SmartHawk

0.8

低危

该样本未表现出任何异常！

0019065d8334618ca5ee78abf9c786e76053e46197631beea614871a78e8d251

2ddcb53df836a8a041bc514cb73f4211.exe

分析耗时

75s

最近分析

文件大小

1.8MB

静态报毒动态报毒

未检测暂无鹰眼引擎检测结果

查杀引擎	查杀结果	查杀时间	查杀版本
CrowdStrike		20190702	1.0
Baidu		20190318	1.0.0.2
Alibaba		20190527	0.3.0.5
Kingsoft		20210109	2017.9.26.565
Tencent		20210109	1.0.0.1

This executable has a PDB path (1 个事件)

pdb_path

D:\glyph\stable\build\client\GlyphCrashHandler64_r.pdb

Communicates with host for which no DNS query was performed (1 个事件)

host

172.217.24.14

暂无二进制图像该样本未生成二进制可视化图像

暂无运行截图该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手，可以帮您分析和解读恶意软件报告。请随时向我提问！

🔍 主要威胁分析

⚡ 行为特征

🛡️ 防护建议

🔧 技术手段

🎯 检测方法

🤖

Static Analysis
Strings

PE Compile Time

2020-09-01 01:07:43

Imports

Library KERNEL32.dll:

• 0x14019f040 InitializeCriticalSection

• 0x14019f048 EnterCriticalSection

• 0x14019f050 LeaveCriticalSection

• 0x14019f058 DeleteCriticalSection

• 0x14019f060 Sleep

• 0x14019f068 GetCurrentProcessId

• 0x14019f070 GetCurrentThreadId

• 0x14019f078 GetSystemTime

• 0x14019f080 GetSystemTimeAsFileTime

• 0x14019f088 GetTickCount

• 0x14019f090 GetVersionExW

• 0x14019f098 LocalFree

• 0x14019f0a0 FormatMessageA

• 0x14019f0a8 FormatMessageW

• 0x14019f0b0 GetTempPathA

• 0x14019f0b8 AreFileApisANSI

• 0x14019f0c0 MultiByteToWideChar

• 0x14019f0c8 WideCharToMultiByte

• 0x14019f0d0 GetEnvironmentStringsW

• 0x14019f0d8 FreeEnvironmentStringsW

• 0x14019f0e0 GetFileAttributesExW

• 0x14019f0e8 GetFileInformationByHandle

• 0x14019f0f0 GetTempFileNameW

• 0x14019f0f8 WaitForSingleObjectEx

• 0x14019f100 TerminateProcess

• 0x14019f108 GetExitCodeProcess

• 0x14019f110 CreateProcessW

• 0x14019f118 GetLocalTime

• 0x14019f120 GetSystemInfo

• 0x14019f128 GetSystemDirectoryW

• 0x14019f130 GetComputerNameExW

• 0x14019f138 CreateFileMappingW

• 0x14019f140 MapViewOfFile

• 0x14019f148 UnmapViewOfFile

• 0x14019f150 CopyFileW

• 0x14019f158 FileTimeToSystemTime

• 0x14019f160 SystemTimeToFileTime

• 0x14019f168 OpenProcess

• 0x14019f170 VirtualQuery

• 0x14019f178 OpenFileMappingW

• 0x14019f180 FreeLibrary

• 0x14019f188 LoadResource

• 0x14019f190 LockResource

• 0x14019f198 SizeofResource

• 0x14019f1a0 LoadLibraryW

• 0x14019f1a8 FindResourceW

• 0x14019f1b0 ContinueDebugEvent

• 0x14019f1b8 WaitForDebugEvent

• 0x14019f1c0 DebugActiveProcess

• 0x14019f1c8 DebugActiveProcessStop

• 0x14019f1d0 SetEvent

• 0x14019f1d8 WaitForSingleObject

• 0x14019f1e0 CreateEventW

• 0x14019f1e8 OpenEventW

• 0x14019f1f0 OpenThread

• 0x14019f1f8 SuspendThread

• 0x14019f200 ResumeThread

• 0x14019f208 GetThreadContext

• 0x14019f210 GetModuleHandleW

• 0x14019f218 DebugSetProcessKillOnExit

• 0x14019f220 DebugBreakProcess

• 0x14019f228 CreateToolhelp32Snapshot

• 0x14019f230 Module32FirstW

• 0x14019f238 Module32NextW

