魔盾安全分析报告

分析类型	开始时间	结束时间	持续时间	分析引擎版本
FILE	2020-01-18 14:27:24	2020-01-18 14:27:58	34 秒	1.4-Maldun

虚拟机机器名	标签	虚拟机管理	开机时间	关机时间
win7-sp1-x64-hpdapp01-1	win7-sp1-x64-hpdapp01-1	KVM	2020-01-18 14:27:28	2020-01-18 14:27:59

魔盾分数
0.05 正常的

文件名	install.py
文件大小	17032 字节
文件类型	Python script, ASCII text executable
CRC32	D272D72F
MD5	bd8ccaf8ef2f11ed352e90b4d993990f
SHA1	74254f54b1d4d9cc5e93b83355fb2639b6ca9d8b
SHA256	bbf40755dab4368a8e93df79743a5cc5df46dc5cfc20c6fb1312c0ab5b1cf8a7
SHA512	c3f0c80eb2bcf5992baeaa1573c7a85d2004124f6a15df2c9321dd5296ae7b9095f51c1eed9d37c8e166d1ceceb016e09887934fc0be34cd6a951988e57f010f
Ssdeep	192:I5Qa9iq5ju0ax8VKeGW7A9grX9DCs45L6sPCV1l6TCTHkfw3qLIA:IlViBOOW71j9msNskl6ERHA
PEiD	无匹配
Yara	with_urls (Detected the presence of an or several urls)
VirusTotal	无此文件扫描结果

