10.8
0-day
该样本未表现出任何异常!
重新分析
更多

b744f9fb986aea74cf4c192b8ab888fd5f90120097439135e7220bdc99ae2677

bbd87164e1f90c12f27a15d98c5bfb01.exe

分析耗时

69s

最近分析

文件大小

4.9MB
静态报毒 动态报毒
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
未检测 暂无反病毒引擎检测结果
静态指标
Queries for the computername (4 个事件)
Time & API Arguments Status Return Repeated
1620985097.558895
GetComputerNameW
computer_name: OSKAR-PC
success 1 0
1620985101.151895
GetComputerNameW
computer_name: OSKAR-PC
success 1 0
1620985106.933895
GetComputerNameW
computer_name: OSKAR-PC
success 1 0
1620985112.698895
GetComputerNameW
computer_name: OSKAR-PC
success 1 0
Checks if process is being debugged by a debugger (12 个事件)
Time & API Arguments Status Return Repeated
1620985105.073895
IsDebuggerPresent
failed 0 0
1620985105.526895
IsDebuggerPresent
failed 0 0
1620985105.620895
IsDebuggerPresent
failed 0 0
1620985105.917895
IsDebuggerPresent
failed 0 0
1620985106.120895
IsDebuggerPresent
failed 0 0
1620985106.214895
IsDebuggerPresent
failed 0 0
1620985106.354895
IsDebuggerPresent
failed 0 0
1620985106.433895
IsDebuggerPresent
failed 0 0
1620985106.573895
IsDebuggerPresent
failed 0 0
1620985106.636895
IsDebuggerPresent
failed 0 0
1620985106.729895
IsDebuggerPresent
failed 0 0
1620985106.792895
IsDebuggerPresent
failed 0 0
Collects information to fingerprint the system (MachineGuid, DigitalProductId, SystemBiosDate) (1 个事件)
registry HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosDate
This executable is signed
Tries to locate where the browsers are installed (2 个事件)
registry HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome
registry HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox
Checks amount of memory in system, this can be used to detect virtual machines that have a low amount of memory available (1 个事件)
Time & API Arguments Status Return Repeated
1620985101.526895
GlobalMemoryStatusEx
success 1 0
The file contains an unknown PE resource name possibly indicative of a packer (1 个事件)
resource name AFX_DIALOG_LAYOUT
行为判定
动态指标
HTTP traffic contains suspicious features which may be indicative of malware related traffic (4 个事件)
suspicious_features POST method with no referer header suspicious_request POST http://www.systemrequirementslab.com/services/session/4F5046CD-C91A-4289-AE6D-DDA1EFE0A5AC/?apikey=9972FAF8-F36D-4FAA-9EF1-4301C3D354C0
suspicious_features POST method with no referer header suspicious_request POST http://www.systemrequirementslab.com/cyri/api/LogUserEvent
suspicious_features POST method with no referer header suspicious_request POST http://www.systemrequirementslab.com/services/systeminfo//1046/?apikey=0
suspicious_features POST method with no referer header suspicious_request POST http://www.systemrequirementslab.com/services/session//?apikey=9972FAF8-F36D-4FAA-9EF1-4301C3D354C0
Performs some HTTP requests (6 个事件)
request GET http://www.systemrequirementslab.com/services/session/4F5046CD-C91A-4289-AE6D-DDA1EFE0A5AC/?apikey=9972FAF8-F36D-4FAA-9EF1-4301C3D354C0
request POST http://www.systemrequirementslab.com/services/session/4F5046CD-C91A-4289-AE6D-DDA1EFE0A5AC/?apikey=9972FAF8-F36D-4FAA-9EF1-4301C3D354C0
request POST http://www.systemrequirementslab.com/cyri/api/LogUserEvent
request GET http://www.systemrequirementslab.com/services/configuration/1046/0/?apikey=0
request POST http://www.systemrequirementslab.com/services/systeminfo//1046/?apikey=0
request POST http://www.systemrequirementslab.com/services/session//?apikey=9972FAF8-F36D-4FAA-9EF1-4301C3D354C0
Sends data using the HTTP POST Method (4 个事件)
request POST http://www.systemrequirementslab.com/services/session/4F5046CD-C91A-4289-AE6D-DDA1EFE0A5AC/?apikey=9972FAF8-F36D-4FAA-9EF1-4301C3D354C0
request POST http://www.systemrequirementslab.com/cyri/api/LogUserEvent
request POST http://www.systemrequirementslab.com/services/systeminfo//1046/?apikey=0
request POST http://www.systemrequirementslab.com/services/session//?apikey=9972FAF8-F36D-4FAA-9EF1-4301C3D354C0
Queries the disk size which could be used to detect virtual machine with small fixed size or dynamic allocation (1 个事件)
Time & API Arguments Status Return Repeated
1620985110.386895
GetDiskFreeSpaceExW
root_path: C:\
free_bytes_available: 0
total_number_of_free_bytes: 19609645056
total_number_of_bytes: 34252779520
success 1 0
Steals private information from local Internet browsers (1 个事件)
registry HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox
Checks adapter addresses which can be used to detect virtual network interfaces (1 个事件)
Time & API Arguments Status Return Repeated
1620985092.120895
GetAdaptersAddresses
flags: 0
family: 0
failed 111 0
Queries for potentially installed applications (50 out of 134 个事件)
Time & API Arguments Status Return Repeated
1620985112.120895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000000
regkey: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
regkey_r: Software\Microsoft\Windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
options: 0
failed 2 0
1620985112.120895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000000
regkey: HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
regkey_r: Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
options: 0
failed 2 0
1620985112.292895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000624
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
options: 0
success 0 0
1620985112.292895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AddressBook
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AddressBook
options: 0
success 0 0
1620985112.292895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AddressBook
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AddressBook
options: 0
success 0 0
1620985112.308895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AddressBook
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AddressBook
options: 0
success 0 0
1620985112.308895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AddressBook
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AddressBook
options: 0
success 0 0
1620985112.308895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Connection Manager
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Connection Manager
options: 0
success 0 0
1620985112.308895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Connection Manager
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Connection Manager
options: 0
success 0 0
1620985112.308895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Connection Manager
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Connection Manager
options: 0
success 0 0
1620985112.323895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Connection Manager
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Connection Manager
options: 0
success 0 0
1620985112.323895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DirectDrawEx
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DirectDrawEx
options: 0
success 0 0
1620985112.323895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DirectDrawEx
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DirectDrawEx
