2.2
中危
该样本未表现出任何异常!
重新分析
更多

d571b8559ef5e96dc11644988479e869e2e22ea8741ea87d2ce7421b1e405843

7a9acf51727a2b75ee1b4bfbf47faf68.exe

分析耗时

116s

最近分析

文件大小

3.9MB
静态报毒 动态报毒
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
查杀引擎 查杀结果 查杀时间 查杀版本
McAfee 20201222 6.0.6.653
Alibaba 20190527 0.3.0.5
Baidu 20190318 1.0.0.2
Avast 20201222 21.1.5827.0
Tencent 20201222 1.0.0.1
Kingsoft 20201222 2017.9.26.565
CrowdStrike 20190702 1.0
行为判定
动态指标
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

2020-08-25 11:15:41

Imports

Library BASS.dll:
0x789040 BASS_Init
0x789044 BASS_Free
Library BASSWASAPI.dll:
0x789050 BASS_WASAPI_Init
0x789054 BASS_WASAPI_Free
0x789058 BASS_WASAPI_GetInfo
0x78905c BASS_WASAPI_Start
0x789060 BASS_WASAPI_Stop
0x789064 BASS_WASAPI_GetData
Library Qt5Core.dll:
0x789070 _Z11qUncompressPKhi
0x789088 _Z5qrandv
0x78908c _Z6qsrandj
0x789098 _Z9qBadAllocv
0x7890d4 _ZN10QEventLoopD1Ev
0x789254 _ZN4QDir4cdUpEv
0x789260 _ZN4QDirD1Ev
0x78926c _ZN4QUrlC1Ev
0x789270 _ZN4QUrlD1Ev
0x789290 _ZN5QFile6removeEv
0x789298 _ZN5QFileC1Ev
0x78929c _ZN5QFileD1Ev
0x7892a4 _ZN5QTime5startEv
0x7892a8 _ZN5QTime7restartEv
0x7892b0 _ZN6QDebugD1Ev
0x7892b8 _ZN6QEventD2Ev
0x7892bc _ZN6QMutex4lockEv
0x7892c0 _ZN6QMutex6unlockEv
0x7892c8 _ZN6QMutexD1Ev
0x7892d8 _ZN6QTimer4stopEv
0x7892dc _ZN6QTimer5startEi
0x7892e0 _ZN6QTimer5startEv
0x7892ec _ZN7QBufferD1Ev
0x789330 _ZN7QObjectC2EPS_
0x789334 _ZN7QObjectD2Ev
0x789390 _ZN7QStringaSERKS_
0x7893a0 _ZN7QThread4waitEm
0x7893b8 _ZN7QThreadD2Ev
0x7893c0 _ZN8QLibrary4loadEv
0x7893f0 _ZN8QProcessD1Ev
0x7893f8 _ZN8QVariantC1EPKc
0x789404 _ZN8QVariantC1ERKS_
0x789408 _ZN8QVariantC1Eb
0x78940c _ZN8QVariantC1Ei
0x789414 _ZN8QVariantC1Ej
0x789418 _ZN8QVariantD1Ev
0x78941c _ZN8QVariantaSERKS_
0x78942c _ZN9QDateTimeD1Ev
0x789434 _ZN9QFileInfoD1Ev
0x789480 _ZN9QRunnableD2Ev
0x7894a4 _ZN9QSettingsD1Ev
0x789554 _ZNK4QDir4pathEv
0x789560 _ZNK4QDir6existsEv
0x789570 _ZNK5QFile4sizeEv
0x789574 _ZNK5QFile6existsEv
0x789578 _ZNK5QTime4msecEv
0x789588 _ZNK7QBuffer4dataEv
0x7895a8 _ZNK7QString3midEii
0x7895ac _ZNK7QString4leftEi
0x789648 _ZeqRK7QStringS1_
0x789664 _ZltRK7QStringS1_
Library Qt5Gui.dll:
0x7896b0 _ZN5QFontC1Ev
0x7896b4 _ZN5QFontD1Ev
0x7896bc _ZN5QIconC1ERKS_
0x7896c0 _ZN5QIconC1Ev
0x7896c4 _ZN5QIconD1Ev
0x7896cc _ZN6QBrushD1Ev
0x7896d4 _ZN6QColor6setRedEi
0x7896f0 _ZN6QColorC1Ej
0x7896f4 _ZN6QColoraSERKS_
0x789700 _ZN6QImageC1Ev
0x789704 _ZN6QImageD1Ev
0x789708 _ZN7QCursor3posEv
0x789718 _ZN7QPixmapC1ERKS_
0x78971c _ZN7QPixmapC1Eii
0x789720 _ZN7QPixmapC1Ev
0x789724 _ZN7QPixmapD1Ev
0x789728 _ZN7QPixmapaSERKS_
0x78972c _ZN8QPainter4saveEv
0x78974c _ZN8QPainterD1Ev
0x789760 _ZNK6QColor3redEv
0x789764 _ZNK6QColor4blueEv
0x789768 _ZNK6QColor4rgbaEv
0x78976c _ZNK6QColor5alphaEv
0x789770 _ZNK6QColor5greenEv
0x789778 _ZNK6QColoreqERKS_
0x78977c _ZNK6QColorneERKS_
0x789784 _ZNK6QImage5widthEv
0x789790 _ZNK7QPixmap4rectEv
Library Qt5Multimedia.dll:
Library Qt5Network.dll:
0x789870 _ZN9QHostInfoC1Ei
0x789874 _ZN9QHostInfoD1Ev
0x78987c _ZN9QSslErrorD1Ev
Library Qt5Widgets.dll:
0x789988 _ZN7QDialog4doneEi
0x78998c _ZN7QDialog4execEv
0x789990 _ZN7QDialog4openEv
0x7899a4 _ZN7QDialogD2Ev
0x789a5c _ZN7QWidget4hideEv
0x789a64 _ZN7QWidget4showEv
0x789a68 _ZN7QWidget5closeEv
0x789aa0 _ZN7QWidgetD2Ev
0x789ac4 _ZNK6QLabel4textEv
0x789af0 _ZNK7QWidget1xEv
0x789af4 _ZNK7QWidget1yEv
Library ADVAPI32.dll:
0x789b2c GetTokenInformation
0x789b30 GetUserNameW
0x789b38 OpenProcessToken
Library dbghelp.dll:
0x789b40 MiniDumpWriteDump
Library libgcc_s_dw2-1.dll:
0x789b48 _Unwind_Resume
0x789b50 __divdi3
Library hid.dll:
0x789b60 HidD_GetAttributes
0x789b64 HidD_GetHidGuid
0x789b74 HidP_GetCaps
Library KERNEL32.dll:
0x789b7c CancelIo
0x789b80 CloseHandle
0x789b84 CreateDirectoryA
0x789b88 CreateEventW
0x789b8c CreateFileA
0x789b90 CreateFileW
0x789b94 CreateThread
0x789ba0 FormatMessageW
0x789ba4 FreeLibrary
0x789ba8 GetCommandLineW
0x789bac GetCurrentProcess
0x789bb0 GetCurrentProcessId
0x789bb4 GetCurrentThreadId
0x789bb8 GetLastError
0x789bbc GetModuleHandleA
0x789bc0 GetModuleHandleW
0x789bc4 GetOverlappedResult
0x789bc8 GetProcAddress
0x789bcc GetStartupInfoA
0x789bd4 GetTickCount
0x789be0 LoadLibraryA
0x789be4 LocalFree
0x789be8 OpenProcess
0x789bf4 ReadFile
0x789bf8 ResetEvent
0x789c00 Sleep
0x789c04 TerminateProcess
0x789c08 TlsGetValue
0x789c10 VirtualProtect
0x789c14 VirtualQuery
0x789c18 WaitForSingleObject
0x789c1c WideCharToMultiByte
0x789c20 WriteFile
Library msvcrt.dll:
0x789c28 __dllonexit
0x789c2c __getmainargs
0x789c30 __initenv
0x789c34 __lconv_init
0x789c38 __set_app_type
0x789c3c __setusermatherr
0x789c40 _acmdln
0x789c44 _amsg_exit
0x789c48 _cexit
0x789c4c _errno
0x789c50 _fmode
0x789c54 _initterm
0x789c58 _iob
0x789c5c _itoa
0x789c60 _lock
0x789c64 _onexit
0x789c68 _unlock
0x789c6c _wcsdup
0x789c70 abort
0x789c74 atan
0x789c78 atoi
0x789c7c calloc
0x789c80 exit
0x789c84 fprintf
0x789c88 free
0x789c8c fwrite
0x789c90 log10
0x789c94 malloc
0x789c98 memcmp
0x789c9c memmove
0x789ca0 memset
0x789ca4 memcpy
0x789ca8 printf
0x789cac puts
0x789cb0 signal
0x789cb4 sscanf
0x789cb8 strcmp
0x789cbc strcpy
0x789cc0 strlen
0x789cc4 strncmp
0x789cc8 strncpy
0x789ccc strstr
0x789cd0 strtok
0x789cd4 strtol
0x789cd8 vfprintf
0x789cdc wcscmp
0x789ce0 wcslen
Library NETAPI32.dll:
0x789ce8 NetApiBufferFree
0x789cec NetUserGetInfo
Library ole32.dll:
0x789cf4 CoCreateGuid
0x789cf8 CoCreateInstance
0x789cfc CoInitialize
0x789d00 CoUninitialize
Library POWRPROF.dll:
0x789d08 SetSuspendState
Library PSAPI.DLL:
Library SETUPAPI.dll:
Library SHELL32.dll:
0x789d38 CommandLineToArgvW
0x789d3c SHGetFolderPathA
0x789d40 ShellExecuteW
Library USER32.dll:
0x789d48 CallNextHookEx
0x789d4c ExitWindowsEx
0x789d50 GetCaretBlinkTime
0x789d54 GetDoubleClickTime
0x789d58 GetForegroundWindow
0x789d5c GetKeyNameTextW
0x789d60 GetKeyState
0x789d64 GetSystemMetrics
0x789d68 GetWindowLongW
0x789d70 LockWorkStation
0x789d74 PostMessageW
0x789d80 SendMessageW
0x789d84 SetCaretBlinkTime
0x789d88 SetWindowLongW
0x789d8c SetWindowsHookExW
0x789d94 UnhookWindowsHookEx
0x789d98 keybd_event

