2.8
中危
1 个模型检测该样本为恶意!
重新分析
更多

279ae8b34f9276d68a2c0a35b01944f2971a1a7af719356139949e99a5034089

7fb8ff65acfbd8f4c1383b1c02dfb387.exe

分析耗时

94s

最近分析

文件大小

128.5KB
静态报毒 动态报毒 HFSAUTOB
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
查杀引擎 查杀结果 查杀时间 查杀版本
McAfee 20190927 6.0.6.653
Alibaba 20190527 0.3.0.5
Baidu 20190318 1.0.0.2
Avast 20190927 18.4.3895.0
Kingsoft 20190927 2013.8.14.323
Tencent 20190927 1.0.0.1
CrowdStrike 20190702 1.0
静态指标
Checks if process is being debugged by a debugger (1 个事件)
Time & API Arguments Status Return Repeated
1620821716.948124
IsDebuggerPresent
failed 0 0
This executable has a PDB path (1 个事件)
pdb_path SndRec32.pdb
行为判定
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

2008-04-14 02:31:55

Imports

Library ADVAPI32.dll:
0x1001000 RegCloseKey
0x1001004 RegQueryValueExW
0x1001008 RegOpenKeyExW
0x100100c RegSetValueExW
0x1001010 RegCreateKeyExW
0x1001014 RegDeleteValueW
0x1001018 RegOpenKeyExA
0x100101c RegQueryValueExA
Library KERNEL32.dll:
0x10010a8 GetCommandLineA
0x10010ac GetVersionExA
0x10010b0 ExitProcess
0x10010b4 GetProcAddress
0x10010b8 GetModuleHandleA
0x10010bc WriteFile
0x10010c0 GetStdHandle
0x10010c4 GetModuleFileNameA
0x10010cc GetEnvironmentStrings
0x10010d4 GetLastError
0x10010dc SetHandleCount
0x10010e0 GetFileType
0x10010e4 HeapDestroy
0x10010e8 HeapCreate
0x10010ec VirtualFree
0x10010f0 HeapFree
0x10010f4 HeapAlloc
0x10010f8 LoadLibraryA
0x10010fc GetACP
0x1001100 GetOEMCP
0x1001104 GetCPInfo
0x1001108 GetStartupInfoA
0x100110c HeapReAlloc
0x1001110 RtlUnwind
0x1001114 InterlockedExchange
0x1001118 VirtualQuery
0x100111c GetStringTypeA
0x1001120 GetStringTypeW
0x1001124 LCMapStringA
0x1001128 MultiByteToWideChar
0x100112c LCMapStringW
0x1001130 VirtualProtect
0x1001134 GetSystemInfo
0x1001138 GetLocaleInfoA
0x1001144 GetCurrentProcess
0x1001148 TerminateProcess
0x1001150 GetCurrentProcessId
0x1001154 GetTickCount
0x100115c GetTempFileNameW
0x1001160 lstrcpynW
0x1001164 GlobalReAlloc
0x1001168 WaitForSingleObject
0x100116c CreateThread
0x1001170 GlobalMemoryStatus
0x1001174 GetLocaleInfoW
0x1001178 GetCommandLineW
0x100117c GetFullPathNameW
0x1001180 lstrlenW
0x1001184 lstrcatW
0x1001188 DeleteFileW
0x100118c CreateFileW
0x1001190 CloseHandle
0x1001194 GlobalAlloc
0x1001198 GlobalLock
0x100119c GlobalSize
0x10011a0 GetCurrentThreadId
0x10011a4 lstrcmpiW
0x10011a8 WideCharToMultiByte
0x10011ac FindResourceW
0x10011b0 LoadResource
0x10011b4 LockResource
0x10011b8 FreeResource
0x10011bc lstrcmpW
0x10011c0 MulDiv
0x10011c4 lstrcpyW
0x10011c8 GlobalFree
0x10011cc GlobalUnlock
0x10011d0 GlobalHandle
0x10011d4 VirtualAlloc
Library GDI32.dll:
0x1001034 SetMapMode
0x1001038 GetStockObject
0x100103c CreateMetaFileW
0x1001040 SetWindowOrgEx
0x1001044 SetWindowExtEx
0x1001048 StretchBlt
0x100104c CloseMetaFile
0x1001050 DeleteMetaFile
