3.8
中危
该样本未表现出任何异常!
重新分析
更多

7a35e95b5c5ad0c2ca40f25acd09a0ca481254bf034ff198777ad1abd071d809

3ae225e2c42cbcc4bc5686a61e873b3e.exe

分析耗时

72s

最近分析

文件大小

462.5KB
静态报毒 动态报毒
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
未检测 暂无反病毒引擎检测结果
静态指标
Queries for the computername (2 个事件)
Time & API Arguments Status Return Repeated
1619345036.899148
GetComputerNameW
computer_name: OSKAR-PC
success 1 0
1619377030.716499
GetComputerNameW
computer_name: OSKAR-PC
success 1 0
The executable contains unknown PE section names indicative of a packer (could be a false positive) (1 个事件)
section r2
One or more processes crashed (2 个事件)
Time & API Arguments Status Return Repeated
1619377031.372499
__exception__
stacktrace: 
3ae225e2c42cbcc4bc5686a61e873b3e+0x3f07 @ 0x403f07
3ae225e2c42cbcc4bc5686a61e873b3e+0x1b25 @ 0x401b25
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1637624
registers.edi: 0
registers.eax: 1447909480
registers.ebp: 1637684
registers.edx: 22104
registers.ebx: 1
registers.esi: 8920936
registers.ecx: 10
exception.instruction_r: ed 89 5d e4 89 4d e0 5a 59 5b 58 83 4d fc ff eb
exception.symbol: 3ae225e2c42cbcc4bc5686a61e873b3e+0x3449
exception.instruction: in eax, dx
exception.module: 3ae225e2c42cbcc4bc5686a61e873b3e.exe
exception.exception_code: 0xc0000096
exception.offset: 13385
exception.address: 0x403449
success 0 0
1619377031.372499
__exception__
stacktrace: 
3ae225e2c42cbcc4bc5686a61e873b3e+0x3f10 @ 0x403f10
3ae225e2c42cbcc4bc5686a61e873b3e+0x1b25 @ 0x401b25
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1637628
registers.edi: 0
registers.eax: 1447909480
registers.ebp: 1637684
registers.edx: 22104
registers.ebx: 1
registers.esi: 8920936
registers.ecx: 20
exception.instruction_r: ed 89 45 e4 5a 59 5b 58 83 4d fc ff eb 11 33 c0
exception.symbol: 3ae225e2c42cbcc4bc5686a61e873b3e+0x34e2
exception.instruction: in eax, dx
exception.module: 3ae225e2c42cbcc4bc5686a61e873b3e.exe
exception.exception_code: 0xc0000096
exception.offset: 13538
exception.address: 0x4034e2
success 0 0
行为判定
动态指标
Allocates read-write-execute memory (usually to unpack itself) (6 个事件)
Time & API Arguments Status Return Repeated
1619345036.634148
NtAllocateVirtualMemory
process_identifier: 648
region_size: 225280
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 12288 (MEM_COMMIT|MEM_RESERVE)
base_address: 0x00320000
success 0 0
1619345036.649148
NtAllocateVirtualMemory
process_identifier: 648
region_size: 221184
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 12288 (MEM_COMMIT|MEM_RESERVE)
base_address: 0x00610000
success 0 0
1619345036.649148
NtProtectVirtualMemory
process_identifier: 648
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
length: 237568
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
base_address: 0x00400000
success 0 0
1619377030.638499
NtAllocateVirtualMemory
process_identifier: 784
region_size: 225280
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 12288 (MEM_COMMIT|MEM_RESERVE)
base_address: 0x00330000
success 0 0
1619377030.653499
NtAllocateVirtualMemory
process_identifier: 784
region_size: 221184
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 12288 (MEM_COMMIT|MEM_RESERVE)
base_address: 0x00370000
success 0 0
1619377030.653499
NtProtectVirtualMemory
process_identifier: 784
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
length: 237568
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
base_address: 0x00400000
success 0 0
A process created a hidden window (1 个事件)
Time & API Arguments Status Return Repeated
1619345037.681148
CreateProcessInternalW
thread_identifier: 912
thread_handle: 0x0000013c
process_identifier: 784
current_directory:
filepath:
track: 1
command_line: C:\Users\Administrator.Oskar-PC\AppData\Local\Temp\3ae225e2c42cbcc4bc5686a61e873b3e.exe /C
filepath_r:
stack_pivoted: 0
creation_flags: 134217728 (CREATE_NO_WINDOW)
process_handle: 0x00000140
inherit_handles: 0
success 1 0
Expresses interest in specific running processes (1 个事件)
process vboxservice.exe
网络通信
Communicates with host for which no DNS query was performed (1 个事件)
host 172.217.24.14
Detects VMWare through the in instruction feature (1 个事件)
Time & API Arguments Status Return Repeated
1619377031.372499
__exception__
stacktrace: 
3ae225e2c42cbcc4bc5686a61e873b3e+0x3f07 @ 0x403f07
3ae225e2c42cbcc4bc5686a61e873b3e+0x1b25 @ 0x401b25
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 1637624
registers.edi: 0
registers.eax: 1447909480
registers.ebp: 1637684
registers.edx: 22104
registers.ebx: 1
registers.esi: 8920936
registers.ecx: 10
exception.instruction_r: ed 89 5d e4 89 4d e0 5a 59 5b 58 83 4d fc ff eb
exception.symbol: 3ae225e2c42cbcc4bc5686a61e873b3e+0x3449
exception.instruction: in eax, dx
exception.module: 3ae225e2c42cbcc4bc5686a61e873b3e.exe
exception.exception_code: 0xc0000096
exception.offset: 13385
exception.address: 0x403449
success 0 0
Generates some ICMP traffic
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

