3.8
中危
2 个模型检测该样本为恶意!
重新分析
更多

8f8091b7c8da57e923689a371e593a402ed701da027779bec984464501b9da7f

5ea5c1b9417a227c38cfa227e8195c35.exe

分析耗时

90s

最近分析

文件大小

2.2MB
静态报毒 动态报毒 CONFIDENCE SCORE
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
查杀引擎 查杀结果 查杀时间 查杀版本
McAfee 20190222 6.0.6.653
Alibaba 20180921 0.1.0.2
Baidu 20190215 1.0.0.2
Avast 20190222 18.4.3895.0
Tencent 20190222 1.0.0.1
Kingsoft 20190222 2013.8.14.323
CrowdStrike malicious_confidence_70% (D) 20181023 1.0
行为判定
动态指标
Queries the disk size which could be used to detect virtual machine with small fixed size or dynamic allocation (22 个事件)
Time & API Arguments Status Return Repeated
1620762806.140625
GetDiskFreeSpaceW
root_path: D:\
sectors_per_cluster: 2130563072
number_of_free_clusters: 2228932
total_number_of_clusters: 24
bytes_per_sector: 0
failed 0 0
1620762806.140625
GetDiskFreeSpaceW
root_path: E:\
sectors_per_cluster: 2130563072
number_of_free_clusters: 2228932
total_number_of_clusters: 24
bytes_per_sector: 0
failed 0 0
1620762806.140625
GetDiskFreeSpaceW
root_path: F:\
sectors_per_cluster: 2130563072
number_of_free_clusters: 2228932
total_number_of_clusters: 24
bytes_per_sector: 0
failed 0 0
1620762806.140625
GetDiskFreeSpaceW
root_path: G:\
sectors_per_cluster: 2130563072
number_of_free_clusters: 2228932
total_number_of_clusters: 24
bytes_per_sector: 0
failed 0 0
1620762806.140625
GetDiskFreeSpaceW
root_path: H:\
sectors_per_cluster: 2130563072
number_of_free_clusters: 2228932
total_number_of_clusters: 24
bytes_per_sector: 0
failed 0 0
1620762806.140625
GetDiskFreeSpaceW
root_path: I:\
sectors_per_cluster: 2130563072
number_of_free_clusters: 2228932
total_number_of_clusters: 24
bytes_per_sector: 0
failed 0 0
1620762806.140625
GetDiskFreeSpaceW
root_path: J:\
sectors_per_cluster: 2130563072
number_of_free_clusters: 2228932
total_number_of_clusters: 24
bytes_per_sector: 0
failed 0 0
1620762806.140625
GetDiskFreeSpaceW
root_path: K:\
sectors_per_cluster: 2130563072
number_of_free_clusters: 2228932
total_number_of_clusters: 24
bytes_per_sector: 0
failed 0 0
1620762806.140625
GetDiskFreeSpaceW
root_path: L:\
sectors_per_cluster: 2130563072
number_of_free_clusters: 2228932
total_number_of_clusters: 24
bytes_per_sector: 0
failed 0 0
1620762806.140625
GetDiskFreeSpaceW
root_path: M:\
sectors_per_cluster: 2130563072
number_of_free_clusters: 2228932
total_number_of_clusters: 24
bytes_per_sector: 0
failed 0 0
1620762806.140625
GetDiskFreeSpaceW
root_path: N:\
sectors_per_cluster: 2130563072
number_of_free_clusters: 2228932
total_number_of_clusters: 24
bytes_per_sector: 0
failed 0 0
1620762806.155625
GetDiskFreeSpaceW
root_path: O:\
sectors_per_cluster: 2130563072
