient
0x8f72e4 CopyRect
0x8f72e8 LoadBitmapA
0x8f72ec GetSysColorBrush
0x8f72f0 GetKeyState
0x8f72f4 DefWindowProcA
0x8f72f8 GetClassInfoA
0x8f72fc LoadImageA
0x8f7304 ClientToScreen
0x8f7308 EnableMenuItem
0x8f730c GetSubMenu
0x8f7310 GetDlgCtrlID
0x8f7314 IsZoomed
0x8f7318 PostQuitMessage
0x8f7324 IsWindowEnabled
0x8f7328 ShowWindow
0x8f7334 CreateMenu
0x8f7338 ModifyMenuA
0x8f733c AppendMenuA
0x8f7340 WinHelpA
0x8f7344 KillTimer
0x8f7348 SetTimer
0x8f734c ReleaseCapture
0x8f7350 GetCapture
0x8f7354 SetCapture
0x8f7358 GetScrollRange
0x8f735c SetScrollRange
0x8f7360 SetScrollPos
0x8f7364 SetRect
0x8f7368 InflateRect
0x8f736c IntersectRect
0x8f7370 LoadStringA
0x8f7378 GetMenuState
0x8f737c DestroyIcon
0x8f7380 PtInRect
0x8f7384 OffsetRect
0x8f7388 IsWindowVisible
0x8f738c EnableWindow
0x8f7390 RedrawWindow
0x8f7394 GetWindowLongA
0x8f7398 SetWindowLongA
0x8f739c GetSysColor
0x8f73a0 SetActiveWindow
0x8f73a4 SetCursorPos
0x8f73a8 LoadCursorA
0x8f73ac SetCursor
0x8f73b0 GetDC
0x8f73b4 FillRect
0x8f73b8 IsRectEmpty
0x8f73bc ReleaseDC
0x8f73c0 IsChild
0x8f73c4 DestroyMenu
0x8f73c8 SetForegroundWindow
0x8f73cc GetWindowRect
0x8f73d0 EqualRect
0x8f73d4 UpdateWindow
0x8f73d8 ValidateRect
0x8f73dc InvalidateRect
0x8f73e0 GetClientRect
0x8f73e4 GetFocus
0x8f73e8 GetParent
0x8f73ec GetTopWindow
0x8f73f0 PostMessageA
0x8f73f4 IsWindow
0x8f73f8 SetParent
0x8f73fc DestroyCursor
0x8f7400 SendMessageA
0x8f7404 SetWindowPos
0x8f7408 MessageBoxA
0x8f740c GetCursorPos
0x8f7410 GetSystemMetrics
0x8f7414 EmptyClipboard
0x8f7418 SetClipboardData
0x8f741c OpenClipboard
0x8f7420 GetClipboardData
0x8f7424 CloseClipboard
0x8f7428 wsprintfA
0x8f742c WaitForInputIdle
0x8f7430 CreatePopupMenu
0x8f7434 DrawIconEx
0x8f7440 SetRectEmpty
0x8f7444 DispatchMessageA
0x8f7448 GetMessageA
0x8f744c WindowFromPoint
0x8f7450 DrawFocusRect
0x8f7454 DrawEdge
0x8f7458 DrawFrameControl
0x8f745c LoadIconA
0x8f7460 TranslateMessage
0x8f7464 GetForegroundWindow
0x8f7468 GetDesktopWindow
0x8f746c GetClassNameA
0x8f7470 GetDlgItem
0x8f7474 GetWindowTextA
0x8f7478 UnregisterClassA
0x8f7484 CharUpperA
0x8f7488 GetWindowDC
0x8f748c BeginPaint
0x8f7490 EndPaint
0x8f7494 TabbedTextOutA
0x8f7498 DrawTextA
0x8f749c GrayStringA
0x8f74a0 DestroyWindow
0x8f74a8 EndDialog
0x8f74ac GetNextDlgTabItem
0x8f74b0 GetWindowPlacement
0x8f74b8 GetLastActivePopup
0x8f74bc GetMessageTime
0x8f74c0 RemovePropA
0x8f74c4 CallWindowProcA
0x8f74c8 GetPropA
0x8f74cc UnhookWindowsHookEx
0x8f74d0 SetPropA
0x8f74d4 GetClassLongA
0x8f74d8 CallNextHookEx
0x8f74dc SetWindowsHookExA
0x8f74e0 CreateWindowExA
0x8f74e4 GetMenuItemID
0x8f74e8 GetMenuItemCount
0x8f74ec RegisterClassA
0x8f74f0 GetScrollPos
0x8f74f4 AdjustWindowRectEx
0x8f74f8 MapWindowPoints
0x8f74fc SendDlgItemMessageA