2020-06-02 14:04:48

Imports

Library KERNEL32.dll:
0x46c278 IsValidLocale
0x46c27c EnumSystemLocalesA
0x46c280 GetLocaleInfoA
0x46c284 LCMapStringW
0x46c288 GetConsoleMode
0x46c28c GetConsoleCP
0x46c294 LoadLibraryA
0x46c29c WriteConsoleW
0x46c2a0 GetStringTypeW
0x46c2a4 IsValidCodePage
0x46c2a8 GetOEMCP
0x46c2ac GetACP
0x46c2b0 GetCPInfo
0x46c2b8 TerminateProcess
0x46c2bc IsDebuggerPresent
0x46c2c8 HeapCreate
0x46c2cc SetHandleCount
0x46c2d8 GetStdHandle
0x46c2e0 VirtualQuery
0x46c2e4 GetSystemInfo
0x46c2e8 VirtualAlloc
0x46c2f0 GetFileType
0x46c2f4 SetStdHandle
0x46c2f8 HeapSize
0x46c300 CreateThread
0x46c304 ExitThread
0x46c308 HeapReAlloc
0x46c30c HeapAlloc
0x46c310 HeapFree
0x46c314 EncodePointer
0x46c318 DecodePointer
0x46c31c ExitProcess
0x46c320 RaiseException
0x46c324 RtlUnwind
0x46c328 GetStartupInfoW
0x46c32c HeapSetInformation
0x46c330 GetCommandLineW
0x46c334 FindResourceExW
0x46c338 GetUserDefaultLCID
0x46c33c VirtualProtect
0x46c340 SearchPathW
0x46c344 Sleep
0x46c348 GetProfileIntW
0x46c34c GetTickCount
0x46c350 GetNumberFormatW
0x46c358 GetTempPathW
0x46c35c GetTempFileNameW
0x46c360 SetErrorMode
0x46c364 GetFileTime
0x46c368 GetFileSizeEx
0x46c36c GetFileAttributesW
0x46c374 GlobalFlags
0x46c378 lstrcpyW
0x46c37c GetSystemDirectoryW
0x46c384 GlobalGetAtomNameW
0x46c388 TlsFree
0x46c38c LocalReAlloc
0x46c390 TlsSetValue
0x46c394 TlsAlloc
0x46c39c GlobalHandle
0x46c3a0 GlobalReAlloc
0x46c3a4 TlsGetValue
0x46c3a8 GetCurrentProcessId
0x46c3b0 GetFullPathNameW
0x46c3b8 FindFirstFileW
0x46c3bc FindClose
0x46c3c0 GetCurrentProcess
0x46c3c4 DuplicateHandle
0x46c3c8 GetFileSize
0x46c3cc SetEndOfFile
0x46c3d0 UnlockFile
0x46c3d4 LockFile
0x46c3d8 FlushFileBuffers
0x46c3dc SetFilePointer
0x46c3e0 WriteFile
0x46c3e4 ReadFile
0x46c3e8 CreateFileW
0x46c3ec lstrcmpiW
0x46c3f0 GetThreadLocale
0x46c3f4 LocalAlloc
0x46c400 lstrlenA
0x46c410 CreateEventW
0x46c414 SuspendThread
0x46c418 SetEvent
0x46c41c WaitForSingleObject
0x46c420 ResumeThread
0x46c424 SetThreadPriority
0x46c428 CloseHandle
0x46c430 ReleaseActCtx
0x46c434 CreateActCtxW
0x46c438 GlobalAddAtomW
0x46c43c GlobalFindAtomW
0x46c440 GetVersionExW
