3.0
中危
1 个模型检测该样本为恶意!
重新分析
更多

c67abaafc52857e1250397a68eacd03e19eba5fea55b6f820869ddd947eb3bc1

3924d3725baebb043a8af4635038c32c.exe

分析耗时

112s

最近分析

文件大小

2.3MB
静态报毒 动态报毒 MOBOGENIECRTD
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
查杀引擎 查杀结果 查杀时间 查杀版本
McAfee 20180816 6.0.6.653
Baidu 20180816 1.0.0.2
Avast 20180816 18.4.3895.0
Tencent 20180816 1.0.0.1
Kingsoft 20180816 2013.8.14.323
CrowdStrike 20180723 1.0
行为判定
动态指标
Foreign language identified in PE resource (50 out of 62 个事件)
name RT_CURSOR language LANG_CHINESE offset 0x002314d8 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000134
name RT_CURSOR language LANG_CHINESE offset 0x002314d8 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000134
name RT_CURSOR language LANG_CHINESE offset 0x002314d8 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000134
name RT_CURSOR language LANG_CHINESE offset 0x002314d8 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000134
name RT_CURSOR language LANG_CHINESE offset 0x002314d8 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000134
name RT_CURSOR language LANG_CHINESE offset 0x002314d8 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000134
name RT_CURSOR language LANG_CHINESE offset 0x002314d8 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000134
name RT_CURSOR language LANG_CHINESE offset 0x002314d8 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000134
name RT_CURSOR language LANG_CHINESE offset 0x002314d8 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000134
name RT_CURSOR language LANG_CHINESE offset 0x002314d8 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000134
name RT_CURSOR language LANG_CHINESE offset 0x002314d8 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000134
name RT_CURSOR language LANG_CHINESE offset 0x002314d8 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000134
name RT_CURSOR language LANG_CHINESE offset 0x002314d8 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000134
name RT_CURSOR language LANG_CHINESE offset 0x002314d8 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000134
name RT_CURSOR language LANG_CHINESE offset 0x002314d8 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000134
name RT_CURSOR language LANG_CHINESE offset 0x002314d8 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000134
name RT_BITMAP language LANG_CHINESE offset 0x00231800 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000144
name RT_BITMAP language LANG_CHINESE offset 0x00231800 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000144
name RT_BITMAP language LANG_CHINESE offset 0x00231800 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000144
name RT_ICON language LANG_CHINESE offset 0x0020a1a0 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000025a8
name RT_ICON language LANG_CHINESE offset 0x0020a1a0 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000025a8
name RT_ICON language LANG_CHINESE offset 0x0020a1a0 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000025a8
name RT_DIALOG language LANG_CHINESE offset 0x00231710 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000034
name RT_DIALOG language LANG_CHINESE offset 0x00231710 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000034
name RT_DIALOG language LANG_CHINESE offset 0x00231710 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000034
name RT_DIALOG language LANG_CHINESE offset 0x00231710 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000034
name RT_DIALOG language LANG_CHINESE offset 0x00231710 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000034
name RT_DIALOG language LANG_CHINESE offset 0x00231710 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000034
name RT_STRING language LANG_CHINESE offset 0x00232ee0 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x0000053e
name RT_STRING language LANG_CHINESE offset 0x00232ee0 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x0000053e
name RT_STRING language LANG_CHINESE offset 0x00232ee0 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x0000053e
name RT_STRING language LANG_CHINESE offset 0x00232ee0 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x0000053e
name RT_STRING language LANG_CHINESE offset 0x00232ee0 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x0000053e
name RT_STRING language LANG_CHINESE offset 0x00232ee0 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x0000053e
name RT_STRING language LANG_CHINESE offset 0x00232ee0 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x0000053e
name RT_STRING language LANG_CHINESE offset 0x00232ee0 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x0000053e
name RT_STRING language LANG_CHINESE offset 0x00232ee0 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x0000053e
name RT_STRING language LANG_CHINESE offset 0x00232ee0 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x0000053e
name RT_STRING language LANG_CHINESE offset 0x00232ee0 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x0000053e
name RT_STRING language LANG_CHINESE offset 0x00232ee0 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x0000053e
name RT_STRING language LANG_CHINESE offset 0x00232ee0 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x0000053e
name RT_ACCELERATOR language LANG_CHINESE offset 0x0022fc30 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000020
name RT_ACCELERATOR language LANG_CHINESE offset 0x0022fc30 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000020
name RT_GROUP_CURSOR language LANG_CHINESE offset 0x00231610 filetype Lotus unknown worksheet or configuration, revision 0x1 sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000014
name RT_GROUP_CURSOR language LANG_CHINESE offset 0x00231610 filetype Lotus unknown worksheet or configuration, revision 0x1 sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000014
name RT_GROUP_CURSOR language LANG_CHINESE offset 0x00231610 filetype Lotus unknown worksheet or configuration, revision 0x1 sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000014
name RT_GROUP_CURSOR language LANG_CHINESE offset 0x00231610 filetype Lotus unknown worksheet or configuration, revision 0x1 sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000014
name RT_GROUP_CURSOR language LANG_CHINESE offset 0x00231610 filetype Lotus unknown worksheet or configuration, revision 0x1 sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000014
name RT_GROUP_CURSOR language LANG_CHINESE offset 0x00231610 filetype Lotus unknown worksheet or configuration, revision 0x1 sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000014
name RT_GROUP_CURSOR language LANG_CHINESE offset 0x00231610 filetype Lotus unknown worksheet or configuration, revision 0x1 sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000014
File has been identified by one AntiVirus engine on VirusTotal as malicious (1 个事件)
Zillya Adware.MobogenieCRTD.Win32.11272
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

