比较分析...

分析任务

分析类型 虚拟机标签 开始时间 结束时间 持续时间
文件 (Windows) win7-sp1-x64-hpdapp01-2 2019-09-16 16:18:55 2019-09-16 16:21:17 142 秒

魔盾分数

1.4875

正常的

文件详细信息

文件名 DTLiteInstaller.exe
文件大小 791712 字节
文件类型 PE32 executable (GUI) Intel 80386, for MS Windows
MD5 40af8bed09bff955ba625b60a7065528
SHA1 3223b263b10b284405889fb25dcc3bf1aebb7660
SHA256 ad8d1d25fbb5a3f2e531cb30ba543756fc09d70978d48c728a866fad4a27e007
SHA512 4825eb24ab4c718654a4f1a937995c9444f8775f2cd40fe4b31219fdfab9f1bc25537d318d23a65109ce76dfed9e5a1c01e6f98c3a46156ca63722030b1206bf
CRC32 3104E8F9
Ssdeep 12288:XcyP/EKqzxvCbbWpRZNrvVZgFshqzlB/7dEYwgoXH3SqD4GmiyjQd6:Xdnjqtv0bAIQqf/7uYKXHl4Gmxju6
Yara 登录查看Yara规则
样本下载 提交漏报
登录查看威胁特征

运行截图

访问主机纪录 (可点击查询WPING实时安全评级)

直接 IP 安全评级 地理位置
217.147.90.28 英国
23.32.241.51 美国

域名解析 (可点击查询WPING实时安全评级)

域名 安全评级 响应
secure.disc-soft.com A 217.147.90.28

摘要

登录查看详细行为信息

PE 信息

初始地址 0x00400000
入口地址 0x00403334
声明校验值 0x000c80e3
实际校验值 0x000c80e3
最低操作系统版本要求 4.0
编译时间 2016-12-12 05:50:55
载入哈希 e2a592076b17ef8bfb48b7e03965a3fc

版本信息

LegalCopyright
InternalName
FileVersion
CompanyName
ProductName
ProductVersion
FileDescription
OriginalFilename
Translation

微软证书验证 (Sign Tool)

SHA1 时间戳 有效性 错误
None Thu Aug 17 22:50:43 2017
证书链 Certificate Chain 1
发行给 COMODO RSA Certification Authority
发行人 COMODO RSA Certification Authority
有效期 Tue Jan 19 075959 2038
SHA1 哈希 afe5d244a8d1194230ff479fe2f897bbcd7a8cb4
证书链 Certificate Chain 2
发行给 COMODO RSA Code Signing CA
发行人 COMODO RSA Certification Authority
有效期 Tue May 09 075959 2028
SHA1 哈希 b69e752bbe88b4458200a7c0f4f5b3cce6f35b47
证书链 Certificate Chain 3
发行给 Disc Soft Ltd
发行人 COMODO RSA Code Signing CA
有效期 Sat Mar 10 075959 2018
SHA1 哈希 ae062ec7363d3750a01db17bb032bf305c279a92
证书链 Timestamp Chain 1
发行给 GlobalSign
发行人 GlobalSign
有效期 Sun Mar 18 180000 2029
SHA1 哈希 d69b561148f01c77c54578c10926df5b856976ad
证书链 Timestamp Chain 2
发行给 GlobalSign Timestamping CA - SHA256 - G2
发行人 GlobalSign
有效期 Thu Mar 29 180000 2029
SHA1 哈希 91843bbd936d86eafa42a3afbf33e92831068f99
证书链 Timestamp Chain 3
发行给 GlobalSign TSA for Advanced - G2
发行人 GlobalSign Timestamping CA - SHA256 - G2
有效期 Thu Jun 24 080000 2027
SHA1 哈希 7d55d8e75a56a2fc738243f7b854875c5cb52a0d

