6.8
高危
53 个模型检测该样本为恶意!
重新分析
更多

60d7b2ab0fb53d37576c2edd50231cc82e87d0c0cee85afddac247cb795164c3

863a5de839dc654688f60fcf7169a393.exe

分析耗时

100s

最近分析

文件大小

795.8KB
静态报毒 动态报毒 AGENTB AI SCORE=83 CLOUD CONFIDENCE DELF EKLE ELDORADO GDSDA GENCIRC GENERICKD GENKRYPTIK HACKTOOL HPRUWG IGENERIC INVALIDSIG PAPGM POTENTIALLY UNWANTED SOFTWARE PWSX R011C0WGV20 R346565 SCORE SIGGEN9 SUSPICIOUS PE TRJGEN TSCOPE UNSAFE WACATAC XKY@AOG907JI ZELPHICO 更多
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
查杀引擎 查杀结果 查杀时间 查杀版本
McAfee RDN/Generic.tfr 20200813 6.0.6.653
Alibaba TrojanDownloader:Win32/Agentb.c953ef5c 20190527 0.3.0.5
CrowdStrike win/malicious_confidence_90% (W) 20190702 1.0
Baidu 20190318 1.0.0.2
Avast Win32:PWSX-gen [Trj] 20200813 18.4.3895.0
Kingsoft 20200813 2013.8.14.323
Tencent Malware.Win32.Gencirc.10cde63a 20200813 1.0.0.1
静态指标
This executable is signed
The executable contains unknown PE section names indicative of a packer (could be a false positive) (1 个事件)
section .itext
The executable uses a known packer (1 个事件)
packer BobSoft Mini Delphi -> BoB / BobSoft
One or more processes crashed (1 个事件)
Time & API Arguments Status Return Repeated
1619718655.743626
__exception__
stacktrace: 
0x24b091a
DriverCallback+0x4e waveOutOpen-0xa2e winmm+0x3af0 @ 0x736c3af0
timeEndPeriod+0x54a timeKillEvent-0x57 winmm+0xa535 @ 0x736ca535
timeEndPeriod+0x449 timeKillEvent-0x158 winmm+0xa434 @ 0x736ca434
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x763533ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77d69ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77d69ea5

