2.4
中危
1 个模型检测该样本为恶意!
重新分析
更多

410e9b5657c15692ff803a47ca49f23033632c78c8efff4c39db6090bb2ef7c4

5f2ae0be4762985db09538f5d8546548.exe

分析耗时

80s

最近分析

文件大小

1.2MB
静态报毒 动态报毒 SOGOUCRTD
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
查杀引擎 查杀结果 查杀时间 查杀版本
McAfee 20170322 6.0.6.653
Baidu 20170322 1.0.0.2
Avast 20170322 8.0.1489.320
Tencent 20170322 1.0.0.1
Kingsoft 20170322 2013.8.14.323
CrowdStrike 20170130 1.0
静态指标
This executable is signed
This executable has a PDB path (1 个事件)
pdb_path D:\FullInstall - 副本\TianTianDownloaderV2\tool\PrjDownloaderNew\output\release\TianTianDownloader.pdb
The file contains an unknown PE resource name possibly indicative of a packer (1 个事件)
resource name PNG
行为判定
动态指标
Foreign language identified in PE resource (49 个事件)
name PNG language LANG_CHINESE offset 0x000c04e0 filetype PNG image data, 648 x 77, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00002360
name PNG language LANG_CHINESE offset 0x000c04e0 filetype PNG image data, 648 x 77, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00002360
name PNG language LANG_CHINESE offset 0x000c04e0 filetype PNG image data, 648 x 77, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00002360
name PNG language LANG_CHINESE offset 0x000c04e0 filetype PNG image data, 648 x 77, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00002360
name PNG language LANG_CHINESE offset 0x000c04e0 filetype PNG image data, 648 x 77, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00002360
name PNG language LANG_CHINESE offset 0x000c04e0 filetype PNG image data, 648 x 77, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00002360
name PNG language LANG_CHINESE offset 0x000c04e0 filetype PNG image data, 648 x 77, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00002360
name PNG language LANG_CHINESE offset 0x000c04e0 filetype PNG image data, 648 x 77, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00002360
name PNG language LANG_CHINESE offset 0x000c04e0 filetype PNG image data, 648 x 77, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00002360
name PNG language LANG_CHINESE offset 0x000c04e0 filetype PNG image data, 648 x 77, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00002360
name PNG language LANG_CHINESE offset 0x000c04e0 filetype PNG image data, 648 x 77, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00002360
name PNG language LANG_CHINESE offset 0x000c04e0 filetype PNG image data, 648 x 77, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00002360
name PNG language LANG_CHINESE offset 0x000c04e0 filetype PNG image data, 648 x 77, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00002360
name PNG language LANG_CHINESE offset 0x000c04e0 filetype PNG image data, 648 x 77, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00002360
name PNG language LANG_CHINESE offset 0x000c04e0 filetype PNG image data, 648 x 77, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00002360
name PNG language LANG_CHINESE offset 0x000c04e0 filetype PNG image data, 648 x 77, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00002360
name PNG language LANG_CHINESE offset 0x000c04e0 filetype PNG image data, 648 x 77, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00002360
name PNG language LANG_CHINESE offset 0x000c04e0 filetype PNG image data, 648 x 77, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00002360
name PNG language LANG_CHINESE offset 0x000c04e0 filetype PNG image data, 648 x 77, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00002360
name PNG language LANG_CHINESE offset 0x000c04e0 filetype PNG image data, 648 x 77, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00002360
name PNG language LANG_CHINESE offset 0x000c04e0 filetype PNG image data, 648 x 77, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00002360
name PNG language LANG_CHINESE offset 0x000c04e0 filetype PNG image data, 648 x 77, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00002360