options: 0
success 0 0
1620985112.323895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DirectDrawEx
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DirectDrawEx
options: 0
success 0 0
1620985112.323895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DirectDrawEx
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DirectDrawEx
options: 0
success 0 0
1620985112.323895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DXM_Runtime
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DXM_Runtime
options: 0
success 0 0
1620985112.323895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DXM_Runtime
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DXM_Runtime
options: 0
success 0 0
1620985112.339895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DXM_Runtime
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DXM_Runtime
options: 0
success 0 0
1620985112.339895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DXM_Runtime
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DXM_Runtime
options: 0
success 0 0
1620985112.339895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Fontcore
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Fontcore
options: 0
success 0 0
1620985112.339895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Fontcore
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Fontcore
options: 0
success 0 0
1620985112.354895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Fontcore
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Fontcore
options: 0
success 0 0
1620985112.354895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Fontcore
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Fontcore
options: 0
success 0 0
1620985112.354895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE40
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE40
options: 0
success 0 0
1620985112.354895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE40
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE40
options: 0
success 0 0
1620985112.354895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE40
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE40
options: 0
success 0 0
1620985112.354895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE40
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE40
options: 0
success 0 0
1620985112.370895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE4Data
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE4Data
options: 0
success 0 0
1620985112.370895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE4Data
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE4Data
options: 0
success 0 0
1620985112.370895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE4Data
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE4Data
options: 0
success 0 0
1620985112.370895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE4Data
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE4Data
options: 0
success 0 0
1620985112.370895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE5BAKEX
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE5BAKEX
options: 0
success 0 0
1620985112.370895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE5BAKEX
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE5BAKEX
options: 0
success 0 0
1620985112.386895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE5BAKEX
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE5BAKEX
options: 0
success 0 0
1620985112.386895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE5BAKEX
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE5BAKEX
options: 0
success 0 0
1620985112.386895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IEData
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IEData
options: 0
success 0 0
1620985112.386895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IEData
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IEData
options: 0
success 0 0
1620985112.386895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IEData
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IEData
options: 0
success 0 0
1620985112.386895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IEData
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IEData
options: 0
success 0 0
1620985112.386895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft .NET Framework 4 Client Profile
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft .NET Framework 4 Client Profile
options: 0
success 0 0
1620985112.401895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft .NET Framework 4 Client Profile
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft .NET Framework 4 Client Profile
options: 0
success 0 0
1620985112.401895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft .NET Framework 4 Client Profile
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft .NET Framework 4 Client Profile
options: 0
success 0 0
1620985112.401895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft .NET Framework 4 Client Profile
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft .NET Framework 4 Client Profile
options: 0
success 0 0
1620985112.401895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft .NET Framework 4 Extended
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft .NET Framework 4 Extended
options: 0
success 0 0
1620985112.401895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft .NET Framework 4 Extended
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft .NET Framework 4 Extended
options: 0
success 0 0
1620985112.417895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft .NET Framework 4 Extended
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft .NET Framework 4 Extended
options: 0
success 0 0
1620985112.417895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft .NET Framework 4 Extended
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft .NET Framework 4 Extended
options: 0
success 0 0
1620985112.417895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MobileOptionPack
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MobileOptionPack
options: 0
success 0 0
1620985112.417895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MobileOptionPack
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MobileOptionPack
options: 0
success 0 0
1620985112.417895
RegOpenKeyExW
access: 0x00020019
base_handle: 0xffffffff80000002
key_handle: 0x0000000000000628
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MobileOptionPack
regkey_r: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MobileOptionPack
options: 0
success 0 0
Executes one or more WMI queries which can be used to identify virtual machines (2 个事件)
wmi SELECT * FROM Win32_Processor
wmi SELECT * FROM Win32_BIOS
网络通信
Communicates with host for which no DNS query was performed (2 个事件)
host 172.217.24.14
host 54.88.159.238
Checks the CPU name from registry, possibly for anti-virtualization (1 个事件)
registry HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString
Operates on local firewall's policies and settings (1 个事件)
