2.2
中危
58 个模型检测该样本为恶意!
重新分析
更多

b30a9756fc8900761f35be12a3db9a178b06ba9afc01219b8323814048982807

3a0cfebaeeb1348f034ea8996b436c2f.exe

分析耗时

78s

最近分析

文件大小

2.0MB
静态报毒 动态报毒 5XPMDNV+PVG AI SCORE=85 AIDETECTVM BANKERX CLASSIC CONFIDENCE ELDORADO ENCPK EPYM GENCIRC GENETIC GENKRYPTIK HDHT HDMT HIGH CONFIDENCE HJZMTX INJECT3 KRYPTIK KZIP MALICIOUS PE MALWARE1 MALWARE@#1C3OPI9QUOIBR PINKSBOT QAKBOT QBOT R + MAL R0@AI33H9HI R334755 SCORE STATIC AI TROJANBANKER UNSAFE WOLVD ZENPAK ZEXAF 更多
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
查杀引擎 查杀结果 查杀时间 查杀版本
McAfee W32/PinkSbot-GN!3A0CFEBAEEB1 20201229 6.0.6.653
Alibaba Backdoor:Win32/KZip.e144aac4 20190527 0.3.0.5
Baidu 20190318 1.0.0.2
Avast Win32:BankerX-gen [Trj] 20201229 21.1.5827.0
Tencent Malware.Win32.Gencirc.10b9ebdd 20201229 1.0.0.1
Kingsoft 20201229 2017.9.26.565
CrowdStrike win/malicious_confidence_80% (W) 20190702 1.0
静态指标
行为判定
动态指标
Allocates read-write-execute memory (usually to unpack itself) (1 个事件)
Time & API Arguments Status Return Repeated
1620726221.082915
NtAllocateVirtualMemory
process_identifier: 340
region_size: 233472
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 12288 (MEM_COMMIT|MEM_RESERVE)
base_address: 0x00600000
success 0 0
网络通信
Communicates with host for which no DNS query was performed (1 个事件)
host 172.217.24.14
File has been identified by 58 AntiVirus engines on VirusTotal as malicious (50 out of 58 个事件)
Bkav W32.AIDetectVM.malware1
Elastic malicious (high confidence)
MicroWorld-eScan Trojan.Agent.EPYM
FireEye Generic.mg.3a0cfebaeeb1348f
CAT-QuickHeal Trojan.Qbot
McAfee W32/PinkSbot-GN!3A0CFEBAEEB1
Cylance Unsafe
Sangfor Malware
K7AntiVirus Trojan ( 005652be1 )
Alibaba Backdoor:Win32/KZip.e144aac4
K7GW Trojan ( 005652be1 )
Cybereason malicious.aeeb13
Arcabit Trojan.Agent.EPYM
Cyren W32/Qbot.F.gen!Eldorado
Symantec Packed.Generic.459
APEX Malicious
Avast Win32:BankerX-gen [Trj]
ClamAV Win.Dropper.Qakbot-7722960-0
Kaspersky HEUR:Trojan-Banker.Win32.Qbot.vho
BitDefender Trojan.Agent.EPYM
NANO-Antivirus Trojan.Win32.Inject3.hjzmtx
Paloalto generic.ml
Tencent Malware.Win32.Gencirc.10b9ebdd
Ad-Aware Trojan.Agent.EPYM
Sophos Mal/Generic-R + Mal/EncPk-APV
Comodo Malware@#1c3opi9quoibr
F-Secure Trojan.TR/AD.Qbot.wolvd
DrWeb Trojan.Inject3.39342
VIPRE Trojan.Win32.Generic!BT
TrendMicro Backdoor.Win32.QAKBOT.SMP
McAfee-GW-Edition BehavesLike.Win32.Dropper.tz
Emsisoft Trojan.Agent.EPYM (B)
SentinelOne Static AI - Malicious PE
Jiangmin Trojan.Banker.Qbot.nx
Avira TR/AD.Qbot.wolvd
Antiy-AVL Trojan/Win32.Zenpak
Microsoft Trojan:Win32/Qbot.MX!MTB
ZoneAlarm HEUR:Trojan-Banker.Win32.Qbot.vho
GData Trojan.Agent.EPYM
Cynet Malicious (score: 100)
AhnLab-V3 Trojan/Win32.QBot.R334755
Acronis suspicious
BitDefenderTheta Gen:NN.ZexaF.34700.!r0@ai33h9hi
ALYac Backdoor.QBot.gen
MAX malware (ai score=85)
VBA32 TrojanBanker.Qbot
Malwarebytes Trojan.Qbot
ESET-NOD32 a variant of Win32/Kryptik.HDHT
TrendMicro-HouseCall Backdoor.Win32.QAKBOT.SMP
Rising Trojan.Kryptik!1.C427 (CLASSIC)
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