name PNG language LANG_CHINESE offset 0x000c04e0 filetype PNG image data, 648 x 77, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00002360
name PNG language LANG_CHINESE offset 0x000c04e0 filetype PNG image data, 648 x 77, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00002360
name PNG language LANG_CHINESE offset 0x000c04e0 filetype PNG image data, 648 x 77, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00002360
name PNG language LANG_CHINESE offset 0x000c04e0 filetype PNG image data, 648 x 77, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00002360
name PNG language LANG_CHINESE offset 0x000c04e0 filetype PNG image data, 648 x 77, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00002360
name PNG language LANG_CHINESE offset 0x000c04e0 filetype PNG image data, 648 x 77, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00002360
name PNG language LANG_CHINESE offset 0x000c04e0 filetype PNG image data, 648 x 77, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00002360
name PNG language LANG_CHINESE offset 0x000c04e0 filetype PNG image data, 648 x 77, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00002360
name PNG language LANG_CHINESE offset 0x000c04e0 filetype PNG image data, 648 x 77, 8-bit/color RGBA, non-interlaced sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00002360
name RT_ICON language LANG_CHINESE offset 0x0012bbc0 filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000468
name RT_ICON language LANG_CHINESE offset 0x0012bbc0 filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000468
name RT_ICON language LANG_CHINESE offset 0x0012bbc0 filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000468
name RT_ICON language LANG_CHINESE offset 0x0012bbc0 filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000468
name RT_ICON language LANG_CHINESE offset 0x0012bbc0 filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000468
name RT_ICON language LANG_CHINESE offset 0x0012bbc0 filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000468
name RT_ICON language LANG_CHINESE offset 0x0012bbc0 filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000468
name RT_ICON language LANG_CHINESE offset 0x0012bbc0 filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000468
name RT_ICON language LANG_CHINESE offset 0x0012bbc0 filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000468
name RT_MENU language LANG_CHINESE offset 0x0012c028 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000016
name RT_DIALOG language LANG_CHINESE offset 0x0012c9d0 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x0000010e
name RT_DIALOG language LANG_CHINESE offset 0x0012c9d0 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x0000010e
name RT_DIALOG language LANG_CHINESE offset 0x0012c9d0 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x0000010e
name RT_DIALOG language LANG_CHINESE offset 0x0012c9d0 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x0000010e
name RT_DIALOG language LANG_CHINESE offset 0x0012c9d0 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x0000010e
name RT_DIALOG language LANG_CHINESE offset 0x0012c9d0 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x0000010e
name RT_DIALOG language LANG_CHINESE offset 0x0012c9d0 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x0000010e
name RT_GROUP_ICON language LANG_CHINESE offset 0x0012cb34 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000084
File has been identified by one AntiVirus engine on VirusTotal as malicious (1 个事件)
Zillya Adware.SogouCRTD.Win32.10586
The binary likely contains encrypted or compressed data indicative of a packer (2 个事件)
entropy 7.205439770312752 section {'size_of_data': '0x000f4200', 'virtual_address': '0x00039000', 'entropy': 7.205439770312752, 'name': '.rsrc', 'virtual_size': '0x000f4154'} description A section with a high entropy has been found
entropy 0.8023829087921117 description Overall entropy of this PE file is high
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