registry HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
Queries information on disks, possibly for anti-virtualization (2 个事件)
Time & API Arguments Status Return Repeated
1620985110.386895
NtCreateFile
create_disposition: 1 (FILE_OPEN)
file_handle: 0x000000000000061c
filepath: \??\PHYSICALDRIVE0
desired_access: 0x00100080 (FILE_READ_ATTRIBUTES|SYNCHRONIZE)
file_attributes: 0 ()
filepath_r: \??\PHYSICALDRIVE0
create_options: 96 (FILE_NON_DIRECTORY_FILE|FILE_SYNCHRONOUS_IO_NONALERT)
status_info: 0 (FILE_SUPERSEDED)
share_access: 3 (FILE_SHARE_READ|FILE_SHARE_WRITE)
success 0 0
1620985110.386895
DeviceIoControl
input_buffer: Àó=
device_handle: 0x000000000000061c
control_code: 2954240 ()
output_buffer:
success 1 0
Executes one or more WMI queries (9 个事件)
wmi SELECT * FROM Win32_VideoController
wmi SELECT * FROM AntiVirusProduct
wmi SELECT * FROM Win32_SoundDevice
wmi SELECT * FROM Win32_CDROMDrive
wmi SELECT * FROM Win32_NetworkAdapter
wmi SELECT * FROM Win32_DiskDrive
wmi SELECT * FROM Win32_Processor
wmi SELECT * FROM Win32_BaseBoard
wmi SELECT * FROM Win32_BIOS
Collects information about installed applications (8 个事件)
Time & API Arguments Status Return Repeated
1620985112.401895
RegQueryValueExW
key_handle: 0x0000000000000628
value: Microsoft .NET Framework 4 Client Profile
regkey_r: DisplayName
reg_type: 1 (REG_SZ)
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft .NET Framework 4 Client Profile\DisplayName
success 0 0
1620985112.401895
RegQueryValueExW
key_handle: 0x0000000000000628
value: Microsoft .NET Framework 4 Extended
regkey_r: DisplayName
reg_type: 1 (REG_SZ)
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft .NET Framework 4 Extended\DisplayName
success 0 0
1620985112.433895
RegQueryValueExW
key_handle: 0x0000000000000628
value: Oracle VM VirtualBox Guest Additions 6.1.18
regkey_r: DisplayName
reg_type: 1 (REG_SZ)
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Oracle VM VirtualBox Guest Additions\DisplayName
success 0 0
1620985112.479895
RegQueryValueExW
key_handle: 0x0000000000000628
value: Microsoft .NET Framework 4 Extended
regkey_r: DisplayName
reg_type: 1 (REG_SZ)
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}\DisplayName
success 0 0
1620985112.479895
RegQueryValueExW
key_handle: 0x0000000000000628
value: Python 2.7.18 (64-bit)
regkey_r: DisplayName
reg_type: 1 (REG_SZ)
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A5F504DF-2ED9-4A2D-A2F3-9D2750DD42D6}\DisplayName
success 0 0
1620985112.495895
RegQueryValueExW
key_handle: 0x0000000000000628
value: Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
regkey_r: DisplayName
reg_type: 1 (REG_SZ)
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}\DisplayName
success 0 0
1620985112.511895
RegQueryValueExW
key_handle: 0x0000000000000628
value: Microsoft .NET Framework 4 Client Profile
regkey_r: DisplayName
reg_type: 1 (REG_SZ)
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}\DisplayName
success 0 0
1620985112.558895
RegQueryValueExW
key_handle: 0x0000000000000628
value: Google Chrome
regkey_r: DisplayName
reg_type: 1 (REG_SZ)
regkey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome\DisplayName
success 0 0
Sets or modifies WPAD proxy autoconfiguration file for traffic interception (15 个事件)
Time & API Arguments Status Return Repeated
1620985094.683895
RegSetValueExA
key_handle: 0x0000000000000368
value: 1
regkey_r: WpadDecisionReason
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecisionReason
success 0 0
1620985094.683895
RegSetValueExA
key_handle: 0x0000000000000368
value: p¥‚Õ÷H×
regkey_r: WpadDecisionTime
reg_type: 3 (REG_BINARY)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecisionTime
success 0 0
1620985094.683895
RegSetValueExA
key_handle: 0x0000000000000368
value: 3
regkey_r: WpadDecision
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecision
success 0 0
1620985094.683895
RegSetValueExW
key_handle: 0x0000000000000368
value: 网络 2
regkey_r: WpadNetworkName
reg_type: 1 (REG_SZ)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadNetworkName
success 0 0
1620985094.683895
RegSetValueExA
key_handle: 0x0000000000000380
value: 1
regkey_r: WpadDecisionReason
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecisionReason
success 0 0
1620985094.683895
RegSetValueExA
key_handle: 0x0000000000000380
value: p¥‚Õ÷H×
regkey_r: WpadDecisionTime
reg_type: 3 (REG_BINARY)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecisionTime
success 0 0
1620985094.683895
RegSetValueExA
key_handle: 0x0000000000000380
value: 3
regkey_r: WpadDecision
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecision
success 0 0
1620985094.761895
RegSetValueExW
key_handle: 0x0000000000000364
value: {40112ABE-63B3-43C3-BE93-1440EE3AF106}
regkey_r: WpadLastNetwork
reg_type: 1 (REG_SZ)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\WpadLastNetwork
success 0 0
1620985095.495895
RegSetValueExA
key_handle: 0x00000000000003cc
value: 1
regkey_r: WpadDecisionReason
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecisionReason
success 0 0
1620985095.495895
RegSetValueExA
key_handle: 0x00000000000003cc
value: 0ýÖ÷H×
regkey_r: WpadDecisionTime
reg_type: 3 (REG_BINARY)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecisionTime
success 0 0
1620985095.495895
RegSetValueExA
key_handle: 0x00000000000003cc
value: 0
regkey_r: WpadDecision
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecision
success 0 0
1620985095.495895
RegSetValueExW
key_handle: 0x00000000000003cc
value: 网络 2
regkey_r: WpadNetworkName
reg_type: 1 (REG_SZ)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadNetworkName
success 0 0
1620985095.511895
RegSetValueExA
key_handle: 0x00000000000003d0
value: 1
regkey_r: WpadDecisionReason
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecisionReason
success 0 0
1620985095.511895
RegSetValueExA
key_handle: 0x00000000000003d0
value: 0ýÖ÷H×
regkey_r: WpadDecisionTime
reg_type: 3 (REG_BINARY)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecisionTime
success 0 0
1620985095.511895
RegSetValueExA
key_handle: 0x00000000000003d0
value: 0
regkey_r: WpadDecision
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecision
success 0 0
Detects VirtualBox through the presence of a registry key (5 个事件)
registry HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Oracle VM VirtualBox Guest Additions\DisplayVersion
registry HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Oracle VM VirtualBox Guest Additions\Publisher
registry HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Oracle VM VirtualBox Guest Additions
registry HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Oracle VM VirtualBox Guest Additions\DisplayName
registry HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Oracle VM VirtualBox Guest Additions\Version
Detects Virtual Machines through their custom firmware (1 个事件)
Time & API Arguments Status Return Repeated
1620985101.526895
NtQuerySystemInformation
information_class: 76 (SystemFirmwareTableInformation)
failed -1073741789 0
Generates some ICMP traffic
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