registers.esp: 59898908
registers.edi: 59898952
registers.eax: 0
registers.ebp: 59899504
registers.edx: 0
registers.ebx: 0
registers.esi: 0
registers.ecx: 8060928
exception.instruction_r: 8b 40 3c 99 03 04 24 13 54 24 04 83 c4 08 89 44
exception.instruction: mov eax, dword ptr [eax + 0x3c]
exception.exception_code: 0xc0000005
exception.symbol:
exception.address: 0x249d364
success 0 0
行为判定
动态指标
Allocates read-write-execute memory (usually to unpack itself) (1 个事件)
Time & API Arguments Status Return Repeated
1619718594.384626
NtAllocateVirtualMemory
process_identifier: 1376
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x005f0000
success 0 0
Checks adapter addresses which can be used to detect virtual network interfaces (1 个事件)
Time & API Arguments Status Return Repeated
1619718631.149626
GetAdaptersAddresses
flags: 0
family: 0
failed 111 0
网络通信
Communicates with host for which no DNS query was performed (1 个事件)
host 172.217.24.14
Disables proxy possibly for traffic interception (1 个事件)
Time & API Arguments Status Return Repeated
1619718630.915626
RegSetValueExA
key_handle: 0x00000314
value: 0
regkey_r: ProxyEnable
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
success 0 0
Sets or modifies WPAD proxy autoconfiguration file for traffic interception (8 个事件)
Time & API Arguments Status Return Repeated
1619718633.743626
RegSetValueExA
key_handle: 0x0000040c
value: 1
regkey_r: WpadDecisionReason
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecisionReason
success 0 0
1619718633.743626
RegSetValueExA
key_handle: 0x0000040c
value: àr3Í =×
regkey_r: WpadDecisionTime
reg_type: 3 (REG_BINARY)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecisionTime
success 0 0
1619718633.743626
RegSetValueExA
key_handle: 0x0000040c
value: 3
regkey_r: WpadDecision
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecision
success 0 0
1619718633.743626
RegSetValueExW
key_handle: 0x0000040c
value: 网络 2
regkey_r: WpadNetworkName
reg_type: 1 (REG_SZ)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadNetworkName
success 0 0
1619718633.743626
RegSetValueExA
key_handle: 0x00000428
value: 1
regkey_r: WpadDecisionReason
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecisionReason
success 0 0
1619718633.743626
RegSetValueExA
key_handle: 0x00000428
value: àr3Í =×
regkey_r: WpadDecisionTime
reg_type: 3 (REG_BINARY)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecisionTime
success 0 0
1619718633.743626
RegSetValueExA
key_handle: 0x00000428
value: 3
regkey_r: WpadDecision
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecision
success 0 0
1619718633.774626
RegSetValueExW
key_handle: 0x00000408
value: {40112ABE-63B3-43C3-BE93-1440EE3AF106}
regkey_r: WpadLastNetwork
reg_type: 1 (REG_SZ)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\WpadLastNetwork
success 0 0
Network activity contains more than one unique useragent (2 个事件)
process 863a5de839dc654688f60fcf7169a393.exe useragent Internal
process 863a5de839dc654688f60fcf7169a393.exe useragent m
File has been identified by 53 AntiVirus engines on VirusTotal as malicious (50 out of 53 个事件)
MicroWorld-eScan Trojan.GenericKD.43567480
FireEye Trojan.GenericKD.43567480
CAT-QuickHeal Trojan.IGENERIC
McAfee RDN/Generic.tfr
Cylance Unsafe
Zillya Downloader.Delf.Win32.59637
Sangfor Malware
K7AntiVirus Trojan ( 0056ba911 )
Alibaba TrojanDownloader:Win32/Agentb.c953ef5c
K7GW Trojan ( 0056ba911 )
CrowdStrike win/malicious_confidence_90% (W)
TrendMicro TROJ_GEN.R011C0WGV20
F-Prot W32/Delf.LM.gen!Eldorado
Symantec Trojan Horse
APEX Malicious
GData Trojan.GenericKD.43567480
Kaspersky HEUR:Trojan.Win32.Agentb.gen
BitDefender Trojan.GenericKD.43567480
NANO-Antivirus Trojan.Win32.TrjGen.hpruwg
ViRobot Trojan.Win32.Z.Wacatac.814849
Avast Win32:PWSX-gen [Trj]
Rising Trojan.GenKryptik!8.AA55 (CLOUD)
Ad-Aware Trojan.GenericKD.43567480
Sophos Potentially Unwanted Software (PUA)
F-Secure Trojan.TR/Injector.papgm
DrWeb Trojan.Siggen9.63175
VIPRE Trojan.Win32.Generic!BT
Emsisoft Trojan.GenericKD.43567480 (B)
Ikarus Trojan.Agent
Cyren W32/Delf.LM.gen!Eldorado
Jiangmin Trojan.Agentb.hgk
Avira TR/Injector.papgm
Antiy-AVL HackTool/Win32.Agent
Arcabit Trojan.Generic.D298C978
ZoneAlarm HEUR:Trojan.Win32.Agentb.gen
Microsoft Trojan:Win32/Wacatac.C!ml
Cynet Malicious (score: 85)
AhnLab-V3 Malware/Win32.RL_Generic.R346565
BitDefenderTheta Gen:NN.ZelphiCO.34152.XKY@aOG907ji
ALYac Trojan.Agent.Wacatac
MAX malware (ai score=83)
VBA32 TScope.Trojan.Delf
Malwarebytes Trojan.MalPack.SMY.Generic
Zoner Trojan.Win32.91613
ESET-NOD32 Win32/TrojanDownloader.Delf.CYW
TrendMicro-HouseCall TROJ_GEN.R011C0WGV20
Tencent Malware.Win32.Gencirc.10cde63a
SentinelOne DFI - Suspicious PE
eGambit PE.Heur.InvalidSig
Fortinet W32/GenKryptik.EKLE!tr
Connects to IP addresses that are no longer responding to requests (legitimate services will remain up-and-running usually) (4 个事件)
dead_host 172.217.24.14:443
dead_host 108.160.165.48:443
dead_host 172.217.27.142:443
dead_host 172.217.160.110:443
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