0x46c444 CompareStringW
0x46c458 FreeResource
0x46c45c lstrcmpA
0x46c460 GlobalDeleteAtom
0x46c464 GetCurrentThread
0x46c468 GetModuleFileNameW
0x46c478 CompareStringA
0x46c47c ActivateActCtx
0x46c480 LoadLibraryW
0x46c484 DeactivateActCtx
0x46c488 lstrcmpW
0x46c48c GetModuleHandleW
0x46c490 GetProcAddress
0x46c494 FreeLibrary
0x46c498 GetLocaleInfoW
0x46c49c LoadLibraryExW
0x46c4a0 InterlockedExchange
0x46c4a4 WideCharToMultiByte
0x46c4a8 SetLastError
0x46c4ac GlobalFree
0x46c4b0 CopyFileW
0x46c4b4 GlobalSize
0x46c4b8 GlobalAlloc
0x46c4bc GlobalLock
0x46c4c0 GlobalUnlock
0x46c4c4 FormatMessageW
0x46c4c8 LocalFree
0x46c4cc lstrlenW
0x46c4d0 MulDiv
0x46c4d4 GetLastError
0x46c4d8 MultiByteToWideChar
0x46c4dc lstrcatW
0x46c4e0 DeleteFileW
0x46c4e4 GetExitCodeThread
0x46c4e8 TerminateThread
0x46c4ec GetCurrentThreadId
0x46c4f0 FindResourceW
0x46c4f4 LoadResource
0x46c4f8 LockResource
0x46c4fc SizeofResource
Library USER32.dll:
0x46c504 DestroyMenu
0x46c508 GetMenuItemInfoW
0x46c50c InflateRect
0x46c510 WaitMessage
0x46c514 ReleaseCapture
0x46c518 WindowFromPoint
0x46c51c SetCapture
0x46c520 InvalidateRect
0x46c52c EnumDisplayMonitors
0x46c534 SetRectEmpty
0x46c538 DeleteMenu
0x46c540 LoadCursorW
0x46c544 GetSysColorBrush
0x46c548 CharUpperW
0x46c54c EndPaint
0x46c550 BeginPaint
0x46c554 GetWindowDC
0x46c558 ClientToScreen
0x46c55c GrayStringW
0x46c560 DrawTextExW
0x46c564 DrawTextW
0x46c568 TabbedTextOutW
0x46c56c FillRect
0x46c570 ShowOwnedPopups
0x46c574 SetCursor
0x46c578 GetMessageW
0x46c57c TranslateMessage
0x46c580 GetCursorPos
0x46c588 MapDialogRect
0x46c58c MapVirtualKeyW
0x46c590 GetKeyNameTextW
0x46c594 ReleaseDC
0x46c598 GetDC
0x46c59c LoadMenuW
0x46c5a0 ShowWindow
0x46c5a4 MoveWindow
0x46c5a8 SetWindowTextW
0x46c5ac IsDialogMessageW
0x46c5b0 CheckDlgButton
0x46c5b4 SetMenuItemBitmaps
0x46c5bc LoadBitmapW
0x46c5c0 ModifyMenuW
0x46c5c4 EnableMenuItem
0x46c5c8 CheckMenuItem
0x46c5d0 LoadIconW
0x46c5d4 SendDlgItemMessageW
0x46c5d8 SendDlgItemMessageA
0x46c5dc WinHelpW
0x46c5e0 IsChild
0x46c5e4 GetCapture
0x46c5e8 CallNextHookEx
0x46c5ec GetClassLongW
0x46c5f0 GetClassNameW
0x46c5f4 SetPropW
0x46c5f8 GetPropW
0x46c5fc RemovePropW