互斥量(Mutexes) 无信息

执行的命令 无信息

创建的服务 无信息

启动的服务 无信息

访问的文件

C:\Users\test\AppData\Local\Temp\install.py
C:\Users\test\AppData\Local\Temp
C:\Users\test\AppData\Local\Temp\atexit
C:\Users\test\AppData\Local\Temp\atexit.pyd
C:\Users\test\AppData\Local\Temp\atexit.py
C:\Users\test\AppData\Local\Temp\atexit.pyw
C:\Users\test\AppData\Local\Temp\atexit.pyc
C:\Python27\DLLs\atexit
C:\Python27\DLLs\atexit.pyd
C:\Python27\DLLs\atexit.py
C:\Python27\DLLs\atexit.pyw
C:\Python27\DLLs\atexit.pyc
C:\Python27\Lib\atexit
C:\Python27\Lib\atexit.pyd
C:\Python27\Lib\atexit.py
C:\Python27\Lib\atexit.pyc
C:\Users\test\AppData\Local\Temp\shutil
C:\Users\test\AppData\Local\Temp\shutil.pyd
C:\Users\test\AppData\Local\Temp\shutil.py
C:\Users\test\AppData\Local\Temp\shutil.pyw
C:\Users\test\AppData\Local\Temp\shutil.pyc
C:\Python27\DLLs\shutil
C:\Python27\DLLs\shutil.pyd
C:\Python27\DLLs\shutil.py
C:\Python27\DLLs\shutil.pyw
C:\Python27\DLLs\shutil.pyc
C:\Python27\Lib\shutil
C:\Python27\Lib\shutil.pyd
C:\Python27\Lib\shutil.py
C:\Python27\Lib\shutil.pyc
C:\Users\test\AppData\Local\Temp\fnmatch
C:\Users\test\AppData\Local\Temp\fnmatch.pyd
C:\Users\test\AppData\Local\Temp\fnmatch.py
C:\Users\test\AppData\Local\Temp\fnmatch.pyw
C:\Users\test\AppData\Local\Temp\fnmatch.pyc
C:\Python27\DLLs\fnmatch
C:\Python27\DLLs\fnmatch.pyd
C:\Python27\DLLs\fnmatch.py
C:\Python27\DLLs\fnmatch.pyw
C:\Python27\DLLs\fnmatch.pyc
C:\Python27\Lib\fnmatch
C:\Python27\Lib\fnmatch.pyd
C:\Python27\Lib\fnmatch.py
C:\Python27\Lib\fnmatch.pyc
C:\Users\test\AppData\Local\Temp\collections
C:\Users\test\AppData\Local\Temp\collections.pyd
C:\Users\test\AppData\Local\Temp\collections.py
C:\Users\test\AppData\Local\Temp\collections.pyw
C:\Users\test\AppData\Local\Temp\collections.pyc
C:\Python27\DLLs\collections
C:\Python27\DLLs\collections.pyd
C:\Python27\DLLs\collections.py
C:\Python27\DLLs\collections.pyw
C:\Python27\DLLs\collections.pyc
C:\Python27\Lib\collections
C:\Python27\Lib\collections.pyd
C:\Python27\Lib\collections.py
C:\Python27\Lib\collections.pyc
C:\Users\test\AppData\Local\Temp\keyword
C:\Users\test\AppData\Local\Temp\keyword.pyd
C:\Users\test\AppData\Local\Temp\keyword.py
C:\Users\test\AppData\Local\Temp\keyword.pyw
C:\Users\test\AppData\Local\Temp\keyword.pyc
C:\Python27\DLLs\keyword
C:\Python27\DLLs\keyword.pyd
C:\Python27\DLLs\keyword.py
C:\Python27\DLLs\keyword.pyw
C:\Python27\DLLs\keyword.pyc
C:\Python27\Lib\keyword
C:\Python27\Lib\keyword.pyd
C:\Python27\Lib\keyword.py
C:\Python27\Lib\keyword.pyc
C:\Users\test\AppData\Local\Temp\heapq
C:\Users\test\AppData\Local\Temp\heapq.pyd
C:\Users\test\AppData\Local\Temp\heapq.py
C:\Users\test\AppData\Local\Temp\heapq.pyw
C:\Users\test\AppData\Local\Temp\heapq.pyc
C:\Python27\DLLs\heapq
C:\Python27\DLLs\heapq.pyd
C:\Python27\DLLs\heapq.py
C:\Python27\DLLs\heapq.pyw
C:\Python27\DLLs\heapq.pyc
C:\Python27\Lib\heapq
C:\Python27\Lib\heapq.pyd
C:\Python27\Lib\heapq.py
C:\Python27\Lib\heapq.pyc
C:\Users\test\AppData\Local\Temp\pwd
C:\Users\test\AppData\Local\Temp\pwd.pyd
C:\Users\test\AppData\Local\Temp\pwd.py
C:\Users\test\AppData\Local\Temp\pwd.pyw
C:\Users\test\AppData\Local\Temp\pwd.pyc
C:\Python27\DLLs\pwd
C:\Python27\DLLs\pwd.pyd
C:\Python27\DLLs\pwd.py
C:\Python27\DLLs\pwd.pyw
C:\Python27\DLLs\pwd.pyc
C:\Python27\Lib\pwd
C:\Python27\Lib\pwd.pyd
C:\Python27\Lib\pwd.py
C:\Python27\Lib\pwd.pyw
C:\Python27\Lib\pwd.pyc