• 0x14019f240 GlobalFree

• 0x14019f248 GetCommandLineW

• 0x14019f250 QueryPerformanceCounter

• 0x14019f258 IsDebuggerPresent

• 0x14019f260 GetCurrentProcess

• 0x14019f268 GetModuleFileNameW

• 0x14019f270 ConnectNamedPipe

• 0x14019f278 DisconnectNamedPipe

• 0x14019f280 CreateNamedPipeW

• 0x14019f288 CreateMutexW

• 0x14019f290 CreateThread

• 0x14019f298 CreateProcessA

• 0x14019f2a0 GetProcessId

• 0x14019f2a8 GlobalMemoryStatusEx

• 0x14019f2b0 GetWindowsDirectoryA

• 0x14019f2b8 IsWow64Process

• 0x14019f2c0 GetModuleFileNameA

• 0x14019f2c8 CallNamedPipeW

• 0x14019f2d0 GetTickCount64

• 0x14019f2d8 HeapAlloc

• 0x14019f2e0 HeapFree

• 0x14019f2e8 GetProcessHeap

• 0x14019f2f0 SetConsoleTextAttribute

• 0x14019f2f8 GetOverlappedResult

• 0x14019f300 SetFileTime

• 0x14019f308 FindClose

• 0x14019f310 SetCurrentDirectoryW

• 0x14019f318 GetCurrentDirectoryW

• 0x14019f320 CreateDirectoryW

• 0x14019f328 FindFirstFileW

• 0x14019f330 FindNextFileW

• 0x14019f338 MoveFileW

• 0x14019f340 SystemTimeToTzSpecificLocalTime

• 0x14019f348 GetTimeZoneInformation

• 0x14019f350 DecodePointer

• 0x14019f358 EncodePointer

• 0x14019f360 IsProcessorFeaturePresent

• 0x14019f368 CloseHandle

• 0x14019f370 GetLastError

• 0x14019f378 GetTempPathW

• 0x14019f380 WriteFile

• 0x14019f388 UnlockFile

• 0x14019f390 SetFilePointer

• 0x14019f398 SetEndOfFile

• 0x14019f3a0 ReadFile

• 0x14019f3a8 LockFileEx

• 0x14019f3b0 LockFile

• 0x14019f3b8 GetFullPathNameW

• 0x14019f3c0 GetFullPathNameA

• 0x14019f3c8 GetFileSize

• 0x14019f3d0 GetFileAttributesW

• 0x14019f3d8 GetFileAttributesA

• 0x14019f3e0 GetDiskFreeSpaceW

• 0x14019f3e8 GetDiskFreeSpaceA

• 0x14019f3f0 FlushFileBuffers

• 0x14019f3f8 DeleteFileW

• 0x14019f400 DeleteFileA

• 0x14019f408 CreateFileW

• 0x14019f410 GetEnvironmentVariableW

• 0x14019f418 CreateFileA

Library USER32.dll:

• 0x14019fba0 RegisterClassExW

• 0x14019fba8 CreateWindowExW

• 0x14019fbb0 DestroyWindow

• 0x14019fbb8 PeekMessageW

• 0x14019fbc0 DefWindowProcW

• 0x14019fbc8 TranslateMessage

• 0x14019fbd0 GetDesktopWindow

• 0x14019fbd8 DispatchMessageW

Library ADVAPI32.dll:

• 0x14019f000 CryptDestroyHash

• 0x14019f008 CryptHashData

• 0x14019f010 CryptCreateHash

• 0x14019f018 CryptGetHashParam

• 0x14019f020 CryptAcquireContextW

Library SHELL32.dll:

• 0x14019fb78 CommandLineToArgvW

• 0x14019fb80 ShellExecuteExW

• 0x14019fb88

• 0x14019fb90 SHGetFolderPathW

Library ole32.dll:

• 0x14019fc88 StringFromGUID2

• 0x14019fc90 CoTaskMemFree

• 0x14019fc98 CoCreateGuid

• 0x14019fca0 StringFromCLSID

Library dbghelp.dll:

• 0x14019fc78 MiniDumpWriteDump

Library PSAPI.DLL:

• 0x14019fb58 GetModuleFileNameExW

• 0x14019fb60 GetProcessImageFileNameW

• 0x14019fb68 GetProcessMemoryInfo

Library IPHLPAPI.DLL:

• 0x14019f030 GetAdaptersInfo

Library WINHTTP.dll:

• 0x14019fc00 WinHttpGetIEProxyConfigForCurrentUser

• 0x14019fc08 WinHttpReceiveResponse

• 0x14019fc10 WinHttpGetProxyForUrl

• 0x14019fc18 WinHttpQueryAuthSchemes

• 0x14019fc20 WinHttpAddRequestHeaders

• 0x14019fc28 WinHttpOpen

• 0x14019fc30 WinHttpCloseHandle

• 0x14019fc38 WinHttpConnect

• 0x14019fc40 WinHttpOpenRequest

• 0x14019fc48 WinHttpSendRequest

• 0x14019fc50 WinHttpWriteData

• 0x14019fc58 WinHttpQueryHeaders

• 0x14019fc60 WinHttpSetStatusCallback

• 0x14019fc68 WinHttpSetCredentials

Library MSVCR120.dll:

• 0x14019f798 isalnum

• 0x14019f7a0 toupper

• 0x14019f7a8 _strnicmp

• 0x14019f7b0 strstr

• 0x14019f7b8 wcsncmp

• 0x14019f7c0 wcsstr

• 0x14019f7c8 ceilf

• 0x14019f7d0 _vswprintf_c_l

• 0x14019f7d8 _lock

• 0x14019f7e0 _unlock

• 0x14019f7e8 _calloc_crt

• 0x14019f7f0 __dllonexit

• 0x14019f7f8 _onexit

• 0x14019f800 _XcptFilter

• 0x14019f808 __crtGetShowWindowMode

• 0x14019f810 _amsg_exit

• 0x14019f818 __getmainargs

• 0x14019f820 __set_app_type

• 0x14019f828 exit

• 0x14019f830 __CxxFrameHandler3

• 0x14019f838 _cexit

• 0x14019f840 _ismbblead

• 0x14019f848 _configthreadlocale

• 0x14019f850 __setusermatherr

• 0x14019f858 _initterm_e

• 0x14019f860 _initterm

• 0x14019f868 _acmdln

• 0x14019f870 _fmode

• 0x14019f878 _commode

• 0x14019f880 _vsnprintf

• 0x14019f888 ?terminate@@YAXXZ

• 0x14019f890 ?_type_info_dtor_internal_method@type_info@@QEAAXXZ

• 0x14019f898 __crtSetUnhandledExceptionFilter

• 0x14019f8a0 __crt_debugger_hook

• 0x14019f8a8 __crtUnhandledException

• 0x14019f8b0 __crtTerminateProcess

• 0x14019f8b8 __crtCapturePreviousContext

• 0x14019f8c0 _wassert

• 0x14019f8c8 fprintf

• 0x14019f8d0 wcschr

• 0x14019f8d8 iswspace

• 0x14019f8e0 tolower

• 0x14019f8e8 _strtoui64

• 0x14019f8f0 _strtoi64

• 0x14019f8f8 mbstowcs

• 0x14019f900 _splitpath_s

• 0x14019f908 strtoul

• 0x14019f910 strtol

• 0x14019f918 strtod

• 0x14019f920 isspace

• 0x14019f928 isalpha

• 0x14019f930 _open_osfhandle

• 0x14019f938 _chsize

• 0x14019f940 _ftelli64

• 0x14019f948 _fileno

• 0x14019f950 _fdopen

• 0x14019f958 _errno

• 0x14019f960 _snprintf

• 0x14019f968 _wsplitpath_s

• 0x14019f970 _ui64tow

• 0x14019f978 ftell

• 0x14019f980 fseek

• 0x14019f988 fread

• 0x14019f990 fopen

• 0x14019f998 strchr

• 0x14019f9a0 memchr

• 0x14019f9a8 __C_specific_handler

• 0x14019f9b0 _itow_s

• 0x14019f9b8 _wtoi

• 0x14019f9c0 _unlock_file

• 0x14019f9c8 _lock_file

• 0x14019f9d0 ungetc

• 0x14019f9d8 setvbuf

• 0x14019f9e0 fwrite

• 0x14019f9e8 _fseeki64

• 0x14019f9f0 fsetpos

• 0x14019f9f8 fputc

• 0x14019fa00 fgetpos

• 0x14019fa08 fgetc

• 0x14019fa10 fflush

• 0x14019fa18 fclose

• 0x14019fa20 memcpy_s

• 0x14019fa28 _beginthread

• 0x14019fa30 ldiv

• 0x14019fa38 wcsncpy

• 0x14019fa40 _wcslwr

• 0x14019fa48 _CxxThrowException

• 0x14019fa50 ??1bad_cast@std@@UEAA@XZ

• 0x14019fa58 ??0exception@std@@QEAA@AEBV01@@Z

• 0x14019fa60 ??0bad_cast@std@@QEAA@AEBV01@@Z

• 0x14019fa68 ??0bad_cast@std@@QEAA@PEBD@Z

• 0x14019fa70 _vsnprintf_s

• 0x14019fa78 ??_U@YAPEAX_K@Z

• 0x14019fa80 ??_V@YAXPEAX@Z

• 0x14019fa88 _vsnwprintf_s

• 0x14019fa90 _wfullpath

• 0x14019fa98 wcstombs_s

• 0x14019faa0 srand

• 0x14019faa8 rand

• 0x14019fab0 _wcslwr_s

• 0x14019fab8 _wcsicmp

• 0x14019fac0 wcsrchr

• 0x14019fac8 strncpy

• 0x14019fad0 iswalnum

• 0x14019fad8 ??3@YAXPEAX@Z

• 0x14019fae0 ??2@YAPEAX_K@Z

• 0x14019fae8 _purecall

• 0x14019faf0 strcmp

• 0x14019faf8 memset

• 0x14019fb00 memcpy