0x46c600 GetFocus
0x46c604 SetFocus
0x46c60c GetWindowTextW
0x46c610 GetForegroundWindow
0x46c614 GetLastActivePopup
0x46c618 DispatchMessageW
0x46c61c BeginDeferWindowPos
0x46c620 EndDeferWindowPos
0x46c624 GetTopWindow
0x46c628 GetMessageTime
0x46c62c CopyImage
0x46c630 PeekMessageW
0x46c634 MonitorFromWindow
0x46c638 GetMonitorInfoW
0x46c63c MapWindowPoints
0x46c640 ScrollWindow
0x46c644 TrackPopupMenu
0x46c648 GetKeyState
0x46c64c SetMenu
0x46c650 SetScrollRange
0x46c654 UnregisterClassW
0x46c658 IntersectRect
0x46c65c CharNextW
0x46c660 GetScrollRange
0x46c664 SetScrollPos
0x46c668 EnableWindow
0x46c66c UnhookWindowsHookEx
0x46c670 SetDlgItemTextW
0x46c674 MessageBoxW
0x46c678 SetWindowsHookExW
0x46c67c GetScrollPos
0x46c680 SetForegroundWindow
0x46c684 ShowScrollBar
0x46c688 RedrawWindow
0x46c68c IsWindowVisible
0x46c690 ValidateRect
0x46c694 UpdateWindow
0x46c698 CreateWindowExW
0x46c69c GetClassInfoExW
0x46c6a0 GetClassInfoW
0x46c6a4 RegisterClassW
0x46c6a8 GetSysColor
0x46c6ac AdjustWindowRectEx
0x46c6b0 GetWindowRect
0x46c6b4 ScreenToClient
0x46c6b8 EqualRect
0x46c6bc OffsetRect
0x46c6c4 IsRectEmpty
0x46c6c8 SetRect
0x46c6cc InvalidateRgn
0x46c6d0 GetNextDlgGroupItem
0x46c6d4 MessageBeep
0x46c6d8 IsZoomed
0x46c6dc SetWindowRgn
0x46c6e0 SetParent
0x46c6e8 CreatePopupMenu
0x46c6ec NotifyWinEvent
0x46c6f0 GetAsyncKeyState
0x46c6f4 SetClassLongW
0x46c6f8 DeferWindowPos
0x46c6fc GetScrollInfo
0x46c700 SetScrollInfo
0x46c704 SetWindowPlacement
0x46c708 GetWindowPlacement
0x46c70c GetDlgCtrlID
0x46c710 DefWindowProcW
0x46c714 CallWindowProcW
0x46c718 GetMenu
0x46c71c SetWindowLongW
0x46c720 SetWindowPos
0x46c724 GetSystemMenu
0x46c728 DrawStateW
0x46c72c DrawIconEx
0x46c730 DrawEdge
0x46c734 DrawFrameControl
0x46c738 DrawFocusRect
0x46c73c ToUnicodeEx
0x46c740 GetKeyboardLayout
0x46c744 GetKeyboardState
0x46c748 DrawIcon
0x46c74c SendMessageW
0x46c750 LoadStringW
0x46c754 wsprintfW
0x46c758 UnionRect
0x46c75c IsIconic
0x46c760 GetClientRect
0x46c764 SetTimer
0x46c768 KillTimer
0x46c76c GetSystemMetrics
0x46c770 DestroyIcon
0x46c774 LoadImageW
0x46c778 PostMessageW
0x46c77c RemoveMenu
0x46c780 GetSubMenu
