3.8
中危
50 个模型检测该样本为恶意!
重新分析
更多

485ce80c6972762a04ff59597bdd71381688c73750e1dddae91ad33e8e6f01b8

08565af678a8f39bc7f6eda4f295c78d.exe

分析耗时

78s

最近分析

文件大小

2.3MB
静态报毒 动态报毒 7XVVQ7BRUP8 AI SCORE=88 ARTEMIS BWOJD CRIDEX CRIDEX2H EMOTET FAMVT GDSDA GENCIRC HIGH CONFIDENCE HNFSBQ ICEDID KCLOUD MALWARE@#66F30I39S0RV OMWY PACK PHOTODLDER RAZY SLEPAK TM0@AKNA2BFI TROJANBANKER UNSAFE YMACCO ZEXAF 更多
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
查杀引擎 查杀结果 查杀时间 查杀版本
McAfee Artemis!08565AF678A8 20201211 6.0.6.653
Alibaba TrojanBanker:Win32/Cridex.92b60ecb 20190527 0.3.0.5
Baidu 20190318 1.0.0.2
Avast Win32:Trojan-gen 20201210 21.1.5827.0
Tencent Malware.Win32.Gencirc.1192e66b 20201211 1.0.0.1
Kingsoft Win32.Troj.Banker.(kcloud) 20201211 2017.9.26.565
CrowdStrike 20190702 1.0
静态指标
This executable has a PDB path (1 个事件)
pdb_path c:\VillageDress\positionbook\lakeBoard\Iceday\subtractstand\AllCatch\cornerDie\StopRosemilk.pdb
The executable contains unknown PE section names indicative of a packer (could be a false positive) (2 个事件)
section .gfids
section .giats
行为判定
动态指标
Resolves a suspicious Top Level Domain (TLD) (1 个事件)
domain gravitation.pw description Palau domain TLD
Allocates read-write-execute memory (usually to unpack itself) (4 个事件)
Time & API Arguments Status Return Repeated
1619134533.17456
NtProtectVirtualMemory
process_identifier: 1316
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
length: 12288
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
base_address: 0x00eb7000
success 0 0
1619134533.17456
NtAllocateVirtualMemory
process_identifier: 1316
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 12288 (MEM_COMMIT|MEM_RESERVE)
base_address: 0x004b0000
success 0 0
1619134533.17456
NtAllocateVirtualMemory
process_identifier: 1316
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 12288 (MEM_COMMIT|MEM_RESERVE)
base_address: 0x004c0000
success 0 0
1619134533.17456
NtAllocateVirtualMemory
process_identifier: 1316
region_size: 24576
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 12288 (MEM_COMMIT|MEM_RESERVE)
base_address: 0x004d0000
success 0 0
网络通信
Communicates with host for which no DNS query was performed (1 个事件)
host 172.217.24.14
Generates some ICMP traffic
File has been identified by 50 AntiVirus engines on VirusTotal as malicious (50 个事件)
Bkav W32.FamVT.Cridex2H.Trojan
Elastic malicious (high confidence)
MicroWorld-eScan Gen:Heur.Pack.Emotet.4
FireEye Generic.mg.08565af678a8f39b
McAfee Artemis!08565AF678A8
Cylance Unsafe
Zillya Trojan.Cridex.Win32.797
Sangfor Malware
K7AntiVirus Trojan-Downloader ( 005674611 )
Alibaba TrojanBanker:Win32/Cridex.92b60ecb
K7GW Trojan-Downloader ( 005674611 )
Cybereason malicious.493bd7
Arcabit Trojan.Pack.Emotet.4
Cyren W32/Trojan.OMWY-8609
Symantec W32.Cridex
APEX Malicious
Avast Win32:Trojan-gen
Kaspersky Trojan-Banker.Win32.Cridex.occ
BitDefender Gen:Heur.Pack.Emotet.4
NANO-Antivirus Trojan.Win32.Cridex.hnfsbq
Paloalto generic.ml
AegisLab Trojan.Win32.Razy.4!c
Tencent Malware.Win32.Gencirc.1192e66b
Ad-Aware Gen:Heur.Pack.Emotet.4
Sophos Mal/Generic-S
Comodo Malware@#66f30i39s0rv
F-Secure Trojan.TR/AD.PhotoDlder.bwojd
VIPRE Trojan.Win32.Generic!BT
McAfee-GW-Edition BehavesLike.Win32.Dropper.vh
Emsisoft Gen:Heur.Pack.Emotet.4 (B)
Jiangmin Trojan.Banker.Cridex.abf
Webroot W32.Trojan.Gen
Avira TR/AD.PhotoDlder.bwojd
Antiy-AVL Trojan[Banker]/Win32.Cridex
Kingsoft Win32.Troj.Banker.(kcloud)
Microsoft Trojan:Win32/Ymacco.AA48
ZoneAlarm Trojan-Banker.Win32.Cridex.occ
GData Gen:Heur.Pack.Emotet.4
AhnLab-V3 Malware/Win32.Generic.C4120411
BitDefenderTheta Gen:NN.ZexaF.34670.tM0@aKNA2bfi
ALYac Trojan.IcedID.gen
MAX malware (ai score=88)
Malwarebytes Trojan.IcedID
ESET-NOD32 Win32/TrojanDownloader.IcedId.E
Yandex Trojan.DL.IcedId!7xvvQ7bRUP8
Ikarus Trojan-Banker.IcedID
Fortinet W32/Slepak.AZ!tr
AVG Win32:Trojan-gen
Panda Trj/GdSda.A
Qihoo-360 Generic/Trojan.ebe
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