PE 数据组成

名称 虚拟地址 虚拟大小 原始数据大小 特征 熵(Entropy)
.text 0x00001000 0x0000640f 0x00006600 IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 6.44
.rdata 0x00008000 0x000014b0 0x00001600 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 5.03
.data 0x0000a000 0x0002afd8 0x00000600 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 4.03
.ndata 0x00035000 0x00024000 0x00000000 IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 0.00
.rsrc 0x00059000 0x00022558 0x00022600 IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 6.18

导入

库: KERNEL32.dll:
0x408074 GetFileAttributesW
0x408078 GetFullPathNameW
0x40807c Sleep
0x408080 GetTickCount
0x408084 GetFileSize
0x408088 GetModuleFileNameW
0x40808c MoveFileW
0x408090 SetFileAttributesW
0x408094 GetCurrentProcess
0x408098 ExitProcess
0x4080a4 GetTempPathW
0x4080a8 GetCommandLineW
0x4080ac GetVersion
0x4080b0 SetErrorMode
0x4080b4 lstrlenW
0x4080b8 WaitForSingleObject
0x4080bc CopyFileW
0x4080c0 CompareFileTime
0x4080c4 GlobalLock
0x4080c8 CreateThread
0x4080cc GetLastError
0x4080d0 CreateDirectoryW
0x4080d4 CreateProcessW
0x4080d8 RemoveDirectoryW
0x4080dc lstrcmpiA
0x4080e0 CreateFileW
0x4080e4 GetTempFileNameW
0x4080e8 WriteFile
0x4080ec lstrcpyA
0x4080f0 lstrcpyW
0x4080f4 MoveFileExW
0x4080f8 lstrcatW
0x4080fc GetSystemDirectoryW
0x408100 GetProcAddress
0x408104 GetModuleHandleA
0x408108 GlobalFree
0x40810c GlobalAlloc
0x408110 GetShortPathNameW
0x408114 SearchPathW
0x408118 lstrcmpiW
0x40811c SetFileTime
0x408120 CloseHandle
0x408128 lstrcmpW
0x40812c GlobalUnlock
0x408130 lstrcpynW
0x408134 GetDiskFreeSpaceW
0x408138 GetExitCodeProcess
0x40813c FindFirstFileW
0x408140 FindNextFileW
0x408144 DeleteFileW
0x408148 SetFilePointer
0x40814c ReadFile
0x408150 FindClose
0x408154 MulDiv
0x408158 MultiByteToWideChar
0x40815c lstrlenA
0x408160 WideCharToMultiByte
0x40816c FreeLibrary
0x408170 LoadLibraryExW
0x408174 GetModuleHandleW
库: USER32.dll:
0x408198 GetSystemMenu
0x40819c SetClassLongW
0x4081a0 IsWindowEnabled
0x4081a4 EnableMenuItem
0x4081a8 SetWindowPos
0x4081ac GetSysColor
0x4081b0 GetWindowLongW
0x4081b4 SetCursor
0x4081b8 LoadCursorW
0x4081bc CheckDlgButton
0x4081c0 GetMessagePos
0x4081c4 LoadBitmapW
0x4081c8 CallWindowProcW
0x4081cc IsWindowVisible
0x4081d0 CloseClipboard
0x4081d4 SetClipboardData
0x4081d8 EmptyClipboard
0x4081dc OpenClipboard
0x4081e0 wsprintfW
0x4081e4 ScreenToClient
0x4081e8 GetWindowRect
0x4081ec GetSystemMetrics
0x4081f0 SetDlgItemTextW
0x4081f4 GetDlgItemTextW
0x4081f8 MessageBoxIndirectW
0x4081fc CharPrevW
0x408200 CharNextA
0x408204 wsprintfA
0x408208 DispatchMessageW
0x40820c PeekMessageW
0x408210 GetDC
0x408214 ReleaseDC
0x408218 EnableWindow
0x40821c InvalidateRect
0x408220 SendMessageW
0x408224 DefWindowProcW
0x408228 BeginPaint
0x40822c GetClientRect
0x408230 FillRect
0x408234 EndDialog
0x408238 RegisterClassW
0x408240 CreateWindowExW
0x408244 GetClassInfoW
0x408248 DialogBoxParamW
0x40824c CharNextW
