5.8
高危
59 个模型检测该样本为恶意!
重新分析
更多

07f0a7d91cbe54a12e11990e7f320534302e12102cdc4c62aa7e8225a782ed8b

a392b7d014c86bce337d069e1166157d.exe

分析耗时

169s

最近分析

文件大小

22.1MB
静态报毒 动态报毒 100% AC@8NDUN8 AI SCORE=100 BANCTEIAN CLOUD CONFIDENCE DELF ELDORADO FPBJQH GENERICKD GENERICRXEO HEMECPLBI HIGH HIGH CONFIDENCE MALICIOUS PE QVM41 R174475 RECONYC SCORE SIGGEN6 TARANIS TROSPIGENLTB TUFIK UNSAFE ZPEVDO 更多
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
查杀引擎 查杀结果 查杀时间 查杀版本
McAfee GenericRXEO-AO!A392B7D014C8 20200628 6.0.6.653
Alibaba Trojan:Win32/Bancteian.29746a64 20190527 0.3.0.5
Baidu Win32.Virus.Delf.c 20190318 1.0.0.2
Tencent Trojan.Win32.Delf.qgs 20200628 1.0.0.1
Kingsoft 20200628 2013.8.14.323
Avast Win32:Bancteian-A [Trj] 20200628 18.4.3895.0
CrowdStrike win/malicious_confidence_100% (D) 20190702 1.0
静态指标
Queries for the computername (1 个事件)
Time & API Arguments Status Return Repeated
1620808764.859375
GetComputerNameW
computer_name: OSKAR-PC
success 1 0
The executable contains unknown PE section names indicative of a packer (could be a false positive) (2 个事件)
section .itext
section .didata
The executable uses a known packer (1 个事件)
packer BobSoft Mini Delphi -> BoB / BobSoft
The file contains an unknown PE resource name possibly indicative of a packer (1 个事件)
resource name UNICODEDATA
行为判定
动态指标
Allocates read-write-execute memory (usually to unpack itself) (1 个事件)
Time & API Arguments Status Return Repeated
1620808761.859375
NtAllocateVirtualMemory
process_identifier: 3000
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 4096 (MEM_COMMIT)
base_address: 0x007c0000
success 0 0
网络通信
Communicates with host for which no DNS query was performed (2 个事件)
host 113.108.239.196
host 172.217.24.14
Attempts to modify UAC prompt behavior (2 个事件)
registry HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
registry HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\PromptOnSecureDesktop
Disables Windows Security features (1 个事件)
description attempts to disable user access control registry HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
File has been identified by 59 AntiVirus engines on VirusTotal as malicious (50 out of 59 个事件)
Bkav W32.TrospigenLTB.Trojan
MicroWorld-eScan Trojan.GenericKD.33852961
CAT-QuickHeal Trojan.Bancteian.A11
McAfee GenericRXEO-AO!A392B7D014C8
Cylance Unsafe
Zillya Downloader.Tufik.Win32.676
Sangfor Malware
K7AntiVirus Trojan ( 0053fa4e1 )
Alibaba Trojan:Win32/Bancteian.29746a64
K7GW Trojan ( 0053fa4e1 )
Cybereason malicious.014c86
Arcabit Trojan.Generic.D2048E21
Invincea heuristic
Baidu Win32.Virus.Delf.c
F-Prot W32/Bancteian.A.gen!Eldorado
Symantec SMG.Heur!gen
APEX Malicious
ClamAV Win.Trojan.Bancteian-0-6418983-0
Kaspersky HEUR:Trojan.Win32.Generic
BitDefender Trojan.GenericKD.33852961
NANO-Antivirus Trojan.Win32.Taranis.fpbjqh
AegisLab Trojan.Win32.Generic.4!e
Tencent Trojan.Win32.Delf.qgs
Ad-Aware Trojan.GenericKD.33852961
Emsisoft Trojan.GenericKD.33852961 (B)
Comodo TrojWare.Win32.Bancteian.AC@8ndun8
F-Secure Trojan.TR/Taranis.2659
DrWeb Trojan.Siggen6.58537
TrendMicro TROJ_BANCTEIAN.SM
Trapmine malicious.high.ml.score
FireEye Generic.mg.a392b7d014c86bce
Sophos Mal/Delf-FE
Ikarus Trojan.Win32.Bancteian
Cyren W32/Bancteian.A.gen!Eldorado
Jiangmin Trojan.Reconyc.apf
Webroot W32.Trojan.Delf
Avira TR/Taranis.2659
MAX malware (ai score=100)
Microsoft Trojan:Win32/Bancteian
Endgame malicious (high confidence)
ZoneAlarm HEUR:Trojan.Win32.Generic
GData Trojan.GenericKD.33852961
Cynet Malicious (score: 100)
AhnLab-V3 Trojan/Win32.Bancteian.R174475
Acronis suspicious
ALYac Trojan.GenericKD.33852961
VBA32 Trojan.Zpevdo
Malwarebytes Trojan.Bancteian
ESET-NOD32 a variant of Win32/Bancteian.A
TrendMicro-HouseCall TROJ_BANCTEIAN.SM
Connects to IP addresses that are no longer responding to requests (legitimate services will remain up-and-running usually) (2 个事件)
dead_host 172.217.24.14:443
dead_host 142.250.66.110:443
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