2018-07-18 16:54:20

Imports

Library WINMM.dll:
0x5858e4 PlaySoundW
0x5858e8 timeGetTime
Library KERNEL32.dll:
0x5851e0 OutputDebugStringW
0x5851e4 RtlUnwind
0x5851e8 CreateThread
0x5851ec ExitThread
0x5851f4 GetModuleHandleExW
0x5851f8 GetFileType
0x5851fc GetCommandLineA
0x585200 SetStdHandle
0x585208 GetSystemInfo
0x58520c VirtualAlloc
0x585210 VirtualQuery
0x585214 GetStdHandle
0x585218 ExitProcess
0x58521c GetACP
0x585220 GetStringTypeW
0x585224 LCMapStringW
0x58522c GetConsoleMode
0x585230 ReadConsoleW
0x585234 GetConsoleCP
0x585238 SetFilePointerEx
0x58523c FindFirstFileExW
0x585240 IsValidCodePage
0x585244 GetOEMCP
0x585248 GetCPInfo
0x585258 WriteConsoleW
0x58525c CloseHandle
0x585260 WriteFile
0x585264 GetLastError
0x585268 WideCharToMultiByte
0x58526c HeapFree
0x585274 HeapSize
0x585278 HeapReAlloc
0x58527c RaiseException
0x585280 HeapAlloc
0x585284 DecodePointer
0x58528c GetProcessHeap
0x585290 GetCommandLineW
0x585294 FindFirstFileW
0x585298 FindNextFileW
0x58529c FindClose
0x5852a0 SizeofResource
0x5852a4 LockResource
0x5852a8 LoadResource
0x5852ac FindResourceW
0x5852b0 WaitForSingleObject
0x5852b4 RemoveDirectoryW
0x5852b8 DeleteFileW
0x5852bc MoveFileExW
0x5852c0 GetModuleHandleW
0x5852cc CreateFileW
0x5852d0 CopyFileW
0x5852d4 CreateDirectoryW
0x5852d8 GetTempPathW
0x5852dc GetModuleFileNameW
0x5852e4 GetCurrentProcess
0x5852e8 GetProcAddress
0x5852ec MulDiv
0x5852f0 GetVersionExW
0x5852f4 GetFileAttributesW
0x5852fc GetCurrentThreadId
0x585300 MultiByteToWideChar
0x585304 LoadLibraryW
0x585308 DeviceIoControl
0x58530c FreeLibrary
0x585310 GlobalAlloc
0x585314 GlobalSize
0x585318 GlobalLock
0x58531c GlobalUnlock
0x585320 GlobalFree
0x585324 LocalFree
0x585328 FormatMessageW
0x58532c SetLastError
0x585330 GetCurrentThread
0x585334 LoadLibraryExW
0x585338 GlobalDeleteAtom
0x58533c lstrcmpA
0x585340 lstrcmpW
0x585344 FreeResource
0x585354 OutputDebugStringA
0x585358 GetModuleHandleA
0x58535c SetEvent
0x585360 CreateEventW
0x585364 SetThreadPriority
0x585368 ResumeThread
0x58536c GlobalAddAtomW
0x585370 GetCurrentProcessId
0x585374 EncodePointer
0x585378 GetSystemDirectoryW
0x58537c LoadLibraryA
0x585380 GlobalFindAtomW
0x585390 LocalAlloc
0x585394 TlsAlloc
0x585398 TlsGetValue
0x58539c TlsSetValue
0x5853a0 TlsFree
0x5853a4 GlobalReAlloc
0x5853a8 GlobalHandle
0x5853ac LocalReAlloc
0x5853b4 CompareStringW
0x5853b8 GetLocaleInfoW
0x5853c4 GlobalFlags
0x5853c8 GetThreadLocale
0x5853cc FlushFileBuffers
0x5853d0 GetFileSize
0x5853d4 GetFullPathNameW
0x5853dc LockFile
0x5853e0 ReadFile
0x5853e4 SetEndOfFile
0x5853e8 SetFilePointer
0x5853ec UnlockFile
0x5853f0 DuplicateHandle
0x5853f4 lstrcmpiW
0x5853f8 GlobalGetAtomNameW