0x408250 ExitWindowsEx
0x408254 DestroyWindow
0x408258 LoadImageW
0x40825c SetTimer
0x408260 SetWindowTextW
0x408264 PostQuitMessage
0x408268 ShowWindow
0x40826c GetDlgItem
0x408270 IsWindow
0x408274 SetWindowLongW
0x408278 FindWindowExW
0x40827c TrackPopupMenu
0x408280 AppendMenuW
0x408284 CreatePopupMenu
0x408288 DrawTextW
0x40828c EndPaint
0x408290 CreateDialogParamW
0x408294 SendMessageTimeoutW
0x408298 SetForegroundWindow
库: GDI32.dll:
0x40804c SelectObject
0x408050 SetBkMode
0x408054 CreateFontIndirectW
0x408058 SetTextColor
0x40805c DeleteObject
0x408060 GetDeviceCaps
0x408064 CreateBrushIndirect
0x408068 SetBkColor
库: SHELL32.dll:
0x408184 SHBrowseForFolderW
0x408188 SHGetFileInfoW
0x40818c ShellExecuteW
0x408190 SHFileOperationW
库: ADVAPI32.dll:
0x408000 RegDeleteKeyW
0x408004 SetFileSecurityW
0x408008 OpenProcessToken
0x408014 RegOpenKeyExW
0x408018 RegEnumValueW
0x40801c RegDeleteValueW
0x408020 RegCloseKey
0x408024 RegCreateKeyExW
0x408028 RegSetValueExW
0x40802c RegQueryValueExW
0x408030 RegEnumKeyW
库: COMCTL32.dll:
0x408038 ImageList_AddMasked
0x40803c None
0x408040 ImageList_Destroy
0x408044 ImageList_Create
库: ole32.dll:
0x4082a0 OleUninitialize
0x4082a4 OleInitialize
0x4082a8 CoTaskMemFree
0x4082ac CoCreateInstance
.text
`.rdata
@.data
.ndata
.rsrc
tWf="
u49-lOC
9-lOC
9-lOC
9-lOC
9-`OC
UXTHEME
USERENV
SETUPAPI
APPHELP
PROPSYS
DWMAPI
CRYPTBASE
OLEACC
CLBCATQ
RichEd32
RichEd20
MulDiv
DeleteFileW
FindFirstFileW
FindNextFileW
FindClose
SetFilePointer
ReadFile
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
GetPrivateProfileStringW
WritePrivateProfileStringW
FreeLibrary
LoadLibraryExW
GetModuleHandleW
GetExitCodeProcess
WaitForSingleObject
GlobalAlloc
GlobalFree
ExpandEnvironmentStringsW
lstrcmpW
lstrcmpiW
CloseHandle
SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
SetFileAttributesW
Sleep
GetTickCount
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
SetEnvironmentVariableW
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
GetVersion
SetErrorMode
lstrlenW
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
GetLastError
CreateDirectoryW
CreateProcessW
RemoveDirectoryW
lstrcmpiA
CreateFileW
GetTempFileNameW
WriteFile
lstrcpyA
lstrcpyW
MoveFileExW
lstrcatW
GetSystemDirectoryW
GetProcAddress
GetModuleHandleA
KERNEL32.dll
EndPaint
DrawTextW
FillRect
GetClientRect
BeginPaint
DefWindowProcW
SendMessageW
InvalidateRect
EnableWindow
ReleaseDC
GetDC
LoadImageW
SetWindowLongW
GetDlgItem
IsWindow
FindWindowExW
SendMessageTimeoutW
wsprintfW
ShowWindow
SetForegroundWindow
PostQuitMessage
SetWindowTextW
SetTimer
CreateDialogParamW
DestroyWindow
ExitWindowsEx
CharNextW
DialogBoxParamW
GetClassInfoW
CreateWindowExW
SystemParametersInfoW
RegisterClassW
EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongW
SetCursor
LoadCursorW
CheckDlgButton
GetMessagePos
LoadBitmapW
CallWindowProcW
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
AppendMenuW