2015-05-13 11:41:25

Imports

Library KERNEL32.dll:
0x11621b8 GetStringTypeW
0x11621bc WriteConsoleW
0x11621c0 LoadLibraryExA
0x11621c4 GetProcessHeap
0x11621c8 DeleteCriticalSection
0x11621cc GetWindowsDirectoryW
0x11621d0 DecodePointer
0x11621d4 HeapAlloc
0x11621d8 GetSystemInfo
0x11621dc RaiseException
0x11621e0 HeapReAlloc
0x11621e4 GetLastError
0x11621e8 Sleep
0x11621ec HeapSize
0x11621f0 GetTempPathW
0x11621f8 GetModuleFileNameW
0x11621fc HeapFree
0x1162200 VirtualProtect
0x1162204 OutputDebugStringA
0x1162208 SetLastError
0x116220c GetModuleHandleA
0x1162210 GetModuleHandleW
0x1162214 GetProcAddress
0x1162218 LoadLibraryW
0x1162220 EnterCriticalSection
0x1162224 LeaveCriticalSection
0x1162228 TlsAlloc
0x116222c TlsGetValue
0x1162230 TlsSetValue
0x1162234 TlsFree
0x1162238 GlobalAlloc
0x116223c GlobalReAlloc
0x1162240 GlobalLock
0x1162244 GlobalHandle
0x1162248 GlobalUnlock
0x116224c GlobalFree
0x1162250 LocalAlloc
0x1162254 LocalReAlloc
0x1162258 LocalFree
0x116225c GetCurrentProcessId
0x1162260 LoadResource
0x1162264 LockResource
0x1162268 SizeofResource
0x116226c FindResourceW
0x1162270 WideCharToMultiByte
0x1162274 GlobalSize
0x1162278 MulDiv
0x116227c FormatMessageW
0x1162280 CopyFileW
0x1162284 MultiByteToWideChar
0x1162288 CloseHandle
0x116228c SetEvent
0x1162290 WaitForSingleObject
0x1162294 CreateEventW
0x1162298 GetCurrentThreadId
0x116229c SetThreadPriority
0x11622a0 ResumeThread
0x11622a4 lstrcmpA
0x11622a8 GlobalGetAtomNameW
0x11622ac FileTimeToSystemTime
0x11622b0 EncodePointer
0x11622b4 GetSystemDirectoryW
0x11622b8 FreeLibrary
0x11622bc FreeResource
0x11622c0 LoadLibraryExW
0x11622c4 GlobalDeleteAtom
0x11622c8 lstrcmpW
0x11622cc LoadLibraryA
0x11622d0 GlobalAddAtomW
0x11622d4 GlobalFindAtomW
0x11622d8 CreateFileW
0x11622dc FindClose
0x11622e0 FindFirstFileW
0x11622e4 FlushFileBuffers
0x11622e8 GetFileSize
0x11622ec GetFullPathNameW
0x11622f0 GetVolumeInformationW
0x11622f4 LockFile
0x11622f8 ReadFile
0x11622fc SetEndOfFile
0x1162300 SetFilePointer
0x1162304 UnlockFile
0x1162308 WriteFile
0x116230c DuplicateHandle
0x1162310 GetCurrentProcess
0x1162314 lstrcmpiW
0x1162318 CompareStringW
0x1162320 GlobalFlags
0x1162324 GetVersionExW
0x116232c GetFileAttributesW
0x1162330 GetFileAttributesExW
0x1162334 GetFileSizeEx
0x1162338 GetFileTime
0x1162340 lstrcpyW
0x1162344 GetCurrentDirectoryW
0x1162348 FindResourceExW
0x116234c VerSetConditionMask
0x1162350 VerifyVersionInfoW
0x1162354 GetTempFileNameW
0x1162358 GetTickCount
0x116235c GetProfileIntW
0x1162360 SearchPathW
0x1162364 ResetEvent
0x1162368 WaitForSingleObjectEx
0x1162374 TerminateProcess
0x116237c IsDebuggerPresent
0x1162380 GetStartupInfoW
0x116238c InitializeSListHead
0x1162390 OutputDebugStringW
0x1162394 RtlUnwind