2018-03-21 06:34:54

Imports

Library KERNEL32.dll:
0x1402733d0 GetEnvironmentStringsW
0x1402733d8 GetOEMCP
0x1402733e0 IsValidCodePage
0x1402733e8 FindFirstFileExW
0x1402733f0 SetFilePointerEx
0x1402733f8 ReadConsoleW
0x140273400 EnumSystemLocalesW
0x140273408 IsValidLocale
0x140273410 GetConsoleMode
0x140273418 GetConsoleCP
0x140273420 GetACP
0x140273428 ExitProcess
0x140273430 GetStdHandle
0x140273438 SetEnvironmentVariableA
0x140273440 GetSystemTimeAsFileTime
0x140273448 SetStdHandle
0x140273450 VirtualQuery
0x140273458 HeapQueryInformation
0x140273460 FreeLibraryAndExitThread
0x140273468 ExitThread
0x140273470 CreateThread
0x140273478 GetCommandLineW
0x140273480 GetCommandLineA
0x140273488 GetLocalTime
0x140273490 GetTimeZoneInformation
0x140273498 RtlPcToFileHeader
0x1402734a0 RtlUnwindEx
0x1402734a8 LCMapStringW
0x1402734b0 GetCPInfo
0x1402734b8 GetStringTypeW
0x1402734c0 OutputDebugStringW
0x1402734c8 WriteConsoleW
0x1402734d0 FreeEnvironmentStringsW
0x1402734d8 GetStartupInfoW
0x1402734e0 IsDebuggerPresent
0x1402734e8 WaitForSingleObjectEx
0x1402734f0 ResetEvent
0x140273500 TerminateProcess
0x140273510 UnhandledExceptionFilter
0x140273518 RtlVirtualUnwind
0x140273520 RtlLookupFunctionEntry
0x140273528 RtlCaptureContext
0x140273530 SearchPathW
0x140273538 GetProfileIntW
0x140273540 Sleep
0x140273548 GetTempPathW
0x140273550 InitializeSListHead
0x140273558 GetTempFileNameW
0x140273560 SetErrorMode
0x140273568 FindNextFileW
0x140273570 GetFileTime
0x140273578 GetFileSizeEx
0x140273580 GetFileAttributesExW
0x140273588 FileTimeToLocalFileTime
0x140273590 VirtualProtect
0x140273598 DuplicateHandle
0x1402735a0 WriteFile
0x1402735a8 UnlockFile
0x1402735b0 SetFilePointer
0x1402735b8 SetEndOfFile
0x1402735c0 ReadFile
0x1402735c8 LockFile
0x1402735d0 GetVolumeInformationW
0x1402735d8 GetFullPathNameW
0x1402735e0 FlushFileBuffers
0x1402735e8 FindClose
0x1402735f0 GetFileSize
0x1402735f8 GetFileAttributesW
0x140273600 VerifyVersionInfoW
0x140273608 VerSetConditionMask
0x140273610 DeleteFileW
0x140273618 GlobalFlags
0x140273620 GetUserDefaultUILanguage
0x140273630 GetLocaleInfoW
0x140273638 CompareStringW
0x140273640 GetCurrentDirectoryW
0x140273648 LocalReAlloc
0x140273650 GlobalHandle
0x140273658 GlobalReAlloc
0x140273660 TlsFree
0x140273668 TlsSetValue
0x140273670 TlsGetValue
0x140273678 TlsAlloc
0x140273688 GetThreadLocale
0x140273690 GlobalGetAtomNameW
0x140273698 FileTimeToSystemTime
0x1402736a8 LocalAlloc
0x1402736b0 GlobalFindAtomW
0x1402736b8 EncodePointer
0x1402736c0 GlobalAddAtomW
0x1402736c8 GetPrivateProfileIntW
0x1402736d0 SetThreadPriority
0x1402736d8 CreateEventW
0x1402736e0 WaitForSingleObject
0x1402736e8 SetEvent
0x1402736f0 FreeResource
0x1402736f8 QueryActCtxW
0x140273700 FindActCtxSectionStringW
0x140273708 DeactivateActCtx
0x140273710 ActivateActCtx
0x140273718 CreateActCtxW
0x140273720 lstrcmpW
0x140273728 lstrcmpA
0x140273730 GlobalDeleteAtom
0x140273738 LoadLibraryExW
0x140273740 GetModuleHandleExW
0x140273748 GetModuleFileNameW
0x140273750 GetCurrentThreadId
0x140273758 GetCurrentThread
0x140273760 OutputDebugStringA
0x140273768 CopyFileW
0x140273770 MulDiv
0x140273778 GlobalFree
0x140273780 GlobalUnlock
0x140273788 GlobalLock
0x140273790 GlobalSize
0x140273798 GlobalAlloc
0x1402737a0 lstrcatW
0x1402737a8 GetWindowsDirectoryW
0x1402737b0 lstrcmpiW
0x1402737b8 GetCurrentProcessId
0x1402737c0 FindFirstFileW
0x1402737d0 GlobalMemoryStatus
0x1402737d8 GetCurrentProcess
0x1402737e0 GetModuleHandleW
0x1402737e8 GetUserDefaultLCID
0x1402737f0 GetVersionExW
0x1402737f8 GetSystemDirectoryW
0x140273800 GetDiskFreeSpaceExW
0x140273808 GetDriveTypeW
0x140273810 GetLogicalDriveStringsW
0x140273818 VirtualFree
0x140273820 VirtualAlloc
0x140273828 DeviceIoControl
0x140273830 CreateFileW
0x140273838 lstrcpyW
0x140273840 FreeLibrary
0x140273848 GetProcAddress
0x140273850 LoadLibraryW
0x140273858 QueryPerformanceCounter
0x140273868 GetSystemInfo
0x140273870 GetTickCount
0x140273878 lstrlenW
0x140273888 GetPrivateProfileStringW
0x140273890 CloseHandle
0x140273898 FindResourceExW
0x1402738a0 GetProcessHeap
0x1402738a8 DeleteCriticalSection
0x1402738b0 HeapDestroy
0x1402738b8 DecodePointer
0x1402738c0 HeapAlloc
0x1402738c8 RaiseException
0x1402738d0 HeapReAlloc
0x1402738d8 HeapSize
0x1402738e0 LeaveCriticalSection
0x1402738f0 EnterCriticalSection
0x1402738f8 HeapFree