2015-12-17 07:58:52

Imports

Library oleaut32.dll:
0x71ec58 SysFreeString
0x71ec5c SysReAllocStringLen
0x71ec60 SysAllocStringLen
Library advapi32.dll:
0x71ec68 RegQueryValueExW
0x71ec6c RegOpenKeyExW
0x71ec70 RegCloseKey
Library user32.dll:
0x71ec78 CharNextW
0x71ec7c LoadStringW
Library kernel32.dll:
0x71ec84 Sleep
0x71ec88 VirtualFree
0x71ec8c VirtualAlloc
0x71ec90 lstrlenW
0x71ec94 VirtualQuery
0x71ec9c GetTickCount
0x71eca0 GetSystemInfo
0x71eca4 GetVersion
0x71eca8 CompareStringW
0x71ecac IsValidLocale
0x71ecb0 SetThreadLocale
0x71ecbc GetLocaleInfoW
0x71ecc0 WideCharToMultiByte
0x71ecc4 MultiByteToWideChar
0x71ecc8 GetACP
0x71eccc LoadLibraryExW
0x71ecd0 GetStartupInfoW
0x71ecd4 GetProcAddress
0x71ecd8 GetModuleHandleW
0x71ecdc GetModuleFileNameW
0x71ece0 GetCommandLineW
0x71ece4 FreeLibrary
0x71ece8 GetLastError
0x71ecf0 RtlUnwind
0x71ecf4 RaiseException
0x71ecf8 ExitProcess
0x71ecfc ExitThread
0x71ed00 SwitchToThread
0x71ed04 GetCurrentThreadId
0x71ed08 CreateThread
0x71ed1c FindFirstFileW
0x71ed20 FindClose
0x71ed24 WriteFile
0x71ed28 GetStdHandle
0x71ed2c CloseHandle
Library kernel32.dll:
0x71ed34 GetProcAddress
0x71ed38 RaiseException
0x71ed3c LoadLibraryA
0x71ed40 GetLastError
0x71ed44 TlsSetValue
0x71ed48 TlsGetValue
0x71ed4c LocalFree
0x71ed50 LocalAlloc
0x71ed54 GetModuleHandleW
0x71ed58 FreeLibrary
Library user32.dll:
0x71ed60 SetClassLongW
0x71ed64 GetClassLongW
0x71ed68 SetWindowLongW
0x71ed6c GetWindowLongW
0x71ed70 CreateWindowExW
0x71ed74 WindowFromPoint
0x71ed78 WaitMessage
0x71ed7c WaitForInputIdle
0x71ed80 UpdateWindow
0x71ed84 UnregisterClassW
0x71ed88 UnhookWindowsHookEx
0x71ed8c TranslateMessage
0x71ed94 TrackPopupMenu
0x71ed9c ShowWindow
0x71eda0 ShowScrollBar
0x71eda4 ShowOwnedPopups
0x71eda8 ShowCaret
0x71edac SetWindowRgn
0x71edb0 SetWindowsHookExW
0x71edb4 SetWindowTextW
0x71edb8 SetWindowPos
0x71edbc SetWindowPlacement
0x71edc0 SetTimer
0x71edc4 SetScrollRange
0x71edc8 SetScrollPos
0x71edcc SetScrollInfo
0x71edd0 SetRect
0x71edd4 SetPropW
0x71edd8 SetParent
0x71eddc SetMenuItemInfoW
0x71ede0 SetMenu
0x71ede4 SetForegroundWindow
0x71ede8 SetFocus
0x71edec SetCursorPos
0x71edf0 SetCursor
0x71edf4 SetClipboardData
0x71edf8 SetCapture
0x71edfc SetActiveWindow
0x71ee00 SendNotifyMessageW
0x71ee04 SendMessageA
0x71ee08 SendMessageW
0x71ee0c ScrollWindow
0x71ee10 ScreenToClient
0x71ee14 RemovePropW
0x71ee18 RemoveMenu
0x71ee1c ReleaseDC
0x71ee20 ReleaseCapture
0x71ee2c RegisterClassW
0x71ee30 RedrawWindow
0x71ee34 PostThreadMessageW
0x71ee38 PostQuitMessage