0x8f7500 ScrollWindowEx
0x8f7504 IsDialogMessageA
0x8f7508 SetWindowTextA
0x8f750c MoveWindow
0x8f7510 CheckMenuItem
0x8f7514 SetMenuItemBitmaps
库: GDI32.dll:
0x8f751c Escape
0x8f7520 ExtTextOutA
0x8f7524 TextOutA
0x8f7528 RectVisible
0x8f752c PtVisible
0x8f7530 GetViewportExtEx
0x8f7534 ExtSelectClipRgn
0x8f7538 LineTo
0x8f753c MoveToEx
0x8f7540 BitBlt
0x8f7544 CreateCompatibleDC
0x8f7548 Ellipse
0x8f754c Rectangle
0x8f7550 LPtoDP
0x8f7554 DPtoLP
0x8f7558 GetCurrentObject
0x8f755c RoundRect
0x8f7560 GetTextMetricsA
0x8f7568 GetDeviceCaps
0x8f756c CreatePalette
0x8f7570 CreateDIBitmap
0x8f7574 DeleteObject
0x8f7578 SelectClipRgn
0x8f757c CreatePolygonRgn
0x8f7580 GetClipRgn
0x8f7584 SetStretchBltMode
0x8f758c SetBkColor
0x8f7590 ExcludeClipRect
0x8f7594 GetClipBox
0x8f7598 ScaleWindowExtEx
0x8f759c SetWindowExtEx
0x8f75a0 SetWindowOrgEx
0x8f75a4 ScaleViewportExtEx
0x8f75a8 SetViewportExtEx
0x8f75ac OffsetViewportOrgEx
0x8f75b0 SetViewportOrgEx
0x8f75b4 SetMapMode
0x8f75b8 SetTextColor
0x8f75bc StartPage
0x8f75c0 StartDocA
0x8f75c4 DeleteDC
0x8f75c8 EndDoc
0x8f75cc EndPage
0x8f75d0 GetObjectA
0x8f75d4 GetStockObject
0x8f75d8 CreateFontIndirectA
0x8f75dc CreateSolidBrush
0x8f75e0 FillRgn
0x8f75e4 CreateRectRgn
0x8f75e8 CombineRgn
0x8f75ec PatBlt
0x8f75f0 CreatePen
0x8f75f4 SelectObject
0x8f75f8 CreateBitmap
0x8f75fc CreateDCA
0x8f7604 GetPolyFillMode
0x8f7608 GetStretchBltMode
0x8f760c GetROP2
0x8f7610 GetBkColor
0x8f7614 GetBkMode
0x8f7618 GetTextColor
0x8f761c GetWindowOrgEx
0x8f7620 SetROP2
0x8f7624 SetPolyFillMode
0x8f7628 SetBkMode
0x8f762c RestoreDC
0x8f7630 SaveDC
0x8f7634 GetViewportOrgEx
0x8f7638 GetWindowExtEx
0x8f763c CreateRoundRectRgn
0x8f7640 CreateEllipticRgn
0x8f7644 PathToRegion
0x8f7648 EndPath
0x8f764c BeginPath
0x8f7650 GetDIBits
0x8f7654 RealizePalette
0x8f7658 SelectPalette
0x8f7660 StretchBlt
库: WINSPOOL.DRV:
0x8f7668 OpenPrinterA
0x8f766c DocumentPropertiesA
0x8f7670 ClosePrinter
库: ADVAPI32.dll:
0x8f7678 FreeSid
0x8f767c RegQueryValueExA
0x8f7680 RegOpenKeyExA
0x8f7684 RegSetValueExA
0x8f7688 RegDeleteValueA
0x8f768c RegDeleteKeyA
0x8f7690 RegQueryValueA
0x8f7694 RegCreateKeyExA
0x8f7698 GetUserNameA
0x8f769c RegGetKeySecurity
0x8f76a4 InitializeAcl
0x8f76a8 AddAce
0x8f76b4 RegCloseKey
0x8f76c0 GetSidSubAuthority
0x8f76c4 GetTokenInformation
0x8f76c8 GetLengthSid
0x8f76cc CopySid
0x8f76d0 RegSetKeySecurity
0x8f76d4 RegQueryInfoKeyA
0x8f76d8 RegEnumKeyA
0x8f76dc OpenProcessToken
库: SHELL32.dll:
0x8f76e4 ShellExecuteA
0x8f76e8 Shell_NotifyIconA
0x8f76ec SHEmptyRecycleBinA
库: ole32.dll:
0x8f76f8 CLSIDFromProgID
0x8f76fc OleRun
0x8f7700 CoCreateInstance
0x8f7704 CLSIDFromString
0x8f7708 OleUninitialize
0x8f770c OleInitialize
库: OLEAUT32.dll:
0x8f7714 VariantChangeType
