分析任务
| 分析类型 | 虚拟机标签 | 开始时间 | 结束时间 | 持续时间 |
|---|---|---|---|---|
| 文件 (Windows) | win7-sp1-x64-hpdapp01-4 | 2019-09-16 16:35:29 | 2019-09-16 16:40:15 | 286 秒 |
魔盾分数
5.25
可疑的
文件详细信息
| 文件名 | 未闻花名单板走砍.exe |
|---|---|
| 文件大小 | 2957312 字节 |
| 文件类型 | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 5390da9c03e3b67f20f035bf0c44264b |
| SHA1 | 78fbe1473656b0e535771c0bb00985e6f88fe9d3 |
| SHA256 | b5315cc23dd4cf7c548df963e72041ef457de47249e134920076dd4b60af4ba7 |
| SHA512 | ac444a2d8c09a2a50cd2d800e45e87d3fe3122c6ad7ffec0e136967589c2d90758f80bd9e99f676ee43479a9d5ece783faf72a500e417c7cef9107c07cd9ddef |
| CRC32 | 6C8BA8B1 |
| Ssdeep | 49152:u07t4NPHjpGPY4KrnOJVQlOL7PJUCf21FLeIX0R0Oh:57MPHjpahynOJVQBCf2aIXO |
| Yara | 登录查看Yara规则 |
| 样本下载 提交漏报 |
登录查看威胁特征
运行截图
访问主机纪录 (可点击查询WPING实时安全评级)
| 直接 | IP | 安全评级 | 地理位置 |
|---|---|---|---|
| 是 | 72.166.126.33 | 美国 |
域名解析 (可点击查询WPING实时安全评级)
无域名信息.
摘要
登录查看详细行为信息PE 信息
| 初始地址 | 0x00400000 |
|---|---|
| 入口地址 | 0x00497e6f |
| 声明校验值 | 0x00000000 |
| 实际校验值 | 0x002db848 |
| 最低操作系统版本要求 | 4.0 |
| 编译时间 | 2019-09-16 12:10:52 |
| 载入哈希 | 7a480eef8bcc8147a3133d0c78d3c2f9 |
版本信息
| LegalCopyright | |
|---|---|
| FileVersion | |
| CompanyName | |
| Comments | |
| ProductName | |
| ProductVersion | |
| FileDescription | |
| Translation |
PE 数据组成
| 名称 | 虚拟地址 | 虚拟大小 | 原始数据大小 | 特征 | 熵(Entropy) |
|---|---|---|---|---|---|
| .text | 0x00001000 | 0x000b88a6 | 0x000b9000 | IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ | 6.55 |
| .rdata | 0x000ba000 | 0x001ef77c | 0x001f0000 | IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ | 6.85 |
| .data | 0x002aa000 | 0x000583ea | 0x0001a000 | IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE | 5.50 |
| .rsrc | 0x00303000 | 0x0000d210 | 0x0000e000 | IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ | 5.91 |
导入
库: MSVFW32.dll:
• 0x4ba3fc DrawDibDraw
库: WINMM.dll:
• 0x4ba6b0 midiStreamOut
• 0x4ba6b4 midiStreamProperty
• 0x4ba6b8 midiStreamOpen
• 0x4ba6bc midiOutUnprepareHeader
• 0x4ba6c0 waveOutOpen
• 0x4ba6c4 waveOutGetNumDevs
• 0x4ba6c8 waveOutClose
• 0x4ba6cc waveOutReset
• 0x4ba6d0 waveOutPause
• 0x4ba6d4 midiOutPrepareHeader
• 0x4ba6d8 waveOutPrepareHeader
• 0x4ba6dc waveOutUnprepareHeader
• 0x4ba6e0 PlaySoundA
• 0x4ba6e4 midiStreamRestart
• 0x4ba6e8 midiStreamClose
