1.8
低危
1 个模型检测该样本为恶意!
重新分析
更多

5b96ef3bf718fdcb622486c8407d4eaf76b601cf7b8fc25460101b7d2c87be84

7006de9d0a19f04a21d94dddf5004c4f.exe

分析耗时

81s

最近分析

文件大小

1.6MB
静态报毒 动态报毒 UNSAFE
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
查杀引擎 查杀结果 查杀时间 查杀版本
McAfee 20190714 6.0.6.653
Alibaba 20190527 0.3.0.5
Baidu 20190318 1.0.0.2
Avast 20190714 18.4.3895.0
Tencent 20190715 1.0.0.1
Kingsoft 20190715 2013.8.14.323
CrowdStrike 20190212 1.0
静态指标
行为判定
动态指标
Foreign language identified in PE resource (50 out of 54 个事件)
name RT_CURSOR language LANG_CHINESE offset 0x0017acc4 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000134
name RT_CURSOR language LANG_CHINESE offset 0x0017acc4 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000134
name RT_CURSOR language LANG_CHINESE offset 0x0017acc4 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000134
name RT_CURSOR language LANG_CHINESE offset 0x0017acc4 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000134
name RT_CURSOR language LANG_CHINESE offset 0x0017acc4 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000134
name RT_CURSOR language LANG_CHINESE offset 0x0017acc4 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000134
name RT_CURSOR language LANG_CHINESE offset 0x0017acc4 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000134
name RT_CURSOR language LANG_CHINESE offset 0x0017acc4 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000134
name RT_CURSOR language LANG_CHINESE offset 0x0017acc4 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000134
name RT_CURSOR language LANG_CHINESE offset 0x0017acc4 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000134
name RT_CURSOR language LANG_CHINESE offset 0x0017acc4 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000134
name RT_CURSOR language LANG_CHINESE offset 0x0017acc4 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000134
name RT_CURSOR language LANG_CHINESE offset 0x0017acc4 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000134
name RT_CURSOR language LANG_CHINESE offset 0x0017acc4 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000134
name RT_CURSOR language LANG_CHINESE offset 0x0017acc4 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000134
name RT_CURSOR language LANG_CHINESE offset 0x0017acc4 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000134
name RT_BITMAP language LANG_CHINESE offset 0x0017aeb0 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000144
name RT_BITMAP language LANG_CHINESE offset 0x0017aeb0 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000144
name RT_ICON language LANG_CHINESE offset 0x0017aff4 filetype dBase IV DBT of @.DBF, block length 4096, next free block index 40, next free block 4278233580, next used block 4278233580 sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000010a8
name RT_DIALOG language LANG_CHINESE offset 0x0017c340 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000034
name RT_DIALOG language LANG_CHINESE offset 0x0017c340 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000034
name RT_DIALOG language LANG_CHINESE offset 0x0017c340 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000034
name RT_DIALOG language LANG_CHINESE offset 0x0017c340 filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000034
name RT_STRING language LANG_CHINESE offset 0x0017cccc filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000001a6
name RT_STRING language LANG_CHINESE offset 0x0017cccc filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000001a6
name RT_STRING language LANG_CHINESE offset 0x0017cccc filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000001a6
name RT_STRING language LANG_CHINESE offset 0x0017cccc filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000001a6
name RT_STRING language LANG_CHINESE offset 0x0017cccc filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000001a6
name RT_STRING language LANG_CHINESE offset 0x0017cccc filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000001a6
name RT_STRING language LANG_CHINESE offset 0x0017cccc filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000001a6
name RT_STRING language LANG_CHINESE offset 0x0017cccc filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000001a6
name RT_STRING language LANG_CHINESE offset 0x0017cccc filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000001a6
name RT_STRING language LANG_CHINESE offset 0x0017cccc filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000001a6
name RT_STRING language LANG_CHINESE offset 0x0017cccc filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000001a6
name RT_STRING language LANG_CHINESE offset 0x0017cccc filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000001a6
name RT_STRING language LANG_CHINESE offset 0x0017cccc filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000001a6
name RT_STRING language LANG_CHINESE offset 0x0017cccc filetype data sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x000001a6
name RT_GROUP_CURSOR language LANG_CHINESE offset 0x0017cf9c filetype Lotus unknown worksheet or configuration, revision 0x1 sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000014
name RT_GROUP_CURSOR language LANG_CHINESE offset 0x0017cf9c filetype Lotus unknown worksheet or configuration, revision 0x1 sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000014
name RT_GROUP_CURSOR language LANG_CHINESE offset 0x0017cf9c filetype Lotus unknown worksheet or configuration, revision 0x1 sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000014
name RT_GROUP_CURSOR language LANG_CHINESE offset 0x0017cf9c filetype Lotus unknown worksheet or configuration, revision 0x1 sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000014
name RT_GROUP_CURSOR language LANG_CHINESE offset 0x0017cf9c filetype Lotus unknown worksheet or configuration, revision 0x1 sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000014
name RT_GROUP_CURSOR language LANG_CHINESE offset 0x0017cf9c filetype Lotus unknown worksheet or configuration, revision 0x1 sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000014
name RT_GROUP_CURSOR language LANG_CHINESE offset 0x0017cf9c filetype Lotus unknown worksheet or configuration, revision 0x1 sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000014
name RT_GROUP_CURSOR language LANG_CHINESE offset 0x0017cf9c filetype Lotus unknown worksheet or configuration, revision 0x1 sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000014
name RT_GROUP_CURSOR language LANG_CHINESE offset 0x0017cf9c filetype Lotus unknown worksheet or configuration, revision 0x1 sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000014
name RT_GROUP_CURSOR language LANG_CHINESE offset 0x0017cf9c filetype Lotus unknown worksheet or configuration, revision 0x1 sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000014
name RT_GROUP_CURSOR language LANG_CHINESE offset 0x0017cf9c filetype Lotus unknown worksheet or configuration, revision 0x1 sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000014
name RT_GROUP_CURSOR language LANG_CHINESE offset 0x0017cf9c filetype Lotus unknown worksheet or configuration, revision 0x1 sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000014
name RT_GROUP_CURSOR language LANG_CHINESE offset 0x0017cf9c filetype Lotus unknown worksheet or configuration, revision 0x1 sublanguage SUBLANG_CHINESE_SIMPLIFIED size 0x00000014
Searches running processes potentially to identify processes for sandbox evasion, code injection or memory dumping (1 个事件)
File has been identified by one AntiVirus engine on VirusTotal as malicious (1 个事件)
Cylance Unsafe
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