0x46c784 GetMenuItemCount
0x46c788 InsertMenuW
0x46c78c GetMenuItemID
0x46c790 AppendMenuW
0x46c794 GetMenuStringW
0x46c798 GetMenuState
0x46c79c PostQuitMessage
0x46c7a0 EndDialog
0x46c7a4 GetNextDlgTabItem
0x46c7a8 GetParent
0x46c7ac IsWindowEnabled
0x46c7b0 GetDlgItem
0x46c7b4 GetWindowLongW
0x46c7b8 IsWindow
0x46c7bc DestroyWindow
0x46c7c4 SetActiveWindow
0x46c7c8 GetActiveWindow
0x46c7cc GetDesktopWindow
0x46c7d0 GetWindow
0x46c7d4 PtInRect
0x46c7d8 CopyRect
0x46c7dc LoadAcceleratorsW
0x46c7e4 SetCursorPos
0x46c7e8 BringWindowToTop
0x46c7ec LockWindowUpdate
0x46c7f4 InsertMenuItemW
0x46c7f8 ReuseDDElParam
0x46c7fc UnpackDDElParam
0x46c800 GetMenuDefaultItem
0x46c804 InvertRect
0x46c808 HideCaret
0x46c80c EnableScrollBar
0x46c810 GetIconInfo
0x46c818 DefFrameProcW
0x46c81c DefMDIChildProcW
0x46c820 DrawMenuBar
0x46c828 MonitorFromPoint
0x46c82c EnumChildWindows
0x46c830 GetWindowRgn
0x46c834 DestroyCursor
0x46c838 SubtractRect
0x46c83c MapVirtualKeyExW
0x46c840 IsCharLowerW
0x46c844 GetDoubleClickTime
0x46c848 CharUpperBuffW
0x46c84c CopyIcon
0x46c850 EmptyClipboard
0x46c854 CloseClipboard
0x46c858 SetClipboardData
0x46c85c OpenClipboard
0x46c860 GetUpdateRect
0x46c864 FrameRect
0x46c86c SetMenuDefaultItem
0x46c870 PostThreadMessageW
0x46c874 CreateMenu
0x46c878 IsMenu
0x46c87c UpdateLayeredWindow
0x46c880 GetMessagePos
0x46c884 IsCharAlphaNumericW
0x46c888 CharLowerA
0x46c88c IsCharLowerA
0x46c890 GetShellWindow
0x46c894 IsCharUpperW
0x46c898 GetQueueStatus
0x46c89c IsCharAlphaA
0x46c8a4 VkKeyScanA
0x46c8a8 IsCharUpperA
0x46c8ac IsGUIThread
0x46c8b0 OpenIcon
0x46c8b8 IsWindowUnicode
0x46c8bc EndMenu
0x46c8c0 GetKeyboardType
0x46c8c4 GetClipboardData
0x46c8c8 IsCharAlphaW
0x46c8cc PaintDesktop
0x46c8d0 OemKeyScan
0x46c8d8 CharLowerW
0x46c8e0 InSendMessage
0x46c8e4 GetCaretBlinkTime
0x46c8ec LoadCursorFromFileA
0x46c8f0 CloseWindowStation
0x46c8f4 ShowCaret
0x46c8f8 GetKBCodePage
0x46c900 GetMessageExtraInfo
0x46c904 LoadCursorFromFileW
0x46c908 GetClipboardViewer
0x46c90c WindowFromDC
0x46c910 CharUpperA
0x46c914 CloseWindow
0x46c918 GetInputState
0x46c91c GetListBoxInfo
0x46c920 GetClipboardOwner
0x46c924 VkKeyScanW
