1.6
低危
55 个模型检测该样本为恶意!
重新分析
更多

e648fcb3c0b8812f1ba8ea731c99130196e3e94ed7b9430c7fd5434ba73b3bff

763314a091b4da329af55be4b3b56188.exe

分析耗时

2s

最近分析

文件大小

504.0KB
静态报毒 动态报毒 AI SCORE=82 ATTRIBUTE BANKERX CKGENERIC CLASSIC CONFIDENCE ELDORADO EMOTET GCTX GENCIRC GENERICKDZ GENETIC HFUO HIGH CONFIDENCE HIGHCONFIDENCE HTVJYJ KEPITENKPJ KRYPTIK NONAME@0 R + TROJ R349590 SCORE SUSGEN THIOFBO UNSAFE 更多
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
查杀引擎 查杀结果 查杀时间 查杀版本
McAfee Emotet-FRX!763314A091B4 20200906 6.0.6.653
Alibaba Trojan:Win32/Emotet.175b81ab 20190527 0.3.0.5
Baidu 20190318 1.0.0.2
Avast Win32:BankerX-gen [Trj] 20200906 18.4.3895.0
Kingsoft 20200906 2013.8.14.323
Tencent Malware.Win32.Gencirc.10cdf973 20200906 1.0.0.1
CrowdStrike win/malicious_confidence_60% (W) 20190702 1.0
静态指标
This executable has a PDB path (1 个事件)
pdb_path c:\Users\Mr.Anderson\Desktop\2005\27.8.20\CMapEditorCtrl_Demo\Release\MapEd.pdb
The file contains an unknown PE resource name possibly indicative of a packer (1 个事件)
resource name None
行为判定
动态指标
网络通信
File has been identified by 55 AntiVirus engines on VirusTotal as malicious (50 out of 55 个事件)
Bkav W32.KepitenKPJ.Trojan
Elastic malicious (high confidence)
MicroWorld-eScan Trojan.GenericKDZ.69787
FireEye Generic.mg.763314a091b4da32
CAT-QuickHeal Trojan.CKGENERIC
McAfee Emotet-FRX!763314A091B4
Cylance Unsafe
Zillya Trojan.Emotet.Win32.27690
AegisLab Trojan.Win32.Emotet.L!c
Sangfor Malware
K7AntiVirus Trojan ( 0056d6e41 )
Alibaba Trojan:Win32/Emotet.175b81ab
K7GW Trojan ( 0056d6e41 )
Arcabit Trojan.Generic.D1109B
Invincea Mal/Generic-R + Troj/Emotet-CMB
Cyren W32/Kryptik.BVJ.gen!Eldorado
Symantec ML.Attribute.HighConfidence
APEX Malicious
Paloalto generic.ml
ClamAV Win.Malware.Emotet-9607880-0
Kaspersky Trojan-Banker.Win32.Emotet.gctx
BitDefender Trojan.GenericKDZ.69787
NANO-Antivirus Trojan.Win32.Emotet.htvjyj
Avast Win32:BankerX-gen [Trj]
Rising Trojan.Emotet!1.CB4A (CLASSIC)
Ad-Aware Trojan.GenericKDZ.69787
Emsisoft Trojan.Emotet (A)
Comodo fls.noname@0
F-Secure Trojan.TR/AD.Emotet.bvz
DrWeb Trojan.Emotet.1005
VIPRE Trojan.Win32.Generic!BT
TrendMicro TrojanSpy.Win32.EMOTET.THIOFBO
Sophos Troj/Emotet-CMB
Jiangmin Trojan.Banker.Emotet.oga
MaxSecure Trojan.Malware.106084423.susgen
Avira TR/AD.Emotet.bvz
MAX malware (ai score=82)
Antiy-AVL Trojan[Banker]/Win32.Emotet
Microsoft Trojan:Win32/Emotet.ARJ!MTB
ViRobot Trojan.Win32.Emotet.516096.A
ZoneAlarm Trojan-Banker.Win32.Emotet.gctx
GData Trojan.GenericKDZ.69787
Cynet Malicious (score: 85)
AhnLab-V3 Trojan/Win32.Emotet.R349590
ALYac Trojan.Agent.Emotet
TACHYON Banker/W32.Emotet.516096.D
Malwarebytes Trojan.Emotet
ESET-NOD32 a variant of Win32/Kryptik.HFUO
TrendMicro-HouseCall TrojanSpy.Win32.EMOTET.THIOFBO
Tencent Malware.Win32.Gencirc.10cdf973
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