0x1162398 CreateThread
0x116239c ExitThread
0x11623a4 GetModuleHandleExW
0x11623a8 HeapQueryInformation
0x11623ac GetCommandLineA
0x11623b0 GetCommandLineW
0x11623b4 VirtualAlloc
0x11623b8 VirtualQuery
0x11623c0 SetStdHandle
0x11623c4 GetFileType
0x11623c8 ExitProcess
0x11623cc GetStdHandle
0x11623d0 LCMapStringW
0x11623d8 GetConsoleCP
0x11623dc GetConsoleMode
0x11623e0 SetFilePointerEx
0x11623e4 FindFirstFileExW
0x11623e8 FindNextFileW
0x11623ec IsValidCodePage
0x11623f0 GetACP
0x11623f4 GetOEMCP
0x11623f8 GetCPInfo
Library USER32.dll:
0x11624a0 GetMenu
0x11624a4 SetMenu
0x11624a8 TrackPopupMenu
0x11624ac UpdateWindow
0x11624b0 SetActiveWindow
0x11624b4 GetForegroundWindow
0x11624b8 SetForegroundWindow
0x11624bc BeginPaint
0x11624c0 EndPaint
0x11624c4 RedrawWindow
0x11624c8 ScrollWindow
0x11624cc SetScrollPos
0x11624d0 GetScrollPos
0x11624d4 SetScrollRange
0x11624d8 GetScrollRange
0x11624dc ShowScrollBar
0x11624e0 SetPropW
0x11624e4 GetPropW
0x11624e8 RemovePropW
0x11624ec GetClientRect
0x11624f0 GetWindowRect
0x11624f4 AdjustWindowRectEx
0x11624f8 ScreenToClient
0x11624fc MapWindowPoints
0x1162500 CopyRect
0x1162504 EqualRect
0x1162508 PtInRect
0x116250c SetWindowLongW
0x1162510 GetClassLongW
0x1162514 GetClassNameW
0x1162518 GetTopWindow
0x116251c GetWindow
0x1162520 LoadIconW
0x1162524 SetScrollInfo
0x1162528 GetScrollInfo
0x116252c WinHelpW
0x1162530 MonitorFromWindow
0x1162534 GetMonitorInfoW
0x1162538 ShowWindow
0x116253c MoveWindow
0x1162540 CheckDlgButton
0x1162544 SetWindowTextW
0x1162548 IsDialogMessageW
0x116254c DestroyIcon
0x1162550 CharUpperW
0x1162554 ClientToScreen
0x1162558 GetDesktopWindow
0x1162560 DrawTextW
0x1162564 DrawTextExW
0x1162568 GrayStringW
0x116256c TabbedTextOutW
0x1162570 GetWindowDC
0x1162574 FillRect
0x1162578 DestroyMenu
0x116257c GetMenuItemInfoW
0x1162580 InflateRect
0x1162584 SystemParametersInfoW
0x1162588 CopyImage
0x116258c SendDlgItemMessageA
0x1162590 SetRectEmpty
0x1162594 OffsetRect
0x1162598 PostQuitMessage
0x11625a0 EndDialog
0x11625a4 GetNextDlgTabItem
0x11625a8 GetAsyncKeyState
0x11625ac MapDialogRect
0x11625b0 IntersectRect
0x11625b4 TrackMouseEvent
0x11625b8 InvalidateRect
0x11625bc LoadImageW
0x11625c0 ShowOwnedPopups
0x11625c4 GetCapture
0x11625c8 DeleteMenu
0x11625cc SetTimer
0x11625d0 KillTimer
0x11625d4 GetNextDlgGroupItem
0x11625d8 SetCapture
0x11625dc ReleaseCapture
0x11625e0 WindowFromPoint
0x11625e4 DrawFocusRect
0x11625e8 IsRectEmpty
0x11625ec DrawIconEx
0x11625f0 GetIconInfo
0x11625f4 MessageBeep
0x11625f8 EnableScrollBar
0x11625fc HideCaret
0x1162600 InvertRect
0x1162604 NotifyWinEvent
0x1162608 CreatePopupMenu
0x116260c GetMenuDefaultItem
0x1162610 MapVirtualKeyW
0x1162614 GetKeyNameTextW
0x1162618 LoadMenuW
0x1162620 EnumDisplayMonitors
