2.0
低危
该样本未表现出任何异常!
重新分析
更多

b72f44f018695d8dd07afdc203c2fff11c4faaaae5d066dc7bd5fde928a85755

ae70c4f80426bb5e623ecec091161789.exe

分析耗时

83s

最近分析

文件大小

10.4MB
静态报毒 动态报毒
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
未检测 暂无反病毒引擎检测结果
静态指标
This executable has a PDB path (1 个事件)
pdb_path D:\projects\dvdfab\downloader_x86\utility_tool\DVDFabStream\runtime\Stream.pdb
The executable contains unknown PE section names indicative of a packer (could be a false positive) (1 个事件)
section .00cfg
The executable uses a known packer (1 个事件)
packer Microsoft Visual C++ V8.0 (Debug)
行为判定
动态指标
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

2020-08-18 18:34:44

Imports

Library Qt5Core.dll:
0xd44840 ??1QMutex@@QAE@XZ
0xd44870 ??1QState@@UAE@XZ
0xd448dc ??1QRegExp@@QAE@XZ
0xd44978 ?x@QPoint@@QBEHXZ
0xd4497c ?y@QPoint@@QBEHXZ
0xd44980 ??0QRect@@QAE@XZ
0xd4498c ?left@QRect@@QBEHXZ
0xd44990 ?top@QRect@@QBEHXZ
0xd449f8 ?x@QRect@@QBEHXZ
0xd449fc ?y@QRect@@QBEHXZ
0xd44a8c ?x@QPointF@@QBENXZ
0xd44a90 ?y@QPointF@@QBENXZ
0xd44ab8 ??1QEvent@@UAE@XZ
0xd44b44 ??0QLocale@@QAE@XZ
0xd44b48 ??1QLocale@@QAE@XZ
0xd44b6c ?qBadAlloc@@YAXXZ
0xd44b9c ??1QBuffer@@UAE@XZ
0xd44ba4 ?qsrand@@YAXI@Z
0xd44ba8 ?qrand@@YAHXZ
0xd44c04 ??0QTime@@QAE@XZ
0xd44c0c ?msec@QTime@@QBEHXZ
0xd44d10 ??0QUrl@@QAE@XZ
0xd44d68 ??0QDate@@QAE@HHH@Z
0xd44da8 ?cell@QChar@@QBEEXZ
0xd44e28 ??1QProcess@@UAE@XZ
0xd44ef8 ??1QThread@@UAE@XZ
0xd44f44 ??1QUrl@@QAE@XZ
0xd44fe4 ??1QDir@@QAE@XZ
0xd45000 ??1QFile@@UAE@XZ
0xd45058 ??BQByteRef@@QBEDXZ
0xd450d4 ?day@QDate@@QBEHXZ
0xd450dc ?year@QDate@@QBEHXZ
0xd451b8 ??0QFile@@QAE@XZ
0xd451c0 ??1QLibrary@@UAE@XZ
0xd452d4 ??0QChar@@QAE@D@Z
0xd45338 ??0QPoint@@QAE@HH@Z
0xd453a0 ??0QVariant@@QAE@XZ
0xd453a4 ??1QObject@@UAE@XZ
0xd45418 ??0QChar@@QAE@H@Z
0xd454bc ??1QTimer@@UAE@XZ
0xd454cc ??0QSize@@QAE@XZ
0xd45514 ??0QPoint@@QAE@XZ
0xd4559c ??0QSize@@QAE@HH@Z
0xd455b8 ??1QDebug@@QAE@XZ
0xd455e0 ??1QVariant@@QAE@XZ
0xd45694 ??1QString@@QAE@XZ
0xd4569c ??0QString@@QAE@XZ
Library Qt5Gui.dll:
0xd45a30 ??1QImage@@UAE@XZ
0xd45a5c ??0QFont@@QAE@XZ
0xd45a64 ??1QFont@@QAE@XZ
0xd45aa8 ??1QCursor@@QAE@XZ
0xd45ac0 ??1QMovie@@UAE@XZ
0xd45b18 ??1QPalette@@QAE@XZ
0xd45ba0 ??0QPalette@@QAE@XZ
0xd45bc8 ??0QBrush@@QAE@XZ
0xd45be0 ??0QPen@@QAE@XZ
0xd45be4 ?width@QPen@@QBEHXZ
0xd45c5c ??0QMatrix@@QAE@XZ
0xd45cac ??1QBitmap@@UAE@XZ
0xd45cdc ??1QPixmap@@UAE@XZ
0xd45cfc ??1QBrush@@QAE@XZ