2017-01-13 14:44:50

Imports

Library mfc100u.dll:
0x427570
0x427574
0x427578
0x42757c
0x427580
0x427584
0x427588
0x42758c
0x427590
0x427594
0x427598
0x42759c
0x4275a0
0x4275a4
0x4275a8
0x4275ac
0x4275b0
0x4275b4
0x4275b8
0x4275bc
0x4275c0
0x4275c4
0x4275c8
0x4275cc
0x4275d0
0x4275d4
0x4275d8
0x4275dc
0x4275e0
0x4275e4
0x4275e8
0x4275ec
0x4275f0
0x4275f4
0x4275f8
0x4275fc
0x427600
0x427604
0x427608
0x42760c
0x427610
0x427614
0x427618
0x42761c
0x427620
0x427624
0x427628
0x42762c
0x427630
0x427634
0x427638
0x42763c
0x427640
0x427644
0x427648
0x42764c
0x427650
0x427654
0x427658
0x42765c
0x427660
0x427664
0x427668
0x42766c
0x427670
0x427674
0x427678
0x42767c
0x427680
0x427684
0x427688
0x42768c
0x427690
0x427694
0x427698
0x42769c
0x4276a0
0x4276a4
0x4276a8
0x4276ac
0x4276b0
0x4276b4
0x4276b8
0x4276bc
0x4276c0
0x4276c4
0x4276c8
0x4276cc
0x4276d0
0x4276d4
0x4276d8
0x4276dc
0x4276e0
0x4276e4
0x4276e8
0x4276ec
0x4276f0
0x4276f4
0x4276f8
0x4276fc
0x427700
0x427704
0x427708
0x42770c
0x427710
0x427714
0x427718
0x42771c
0x427720
0x427724
0x427728
0x42772c
0x427730
0x427734
0x427738
0x42773c
0x427740
0x427744
0x427748
0x42774c
0x427750
0x427754
0x427758
0x42775c
0x427760
0x427764
0x427768
0x42776c
0x427770
0x427774
0x427778
0x42777c
0x427780
0x427784
0x427788
0x42778c
0x427790
0x427794
0x427798
0x42779c
0x4277a0
0x4277a4
0x4277a8
0x4277ac
0x4277b0
0x4277b4
0x4277b8
0x4277bc
0x4277c0
0x4277c4
0x4277c8
0x4277cc
0x4277d0
0x4277d4
0x4277d8
0x4277dc
0x4277e0
0x4277e4
0x4277e8
0x4277ec
0x4277f0
0x4277f4
0x4277f8
0x4277fc
0x427800
0x427804
0x427808
0x42780c
0x427810
0x427814
0x427818
0x42781c
0x427820
0x427824
0x427828
0x42782c
0x427830
0x427834
0x427838
0x42783c
0x427840
0x427844
0x427848
0x42784c
0x427850
0x427854
0x427858
0x42785c
0x427860
0x427864
0x427868
0x42786c
0x427870
0x427874
0x427878
0x42787c
0x427880
0x427884
0x427888
0x42788c
0x427890
0x427894
0x427898
0x42789c
0x4278a0
0x4278a4
0x4278a8
0x4278ac
0x4278b0
0x4278b4
0x4278b8
0x4278bc
0x4278c0
0x4278c4
0x4278c8
0x4278cc
0x4278d0
0x4278d4
0x4278d8
0x4278dc
0x4278e0
0x4278e4
0x4278e8
0x4278ec
0x4278f0
0x4278f4
0x4278f8
0x4278fc
0x427900
0x427904
0x427908
0x42790c
0x427910
0x427914
0x427918
0x42791c
0x427920
0x427924
0x427928
0x42792c
0x427930
0x427934
0x427938
0x42793c
0x427940
0x427944
0x427948
0x42794c
0x427950
0x427954
0x427958
0x42795c
0x427960
0x427964
0x427968
0x42796c
0x427970
0x427974
0x427978
0x42797c
0x427980
0x427984
0x427988
0x42798c
0x427990
0x427994
0x427998
0x42799c
0x4279a0
0x4279a4
0x4279a8
0x4279ac
0x4279b0
0x4279b4
0x4279b8
0x4279bc
0x4279c0
0x4279c4
0x4279c8
0x4279cc
Library MSVCR100.dll:
0x427250 setvbuf
0x427254 _unlock_file
0x427258 _lock_file
0x42725c ungetc
0x427260 fwrite
0x427264 fseek
0x427268 _wcsicmp
0x42726c fsetpos
0x427270 _fseeki64
0x427274 fread
0x427278 ftell
0x42727c wcsstr
0x427280 fgetpos
0x427284 fputc
0x427288 fgetc
0x42728c fflush
0x427290 _wfopen
0x427294 free
0x427298 malloc
0x42729c __CxxFrameHandler3
0x4272a0 _CxxThrowException
0x4272a4 memset
0x4272a8 calloc
0x4272ac _recalloc
0x4272b0 _resetstkoflw
0x4272b4 memcpy
0x4272b8 _vswprintf
0x4272bc wcstol