0x8f7718 VariantClear
0x8f771c UnRegisterTypeLib
0x8f7720 LoadTypeLib
0x8f7724 LHashValOfNameSys
0x8f7728 RegisterTypeLib
0x8f772c SysAllocString
0x8f7730 VariantInit
0x8f7734 VariantCopyInd
库: COMCTL32.dll:
0x8f773c None
0x8f7740 ImageList_Destroy
库: WININET.dll:
0x8f7748 DeleteUrlCacheEntry
库: comdlg32.dll:
0x8f7758 ChooseColorA
0x8f775c GetFileTitleA
0x8f7760 GetSaveFileNameA
0x8f7764 GetOpenFileNameA
库: WTSAPI32.dll:
0x8f776c WTSSendMessageW
库: KERNEL32.dll:
0x8f7774 VirtualQuery
0x8f777c GetModuleHandleA
0x8f7780 CreateEventA
0x8f7784 GetModuleFileNameW
0x8f7788 LoadLibraryA
0x8f778c TerminateProcess
0x8f7790 GetCurrentProcess
0x8f7798 Thread32First
0x8f779c GetCurrentProcessId
0x8f77a0 GetCurrentThreadId
0x8f77a4 OpenThread
0x8f77a8 Thread32Next
0x8f77ac CloseHandle
0x8f77b0 SuspendThread
0x8f77b4 ResumeThread
0x8f77b8 WriteProcessMemory
0x8f77bc GetSystemInfo
0x8f77c0 VirtualAlloc
0x8f77c4 VirtualProtect
0x8f77c8 VirtualFree
0x8f77d4 GetCurrentThread
0x8f77dc Sleep
0x8f77e0 FreeLibrary
0x8f77e4 GetTickCount
0x8f77e8 GlobalFree
0x8f77ec GetProcAddress
0x8f77f0 LocalAlloc
0x8f77f4 LocalFree
0x8f77f8 ExitProcess
0x8f780c GetModuleHandleW
0x8f7810 LoadResource
0x8f7814 MultiByteToWideChar
0x8f7818 FindResourceExW
0x8f781c FindResourceExA
0x8f7820 WideCharToMultiByte
0x8f7824 GetThreadLocale
0x8f7828 GetUserDefaultLCID
0x8f7830 EnumResourceNamesA
0x8f7834 EnumResourceNamesW
0x8f7840 EnumResourceTypesA
0x8f7844 EnumResourceTypesW
0x8f7848 CreateFileW
0x8f784c LoadLibraryW
0x8f7850 GetLastError
0x8f7854 FlushFileBuffers
0x8f7858 CreateFileA
0x8f785c WriteConsoleW
0x8f7860 GetConsoleOutputCP
0x8f7864 WriteConsoleA
0x8f7868 GetCommandLineA
0x8f786c RaiseException
0x8f7870 RtlUnwind
0x8f7874 HeapFree
0x8f7878 GetCPInfo
0x8f7884 GetACP
0x8f7888 GetOEMCP
0x8f788c IsValidCodePage
0x8f7890 TlsGetValue
0x8f7894 TlsAlloc
0x8f7898 TlsSetValue
0x8f789c TlsFree
0x8f78a0 SetLastError
0x8f78ac IsDebuggerPresent
0x8f78b0 HeapAlloc
0x8f78b4 LCMapStringA
0x8f78b8 LCMapStringW
0x8f78bc SetHandleCount
0x8f78c0 GetStdHandle
0x8f78c4 GetFileType
0x8f78c8 GetStartupInfoA
0x8f78cc GetModuleFileNameA
0x8f78e0 HeapCreate
0x8f78e4 HeapDestroy
0x8f78ec HeapReAlloc
0x8f78f0 GetStringTypeA
0x8f78f4 GetStringTypeW
0x8f78f8 GetLocaleInfoA
0x8f78fc HeapSize
0x8f7900 WriteFile
0x8f7904 SetFilePointer
0x8f7908 GetConsoleCP
0x8f790c GetConsoleMode
0x8f7914 SetStdHandle
库: USER32.dll:
0x8f7920 CharUpperBuffW
0x8f7924 MessageBoxW
库: KERNEL32.dll:
0x8f7930 LocalAlloc
0x8f7934 LocalFree
0x8f7938 GetModuleFileNameW
0x8f7948 Sleep
0x8f794c ExitProcess
0x8f7950 FreeLibrary
0x8f7954 LoadLibraryA
0x8f7958 GetModuleHandleA
0x8f795c GetProcAddress
库: USER32.dll:
.text
`.rdata
@.data
.GERDGBJF35
`.GERDGBJ
`.rsrc
h-=%Bh
h-=%Bh
,0,".o?
没有防病毒引擎扫描信息!