0x1162624 SetClassLongW
0x1162628 SetWindowRgn
0x116262c SetParent
0x1162630 OpenClipboard
0x1162634 CloseClipboard
0x1162638 SetClipboardData
0x116263c EmptyClipboard
0x1162640 DrawStateW
0x1162644 DrawEdge
0x1162648 DrawFrameControl
0x116264c IsZoomed
0x1162650 GetSystemMenu
0x1162654 BringWindowToTop
0x1162658 SetCursorPos
0x116265c CopyIcon
0x1162660 FrameRect
0x1162664 DrawIcon
0x1162668 UnionRect
0x116266c UpdateLayeredWindow
0x1162670 MonitorFromPoint
0x1162674 LoadAcceleratorsW
0x1162678 TranslateAcceleratorW
0x116267c InsertMenuItemW
0x1162680 UnpackDDElParam
0x1162684 ReuseDDElParam
0x1162688 GetComboBoxInfo
0x116268c PostThreadMessageW
0x1162690 WaitMessage
0x1162694 GetKeyboardLayout
0x1162698 IsCharLowerW
0x116269c MapVirtualKeyExW
0x11626a0 ToUnicodeEx
0x11626a4 GetKeyboardState
0x11626b0 CopyAcceleratorTableW
0x11626b4 SetRect
0x11626b8 LockWindowUpdate
0x11626bc SetMenuDefaultItem
0x11626c0 GetDoubleClickTime
0x11626c4 ModifyMenuW
0x11626cc CharUpperBuffW
0x11626d4 GetUpdateRect
0x11626d8 DrawMenuBar
0x11626dc DefFrameProcW
0x11626e0 DefMDIChildProcW
0x11626e4 TranslateMDISysAccel
0x11626e8 SubtractRect
0x11626ec CreateMenu
0x11626f0 GetWindowRgn
0x11626f4 DestroyCursor
0x11626f8 SetFocus
0x11626fc GetDlgCtrlID
0x1162700 GetDlgItem
0x1162704 IsIconic
0x1162708 EndDeferWindowPos
0x116270c DeferWindowPos
0x1162710 BeginDeferWindowPos
0x1162714 SetWindowPlacement
0x1162718 GetWindowPlacement
0x116271c SetWindowPos
0x1162720 DestroyWindow
0x1162724 IsChild
0x1162728 IsMenu
0x116272c IsWindow
0x1162730 CreateWindowExW
0x1162734 GetClassInfoExW
0x1162738 GetClassInfoW
0x116273c RegisterClassW
0x1162740 CallWindowProcW
0x1162744 DefWindowProcW
0x1162748 PostMessageW
0x116274c GetMessageTime
0x1162750 GetMessagePos
0x1162758 LoadBitmapW
0x1162760 SetMenuItemBitmaps
0x1162764 EnableMenuItem
0x1162768 CheckMenuItem
0x116276c GetFocus
0x1162770 GetWindowTextLengthW
0x1162774 GetWindowTextW
0x1162778 LoadCursorW
0x116277c GetSysColorBrush
0x1162780 GetSysColor
0x1162784 ReleaseDC
0x1162788 GetDC
0x116278c GetSystemMetrics
0x1162790 CallNextHookEx
0x1162794 SetWindowsHookExW
0x1162798 GetCursorPos
0x116279c ValidateRect
0x11627a0 GetKeyState
0x11627a4 GetActiveWindow
0x11627a8 IsWindowVisible
0x11627ac PeekMessageW
0x11627b0 DispatchMessageW
0x11627b4 TranslateMessage
0x11627b8 GetMessageW
0x11627bc RemoveMenu
0x11627c0 AppendMenuW
0x11627c4 InsertMenuW
0x11627c8 GetMenuItemCount
0x11627cc GetMenuItemID
0x11627d0 GetSubMenu
0x11627d4 GetMenuState
0x11627d8 GetMenuStringW
0x11627dc GetLastActivePopup
0x11627e4 GetParent
0x11627e8 GetWindowLongW
0x11627ec MessageBoxW
0x11627f0 IsWindowEnabled
0x11627f4 EnableWindow
0x11627f8 SendMessageW
0x11627fc UnhookWindowsHookEx
0x1162800 SetCursor
0x1162804 SetMenuItemInfoW
