0.8
低危
该样本未表现出任何异常!
重新分析
更多

5f288ff85edcf6da875c2bc8fe8b55828ba3f4d92f61939138e14a12d9bdfb08

614dd605f93faa8693aab32c77cf9405.exe

分析耗时

81s

最近分析

文件大小

263.5KB
静态报毒 动态报毒
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
查杀引擎 查杀结果 查杀时间 查杀版本
Alibaba 20190527 0.3.0.5
Baidu 20190318 1.0.0.2
Avast 20210509 21.1.5827.0
Tencent 20210509 1.0.0.1
Kingsoft 20210509 2017.9.26.565
McAfee 20210504 6.0.6.653
CrowdStrike 20210203 1.0
静态指标
The executable uses a known packer (1 个事件)
packer Armadillo v1.71
行为判定
动态指标
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

2012-10-26 18:50:50

Imports

Library COMCTL32.dll:
0x432044
Library comdlg32.dll:
0x432314 GetOpenFileNameA
0x432318 GetOpenFileNameW
Library GDI32.dll:
0x43204c CreateFontIndirectA
0x432050 DeleteObject
Library OLEAUT32.dll:
0x432248 SysStringByteLen
0x43224c VariantCopy
0x432250 VariantClear
0x432258 SysAllocString
Library ole32.dll:
0x432320 CoCreateInstance
0x432324 CoInitialize
0x432328 CoUninitialize
0x43232c OleInitialize
Library USER32.dll:
0x432274 DialogBoxParamW
0x432278 DialogBoxParamA
0x43227c SetWindowLongA
0x432280 GetWindowLongA
0x43228c GetWindowTextW
0x432294 GetWindowTextA
0x432298 SetWindowTextW
0x43229c SendMessageW
0x4322a0 LoadStringW
0x4322a4 LoadStringA
0x4322a8 CharUpperW
0x4322ac CharUpperA
0x4322b0 LoadIconA
0x4322b4 IsWindowEnabled
0x4322b8 IsDlgButtonChecked
0x4322bc ShowWindow
0x4322c0 CheckDlgButton
0x4322c4 MessageBoxW
0x4322c8 SetWindowTextA
0x4322cc wsprintfA
0x4322d0 KillTimer
0x4322d4 EndDialog
0x4322d8 EnableWindow
0x4322dc SetDlgItemTextA
0x4322e0 ScreenToClient
0x4322e4 MapDialogRect
0x4322e8 GetWindowRect
0x4322ec InvalidateRect
0x4322f0 MoveWindow
0x4322f4 SendMessageA
0x4322f8 GetDlgItem
0x4322fc SetTimer
0x432300 PostMessageA
0x432304 LoadCursorA
0x432308 SetCursor
0x43230c GetParent
Library ADVAPI32.dll:
0x432000 RegEnumKeyExA
0x432004 RegOpenKeyExA
0x432008 GetFileSecurityW
0x43200c SetFileSecurityW
0x432010 OpenProcessToken
0x43201c RegQueryValueExW
0x432020 RegQueryValueExA
0x432024 RegSetValueExW
0x432028 RegSetValueExA
0x43202c RegDeleteValueW
0x432030 RegDeleteValueA
0x432034 RegCloseKey
0x432038 RegDeleteKeyA
0x43203c RegCreateKeyExA
Library SHELL32.dll:
0x432264 SHBrowseForFolderA
0x432268 SHGetFileInfoA
0x43226c SHGetMalloc
Library MSVCRT.dll:
0x4321c4 __p__commode
0x4321c8 __p__fmode
0x4321cc __set_app_type
0x4321d0 _controlfp
0x4321d4 __setusermatherr
0x4321d8 _initterm
0x4321dc __getmainargs
0x4321e0 _acmdln
0x4321e4 exit
0x4321e8 _XcptFilter
0x4321ec _exit
0x4321f0 _onexit
0x4321f4 __dllonexit
0x4321f8 ?terminate@@YAXXZ
0x432200 _except_handler3
0x432204 _beginthreadex
0x432208 _iob
0x43220c strlen
0x432210 free
0x432214 malloc
0x432218 wcslen
0x43221c memcmp
0x432220 _purecall
0x432224 memmove
0x432228 memcpy
0x43222c _CxxThrowException