0x4272c0 wcsncmp
0x4272c4 wcschr
0x4272c8 _wtoi
0x4272cc _purecall
0x4272d8 memmove
0x4272f0 _waccess
0x4272f4 memcpy_s
0x4272f8 _wremove
0x4272fc exit
0x427300 _time64
0x427304 _amsg_exit
0x427308 __wgetmainargs
0x42730c _cexit
0x427310 _exit
0x427314 _XcptFilter
0x427318 _wcmdln
0x42731c _initterm
0x427320 _initterm_e
0x427324 _configthreadlocale
0x427328 __setusermatherr
0x42732c _commode
0x427330 _fmode
0x427334 __set_app_type
0x427338 _unlock
0x42733c __dllonexit
0x427340 _lock
0x427344 _onexit
0x427348 ?terminate@@YAXXZ
0x427350 _invoke_watson
0x427354 _controlfp_s
0x427358 _crt_debugger_hook
0x427360 wcsncpy
0x427364 fclose
Library KERNEL32.dll:
0x4270a0 LocalAlloc
0x4270a8 lstrcmpW
0x4270ac FormatMessageW
0x4270b0 GetACP
0x4270b4 CreatePipe
0x4270b8 CreateProcessW
0x4270bc WaitForSingleObject
0x4270c0 GetExitCodeProcess
0x4270c4 ReadFile
0x4270c8 lstrcpyW
0x4270cc LockResource
0x4270d0 FindResourceW
0x4270d4 SizeofResource
0x4270d8 LoadResource
0x4270dc GetProcAddress
0x4270e0 GlobalLock
0x4270e4 GlobalUnlock
0x4270e8 GlobalFree
0x4270ec FreeResource
0x4270f0 GetModuleHandleW
0x4270f4 SuspendThread
0x4270f8 LocalFree
0x4270fc WideCharToMultiByte
0x427100 lstrlenA
0x427104 MultiByteToWideChar
0x427118 FreeLibrary
0x42711c Sleep
0x427120 GetModuleFileNameW
0x427124 OutputDebugStringW
0x427128 lstrlenW
0x42712c DeleteFileW
0x427144 GetDriveTypeA
0x427148 GetDiskFreeSpaceExW
0x42714c RemoveDirectoryW
0x427150 GetDriveTypeW
0x427154 CreateMutexW
0x427158 GetLastError
0x42715c CloseHandle
0x427160 GetTickCount
0x427168 Process32FirstW
0x42716c TerminateProcess
0x427170 Process32NextW
0x427174 InterlockedExchange
0x42717c HeapSetInformation
0x427180 GetStartupInfoW
0x427184 EncodePointer
0x427188 DecodePointer
0x427194 GetCurrentThreadId
0x427198 GetCurrentProcessId
0x4271a0 GetCurrentProcess
0x4271a8 IsDebuggerPresent
0x4271ac GlobalAlloc
0x4271b0 LoadLibraryW
Library USER32.dll:
0x4273d8 InflateRect
0x4273dc ReleaseDC
0x4273e0 DrawTextW
0x4273e4 SendMessageW
0x4273e8 IsWindow
0x4273f0 GetWindowRect
0x4273f4 PostMessageW
0x4273f8 GetParent
0x427400 EnableWindow
0x427404 KillTimer
0x427408 DestroyIcon
0x42740c SetTimer
0x427410 wsprintfW
0x427414 ShowWindow
0x427418 SetForegroundWindow
0x42741c EqualRect
0x427420 LoadIconW
0x427424 GetSystemMenu
0x427428 AppendMenuW
0x42742c GetCursorPos
0x427430 CreatePopupMenu
0x427434 IsIconic
0x427438 GetSystemMetrics
0x42743c GetClientRect
0x427440 DrawIcon
0x427444 PostQuitMessage
0x427448 GetDC
0x42744c ClientToScreen
0x427450 WindowFromPoint
0x427454 LoadBitmapW
0x427458 GetNextDlgGroupItem
0x42745c GetCapture
0x427460 IsWindowVisible
0x427464 DefWindowProcW
0x427468 CreateWindowExW
0x42746c GetClassInfoW
0x427470 RegisterClassExW
0x427474 FindWindowW
0x427478 InvalidateRect
0x42747c ReleaseCapture
0x427480 GetWindowLongW
0x427484 SetWindowRgn
0x427488 LoadCursorW
0x42748c SetCursor
0x427490 OffsetRect
0x427494 IsZoomed
Library GDI32.dll:
0x42703c DeleteObject
0x427040 GetDeviceCaps
0x427044 ChoosePixelFormat
0x427048 SetPixelFormat
0x42704c CreatePen
0x427050 SelectClipRgn