0x71ee3c PostMessageW
0x71ee40 PeekMessageA
0x71ee44 PeekMessageW
0x71ee48 OpenClipboard
0x71ee54 MessageBoxW
0x71ee58 MessageBeep
0x71ee5c MapWindowPoints
0x71ee60 MapVirtualKeyW
0x71ee64 LoadStringW
0x71ee68 LoadKeyboardLayoutW
0x71ee6c LoadIconW
0x71ee70 LoadCursorW
0x71ee74 LoadBitmapW
0x71ee78 KillTimer
0x71ee7c IsZoomed
0x71ee80 IsWindowVisible
0x71ee84 IsWindowUnicode
0x71ee88 IsWindowEnabled
0x71ee8c IsWindow
0x71ee90 IsIconic
0x71ee94 IsDialogMessageA
0x71ee98 IsDialogMessageW
0x71eea0 IsChild
0x71eea4 InvalidateRect
0x71eea8 InsertMenuItemW
0x71eeac InsertMenuW
0x71eeb0 HideCaret
0x71eebc GetWindowTextW
0x71eec0 GetWindowRect
0x71eec4 GetWindowPlacement
0x71eec8 GetWindowDC
0x71eecc GetTopWindow
0x71eed0 GetSystemMetrics
0x71eed4 GetSystemMenu
0x71eed8 GetSysColorBrush
0x71eedc GetSysColor
0x71eee0 GetSubMenu
0x71eee4 GetScrollRange
0x71eee8 GetScrollPos
0x71eeec GetScrollInfo
0x71eef0 GetPropW
0x71eef4 GetParent
0x71eef8 GetWindow
0x71eefc GetMessageTime
0x71ef00 GetMessagePos
0x71ef04 GetMessageExtraInfo
0x71ef08 GetMenuStringW
0x71ef0c GetMenuState
0x71ef10 GetMenuItemInfoW
0x71ef14 GetMenuItemID
0x71ef18 GetMenuItemCount
0x71ef1c GetMenu
0x71ef20 GetLastActivePopup
0x71ef24 GetKeyboardState
0x71ef30 GetKeyboardLayout
0x71ef34 GetKeyState
0x71ef38 GetKeyNameTextW
0x71ef3c GetIconInfo
0x71ef40 GetForegroundWindow
0x71ef44 GetFocus
0x71ef48 GetDlgCtrlID
0x71ef4c GetDesktopWindow
0x71ef50 GetDCEx
0x71ef54 GetDC
0x71ef58 GetCursorPos
0x71ef5c GetCursor
0x71ef60 GetClipboardData
0x71ef64 GetClientRect
0x71ef68 GetClassNameW
0x71ef6c GetClassInfoExW
0x71ef70 GetClassInfoW
0x71ef74 GetCapture
0x71ef78 GetAsyncKeyState
0x71ef7c GetActiveWindow
0x71ef80 FrameRect
0x71ef84 FindWindowExW
0x71ef88 FindWindowW
0x71ef8c FillRect
0x71ef90 EnumWindows
0x71ef94 EnumThreadWindows
0x71ef9c EnumChildWindows
0x71efa0 EndPaint
0x71efa4 EndMenu
0x71efa8 EnableWindow
0x71efac EnableScrollBar
0x71efb0 EnableMenuItem
0x71efb4 EmptyClipboard
0x71efb8 DrawTextExW
0x71efbc DrawTextW
0x71efc0 DrawMenuBar
0x71efc4 DrawIconEx
0x71efc8 DrawIcon
0x71efcc DrawFrameControl
0x71efd0 DrawFocusRect
0x71efd4 DrawEdge
0x71efd8 DispatchMessageA
0x71efdc DispatchMessageW
0x71efe0 DestroyWindow
0x71efe4 DestroyMenu
0x71efe8 DestroyIcon
0x71efec DestroyCursor
0x71eff0 DeleteMenu
0x71eff4 DefWindowProcW
0x71eff8 DefMDIChildProcW
0x71effc DefFrameProcW
0x71f000 CreatePopupMenu
0x71f004 CreateMenu
0x71f008 CreateIcon
0x71f014 CopyImage
0x71f018 CopyIcon
0x71f01c CloseClipboard
0x71f020 ClientToScreen
0x71f024 CheckMenuItem