0x5853fc VirtualProtect
0x585404 GetFileSizeEx
0x585408 GetFileTime
0x58540c SetErrorMode
0x585410 GetTickCount
0x585418 lstrcpyW
0x58541c FindResourceExW
0x585420 VerSetConditionMask
0x585424 VerifyVersionInfoW
0x585428 GetTempFileNameW
0x58542c GetProfileIntW
0x585430 SearchPathW
0x585434 Sleep
0x585438 ResetEvent
0x585448 TerminateProcess
0x585454 InitializeSListHead
0x585458 IsDebuggerPresent
0x58545c GetStartupInfoW
Library USER32.dll:
0x58551c DrawFocusRect
0x585520 PostThreadMessageW
0x585524 SetParent
0x585528 UnionRect
0x58552c TrackMouseEvent
0x585530 GetMenuDefaultItem
0x585538 ReuseDDElParam
0x58553c UnpackDDElParam
0x585540 InsertMenuItemW
0x585544 CreatePopupMenu
0x585548 BringWindowToTop
0x58554c LoadMenuW
0x585550 GetAsyncKeyState
0x585554 CharUpperW
0x585558 DestroyIcon
0x58555c SetRectEmpty
0x585560 SendDlgItemMessageA
0x585564 MessageBeep
0x585568 GetNextDlgGroupItem
0x58556c IsRectEmpty
0x585570 IntersectRect
0x585574 SetRect
0x585578 InvalidateRgn
0x585580 OffsetRect
0x585584 CharNextW
0x585588 KillTimer
0x58558c SetTimer
0x585594 DeleteMenu
0x585598 CopyImage
0x58559c WindowFromPoint
0x5855a0 ReleaseCapture
0x5855a4 SetCapture
0x5855a8 WaitMessage
0x5855ac LoadCursorW
0x5855b0 GetSysColorBrush
0x5855b4 MapVirtualKeyW
0x5855b8 GetKeyNameTextW
0x5855c0 InflateRect
0x5855c4 GetMenuItemInfoW
0x5855c8 DestroyMenu
0x5855cc GetMonitorInfoW
0x5855d0 MonitorFromWindow
0x5855d4 WinHelpW
0x5855d8 GetScrollInfo
0x5855dc SetScrollInfo
0x5855e0 GetTopWindow
0x5855e4 GetClassNameW
0x5855e8 GetClassLongW
0x5855ec DrawIconEx
0x5855f0 EqualRect
0x5855f4 CopyRect
0x5855f8 MapWindowPoints
0x5855fc AdjustWindowRectEx
0x585600 RemovePropW
0x585604 GetPropW
0x585608 SetPropW
0x58560c ShowScrollBar
0x585610 GetScrollRange
0x585614 SetScrollRange
0x585618 GetScrollPos
0x58561c GetForegroundWindow
0x585620 SetScrollPos
0x585624 ScrollWindow
0x585628 RedrawWindow
0x58562c TrackPopupMenu
0x585630 SetMenu
0x585634 GetMenu
0x585638 GetCapture
0x585640 SetMenuDefaultItem
0x585644 GetDoubleClickTime
0x585648 EndDeferWindowPos
0x58564c DeferWindowPos
0x585650 ModifyMenuW
0x585654 SetWindowPlacement
0x585658 GetWindowPlacement
0x58565c IsChild
0x585660 IsMenu
0x585664 CreateWindowExW
0x585668 GetClassInfoExW
0x58566c GetClassInfoW
0x585670 RegisterClassW
0x585674 CallWindowProcW
0x585678 DefWindowProcW
0x58567c GetMessageTime
0x585680 GetMessagePos
0x585688 GetSysColor
0x58568c ScreenToClient
0x585690 ClientToScreen
0x585694 EndPaint
0x585698 BeginPaint
0x58569c GetWindowDC
0x5856a0 TabbedTextOutW
0x5856a4 GrayStringW
0x5856a8 DrawTextExW
0x5856ac IsDialogMessageW
0x5856b0 SetWindowLongW
0x5856b8 GetWindowTextW
0x5856bc SetWindowTextW