C:\Python27\Lib\lib-tk\pwd
C:\Python27\Lib\lib-tk\pwd.pyd
C:\Python27\Lib\lib-tk\pwd.py
C:\Python27\Lib\lib-tk\pwd.pyw
C:\Python27\Lib\lib-tk\pwd.pyc
C:\Python27\pwd
C:\Python27\pwd.pyd
C:\Python27\pwd.py
C:\Python27\pwd.pyw
C:\Python27\pwd.pyc
C:\Python27\Lib\site-packages\pwd
C:\Python27\Lib\site-packages\pwd.pyd
C:\Python27\Lib\site-packages\pwd.py
C:\Python27\Lib\site-packages\pwd.pyw
C:\Python27\Lib\site-packages\pwd.pyc
C:\Python27\Lib\site-packages\PIL\pwd
C:\Python27\Lib\site-packages\PIL\pwd.pyd
C:\Python27\Lib\site-packages\PIL\pwd.py
C:\Python27\Lib\site-packages\PIL\pwd.pyw
C:\Python27\Lib\site-packages\PIL\pwd.pyc
C:\Users\test\AppData\Local\Temp\grp
C:\Users\test\AppData\Local\Temp\grp.pyd
C:\Users\test\AppData\Local\Temp\grp.py
C:\Users\test\AppData\Local\Temp\grp.pyw
C:\Users\test\AppData\Local\Temp\grp.pyc
C:\Python27\DLLs\grp
C:\Python27\DLLs\grp.pyd
C:\Python27\DLLs\grp.py
C:\Python27\DLLs\grp.pyw
C:\Python27\DLLs\grp.pyc
C:\Python27\Lib\grp
C:\Python27\Lib\grp.pyd
C:\Python27\Lib\grp.py
C:\Python27\Lib\grp.pyw
C:\Python27\Lib\grp.pyc
C:\Python27\Lib\lib-tk\grp
C:\Python27\Lib\lib-tk\grp.pyd
C:\Python27\Lib\lib-tk\grp.py
C:\Python27\Lib\lib-tk\grp.pyw
C:\Python27\Lib\lib-tk\grp.pyc
C:\Python27\grp
C:\Python27\grp.pyd
C:\Python27\grp.py
C:\Python27\grp.pyw
C:\Python27\grp.pyc
C:\Python27\Lib\site-packages\grp
C:\Python27\Lib\site-packages\grp.pyd
C:\Python27\Lib\site-packages\grp.py
C:\Python27\Lib\site-packages\grp.pyw
C:\Python27\Lib\site-packages\grp.pyc
C:\Python27\Lib\site-packages\PIL\grp
C:\Python27\Lib\site-packages\PIL\grp.pyd
C:\Python27\Lib\site-packages\PIL\grp.py
C:\Python27\Lib\site-packages\PIL\grp.pyw
C:\Python27\Lib\site-packages\PIL\grp.pyc
C:\Users\test\AppData\Local\Temp\tarfile
C:\Users\test\AppData\Local\Temp\tarfile.pyd
C:\Users\test\AppData\Local\Temp\tarfile.py
C:\Users\test\AppData\Local\Temp\tarfile.pyw
C:\Users\test\AppData\Local\Temp\tarfile.pyc
C:\Python27\DLLs\tarfile
C:\Python27\DLLs\tarfile.pyd
C:\Python27\DLLs\tarfile.py
C:\Python27\DLLs\tarfile.pyw
C:\Python27\DLLs\tarfile.pyc
C:\Python27\Lib\tarfile
C:\Python27\Lib\tarfile.pyd
C:\Python27\Lib\tarfile.py
C:\Python27\Lib\tarfile.pyc
C:\Users\test\AppData\Local\Temp\struct
C:\Users\test\AppData\Local\Temp\struct.pyd
C:\Users\test\AppData\Local\Temp\struct.py
C:\Users\test\AppData\Local\Temp\struct.pyw
C:\Users\test\AppData\Local\Temp\struct.pyc
C:\Python27\DLLs\struct
C:\Python27\DLLs\struct.pyd
C:\Python27\DLLs\struct.py
C:\Python27\DLLs\struct.pyw
C:\Python27\DLLs\struct.pyc
C:\Python27\Lib\struct
C:\Python27\Lib\struct.pyd
C:\Python27\Lib\struct.py
C:\Python27\Lib\struct.pyc
C:\Users\test\AppData\Local\Temp\copy
C:\Users\test\AppData\Local\Temp\copy.pyd
C:\Users\test\AppData\Local\Temp\copy.py
C:\Users\test\AppData\Local\Temp\copy.pyw
C:\Users\test\AppData\Local\Temp\copy.pyc
C:\Python27\DLLs\copy
C:\Python27\DLLs\copy.pyd
C:\Python27\DLLs\copy.py
C:\Python27\DLLs\copy.pyw
C:\Python27\DLLs\copy.pyc
C:\Python27\Lib\copy
C:\Python27\Lib\copy.pyd
C:\Python27\Lib\copy.py
C:\Python27\Lib\copy.pyc
C:\Users\test\AppData\Local\Temp\weakref
C:\Users\test\AppData\Local\Temp\weakref.pyd
C:\Users\test\AppData\Local\Temp\weakref.py
C:\Users\test\AppData\Local\Temp\weakref.pyw
C:\Users\test\AppData\Local\Temp\weakref.pyc
C:\Python27\DLLs\weakref
C:\Python27\DLLs\weakref.pyd
C:\Python27\DLLs\weakref.py
C:\Python27\DLLs\weakref.pyw