0x71f028 CharUpperBuffW
0x71f02c CharUpperW
0x71f030 CharPrevW
0x71f034 CharNextW
0x71f038 CharLowerBuffW
0x71f03c CharLowerW
0x71f040 CallWindowProcW
0x71f044 CallNextHookEx
0x71f048 BeginPaint
0x71f04c AttachThreadInput
0x71f050 CharLowerBuffA
0x71f054 CharUpperBuffA
0x71f058 AdjustWindowRectEx
Library gdi32.dll:
0x71f064 UnrealizeObject
0x71f068 StretchDIBits
0x71f06c StretchBlt
0x71f070 StartPage
0x71f074 StartDocW
0x71f078 SetWindowOrgEx
0x71f07c SetWinMetaFileBits
0x71f080 SetViewportOrgEx
0x71f084 SetTextColor
0x71f088 SetStretchBltMode
0x71f08c SetRectRgn
0x71f090 SetROP2
0x71f094 SetPixel
0x71f098 SetMapMode
0x71f09c SetEnhMetaFileBits
0x71f0a0 SetDIBits
0x71f0a4 SetDIBColorTable
0x71f0a8 SetBrushOrgEx
0x71f0ac SetBkMode
0x71f0b0 SetBkColor
0x71f0b4 SetAbortProc
0x71f0b8 SelectPalette
0x71f0bc SelectObject
0x71f0c0 SaveDC
0x71f0c4 RoundRect
0x71f0c8 RestoreDC
0x71f0cc Rectangle
0x71f0d0 RectVisible
0x71f0d4 RealizePalette
0x71f0d8 Polyline
0x71f0dc Polygon
0x71f0e0 PolyBezierTo
0x71f0e4 PolyBezier
0x71f0e8 PlayEnhMetaFile
0x71f0ec Pie
0x71f0f0 PatBlt
0x71f0f4 MoveToEx
0x71f0f8 MaskBlt
0x71f0fc LineTo
0x71f100 LPtoDP
0x71f104 IntersectClipRect
0x71f108 GetWindowOrgEx
0x71f10c GetWinMetaFileBits
0x71f110 GetTextMetricsW
0x71f114 GetTextExtentPointW
0x71f120 GetStockObject
0x71f124 GetRgnBox
0x71f128 GetPixel
0x71f12c GetPaletteEntries
0x71f130 GetObjectW
0x71f140 GetEnhMetaFileBits
0x71f144 GetDeviceCaps
0x71f148 GetDIBits
0x71f14c GetDIBColorTable
0x71f154 GetClipBox
0x71f158 GetBrushOrgEx
0x71f15c GetBitmapBits
0x71f160 GdiFlush
0x71f164 FrameRgn
0x71f168 ExtTextOutW
0x71f16c ExtFloodFill
0x71f170 ExcludeClipRect
0x71f174 EnumFontsW
0x71f178 EnumFontFamiliesExW
0x71f17c EndPage
0x71f180 EndDoc
0x71f184 Ellipse
0x71f188 DeleteObject
0x71f18c DeleteEnhMetaFile
0x71f190 DeleteDC
0x71f194 CreateSolidBrush
0x71f198 CreateRectRgn
0x71f19c CreatePenIndirect
0x71f1a0 CreatePalette
0x71f1a4 CreateICW
0x71f1ac CreateFontIndirectW
0x71f1b0 CreateEnhMetaFileW
0x71f1b4 CreateDIBitmap
0x71f1b8 CreateDIBSection
0x71f1bc CreateDCW
0x71f1c0 CreateCompatibleDC
0x71f1c8 CreateBrushIndirect
0x71f1cc CreateBitmap
0x71f1d0 CopyEnhMetaFileW
0x71f1d4 CloseEnhMetaFile
0x71f1d8 Chord
0x71f1dc BitBlt
0x71f1e0 ArcTo
0x71f1e4 Arc
0x71f1e8 AngleArc
0x71f1ec AbortDoc
Library version.dll:
0x71f1f4 VerQueryValueW
0x71f1fc GetFileVersionInfoW
Library kernel32.dll:
0x71f204 WriteFile
0x71f208 WinExec
0x71f20c WideCharToMultiByte
0x71f214 WaitForSingleObject
0x71f220 VirtualQueryEx
0x71f224 VirtualQuery