2020-04-28 22:17:19

Imports

Library KERNEL32.dll:
0x5f5dd0 IsDebuggerPresent
0x5f5dd8 HeapAlloc
0x5f5ddc RtlUnwind
0x5f5de0 ExitProcess
0x5f5de4 HeapReAlloc
0x5f5de8 RaiseException
0x5f5dec HeapSize
0x5f5df0 VirtualProtect
0x5f5df4 VirtualAlloc
0x5f5df8 VirtualQuery
0x5f5dfc GetStdHandle
0x5f5e00 GetModuleFileNameA
0x5f5e0c SetHandleCount
0x5f5e10 GetFileType
0x5f5e14 GetStartupInfoA
0x5f5e18 HeapCreate
0x5f5e1c VirtualFree
0x5f5e24 GetCPInfo
0x5f5e28 GetACP
0x5f5e30 IsValidCodePage
0x5f5e38 GetTimeFormatA
0x5f5e3c GetDateFormatA
0x5f5e40 GetConsoleCP
0x5f5e44 GetConsoleMode
0x5f5e4c LCMapStringA
0x5f5e50 LCMapStringW
0x5f5e54 GetStringTypeA
0x5f5e58 GetStringTypeW
0x5f5e5c GetLocaleInfoA
0x5f5e60 WriteConsoleA
0x5f5e64 GetConsoleOutputCP
0x5f5e68 WriteConsoleW
0x5f5e6c SetStdHandle
0x5f5e70 CreateFileA
0x5f5e7c TerminateProcess
0x5f5e80 HeapFree
0x5f5e84 GetStartupInfoW
0x5f5e88 GetTickCount
0x5f5e8c GetFileTime
0x5f5e90 GetFileSizeEx
0x5f5e94 GetFileAttributesW
0x5f5e9c SetErrorMode
0x5f5ea4 lstrlenA
0x5f5eac TlsFree
0x5f5eb4 LocalReAlloc
0x5f5eb8 TlsSetValue
0x5f5ebc TlsAlloc
0x5f5ec4 GlobalHandle
0x5f5ec8 GlobalReAlloc
0x5f5ed0 TlsGetValue
0x5f5ed8 LocalAlloc
0x5f5edc GlobalFlags
0x5f5ee0 CreateFileW
0x5f5ee4 GetFullPathNameW
0x5f5eec FindFirstFileW
0x5f5ef0 FindClose
0x5f5ef4 GetCurrentProcess
0x5f5ef8 DuplicateHandle
0x5f5efc GetFileSize
0x5f5f00 SetEndOfFile
0x5f5f04 UnlockFile
0x5f5f08 LockFile
0x5f5f0c FlushFileBuffers
0x5f5f10 SetFilePointer
0x5f5f14 WriteFile
0x5f5f18 ReadFile
0x5f5f1c GetThreadLocale
0x5f5f20 GetModuleHandleA
0x5f5f28 GlobalFindAtomW
0x5f5f2c GetVersionExW
0x5f5f30 CompareStringW
0x5f5f34 LoadLibraryA
0x5f5f38 GetVersionExA
0x5f5f3c MulDiv
0x5f5f40 GetCurrentProcessId
0x5f5f44 GlobalAddAtomW
0x5f5f48 SetLastError
0x5f5f4c GlobalUnlock
0x5f5f50 lstrlenW
0x5f5f58 FreeResource
0x5f5f5c GlobalFree
0x5f5f60 GlobalDeleteAtom
0x5f5f64 GetCurrentThread
0x5f5f68 GetCurrentThreadId
0x5f5f74 lstrcmpA
0x5f5f78 GetLocaleInfoW
0x5f5f7c LoadLibraryW
0x5f5f80 CompareStringA
0x5f5f84 InterlockedExchange
0x5f5f88 GlobalLock
0x5f5f8c lstrcmpW
0x5f5f90 GlobalAlloc
0x5f5f94 FreeLibrary
0x5f5f98 GetModuleFileNameW
0x5f5fa0 GetSystemInfo
0x5f5fa4 GetModuleHandleW
0x5f5fa8 GetProcAddress
0x5f5fac LocalFree
0x5f5fb0 FormatMessageW
0x5f5fb4 Sleep
0x5f5fb8 CreateThread
0x5f5fbc MultiByteToWideChar
0x5f5fc0 WideCharToMultiByte
0x5f5fc4 CloseHandle
0x5f5fc8 GetLastError
0x5f5fcc DeleteFileW
0x5f5fd0 GetCommandLineW