number_of_free_clusters: 2228932
total_number_of_clusters: 24
bytes_per_sector: 0
failed 0 0
1620762806.155625
GetDiskFreeSpaceW
root_path: P:\
sectors_per_cluster: 2130563072
number_of_free_clusters: 2228932
total_number_of_clusters: 24
bytes_per_sector: 0
failed 0 0
1620762806.155625
GetDiskFreeSpaceW
root_path: Q:\
sectors_per_cluster: 2130563072
number_of_free_clusters: 2228932
total_number_of_clusters: 24
bytes_per_sector: 0
failed 0 0
1620762806.155625
GetDiskFreeSpaceW
root_path: R:\
sectors_per_cluster: 2130563072
number_of_free_clusters: 2228932
total_number_of_clusters: 24
bytes_per_sector: 0
failed 0 0
1620762806.155625
GetDiskFreeSpaceW
root_path: S:\
sectors_per_cluster: 2130563072
number_of_free_clusters: 2228932
total_number_of_clusters: 24
bytes_per_sector: 0
failed 0 0
1620762806.155625
GetDiskFreeSpaceW
root_path: T:\
sectors_per_cluster: 2130563072
number_of_free_clusters: 2228932
total_number_of_clusters: 24
bytes_per_sector: 0
failed 0 0
1620762806.155625
GetDiskFreeSpaceW
root_path: U:\
sectors_per_cluster: 2130563072
number_of_free_clusters: 2228932
total_number_of_clusters: 24
bytes_per_sector: 0
failed 0 0
1620762806.155625
GetDiskFreeSpaceW
root_path: V:\
sectors_per_cluster: 2130563072
number_of_free_clusters: 2228932
total_number_of_clusters: 24
bytes_per_sector: 0
failed 0 0
1620762806.155625
GetDiskFreeSpaceW
root_path: W:\
sectors_per_cluster: 2130563072
number_of_free_clusters: 2228932
total_number_of_clusters: 24
bytes_per_sector: 0
failed 0 0
1620762806.155625
GetDiskFreeSpaceW
root_path: X:\
sectors_per_cluster: 2130563072
number_of_free_clusters: 2228932
total_number_of_clusters: 24
bytes_per_sector: 0
failed 0 0
1620762806.155625
GetDiskFreeSpaceW
root_path: Y:\
sectors_per_cluster: 2130563072
number_of_free_clusters: 2228932
total_number_of_clusters: 24
bytes_per_sector: 0
failed 0 0
Foreign language identified in PE resource (50 out of 71 个事件)
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
name PNG language LANG_CHINESE offset 0x0022c6f8 filetype PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000003b9
File has been identified by 2 AntiVirus engines on VirusTotal as malicious (2 个事件)
Trapmine suspicious.low.ml.score
CrowdStrike malicious_confidence_70% (D)
The binary likely contains encrypted or compressed data indicative of a packer (2 个事件)
entropy 7.794345903519271 section {'size_of_data': '0x001bee00', 'virtual_address': '0x0006e000', 'entropy': 7.794345903519271, 'name': '.rsrc', 'virtual_size': '0x001bec38'} description A section with a high entropy has been found
entropy 0.796923762817655 description Overall entropy of this PE file is high
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