Exports

Ordinal Address Name
1 0x402900 hid_close
2 0x401990 hid_enumerate
3 0x402270 hid_enumerate2
4 0x4022f0 hid_enumerate3
5 0x402ac0 hid_error
6 0x401960 hid_exit
7 0x401e70 hid_free_enumeration
8 0x4028b0 hid_get_feature_report
9 0x402a60 hid_get_indexed_string
10 0x402ad0 hid_get_input_report

Hosts

No hosts contacted.

TCP

No TCP connections recorded.

UDP

Source Source Port Destination Destination Port
192.168.56.101 50568 114.114.114.114 53
192.168.56.101 51963 114.114.114.114 53
192.168.56.101 53657 114.114.114.114 53
192.168.56.101 60123 114.114.114.114 53
192.168.56.101 60215 114.114.114.114 53
192.168.56.101 62191 114.114.114.114 53
192.168.56.101 137 192.168.56.255 137
192.168.56.101 138 192.168.56.255 138
192.168.56.101 123 20.189.79.72 time.windows.com 123
192.168.56.101 49235 224.0.0.252 5355
192.168.56.101 50002 224.0.0.252 5355
192.168.56.101 50534 224.0.0.252 5355
192.168.56.101 51808 224.0.0.252 5355
192.168.56.101 53210 224.0.0.252 5355
192.168.56.101 56804 224.0.0.252 5355
192.168.56.101 57756 224.0.0.252 5355
192.168.56.101 57874 224.0.0.252 5355
192.168.56.101 60384 224.0.0.252 5355
192.168.56.101 62912 224.0.0.252 5355
192.168.56.101 63429 224.0.0.252 5355

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.