0x5f5fd4 FindResourceW
0x5f5fd8 LoadResource
0x5f5fdc LockResource
0x5f5fe0 GetOEMCP
0x5f5fe4 SizeofResource
0x5f5ff0 GetProfileStringA
0x5f5ffc ReleaseMutex
0x5f6008 DeleteFiber
0x5f600c GlobalAddAtomA
0x5f6010 GetAtomNameA
0x5f601c VerSetConditionMask
0x5f602c lstrcat
0x5f6030 _lread
0x5f6034 VirtualLock
0x5f6038 _lopen
0x5f603c GlobalUnfix
0x5f6040 SetVolumeLabelW
0x5f6044 FindFirstFileExW
0x5f6048 SleepEx
0x5f6050 IsValidLocale
0x5f6054 EnumDateFormatsA
0x5f6058 GetCommMask
0x5f605c GetCurrencyFormatA
0x5f6060 EnumResourceNamesA
0x5f6068 FreeConsole
0x5f606c OpenEventA
0x5f6070 EnumCalendarInfoExA
0x5f6074 Process32FirstW
0x5f6078 EnumDateFormatsExW
0x5f6080 PeekNamedPipe
0x5f6090 ExitThread
0x5f6094 GetDriveTypeW
0x5f6098 DecodePointer
0x5f609c EncodePointer
0x5f60a0 HeapSetInformation
0x5f60a4 FindResourceExW
0x5f60a8 SearchPathW
0x5f60ac GetProfileIntW
0x5f60b0 GetNumberFormatW
0x5f60b4 GetTempPathW
0x5f60b8 GetTempFileNameW
0x5f60c0 GetProcessHeap
0x5f60c4 lstrcmpiW
0x5f60c8 GlobalGetAtomNameW
0x5f60d0 ReleaseActCtx
0x5f60d4 CreateActCtxW
0x5f60d8 WaitForSingleObject
0x5f60dc ResumeThread
0x5f60e0 SetThreadPriority
0x5f60e4 GlobalSize
0x5f60f0 lstrcpyW
0x5f60fc ActivateActCtx
0x5f6100 DeactivateActCtx
0x5f6104 VerifyVersionInfoW
0x5f6108 GetNativeSystemInfo
0x5f610c CopyFileW
0x5f6110 GetSystemDirectoryW
Library USER32.dll:
0x5f6118 PostThreadMessageW
0x5f611c MessageBeep
0x5f6120 GetNextDlgGroupItem
0x5f6124 InvalidateRgn
0x5f6128 InvalidateRect
0x5f612c SetRect
0x5f6130 IsRectEmpty
0x5f6138 CharNextW
0x5f613c ReleaseCapture
0x5f6140 LoadCursorW
0x5f6144 SetCapture
0x5f6148 CharUpperW
0x5f614c EndPaint
0x5f6150 BeginPaint
0x5f6154 GetWindowDC
0x5f6158 ClientToScreen
0x5f615c GrayStringW
0x5f6160 DrawTextExW
0x5f6164 DrawTextW
0x5f6168 TabbedTextOutW
0x5f616c DestroyMenu
0x5f6170 ShowWindow
0x5f6174 MoveWindow
0x5f6178 SetWindowTextW
0x5f617c IsDialogMessageW
0x5f6184 SendDlgItemMessageW
0x5f6188 SendDlgItemMessageA
0x5f618c WinHelpW
0x5f6190 IsChild
0x5f6194 GetCapture
0x5f6198 GetClassLongW
0x5f619c GetClassNameW
0x5f61a0 SetPropW
0x5f61a4 GetPropW
0x5f61a8 RemovePropW
0x5f61ac SetFocus
0x5f61b4 GetWindowTextW
0x5f61b8 GetForegroundWindow
0x5f61bc GetTopWindow
0x5f61c0 UnhookWindowsHookEx
0x5f61c4 GetMessageTime
0x5f61c8 GetMessagePos
0x5f61cc SetMenu
0x5f61d0 SetForegroundWindow
0x5f61d4 UpdateWindow
0x5f61d8 CreateWindowExW
0x5f61dc GetClassInfoExW
0x5f61e0 GetClassInfoW
0x5f61e4 RegisterClassW
