3.2
中危
4 个模型检测该样本为恶意!
重新分析
更多

8e6469c6e441d87f60dc8391be53ea1cb684d8c12fd00a00e638d91783199b96

89e712030935cf76aec9dc4ed3133d5c.exe

分析耗时

94s

最近分析

文件大小

149.9KB
静态报毒 动态报毒 ARTEMIS FILEREPMALWARE PERFECTREGISTRY
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
查杀引擎 查杀结果 查杀时间 查杀版本
McAfee Artemis!89E712030935 20200925 6.0.6.653
Alibaba 20190527 0.3.0.5
Baidu 20190318 1.0.0.2
Avast 20200926 18.4.3895.0
Kingsoft 20200926 2013.8.14.323
Tencent 20200926 1.0.0.1
CrowdStrike 20190702 1.0
行为判定
动态指标
File has been identified by 4 AntiVirus engines on VirusTotal as malicious (4 个事件)
McAfee Artemis!89E712030935
McAfee-GW-Edition Artemis
AVG FileRepMalware
Panda PUP/PerfectRegistry
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

2009-11-03 04:23:03

Imports

Library SHELL32.dll:
0x4131f4 ShellExecuteA
0x4131f8 FindExecutableA
0x4131fc SHBrowseForFolderA
0x413200 SHGetMalloc
Library USER32.dll:
0x413208 GetClientRect
0x41320c SetRect
0x413210 EndPaint
0x413214 LoadCursorA
0x413218 GetLastActivePopup
0x41321c KillTimer
0x413220 ShowWindow
0x413224 PostMessageA
0x413228 SendMessageA
0x41322c EnableWindow
0x413230 SetTimer
0x413234 SetWindowTextA
0x413238 SetForegroundWindow
0x41323c SetActiveWindow
0x413240 SetDlgItemTextA
0x413244 GetKeyState
0x413248 CharUpperBuffA
0x41324c PeekMessageA
0x413250 GetSysColor
0x413254 DispatchMessageA
0x413258 GetParent
0x41325c SendDlgItemMessageA
0x413260 GetDlgItem
0x413264 InvalidateRect
0x413268 UpdateWindow
0x41326c LoadStringA
0x413270 MessageBoxA
0x413274 DialogBoxParamA
0x413278 GetWindowLongA
0x41327c SetWindowLongA
0x413280 GetDlgItemTextA
0x413284 EndDialog
0x413288 GetWindowRect
0x41328c GetSystemMetrics
0x413290 SetWindowPos
0x413294 SetCursor
0x413298 CharNextA
0x41329c BeginPaint
0x4132a0 SetWindowWord
0x4132a4 GetWindowWord
0x4132a8 DefWindowProcA
0x4132ac RegisterClassA
0x4132b0 TranslateMessage
Library KERNEL32.dll:
0x413044 GetLocaleInfoA
0x413048 GetStringTypeW
0x41304c GetStringTypeA
0x413054 GetCurrentProcessId
0x413058 GetTickCount
0x413060 GetFileType
0x413064 SetHandleCount
0x413078 LCMapStringW
0x41307c LCMapStringA
0x413080 GetStdHandle
0x413084 HeapCreate
0x413088 HeapDestroy
0x41308c VirtualAlloc
0x413090 VirtualFree
0x4130a0 HeapSize
0x4130a4 Sleep
0x4130a8 GetCurrentThreadId
0x4130ac SetLastError
0x4130b0 TlsFree
0x4130b4 TlsSetValue
0x4130b8 GetVersionExA
0x4130bc FindClose
0x4130c0 FindFirstFileA
0x4130cc CreateDirectoryA
0x4130d0 SetFileTime
0x4130dc LocalAlloc
0x4130e0 GetDriveTypeA
0x4130e8 SetFilePointer
0x4130ec CreateFileA
0x4130f4 GlobalFree
0x4130f8 GlobalUnlock
0x4130fc GlobalHandle
0x413100 _lclose
0x413104 _llseek
0x413108 _lread
0x41310c _lopen
0x413110 GlobalLock
0x413114 GlobalAlloc
0x413118 GlobalMemoryStatus
0x41311c GetVersion
0x413120 GetModuleFileNameA
0x413124 WriteFile
0x413128 GetSystemTime
0x41312c LocalFree
0x413130 ExitProcess
0x413134 FormatMessageA
0x413138 GetLastError
0x41313c GetModuleHandleA
0x413144 WideCharToMultiByte
0x413148 CreateProcessA
0x41314c lstrcmpiA
0x413150 SetErrorMode
0x413154 MultiByteToWideChar
0x413158 GetLocalTime
0x41315c lstrlenA
0x413160 CreateFileW
0x413164 ReadFile
0x413168 GetConsoleCP
0x41316c GetConsoleMode
0x413170 LoadLibraryA
0x413178 SetStdHandle
0x41317c WriteConsoleA
0x413180 GetConsoleOutputCP
0x413184 FlushFileBuffers
0x413188 WriteConsoleW
0x41318c CloseHandle
0x413190 RtlUnwind
0x413194 HeapAlloc
0x413198 HeapFree
0x41319c HeapReAlloc
0x4131a0 RaiseException
0x4131a4 TerminateProcess
0x4131a8 GetCurrentProcess
0x4131b4 IsDebuggerPresent
0x4131b8 GetCommandLineA
0x4131bc GetProcessHeap
0x4131c0 GetStartupInfoA
0x4131c4 GetCPInfo
0x4131d0 GetACP
0x4131d4 GetOEMCP
0x4131d8 IsValidCodePage
0x4131dc GetProcAddress
0x4131e0 TlsGetValue
0x4131e4 TlsAlloc
Library GDI32.dll:
0x413010 SetTextColor
0x413014 SetTextAlign
0x413018 GetBkColor
0x413020 ExtTextOutA
0x413024 CreateDCA
0x413028 GetDeviceCaps
0x41302c CreateFontIndirectA
0x413030 DeleteDC
0x413034 SelectObject
0x413038 DeleteObject
0x41303c SetBkColor
Library ADVAPI32.dll:
0x413000 RegQueryValueA
Library COMCTL32.dll:
0x413008

Hosts

No hosts contacted.

TCP

No TCP connections recorded.

UDP

Source Source Port Destination Destination Port
192.168.56.101 51378 114.114.114.114 53
192.168.56.101 51963 114.114.114.114 53
192.168.56.101 55368 114.114.114.114 53
192.168.56.101 56539 114.114.114.114 53
192.168.56.101 60384 114.114.114.114 53
192.168.56.101 62912 114.114.114.114 53
192.168.56.101 137 192.168.56.255 137
192.168.56.101 138 192.168.56.255 138
192.168.56.101 123 20.189.79.72 time.windows.com 123
192.168.56.101 49713 224.0.0.252 5355
192.168.56.101 53237 224.0.0.252 5355
192.168.56.101 53657 224.0.0.252 5355
192.168.56.101 56804 224.0.0.252 5355
192.168.56.101 58367 224.0.0.252 5355
192.168.56.101 60123 224.0.0.252 5355
192.168.56.101 61680 224.0.0.252 5355
192.168.56.101 62191 224.0.0.252 5355
192.168.56.101 62318 224.0.0.252 5355
192.168.56.101 65004 224.0.0.252 5355
192.168.56.101 1900 239.255.255.250 1900

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.