2.8
中危

2799b421f8fc354ff337530a7e1a158bfef90a82becc9a5d055095e56df72255

9f6901744d044ce7bc5df7eace6b18d4.exe

分析耗时

32s

最近分析

文件大小

31.5KB
静态报毒 动态报毒 AAMP GERAL
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
查杀引擎 查杀结果 查杀时间 查杀版本
McAfee 20170908 6.0.6.653
Baidu 20170907 1.0.0.2
Avast 20170907 17.6.3625.0
Tencent 20170908 1.0.0.1
Kingsoft 20170908 2013.8.14.323
CrowdStrike 20170804 1.0
静态指标
Command line console output was observed (1 个事件)
Time & API Arguments Status Return Repeated
1620839172.149626
WriteConsoleW
buffer: 系统找不到指定的路径。
console_handle: 0x0000000b
success 1 0
The executable uses a known packer (1 个事件)
packer MinGW GCC 3.x
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

2013-08-09 08:12:38

Imports

Library KERNEL32.dll:
0x40f1b0 AddAtomA
0x40f1b4 Beep
0x40f1b8 ClearCommError
0x40f1bc CloseHandle
0x40f1c0 CreateFileA
0x40f1c4 ExitProcess
0x40f1d0 FindAtomA
0x40f1d4 GetAtomNameA
0x40f1d8 GetCommModemStatus
0x40f1dc GetCommProperties
0x40f1e0 GetCommState
0x40f1e4 GetCommTimeouts
0x40f1e8 GetConsoleMode
0x40f1f4 GetStdHandle
0x40f1f8 GetTickCount
0x40f1fc LockFile
0x40f208 ReadFile
0x40f210 SetCommState
0x40f214 SetCommTimeouts
0x40f21c SetConsoleMode
0x40f228 SetupComm
0x40f22c UnlockFile
0x40f230 WriteConsoleOutputA
0x40f234 WriteFile
Library msvcrt.dll:
0x40f240 _strdup
Library MSVCRT.DLL:
0x40f24c __getmainargs
0x40f250 __p__environ
0x40f254 __p__fmode
0x40f258 __set_app_type
0x40f25c _assert
0x40f260 _cexit
0x40f264 _controlfp
0x40f268 _fileno
0x40f26c _gcvt
0x40f270 _get_osfhandle
0x40f274 _iob
0x40f278 _onexit
0x40f27c _setmode
0x40f280 _snprintf
0x40f284 _stricmp
0x40f288 _strnicmp
0x40f28c abort
0x40f290 atexit
0x40f294 atoi
0x40f298 calloc
0x40f29c exit
0x40f2a0 fclose
0x40f2a4 fflush
0x40f2a8 fgets
0x40f2ac fopen
0x40f2b0 fread
0x40f2b4 free
0x40f2b8 fseek
0x40f2bc ftell
0x40f2c0 fwrite
0x40f2c4 malloc
0x40f2c8 mbstowcs
0x40f2cc memcpy
0x40f2d0 memmove
0x40f2d4 memset
0x40f2d8 realloc
0x40f2dc setvbuf
0x40f2e0 signal
0x40f2e4 sprintf
0x40f2e8 strchr
0x40f2ec strcmp
0x40f2f0 strlen
0x40f2f4 strtod
0x40f2f8 strtoul
0x40f2fc system
0x40f300 wcslen

Hosts

No hosts contacted.

TCP

No TCP connections recorded.

UDP

Source Source Port Destination Destination Port
192.168.56.101 51963 114.114.114.114 53
192.168.56.101 60123 114.114.114.114 53
192.168.56.101 60215 114.114.114.114 53
192.168.56.101 62191 114.114.114.114 53
192.168.56.101 65004 114.114.114.114 53
192.168.56.101 137 192.168.56.255 137
192.168.56.101 138 192.168.56.255 138
192.168.56.101 123 20.189.79.72 time.windows.com 123
192.168.56.101 49235 224.0.0.252 5355
192.168.56.101 53657 224.0.0.252 5355
192.168.56.101 56804 224.0.0.252 5355
192.168.56.101 57874 224.0.0.252 5355
192.168.56.101 58367 224.0.0.252 5355
192.168.56.101 63429 224.0.0.252 5355
192.168.56.101 1900 239.255.255.250 1900
192.168.56.101 53658 239.255.255.250 3702
192.168.56.101 56807 239.255.255.250 1900
192.168.56.101 58707 239.255.255.250 3702
192.168.56.101 60216 239.255.255.250 3702

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.