2018-12-17 17:17:21

Imports

Library KERNEL32.dll:
0x5271d8 WriteConsoleW
0x5271dc CompareStringW
0x5271e4 LCMapStringW
0x5271e8 GetStringTypeW
0x5271f0 HeapCreate
0x5271f4 SetHandleCount
0x527200 GetStdHandle
0x527204 IsValidCodePage
0x52720c IsDebuggerPresent
0x527218 TerminateProcess
0x52721c GetFileType
0x527220 SetStdHandle
0x527228 HeapSize
0x52722c CloseHandle
0x527234 HeapReAlloc
0x527238 GetSystemInfo
0x52723c VirtualAlloc
0x527240 CreateThread
0x527244 ExitThread
0x527248 ExitProcess
0x52724c HeapFree
0x527250 HeapAlloc
0x527254 GetStartupInfoW
0x527258 GetCommandLineA
0x52725c RaiseException
0x527260 DecodePointer
0x527264 EncodePointer
0x527268 RtlUnwind
0x52726c FindResourceExW
0x527270 VirtualProtect
0x527274 SearchPathA
0x527278 GetProfileIntA
0x527280 GetTickCount
0x527284 GetNumberFormatA
0x52728c GetTempPathA
0x527290 GetTempFileNameA
0x527294 SetErrorMode
0x527298 GetOEMCP
0x52729c GetCPInfo
0x5272a0 GetFileTime
0x5272a4 GetFileSizeEx
0x5272a8 GetFileAttributesA
0x5272b8 GetACP
0x5272bc GetFullPathNameA
0x5272c4 GetConsoleMode
0x5272c8 GetConsoleCP
0x5272cc HeapSetInformation
0x5272d4 FindFirstFileA
0x5272d8 FindClose
0x5272dc GetCurrentProcess
0x5272e0 DuplicateHandle
0x5272e4 GetFileSize
0x5272e8 SetEndOfFile
0x5272ec UnlockFile
0x5272f0 LockFile
0x5272f4 FlushFileBuffers
0x5272f8 SetFilePointer
0x5272fc WriteFile
0x527300 ReadFile
0x527304 CreateFileA
0x527308 lstrcmpiA
0x52730c GetThreadLocale
0x527310 lstrcpyA
0x527314 DeleteFileA
0x52731c TlsFree
0x527324 LocalReAlloc
0x527328 TlsSetValue
0x52732c TlsAlloc
0x527334 GlobalHandle
0x527338 GlobalReAlloc
0x527340 TlsGetValue
0x527348 LocalAlloc
0x52734c GlobalFlags
0x527358 GetModuleFileNameW
0x52735c ReleaseActCtx
0x527360 CreateActCtxW
0x527364 CopyFileA
0x527368 GlobalSize
0x52736c FormatMessageA
0x527370 LocalFree
0x527374 lstrlenW
0x527378 MulDiv
0x52737c GlobalGetAtomNameA
0x527380 GlobalFindAtomA
0x527384 GetVersionExA
0x527388 LoadLibraryW
0x52738c lstrcmpW
0x527390 GlobalUnlock
0x527394 GlobalFree
0x527398 FindResourceA
0x52739c FreeResource
0x5273a0 GetCurrentProcessId
0x5273a4 GlobalAddAtomA
0x5273ac lstrlenA
0x5273b0 GetModuleHandleA
0x5273b4 WaitForSingleObject
0x5273b8 ResumeThread
0x5273bc SetThreadPriority
0x5273c0 GlobalDeleteAtom
0x5273c4 GetCurrentThread
0x5273c8 GetCurrentThreadId
0x5273cc MultiByteToWideChar
0x5273dc GetLocaleInfoA
0x5273e0 CompareStringA
0x5273e4 ActivateActCtx
0x5273e8 GetLastError
0x5273ec DeactivateActCtx
0x5273f0 SetLastError
0x5273f4 InterlockedExchange
0x5273f8 GlobalLock
0x5273fc lstrcmpA
0x527400 GlobalAlloc
0x527404 GetModuleHandleW