Library OLEAUT32.dll:
0x1162404 SysFreeString
0x1162408 SysAllocString
0x116240c VariantInit
0x1162410 LoadTypeLib
0x1162414 SysAllocStringLen
0x1162418 SysStringLen
0x1162424 VariantClear
0x1162428 VariantCopy
0x116242c VariantChangeType
0x1162430 VarBstrFromDate
Library ADVAPI32.dll:
0x1162000 RegDeleteKeyW
0x1162004 RegOpenKeyExW
0x1162008 RegDeleteValueW
0x116200c RegEnumKeyExW
0x1162010 RegCloseKey
0x1162014 RegCreateKeyW
0x1162018 RegQueryValueExW
0x116201c RegSetValueExW
0x1162020 RegCreateKeyExW
Library UxTheme.dll:
0x116280c GetThemeSysColor
0x1162814 IsAppThemed
0x1162818 GetWindowTheme
0x116281c GetCurrentThemeName
0x1162820 GetThemeColor
0x1162824 DrawThemeBackground
0x116282c DrawThemeText
0x1162830 GetThemeTextExtent
0x1162834 OpenThemeData
0x1162838 CloseThemeData
0x1162840 GetThemePartSize
Library TAPI32.dll:
0x1162480 lineInitialize
0x1162484 lineClose
0x1162488 lineTranslateAddressW
0x116248c lineAccept
0x1162490 lineOpenW
0x1162494 lineRedirectW
0x1162498 lineTranslateDialogW
Library GDI32.dll:
0x1162028 GetWindowOrgEx
0x116202c GetTextFaceW
0x1162030 GetViewportOrgEx
0x1162034 SetPixelV
0x1162038 SetPaletteEntries
0x116203c ExtFloodFill
0x1162040 PtInRegion
0x1162044 GetBoundsRect
0x1162048 FrameRgn
0x116204c CopyMetaFileW
0x1162050 CreateDCW
0x1162054 GetDeviceCaps
0x1162058 CreateBitmap
0x116205c SetBkColor
0x1162060 SetTextColor
0x1162064 GetObjectW
0x1162068 DeleteObject
0x116206c BitBlt
0x1162070 CreateCompatibleDC
0x1162074 CreateHatchBrush
0x1162078 CreatePen
0x116207c CreatePatternBrush
0x1162080 CreateRectRgn
0x1162084 CreateSolidBrush
0x1162088 DeleteDC
0x116208c Escape
0x1162090 ExcludeClipRect
0x1162094 GetClipBox
0x1162098 GetObjectType
0x116209c GetPixel
0x11620a0 GetStockObject
0x11620a4 GetViewportExtEx
0x11620a8 GetWindowExtEx
0x11620ac IntersectClipRect
0x11620b0 LineTo
0x11620b4 PtVisible
0x11620b8 RectVisible
0x11620bc RestoreDC
0x11620c0 SaveDC
0x11620c4 SelectClipRgn
0x11620c8 ExtSelectClipRgn
0x11620cc SelectObject
0x11620d0 SelectPalette
0x11620d4 SetBkMode
0x11620d8 SetMapMode
0x11620dc SetLayout
0x11620e0 GetLayout
0x11620e4 SetPolyFillMode
0x11620e8 SetROP2
0x11620ec SetTextAlign
0x11620f0 MoveToEx
0x11620f4 TextOutW
0x11620f8 ExtTextOutW
0x11620fc SetViewportExtEx
0x1162100 SetViewportOrgEx
0x1162104 SetWindowExtEx
0x1162108 SetWindowOrgEx
0x116210c OffsetViewportOrgEx
0x1162110 OffsetWindowOrgEx
0x1162114 ScaleViewportExtEx
0x1162118 ScaleWindowExtEx
0x116211c CreateFontIndirectW
0x1162120 GetTextExtentPoint32W
0x1162124 CombineRgn
0x1162128 CreateRectRgnIndirect
0x116212c PatBlt
0x1162130 SetRectRgn
0x1162134 DPtoLP
0x1162138 GetTextMetricsW
0x116213c EnumFontFamiliesExW
0x1162140 CreatePalette
0x1162148 GetPaletteEntries
0x1162150 RealizePalette