1992-06-20 06:22:17

Imports

Library oleaut32.dll:
0x4ac820 SysFreeString
0x4ac824 SysReAllocStringLen
0x4ac828 SysAllocStringLen
Library advapi32.dll:
0x4ac830 RegQueryValueExA
0x4ac834 RegOpenKeyExA
0x4ac838 RegCloseKey
Library user32.dll:
0x4ac840 GetKeyboardType
0x4ac844 DestroyWindow
0x4ac848 LoadStringA
0x4ac84c MessageBoxA
0x4ac850 CharNextA
Library kernel32.dll:
0x4ac858 GetACP
0x4ac85c Sleep
0x4ac860 VirtualFree
0x4ac864 VirtualAlloc
0x4ac868 GetTickCount
0x4ac870 GetCurrentThreadId
0x4ac87c VirtualQuery
0x4ac880 WideCharToMultiByte
0x4ac884 MultiByteToWideChar
0x4ac888 lstrlenA
0x4ac88c lstrcpynA
0x4ac890 LoadLibraryExA
0x4ac894 GetThreadLocale
0x4ac898 GetStartupInfoA
0x4ac89c GetProcAddress
0x4ac8a0 GetModuleHandleA
0x4ac8a4 GetModuleFileNameA
0x4ac8a8 GetLocaleInfoA
0x4ac8ac GetCommandLineA
0x4ac8b0 FreeLibrary
0x4ac8b4 FindFirstFileA
0x4ac8b8 FindClose
0x4ac8bc ExitProcess
0x4ac8c0 CompareStringA
0x4ac8c4 WriteFile
0x4ac8cc RtlUnwind
0x4ac8d0 RaiseException
0x4ac8d4 GetStdHandle
Library kernel32.dll:
0x4ac8dc TlsSetValue
0x4ac8e0 TlsGetValue
0x4ac8e4 LocalAlloc
0x4ac8e8 GetModuleHandleA
Library user32.dll:
0x4ac8f0 CreateWindowExA
0x4ac8f4 WindowFromPoint
0x4ac8f8 WaitMessage
0x4ac8fc UpdateWindow
0x4ac900 UnregisterClassA
0x4ac904 UnhookWindowsHookEx
0x4ac908 TranslateMessage
0x4ac910 TrackPopupMenu
0x4ac918 ShowWindow
0x4ac91c ShowScrollBar
0x4ac920 ShowOwnedPopups
0x4ac924 SetWindowsHookExA
0x4ac928 SetWindowTextA
0x4ac92c SetWindowPos
0x4ac930 SetWindowPlacement
0x4ac934 SetWindowLongW
0x4ac938 SetWindowLongA
0x4ac93c SetTimer
0x4ac940 SetScrollRange
0x4ac944 SetScrollPos
0x4ac948 SetScrollInfo
0x4ac94c SetRect
0x4ac950 SetPropA
0x4ac954 SetParent
0x4ac958 SetMenuItemInfoA
0x4ac95c SetMenu
0x4ac960 SetForegroundWindow
0x4ac964 SetFocus
0x4ac968 SetCursor
0x4ac96c SetClassLongA
0x4ac970 SetCapture
0x4ac974 SetActiveWindow
0x4ac978 SendMessageW
0x4ac97c SendMessageA
0x4ac980 ScrollWindow
0x4ac984 ScreenToClient
0x4ac988 RemovePropA
0x4ac98c RemoveMenu
0x4ac990 ReleaseDC
0x4ac994 ReleaseCapture
0x4ac9a0 RegisterClassA
0x4ac9a4 RedrawWindow
0x4ac9a8 PtInRect
0x4ac9ac PostQuitMessage
0x4ac9b0 PostMessageA
0x4ac9b4 PeekMessageW
0x4ac9b8 PeekMessageA
0x4ac9bc OffsetRect
0x4ac9c0 OemToCharA
0x4ac9c4 MessageBoxA
0x4ac9c8 MapWindowPoints
0x4ac9cc MapVirtualKeyA
0x4ac9d0 LoadStringA
0x4ac9d4 LoadKeyboardLayoutA
0x4ac9d8 LoadIconA
0x4ac9dc LoadCursorA
0x4ac9e0 LoadBitmapA
0x4ac9e4 KillTimer
0x4ac9e8 IsZoomed