0x71f228 VirtualProtect
0x71f22c VirtualFree
0x71f230 VirtualAlloc
0x71f234 VerSetConditionMask
0x71f238 VerifyVersionInfoW
0x71f23c UpdateResourceW
0x71f240 UnmapViewOfFile
0x71f248 TerminateProcess
0x71f250 SwitchToThread
0x71f254 SuspendThread
0x71f258 Sleep
0x71f25c SizeofResource
0x71f260 SignalObjectAndWait
0x71f264 SetThreadPriority
0x71f268 SetThreadLocale
0x71f26c SetLastError
0x71f270 SetFileTime
0x71f274 SetFilePointer
0x71f278 SetFileAttributesW
0x71f27c SetEvent
0x71f280 SetErrorMode
0x71f284 SetEndOfFile
0x71f288 ResumeThread
0x71f28c ResetEvent
0x71f290 RemoveDirectoryW
0x71f294 ReadFile
0x71f298 RaiseException
0x71f2a4 QueryDosDeviceW
0x71f2a8 PulseEvent
0x71f2ac IsDebuggerPresent
0x71f2b0 OpenProcess
0x71f2b4 OpenFileMappingW
0x71f2b8 OpenEventW
0x71f2bc MultiByteToWideChar
0x71f2c0 MulDiv
0x71f2c4 MoveFileW
0x71f2c8 MapViewOfFileEx
0x71f2cc MapViewOfFile
0x71f2d0 LockResource
0x71f2d4 LocalFree
0x71f2dc LoadResource
0x71f2e0 LoadLibraryW
0x71f2e8 IsValidLocale
0x71f2f0 HeapSize
0x71f2f4 HeapFree
0x71f2f8 HeapDestroy
0x71f2fc HeapCreate
0x71f300 HeapAlloc
0x71f304 GlobalUnlock
0x71f308 GlobalSize
0x71f30c GlobalLock
0x71f310 GlobalFree
0x71f314 GlobalFindAtomW
0x71f318 GlobalDeleteAtom
0x71f31c GlobalAlloc
0x71f320 GlobalAddAtomW
0x71f328 GetVersionExW
0x71f32c GetVersion
0x71f330 GetUserDefaultLCID
0x71f338 GetTickCount
0x71f33c GetThreadPriority
0x71f340 GetThreadLocale
0x71f344 GetSystemInfo
0x71f348 GetStringTypeExA
0x71f34c GetStringTypeExW
0x71f350 GetStdHandle
0x71f354 GetProcAddress
0x71f358 GetModuleHandleW
0x71f35c GetModuleFileNameW
0x71f364 GetLocaleInfoW
0x71f368 GetLocalTime
0x71f36c GetLastError
0x71f370 GetFullPathNameW
0x71f374 GetFileSize
0x71f378 GetFileAttributesW
0x71f37c GetExitCodeThread
0x71f380 GetExitCodeProcess
0x71f388 GetDriveTypeW
0x71f38c GetDiskFreeSpaceW
0x71f390 GetDateFormatW
0x71f394 GetCurrentThreadId
0x71f398 GetCurrentThread
0x71f39c GetCurrentProcessId
0x71f3a0 GetCurrentProcess
0x71f3a4 GetComputerNameW
0x71f3a8 GetCPInfoExW
0x71f3ac GetCPInfo
0x71f3b0 GetACP
0x71f3b4 FreeResource
0x71f3bc InterlockedExchange
0x71f3c8 FreeLibrary
0x71f3cc FormatMessageW
0x71f3d0 FlushViewOfFile
0x71f3d4 FindResourceW
0x71f3d8 FindNextFileW
0x71f3dc FindFirstFileW
0x71f3e0 FindClose
0x71f3f0 EnumSystemLocalesW
0x71f3f4 EnumResourceNamesW
0x71f3f8 EnumCalendarInfoW
0x71f400 EndUpdateResourceW
0x71f404 DuplicateHandle
0x71f408 DeleteFileW
0x71f410 CreateThread
0x71f414 CreateProcessW
0x71f418 CreatePipe
0x71f41c CreateFileMappingW
0x71f420 CreateFileW