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharPrevW
CharNextA
wsprintfA
DispatchMessageW
PeekMessageW
USER32.dll
SelectObject
SetTextColor
SetBkMode
CreateFontIndirectW
CreateBrushIndirect
DeleteObject
GetDeviceCaps
SetBkColor
GDI32.dll
SHFileOperationW
ShellExecuteW
SHGetFileInfoW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHELL32.dll
RegEnumValueW
RegEnumKeyW
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
SetFileSecurityW
ADVAPI32.dll
ImageList_Destroy
ImageList_AddMasked
ImageList_Create
COMCTL32.dll
CoCreateInstance
OleUninitialize
OleInitialize
CoTaskMemFree
ole32.dll
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
VERSION
SHGetFolderPathW
SHFOLDER
SHAutoComplete
SHLWAPI
SHELL32
InitiateShutdownW
RegDeleteKeyExW
ADVAPI32
GetUserDefaultUILanguage
GetDiskFreeSpaceExW
SetDefaultDllDirectories
KERNEL32
ryyyc___R***?
z___R
jaPK
RichEdit
RichEdit20W
.DEFAULT\Control Panel\International
Control Panel\Desktop\ResourceLocale
Software\Microsoft\Windows\CurrentVersion
\Microsoft\Internet Explorer\Quick Launch
verifying installer: %d%%
http://nsis.sf.net/NSIS_Error
Error launching installer
... %d%%
SeShutdownPrivilege
\Temp
NSIS Error
Error writing temporary file. Make sure your temp folder is valid.
%u.%u%s%s
*?|<>/":
%s%S.dll
防病毒引擎/厂商 病毒名/规则匹配 病毒库日期
Bkav 未发现病毒 20190913
MicroWorld-eScan 未发现病毒 20190916
FireEye 未发现病毒 20190916
CAT-QuickHeal 未发现病毒 20190915
McAfee 未发现病毒 20190916
Cylance 未发现病毒 20190916
Zillya 未发现病毒 20190913
SUPERAntiSpyware 未发现病毒 20190913
K7AntiVirus 未发现病毒 20190916
Alibaba 未发现病毒 20190527
K7GW 未发现病毒 20190912
Cybereason 未发现病毒 20190616
TrendMicro 未发现病毒 20190916
Baidu 未发现病毒 20190318
F-Prot 未发现病毒 20190916
Symantec 未发现病毒 20190915
TotalDefense 未发现病毒 20190916
APEX 未发现病毒 20190913
Avast 未发现病毒 20190916
ClamAV Win.Virus.Sality-6832034-0 20190915
GData 未发现病毒 20190916
Kaspersky 未发现病毒 20190916
BitDefender 未发现病毒 20190916
NANO-Antivirus 未发现病毒 20190916
Paloalto 未发现病毒 20190916
AegisLab 未发现病毒 20190916
Rising 未发现病毒 20190916
Endgame 未发现病毒 20190819
Emsisoft 未发现病毒 20190916
Comodo 未发现病毒 20190916
F-Secure 未发现病毒 20190915
DrWeb 未发现病毒 20190916
VIPRE 未发现病毒 20190916
Invincea 未发现病毒 20190904
McAfee-GW-Edition 未发现病毒 20190915
Trapmine 未发现病毒 20190826
CMC 未发现病毒 20190321
Sophos 未发现病毒 20190916
SentinelOne 未发现病毒 20190807
Cyren 未发现病毒 20190916
Jiangmin 未发现病毒 20190916
Webroot 未发现病毒 20190916
Avira 未发现病毒 20190915
MAX 未发现病毒 20190916
Antiy-AVL 未发现病毒 20190916
Kingsoft 未发现病毒 20190916
Arcabit 未发现病毒 20190916
ViRobot 未发现病毒 20190916
ZoneAlarm 未发现病毒 20190916
Avast-Mobile 未发现病毒 20190916
Microsoft 未发现病毒 20190916
AhnLab-V3 未发现病毒 20190916
Acronis 未发现病毒 20190904
VBA32 未发现病毒 20190913
TACHYON 未发现病毒 20190916
Ad-Aware 未发现病毒 20190916
Malwarebytes 未发现病毒 20190916
Zoner 未发现病毒 20190916
ESET-NOD32 未发现病毒 20190916
TrendMicro-HouseCall 未发现病毒 20190916
Tencent 未发现病毒 20190916
Yandex 未发现病毒 20190912
Ikarus 未发现病毒 20190915
eGambit 未发现病毒 20190916
Fortinet 未发现病毒 20190916
AVG 未发现病毒 20190916
Panda 未发现病毒 20190915
CrowdStrike 未发现病毒 20190702
Qihoo-360 未发现病毒 20190916