0x5f61e8 GetSysColor
0x5f61ec AdjustWindowRectEx
0x5f61f0 EqualRect
0x5f61f4 PtInRect
0x5f61f8 GetDlgCtrlID
0x5f61fc DefWindowProcW
0x5f6200 CallWindowProcW
0x5f6204 GetMenu
0x5f6208 SetWindowLongW
0x5f620c OffsetRect
0x5f6210 IntersectRect
0x5f6218 GetWindowPlacement
0x5f621c GetWindowRect
0x5f6220 GetMenuItemID
0x5f6224 GetMenuItemCount
0x5f6228 GetSubMenu
0x5f6230 GetLastActivePopup
0x5f6234 SetCursor
0x5f6238 SetWindowsHookExW
0x5f623c CallNextHookEx
0x5f6240 GetMessageW
0x5f6244 TranslateMessage
0x5f6248 IsWindowVisible
0x5f624c GetKeyState
0x5f6250 GetCursorPos
0x5f6254 ValidateRect
0x5f6258 SetMenuItemBitmaps
0x5f6260 LoadBitmapW
0x5f6268 GetFocus
0x5f626c ModifyMenuW
0x5f6270 UnregisterClassW
0x5f6274 GetSysColorBrush
0x5f6278 GetMenuState
0x5f627c EnableMenuItem
0x5f6280 CheckMenuItem
0x5f6284 ReleaseDC
0x5f6288 GetDC
0x5f628c CopyRect
0x5f6290 GetDesktopWindow
0x5f6294 GetActiveWindow
0x5f6298 SetActiveWindow
0x5f62a0 DestroyWindow
0x5f62a4 IsWindow
0x5f62a8 GetWindowLongW
0x5f62ac GetDlgItem
0x5f62b0 IsWindowEnabled
0x5f62b4 GetNextDlgTabItem
0x5f62b8 EndDialog
0x5f62bc GetWindow
0x5f62c4 GetParent
0x5f62c8 MapDialogRect
0x5f62cc SetWindowPos
0x5f62d0 PostQuitMessage
0x5f62d4 PostMessageW
0x5f62d8 MessageBoxW
0x5f62dc DispatchMessageW
0x5f62e0 PeekMessageW
0x5f62e8 DrawIcon
0x5f62ec GetClientRect
0x5f62f0 GetSystemMetrics
0x5f62f4 IsIconic
0x5f62f8 SendMessageW
0x5f62fc AppendMenuW
0x5f6300 GetSystemMenu
0x5f6304 LoadIconW
0x5f6308 EnableWindow
0x5f630c MapWindowPoints
0x5f6310 DdeDisconnectList
0x5f6314 CheckMenuRadioItem
0x5f6318 WINNLSEnableIME
0x5f6324 LoadImageA
0x5f6328 GetAncestor
0x5f632c EnumPropsA
0x5f6330 CopyIcon
0x5f6338 WindowFromPoint
0x5f633c GetLastInputInfo
0x5f6340 CallMsgFilterA
0x5f6344 DdeQueryConvInfo
0x5f6348 DlgDirSelectExW
0x5f634c SetDlgItemTextW
0x5f6350 TrackPopupMenu
0x5f6354 SetCaretPos
0x5f635c CharLowerA
0x5f6360 SetCaretBlinkTime
0x5f6364 DefFrameProcA
0x5f6368 FindWindowExW
0x5f636c VkKeyScanW
0x5f6370 PeekMessageA
0x5f6374 GetKBCodePage
0x5f6378 DialogBoxParamA
0x5f637c SetSystemCursor
0x5f6380 ModifyMenuA
0x5f6384 GetWindowRgn
0x5f6388 EnumPropsW
0x5f638c GetKeyNameTextW
0x5f6390 wvsprintfA
0x5f6394 CharUpperBuffW
0x5f6398 FrameRect
0x5f639c EmptyClipboard
0x5f63a0 CloseClipboard
0x5f63a4 SetClipboardData
0x5f63a8 OpenClipboard
0x5f63ac CopyImage
0x5f63b0 GetIconInfo
0x5f63b4 HideCaret
0x5f63b8 InvertRect
0x5f63bc LockWindowUpdate
0x5f63c0 SetCursorPos