进程树

V2Panda.exe, PID: 2660, 上一级进程 PID: 2300
下载PCAP包

访问主机纪录 (可点击查询WPING实时安全评级)

无主机纪录.

TCP

无TCP连接纪录.

UDP

无UDP连接纪录.

域名解析 (可点击查询WPING实时安全评级)

无域名信息.

TCP

无TCP连接纪录.

UDP

无UDP连接纪录.

HTTP 请求

未发现HTTP请求.

SMTP 流量

无SMTP流量.

IRC 流量

无IRC请求.

ICMP 流量

无ICMP流量.

CIF 报告

无 CIF 结果

网络警报

无警报

TLS

No TLS

Suricata HTTP

No Suricata HTTP

未发现网络提取文件
抱歉! 没有任何文件投放。
没有发现相似的分析.
HTML 总结报告
(需15-60分钟同步)		 下载

Processing ( 32.538 seconds )

  • 20.639 Static
  • 7.942 TargetInfo
  • 3.012 VirusTotal
  • 0.438 peid
  • 0.24 NetworkAnalysis
  • 0.13 AnalysisInfo
  • 0.097 BehaviorAnalysis
  • 0.022 config_decoder
  • 0.015 Strings
  • 0.003 Memory

Signatures ( 0.373 seconds )

  • 0.189 md_bad_drop
  • 0.028 antiav_detectreg
  • 0.02 md_domain_bl
  • 0.02 md_url_bl
  • 0.012 infostealer_ftp
  • 0.007 anomaly_persistence_autorun
  • 0.007 antiav_detectfile
  • 0.007 infostealer_im
  • 0.007 ransomware_extensions
  • 0.007 ransomware_files
  • 0.006 antianalysis_detectreg
  • 0.005 infostealer_bitcoin
  • 0.004 api_spamming
  • 0.004 infostealer_mail
  • 0.003 tinba_behavior
  • 0.003 stealth_decoy_document
  • 0.003 stealth_timeout
  • 0.003 antivm_vbox_files
  • 0.003 geodo_banking_trojan
  • 0.003 disables_browser_warn
  • 0.002 rat_nanocore
  • 0.002 betabot_behavior
  • 0.002 cerber_behavior
  • 0.002 bot_drive
  • 0.002 browser_security
  • 0.002 modify_proxy
  • 0.001 ursnif_behavior
  • 0.001 kibex_behavior
  • 0.001 shifu_behavior
  • 0.001 antianalysis_detectfile
  • 0.001 antidbg_devices
  • 0.001 antivm_generic_diskreg
  • 0.001 antivm_parallels_keys
  • 0.001 antivm_xen_keys
  • 0.001 banker_zeus_mutex
  • 0.001 bot_drive2
  • 0.001 browser_addon
  • 0.001 disables_system_restore
  • 0.001 disables_windows_defender
  • 0.001 darkcomet_regkeys
  • 0.001 office_security
  • 0.001 rat_spynet
  • 0.001 recon_fingerprint
  • 0.001 stealth_hide_notifications
  • 0.001 stealth_modify_uac_prompt
  • 0.001 stealth_modify_security_center_warnings

Reporting ( 1.058 seconds )

  • 0.833 ReportHTMLSummary
  • 0.225 Malheur
Task ID 281321
Mongo ID 5cbdf6082f8f2e0441a9c23b
Cuckoo release 1.4-Maldun