0x71f424 CreateEventW
0x71f428 CreateDirectoryW
0x71f42c CopyFileW
0x71f430 CompareStringA
0x71f434 CompareStringW
0x71f438 CloseHandle
Library advapi32.dll:
0x71f454 RegUnLoadKeyW
0x71f458 RegSetValueExW
0x71f45c RegSaveKeyW
0x71f460 RegRestoreKeyW
0x71f464 RegReplaceKeyW
0x71f468 RegQueryValueExA
0x71f46c RegQueryValueExW
0x71f470 RegQueryInfoKeyW
0x71f474 RegOpenKeyExA
0x71f478 RegOpenKeyExW
0x71f47c RegLoadKeyW
0x71f480 RegFlushKey
0x71f484 RegEnumValueW
0x71f488 RegEnumKeyExW
0x71f48c RegDeleteValueW
0x71f490 RegDeleteKeyW
0x71f494 RegCreateKeyExW
0x71f498 RegConnectRegistryW
0x71f49c RegCloseKey
0x71f4a0 OpenThreadToken
0x71f4a4 OpenProcessToken
0x71f4a8 LookupAccountSidW
0x71f4ac IsValidSid
0x71f4b4 InitializeAcl
0x71f4b8 GetUserNameW
0x71f4bc GetTokenInformation
0x71f4c4 GetSidSubAuthority
0x71f4cc GetLengthSid
0x71f4d0 FreeSid
0x71f4d8 AddAccessAllowedAce
Library kernel32.dll:
0x71f4e0 Sleep
Library oleaut32.dll:
0x71f4e8 SafeArrayPtrOfIndex
0x71f4ec SafeArrayGetUBound
0x71f4f0 SafeArrayGetLBound
0x71f4f4 SafeArrayCreate
0x71f4f8 VariantChangeType
0x71f4fc VariantCopy
0x71f500 VariantClear
0x71f504 VariantInit
Library oleaut32.dll:
0x71f50c GetErrorInfo
0x71f510 GetActiveObject
0x71f514 SysFreeString
Library ole32.dll:
0x71f520 OleRegEnumVerbs
0x71f524 IsAccelerator
0x71f528 OleDraw
0x71f530 OleUninitialize
0x71f534 OleInitialize
0x71f538 CoTaskMemFree
0x71f53c CoTaskMemAlloc
0x71f540 ProgIDFromCLSID
0x71f544 StringFromCLSID
0x71f548 CoCreateInstance
0x71f54c CoGetClassObject
0x71f550 CoUninitialize
0x71f554 CoInitialize
0x71f558 IsEqualGUID
Library comctl32.dll:
0x71f560 InitializeFlatSB
0x71f568 FlatSB_SetScrollPos
0x71f570 FlatSB_GetScrollPos
0x71f578 _TrackMouseEvent
0x71f588 ImageList_Write
0x71f58c ImageList_Read
0x71f598 ImageList_DragMove
0x71f59c ImageList_DragLeave
0x71f5a0 ImageList_DragEnter
0x71f5a4 ImageList_EndDrag
0x71f5a8 ImageList_BeginDrag
0x71f5ac ImageList_Copy
0x71f5b4 ImageList_GetIcon
0x71f5b8 ImageList_Remove
0x71f5bc ImageList_DrawEx
0x71f5c0 ImageList_Replace
0x71f5c4 ImageList_Draw
0x71f5d8 ImageList_Add
0x71f5e4 ImageList_Destroy
0x71f5e8 ImageList_Create
Library user32.dll:
0x71f5f0 EnumDisplayMonitors
0x71f5f4 GetMonitorInfoW
0x71f5f8 MonitorFromPoint
0x71f5fc MonitorFromRect
0x71f600 MonitorFromWindow
Library msvcrt.dll:
0x71f608 memset
0x71f60c memcpy
Library shell32.dll:
0x71f614 SHGetFileInfoW
0x71f618 ShellExecuteW
0x71f61c Shell_NotifyIconW
Library wininet.dll:
0x71f630 FindCloseUrlCache
Library shell32.dll:
0x71f644 SHChangeNotify