• 0x4ba6ec midiOutReset
• 0x4ba6f0 midiStreamStop
• 0x4ba6f4 waveOutWrite
库: WS2_32.dll:
• 0x4ba70c accept
• 0x4ba710 getpeername
• 0x4ba714 recv
• 0x4ba718 ioctlsocket
• 0x4ba71c recvfrom
• 0x4ba720 WSAAsyncSelect
• 0x4ba724 closesocket
• 0x4ba728 WSACleanup
• 0x4ba72c inet_ntoa
库: KERNEL32.dll:
• 0x4ba1e0 FlushFileBuffers
• 0x4ba1e4 UnlockFile
• 0x4ba1e8 SetEndOfFile
• 0x4ba1ec lstrcmpiA
• 0x4ba1f0 GlobalDeleteAtom
• 0x4ba1f4 GlobalFindAtomA
• 0x4ba1f8 GlobalAddAtomA
• 0x4ba1fc GlobalGetAtomNameA
• 0x4ba200 lstrcmpA
• 0x4ba204 LocalAlloc
• 0x4ba208 TlsAlloc
• 0x4ba20c GlobalHandle
• 0x4ba210 TlsFree
• 0x4ba214 TlsSetValue
• 0x4ba218 LocalReAlloc
• 0x4ba21c TlsGetValue
• 0x4ba220 GetFileTime
• 0x4ba224 GetCurrentThread
• 0x4ba228 GlobalFlags
• 0x4ba22c SetErrorMode
• 0x4ba230 GetProcessVersion
• 0x4ba234 GetCPInfo
• 0x4ba238 GetOEMCP
• 0x4ba23c GetStartupInfoA
• 0x4ba240 RtlUnwind
• 0x4ba244 GetSystemTime
• 0x4ba248 GetLocalTime
• 0x4ba24c RaiseException
• 0x4ba250 HeapSize
• 0x4ba254 GetACP
• 0x4ba258 UnhandledExceptionFilter
• 0x4ba25c FreeEnvironmentStringsA
• 0x4ba260 FreeEnvironmentStringsW
• 0x4ba264 GetEnvironmentStrings
• 0x4ba268 GetEnvironmentStringsW
• 0x4ba26c SetHandleCount
• 0x4ba270 GetStdHandle
• 0x4ba274 GetFileType
• 0x4ba278 GetEnvironmentVariableA
• 0x4ba27c HeapDestroy
• 0x4ba280 HeapCreate
• 0x4ba284 VirtualFree
• 0x4ba288 SetEnvironmentVariableA
• 0x4ba28c LCMapStringA
• 0x4ba290 LCMapStringW
• 0x4ba294 VirtualAlloc
• 0x4ba298 IsBadWritePtr
• 0x4ba29c GetStringTypeA
• 0x4ba2a0 GetStringTypeW
• 0x4ba2a4 SetUnhandledExceptionFilter
• 0x4ba2a8 CompareStringA
• 0x4ba2ac CompareStringW
• 0x4ba2b0 IsBadReadPtr
• 0x4ba2b4 IsBadCodePtr
• 0x4ba2b8 SetStdHandle
• 0x4ba2bc DuplicateHandle
• 0x4ba2c0 lstrcpynA
• 0x4ba2c4 FileTimeToLocalFileTime
• 0x4ba2c8 FileTimeToSystemTime
• 0x4ba2cc LocalFree
• 0x4ba2d0 InterlockedDecrement
• 0x4ba2d4 InterlockedIncrement
• 0x4ba2d8 GetVersion
• 0x4ba2dc GetTimeZoneInformation
• 0x4ba2e0 SetLastError
• 0x4ba2e4 TerminateProcess
• 0x4ba2e8 GetFileSize
• 0x4ba2ec SetFilePointer
• 0x4ba2f0 WideCharToMultiByte
• 0x4ba2f4 MultiByteToWideChar
• 0x4ba2f8 GetCurrentProcess
• 0x4ba2fc GetWindowsDirectoryA
• 0x4ba300 GetSystemDirectoryA
• 0x4ba304 CreateSemaphoreA
• 0x4ba308 ResumeThread