C:\Python27\DLLs\weakref.pyc
C:\Python27\Lib\weakref
C:\Python27\Lib\weakref.pyd
C:\Python27\Lib\weakref.py
C:\Python27\Lib\weakref.pyc
C:\Users\test\AppData\Local\Temp\org
C:\Users\test\AppData\Local\Temp\org.pyd
C:\Users\test\AppData\Local\Temp\org.py
C:\Users\test\AppData\Local\Temp\org.pyw
C:\Users\test\AppData\Local\Temp\org.pyc
C:\Python27\DLLs\org
C:\Python27\DLLs\org.pyd
C:\Python27\DLLs\org.py
C:\Python27\DLLs\org.pyw
C:\Python27\DLLs\org.pyc
C:\Python27\Lib\org
C:\Python27\Lib\org.pyd
C:\Python27\Lib\org.py
C:\Python27\Lib\org.pyw
C:\Python27\Lib\org.pyc
C:\Python27\Lib\lib-tk\org
C:\Python27\Lib\lib-tk\org.pyd
C:\Python27\Lib\lib-tk\org.py
C:\Python27\Lib\lib-tk\org.pyw
C:\Python27\Lib\lib-tk\org.pyc
C:\Python27\org
C:\Python27\org.pyd
C:\Python27\org.py
C:\Python27\org.pyw
C:\Python27\org.pyc
C:\Python27\Lib\site-packages\org
C:\Python27\Lib\site-packages\org.pyd
C:\Python27\Lib\site-packages\org.py
C:\Python27\Lib\site-packages\org.pyw
C:\Python27\Lib\site-packages\org.pyc
C:\Python27\Lib\site-packages\PIL\org
C:\Python27\Lib\site-packages\PIL\org.pyd
C:\Python27\Lib\site-packages\PIL\org.py
C:\Python27\Lib\site-packages\PIL\org.pyw
C:\Python27\Lib\site-packages\PIL\org.pyc
C:\Users\test\AppData\Local\Temp\subprocess
C:\Users\test\AppData\Local\Temp\subprocess.pyd
C:\Users\test\AppData\Local\Temp\subprocess.py
C:\Users\test\AppData\Local\Temp\subprocess.pyw
C:\Users\test\AppData\Local\Temp\subprocess.pyc
C:\Python27\DLLs\subprocess
C:\Python27\DLLs\subprocess.pyd
C:\Python27\DLLs\subprocess.py
C:\Python27\DLLs\subprocess.pyw
C:\Python27\DLLs\subprocess.pyc
C:\Python27\Lib\subprocess
C:\Python27\Lib\subprocess.pyd
C:\Python27\Lib\subprocess.py
C:\Python27\Lib\subprocess.pyc
C:\Users\test\AppData\Local\Temp\threading
C:\Users\test\AppData\Local\Temp\threading.pyd
C:\Users\test\AppData\Local\Temp\threading.py
C:\Users\test\AppData\Local\Temp\threading.pyw
C:\Users\test\AppData\Local\Temp\threading.pyc
C:\Python27\DLLs\threading
C:\Python27\DLLs\threading.pyd
C:\Python27\DLLs\threading.py
C:\Python27\DLLs\threading.pyw
C:\Python27\DLLs\threading.pyc
C:\Python27\Lib\threading
C:\Python27\Lib\threading.pyd
C:\Python27\Lib\threading.py
C:\Python27\Lib\threading.pyc
C:\Users\test\AppData\Local\Temp\ntfsea
C:\Users\test\AppData\Local\Temp\ntfsea.pyd
C:\Users\test\AppData\Local\Temp\ntfsea.py
C:\Users\test\AppData\Local\Temp\ntfsea.pyw
C:\Users\test\AppData\Local\Temp\ntfsea.pyc
C:\Python27\DLLs\ntfsea
C:\Python27\DLLs\ntfsea.pyd
C:\Python27\DLLs\ntfsea.py
C:\Python27\DLLs\ntfsea.pyw
C:\Python27\DLLs\ntfsea.pyc
C:\Python27\Lib\ntfsea
C:\Python27\Lib\ntfsea.pyd
C:\Python27\Lib\ntfsea.py
C:\Python27\Lib\ntfsea.pyw
C:\Python27\Lib\ntfsea.pyc
C:\Python27\Lib\lib-tk\ntfsea
C:\Python27\Lib\lib-tk\ntfsea.pyd
C:\Python27\Lib\lib-tk\ntfsea.py
C:\Python27\Lib\lib-tk\ntfsea.pyw
C:\Python27\Lib\lib-tk\ntfsea.pyc
C:\Python27\ntfsea
C:\Python27\ntfsea.pyd
C:\Python27\ntfsea.py
C:\Python27\ntfsea.pyw
C:\Python27\ntfsea.pyc
C:\Python27\Lib\site-packages\ntfsea
C:\Python27\Lib\site-packages\ntfsea.pyd
C:\Python27\Lib\site-packages\ntfsea.py
C:\Python27\Lib\site-packages\ntfsea.pyw
C:\Python27\Lib\site-packages\ntfsea.pyc
C:\Python27\Lib\site-packages\PIL\ntfsea
C:\Python27\Lib\site-packages\PIL\ntfsea.pyd
C:\Python27\Lib\site-packages\PIL\ntfsea.py
C:\Python27\Lib\site-packages\PIL\ntfsea.pyw
C:\Python27\Lib\site-packages\PIL\ntfsea.pyc