0x527408 LoadLibraryA
0x52740c GetProcAddress
0x527410 FreeLibrary
0x527414 VirtualQuery
0x527420 GetModuleFileNameA
0x527424 WideCharToMultiByte
0x527428 FindResourceW
0x52742c LoadResource
0x527430 LockResource
0x527434 SizeofResource
0x527438 Sleep
0x527440 Process32First
0x527444 Process32Next
0x527448 CreateFileW
Library USER32.dll:
0x5274ec SetMenuDefaultItem
0x5274f0 PostThreadMessageA
0x5274f4 CreateMenu
0x5274f8 IsMenu
0x5274fc UpdateLayeredWindow
0x527500 UnionRect
0x527504 MonitorFromPoint
0x52750c DrawMenuBar
0x527510 DefMDIChildProcA
0x527514 DefFrameProcA
0x52751c CopyImage
0x527520 GetIconInfo
0x527524 EnableScrollBar
0x527528 HideCaret
0x52752c InvertRect
0x527530 GetMenuDefaultItem
0x527534 UnpackDDElParam
0x527538 ReuseDDElParam
0x52753c LoadMenuA
0x527540 LoadImageA
0x527544 LoadAcceleratorsA
0x527548 InsertMenuItemA
0x527550 LockWindowUpdate
0x527554 BringWindowToTop
0x527558 SetCursorPos
0x527560 LoadAcceleratorsW
0x527564 GetKeyboardState
0x527568 GetKeyboardLayout
0x52756c ToAsciiEx
0x527570 DrawFocusRect
0x527574 DrawFrameControl
0x527578 DrawEdge
0x52757c DrawIconEx
0x527580 DrawStateA
0x527584 LoadMenuW
0x527588 SetClassLongA
0x52758c GetAsyncKeyState
0x527590 NotifyWinEvent
0x527594 CreatePopupMenu
0x52759c SetParent
0x5275a0 RedrawWindow
0x5275a4 SetWindowRgn
0x5275a8 IsZoomed
0x5275ac UnregisterClassA
0x5275b0 MessageBeep
0x5275b4 GetNextDlgGroupItem
0x5275b8 InvalidateRgn
0x5275bc IntersectRect
0x5275c0 SetRect
0x5275c4 IsRectEmpty
0x5275cc OffsetRect
0x5275d0 CharNextA
0x5275d4 CharUpperA
0x5275d8 DestroyIcon
0x5275dc ReleaseCapture
0x5275e0 SetCapture
0x5275e4 GetSysColorBrush
0x5275e8 LoadCursorA
0x5275ec LoadCursorW
0x5275f4 EnumDisplayMonitors
0x5275f8 SetRectEmpty
0x5275fc InvalidateRect
0x527604 DeleteMenu
0x527608 EndPaint
0x52760c BeginPaint
0x527610 GetWindowDC
0x527614 ClientToScreen
0x527618 GrayStringA
0x52761c DrawTextExA
0x527620 DrawTextA
0x527624 TabbedTextOutA
0x527628 FillRect
0x52762c MapVirtualKeyA
0x527630 GetKeyNameTextA
0x527634 FrameRect
0x527638 GetDC
0x52763c DestroyMenu
0x527640 GetMenuItemInfoA
0x527644 InflateRect
0x527648 GetMenuStringA
0x52764c InsertMenuA
0x527650 RemoveMenu
0x527654 ShowWindow
0x527658 MoveWindow
0x52765c SetWindowTextA
0x527660 IsDialogMessageA
0x527664 CheckDlgButton
0x52766c LoadIconA
0x527670 SendDlgItemMessageA
0x527674 WinHelpA
0x527678 IsChild
0x52767c GetCapture
0x527680 GetClassLongA
0x527684 GetClassNameA
0x527688 SetPropA
0x52768c GetPropA
0x527690 RemovePropA
0x527694 SetFocus
0x52769c GetWindowTextA
0x5276a0 GetForegroundWindow
0x5276a4 BeginDeferWindowPos