0x4ac9ec IsWindowVisible
0x4ac9f0 IsWindowUnicode
0x4ac9f4 IsWindowEnabled
0x4ac9f8 IsWindow
0x4ac9fc IsRectEmpty
0x4aca00 IsIconic
0x4aca04 IsDialogMessageW
0x4aca08 IsDialogMessageA
0x4aca0c IsChild
0x4aca10 InvalidateRect
0x4aca14 IntersectRect
0x4aca18 InsertMenuItemA
0x4aca1c InsertMenuA
0x4aca20 InflateRect
0x4aca28 GetWindowTextA
0x4aca2c GetWindowRect
0x4aca30 GetWindowPlacement
0x4aca34 GetWindowLongW
0x4aca38 GetWindowLongA
0x4aca3c GetWindowDC
0x4aca40 GetTopWindow
0x4aca44 GetSystemMetrics
0x4aca48 GetSystemMenu
0x4aca4c GetSysColorBrush
0x4aca50 GetSysColor
0x4aca54 GetSubMenu
0x4aca58 GetScrollRange
0x4aca5c GetScrollPos
0x4aca60 GetScrollInfo
0x4aca64 GetPropA
0x4aca68 GetParent
0x4aca6c GetWindow
0x4aca70 GetMessagePos
0x4aca74 GetMenuStringA
0x4aca78 GetMenuState
0x4aca7c GetMenuItemInfoA
0x4aca80 GetMenuItemID
0x4aca84 GetMenuItemCount
0x4aca88 GetMenu
0x4aca8c GetLastActivePopup
0x4aca90 GetKeyboardState
0x4aca9c GetKeyboardLayout
0x4acaa0 GetKeyState
0x4acaa4 GetKeyNameTextA
0x4acaa8 GetIconInfo
0x4acaac GetForegroundWindow
0x4acab0 GetFocus
0x4acab4 GetDlgItem
0x4acab8 GetDesktopWindow
0x4acabc GetDCEx
0x4acac0 GetDC
0x4acac4 GetCursorPos
0x4acac8 GetCursor
0x4acacc GetClipboardData
0x4acad0 GetClientRect
0x4acad4 GetClassLongA
0x4acad8 GetClassInfoA
0x4acadc GetCapture
0x4acae0 GetActiveWindow
0x4acae4 FrameRect
0x4acae8 FindWindowA
0x4acaec FillRect
0x4acaf0 EqualRect
0x4acaf4 EnumWindows
0x4acaf8 EnumThreadWindows
0x4acafc EnumChildWindows
0x4acb00 EndPaint
0x4acb04 EndDeferWindowPos
0x4acb08 EnableWindow
0x4acb0c EnableScrollBar
0x4acb10 EnableMenuItem
0x4acb14 DrawTextA
0x4acb18 DrawMenuBar
0x4acb1c DrawIconEx
0x4acb20 DrawIcon
0x4acb24 DrawFrameControl
0x4acb28 DrawFocusRect
0x4acb2c DrawEdge
0x4acb30 DispatchMessageW
0x4acb34 DispatchMessageA
0x4acb38 DestroyWindow
0x4acb3c DestroyMenu
0x4acb40 DestroyIcon
0x4acb44 DestroyCursor
0x4acb48 DeleteMenu
0x4acb4c DeferWindowPos
0x4acb50 DefWindowProcA
0x4acb54 DefMDIChildProcA
0x4acb58 DefFrameProcA
0x4acb5c CreatePopupMenu
0x4acb60 CreateMenu
0x4acb64 CreateIcon
0x4acb68 ClientToScreen
0x4acb6c CheckMenuItem
0x4acb70 CharNextW
0x4acb74 CallWindowProcA
0x4acb78 CallNextHookEx
0x4acb7c BeginPaint
0x4acb80 BeginDeferWindowPos
0x4acb84 CharNextA
0x4acb88 CharLowerBuffA
0x4acb8c CharLowerA
0x4acb90 CharUpperBuffA
0x4acb94 CharToOemA
0x4acb98 AdjustWindowRectEx
Library msimg32.dll:
0x4acba4 GradientFill
Library gdi32.dll:
0x4acbac UnrealizeObject