读取的文件

C:\Users\test\AppData\Local\Temp\install.py
C:\Users\test\AppData\Local\Temp\atexit.pyd
C:\Users\test\AppData\Local\Temp\atexit.py
C:\Users\test\AppData\Local\Temp\atexit.pyw
C:\Users\test\AppData\Local\Temp\atexit.pyc
C:\Python27\DLLs\atexit.pyd
C:\Python27\DLLs\atexit.py
C:\Python27\DLLs\atexit.pyw
C:\Python27\DLLs\atexit.pyc
C:\Python27\Lib\atexit.pyd
C:\Python27\Lib\atexit.py
C:\Python27\Lib\atexit.pyc
C:\Users\test\AppData\Local\Temp\shutil.pyd
C:\Users\test\AppData\Local\Temp\shutil.py
C:\Users\test\AppData\Local\Temp\shutil.pyw
C:\Users\test\AppData\Local\Temp\shutil.pyc
C:\Python27\DLLs\shutil.pyd
C:\Python27\DLLs\shutil.py
C:\Python27\DLLs\shutil.pyw
C:\Python27\DLLs\shutil.pyc
C:\Python27\Lib\shutil.pyd
C:\Python27\Lib\shutil.py
C:\Python27\Lib\shutil.pyc
C:\Users\test\AppData\Local\Temp\fnmatch.pyd
C:\Users\test\AppData\Local\Temp\fnmatch.py
C:\Users\test\AppData\Local\Temp\fnmatch.pyw
C:\Users\test\AppData\Local\Temp\fnmatch.pyc
C:\Python27\DLLs\fnmatch.pyd
C:\Python27\DLLs\fnmatch.py
C:\Python27\DLLs\fnmatch.pyw
C:\Python27\DLLs\fnmatch.pyc
C:\Python27\Lib\fnmatch.pyd
C:\Python27\Lib\fnmatch.py
C:\Python27\Lib\fnmatch.pyc
C:\Users\test\AppData\Local\Temp\collections.pyd
C:\Users\test\AppData\Local\Temp\collections.py
C:\Users\test\AppData\Local\Temp\collections.pyw
C:\Users\test\AppData\Local\Temp\collections.pyc
C:\Python27\DLLs\collections.pyd
C:\Python27\DLLs\collections.py
C:\Python27\DLLs\collections.pyw
C:\Python27\DLLs\collections.pyc
C:\Python27\Lib\collections.pyd
C:\Python27\Lib\collections.py
C:\Python27\Lib\collections.pyc
C:\Users\test\AppData\Local\Temp\keyword.pyd
C:\Users\test\AppData\Local\Temp\keyword.py
C:\Users\test\AppData\Local\Temp\keyword.pyw
C:\Users\test\AppData\Local\Temp\keyword.pyc
C:\Python27\DLLs\keyword.pyd
C:\Python27\DLLs\keyword.py
C:\Python27\DLLs\keyword.pyw
C:\Python27\DLLs\keyword.pyc
C:\Python27\Lib\keyword.pyd
C:\Python27\Lib\keyword.py
C:\Python27\Lib\keyword.pyc
C:\Users\test\AppData\Local\Temp\heapq.pyd
C:\Users\test\AppData\Local\Temp\heapq.py
C:\Users\test\AppData\Local\Temp\heapq.pyw
C:\Users\test\AppData\Local\Temp\heapq.pyc
C:\Python27\DLLs\heapq.pyd
C:\Python27\DLLs\heapq.py
C:\Python27\DLLs\heapq.pyw
C:\Python27\DLLs\heapq.pyc
C:\Python27\Lib\heapq.pyd
C:\Python27\Lib\heapq.py
C:\Python27\Lib\heapq.pyc
C:\Users\test\AppData\Local\Temp\pwd.pyd
C:\Users\test\AppData\Local\Temp\pwd.py
C:\Users\test\AppData\Local\Temp\pwd.pyw
C:\Users\test\AppData\Local\Temp\pwd.pyc
C:\Python27\DLLs\pwd.pyd
C:\Python27\DLLs\pwd.py
C:\Python27\DLLs\pwd.pyw
C:\Python27\DLLs\pwd.pyc
C:\Python27\Lib\pwd.pyd
C:\Python27\Lib\pwd.py
C:\Python27\Lib\pwd.pyw
C:\Python27\Lib\pwd.pyc
C:\Python27\Lib\lib-tk\pwd.pyd
C:\Python27\Lib\lib-tk\pwd.py