0x5276a8 EndDeferWindowPos
0x5276ac GetTopWindow
0x5276b0 UnhookWindowsHookEx
0x5276b4 GetMessageTime
0x5276b8 GetMessagePos
0x5276bc MonitorFromWindow
0x5276c0 GetMonitorInfoA
0x5276c4 MapWindowPoints
0x5276c8 ScrollWindow
0x5276cc TrackPopupMenu
0x5276d0 SetMenu
0x5276d4 SetScrollRange
0x5276d8 GetScrollRange
0x5276dc SetScrollPos
0x5276e0 GetScrollPos
0x5276e4 SetForegroundWindow
0x5276e8 ShowScrollBar
0x5276ec UpdateWindow
0x5276f0 GetSubMenu
0x5276f4 GetMenuItemID
0x5276f8 GetMenuItemCount
0x5276fc CreateWindowExA
0x527700 GetClassInfoExA
0x527704 GetClassInfoA
0x527708 RegisterClassA
0x52770c GetSysColor
0x527710 AdjustWindowRectEx
0x527714 GetWindowRect
0x527718 ScreenToClient
0x52771c EqualRect
0x527720 DeferWindowPos
0x527724 GetScrollInfo
0x527728 SetScrollInfo
0x52772c CopyRect
0x527730 PtInRect
0x527734 SetWindowPlacement
0x527738 GetWindowPlacement
0x52773c GetDlgCtrlID
0x527740 DefWindowProcA
0x527744 CallWindowProcA
0x527748 GetMenu
0x52774c GetUpdateRect
0x527750 OpenClipboard
0x527754 SetClipboardData
0x527758 GetWindowRgn
0x52775c DestroyCursor
0x527760 SubtractRect
0x527764 MapVirtualKeyExA
0x527768 IsCharLowerA
0x52776c SetTimer
0x527770 KillTimer
0x527774 WaitMessage
0x527778 GetWindow
0x527780 MapDialogRect
0x527784 SetWindowPos
0x527788 GetDesktopWindow
0x52778c SetActiveWindow
0x527794 GetDoubleClickTime
0x527798 CharUpperBuffA
0x52779c CopyIcon
0x5277a0 LoadImageW
0x5277a4 EmptyClipboard
0x5277a8 ReleaseDC
0x5277ac CloseClipboard
0x5277b0 DestroyWindow
0x5277b4 IsWindow
0x5277b8 GetDlgItem
0x5277bc GetNextDlgTabItem
0x5277c0 EndDialog
0x5277c8 GetLastActivePopup
0x5277cc IsWindowEnabled
0x5277d0 ShowOwnedPopups
0x5277d4 SetCursor
0x5277d8 SetWindowsHookExA
0x5277dc CallNextHookEx
0x5277e0 GetMessageA
0x5277e4 TranslateMessage
0x5277e8 DispatchMessageA
0x5277ec GetActiveWindow
0x5277f0 IsWindowVisible
0x5277f4 GetKeyState
0x5277f8 PeekMessageA
0x5277fc GetCursorPos
0x527800 ValidateRect
0x527804 SetMenuItemBitmaps
0x52780c LoadBitmapW
0x527810 GetFocus
0x527814 GetParent
0x527818 ModifyMenuA
0x52781c GetMenuState
0x527820 EnableMenuItem
0x527824 CheckMenuItem
0x527828 PostQuitMessage
0x52782c MessageBoxA
0x527830 GetWindowLongA
0x527834 SetWindowLongA
0x52783c GetSystemMetrics
0x527840 PostMessageA
0x527844 LoadIconW
0x527848 EnableWindow
0x52784c GetClientRect
0x527850 IsIconic
0x527854 GetSystemMenu
0x527858 SendMessageA
0x52785c AppendMenuA
0x527860 DrawIcon
0x527864 WindowFromPoint
Library GDI32.dll:
0x527040 CreateSolidBrush
0x527044 CreateHatchBrush
0x527048 CreateDIBitmap
0x527050 GetTextMetricsA
0x527054 EnumFontFamiliesA