0xd45d04 ??1QIcon@@QAE@XZ
0xd45d08 ??0QPainter@@QAE@XZ
0xd45d0c ??1QPainter@@QAE@XZ
0xd45de8 ??0QColor@@QAE@XZ
0xd45df8 ??1QPen@@QAE@XZ
0xd45e34 ??0QPixmap@@QAE@XZ
Library Qt5Network.dll:
0xd45f38 ??1QSslKey@@QAE@XZ
0xd46120 ??0QSslKey@@QAE@XZ
Library Qt5Widgets.dll:
0xd46288 ??1QDialog@@UAE@XZ
0xd463bc ??1QAction@@UAE@XZ
0xd463fc ??1QMenu@@UAE@XZ
0xd468d8 ??1QSlider@@UAE@XZ
0xd46980 ?x@QWidget@@QBEHXZ
0xd46984 ?y@QWidget@@QBEHXZ
0xd46a70 ??1QTabBar@@UAE@XZ
0xd46e50 ??1QLabel@@UAE@XZ
0xd46f4c ??1QWidget@@UAE@XZ
Library POWRPROF.dll:
0xd447b4 SetSuspendState
Library libcurl.dll:
0xd48208 curl_slist_append
0xd4820c curl_slist_free_all
0xd48210 curl_easy_setopt
0xd48214 curl_easy_perform
0xd48218 curl_easy_getinfo
0xd4821c curl_version
0xd48220 curl_formadd
0xd48224 curl_global_init
0xd48228 curl_global_cleanup
0xd4822c curl_easy_strerror
0xd48230 curl_easy_init
0xd48234 curl_easy_cleanup
Library CrashRpt.dll:
0xd44080 BT_SetAppName
0xd44088 BT_InstallSehFilter
0xd44090 BT_SetPreErrHandler
0xd4409c BT_SetActivityType
0xd440a0 BT_SetDumpType
0xd440a4 BT_SetFlags
0xd440a8 BT_SetAppVersion
Library KERNEL32.dll:
0xd44140 GetDiskFreeSpaceA
0xd44144 GetDriveTypeA
0xd44148 GetFileAttributesA
0xd4414c GetFileSize
0xd44150 RemoveDirectoryA
0xd44154 SetFileAttributesA
0xd44158 SetFilePointer
0xd4415c GetTempPathA
0xd44164 GetLastError
0xd44168 DeviceIoControl
0xd4416c GetTickCount
0xd44174 FreeLibrary
0xd44178 GetModuleFileNameA
0xd4417c GetModuleFileNameW
0xd44180 GetModuleHandleA
0xd44184 GetProcAddress
0xd44188 LoadLibraryA
0xd4418c GetShortPathNameA
0xd44190 QueryDosDeviceA
0xd44194 CopyFileA
0xd44198 MoveFileA
0xd4419c MoveFileExA
0xd441a0 GetDiskFreeSpaceExA
0xd441a4 WaitForSingleObject
0xd441a8 GetCurrentProcess
0xd441ac TerminateProcess
0xd441b0 GetExitCodeProcess
0xd441b4 CreateProcessA
0xd441b8 GetSystemDirectoryA
0xd441bc GetVersionExA
0xd441c0 GlobalUnlock
0xd441c4 GlobalLock
0xd441c8 lstrlenA
0xd441cc IsDBCSLeadByte
0xd441d0 GetCurrentThreadId
0xd441ec ReadFile
0xd441f0 DecodePointer
0xd441f4 RaiseException
0xd441f8 CreatePipe
0xd44200 CreateProcessW
0xd44204 GetStartupInfoW
0xd4420c HeapReAlloc
0xd44210 GetLocalTime
0xd4421c FindNextFileA
0xd44224 GetFileAttributesW
0xd44228 SetFileAttributesW
0xd4422c GetCurrentProcessId
0xd44230 ReleaseMutex
0xd44234 CreateMutexW
0xd44238 OpenMutexW
0xd44240 CopyFileW
0xd44244 GetCommandLineW