0x427054 RoundRect
0x427058 StretchBlt
0x42705c CreateDIBSection
0x427060 SetDIBColorTable
0x427064 GetDIBColorTable
0x427068 GetObjectW
0x427070 CreateSolidBrush
0x427074 GetStockObject
0x427078 SetBkMode
0x42707c SelectObject
0x427080 DeleteDC
0x427084 CreateRectRgn
0x427088 CombineRgn
0x42708c CreateEllipticRgn
0x427090 BitBlt
0x427094 CreateCompatibleDC
Library SHELL32.dll:
0x4273b8 SHBrowseForFolderW
0x4273c0 Shell_NotifyIconW
Library COMCTL32.dll:
0x427030 _TrackMouseEvent
Library SHLWAPI.dll:
0x4273c8 PathCombineW
0x4273cc PathRemoveFileSpecW
0x4273d0 PathFileExistsW
Library OLEAUT32.dll:
0x42736c SysAllocStringLen
0x427370 SafeArrayAccessData
0x427378 SafeArrayGetLBound
0x42737c SafeArrayGetUBound
0x427380 VarBstrCat
0x427384 VariantInit
0x42738c SysStringLen
0x427390 SysAllocString
0x427394 SysFreeString
0x427398 VariantClear
Library gdiplus.dll:
0x4274a8 GdiplusStartup
0x4274ac GdipDrawImageRectI
0x4274b0 GdipGetImageWidth
0x4274b4 GdipGetImageHeight
0x4274b8 GdipDeleteGraphics
0x4274bc GdipCreateFromHDC
0x4274c0 GdiplusShutdown
0x4274c4 GdipCloneBrush
0x4274c8 GdipMeasureString
0x4274cc GdipDrawString
0x4274e0 GdipCreateSolidFill
0x4274e4 GdipFree
0x4274e8 GdipAlloc
0x4274f4 GdipDisposeImage
0x427508 GdipCloneImage
0x42750c GdipImageRotateFlip
0x427518 GdipGetImagePalette
0x427524 GdipBitmapLockBits
0x427530 GdipDrawImageI
0x427534 GdipCreateFont
0x427540 GdipBitmapGetPixel
0x427550 GdipDeleteBrush
0x427568 GdipDeleteFont
Library MSVCP100.dll:
0x427220 ?_BADOFF@std@@3_JB
Library WS2_32.dll:
0x42749c WSACleanup
0x4274a0 WSAStartup
Library OPENGL32.dll:
0x4273a0 glGetString
0x4273a4 wglDeleteContext
0x4273a8 wglCreateContext
0x4273ac wglMakeCurrent
Library MSIMG32.dll:
0x4271bc TransparentBlt
0x4271c0 AlphaBlend
Library ADVAPI32.dll:
0x427000 RegSetValueExW
0x427004 CloseServiceHandle
0x427008 QueryServiceConfigW
0x427010 RegCreateKeyExW
0x427018 RegQueryValueExW
0x42701c RegCloseKey
0x427020 RegOpenKeyExW
0x427024 OpenSCManagerW
0x427028 OpenServiceW
Library ole32.dll:
0x4279d4 CoInitializeEx
0x4279dc CoSetProxyBlanket
0x4279e0 CoCreateInstance
0x4279e4 CoUninitialize

Hosts

No hosts contacted.

TCP

No TCP connections recorded.

UDP

Source Source Port Destination Destination Port
192.168.56.101 50002 114.114.114.114 53
192.168.56.101 51808 114.114.114.114 53
192.168.56.101 57756 114.114.114.114 53
192.168.56.101 58367 114.114.114.114 53
192.168.56.101 62318 114.114.114.114 53
192.168.56.101 137 192.168.56.255 137
192.168.56.101 138 192.168.56.255 138
192.168.56.101 123 20.189.79.72 time.windows.com 123
192.168.56.101 49235 224.0.0.252 5355
192.168.56.101 50534 224.0.0.252 5355
192.168.56.101 51378 224.0.0.252 5355
192.168.56.101 51963 224.0.0.252 5355
192.168.56.101 53237 224.0.0.252 5355
192.168.56.101 56804 224.0.0.252 5355
192.168.56.101 62191 224.0.0.252 5355
192.168.56.101 63429 224.0.0.252 5355
192.168.56.101 1900 239.255.255.250 1900
192.168.56.101 50003 239.255.255.250 3702
192.168.56.101 50005 239.255.255.250 3702
192.168.56.101 58368 239.255.255.250 3702

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.