0x527058 GetTextCharsetInfo
0x52705c GetBkColor
0x527060 GetTextColor
0x527064 GetRgnBox
0x527068 SetRectRgn
0x52706c CombineRgn
0x527070 GetMapMode
0x527074 DPtoLP
0x527078 CreateDIBSection
0x52707c CreateRoundRectRgn
0x527080 CreatePolygonRgn
0x527084 CreateEllipticRgn
0x527088 Polyline
0x52708c Ellipse
0x527090 Polygon
0x527094 CreatePalette
0x527098 GetPaletteEntries
0x5270a0 RealizePalette
0x5270a8 OffsetRgn
0x5270ac SetDIBColorTable
0x5270b0 StretchBlt
0x5270b4 Rectangle
0x5270b8 EnumFontFamiliesExA
0x5270bc LPtoDP
0x5270c0 GetWindowOrgEx
0x5270c4 GetViewportOrgEx
0x5270c8 PtInRegion
0x5270cc FillRgn
0x5270d0 FrameRgn
0x5270d4 GetBoundsRect
0x5270d8 ExtFloodFill
0x5270dc SetPaletteEntries
0x5270e0 GetTextFaceA
0x5270e4 SetPixelV
0x5270e8 RectVisible
0x5270ec PtVisible
0x5270f0 CreatePen
0x5270f4 GetPixel
0x5270f8 GetObjectType
0x5270fc SelectPalette
0x527100 TextOutA
0x527104 GetStockObject
0x527108 CreatePatternBrush
0x52710c DeleteDC
0x527110 ExtSelectClipRgn
0x527114 ScaleWindowExtEx
0x527118 SetWindowExtEx
0x52711c OffsetWindowOrgEx
0x527120 SetWindowOrgEx
0x527124 ScaleViewportExtEx
0x527128 SetViewportExtEx
0x52712c OffsetViewportOrgEx
0x527130 SetViewportOrgEx
0x527134 SelectObject
0x527138 SetPixel
0x52713c CreateBitmap
0x527140 GetWindowExtEx
0x527144 GetViewportExtEx
0x527148 CreateRectRgn
0x52714c SelectClipRgn
0x527150 DeleteObject
0x527154 SetLayout
0x527158 GetLayout
0x52715c SetTextAlign
0x527160 MoveToEx
0x527164 LineTo
0x527168 IntersectClipRect
0x52716c ExcludeClipRect
0x527170 GetClipBox
0x527174 SetMapMode
0x527178 SetROP2
0x52717c SetPolyFillMode
0x527180 SetBkMode
0x527184 RestoreDC
0x527188 SaveDC
0x52718c PatBlt
0x527198 ExtTextOutA
0x52719c BitBlt
0x5271a0 CreateCompatibleDC
0x5271a4 CreateFontIndirectA
0x5271a8 CreateDCA
0x5271ac CopyMetaFileA
0x5271b0 GetDeviceCaps
0x5271b4 GetObjectA
0x5271b8 SetBkColor
0x5271bc SetTextColor
0x5271c0 Escape
Library MSIMG32.dll:
0x527450 AlphaBlend
0x527454 TransparentBlt
Library COMDLG32.dll:
0x527038 GetFileTitleA
Library WINSPOOL.DRV:
0x527874 ClosePrinter
0x527878 OpenPrinterA
0x52787c DocumentPropertiesA
Library ADVAPI32.dll:
0x527000 RegEnumKeyExA
0x527004 RegQueryValueExA
0x527008 RegOpenKeyExA
0x52700c RegCreateKeyExA
0x527010 RegSetValueExA
0x527014 RegDeleteValueA
0x527018 RegDeleteKeyA
0x52701c RegEnumKeyA
0x527020 RegQueryValueA
0x527024 RegCloseKey
0x527028 RegEnumValueA
Library SHELL32.dll:
0x5274a8 SHAppBarMessage
0x5274ac SHGetFileInfoA
0x5274b0 DragFinish
0x5274b4 DragQueryFileA
0x5274b8 SHGetDesktopFolder
0x5274bc SHBrowseForFolderA
0x5274c0 ShellExecuteA
Library COMCTL32.dll:
Library SHLWAPI.dll:
0x5274d0 PathFindFileNameA
0x5274d4 PathStripToRootA
0x5274d8 PathIsUNCA
0x5274dc PathFindExtensionA
0x5274e0 PathRemoveFileSpecW
Library ole32.dll:
0x5278f4 CoGetClassObject
0x5278f8 CoInitialize
0x5278fc CoCreateInstance
0x527900 CoUninitialize
0x527904 OleDuplicateData
0x527908 CoTaskMemAlloc
0x52790c ReleaseStgMedium
0x527914 CoTaskMemFree
0x52791c CoInitializeEx
0x527920 OleUninitialize
0x527928 OleInitialize
0x527938 IsAccelerator
0x52793c OleLockRunning
0x527948 OleFlushClipboard
0x52794c DoDragDrop
0x527950 CLSIDFromString
0x527954 CLSIDFromProgID
0x527958 CoCreateGuid
0x52795c RevokeDragDrop
0x527964 RegisterDragDrop
0x527968 OleGetClipboard
0x527970 CoRevokeClassObject
Library OLEAUT32.dll:
0x52746c SysFreeString
0x527470 VarBstrFromDate
0x527474 VariantCopy
0x527478 SysAllocString
0x52747c SafeArrayDestroy
0x52748c SysStringLen
0x527494 VariantInit
0x527498 VariantChangeType
0x52749c VariantClear
0x5274a0 SysAllocStringLen
Library oledlg.dll:
0x527978
Library WS2_32.dll:
0x527884 WSASetLastError
0x527888 WSACleanup
0x52788c WSAStartup
Library OLEACC.dll:
0x52745c LresultFromObject
Library gdiplus.dll:
0x527894 GdipAlloc
0x527898 GdipDeleteGraphics
0x52789c GdipDisposeImage
0x5278a4 GdiplusStartup
0x5278a8 GdiplusShutdown
0x5278ac GdipCreateFromHDC
0x5278b4 GdipDrawImageRectI
0x5278b8 GdipCloneImage
0x5278bc GdipGetImageWidth
0x5278c0 GdipGetImageHeight
0x5278cc GdipGetImagePalette
0x5278d8 GdipBitmapLockBits
0x5278e4 GdipFree
0x5278e8 GdipDrawImageI
Library IMM32.dll:
0x5271c8 ImmGetOpenStatus
0x5271cc ImmReleaseContext
0x5271d0 ImmGetContext
Library WINMM.dll:
0x52786c PlaySoundA

Hosts

No hosts contacted.

TCP

No TCP connections recorded.

UDP

Source Source Port Destination Destination Port
192.168.56.101 49713 114.114.114.114 53
192.168.56.101 50002 114.114.114.114 53
192.168.56.101 53657 114.114.114.114 53
192.168.56.101 60384 114.114.114.114 53
192.168.56.101 62318 114.114.114.114 53
192.168.56.101 137 192.168.56.255 137
192.168.56.101 138 192.168.56.255 138
192.168.56.101 123 20.189.79.72 time.windows.com 123
192.168.56.101 49235 224.0.0.252 5355
192.168.56.101 50534 224.0.0.252 5355
192.168.56.101 51808 224.0.0.252 5355
192.168.56.101 51963 224.0.0.252 5355
192.168.56.101 56804 224.0.0.252 5355
192.168.56.101 57756 224.0.0.252 5355
192.168.56.101 57874 224.0.0.252 5355
192.168.56.101 62191 224.0.0.252 5355
192.168.56.101 63429 224.0.0.252 5355
192.168.56.101 1900 239.255.255.250 1900
192.168.56.101 49238 239.255.255.250 1900
192.168.56.101 53658 239.255.255.250 3702

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.