0x1001054 GetDeviceCaps
0x100105c GetObjectW
0x1001060 SelectPalette
0x1001064 RealizePalette
0x1001068 GetDIBits
0x100106c PatBlt
0x1001070 BitBlt
0x1001074 DeleteDC
0x1001078 CreateCompatibleDC
0x100107c CreateBitmap
0x1001080 SetTextColor
0x1001084 SelectObject
0x1001088 SetBkColor
0x100108c GetTextExtentPointW
0x1001090 ExtTextOutW
0x1001094 DeleteObject
0x1001098 CreateSolidBrush
0x100109c SetBrushOrgEx
0x10010a0 CreateHatchBrush
Library USER32.dll:
0x1001228 SetCursor
0x100122c LoadCursorW
0x1001230 GetClipboardData
0x1001234 OpenClipboard
0x1001238 wsprintfW
0x100123c MessageBoxW
0x1001240 wvsprintfW
0x1001244 GetWindowLongW
0x1001248 MessageBeep
0x100124c CharPrevW
0x1001250 CharNextW
0x1001254 SetClassLongW
0x1001258 SetWindowTextW
0x100125c LoadAcceleratorsW
0x1001260 DefDlgProcW
0x1001264 RegisterClassW
0x1001268 LoadIconW
0x100126c GetDlgItem
0x1001270 ShowWindow
0x1001274 GetWindowTextW
0x1001278 ReleaseDC
0x100127c GetDC
0x1001280 EndPaint
0x1001284 BeginPaint
0x1001288 DefWindowProcW
0x100128c InflateRect
0x1001290 PeekMessageW
0x1001294 InvalidateRect
0x1001298 SetDlgItemTextW
0x100129c GetActiveWindow
0x10012a0 EnableWindow
0x10012a4 GetFocus
0x10012a8 SetTimer
0x10012ac KillTimer
0x10012b4 DrawIcon
0x10012b8 SetRect
0x10012bc GetSystemMetrics
0x10012c0 ModifyMenuW
0x10012c4 DrawMenuBar
0x10012c8 DeleteMenu
0x10012cc GetMenu
0x10012d0 IsWindow
0x10012d4 EndDialog
0x10012d8 SetPropW
0x10012dc RemovePropW
0x10012e0 CloseClipboard
0x10012e4 GetDlgCtrlID
0x10012e8 DialogBoxParamW
0x10012ec MoveWindow
0x10012f0 IsIconic
0x10012f4 GetWindowRect
0x10012f8 DrawFocusRect
0x10012fc CopyRect
0x1001300 DrawEdge
0x1001304 CallWindowProcW
0x1001308 SetWindowLongW
0x100130c MapWindowPoints
0x1001310 CreateWindowExW
0x1001314 SetForegroundWindow
0x1001318 SetFocus
0x100131c RemoveMenu
0x1001320 GetMenuStringW
0x1001324 GetSubMenu
0x1001328 InsertMenuW
0x100132c GetParent
0x1001330 SetWindowPos
0x1001334 DestroyMenu
0x1001338 CreateMenu
0x100133c RedrawWindow
0x1001344 DispatchMessageW
0x1001348 UnhookWindowsHookEx
0x100134c GetSysColor
0x1001350 GetClientRect
0x1001354 FillRect
0x1001358 DestroyWindow
0x100135c PostQuitMessage
0x1001360 LoadStringW
0x1001364 ScreenToClient
0x1001368 UpdateWindow
0x100136c IsWindowEnabled
0x1001370 SetActiveWindow
0x1001374 PostMessageW
0x1001378 GetWindow
0x100137c GetKeyState
0x1001380 EnableMenuItem
0x1001388 SetWindowsHookExW
0x100138c CreateDialogParamW
0x1001390 GetMessageW
0x1001394 TranslateAcceleratorW
0x1001398 IsDialogMessageW
0x100139c GetPropW
0x10013a0 TranslateMessage
0x10013a4 WinHelpW
0x10013a8 GetDesktopWindow
0x10013ac IsWindowVisible
0x10013b0 GetAsyncKeyState
0x10013b4 SendMessageW
0x10013b8 CallNextHookEx
0x10013bc ClientToScreen
Library WINMM.dll:
0x10013c8 mmioOpenW
0x10013cc mmioWrite
0x10013d0 mmioAscend