0x5856c0 GetIconInfo
0x5856c4 EnableScrollBar
0x5856c8 HideCaret
0x5856cc InvertRect
0x5856d0 NotifyWinEvent
0x5856d8 EnumDisplayMonitors
0x5856dc SetClassLongW
0x5856e0 SetWindowRgn
0x5856e4 OpenClipboard
0x5856e8 CloseClipboard
0x5856ec SetClipboardData
0x5856f0 EmptyClipboard
0x5856f4 DrawStateW
0x5856f8 DrawEdge
0x5856fc DrawFrameControl
0x585700 IsZoomed
0x585704 SetCursorPos
0x585708 CopyIcon
0x58570c SetFocus
0x585710 FrameRect
0x585714 LockWindowUpdate
0x585718 UpdateLayeredWindow
0x58571c MonitorFromPoint
0x585720 GetComboBoxInfo
0x585724 GetKeyboardLayout
0x585728 IsCharLowerW
0x58572c MapVirtualKeyExW
0x585730 ToUnicodeEx
0x585734 GetKeyboardState
0x585738 PtInRect
0x585740 GetDlgCtrlID
0x585744 CheckDlgButton
0x585748 MoveWindow
0x58574c UnhookWindowsHookEx
0x585750 GetLastActivePopup
0x585754 SetCursor
0x585758 ShowOwnedPopups
0x58575c CallNextHookEx
0x585760 SetWindowsHookExW
0x585764 GetCursorPos
0x585768 ValidateRect
0x58576c GetKeyState
0x585770 PeekMessageW
0x585774 DispatchMessageW
0x585778 TranslateMessage
0x58577c GetMessageW
0x585780 SetMenuItemInfoW
0x585788 SetMenuItemBitmaps
0x58578c CheckMenuItem
0x585790 GetFocus
0x585794 GetDesktopWindow
0x585798 SetActiveWindow
0x58579c IsWindowEnabled
0x5857a0 GetActiveWindow
0x5857a4 GetNextDlgTabItem
0x5857a8 GetDlgItem
0x5857ac EndDialog
0x5857b4 DestroyWindow
0x5857b8 MapDialogRect
0x5857bc GetParent
0x5857c4 PostQuitMessage
0x5857c8 RemoveMenu
0x5857cc AppendMenuW
0x5857d0 InsertMenuW
0x5857d4 GetMenuItemCount
0x5857d8 GetMenuItemID
0x5857dc GetSubMenu
0x5857e0 GetMenuState
0x5857e4 GetMenuStringW
0x5857e8 SetForegroundWindow
0x5857ec SetWindowPos
0x5857f0 GetWindowLongW
0x5857f4 ShowWindow
0x5857f8 CharUpperBuffW
0x585800 GetUpdateRect
0x585808 UnregisterClassW
0x58580c MessageBoxW
0x585810 LoadIconW
0x585814 SendMessageW
0x585818 LoadAcceleratorsW
0x58581c GetClientRect
0x585820 IsIconic
0x585824 GetSystemMetrics
0x585828 DrawIcon
0x58582c PostMessageW
0x585834 EnableWindow
0x585838 GetSystemMenu
0x58583c EnableMenuItem
0x585840 FillRect
0x585844 LoadBitmapW
0x585848 InvalidateRect
0x58584c UpdateWindow
0x585850 GetWindowRect
0x585854 IsWindow
0x585858 IsWindowVisible
0x58585c GetDC
0x585860 ReleaseDC
0x585864 DrawTextW
0x585868 GetWindow
0x58586c LoadImageW
0x585870 DestroyCursor
0x585874 GetWindowRgn
0x585878 CreateMenu
0x58587c SubtractRect
0x585884 DefMDIChildProcW
0x585888 DefFrameProcW
0x58588c BeginDeferWindowPos
0x585890 DrawMenuBar
Library GDI32.dll:
0x585038 GetTextFaceW
0x58503c GetViewportOrgEx
0x585040 GetWindowOrgEx
0x585044 SetPixelV
0x585048 SetPaletteEntries
0x58504c ExtFloodFill
0x585050 PtInRegion
0x585054 GetBoundsRect
0x585058 FrameRgn