2020-08-28 14:21:34

Imports

Library KERNEL32.dll:
0x4500f0 GetFileTime
0x4500f4 GetTickCount
0x4500f8 TerminateProcess
0x450104 IsDebuggerPresent
0x450108 RaiseException
0x45010c RtlUnwind
0x450110 HeapAlloc
0x450114 HeapFree
0x450118 HeapReAlloc
0x45011c VirtualProtect
0x450120 GetSystemInfo
0x450124 VirtualQuery
0x450128 GetCommandLineA
0x45012c GetProcessHeap
0x450130 GetStartupInfoA
0x450134 HeapSize
0x450138 Sleep
0x45013c GetACP
0x450140 LCMapStringA
0x450144 LCMapStringW
0x450148 VirtualFree
0x45014c HeapDestroy
0x450150 GetFileAttributesA
0x450154 GetStdHandle
0x450168 SetHandleCount
0x45016c GetFileType
0x450178 GetStringTypeA
0x45017c GetStringTypeW
0x450184 GetConsoleCP
0x450188 GetConsoleMode
0x45018c SetStdHandle
0x450190 WriteConsoleA
0x450194 GetConsoleOutputCP
0x450198 WriteConsoleW
0x4501a4 SetErrorMode
0x4501a8 CreateFileA
0x4501ac GetFullPathNameA
0x4501b4 FindFirstFileA
0x4501b8 FindClose
0x4501bc GetCurrentProcess
0x4501c0 DuplicateHandle
0x4501c4 GetFileSize
0x4501c8 SetEndOfFile
0x4501cc UnlockFile
0x4501d0 LockFile
0x4501d4 FlushFileBuffers
0x4501d8 SetFilePointer
0x4501dc WriteFile
0x4501e0 ReadFile
0x4501ec GetThreadLocale
0x4501f0 GetOEMCP
0x4501f4 GetCPInfo
0x4501fc GlobalFlags
0x450200 TlsFree
0x450208 LocalReAlloc
0x45020c TlsSetValue
0x450210 TlsAlloc
0x450218 GlobalHandle
0x45021c GlobalReAlloc
0x450224 TlsGetValue
0x45022c LocalAlloc
0x450230 GetCurrentProcessId
0x450234 CloseHandle
0x450238 GetCurrentThread
0x450240 GetModuleFileNameA
0x450248 GetLocaleInfoA
0x45024c lstrcmpA
0x450254 GetModuleFileNameW
0x450258 GlobalFree
0x45025c GlobalAlloc
0x450260 GlobalLock
0x450264 GlobalUnlock
0x450268 FormatMessageA
0x45026c LocalFree
0x450270 MulDiv
0x450274 FreeResource
0x450278 GetCurrentThreadId
0x45027c GlobalGetAtomNameA
0x450280 GlobalAddAtomA
0x450284 GlobalFindAtomA
0x450288 GlobalDeleteAtom
0x45028c FreeLibrary
0x450290 LoadLibraryA
0x450294 SetLastError
0x450298 lstrcmpW
0x45029c GetModuleHandleA
0x4502a0 GetProcAddress
0x4502a4 GetVersionExA
0x4502a8 lstrlenA
0x4502ac CompareStringW
0x4502b0 CompareStringA
0x4502b4 GetVersion
0x4502b8 MultiByteToWideChar
0x4502bc InterlockedExchange
0x4502c0 VirtualAlloc
0x4502c4 GetLastError
0x4502c8 ExitProcess
0x4502cc WideCharToMultiByte
0x4502d0 FindResourceA
0x4502d4 LoadResource
0x4502d8 LockResource
0x4502dc HeapCreate
0x4502e0 SizeofResource
Library USER32.dll:
0x450340 IsRectEmpty
0x450344 SetRect
0x450348 InvalidateRgn
0x45034c GetNextDlgGroupItem
0x450350 MessageBeep
0x450358 SetParent
0x45035c GetDCEx
0x450360 LockWindowUpdate
0x450364 PostThreadMessageA