0x5f63c8 GetKeyboardState
0x5f63cc GetKeyboardLayout
0x5f63d0 MapVirtualKeyW
0x5f63d4 ToUnicodeEx
0x5f63d8 DrawFocusRect
0x5f63dc DrawFrameControl
0x5f63e0 DrawEdge
0x5f63e4 DrawIconEx
0x5f63e8 SetClassLongW
0x5f63f0 SetParent
0x5f63f4 UnpackDDElParam
0x5f63f8 ReuseDDElParam
0x5f63fc LoadImageW
0x5f6400 LoadAcceleratorsW
0x5f6404 InsertMenuItemW
0x5f6408 BringWindowToTop
0x5f6410 DestroyIcon
0x5f6414 GetMenuDefaultItem
0x5f6418 SetMenuDefaultItem
0x5f641c GetMenuItemInfoW
0x5f6420 CreatePopupMenu
0x5f6424 IsMenu
0x5f6428 MonitorFromPoint
0x5f642c UpdateLayeredWindow
0x5f6430 EnableScrollBar
0x5f6434 UnionRect
0x5f6438 IsZoomed
0x5f643c GetAsyncKeyState
0x5f6440 NotifyWinEvent
0x5f6444 RedrawWindow
0x5f6448 SetWindowRgn
0x5f644c LoadMenuW
0x5f6454 EnumDisplayMonitors
0x5f645c SetRectEmpty
0x5f6460 KillTimer
0x5f6464 SetTimer
0x5f646c DeleteMenu
0x5f6470 WaitMessage
0x5f6474 DefFrameProcW
0x5f6478 CheckDlgButton
0x5f647c BeginDeferWindowPos
0x5f6480 EndDeferWindowPos
0x5f6484 MonitorFromWindow
0x5f6488 GetMonitorInfoW
0x5f648c ScrollWindow
0x5f6490 SetScrollRange
0x5f6494 GetScrollRange
0x5f6498 SetScrollPos
0x5f649c GetScrollPos
0x5f64a0 ShowScrollBar
0x5f64a4 DeferWindowPos
0x5f64a8 GetScrollInfo
0x5f64ac SetScrollInfo
0x5f64b0 SetWindowPlacement
0x5f64b4 DrawStateW
0x5f64b8 ShowOwnedPopups
0x5f64bc DefMDIChildProcW
0x5f64c0 DrawMenuBar
0x5f64c8 CreateMenu
0x5f64d0 GetUpdateRect
0x5f64d4 GetDoubleClickTime
0x5f64d8 IsCharLowerW
0x5f64dc MapVirtualKeyExW
0x5f64e0 SubtractRect
0x5f64e4 DestroyCursor
0x5f64e8 ScreenToClient
0x5f64ec FillRect
0x5f64f0 GetMenuStringW
0x5f64f4 InsertMenuW
0x5f64f8 RemoveMenu
0x5f64fc InflateRect
0x5f6500 LoadIconA
0x5f6504 GetThreadDesktop
0x5f6508 GetCaretBlinkTime
0x5f650c CloseDesktop
0x5f6510 GetShellWindow
0x5f6514 ShowCaret
0x5f6518 GetListBoxInfo
0x5f651c GetClipboardViewer
Library GDI32.dll:
0x5f6524 GetStockObject
0x5f6528 GetBkColor
0x5f652c ExtSelectClipRgn
0x5f6530 GetMapMode
0x5f6534 DeleteDC
0x5f6538 GetTextColor
0x5f653c GetWindowExtEx
0x5f6540 GetViewportExtEx
0x5f6544 ScaleWindowExtEx
0x5f6548 SetWindowExtEx
0x5f654c ScaleViewportExtEx
0x5f6550 SetViewportExtEx
0x5f6554 OffsetViewportOrgEx
0x5f6558 SetViewportOrgEx
0x5f655c SelectObject
0x5f6560 Escape
0x5f6564 TextOutW
0x5f6568 RectVisible
0x5f656c PtVisible
0x5f6570 GetRgnBox
0x5f6578 DeleteObject
0x5f657c SetMapMode
0x5f6580 RestoreDC
0x5f6584 SaveDC
0x5f6588 ExtTextOutW
0x5f658c GetObjectW
0x5f6590 SetBkColor
0x5f6594 SetTextColor