0x4acbb0 StretchBlt
0x4acbb4 SetWindowOrgEx
0x4acbb8 SetWinMetaFileBits
0x4acbbc SetViewportOrgEx
0x4acbc0 SetTextColor
0x4acbc4 SetStretchBltMode
0x4acbc8 SetROP2
0x4acbcc SetPixel
0x4acbd0 SetEnhMetaFileBits
0x4acbd4 SetDIBColorTable
0x4acbd8 SetBrushOrgEx
0x4acbdc SetBkMode
0x4acbe0 SetBkColor
0x4acbe4 SelectPalette
0x4acbe8 SelectObject
0x4acbec SelectClipRgn
0x4acbf0 SaveDC
0x4acbf4 RoundRect
0x4acbf8 RestoreDC
0x4acbfc Rectangle
0x4acc00 RectVisible
0x4acc04 RealizePalette
0x4acc08 Polyline
0x4acc0c Polygon
0x4acc10 PlayEnhMetaFile
0x4acc14 PatBlt
0x4acc18 MoveToEx
0x4acc1c MaskBlt
0x4acc20 LineTo
0x4acc24 IntersectClipRect
0x4acc28 GetWindowOrgEx
0x4acc2c GetWinMetaFileBits
0x4acc30 GetTextMetricsA
0x4acc3c GetStockObject
0x4acc40 GetRgnBox
0x4acc44 GetROP2
0x4acc48 GetPixel
0x4acc4c GetPaletteEntries
0x4acc50 GetObjectA
0x4acc54 GetGraphicsMode
0x4acc60 GetEnhMetaFileBits
0x4acc64 GetDeviceCaps
0x4acc68 GetDIBits
0x4acc6c GetDIBColorTable
0x4acc70 GetDCOrgEx
0x4acc78 GetClipBox
0x4acc7c GetBrushOrgEx
0x4acc80 GetBitmapBits
0x4acc84 ExcludeClipRect
0x4acc88 Ellipse
0x4acc8c DeleteObject
0x4acc90 DeleteEnhMetaFile
0x4acc94 DeleteDC
0x4acc98 CreateSolidBrush
0x4acc9c CreateRectRgn
0x4acca0 CreatePenIndirect
0x4acca4 CreatePalette
0x4accac CreateFontIndirectA
0x4accb0 CreateDIBitmap
0x4accb4 CreateDIBSection
0x4accb8 CreateCompatibleDC
0x4accc0 CreateBrushIndirect
0x4accc4 CreateBitmap
0x4accc8 CopyEnhMetaFileA
0x4acccc CombineRgn
0x4accd0 BitBlt
Library version.dll:
0x4accd8 VerQueryValueA
0x4acce0 GetFileVersionInfoA
Library kernel32.dll:
0x4acce8 lstrcpyA
0x4accec WriteFile
0x4accf0 WaitForSingleObject
0x4accf4 VirtualQuery
0x4accf8 VirtualProtect
0x4accfc VirtualAlloc
0x4acd00 SizeofResource
0x4acd04 SetThreadLocale
0x4acd08 SetFilePointer
0x4acd0c SetEvent
0x4acd10 SetErrorMode
0x4acd14 SetEndOfFile
0x4acd18 ResetEvent
0x4acd1c ReadFile
0x4acd20 MultiByteToWideChar
0x4acd24 MulDiv
0x4acd28 LockResource
0x4acd2c LoadResource
0x4acd30 LoadLibraryA
0x4acd3c GlobalFindAtomA
0x4acd40 GlobalDeleteAtom
0x4acd44 GlobalAddAtomA
0x4acd48 GetVersionExA
0x4acd4c GetVersion
0x4acd50 GetTickCount
0x4acd54 GetThreadLocale
0x4acd58 GetStdHandle
0x4acd5c GetProcAddress
0x4acd60 GetModuleHandleA
0x4acd64 GetModuleFileNameA
0x4acd68 GetLocaleInfoA
0x4acd6c GetLocalTime
0x4acd70 GetLastError
0x4acd74 GetFullPathNameA
0x4acd78 GetDiskFreeSpaceA
0x4acd7c GetDateFormatA
0x4acd80 GetCurrentThreadId
0x4acd84 GetCurrentProcessId
0x4acd88 GetCPInfo