0x450368 SetRectEmpty
0x45036c IsZoomed
0x450374 MapDialogRect
0x450378 GetDesktopWindow
0x450380 GetNextDlgTabItem
0x450384 EndDialog
0x45038c SetCursor
0x450390 GetMessageA
0x450394 TranslateMessage
0x450398 GetActiveWindow
0x45039c ValidateRect
0x4503a0 PostQuitMessage
0x4503a4 InflateRect
0x4503a8 EndPaint
0x4503ac BeginPaint
0x4503b0 GetWindowDC
0x4503b4 ClientToScreen
0x4503b8 GrayStringA
0x4503bc DrawTextExA
0x4503c0 DrawTextA
0x4503c4 TabbedTextOutA
0x4503c8 IsWindowEnabled
0x4503cc MoveWindow
0x4503d0 SetWindowTextA
0x4503d4 IsDialogMessageA
0x4503d8 SetDlgItemInt
0x4503dc GetDlgItemInt
0x4503e0 SetMenuItemBitmaps
0x4503e8 ModifyMenuA
0x4503ec CharNextA
0x4503f0 EnableMenuItem
0x4503f4 CheckMenuItem
0x4503fc SendDlgItemMessageA
0x450400 WinHelpA
0x450404 IsChild
0x450408 GetCapture
0x45040c SetWindowsHookExA
0x450410 CallNextHookEx
0x450414 GetClassLongA
0x450418 GetClassNameA
0x45041c SetPropA
0x450420 GetPropA
0x450424 RemovePropA
0x450428 GetFocus
0x45042c IsWindow
0x450430 SetFocus
0x450434 GetWindowTextA
0x450438 GetForegroundWindow
0x45043c GetLastActivePopup
0x450440 SetActiveWindow
0x450444 DispatchMessageA
0x450448 BeginDeferWindowPos
0x45044c EndDeferWindowPos
0x450450 GetDlgItem
0x450454 GetTopWindow
0x450458 DestroyWindow
0x45045c UnhookWindowsHookEx
0x450460 GetMessageTime
0x450464 GetMessagePos
0x450468 PeekMessageA
0x45046c MapWindowPoints
0x450470 GetKeyState
0x450474 GetScrollRange
0x450478 SetScrollPos
0x45047c GetScrollPos
0x450480 SetForegroundWindow
0x450484 ShowScrollBar
0x450488 IsWindowVisible
0x45048c UpdateWindow
0x450490 GetMenu
0x450494 PostMessageA
0x450498 GetSubMenu
0x45049c GetMenuItemID
0x4504a0 DrawStateA
0x4504a4 EqualRect
0x4504a8 DrawFocusRect
0x4504ac GetClientRect
0x4504b0 ScreenToClient
0x4504b4 GetDC
0x4504b8 GetMenuItemCount
0x4504bc GetClassInfoExA
0x4504c0 RegisterClassA
0x4504c4 GetSysColor
0x4504c8 AdjustWindowRectEx
0x4504cc GetParent
0x4504d0 DeferWindowPos
0x4504d4 CopyRect
0x4504d8 GetScrollInfo
0x4504dc SetScrollInfo
0x4504e0 PtInRect
0x4504e4 GetDlgCtrlID
0x4504e8 ReleaseCapture
0x4504ec WindowFromPoint
0x4504f0 CallWindowProcA
0x4504f4 GetWindowLongA
0x4504f8 SetCapture
0x4504fc UnregisterClassA
0x450500 DestroyMenu
0x450504 GetMenuState
0x450508 ReleaseDC
0x45050c EnableScrollBar
0x450510 SetTimer
0x450514 KillTimer
0x450518 EnableWindow
0x45051c LoadCursorA
0x450520 GetCursorPos
0x450524 GetSysColorBrush
0x450528 DefWindowProcA
0x45052c GetClassInfoA
0x450530 InSendMessage
0x450534 CreateWindowExA
0x450538 SendMessageA
0x45053c ShowWindow
0x450540 MessageBoxA