0x58505c FillRgn
0x585060 RoundRect
0x585064 OffsetRgn
0x585068 Rectangle
0x58506c LPtoDP
0x585070 CreateRoundRectRgn
0x585074 Polyline
0x585078 Polygon
0x58507c CreatePolygonRgn
0x585080 Ellipse
0x585084 CreateEllipticRgn
0x585088 SetDIBColorTable
0x58508c CreateDIBSection
0x585090 StretchBlt
0x585094 SetPixel
0x585098 GetTextCharsetInfo
0x58509c EnumFontFamiliesW
0x5850a0 CreateDIBitmap
0x5850a4 RealizePalette
0x5850ac GetPaletteEntries
0x5850b4 CreatePalette
0x5850b8 EnumFontFamiliesExW
0x5850c0 DPtoLP
0x5850c4 SetRectRgn
0x5850c8 GetMapMode
0x5850cc CombineRgn
0x5850d0 GetRgnBox
0x5850d4 GetTextColor
0x5850d8 GetBkColor
0x5850dc PatBlt
0x5850e4 ScaleWindowExtEx
0x5850e8 ScaleViewportExtEx
0x5850ec OffsetWindowOrgEx
0x5850f0 OffsetViewportOrgEx
0x5850f4 SetWindowOrgEx
0x5850f8 SetWindowExtEx
0x5850fc SetViewportOrgEx
0x585100 SetViewportExtEx
0x585104 ExtTextOutW
0x585108 TextOutW
0x58510c MoveToEx
0x585110 SetTextAlign
0x585114 SetTextColor
0x585118 SetROP2
0x58511c SetPolyFillMode
0x585120 GetLayout
0x585124 SetLayout
0x585128 SetMapMode
0x58512c SetBkMode
0x585130 SetBkColor
0x585134 SelectPalette
0x585138 ExtSelectClipRgn
0x58513c SelectClipRgn
0x585140 SaveDC
0x585144 RestoreDC
0x585148 RectVisible
0x58514c PtVisible
0x585150 LineTo
0x585154 IntersectClipRect
0x585158 GetPixel
0x58515c GetObjectType
0x585160 GetClipBox
0x585164 ExcludeClipRect
0x585168 Escape
0x58516c DeleteDC
0x585170 CreateSolidBrush
0x585174 CreateRectRgn
0x585178 CreatePatternBrush
0x58517c CreatePen
0x585180 CreateHatchBrush
0x585184 CreateBitmap
0x585188 GetDeviceCaps
0x58518c CreateDCW
0x585190 CopyMetaFileW
0x585198 DeleteObject
0x58519c GetTextMetricsW
0x5851a0 SelectObject
0x5851a4 GetViewportExtEx
0x5851a8 GetWindowExtEx
0x5851ac CreateFontIndirectW
0x5851b0 GetStockObject
0x5851b4 BitBlt
0x5851b8 CreateCompatibleDC
0x5851bc GetObjectW
Library MSIMG32.dll:
0x585464 AlphaBlend
0x585468 TransparentBlt
Library WINSPOOL.DRV:
0x5858f0 OpenPrinterW
0x5858f4 ClosePrinter
0x5858f8 DocumentPropertiesW
Library ADVAPI32.dll:
0x585000 RegDeleteValueW
0x585004 RegSetValueExW
0x585008 RegCloseKey
0x58500c RegEnumKeyExW
0x585010 RegEnumValueW
0x585014 RegQueryValueW
0x585018 RegEnumKeyW
0x58501c RegCreateKeyExW
0x585020 RegDeleteKeyW
0x585024 RegQueryValueExW
0x585028 RegOpenKeyExW
Library SHELL32.dll:
0x5854bc ShellExecuteExW
0x5854c0 ShellExecuteW
0x5854c4 SHGetFolderPathW
0x5854cc SHGetFileInfoW
0x5854d0 DragQueryFileW
0x5854d4 DragFinish
0x5854d8 SHAppBarMessage
0x5854dc SHBrowseForFolderW
0x5854e0 CommandLineToArgvW
0x5854e4 SHGetDesktopFolder
Library COMCTL32.dll:
Library SHLWAPI.dll:
0x5854f4 PathRemoveFileSpecW
0x5854f8 PathIsDirectoryW