0x1162154 GetBkColor
0x116215c CreateDIBitmap
0x1162160 EnumFontFamiliesW
0x1162164 GetTextCharsetInfo
0x1162168 SetPixel
0x116216c StretchBlt
0x1162170 CreateDIBSection
0x1162174 SetDIBColorTable
0x1162178 CreateEllipticRgn
0x116217c Ellipse
0x1162180 GetTextColor
0x1162184 CreatePolygonRgn
0x1162188 Polygon
0x116218c Polyline
0x1162190 CreateRoundRectRgn
0x1162194 LPtoDP
0x1162198 Rectangle
0x116219c GetRgnBox
0x11621a0 OffsetRgn
0x11621a4 RoundRect
0x11621a8 FillRgn
Library SHELL32.dll:
0x1162438 ShellExecuteW
0x116243c SHGetPathFromIDListW
0x1162444 SHGetDesktopFolder
0x1162448 DragQueryFileW
0x116244c DragFinish
0x1162450 SHBrowseForFolderW
0x1162454 SHAppBarMessage
0x1162458 SHGetFileInfoW
Library ole32.dll:
0x11628a4 OleLockRunning
0x11628a8 RevokeDragDrop
0x11628ac RegisterDragDrop
0x11628b0 CoLockObjectExternal
0x11628b4 OleGetClipboard
0x11628b8 CreateStreamOnHGlobal
0x11628bc CoInitializeEx
0x11628c0 CoUninitialize
0x11628c4 CoCreateInstance
0x11628d4 IsAccelerator
0x11628d8 DoDragDrop
0x11628dc CoDisconnectObject
0x11628e0 ReleaseStgMedium
0x11628e4 OleDuplicateData
0x11628e8 CoTaskMemFree
0x11628ec CoTaskMemAlloc
0x11628f0 CoInitialize
Library gdiplus.dll:
0x1162848 GdipCloneImage
0x116284c GdipDrawImageRectI
0x1162854 GdipCreateFromHDC
0x116285c GdipDrawImageI
0x1162860 GdipDeleteGraphics
0x1162864 GdipBitmapUnlockBits
0x1162868 GdipBitmapLockBits
0x1162878 GdipGetImagePalette
0x1162880 GdipGetImageHeight
0x1162884 GdipGetImageWidth
0x116288c GdipDisposeImage
0x1162890 GdiplusStartup
0x1162894 GdipFree
0x1162898 GdipAlloc
0x116289c GdiplusShutdown
Library SHLWAPI.dll:
0x1162460 PathFindExtensionW
0x1162464 PathIsUNCW
0x1162468 PathStripToRootW
0x116246c StrFormatKBSizeW
0x1162470 PathRemoveFileSpecW
0x1162474 PathFindFileNameW

Hosts

No hosts contacted.

TCP

No TCP connections recorded.

UDP

Source Source Port Destination Destination Port
192.168.56.101 49235 114.114.114.114 53
192.168.56.101 50534 114.114.114.114 53
192.168.56.101 51808 114.114.114.114 53
192.168.56.101 53237 114.114.114.114 53
192.168.56.101 53657 114.114.114.114 53
192.168.56.101 56539 114.114.114.114 53
192.168.56.101 57756 114.114.114.114 53
192.168.56.101 58367 114.114.114.114 53
192.168.56.101 65004 114.114.114.114 53
192.168.56.101 137 192.168.56.255 137
192.168.56.101 138 192.168.56.255 138
192.168.56.101 123 20.189.79.72 time.windows.com 123
192.168.56.101 55368 224.0.0.252 5355
192.168.56.101 56804 224.0.0.252 5355
192.168.56.101 60123 224.0.0.252 5355
192.168.56.101 62191 224.0.0.252 5355
192.168.56.101 1900 239.255.255.250 1900
192.168.56.101 56540 239.255.255.250 3702
192.168.56.101 56807 239.255.255.250 1900
192.168.56.101 58368 239.255.255.250 3702

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.