0x5f6598 GetClipBox
0x5f659c GetDeviceCaps
0x5f65a0 CreateBitmap
0x5f65a4 EngAlphaBlend
0x5f65a8 GetBoundsRect
0x5f65ac EngCreateSemaphore
0x5f65b0 GetNearestColor
0x5f65b4 LineDDA
0x5f65b8 GetTextCharsetInfo
0x5f65c0 SetRectRgn
0x5f65c4 CombineRgn
0x5f65c8 PatBlt
0x5f65cc DPtoLP
0x5f65d0 CreateRoundRectRgn
0x5f65d4 CreateDIBSection
0x5f65d8 CreatePolygonRgn
0x5f65dc CreateEllipticRgn
0x5f65e0 Polyline
0x5f65e4 Ellipse
0x5f65e8 Polygon
0x5f65ec CreatePalette
0x5f65f0 GetPaletteEntries
0x5f65f8 RealizePalette
0x5f6600 OffsetRgn
0x5f6604 SetDIBColorTable
0x5f6608 StretchBlt
0x5f660c SetPixel
0x5f6610 EnumFontFamiliesW
0x5f6614 EnumFontFamiliesExW
0x5f6618 ExtFloodFill
0x5f661c SetPaletteEntries
0x5f6620 LPtoDP
0x5f6624 GetWindowOrgEx
0x5f6628 GetViewportOrgEx
0x5f662c PtInRegion
0x5f6630 FillRgn
0x5f6634 FrameRgn
0x5f6638 GetTextFaceW
0x5f663c SetPixelV
0x5f6640 GetTextMetricsW
0x5f6648 CreateFontIndirectW
0x5f664c CreateDIBitmap
0x5f6650 CreateHatchBrush
0x5f6654 CreateSolidBrush
0x5f6658 CreatePen
0x5f665c GetObjectType
0x5f6660 SelectPalette
0x5f6664 CreateCompatibleDC
0x5f6668 CreatePatternBrush
0x5f666c OffsetWindowOrgEx
0x5f6670 SetWindowOrgEx
0x5f6674 Rectangle
0x5f6678 GetPixel
0x5f667c BitBlt
0x5f6680 CreateRectRgn
0x5f6684 SelectClipRgn
0x5f6688 SetLayout
0x5f668c GetLayout
0x5f6690 SetTextAlign
0x5f6694 MoveToEx
0x5f6698 LineTo
0x5f669c IntersectClipRect
0x5f66a0 ExcludeClipRect
0x5f66a4 SetROP2
0x5f66a8 SetPolyFillMode
0x5f66ac SetBkMode
0x5f66b0 CreateDCW
0x5f66b4 CopyMetaFileW
0x5f66b8 GetEnhMetaFileA
0x5f66bc UnrealizeObject
0x5f66c0 CreateMetaFileW
0x5f66c4 AddFontResourceW
0x5f66c8 GetGraphicsMode
0x5f66cc GetSystemPaletteUse
0x5f66d0 GetDCPenColor
0x5f66d4 BeginPath
0x5f66d8 EndPath
0x5f66dc GdiFlush
0x5f66e0 CreateMetaFileA
Library COMDLG32.dll:
0x5f66e8 GetFileTitleW
Library ADVAPI32.dll:
0x5f66f0 RegCreateKeyExW
0x5f66f4 RegQueryValueW
0x5f66f8 RegOpenKeyW
0x5f66fc RegEnumKeyW
0x5f6700 RegDeleteKeyW
0x5f6704 RegSetValueExW
0x5f670c RegOpenKeyExW
0x5f6710 RegQueryValueExW
0x5f6714 RegCloseKey
0x5f6718 CryptReleaseContext
0x5f671c CryptDestroyHash
0x5f6720 CryptGetHashParam
0x5f6724 CryptHashData
0x5f6728 CryptCreateHash
0x5f672c OpenSCManagerW
0x5f6730 CreateServiceW
0x5f6734 CloseServiceHandle
0x5f6740 FreeSid
0x5f6744 RegEnumKeyExW
0x5f6748 RegEnumValueW
0x5f674c RegDeleteValueW
0x5f6750 RegQueryValueExA
Library SHELL32.dll:
0x5f6758 CommandLineToArgvW
0x5f6760 SHBrowseForFolderW