• 0x14019fb08 memcmp

• 0x14019fb10 _localtime64_s

• 0x14019fb18 strncmp

• 0x14019fb20 memmove

• 0x14019fb28 realloc

• 0x14019fb30 malloc

• 0x14019fb38 free

• 0x14019fb40 atoi

• 0x14019fb48 _exit

Library MSVCP120.dll:

• 0x14019f428 ?_Makeloc@_Locimp@locale@std@@CAPEAV123@AEBV_Locinfo@3@HPEAV123@PEBV23@@Z

• 0x14019f430 ?_New_Locimp@_Locimp@locale@std@@CAPEAV123@_N@Z

• 0x14019f438 ?_Getname@_Locinfo@std@@QEBAPEBDXZ

• 0x14019f440 ??0_Locinfo@std@@QEAA@HPEBD@Z

• 0x14019f448 ?_Xruntime_error@std@@YAXPEBD@Z

• 0x14019f450 _FInf

• 0x14019f458 ?_Throw_C_error@std@@YAXH@Z

• 0x14019f460 _Mtx_unlock

• 0x14019f468 _Mtx_lock

• 0x14019f470 _Mtx_destroy

• 0x14019f478 _Mtx_init

• 0x14019f480 ?id@?$collate@D@std@@2V0locale@2@A

• 0x14019f488 ?id@?$ctype@D@std@@2V0locale@2@A

• 0x14019f490 ??_7facet@locale@std@@6B@

• 0x14019f498 ??_7_Facet_base@std@@6B@

• 0x14019f4a0 ?_Incref@facet@locale@std@@UEAAXXZ

• 0x14019f4a8 ?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ

• 0x14019f4b0 ?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z

• 0x14019f4b8 ?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

• 0x14019f4c0 ?tolower@?$ctype@D@std@@QEBAPEBDPEADPEBD@Z

• 0x14019f4c8 ?tolower@?$ctype@D@std@@QEBADD@Z

• 0x14019f4d0 ?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z

• 0x14019f4d8 ??0facet@locale@std@@IEAA@_K@Z

• 0x14019f4e0 ??1_Locinfo@std@@QEAA@XZ

• 0x14019f4e8 ??0_Locinfo@std@@QEAA@PEBD@Z

• 0x14019f4f0 _Strxfrm

• 0x14019f4f8 _Strcoll

• 0x14019f500 _Getcoll

• 0x14019f508 ??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@

• 0x14019f510 ?id@?$codecvt@DDH@std@@2V0locale@2@A

• 0x14019f518 ?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z

• 0x14019f520 ?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z

• 0x14019f528 ?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ

• 0x14019f530 ?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ

• 0x14019f538 ?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ

• 0x14019f540 ?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z

• 0x14019f548 ?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z

• 0x14019f550 ?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ

• 0x14019f558 ?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ

• 0x14019f560 ?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z

• 0x14019f568 ??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ

• 0x14019f570 ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

• 0x14019f578 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

• 0x14019f580 ?_Orphan_all@_Container_base12@std@@QEAAXXZ

• 0x14019f588 ??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ

• 0x14019f590 ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

• 0x14019f598 ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ

• 0x14019f5a0 ?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z

• 0x14019f5a8 ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ

• 0x14019f5b0 ?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ

• 0x14019f5b8 ?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ

• 0x14019f5c0 ?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z

• 0x14019f5c8 ?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ

• 0x14019f5d0 ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ

• 0x14019f5d8 ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ

• 0x14019f5e0 ?_Getcat@?$codecvt@DDH@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