0x5854fc SHDeleteKeyW
0x585500 PathFileExistsW
0x585504 PathFindExtensionW
0x585508 PathFindFileNameW
0x58550c PathIsUNCW
0x585510 PathStripToRootW
0x585514 StrFormatKBSizeW
Library UxTheme.dll:
0x585898 GetCurrentThemeName
0x58589c GetThemeColor
0x5858a0 CloseThemeData
0x5858a4 GetThemeSysColor
0x5858a8 GetWindowTheme
0x5858ac IsAppThemed
0x5858b0 DrawThemeText
0x5858b4 DrawThemeBackground
0x5858c0 OpenThemeData
0x5858c4 GetThemePartSize
Library ole32.dll:
0x58595c RegisterDragDrop
0x585960 RevokeDragDrop
0x585964 OleLockRunning
0x585974 IsAccelerator
0x58597c OleGetClipboard
0x585980 DoDragDrop
0x585990 OleFlushClipboard
0x585994 CoRevokeClassObject
0x585998 CoInitializeEx
0x58599c OleUninitialize
0x5859a0 OleInitialize
0x5859b4 CoGetClassObject
0x5859b8 CoDisconnectObject
0x5859bc CLSIDFromString
0x5859c0 ReleaseStgMedium
0x5859c4 OleDuplicateData
0x5859c8 CoTaskMemFree
0x5859cc CoTaskMemAlloc
0x5859d0 CLSIDFromProgID
0x5859d4 CoCreateInstance
0x5859d8 CoUninitialize
0x5859dc CoInitialize
0x5859e0 StringFromGUID2
0x5859e4 CoCreateGuid
Library OLEAUT32.dll:
0x585480 SysFreeString
0x585484 VariantClear
0x585488 SysAllocString
0x585490 SysStringLen
0x58549c SafeArrayDestroy
0x5854a0 SysAllocStringLen
0x5854a4 VariantCopy
0x5854a8 VarBstrFromDate
0x5854ac VariantInit
0x5854b0 VariantChangeType
0x5854b4 LoadTypeLib
Library oledlg.dll:
0x5859ec OleUIBusyW
Library IPHLPAPI.DLL:
0x5851d4 GetAdaptersInfo
Library VERSION.dll:
0x5858cc GetFileVersionInfoW
0x5858d4 VerQueryValueW
Library OLEACC.dll:
0x585474 LresultFromObject
Library WININET.dll:
0x5858dc InternetGetCookieW
Library gdiplus.dll:
0x585904 GdipBitmapLockBits
0x585910 GdipDrawImageI
0x585918 GdipCreateFromHDC
0x585920 GdipDrawImageRectI
0x585928 GdipGetImagePalette
0x585930 GdipDeleteGraphics
0x585934 GdipGetImageWidth
0x585938 GdipGetImageHeight
0x58593c GdiplusShutdown
0x585940 GdipAlloc
0x585944 GdipFree
0x585948 GdiplusStartup
0x58594c GdipCloneImage
0x585950 GdipDisposeImage
Library IMM32.dll:
0x5851c4 ImmGetOpenStatus
0x5851c8 ImmReleaseContext
0x5851cc ImmGetContext

Hosts

No hosts contacted.

TCP

No TCP connections recorded.

UDP

Source Source Port Destination Destination Port
192.168.56.101 55368 114.114.114.114 53
192.168.56.101 56539 114.114.114.114 53
192.168.56.101 63429 114.114.114.114 53
192.168.56.101 137 192.168.56.255 137
192.168.56.101 123 20.189.79.72 time.windows.com 123
192.168.56.101 51963 224.0.0.252 5355
192.168.56.101 56804 224.0.0.252 5355
192.168.56.101 58367 224.0.0.252 5355
192.168.56.101 62191 224.0.0.252 5355
192.168.56.101 65004 224.0.0.252 5355
192.168.56.101 53945 239.255.255.250 1900

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.