0x10013d4 mmioCreateChunk
0x10013d8 mmioRead
0x10013dc mmioSeek
0x10013e0 mmioDescend
0x10013e4 waveOutGetNumDevs
0x10013e8 waveInGetNumDevs
0x10013ec waveInOpen
0x10013f0 waveOutWrite
0x10013f4 waveInAddBuffer
0x10013f8 waveOutPrepareHeader
0x10013fc waveInPrepareHeader
0x1001400 waveInUnprepareHeader
0x1001404 waveOutOpen
0x1001408 waveInReset
0x100140c waveOutReset
0x1001410 mmioGetInfo
0x1001414 waveInStart
0x1001418 waveOutPause
0x100141c waveOutRestart
0x1001420 waveOutClose
0x1001424 waveInClose
0x1001428 waveOutGetPosition
0x100142c waveInGetPosition
0x1001430 mmioClose
Library comdlg32.dll:
0x1001438 GetSaveFileNameW
0x100143c GetOpenFileNameW
Library SHELL32.dll:
0x100120c ShellAboutW
0x1001210 DragQueryFileW
0x1001214 DragFinish
0x1001218 SHGetFileInfoW
0x100121c ShellExecuteW
0x1001220 DragAcceptFiles
Library ole32.dll:
0x1001444 OleFlushClipboard
0x1001448 OleUninitialize
0x100144c OleInitialize
0x1001450 OleBuildVersion
0x1001454 CoRevokeClassObject
0x1001458 CoLockObjectExternal
0x100145c CoCreateInstance
0x1001460 OleSetClipboard
0x1001464 WriteClassStg
0x1001468 OleNoteObjectVisible
0x100146c StgCreateDocfile
0x1001470 OleSave
0x1001474 CreateFileMoniker
0x1001478 OleIsCurrentClipboard
0x100147c CoRegisterClassObject
0x1001480 CLSIDFromString
0x1001484 OleDraw
0x1001488 WriteClassStm
0x100148c CreateStreamOnHGlobal
0x1001490 ReleaseStgMedium
0x1001498 WriteFmtUserTypeStg
0x100149c StgOpenStorage
0x10014a0 CreateOleAdviseHolder
0x10014a4 GetRunningObjectTable
0x10014a8 CreateBindCtx
0x10014bc CoGetMalloc
Library MSACM32.dll:
0x10011dc acmFormatSuggest
0x10011e0 acmStreamOpen
0x10011e4 acmStreamSize
0x10011e8 acmFormatDetailsW
0x10011f0 acmStreamConvert
0x10011f8 acmStreamClose
0x10011fc acmMetrics
0x1001200 acmFormatChooseW
0x1001204 acmFormatTagDetailsW
Library COMCTL32.dll:
0x1001024
0x1001028
0x100102c PropertySheetW

Hosts

No hosts contacted.

TCP

No TCP connections recorded.

UDP

Source Source Port Destination Destination Port
192.168.56.101 53210 114.114.114.114 53
192.168.56.101 53657 114.114.114.114 53
192.168.56.101 55368 114.114.114.114 53
192.168.56.101 60215 114.114.114.114 53
192.168.56.101 63429 114.114.114.114 53
192.168.56.101 137 192.168.56.255 137
192.168.56.101 138 192.168.56.255 138
192.168.56.101 123 20.189.79.72 time.windows.com 123
192.168.56.101 50002 224.0.0.252 5355
192.168.56.101 50534 224.0.0.252 5355
192.168.56.101 51808 224.0.0.252 5355
192.168.56.101 51963 224.0.0.252 5355
192.168.56.101 53380 224.0.0.252 5355
192.168.56.101 56539 224.0.0.252 5355
192.168.56.101 56804 224.0.0.252 5355
192.168.56.101 57756 224.0.0.252 5355
192.168.56.101 57874 224.0.0.252 5355
192.168.56.101 60384 224.0.0.252 5355
192.168.56.101 61680 224.0.0.252 5355
192.168.56.101 1900 239.255.255.250 1900

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.