0x46c928 CharNextA
0x46c92c GetDialogBaseUnits
0x46c930 CloseDesktop
0x46c938 GetCursor
0x46c940 AnyPopup
0x46c944 IsCharAlphaNumericA
0x46c948 GetThreadDesktop
Library GDI32.dll:
0x46c950 GetViewportExtEx
0x46c954 GetWindowExtEx
0x46c958 BitBlt
0x46c95c GetPixel
0x46c960 PtVisible
0x46c964 RectVisible
0x46c968 TextOutW
0x46c96c ExtTextOutW
0x46c970 Escape
0x46c974 SelectObject
0x46c978 SetViewportOrgEx
0x46c97c OffsetViewportOrgEx
0x46c980 SetViewportExtEx
0x46c984 ScaleViewportExtEx
0x46c988 SetWindowOrgEx
0x46c98c OffsetWindowOrgEx
0x46c990 SetWindowExtEx
0x46c994 ScaleWindowExtEx
0x46c998 ExtSelectClipRgn
0x46c99c DeleteDC
0x46c9a0 CreatePatternBrush
0x46c9a4 CreateCompatibleDC
0x46c9a8 GetStockObject
0x46c9ac SelectPalette
0x46c9b0 GetObjectType
0x46c9b4 CreatePen
0x46c9b8 CreateSolidBrush
0x46c9bc CreateHatchBrush
0x46c9c0 CreateDIBitmap
0x46c9c4 CreateFontIndirectW
0x46c9cc GetTextMetricsW
0x46c9d0 EnumFontFamiliesW
0x46c9d4 GetTextCharsetInfo
0x46c9dc SetRectRgn
0x46c9e0 CombineRgn
0x46c9e4 GetMapMode
0x46c9e8 DPtoLP
0x46c9ec CreateRectRgn
0x46c9f0 LineTo
0x46c9f4 GetRgnBox
0x46c9f8 CreateDIBSection
0x46c9fc SelectClipRgn
0x46ca00 CreatePolygonRgn
0x46ca04 CreateEllipticRgn
0x46ca08 Polyline
0x46ca0c Ellipse
0x46ca10 Polygon
0x46ca14 CreatePalette
0x46ca18 GetPaletteEntries
0x46ca20 RealizePalette
0x46ca28 OffsetRgn
0x46ca2c SetDIBColorTable
0x46ca30 StretchBlt
0x46ca34 SetPixel
0x46ca38 Rectangle
0x46ca3c EnumFontFamiliesExW
0x46ca40 LPtoDP
0x46ca44 GetWindowOrgEx
0x46ca48 GetViewportOrgEx
0x46ca4c PtInRegion
0x46ca50 FillRgn
0x46ca54 FrameRgn
0x46ca58 GetBoundsRect
0x46ca5c ExtFloodFill
0x46ca60 SetPaletteEntries
0x46ca64 GetTextFaceW
0x46ca68 SetPixelV
0x46ca6c GetBkColor
0x46ca70 IntersectClipRect
0x46ca74 ExcludeClipRect
0x46ca78 GetClipBox
0x46ca7c SetMapMode
0x46ca80 SetROP2
0x46ca84 SetPolyFillMode
0x46ca88 RestoreDC
0x46ca8c SaveDC
0x46ca90 PatBlt
0x46ca98 CreateBitmap
0x46ca9c DeleteObject
0x46caa0 SetLayout
0x46caa4 GetLayout
0x46caa8 SetTextAlign
0x46caac CreateRoundRectRgn
0x46cab0 MoveToEx
0x46cab4 GetDeviceCaps
0x46cab8 GetObjectW
0x46cabc SetBkColor
0x46cac0 SetTextColor
0x46cac4 CreateDCW