C:\Python27\Lib\lib-tk\pwd.pyw
C:\Python27\Lib\lib-tk\pwd.pyc
C:\Python27\pwd.pyd
C:\Python27\pwd.py
C:\Python27\pwd.pyw
C:\Python27\pwd.pyc
C:\Python27\Lib\site-packages\pwd.pyd
C:\Python27\Lib\site-packages\pwd.py
C:\Python27\Lib\site-packages\pwd.pyw
C:\Python27\Lib\site-packages\pwd.pyc
C:\Python27\Lib\site-packages\PIL\pwd.pyd
C:\Python27\Lib\site-packages\PIL\pwd.py
C:\Python27\Lib\site-packages\PIL\pwd.pyw
C:\Python27\Lib\site-packages\PIL\pwd.pyc
C:\Users\test\AppData\Local\Temp\grp.pyd
C:\Users\test\AppData\Local\Temp\grp.py
C:\Users\test\AppData\Local\Temp\grp.pyw
C:\Users\test\AppData\Local\Temp\grp.pyc
C:\Python27\DLLs\grp.pyd
C:\Python27\DLLs\grp.py
C:\Python27\DLLs\grp.pyw
C:\Python27\DLLs\grp.pyc
C:\Python27\Lib\grp.pyd
C:\Python27\Lib\grp.py
C:\Python27\Lib\grp.pyw
C:\Python27\Lib\grp.pyc
C:\Python27\Lib\lib-tk\grp.pyd
C:\Python27\Lib\lib-tk\grp.py
C:\Python27\Lib\lib-tk\grp.pyw
C:\Python27\Lib\lib-tk\grp.pyc
C:\Python27\grp.pyd
C:\Python27\grp.py
C:\Python27\grp.pyw
C:\Python27\grp.pyc
C:\Python27\Lib\site-packages\grp.pyd
C:\Python27\Lib\site-packages\grp.py
C:\Python27\Lib\site-packages\grp.pyw
C:\Python27\Lib\site-packages\grp.pyc
C:\Python27\Lib\site-packages\PIL\grp.pyd
C:\Python27\Lib\site-packages\PIL\grp.py
C:\Python27\Lib\site-packages\PIL\grp.pyw
C:\Python27\Lib\site-packages\PIL\grp.pyc
C:\Users\test\AppData\Local\Temp\tarfile.pyd
C:\Users\test\AppData\Local\Temp\tarfile.py
C:\Users\test\AppData\Local\Temp\tarfile.pyw
C:\Users\test\AppData\Local\Temp\tarfile.pyc
C:\Python27\DLLs\tarfile.pyd
C:\Python27\DLLs\tarfile.py
C:\Python27\DLLs\tarfile.pyw
C:\Python27\DLLs\tarfile.pyc
C:\Python27\Lib\tarfile.pyd
C:\Python27\Lib\tarfile.py
C:\Python27\Lib\tarfile.pyc
C:\Users\test\AppData\Local\Temp\struct.pyd
C:\Users\test\AppData\Local\Temp\struct.py
C:\Users\test\AppData\Local\Temp\struct.pyw
C:\Users\test\AppData\Local\Temp\struct.pyc
C:\Python27\DLLs\struct.pyd
C:\Python27\DLLs\struct.py
C:\Python27\DLLs\struct.pyw
C:\Python27\DLLs\struct.pyc
C:\Python27\Lib\struct.pyd
C:\Python27\Lib\struct.py
C:\Python27\Lib\struct.pyc
C:\Users\test\AppData\Local\Temp\copy.pyd
C:\Users\test\AppData\Local\Temp\copy.py
C:\Users\test\AppData\Local\Temp\copy.pyw
C:\Users\test\AppData\Local\Temp\copy.pyc
C:\Python27\DLLs\copy.pyd
C:\Python27\DLLs\copy.py
C:\Python27\DLLs\copy.pyw
C:\Python27\DLLs\copy.pyc
C:\Python27\Lib\copy.pyd
C:\Python27\Lib\copy.py
C:\Python27\Lib\copy.pyc
C:\Users\test\AppData\Local\Temp\weakref.pyd
C:\Users\test\AppData\Local\Temp\weakref.py
C:\Users\test\AppData\Local\Temp\weakref.pyw
C:\Users\test\AppData\Local\Temp\weakref.pyc
C:\Python27\DLLs\weakref.pyd
C:\Python27\DLLs\weakref.py
C:\Python27\DLLs\weakref.pyw
C:\Python27\DLLs\weakref.pyc