0x4acd8c FreeResource
0x4acd90 InterlockedExchange
0x4acd94 FreeLibrary
0x4acd98 FormatMessageA
0x4acd9c FindResourceA
0x4acda0 EnumCalendarInfoA
0x4acdac CreateThread
0x4acdb0 CreateFileA
0x4acdb4 CreateEventA
0x4acdb8 CompareStringA
0x4acdbc CloseHandle
Library advapi32.dll:
0x4acdc4 RegQueryValueExA
0x4acdc8 RegOpenKeyExA
0x4acdcc RegFlushKey
0x4acdd0 RegCloseKey
Library oleaut32.dll:
0x4acdd8 GetErrorInfo
0x4acddc SysFreeString
Library ole32.dll:
0x4acde4 CoUninitialize
0x4acde8 CoInitialize
Library kernel32.dll:
0x4acdf0 Sleep
Library oleaut32.dll:
0x4acdf8 SafeArrayPtrOfIndex
0x4acdfc SafeArrayPutElement
0x4ace00 SafeArrayGetElement
0x4ace08 SafeArrayAccessData
0x4ace0c SafeArrayGetUBound
0x4ace10 SafeArrayGetLBound
0x4ace14 SafeArrayCreate
0x4ace18 VariantChangeType
0x4ace1c VariantCopyInd
0x4ace20 VariantCopy
0x4ace24 VariantClear
0x4ace28 VariantInit
Library comctl32.dll:
0x4ace30 _TrackMouseEvent
0x4ace3c ImageList_Write
0x4ace40 ImageList_Read
0x4ace4c ImageList_DragMove
0x4ace50 ImageList_DragLeave
0x4ace54 ImageList_DragEnter
0x4ace58 ImageList_EndDrag
0x4ace5c ImageList_BeginDrag
0x4ace60 ImageList_Remove
0x4ace64 ImageList_DrawEx
0x4ace68 ImageList_Replace
0x4ace6c ImageList_Draw
0x4ace78 ImageList_Add
0x4ace80 ImageList_Destroy
0x4ace84 ImageList_Create
0x4ace88 InitCommonControls
Library comdlg32.dll:
0x4ace90 ChooseColorA
0x4ace94 GetSaveFileNameA
0x4ace98 GetOpenFileNameA
Library opengl32.dll:
0x4acea0 glReadPixels
Library UrL:
0x4acea8 InetIsOffline

Hosts

No hosts contacted.

TCP

No TCP connections recorded.

UDP

Source Source Port Destination Destination Port
192.168.56.101 50568 114.114.114.114 53
192.168.56.101 51963 114.114.114.114 53
192.168.56.101 53380 114.114.114.114 53
192.168.56.101 60088 114.114.114.114 53
192.168.56.101 60123 114.114.114.114 53
192.168.56.101 60215 114.114.114.114 53
192.168.56.101 60221 114.114.114.114 53
192.168.56.101 63429 114.114.114.114 53
192.168.56.101 65004 114.114.114.114 53
192.168.56.101 137 192.168.56.255 137
192.168.56.101 138 192.168.56.255 138
192.168.56.101 123 20.189.79.72 time.windows.com 123
192.168.56.101 49235 224.0.0.252 5355
192.168.56.101 50002 224.0.0.252 5355
192.168.56.101 53657 224.0.0.252 5355
192.168.56.101 56539 224.0.0.252 5355
192.168.56.101 56804 224.0.0.252 5355
192.168.56.101 57236 224.0.0.252 5355
192.168.56.101 57756 224.0.0.252 5355
192.168.56.101 57874 224.0.0.252 5355

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.