0x5f676c ShellExecuteW
0x5f677c WOWShellExecute
0x5f6780 ExtractIconA
0x5f6784 DragFinish
0x5f6788 DragQueryFile
0x5f678c SHFileOperation
0x5f6790 SHQueryRecycleBinA
0x5f6798 SHAppBarMessage
0x5f679c FindExecutableW
0x5f67a0 ExtractIconW
0x5f67ac SHBrowseForFolderA
0x5f67b4 ExtractIconExA
0x5f67b8 ShellExecuteA
0x5f67bc SHChangeNotify
0x5f67c4 DragQueryPoint
0x5f67cc SHFileOperationA
0x5f67d0 SHAddToRecentDocs
0x5f67d4 ExtractIconEx
0x5f67d8 Shell_NotifyIconA
0x5f67e0 SHBindToParent
0x5f67e8 SHGetFolderPathW
0x5f67ec DragQueryFileW
0x5f67f0 SHGetMalloc
0x5f67f4 SHGetDesktopFolder
0x5f67f8 SHGetFileInfoW
Library ole32.dll:
0x5f6800 OleInitialize
0x5f6808 OleUninitialize
0x5f6818 CoGetClassObject
0x5f681c OleFlushClipboard
0x5f6820 CoTaskMemAlloc
0x5f6824 CoTaskMemFree
0x5f6828 CLSIDFromString
0x5f682c CLSIDFromProgID
0x5f6834 CoRevokeClassObject
0x5f683c RevokeDragDrop
0x5f6844 RegisterDragDrop
0x5f6848 OleGetClipboard
0x5f684c OleLockRunning
0x5f6850 IsAccelerator
0x5f6860 CoInitializeEx
0x5f6864 DoDragDrop
0x5f686c CoInitialize
0x5f6870 CoCreateInstance
0x5f6874 CoUninitialize
0x5f6878 OleDuplicateData
0x5f687c ReleaseStgMedium
0x5f6880 CoCreateGuid
Library SHLWAPI.dll:
0x5f6888 PathFileExistsW
0x5f688c PathFindExtensionW
0x5f6890 PathStripToRootW
0x5f6894 PathIsUNCW
0x5f6898 PathFindFileNameW
0x5f689c StrCmpNW
0x5f68a0 StrCmpNIW
0x5f68a4 StrRChrIW
0x5f68a8 StrStrA
0x5f68ac StrRStrIW
0x5f68b0 PathRemoveFileSpecW
Library COMCTL32.dll:
Library IMM32.dll:
0x5f68c4 ImmGetOpenStatus
0x5f68c8 ImmReleaseContext
0x5f68cc ImmGetContext

Hosts

No hosts contacted.

TCP

No TCP connections recorded.

UDP

Source Source Port Destination Destination Port
192.168.56.101 49235 114.114.114.114 53
192.168.56.101 50534 114.114.114.114 53
192.168.56.101 56539 114.114.114.114 53
192.168.56.101 58367 114.114.114.114 53
192.168.56.101 65004 114.114.114.114 53
192.168.56.101 137 192.168.56.255 137
192.168.56.101 138 192.168.56.255 138
192.168.56.101 123 20.189.79.72 time.windows.com 123
192.168.56.101 55368 224.0.0.252 5355
192.168.56.101 56804 224.0.0.252 5355
192.168.56.101 60123 224.0.0.252 5355
192.168.56.101 62191 224.0.0.252 5355
192.168.56.101 1900 239.255.255.250 1900
192.168.56.101 56540 239.255.255.250 3702
192.168.56.101 56807 239.255.255.250 1900
192.168.56.101 58368 239.255.255.250 3702
192.168.56.101 58370 239.255.255.250 3702
192.168.56.101 58707 239.255.255.250 3702

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.