• 0x4ba30c ReleaseSemaphore
• 0x4ba310 EnterCriticalSection
• 0x4ba314 LeaveCriticalSection
• 0x4ba318 GetProfileStringA
• 0x4ba31c WriteFile
• 0x4ba320 WaitForMultipleObjects
• 0x4ba324 CreateFileA
• 0x4ba328 SetEvent
• 0x4ba32c FindResourceA
• 0x4ba330 LoadResource
• 0x4ba334 LockResource
• 0x4ba338 ReadFile
• 0x4ba33c GetModuleFileNameA
• 0x4ba340 GetCurrentThreadId
• 0x4ba344 ExitProcess
• 0x4ba348 GlobalSize
• 0x4ba34c GlobalFree
• 0x4ba350 DeleteCriticalSection
• 0x4ba354 InitializeCriticalSection
• 0x4ba358 lstrcatA
• 0x4ba35c lstrlenA
• 0x4ba360 WinExec
• 0x4ba364 lstrcpyA
• 0x4ba368 FindNextFileA
• 0x4ba36c GlobalReAlloc
• 0x4ba370 HeapFree
• 0x4ba374 HeapReAlloc
• 0x4ba378 GetProcessHeap
• 0x4ba37c HeapAlloc
• 0x4ba380 GetFullPathNameA
• 0x4ba384 FreeLibrary
• 0x4ba388 LoadLibraryA
• 0x4ba38c GetLastError
• 0x4ba390 GetVersionExA
• 0x4ba394 WritePrivateProfileStringA
• 0x4ba398 GetPrivateProfileStringA
• 0x4ba39c CreateThread
• 0x4ba3a0 CreateEventA
• 0x4ba3a4 Sleep
• 0x4ba3a8 ExpandEnvironmentStringsA
• 0x4ba3ac GlobalAlloc
• 0x4ba3b0 GlobalLock
• 0x4ba3b4 GlobalUnlock
• 0x4ba3b8 GetTempPathA
• 0x4ba3bc FindFirstFileA
• 0x4ba3c0 FindClose
• 0x4ba3c4 GetFileAttributesA
• 0x4ba3c8 DeleteFileA
• 0x4ba3cc SetCurrentDirectoryA
• 0x4ba3d0 GetVolumeInformationA
• 0x4ba3d4 GetModuleHandleA
• 0x4ba3d8 GetProcAddress
• 0x4ba3dc MulDiv
• 0x4ba3e0 GetCommandLineA
• 0x4ba3e4 GetTickCount
• 0x4ba3e8 WaitForSingleObject
• 0x4ba3ec CloseHandle
• 0x4ba3f0 InterlockedExchange
• 0x4ba3f4 LockFile
库: USER32.dll:
• 0x4ba430 GetSysColorBrush
• 0x4ba434 LoadStringA
• 0x4ba438 GetMenuCheckMarkDimensions
• 0x4ba43c GetMenuState
• 0x4ba440 SetMenuItemBitmaps
• 0x4ba444 CheckMenuItem
• 0x4ba448 MoveWindow
• 0x4ba44c SetWindowTextA
• 0x4ba450 IsDialogMessageA
• 0x4ba454 ScrollWindowEx
• 0x4ba458 SendDlgItemMessageA
• 0x4ba45c MapWindowPoints
• 0x4ba460 AdjustWindowRectEx
• 0x4ba464 GetScrollPos
• 0x4ba468 RegisterClassA
• 0x4ba46c GetMenuItemCount
• 0x4ba470 GetMenuItemID
• 0x4ba474 SetWindowsHookExA
• 0x4ba478 CallNextHookEx
• 0x4ba47c GetClassLongA
• 0x4ba480 SetPropA
• 0x4ba484 UnhookWindowsHookEx
• 0x4ba488 GetPropA
• 0x4ba48c RemovePropA
• 0x4ba490 GetMessageTime
• 0x4ba494 GetLastActivePopup
• 0x4ba498 RegisterWindowMessageA