0x46cac8 CopyMetaFileW
0x46cacc GetTextColor
0x46cad0 SetBkMode
0x46cad4 GetDCBrushColor
0x46cad8 AddFontResourceW
0x46cadc GetSystemPaletteUse
0x46cae0 EndPage
0x46cae4 GdiGetBatchLimit
0x46cae8 GetFontLanguageInfo
0x46caec GdiFlush
0x46caf0 SetMetaRgn
0x46caf4 UnrealizeObject
0x46caf8 GetGraphicsMode
0x46cafc FlattenPath
0x46cb00 GetEnhMetaFileW
0x46cb04 GetBkMode
0x46cb08 EndPath
0x46cb0c CloseMetaFile
0x46cb10 GetEnhMetaFileA
0x46cb14 CreateMetaFileA
0x46cb18 GetColorSpace
0x46cb20 FillPath
0x46cb24 GetROP2
0x46cb28 PathToRegion
0x46cb2c EndDoc
0x46cb30 DeleteColorSpace
0x46cb34 StrokePath
0x46cb38 AbortDoc
0x46cb3c DeleteEnhMetaFile
0x46cb40 UpdateColors
0x46cb44 GetPixelFormat
0x46cb48 GetDCPenColor
0x46cb4c GetPolyFillMode
0x46cb50 DeleteMetaFile
0x46cb54 AbortPath
0x46cb58 AddFontResourceA
0x46cb5c GetTextAlign
0x46cb60 CreateMetaFileW
0x46cb64 GetStretchBltMode
0x46cb68 SwapBuffers
0x46cb6c GetTextCharset
0x46cb70 CloseEnhMetaFile
0x46cb78 CloseFigure
0x46cb7c WidenPath
0x46cb80 BeginPath
0x46cb84 CancelDC
Library ADVAPI32.dll:
0x46cb8c RegQueryValueW
0x46cb90 RegEnumKeyW
0x46cb94 RegQueryValueExW
0x46cb98 RegCreateKeyExW
0x46cb9c RegSetValueExW
0x46cba0 RegOpenKeyExW
0x46cba4 RegEnumValueW
0x46cba8 RegDeleteValueW
0x46cbac RegEnumKeyExW
0x46cbb0 RegDeleteKeyW
0x46cbb4 RegCloseKey
0x46cbb8 RegOpenKeyA
0x46cbbc RegQueryValueExA
Library COMCTL32.dll:

Hosts

No hosts contacted.

TCP

No TCP connections recorded.

UDP

Source Source Port Destination Destination Port
192.168.56.101 49235 114.114.114.114 53
192.168.56.101 50534 114.114.114.114 53
192.168.56.101 56539 114.114.114.114 53
192.168.56.101 65004 114.114.114.114 53
192.168.56.101 137 192.168.56.255 137
192.168.56.101 138 192.168.56.255 138
192.168.56.101 55368 224.0.0.252 5355
192.168.56.101 56804 224.0.0.252 5355
192.168.56.101 60123 224.0.0.252 5355
192.168.56.101 62191 224.0.0.252 5355
192.168.56.101 1900 239.255.255.250 1900
192.168.56.101 50535 239.255.255.250 3702
192.168.56.101 56540 239.255.255.250 3702
192.168.56.101 56807 239.255.255.250 1900
192.168.56.101 58707 239.255.255.250 3702

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.