进程树

DTLiteInstaller.exe, PID: 2480, 上一级进程 PID: 2316
AppInstaller.exe, PID: 2560, 上一级进程 PID: 2480
services.exe, PID: 428, 上一级进程 PID: 332
mscorsvw.exe, PID: 2992, 上一级进程 PID: 428
mscorsvw.exe, PID: 2192, 上一级进程 PID: 428
下载PCAP包

访问主机纪录 (可点击查询WPING实时安全评级)

直接 IP 安全评级 地理位置
217.147.90.28 英国
23.32.241.51 美国

TCP

源地址 源端口 目标地址 目标端口
192.168.122.202 49164 217.147.90.28 secure.disc-soft.com 443

UDP

源地址 源端口 目标地址 目标端口
192.168.122.202 55264 192.168.122.1 53

域名解析 (可点击查询WPING实时安全评级)

域名 安全评级 响应
secure.disc-soft.com A 217.147.90.28

TCP

源地址 源端口 目标地址 目标端口
192.168.122.202 49164 217.147.90.28 secure.disc-soft.com 443

UDP

源地址 源端口 目标地址 目标端口
192.168.122.202 55264 192.168.122.1 53

HTTP 请求

未发现HTTP请求.

SMTP 流量

无SMTP流量.

IRC 流量

无IRC请求.

ICMP 流量

无ICMP流量.

CIF 报告

无 CIF 结果

网络警报

无警报

TLS

Timestamp Source IP Source Port Destination IP Destination Port Version Issuer Subject Fingerprint
2019-09-16 16:19:44.370998+0800 192.168.122.202 49164 217.147.90.28 443 TLSv1 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http://certs.godaddy.com/repository/, CN=Go Daddy Secure Certificate Authority - G2 OU=Domain Control Validated, CN=disc-soft.com a1:e9:8e:74:17:66:62:ed:b9:b4:39:bd:4e:18:a7:e7:99:73:65:8d

Suricata HTTP

No Suricata HTTP

未发现网络提取文件
抱歉! 没有任何文件投放。
没有发现相似的分析.
HTML 总结报告
(需15-60分钟同步)		 下载

Processing ( 37.588 seconds )

  • 16.423 Suricata
  • 11.777 NetworkAnalysis
  • 3.351 VirusTotal
  • 2.912 Static
  • 2.081 BehaviorAnalysis
  • 0.501 TargetInfo
  • 0.434 peid
  • 0.089 AnalysisInfo
  • 0.015 Strings
  • 0.003 Memory
  • 0.002 config_decoder

Signatures ( 1.029 seconds )