C:\Python27\Lib\weakref.pyd
C:\Python27\Lib\weakref.py
C:\Python27\Lib\weakref.pyc
C:\Users\test\AppData\Local\Temp\org.pyd
C:\Users\test\AppData\Local\Temp\org.py
C:\Users\test\AppData\Local\Temp\org.pyw
C:\Users\test\AppData\Local\Temp\org.pyc
C:\Python27\DLLs\org.pyd
C:\Python27\DLLs\org.py
C:\Python27\DLLs\org.pyw
C:\Python27\DLLs\org.pyc
C:\Python27\Lib\org.pyd
C:\Python27\Lib\org.py
C:\Python27\Lib\org.pyw
C:\Python27\Lib\org.pyc
C:\Python27\Lib\lib-tk\org.pyd
C:\Python27\Lib\lib-tk\org.py
C:\Python27\Lib\lib-tk\org.pyw
C:\Python27\Lib\lib-tk\org.pyc
C:\Python27\org.pyd
C:\Python27\org.py
C:\Python27\org.pyw
C:\Python27\org.pyc
C:\Python27\Lib\site-packages\org.pyd
C:\Python27\Lib\site-packages\org.py
C:\Python27\Lib\site-packages\org.pyw
C:\Python27\Lib\site-packages\org.pyc
C:\Python27\Lib\site-packages\PIL\org.pyd
C:\Python27\Lib\site-packages\PIL\org.py
C:\Python27\Lib\site-packages\PIL\org.pyw
C:\Python27\Lib\site-packages\PIL\org.pyc
C:\Users\test\AppData\Local\Temp\subprocess.pyd
C:\Users\test\AppData\Local\Temp\subprocess.py
C:\Users\test\AppData\Local\Temp\subprocess.pyw
C:\Users\test\AppData\Local\Temp\subprocess.pyc
C:\Python27\DLLs\subprocess.pyd
C:\Python27\DLLs\subprocess.py
C:\Python27\DLLs\subprocess.pyw
C:\Python27\DLLs\subprocess.pyc
C:\Python27\Lib\subprocess.pyd
C:\Python27\Lib\subprocess.py
C:\Python27\Lib\subprocess.pyc
C:\Users\test\AppData\Local\Temp\threading.pyd
C:\Users\test\AppData\Local\Temp\threading.py
C:\Users\test\AppData\Local\Temp\threading.pyw
C:\Users\test\AppData\Local\Temp\threading.pyc
C:\Python27\DLLs\threading.pyd
C:\Python27\DLLs\threading.py
C:\Python27\DLLs\threading.pyw
C:\Python27\DLLs\threading.pyc
C:\Python27\Lib\threading.pyd
C:\Python27\Lib\threading.py
C:\Python27\Lib\threading.pyc
C:\Users\test\AppData\Local\Temp\ntfsea.pyd
C:\Users\test\AppData\Local\Temp\ntfsea.py
C:\Users\test\AppData\Local\Temp\ntfsea.pyw
C:\Users\test\AppData\Local\Temp\ntfsea.pyc
C:\Python27\DLLs\ntfsea.pyd
C:\Python27\DLLs\ntfsea.py
C:\Python27\DLLs\ntfsea.pyw
C:\Python27\DLLs\ntfsea.pyc
C:\Python27\Lib\ntfsea.pyd
C:\Python27\Lib\ntfsea.py
C:\Python27\Lib\ntfsea.pyw
C:\Python27\Lib\ntfsea.pyc
C:\Python27\Lib\lib-tk\ntfsea.pyd
C:\Python27\Lib\lib-tk\ntfsea.py
C:\Python27\Lib\lib-tk\ntfsea.pyw
C:\Python27\Lib\lib-tk\ntfsea.pyc
C:\Python27\ntfsea.pyd
C:\Python27\ntfsea.py
C:\Python27\ntfsea.pyw
C:\Python27\ntfsea.pyc
C:\Python27\Lib\site-packages\ntfsea.pyd
C:\Python27\Lib\site-packages\ntfsea.py
C:\Python27\Lib\site-packages\ntfsea.pyw
C:\Python27\Lib\site-packages\ntfsea.pyc
C:\Python27\Lib\site-packages\PIL\ntfsea.pyd
C:\Python27\Lib\site-packages\PIL\ntfsea.py
C:\Python27\Lib\site-packages\PIL\ntfsea.pyw
C:\Python27\Lib\site-packages\PIL\ntfsea.pyc