• 0x4ba49c GetWindowPlacement
• 0x4ba4a0 EndDialog
• 0x4ba4a4 CreateDialogIndirectParamA
• 0x4ba4a8 DestroyWindow
• 0x4ba4ac GrayStringA
• 0x4ba4b0 DrawTextA
• 0x4ba4b4 TabbedTextOutA
• 0x4ba4b8 EndPaint
• 0x4ba4bc BeginPaint
• 0x4ba4c0 GetWindowDC
• 0x4ba4c4 CharUpperA
• 0x4ba4c8 GetWindowTextLengthA
• 0x4ba4cc GetWindowTextA
• 0x4ba4d0 FindWindowExA
• 0x4ba4d4 GetDlgItem
• 0x4ba4d8 GetClassNameA
• 0x4ba4dc GetDesktopWindow
• 0x4ba4e0 UnregisterHotKey
• 0x4ba4e4 RegisterHotKey
• 0x4ba4e8 CreateWindowExA
• 0x4ba4ec CallWindowProcA
• 0x4ba4f0 GetForegroundWindow
• 0x4ba4f4 DrawStateA
• 0x4ba4f8 FrameRect
• 0x4ba4fc GetNextDlgTabItem
• 0x4ba500 LoadIconA
• 0x4ba504 TranslateMessage
• 0x4ba508 DrawFrameControl
• 0x4ba50c DrawEdge
• 0x4ba510 DrawFocusRect
• 0x4ba514 WindowFromPoint
• 0x4ba518 GetMessageA
• 0x4ba51c DispatchMessageA
• 0x4ba520 SetRectEmpty
• 0x4ba524 RegisterClipboardFormatA
• 0x4ba528 CreateIconFromResourceEx
• 0x4ba52c DrawIconEx
• 0x4ba530 CreatePopupMenu
• 0x4ba534 AppendMenuA
• 0x4ba538 ModifyMenuA
• 0x4ba53c CreateMenu
• 0x4ba540 CreateAcceleratorTableA
• 0x4ba544 GetDlgCtrlID
• 0x4ba548 GetSubMenu
• 0x4ba54c EnableMenuItem
• 0x4ba550 ClientToScreen
• 0x4ba554 EnumDisplaySettingsA
• 0x4ba558 LoadImageA
• 0x4ba55c SystemParametersInfoA
• 0x4ba560 ShowWindow
• 0x4ba564 IsWindowEnabled
• 0x4ba568 TranslateAcceleratorA
• 0x4ba56c GetKeyState
• 0x4ba570 CopyAcceleratorTableA
• 0x4ba574 PostQuitMessage
• 0x4ba578 IsZoomed
• 0x4ba57c GetClassInfoA
• 0x4ba580 DefWindowProcA
• 0x4ba584 GetSystemMenu
• 0x4ba588 DeleteMenu
• 0x4ba58c GetMenu
• 0x4ba590 SetMenu
• 0x4ba594 PeekMessageA
• 0x4ba598 IsIconic
• 0x4ba59c SetFocus
• 0x4ba5a0 GetActiveWindow
• 0x4ba5a4 GetWindow
• 0x4ba5a8 DestroyAcceleratorTable
• 0x4ba5ac SetWindowRgn
• 0x4ba5b0 GetMessagePos
• 0x4ba5b4 ScreenToClient
• 0x4ba5b8 ChildWindowFromPointEx
• 0x4ba5bc LoadBitmapA
• 0x4ba5c0 WinHelpA
• 0x4ba5c4 KillTimer
• 0x4ba5c8 SetTimer
• 0x4ba5cc ReleaseCapture
• 0x4ba5d0 GetCapture
• 0x4ba5d4 SetCapture
• 0x4ba5d8 GetScrollRange
• 0x4ba5dc SetScrollRange
• 0x4ba5e0 SetScrollPos
• 0x4ba5e4 SetRect
• 0x4ba5e8 InflateRect
• 0x4ba5ec IntersectRect
• 0x4ba5f0 DestroyIcon
• 0x4ba5f4 PtInRect
• 0x4ba5f8 OffsetRect
• 0x4ba5fc IsWindowVisible
• 0x4ba600 EnableWindow
• 0x4ba604 RedrawWindow