0x140273900 WideCharToMultiByte
0x140273908 SuspendThread
0x140273910 ResumeThread
0x140273918 LocalFree
0x140273920 FormatMessageW
0x140273928 SetLastError
0x140273930 GetLastError
0x140273938 CreateMutexW
0x140273940 MultiByteToWideChar
0x140273948 FindResourceW
0x140273950 LoadResource
0x140273958 LockResource
0x140273960 SizeofResource
0x140273968 SetThreadUILanguage
0x140273970 GetThreadUILanguage
0x140273978 GetFileType
Library USER32.dll:
0x140273ad8 SetCapture
0x140273ae0 CharNextW
0x140273ae8 RealChildWindowFromPoint
0x140273af0 DeleteMenu
0x140273af8 SystemParametersInfoW
0x140273b00 CopyImage
0x140273b08 LoadCursorW
0x140273b10 IntersectRect
0x140273b18 SetRectEmpty
0x140273b20 SendDlgItemMessageA
0x140273b28 GetDesktopWindow
0x140273b30 GetNextDlgTabItem
0x140273b38 EndDialog
0x140273b48 ClientToScreen
0x140273b50 ReleaseDC
0x140273b58 GetWindowDC
0x140273b60 TabbedTextOutW
0x140273b68 GrayStringW
0x140273b70 DrawTextExW
0x140273b78 DrawTextW
0x140273b80 IsDialogMessageW
0x140273b88 SetWindowTextW
0x140273b90 CheckDlgButton
0x140273b98 MoveWindow
0x140273ba0 ShowWindow
0x140273ba8 MonitorFromWindow
0x140273bb0 WinHelpW
0x140273bb8 GetScrollInfo
0x140273bc0 SetScrollInfo
0x140273bc8 UnhookWindowsHookEx
0x140273bd0 GetTopWindow
0x140273bd8 GetClassLongPtrW
0x140273be0 SetWindowLongPtrW
0x140273be8 GetWindowLongPtrW
0x140273bf0 SetWindowLongW
0x140273bf8 PtInRect
0x140273c00 EqualRect
0x140273c08 CopyRect
0x140273c10 ScreenToClient
0x140273c18 AdjustWindowRectEx
0x140273c20 GetWindowTextLengthW
0x140273c28 GetWindowTextW
0x140273c30 RemovePropW
0x140273c38 GetPropW
0x140273c40 SetPropW
0x140273c48 ShowScrollBar
0x140273c50 GetScrollRange
0x140273c58 SetScrollRange
0x140273c60 GetScrollPos
0x140273c68 SetScrollPos
0x140273c70 ScrollWindow
0x140273c78 EndPaint
0x140273c80 ReleaseCapture
0x140273c88 SetForegroundWindow
0x140273c90 SetActiveWindow
0x140273c98 TrackPopupMenu
0x140273ca0 SetMenu
0x140273ca8 GetMenu
0x140273cb0 GetCapture
0x140273cb8 SetFocus
0x140273cc0 GetDlgCtrlID
0x140273cc8 GetDlgItem
0x140273cd0 EndDeferWindowPos
0x140273cd8 DeferWindowPos
0x140273ce0 BeginDeferWindowPos
0x140273ce8 SetWindowPlacement
0x140273cf0 GetWindowPlacement
0x140273cf8 DestroyWindow
0x140273d00 IsChild
0x140273d08 IsMenu
0x140273d10 IsWindow
0x140273d18 CreateWindowExW
0x140273d20 GetClassInfoExW
0x140273d28 DestroyMenu
0x140273d30 RegisterClassW
0x140273d38 CallWindowProcW
0x140273d40 DefWindowProcW
0x140273d48 GetMessageTime
0x140273d50 GetMessagePos
0x140273d58 LoadMenuW
0x140273d60 GetClassNameW
0x140273d68 UpdateWindow
0x140273d70 GetLastActivePopup
0x140273d78 GetWindowLongW
0x140273d80 MessageBoxW
0x140273d88 IsWindowEnabled
0x140273d90 SetCursor
0x140273d98 ShowOwnedPopups
0x140273da0 CallNextHookEx
0x140273da8 EnableScrollBar
0x140273db0 GetDoubleClickTime
0x140273db8 GetIconInfo
0x140273dc0 CopyIcon
0x140273dc8 GetMenuItemInfoW
0x140273dd0 EnableWindow
0x140273dd8 LoadIconW
0x140273de0 PostMessageW
0x140273de8 SetWindowsHookExW
0x140273df0 GetCursorPos
0x140273df8 ValidateRect
0x140273e00 GetKeyState
0x140273e08 GetActiveWindow
0x140273e10 PeekMessageW
0x140273e18 DispatchMessageW
0x140273e20 TranslateMessage
0x140273e28 GetMessageW
0x140273e30 SetMenuItemInfoW
0x140273e40 SetMenuItemBitmaps
0x140273e48 EnableMenuItem
0x140273e50 CheckMenuItem
0x140273e58 DrawIconEx
0x140273e60 CopyAcceleratorTableW
0x140273e68 InvalidateRgn
0x140273e70 GetNextDlgGroupItem
0x140273e78 MessageBeep
0x140273e88 SetParent
0x140273e90 MonitorFromPoint
0x140273e98 OpenClipboard
0x140273ea0 CloseClipboard
0x140273ea8 SetClipboardData
0x140273eb0 EmptyClipboard
0x140273eb8 DestroyIcon
0x140273ec0 LoadImageW
0x140273ec8 TrackMouseEvent
0x140273ed0 IsZoomed
0x140273ed8 IsRectEmpty
0x140273ee0 OffsetRect
0x140273ee8 CharUpperW
0x140273ef0 GetAsyncKeyState
0x140273ef8 GetSystemMenu
0x140273f00 WindowFromPoint
0x140273f08 NotifyWinEvent
0x140273f10 SetCursorPos
0x140273f18 UnionRect
0x140273f20 BringWindowToTop
0x140273f28 CreatePopupMenu
0x140273f30 BeginPaint
0x140273f38 GetClientRect
0x140273f40 FillRect
0x140273f48 IsIconic
0x140273f50 SendMessageW
0x140273f58 GetSystemMetrics
0x140273f60 DrawIcon
0x140273f68 KillTimer
0x140273f70 SetTimer
0x140273f78 InvalidateRect
0x140273f80 SetWindowPos
0x140273f88 LoadBitmapW
0x140273f90 SetRect
0x140273f98 UnregisterClassW
0x140273fa0 GetDC