修改的文件 无信息

删除的文件 无信息

注册表键

HKEY_CURRENT_USER\Software\Python\PythonCore\2.7\Modules\atexit
HKEY_LOCAL_MACHINE\Software\Python\PythonCore\2.7\Modules\atexit
HKEY_CURRENT_USER\Software\Python\PythonCore\2.7\Modules\shutil
HKEY_LOCAL_MACHINE\Software\Python\PythonCore\2.7\Modules\shutil
HKEY_CURRENT_USER\Software\Python\PythonCore\2.7\Modules\fnmatch
HKEY_LOCAL_MACHINE\Software\Python\PythonCore\2.7\Modules\fnmatch
HKEY_CURRENT_USER\Software\Python\PythonCore\2.7\Modules\collections
HKEY_LOCAL_MACHINE\Software\Python\PythonCore\2.7\Modules\collections
HKEY_CURRENT_USER\Software\Python\PythonCore\2.7\Modules\keyword
HKEY_LOCAL_MACHINE\Software\Python\PythonCore\2.7\Modules\keyword
HKEY_CURRENT_USER\Software\Python\PythonCore\2.7\Modules\heapq
HKEY_LOCAL_MACHINE\Software\Python\PythonCore\2.7\Modules\heapq
HKEY_CURRENT_USER\Software\Python\PythonCore\2.7\Modules\pwd
HKEY_LOCAL_MACHINE\Software\Python\PythonCore\2.7\Modules\pwd
HKEY_CURRENT_USER\Software\Python\PythonCore\2.7\Modules\grp
HKEY_LOCAL_MACHINE\Software\Python\PythonCore\2.7\Modules\grp
HKEY_CURRENT_USER\Software\Python\PythonCore\2.7\Modules\tarfile
HKEY_LOCAL_MACHINE\Software\Python\PythonCore\2.7\Modules\tarfile
HKEY_CURRENT_USER\Software\Python\PythonCore\2.7\Modules\struct
HKEY_LOCAL_MACHINE\Software\Python\PythonCore\2.7\Modules\struct
HKEY_CURRENT_USER\Software\Python\PythonCore\2.7\Modules\copy
HKEY_LOCAL_MACHINE\Software\Python\PythonCore\2.7\Modules\copy
HKEY_CURRENT_USER\Software\Python\PythonCore\2.7\Modules\weakref
HKEY_LOCAL_MACHINE\Software\Python\PythonCore\2.7\Modules\weakref
HKEY_CURRENT_USER\Software\Python\PythonCore\2.7\Modules\org
HKEY_LOCAL_MACHINE\Software\Python\PythonCore\2.7\Modules\org
HKEY_CURRENT_USER\Software\Python\PythonCore\2.7\Modules\subprocess
HKEY_LOCAL_MACHINE\Software\Python\PythonCore\2.7\Modules\subprocess
HKEY_CURRENT_USER\Software\Python\PythonCore\2.7\Modules\threading
HKEY_LOCAL_MACHINE\Software\Python\PythonCore\2.7\Modules\threading
HKEY_CURRENT_USER\Software\Python\PythonCore\2.7\Modules\ntfsea
HKEY_LOCAL_MACHINE\Software\Python\PythonCore\2.7\Modules\ntfsea
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\GRE_Initialize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize\DisableMetaFiles

读取的注册表键

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize\DisableMetaFiles

修改的注册表键 无信息

删除的注册表键 无信息

API解析 无信息

魔盾安全分析报告

0.05

正常的

文件详细信息

特征

运行截图

网络分析

静态分析

投放文件

行为分析

进程

python.exe PID: 2612, 上一级进程 PID: 2332