0x432230 __CxxFrameHandler
0x432234 memset
0x432238 _isatty
0x43223c _adjust_fdiv
0x432240 _fileno
Library KERNEL32.dll:
0x432058 GetDriveTypeA
0x432060 GetProcessTimes
0x432064 OpenFileMappingA
0x432068 MapViewOfFile
0x43206c UnmapViewOfFile
0x432070 OpenEventA
0x432078 GetStdHandle
0x43207c GetSystemTime
0x432088 GlobalMemoryStatus
0x43208c GetSystemInfo
0x432090 GetModuleHandleW
0x432094 lstrlenA
0x43209c CompareFileTime
0x4320a0 GetCurrentProcess
0x4320a4 SetEndOfFile
0x4320a8 WriteFile
0x4320ac ReadFile
0x4320b0 DeviceIoControl
0x4320b4 SetFilePointer
0x4320b8 GetFileSize
0x4320bc CreateFileA
0x4320c0 AreFileApisANSI
0x4320c4 GetModuleHandleA
0x4320c8 GetProcAddress
0x4320cc FindNextFileA
0x4320d0 FindNextFileW
0x4320d4 FindFirstFileA
0x4320d8 FindFirstFileW
0x4320dc FindClose
0x4320e0 GetCurrentThreadId
0x4320e4 GetCurrentProcessId
0x4320e8 GetTempPathA
0x4320ec GetTempPathW
0x432100 GetFullPathNameA
0x432104 GetFullPathNameW
0x432108 DeleteFileA
0x43210c DeleteFileW
0x432110 CreateDirectoryA
0x432114 CreateDirectoryW
0x43211c SetPriorityClass
0x432120 VirtualAlloc
0x432124 VirtualFree
0x432128 WaitForSingleObject
0x43212c CreateEventA
0x432130 SetEvent
0x432140 GetStartupInfoA
0x432144 CloseHandle
0x432148 MoveFileA
0x43214c MoveFileW
0x432150 RemoveDirectoryA
0x432154 RemoveDirectoryW
0x432158 SetFileAttributesA
0x43215c SetFileAttributesW
0x432160 SetLastError
0x432164 CreateFileW
0x432168 FormatMessageA
0x43216c FormatMessageW
0x432170 LocalFree
0x432174 GetModuleFileNameA
0x432178 GetModuleFileNameW
0x43217c LoadLibraryA
0x432180 LoadLibraryW
0x432184 LoadLibraryExA
0x432188 LoadLibraryExW
0x43218c FreeLibrary
0x432190 GetLastError
0x432194 WideCharToMultiByte
0x432198 MultiByteToWideChar
0x43219c GetCommandLineW
0x4321a0 GetVersionExA
0x4321a8 Sleep
0x4321ac GetTickCount
0x4321b8 lstrcatA
0x4321bc SetFileTime

Hosts

No hosts contacted.

TCP

No TCP connections recorded.

UDP

Source Source Port Destination Destination Port
192.168.56.101 50002 114.114.114.114 53
192.168.56.101 51378 114.114.114.114 53
192.168.56.101 53237 114.114.114.114 53
192.168.56.101 55368 114.114.114.114 53
192.168.56.101 57874 114.114.114.114 53
192.168.56.101 137 192.168.56.255 137
192.168.56.101 138 192.168.56.255 138
192.168.56.101 123 20.189.79.72 time.windows.com 123
192.168.56.101 51963 224.0.0.252 5355
192.168.56.101 53657 224.0.0.252 5355
192.168.56.101 56804 224.0.0.252 5355
192.168.56.101 58367 224.0.0.252 5355
192.168.56.101 62191 224.0.0.252 5355
192.168.56.101 62318 224.0.0.252 5355
192.168.56.101 63429 224.0.0.252 5355
192.168.56.101 65004 224.0.0.252 5355
192.168.56.101 1900 239.255.255.250 1900
192.168.56.101 50003 239.255.255.250 3702
192.168.56.101 51379 239.255.255.250 3702
192.168.56.101 51966 239.255.255.250 1900

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.