• 0x4ba608 GetWindowLongA
• 0x4ba60c SetWindowLongA
• 0x4ba610 GetSysColor
• 0x4ba614 SetActiveWindow
• 0x4ba618 SetCursorPos
• 0x4ba61c LoadCursorA
• 0x4ba620 SetCursor
• 0x4ba624 GetDC
• 0x4ba628 FillRect
• 0x4ba62c IsRectEmpty
• 0x4ba630 ReleaseDC
• 0x4ba634 IsChild
• 0x4ba638 DestroyMenu
• 0x4ba63c SetForegroundWindow
• 0x4ba640 GetWindowRect
• 0x4ba644 EqualRect
• 0x4ba648 UpdateWindow
• 0x4ba64c ValidateRect
• 0x4ba650 InvalidateRect
• 0x4ba654 GetClientRect
• 0x4ba658 GetFocus
• 0x4ba65c GetParent
• 0x4ba660 GetTopWindow
• 0x4ba664 PostMessageA
• 0x4ba668 IsWindow
• 0x4ba66c SetParent
• 0x4ba670 DestroyCursor
• 0x4ba674 SendMessageA
• 0x4ba678 SetWindowPos
• 0x4ba67c MessageBoxA
• 0x4ba680 GetCursorPos
• 0x4ba684 GetSystemMetrics
• 0x4ba688 EmptyClipboard
• 0x4ba68c SetClipboardData
• 0x4ba690 OpenClipboard
• 0x4ba694 GetClipboardData
• 0x4ba698 CloseClipboard
• 0x4ba69c wsprintfA
• 0x4ba6a0 CreateIconFromResource
• 0x4ba6a4 CopyRect
• 0x4ba6a8 UnregisterClassA
库: GDI32.dll:
• 0x4ba068 PatBlt
• 0x4ba06c CreatePen
• 0x4ba070 GetObjectA
• 0x4ba074 SelectObject
• 0x4ba078 CreatePatternBrush
• 0x4ba07c CreateBitmap
• 0x4ba080 CreateHatchBrush
• 0x4ba084 CreateBrushIndirect
• 0x4ba088 CreateDCA
• 0x4ba08c CreateCompatibleBitmap
• 0x4ba090 GetPolyFillMode
• 0x4ba094 TranslateCharsetInfo
• 0x4ba098 SaveDC
• 0x4ba09c RestoreDC
• 0x4ba0a0 SetPolyFillMode
• 0x4ba0a4 SetROP2
• 0x4ba0a8 SetMapMode
• 0x4ba0ac SetViewportOrgEx
• 0x4ba0b0 OffsetViewportOrgEx
• 0x4ba0b4 ScaleViewportExtEx
• 0x4ba0b8 SetWindowOrgEx
• 0x4ba0bc SetWindowExtEx
• 0x4ba0c0 ScaleWindowExtEx
• 0x4ba0c4 GetClipBox
• 0x4ba0c8 ExcludeClipRect
• 0x4ba0cc MoveToEx
• 0x4ba0d0 LineTo
• 0x4ba0d4 CombineRgn
• 0x4ba0d8 ExtSelectClipRgn
• 0x4ba0dc GetViewportExtEx
• 0x4ba0e0 PtVisible
• 0x4ba0e4 RectVisible
• 0x4ba0e8 ExtTextOutA
• 0x4ba0ec Escape
• 0x4ba0f0 GetTextMetricsA
• 0x4ba0f4 SetBkMode
• 0x4ba0f8 TextOutA
• 0x4ba0fc SetBkColor
• 0x4ba100 CreateRectRgnIndirect
• 0x4ba104 CreateDIBSection
• 0x4ba108 SetPixel
• 0x4ba10c ExtCreateRegion
• 0x4ba110 SetStretchBltMode
• 0x4ba114 GetClipRgn
• 0x4ba118 CreatePolygonRgn
• 0x4ba11c SelectClipRgn
• 0x4ba120 DeleteObject
• 0x4ba124 CreateDIBitmap
• 0x4ba128 GetSystemPaletteEntries
• 0x4ba12c CreatePalette
• 0x4ba130 StretchBlt