2017-08-11 10:53:04

Imports

Library KERNEL32.dll:
0x45b058 FindFirstFileExW
0x45b05c GetDriveTypeW
0x45b068 ReadConsoleW
0x45b070 PeekNamedPipe
0x45b074 GetFullPathNameW
0x45b07c SetEndOfFile
0x45b080 lstrlenW
0x45b084 GetLastError
0x45b088 MulDiv
0x45b08c GetFileAttributesW
0x45b090 lstrcatW
0x45b094 GlobalUnlock
0x45b098 GlobalAlloc
0x45b09c GlobalLock
0x45b0a0 DeleteFileW
0x45b0a4 CreateEventW
0x45b0a8 ResetEvent
0x45b0ac SetEvent
0x45b0b0 CreateFileMappingW
0x45b0b4 lstrcmpW
0x45b0b8 CreateFileA
0x45b0c4 Process32NextW
0x45b0c8 Process32FirstW
0x45b0cc FindClose
0x45b0d0 GetDiskFreeSpaceW
0x45b0d4 ReadFile
0x45b0d8 lstrcpynW
0x45b0dc OpenProcess
0x45b0e0 GetTickCount
0x45b0e4 CreateDirectoryW
0x45b0e8 SetFilePointer
0x45b0ec FindFirstFileW
0x45b0f0 GetFileSize
0x45b0f4 CreateMutexW
0x45b0f8 lstrcmpiW
0x45b0fc SizeofResource
0x45b100 GetSystemDirectoryW
0x45b104 LoadResource
0x45b108 FindResourceW
0x45b10c FreeResource
0x45b110 GetLocalTime
0x45b114 lstrcpyW
0x45b118 CreateThread
0x45b11c WaitForSingleObject
0x45b120 CreateFileW
0x45b124 CloseHandle
0x45b128 WriteConsoleW
0x45b12c SetFilePointerEx
0x45b130 SetStdHandle
0x45b134 GetConsoleMode
0x45b138 GetConsoleCP
0x45b13c FlushFileBuffers
0x45b140 GetStringTypeW
0x45b144 VirtualQuery
0x45b148 HeapReAlloc
0x45b14c GetCPInfo
0x45b150 GetOEMCP
0x45b154 GetACP
0x45b158 IsValidCodePage
0x45b15c FreeLibrary
0x45b168 LCMapStringEx
0x45b16c CompareStringEx
0x45b170 OutputDebugStringW
0x45b174 GetModuleHandleW
0x45b178 TerminateProcess
0x45b17c GetCurrentProcess
0x45b180 FlsFree
0x45b184 EncodePointer
0x45b188 DecodePointer
0x45b190 RaiseException
0x45b194 RtlUnwind
0x45b198 GetCommandLineW
0x45b19c GetStdHandle
0x45b1a0 WriteFile
0x45b1a4 GetModuleFileNameW
0x45b1ac HeapAlloc
0x45b1b0 HeapFree
0x45b1b8 ExitProcess
0x45b1bc GetModuleHandleExW
0x45b1c0 GetProcAddress
0x45b1c4 AreFileApisANSI
0x45b1c8 MultiByteToWideChar
0x45b1cc HeapSize
0x45b1d0 Sleep
0x45b1d4 IsDebuggerPresent
0x45b1d8 LoadLibraryExW
0x45b1dc LoadLibraryW
0x45b1e0 WideCharToMultiByte
0x45b1e4 SetLastError
0x45b1ec GetCurrentThreadId
0x45b1f0 GetProcessHeap
0x45b1f4 GetFileType
0x45b200 InitOnceExecuteOnce
0x45b204 GetStartupInfoW
0x45b20c GetTickCount64
0x45b220 FlsAlloc
0x45b224 FlsGetValue
0x45b228 FlsSetValue
Library USER32.dll:
0x45b258 ShowWindow
0x45b25c CloseWindow
0x45b260 SetWindowPos
0x45b264 IsIconic
0x45b268 BringWindowToTop
0x45b26c IsZoomed
0x45b270 SetFocus
0x45b274 IsWindow
0x45b278 CreateWindowExW
0x45b27c RegisterClassExW
0x45b280 DefWindowProcW
0x45b284 PostMessageW
0x45b288 DispatchMessageW
0x45b28c TranslateMessage
0x45b290 EnableWindow
0x45b294 GetSystemMetrics
0x45b298 BeginPaint
0x45b29c EndPaint
0x45b2a0 GetClientRect
0x45b2a4 GetWindowRect
0x45b2a8 MessageBoxW
0x45b2ac OffsetRect
0x45b2b0 GetWindowLongW
0x45b2b4 SetWindowLongW
0x45b2b8 GetMessageW
0x45b2bc GetWindow
0x45b2c0 LoadCursorW
0x45b2c4 MonitorFromWindow
0x45b2c8 GetMonitorInfoW
0x45b2cc FillRect
0x45b2d0 SetCapture
0x45b2d4 InvalidateRgn
0x45b2dc ReleaseCapture
0x45b2e0 UpdateLayeredWindow
0x45b2e4 ScreenToClient
0x45b2e8 GetDC
0x45b2ec GetDCEx
0x45b2f0 ReleaseDC