0x140273fa8 GetMonitorInfoW
0x140273fb0 EnumDisplayMonitors
0x140273fb8 EnumDisplayDevicesW
0x140273fc0 wsprintfW
0x140273fc8 GetWindowThreadProcessId
0x140273fd0 GetWindow
0x140273fd8 EnumWindows
0x140273fe0 GetForegroundWindow
0x140273fe8 GetMenuStringW
0x140273ff0 MapVirtualKeyW
0x140273ff8 GetMenuState
0x140274000 GetSubMenu
0x140274008 GetMenuItemID
0x140274010 GetMenuItemCount
0x140274018 InsertMenuW
0x140274020 AppendMenuW
0x140274028 RemoveMenu
0x140274030 PostQuitMessage
0x140274038 SetWindowContextHelpId
0x140274040 GetParent
0x140274048 MapDialogRect
0x140274050 RegisterWindowMessageW
0x140274058 DrawEdge
0x140274060 DrawFrameControl
0x140274068 IsWindowVisible
0x140274070 GetFocus
0x140274078 DrawStateW
0x140274080 SetWindowRgn
0x140274088 RedrawWindow
0x140274090 GetWindowRect
0x140274098 MapWindowPoints
0x1402740a0 GetMenuDefaultItem
0x1402740a8 SetMenuDefaultItem
0x1402740b0 ModifyMenuW
0x1402740b8 DestroyAcceleratorTable
0x1402740c0 GetSysColor
0x1402740c8 GetSysColorBrush
0x1402740d0 DrawFocusRect
0x1402740d8 InflateRect
0x1402740e0 LockWindowUpdate
0x1402740e8 SetClassLongPtrW
0x1402740f0 GetUpdateRect
0x1402740f8 UpdateLayeredWindow
0x140274100 RegisterClipboardFormatW
0x140274108 ToUnicodeEx
0x140274110 GetKeyboardLayout
0x140274118 GetKeyboardState
0x140274120 GetWindowRgn
0x140274128 DestroyCursor
0x140274130 CreateMenu
0x140274138 InvertRect
0x140274140 HideCaret
0x140274148 GetComboBoxInfo
0x140274150 TranslateMDISysAccel
0x140274158 DefMDIChildProcW
0x140274160 DefFrameProcW
0x140274168 DrawMenuBar
0x140274170 MapVirtualKeyExW
0x140274178 IsCharLowerW
0x140274180 WaitMessage
0x140274188 PostThreadMessageW
0x140274198 FrameRect
0x1402741a0 ReuseDDElParam
0x1402741a8 UnpackDDElParam
0x1402741b0 InsertMenuItemW
0x1402741b8 TranslateAcceleratorW
0x1402741c0 CharUpperBuffW
0x1402741c8 SubtractRect
0x1402741d0 GetKeyNameTextW
0x1402741d8 CreateAcceleratorTableW
0x1402741e0 LoadAcceleratorsW
0x1402741e8 GetClassInfoW
Library GDI32.dll:
0x140273070 CreateRectRgnIndirect
0x140273078 Ellipse
0x140273080 GetBkColor
0x140273088 GetTextColor
0x140273090 GetTextExtentPoint32W
0x140273098 PatBlt
0x1402730a0 ExtTextOutW
0x1402730a8 CreatePolygonRgn
0x1402730b0 Polygon
0x1402730b8 Polyline
0x1402730c0 GetTextMetricsW
0x1402730c8 CreateBitmap
0x1402730d0 GetStockObject
0x1402730d8 SetBkColor
0x1402730e0 SetTextColor
0x1402730e8 CreatePatternBrush
0x1402730f0 Escape
0x1402730f8 ExcludeClipRect
0x140273100 GetClipBox
0x140273108 GetObjectType
0x140273110 GetPixel
0x140273118 GetViewportExtEx
0x140273120 GetWindowExtEx
0x140273128 IntersectClipRect
0x140273130 LineTo
0x140273138 PtVisible
0x140273140 RectVisible
0x140273148 RestoreDC
0x140273150 SaveDC
0x140273158 SelectClipRgn
0x140273160 ExtSelectClipRgn
0x140273168 SelectPalette
0x140273170 SetBkMode
0x140273178 SetMapMode
0x140273180 SetLayout
0x140273188 GetLayout
0x140273190 SetPolyFillMode
0x140273198 SetROP2
0x1402731a0 SetTextAlign
0x1402731a8 MoveToEx
0x1402731b0 CreateRectRgn
0x1402731b8 SetViewportExtEx
0x1402731c0 SetViewportOrgEx
0x1402731c8 SetWindowExtEx
0x1402731d0 SetWindowOrgEx
0x1402731d8 OffsetViewportOrgEx
0x1402731e0 OffsetWindowOrgEx
0x1402731e8 ScaleViewportExtEx
0x1402731f0 ScaleWindowExtEx
0x1402731f8 CreateFontIndirectW
0x140273200 GetMapMode
0x140273208 SetRectRgn
0x140273210 DPtoLP
0x140273218 GetRgnBox
0x140273220 CreateCompatibleBitmap
0x140273228 CreateDIBitmap
0x140273230 EnumFontFamiliesW
0x140273238 GetTextCharsetInfo
0x140273240 RealizePalette
0x140273248 SetPixel
0x140273250 StretchBlt
0x140273258 CreateDIBSection
0x140273260 SetDIBColorTable
0x140273268 CreateRoundRectRgn
0x140273270 OffsetRgn
0x140273278 RoundRect
0x140273280 CreatePalette
0x140273288 GetPaletteEntries
0x140273290 GetNearestPaletteIndex
0x140273298 GetSystemPaletteEntries
0x1402732a0 EnumFontFamiliesExW
0x1402732a8 LPtoDP
0x1402732b0 ExtFloodFill
0x1402732b8 SetPaletteEntries
0x1402732c0 FillRgn
0x1402732c8 FrameRgn
0x1402732d0 GetBoundsRect
0x1402732d8 PtInRegion
0x1402732e0 GetViewportOrgEx
0x1402732e8 GetWindowOrgEx
0x1402732f0 SetPixelV
0x1402732f8 GetTextFaceW
0x140273300 CreateHatchBrush
0x140273308 CreateEllipticRgn
0x140273310 CombineRgn
0x140273318 CreateDCW
0x140273320 CopyMetaFileW
0x140273328 SetPixelFormat
0x140273330 ChoosePixelFormat
0x140273338 GetDeviceCaps
0x140273340 DeleteDC
0x140273348 Rectangle