• 0x4ba134 SelectPalette
• 0x4ba138 RealizePalette
• 0x4ba13c GetDIBits
• 0x4ba140 GetWindowExtEx
• 0x4ba144 GetViewportOrgEx
• 0x4ba148 GetWindowOrgEx
• 0x4ba14c BeginPath
• 0x4ba150 EndPath
• 0x4ba154 CreateFontA
• 0x4ba158 GetPixel
• 0x4ba15c CreateCompatibleDC
• 0x4ba160 Ellipse
• 0x4ba164 Rectangle
• 0x4ba168 LPtoDP
• 0x4ba16c DPtoLP
• 0x4ba170 GetCurrentObject
• 0x4ba174 RoundRect
• 0x4ba178 SetDIBitsToDevice
• 0x4ba17c StretchDIBits
• 0x4ba180 CreateRectRgn
• 0x4ba184 FillRgn
• 0x4ba188 CreateSolidBrush
• 0x4ba18c GetStockObject
• 0x4ba190 CreateFontIndirectA
• 0x4ba194 EndPage
• 0x4ba198 EndDoc
• 0x4ba19c DeleteDC
• 0x4ba1a0 StartDocA
• 0x4ba1a4 StartPage
• 0x4ba1a8 GetTextExtentPoint32A
• 0x4ba1ac BitBlt
• 0x4ba1b0 SetViewportExtEx
• 0x4ba1b4 GetDeviceCaps
• 0x4ba1b8 PathToRegion
• 0x4ba1bc CreateEllipticRgn
• 0x4ba1c0 CreateRoundRectRgn
• 0x4ba1c4 GetTextColor
• 0x4ba1c8 GetBkMode
• 0x4ba1cc GetBkColor
• 0x4ba1d0 GetROP2
• 0x4ba1d4 GetStretchBltMode
• 0x4ba1d8 SetTextColor
库: comdlg32.dll:
• 0x4ba734 GetFileTitleA
• 0x4ba738 GetSaveFileNameA
• 0x4ba73c GetOpenFileNameA
• 0x4ba740 ChooseColorA
库: ADVAPI32.dll:
• 0x4ba000 RegCreateKeyExA
• 0x4ba004 RegQueryValueA
• 0x4ba008 RegSetValueExA
• 0x4ba00c RegOpenKeyExA
• 0x4ba010 RegQueryValueExA
• 0x4ba014 RegCloseKey
库: SHELL32.dll:
• 0x4ba414 Shell_NotifyIconA
• 0x4ba418 ShellExecuteA
• 0x4ba41c SHGetSpecialFolderPathA
• 0x4ba420 DragAcceptFiles
• 0x4ba424 DragFinish
• 0x4ba428 DragQueryFileA
库: COMCTL32.dll:
• 0x4ba028 ImageList_DragMove
• 0x4ba02c ImageList_DragLeave
• 0x4ba030 ImageList_DragEnter
• 0x4ba034 ImageList_Destroy
• 0x4ba038 ImageList_Create
• 0x4ba03c ImageList_BeginDrag
• 0x4ba040 ImageList_Add
• 0x4ba044 ImageList_DragShowNolock
• 0x4ba048 ImageList_SetBkColor
• 0x4ba04c ImageList_GetImageCount
• 0x4ba050 ImageList_EndDrag
• 0x4ba054 None
• 0x4ba058 ImageList_Read
• 0x4ba05c ImageList_Duplicate
• 0x4ba060 _TrackMouseEvent
.text
`.rdata
@.data
.rsrc
Pht8l
Pht8l
8`}<j
T$hVj
F<l4i
F<d4i
DRQPj
T$|Vj
F<l4i
F<P8i
T$th
|$TVj
F<l;i
|$LVj
F<l4i
|$`Vj
F<l4i
F<|>i
D$DQRPWj
F<<?i
DQRWj
|$`Vj
D$0`4i
F<l4i
|$|Vj
T$\Vj
F<l4i
|$tVj
F<l4i
D$@Sj
L$8h
jjjjh
访问主机纪录 (可点击查询WPING实时安全评级)
| 直接 | IP | 安全评级 | 地理位置 |
|---|---|---|---|
| 是 | 72.166.126.33 | 美国 |
TCP
无TCP连接纪录.