  • 0.131 antiav_detectreg
  • 0.108 api_spamming
  • 0.089 stealth_timeout
  • 0.083 stealth_decoy_document
  • 0.056 infostealer_ftp
  • 0.033 antiav_detectfile
  • 0.033 infostealer_im
  • 0.027 antianalysis_detectreg
  • 0.023 infostealer_bitcoin
  • 0.021 md_domain_bl
  • 0.019 antivm_generic_scsi
  • 0.019 infostealer_mail
  • 0.019 md_url_bl
  • 0.014 antivm_generic_services
  • 0.013 mimics_filetime
  • 0.013 antivm_generic_disk
  • 0.013 antivm_vbox_files
  • 0.011 bootkit
  • 0.011 anormaly_invoke_kills
  • 0.011 virus
  • 0.011 kovter_behavior
  • 0.01 antiemu_wine_func
  • 0.01 stealth_file
  • 0.01 infostealer_browser_password
  • 0.008 anomaly_persistence_autorun
  • 0.008 kibex_behavior
  • 0.008 shifu_behavior
  • 0.008 geodo_banking_trojan
  • 0.007 maldun_anomaly_massive_file_ops
  • 0.007 betabot_behavior
  • 0.007 hancitor_behavior
  • 0.007 antivm_xen_keys
  • 0.007 ransomware_extensions
  • 0.007 ransomware_files
  • 0.006 antivm_vbox_libs
  • 0.006 antivm_parallels_keys
  • 0.006 darkcomet_regkeys
  • 0.005 injection_createremotethread
  • 0.005 dyre_behavior
  • 0.005 antidbg_devices
  • 0.005 antivm_generic_diskreg
  • 0.004 network_tor
  • 0.004 rat_nanocore
  • 0.004 Locky_behavior
  • 0.004 encrypted_ioc
  • 0.004 disables_browser_warn
  • 0.004 network_torgateway
  • 0.004 rat_pcclient
  • 0.003 tinba_behavior
  • 0.003 hawkeye_behavior
  • 0.003 antiav_avast_libs
  • 0.003 infostealer_browser
  • 0.003 antisandbox_sunbelt_libs
  • 0.003 exec_crash
  • 0.003 injection_runpe
  • 0.003 recon_fingerprint
  • 0.002 maldun_malicious_write_executeable_under_temp_to_regrun
  • 0.002 dridex_behavior
  • 0.002 rat_luminosity
  • 0.002 kazybot_behavior
  • 0.002 antisandbox_sboxie_libs
  • 0.002 antiav_bitdefender_libs
  • 0.002 antidbg_windows
  • 0.002 cerber_behavior
  • 0.002 cryptowall_behavior
  • 0.002 bypass_firewall
  • 0.002 antisandbox_productid
  • 0.002 antivm_xen_keys
  • 0.002 antivm_hyperv_keys
  • 0.002 antivm_vbox_acpi
  • 0.002 antivm_vbox_keys
  • 0.002 antivm_vmware_files
  • 0.002 antivm_vmware_keys
  • 0.002 antivm_vpc_keys
  • 0.002 browser_security
  • 0.002 modify_proxy
  • 0.002 codelux_behavior
  • 0.002 maldun_anormaly_invoke_vb_vba
  • 0.002 md_bad_drop
  • 0.002 packer_armadillo_regkey
  • 0.001 antivm_vmware_libs
  • 0.001 injection_explorer
  • 0.001 sets_autoconfig_url
  • 0.001 ursnif_behavior
  • 0.001 ipc_namedpipe
  • 0.001 maldun_anomaly_write_exe_and_dll_under_winroot_run
  • 0.001 ispy_behavior
  • 0.001 securityxploded_modules
  • 0.001 sniffer_winpcap
  • 0.001 antianalysis_detectfile
  • 0.001 antivm_generic_bios
  • 0.001 antivm_generic_cpu
  • 0.001 antivm_generic_system
  • 0.001 antivm_vpc_files
  • 0.001 banker_cridex
  • 0.001 banker_zeus_mutex
  • 0.001 bot_drive
  • 0.001 bot_drive2
  • 0.001 browser_addon
  • 0.001 disables_system_restore
  • 0.001 disables_windows_defender
  • 0.001 maldun_malicious_drop_executable_file_to_temp_folder
  • 0.001 malicous_targeted_flame
  • 0.001 maldun_network_blacklist
  • 0.001 network_tor_service
  • 0.001 office_security
  • 0.001 rat_spynet
  • 0.001 recon_programs
  • 0.001 stealth_modify_uac_prompt

Reporting ( 1.725 seconds )

  • 1.705 ReportHTMLSummary
  • 0.02 Malheur
Task ID 373946
Mongo ID 5d7f463b2f8f2e3c6abb6240
Cuckoo release 1.4-Maldun