0x140273350 CreatePen
0x140273358 BitBlt
0x140273360 GetObjectW
0x140273368 CreateCompatibleDC
0x140273370 SelectObject
0x140273378 TextOutW
0x140273380 DeleteObject
0x140273388 CreateSolidBrush
Library MSIMG32.dll:
0x140273988 AlphaBlend
0x140273990 TransparentBlt
Library WINSPOOL.DRV:
0x140274318 DocumentPropertiesW
0x140274320 OpenPrinterW
0x140274328 ClosePrinter
Library ADVAPI32.dll:
0x140273000 RegDeleteValueW
0x140273008 RegEnumKeyExW
0x140273010 RegEnumValueW
0x140273018 RegQueryValueW
0x140273020 RegEnumKeyW
0x140273028 RegSetValueExW
0x140273030 RegQueryValueExW
0x140273038 RegDeleteKeyW
0x140273040 RegCreateKeyExW
0x140273048 RegOpenKeyExW
0x140273050 RegCloseKey
Library SHELL32.dll:
0x140273a38 SHGetMalloc
0x140273a40 SHGetPathFromIDListW
0x140273a50 SHBrowseForFolderW
0x140273a58 SHGetDesktopFolder
0x140273a60 SHAppBarMessage
0x140273a68 SHGetFileInfoW
0x140273a70 ShellExecuteW
0x140273a78 DragFinish
0x140273a80 DragQueryFileW
0x140273a88 SHGetSpecialFolderPathW
Library COMCTL32.dll:
0x140273060 InitCommonControlsEx
Library SHLWAPI.dll:
0x140273a98 PathFindExtensionW
0x140273aa0 PathFindFileNameW
0x140273aa8 StrCatW
0x140273ab0 PathIsUNCW
0x140273ab8 PathStripToRootW
0x140273ac0 PathRemoveFileSpecW
0x140273ac8 StrFormatKBSizeW
Library UxTheme.dll:
0x1402741f8 OpenThemeData
0x140274200 CloseThemeData
0x140274208 DrawThemeBackground
0x140274210 GetThemeColor
0x140274218 GetCurrentThemeName
0x140274220 IsAppThemed
0x140274228 DrawThemeText
0x140274238 GetWindowTheme
0x140274240 GetThemePartSize
0x140274250 GetThemeSysColor
Library ole32.dll:
0x140274408 RevokeDragDrop
0x140274410 OleLockRunning
0x140274418 CoInitializeEx
0x140274420 CoRevokeClassObject
0x140274428 CoRegisterMessageFilter
0x140274430 OleCreateMenuDescriptor
0x140274438 OleDestroyMenuDescriptor
0x140274440 OleTranslateAccelerator
0x140274448 IsAccelerator
0x140274450 RegisterDragDrop
0x140274458 CoLockObjectExternal
0x140274460 OleUninitialize
0x140274468 OleInitialize
0x140274470 CoFreeUnusedLibraries
0x140274478 OleGetClipboard
0x140274480 DoDragDrop
0x140274488 OleIsCurrentClipboard
0x140274490 CreateStreamOnHGlobal
0x1402744b0 CoGetClassObject
0x1402744b8 CoDisconnectObject
0x1402744c0 CLSIDFromProgID
0x1402744c8 CLSIDFromString
0x1402744d0 ReleaseStgMedium
0x1402744d8 OleDuplicateData
0x1402744e0 CoTaskMemFree
0x1402744e8 CoTaskMemAlloc
0x1402744f0 CoSetProxyBlanket
0x1402744f8 CoCreateInstance
0x140274500 CoUninitialize
0x140274508 CoInitialize
0x140274510 CoCreateGuid
0x140274518 OleFlushClipboard
Library OLEAUT32.dll:
0x1402739c0 SysAllocStringLen
0x1402739c8 SystemTimeToVariantTime
0x1402739d0 VariantTimeToSystemTime
0x1402739d8 SafeArrayDestroy
0x1402739e0 VarBstrFromDate
0x1402739e8 LoadTypeLib
0x1402739f0 OleCreateFontIndirect
0x1402739f8 SysStringLen
0x140273a00 VariantCopy
0x140273a08 SysAllocString
0x140273a10 VariantInit
0x140273a18 VariantClear
0x140273a20 SysFreeString
0x140273a28 VariantChangeType
Library oledlg.dll:
0x140274528 OleUIBusyW
Library gdiplus.dll:
0x140274338 GdipDrawImageRectI
0x140274340 GdipCreateFromHDC
0x140274358 GdipDrawImageI
0x140274360 GdipSetInterpolationMode
0x140274368 GdipDeleteGraphics
0x140274370 GdipBitmapUnlockBits
0x140274378 GdipBitmapLockBits
0x140274388 GdiplusShutdown
0x140274390 GdipAlloc
0x140274398 GdipFree
0x1402743a0 GdiplusStartup
0x1402743a8 GdipCloneImage
0x1402743b0 GdipDisposeImage
0x1402743c0 GdipGetImageWidth
0x1402743c8 GdipGetImagePaletteSize
0x1402743d0 GdipGetImagePalette
0x1402743d8 GdipGetImagePixelFormat
0x1402743e0 GdipGetImageHeight
Library VERSION.dll:
0x140274260 GetFileVersionInfoSizeW
0x140274268 VerQueryValueW
0x140274270 GetFileVersionInfoW
Library msi.dll:
0x1402743f0
0x1402743f8
Library IPHLPAPI.DLL:
0x1402733b8 IcmpSendEcho
0x1402733c0 IcmpCreateFile
Library OLEACC.dll:
0x1402739a8 LresultFromObject
Library WININET.dll:
0x140274280 HttpSendRequestW
0x140274298 InternetSetFilePointer
0x1402742a0 InternetOpenW
0x1402742a8 HttpEndRequestW
0x1402742b0 InternetWriteFile
0x1402742b8 HttpSendRequestExW
0x1402742c0 HttpAddRequestHeadersW
0x1402742c8 HttpOpenRequestW
0x1402742d0 InternetConnectW
0x1402742d8 InternetReadFile
0x1402742e8 InternetOpenUrlW
0x1402742f0 HttpQueryInfoW
0x1402742f8 InternetCloseHandle
Library IMM32.dll:
0x140273398 ImmGetOpenStatus
0x1402733a0 ImmGetContext
0x1402733a8 ImmReleaseContext