Exports

Ordinal Address Name
1 0x4649fc TMethodImplementationIntercept

Hosts

No hosts contacted.

TCP

No TCP connections recorded.

UDP

Source Source Port Destination Destination Port
192.168.56.101 51963 114.114.114.114 53
192.168.56.101 53237 114.114.114.114 53
192.168.56.101 55368 114.114.114.114 53
192.168.56.101 56539 114.114.114.114 53
192.168.56.101 60384 114.114.114.114 53
192.168.56.101 137 192.168.56.255 137
192.168.56.101 138 192.168.56.255 138
192.168.56.101 123 20.189.79.72 time.windows.com 123
192.168.56.101 49713 224.0.0.252 5355
192.168.56.101 53657 224.0.0.252 5355
192.168.56.101 56804 224.0.0.252 5355
192.168.56.101 57874 224.0.0.252 5355
192.168.56.101 58367 224.0.0.252 5355
192.168.56.101 60123 224.0.0.252 5355
192.168.56.101 62191 224.0.0.252 5355
192.168.56.101 62318 224.0.0.252 5355
192.168.56.101 65004 224.0.0.252 5355
192.168.56.101 1900 239.255.255.250 1900
192.168.56.101 53658 239.255.255.250 3702
192.168.56.101 55369 239.255.255.250 3702

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.