0x450544 LoadStringA
0x450548 DrawIcon
0x45054c IsIconic
0x450550 InvalidateRect
0x450554 LoadIconA
0x450558 GetSystemMetrics
0x45055c LoadBitmapA
0x450560 CharUpperA
0x450564 GetWindow
0x450568 GetWindowRect
0x45056c GetWindowPlacement
0x450574 IntersectRect
0x450578 OffsetRect
0x45057c SetWindowPos
0x450580 SetWindowLongA
Library GDI32.dll:
0x450030 ExtSelectClipRgn
0x450034 DeleteDC
0x450038 CreatePatternBrush
0x45003c GetStockObject
0x450040 ScaleWindowExtEx
0x450048 SetRectRgn
0x45004c CombineRgn
0x450050 GetMapMode
0x450054 PatBlt
0x450058 GetTextMetricsA
0x450060 GetBkColor
0x450064 GetTextColor
0x450068 GetRgnBox
0x45006c GetWindowExtEx
0x450070 GetViewportExtEx
0x450074 SetWindowExtEx
0x450078 ScaleViewportExtEx
0x45007c SetViewportExtEx
0x450080 OffsetViewportOrgEx
0x450084 SetViewportOrgEx
0x450088 Escape
0x45008c ExtTextOutA
0x450090 TextOutA
0x450094 RectVisible
0x450098 PtVisible
0x45009c CreatePen
0x4500a0 CreateRectRgn
0x4500a4 SelectClipRgn
0x4500a8 DeleteObject
0x4500ac IntersectClipRect
0x4500b0 ExcludeClipRect
0x4500b4 SetMapMode
0x4500b8 RestoreDC
0x4500bc SaveDC
0x4500c0 GetDeviceCaps
0x4500c4 CreateBitmap
0x4500c8 GetObjectA
0x4500cc SetBkColor
0x4500d0 SetTextColor
0x4500d4 GetClipBox
0x4500d8 BitBlt
0x4500dc Polyline
0x4500e0 SelectObject
0x4500e4 CreateCompatibleDC
Library MSIMG32.dll:
0x4502e8 TransparentBlt
Library comdlg32.dll:
0x450598 GetFileTitleA
Library WINSPOOL.DRV:
0x450588 DocumentPropertiesA
0x45058c OpenPrinterA
0x450590 ClosePrinter
Library ADVAPI32.dll:
0x450000 RegEnumKeyA
0x450004 RegSetValueExA
0x450008 RegCreateKeyExA
0x45000c RegQueryValueA
0x450010 RegCloseKey
0x450014 RegDeleteKeyA
0x450018 RegOpenKeyExA
0x45001c RegQueryValueExA
0x450020 RegOpenKeyA
Library COMCTL32.dll:
0x450028
Library SHLWAPI.dll:
0x450328 PathFindFileNameA
0x45032c PathStripToRootA
0x450330 PathFindExtensionA
0x450334 PathIsUNCA
Library oledlg.dll:
0x4505e0
Library ole32.dll:
0x4505a0 OleInitialize
0x4505a8 OleUninitialize
0x4505b8 CoGetClassObject
0x4505bc CLSIDFromString
0x4505c0 CoRevokeClassObject
0x4505c4 CoTaskMemAlloc
0x4505c8 CoTaskMemFree
0x4505d0 OleFlushClipboard
0x4505d8 CLSIDFromProgID
Library OLEAUT32.dll:
0x4502f0 VariantChangeType
0x4502f4 VariantInit
0x4502f8 SysAllocStringLen
0x4502fc SysStringLen
0x450300 SysFreeString
0x450308 VariantCopy
0x45030c VariantClear
0x450310 SafeArrayDestroy
0x450320 SysAllocString

Hosts

No hosts contacted.

DNS

No domains contacted.

TCP

No TCP connections recorded.

UDP

No UDP connections recorded.

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.