UDP
无UDP连接纪录.
域名解析 (可点击查询WPING实时安全评级)
无域名信息.
TCP
无TCP连接纪录.
UDP
无UDP连接纪录.
HTTP 请求
未发现HTTP请求.
SMTP 流量
无SMTP流量.
IRC 流量
无IRC请求.
ICMP 流量
无ICMP流量.
CIF 报告
无 CIF 结果
网络警报
无警报
TLS
No TLS
Suricata HTTP
No Suricata HTTP
未发现网络提取文件
抱歉! 没有任何文件投放。
没有发现相似的分析.
| HTML 总结报告 (需15-60分钟同步) |
下载 |
|---|
Processing ( 35.107 seconds )
- 15.413 Suricata
- 9.806 Static
- 4.647 BehaviorAnalysis
- 2.064 VirusTotal
- 1.656 NetworkAnalysis
- 0.84 TargetInfo
- 0.524 peid
- 0.13 AnalysisInfo
- 0.016 Strings
- 0.008 config_decoder
- 0.003 Memory
Signatures ( 0.999 seconds )
- 0.287 api_spamming
- 0.244 stealth_decoy_document
- 0.243 stealth_timeout
- 0.031 antiav_detectreg
- 0.021 md_url_bl
- 0.017 md_domain_bl
- 0.013 infostealer_ftp
- 0.008 antidbg_windows
- 0.008 antiav_detectfile
- 0.008 infostealer_im
- 0.007 anomaly_persistence_autorun
- 0.007 ransomware_files
- 0.006 antivm_vbox_libs
- 0.006 antianalysis_detectreg
- 0.006 ransomware_extensions
- 0.005 infostealer_bitcoin
- 0.005 infostealer_mail
- 0.004 antiemu_wine_func
- 0.004 infostealer_browser_password
- 0.004 kovter_behavior
- 0.003 tinba_behavior
- 0.003 exec_crash
- 0.003 antivm_vbox_files
- 0.003 geodo_banking_trojan
- 0.003 disables_browser_warn
- 0.002 rat_nanocore
- 0.002 antiav_avast_libs
- 0.002 betabot_behavior
- 0.002 antisandbox_sunbelt_libs
- 0.002 cerber_behavior
- 0.002 antivm_parallels_keys
- 0.002 browser_security
- 0.002 modify_proxy
- 0.002 md_bad_drop
- 0.001 network_tor
- 0.001 antivm_vmware_libs
- 0.001 maldun_anomaly_massive_file_ops
- 0.001 injection_createremotethread
- 0.001 antivm_generic_services
- 0.001 antivm_vbox_window
- 0.001 ursnif_behavior
- 0.001 antisandbox_sboxie_libs
- 0.001 antiav_bitdefender_libs
- 0.001 kibex_behavior
- 0.001 antivm_generic_scsi
- 0.001 shifu_behavior
- 0.001 antisandbox_script_timer
- 0.001 antianalysis_detectfile
- 0.001 antidbg_devices
- 0.001 antivm_generic_diskreg
- 0.001 antivm_xen_keys
- 0.001 banker_zeus_mutex
- 0.001 bot_drive
- 0.001 bot_drive2
- 0.001 browser_addon
- 0.001 disables_system_restore
- 0.001 disables_windows_defender
- 0.001 darkcomet_regkeys
- 0.001 maldun_malicious_drop_executable_file_to_temp_folder
- 0.001 mimics_extension
- 0.001 office_security
- 0.001 rat_pcclient
- 0.001 rat_spynet
- 0.001 recon_fingerprint
- 0.001 stealth_hide_notifications
- 0.001 stealth_modify_uac_prompt
Reporting ( 0.83 seconds )
- 0.827 ReportHTMLSummary
- 0.003 Malheur
| Task ID | 373964 |
|---|---|
| Mongo ID | 5d7f4ab02f8f2e3c65bb6714 |
| Cuckoo release | 1.4-Maldun |
沪公网安备 31011502009736号