• 0x14019f5e8 ?unshift@?$codecvt@DDH@std@@QEBAHAEAHPEAD1AEAPEAD@Z

• 0x14019f5f0 ?out@?$codecvt@DDH@std@@QEBAHAEAHPEBD1AEAPEBDPEAD3AEAPEAD@Z

• 0x14019f5f8 ?in@?$codecvt@DDH@std@@QEBAHAEAHPEBD1AEAPEBDPEAD3AEAPEAD@Z

• 0x14019f600 ?always_noconv@codecvt_base@std@@QEBA_NXZ

• 0x14019f608 ??_7?$basic_ios@_WU?$char_traits@_W@std@@@std@@6B@

• 0x14019f610 ??_7ios_base@std@@6B@

• 0x14019f618 ?id@?$ctype@_W@std@@2V0locale@2@A

• 0x14019f620 ?_BADOFF@std@@3_JB

• 0x14019f628 ?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEB_W_J@Z

• 0x14019f630 ?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEA_W_J@Z

• 0x14019f638 ?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAGXZ

• 0x14019f640 ?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAHXZ

• 0x14019f648 ?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JXZ

• 0x14019f650 ?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAPEAV12@PEA_W_J@Z

• 0x14019f658 ?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAXAEBVlocale@2@@Z

• 0x14019f660 ?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ

• 0x14019f668 ?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ

• 0x14019f670 ?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z

• 0x14019f678 ?setbase@std@@YA?AU?$_Smanip@H@1@H@Z

• 0x14019f680 ??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ

• 0x14019f688 ??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

• 0x14019f690 ?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ

• 0x14019f698 ?write@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@PEB_W_J@Z

• 0x14019f6a0 ?put@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@_W@Z

• 0x14019f6a8 ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@I@Z

• 0x14019f6b0 ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@H@Z

• 0x14019f6b8 ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z

• 0x14019f6c0 ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z

• 0x14019f6c8 ?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ

• 0x14019f6d0 ??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ

• 0x14019f6d8 ?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBA_WD@Z

• 0x14019f6e0 ?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z

• 0x14019f6e8 ??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ

• 0x14019f6f0 ?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ

• 0x14019f6f8 ?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z

• 0x14019f700 ?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z

• 0x14019f708 ??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ

• 0x14019f710 ??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ

• 0x14019f718 ?_Ios_base_dtor@ios_base@std@@CAXPEAV12@@Z

• 0x14019f720 ?getloc@ios_base@std@@QEBA?AVlocale@2@XZ

• 0x14019f728 ?_Winerror_map@std@@YAPEBDH@Z

• 0x14019f730 ?_Syserror_map@std@@YAPEBDH@Z

• 0x14019f738 ?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

• 0x14019f740 ?widen@?$ctype@_W@std@@QEBA_WD@Z

• 0x14019f748 ?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ

• 0x14019f750 ??Bid@locale@std@@QEAA_KXZ

• 0x14019f758 ?_Xout_of_range@std@@YAXPEBD@Z

• 0x14019f760 ?_Xlength_error@std@@YAXPEBD@Z

• 0x14019f768 ?_Xbad_alloc@std@@YAXXZ

• 0x14019f770 ?uncaught_exception@std@@YA_NXZ

• 0x14019f778 ??0_Container_base12@std@@QEAA@XZ

• 0x14019f780 ??1_Lockit@std@@QEAA@XZ

• 0x14019f788 ??0_Lockit@std@@QEAA@H@Z

Library VERSION.dll:

• 0x14019fbe8 VerQueryValueW

• 0x14019fbf0 GetFileVersionInfoW

Hosts

No hosts contacted.

DNS

Name	Response	Post-Analysis Lookup
time.windows.com	A 20.189.79.72 CNAME time.microsoft.akadns.net
dns.msftncsi.com	A 131.107.255.255	131.107.255.255
dns.msftncsi.com	AAAA fd3e:4f5a:5b81::1	131.107.255.255
teredo.ipv6.microsoft.com

TCP

No TCP connections recorded.

UDP

Source	Source Port	Destination	Destination Port
192.168.56.101	49235	114.114.114.114	53
192.168.56.101	50534	114.114.114.114	53
192.168.56.101	60123	114.114.114.114	53
192.168.56.101	65004	114.114.114.114	53
192.168.56.101	137	192.168.56.255	137
192.168.56.101	138	192.168.56.255	138
192.168.56.101	123	20.189.79.72 time.windows.com	123
192.168.56.101	55368	224.0.0.252	5355
192.168.56.101	56804	224.0.0.252	5355
192.168.56.101	62191	224.0.0.252	5355
192.168.56.101	63429	224.0.0.252	5355
192.168.56.101	1900	239.255.255.250	1900
192.168.56.101	50535	239.255.255.250	3702
192.168.56.101	50537	239.255.255.250	3702
192.168.56.101	56807	239.255.255.250	1900
192.168.56.101	58707	239.255.255.250	3702
192.168.56.101	62192	239.255.255.250	3702

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.

Sorry! No dropped buffers.