0x45b2f4 GetDesktopWindow
0x45b2f8 SetCursor
0x45b2fc InvalidateRect
0x45b300 KillTimer
0x45b304 SetWindowTextA
0x45b308 UpdateWindow
0x45b30c SetWindowTextW
0x45b310 PostQuitMessage
0x45b314 FindWindowW
0x45b318 SetTimer
0x45b31c TrackPopupMenu
0x45b324 GetSubMenu
0x45b328 SetForegroundWindow
0x45b32c LoadIconW
0x45b330 LoadMenuW
0x45b334 GetCursorPos
0x45b338 wsprintfW
0x45b33c GetParent
0x45b340 SendMessageW
Library GDI32.dll:
0x45b020 SelectObject
0x45b024 GetDeviceCaps
0x45b028 SaveDC
0x45b02c RestoreDC
0x45b030 DeleteObject
0x45b034 CreateFontW
0x45b038 CreateCompatibleDC
Library SHELL32.dll:
0x45b23c SHGetMalloc
0x45b240 ShellExecuteW
0x45b248 Shell_NotifyIconW
0x45b250 SHBrowseForFolderW
Library WS2_32.dll:
0x45b348 send
0x45b34c gethostbyname
0x45b350 closesocket
0x45b354 socket
0x45b358 recv
0x45b35c setsockopt
0x45b360 htons
0x45b364 WSAGetLastError
0x45b368 htonl
0x45b36c inet_addr
0x45b370 WSAStartup
0x45b374 connect
0x45b378 gethostname
0x45b37c ioctlsocket
0x45b380 __WSAFDIsSet
0x45b384 select
0x45b388 accept
0x45b38c listen
0x45b390 bind
0x45b394 getsockname
0x45b398 shutdown
0x45b39c getpeername
0x45b3a0 sendto
0x45b3a4 recvfrom
0x45b3a8 getsockopt
0x45b3ac ntohl
0x45b3b0 inet_ntoa
0x45b3b4 ntohs
0x45b3b8 getnameinfo
0x45b3bc getaddrinfo
0x45b3c0 freeaddrinfo
Library IPHLPAPI.DLL:
0x45b040 GetAdaptersInfo
0x45b044 GetBestRoute
0x45b048 GetIpAddrTable
Library gdiplus.dll:
0x45b3cc GdipDeleteBrush
0x45b3d0 GdipFree
0x45b3d4 GdipCloneBrush
0x45b3d8 GdipGetImageHeight
0x45b3e8 GdipDeleteFont
0x45b3f4 GdipCreateSolidFill
0x45b400 GdipGetImageWidth
0x45b408 GdipCloneImage
0x45b410 GdipAlloc
0x45b414 GdiplusShutdown
0x45b418 GdipDeleteGraphics
0x45b41c GdipCreateFromHDC
0x45b420 GdiplusStartup
0x45b424 GdipDisposeImage
0x45b428 GdipCreateFont
0x45b430 GdipDrawString
0x45b438 GdipGetFontHeight
Library ADVAPI32.dll:
0x45b000 RegOpenKeyExW
0x45b004 RegDeleteValueW
0x45b008 RegSetValueExW
0x45b00c RegQueryValueExW
0x45b010 RegCreateKeyExW
0x45b014 RegCloseKey
Library ole32.dll:
0x45b448 CoInitialize
0x45b44c CoUninitialize
0x45b450 CoCreateInstance
0x45b454 OleLockRunning
Library OLEAUT32.dll:
0x45b234 SysAllocString

Hosts

No hosts contacted.

TCP

No TCP connections recorded.

UDP

Source Source Port Destination Destination Port
192.168.56.101 49235 114.114.114.114 53
192.168.56.101 51963 114.114.114.114 53
192.168.56.101 53210 114.114.114.114 53
192.168.56.101 53657 114.114.114.114 53
192.168.56.101 55368 114.114.114.114 53
192.168.56.101 60215 114.114.114.114 53
192.168.56.101 137 192.168.56.255 137
192.168.56.101 138 192.168.56.255 138
192.168.56.101 123 20.189.79.72 time.windows.com 123
192.168.56.101 50002 224.0.0.252 5355
192.168.56.101 50534 224.0.0.252 5355
192.168.56.101 51808 224.0.0.252 5355
192.168.56.101 53380 224.0.0.252 5355
192.168.56.101 56539 224.0.0.252 5355
192.168.56.101 56804 224.0.0.252 5355
192.168.56.101 57756 224.0.0.252 5355
192.168.56.101 57874 224.0.0.252 5355
192.168.56.101 60123 224.0.0.252 5355
192.168.56.101 60384 224.0.0.252 5355
192.168.56.101 61680 224.0.0.252 5355

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.