0xd4424c FindFirstFileA
0xd44250 FindClose
0xd44254 DeleteFileA
0xd44258 CreateFileA
0xd4425c CreateDirectoryA
0xd44260 GetNativeSystemInfo
0xd44264 VirtualAlloc
0xd44268 OutputDebugStringA
0xd4426c AllocConsole
0xd44270 Sleep
0xd44274 WinExec
0xd44278 CreateSemaphoreA
0xd44284 ReleaseSemaphore
0xd44288 GetProcessHeap
0xd4428c HeapFree
0xd44290 HeapAlloc
0xd44294 CreateEventA
0xd44298 SetEvent
0xd4429c CloseHandle
0xd442a4 SetConsoleTitleA
0xd442a8 FreeConsole
0xd442ac WriteFile
0xd442b0 GetStdHandle
0xd442b4 OutputDebugStringW
0xd442b8 GetStringTypeExA
0xd442bc GetUserDefaultLCID
0xd442c0 LCMapStringA
0xd442c4 LCMapStringW
0xd442c8 GetStringTypeExW
0xd442cc WideCharToMultiByte
0xd442d0 MultiByteToWideChar
0xd442d4 AreFileApisANSI
0xd442d8 MoveFileExW
0xd442dc CreateDirectoryExW
0xd442e0 SetFileTime
0xd442e4 SetFilePointerEx
0xd442e8 SetEndOfFile
0xd442ec RemoveDirectoryW
0xd442f0 GetFullPathNameW
0xd442f4 GetFileTime
0xd44300 GetDiskFreeSpaceExW
0xd44304 FindNextFileW
0xd44308 FindFirstFileW
0xd4430c DeleteFileW
0xd44310 CreateFileW
0xd44314 CreateDirectoryW
0xd44324 InitializeSListHead
0xd44328 IsDebuggerPresent
0xd4432c SetLastError
0xd4433c GetModuleHandleW
0xd44340 CreateEventW
0xd44348 LocalFree
0xd4434c FormatMessageA
0xd44358 GetSystemInfo
0xd4435c TlsFree
0xd44360 TlsSetValue
0xd44364 TlsGetValue
0xd44368 TlsAlloc
0xd4436c ResumeThread
0xd44370 SetWaitableTimer
0xd44374 OpenEventA
0xd44378 ResetEvent
Library USER32.dll:
0xd479bc OpenClipboard
0xd479c0 CloseClipboard
0xd479c4 GetClipboardData
0xd479cc ExitWindowsEx
0xd479d0 GetForegroundWindow
0xd479d4 GetDesktopWindow
0xd479dc CharNextA
0xd479e0 IsWindowVisible
0xd479e4 MoveWindow
0xd479e8 CloseDesktop
0xd479ec EnumDesktopWindows
0xd479f0 OpenDesktopA
0xd479f4 GetDC
0xd479f8 SetClassLongA
0xd479fc LoadStringW
0xd47a00 LoadStringA
0xd47a04 GetClassLongA
0xd47a08 SetWindowPos
0xd47a0c UnregisterClassA
0xd47a10 PostMessageA
0xd47a14 GetSystemMetrics
Library GDI32.dll:
0xd440e0 GetDeviceCaps
Library ADVAPI32.dll:
0xd44000 RegQueryInfoKeyA
0xd4400c RegCloseKey
0xd44010 RegOpenKeyA
0xd44014 RegQueryValueExA
0xd44018 RegCreateKeyA
0xd4401c RegCreateKeyExA
0xd44020 RegDeleteKeyA
0xd44024 RegDeleteValueA
0xd44028 RegEnumKeyA
0xd4402c RegEnumKeyExA
0xd44030 RegEnumValueA
0xd44034 RegOpenKeyExA
0xd44038 RegSetValueExA
0xd4403c RegSetValueA
0xd44040 RegQueryValueA
0xd44044 OpenProcessToken
Library SHELL32.dll:
0xd47934 ShellExecuteW
0xd47938 ShellExecuteExA
0xd4793c ShellExecuteA
0xd47944 CommandLineToArgvW
0xd47950
0xd47954
Library ole32.dll:
0xd4826c CoInitializeEx
0xd48270 CoUninitialize
0xd48274 CoCreateInstance
0xd48278 CoSetProxyBlanket
Library OLEAUT32.dll:
0xd44764 VariantChangeType
0xd44768 VariantInit
0xd4476c GetErrorInfo
0xd44770 SetErrorInfo
0xd44774 CreateErrorInfo
0xd44778 VariantClear
0xd4477c SysFreeString
0xd44780 SysAllocString
Library MSVCP140.dll:
0xd44454 _Mbrtowc
0xd44694 _Wcscoll
0xd44698 _Wcsxfrm
Library bcrypt.dll:
0xd47f34 BCryptGenRandom
Library IPHLPAPI.DLL:
0xd44110 GetAdaptersInfo
Library VMProtectSDK32.dll:
0xd47b18 VMProtectBegin
0xd47b1c VMProtectEnd
Library VCRUNTIME140.dll:
0xd47a54 _purecall
0xd47a60 __RTtypeid
0xd47a68 strstr
0xd47a6c _except_handler3
0xd47a70 memcmp
0xd47a74 strchr
0xd47a78 __std_terminate
0xd47a7c memcpy
0xd47a80 memmove
0xd47a8c _CxxThrowException
0xd47a90 __CxxFrameHandler3
0xd47a94 __RTDynamicCast
0xd47a9c memchr
0xd47aa0 memset
Library api-ms-win-crt-runtime-l1-1-0.dll:
0xd47cd0 _crt_atexit
0xd47cd4 _crt_at_quick_exit
0xd47cd8 _cexit
0xd47cdc terminate
0xd47ce8 abort
0xd47cf0 _beginthreadex
0xd47cf8 strerror
0xd47d04 _set_app_type
0xd47d08 _seh_filter_dll
0xd47d0c _controlfp_s
0xd47d1c system
0xd47d20 _initterm
0xd47d24 _initterm_e
0xd47d28 exit
0xd47d2c _exit
0xd47d30 _errno
0xd47d34 _c_exit
0xd47d38 _seh_filter_exe

Hosts

No hosts contacted.

TCP

No TCP connections recorded.

UDP

Source Source Port Destination Destination Port
192.168.56.101 50534 114.114.114.114 53
192.168.56.101 51808 114.114.114.114 53
192.168.56.101 58367 114.114.114.114 53
192.168.56.101 60123 114.114.114.114 53
192.168.56.101 137 192.168.56.255 137
192.168.56.101 138 192.168.56.255 138
192.168.56.101 55368 224.0.0.252 5355
192.168.56.101 56804 224.0.0.252 5355
192.168.56.101 62191 224.0.0.252 5355
192.168.56.101 63429 224.0.0.252 5355
192.168.56.101 65004 224.0.0.252 5355
192.168.56.101 1900 239.255.255.250 1900
192.168.56.101 51809 239.255.255.250 3702
192.168.56.101 51811 239.255.255.250 3702
192.168.56.101 58707 239.255.255.250 3702
192.168.56.101 60124 239.255.255.250 3702
192.168.56.101 62194 239.255.255.250 1900
192.168.56.101 123 51.105.208.173 time.windows.com 123
192.168.56.101 51808 8.8.8.8 53
192.168.56.101 60123 8.8.8.8 53

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.