Exports

Ordinal Address Name
1 0x140012ed0 Configure
2 0x140013020 Detect
3 0x1400131c0 GetLog
4 0x140013070 GetSystemInformation
5 0x1400132d0 SetLog

Hosts

No hosts contacted.

TCP

Source Source Port Destination Destination Port
192.168.56.101 49176 54.84.6.237 www.systemrequirementslab.com 80
192.168.56.101 49177 54.84.6.237 www.systemrequirementslab.com 80
192.168.56.101 49183 54.84.6.237 www.systemrequirementslab.com 80

UDP

Source Source Port Destination Destination Port
192.168.56.101 51378 114.114.114.114 53
192.168.56.101 51808 114.114.114.114 53
192.168.56.101 53657 114.114.114.114 53
192.168.56.101 55368 114.114.114.114 53
192.168.56.101 57874 114.114.114.114 53
192.168.56.101 62318 114.114.114.114 53
192.168.56.101 137 192.168.56.255 137
192.168.56.101 138 192.168.56.255 138
192.168.56.101 123 20.189.79.72 time.windows.com 123
192.168.56.101 51963 224.0.0.252 5355
192.168.56.101 56804 224.0.0.252 5355
192.168.56.101 57756 224.0.0.252 5355
192.168.56.101 58367 224.0.0.252 5355
192.168.56.101 62191 224.0.0.252 5355
192.168.56.101 63429 224.0.0.252 5355
192.168.56.101 65004 224.0.0.252 5355
192.168.56.101 1900 239.255.255.250 1900
192.168.56.101 55369 239.255.255.250 3702
192.168.56.101 57875 239.255.255.250 3702
192.168.56.101 57877 239.255.255.250 3702

HTTP & HTTPS Requests

URI Data
http://www.systemrequirementslab.com/cyri/api/LogUserEvent 
POST /cyri/api/LogUserEvent HTTP/1.1
User-Agent: bbd87164e1f90c12f27a15d98c5bfb01
Content-Type: application/json
Host: www.systemrequirementslab.com
Content-Length: 105
Cache-Control: no-cache

{Tag:"detection-app",EventType:"start",Description:"start",UserId:"4F5046CD-C91A-4289-AE6D-DDA1EFE0A5AC"}
http://www.systemrequirementslab.com/services/session//?apikey=9972FAF8-F36D-4FAA-9EF1-4301C3D354C0 
POST /services/session//?apikey=9972FAF8-F36D-4FAA-9EF1-4301C3D354C0 HTTP/1.1
User-Agent: bbd87164e1f90c12f27a15d98c5bfb01
Content-Type: text/plain
Host: www.systemrequirementslab.com
Content-Length: 110
Cache-Control: no-cache
Cookie: AWSALB=8ClTCOgwAVt1U6GGq9Rshoo/WX/W/ZJMFWnvOgleRH4mOUsa2S80fKldxup4TsHEcTaa4U1RWmld9X6lN+YAmus2sY6WotlquZ8m/Iqo7oHpAZIsFKYawf2qmRsY; AWSALBCORS=8ClTCOgwAVt1U6GGq9Rshoo/WX/W/ZJMFWnvOgleRH4mOUsa2S80fKldxup4TsHEcTaa4U1RWmld9X6lN+YAmus2sY6WotlquZ8m/Iqo7oHpAZIsFKYawf2qmRsY

{id:"",computerId:"",DetectionApp:true,detection:{start:true,exit:true,error:false,cancel:false,success:true}}
http://www.systemrequirementslab.com/services/session/4F5046CD-C91A-4289-AE6D-DDA1EFE0A5AC/?apikey=9972FAF8-F36D-4FAA-9EF1-4301C3D354C0 
GET /services/session/4F5046CD-C91A-4289-AE6D-DDA1EFE0A5AC/?apikey=9972FAF8-F36D-4FAA-9EF1-4301C3D354C0 HTTP/1.1
User-Agent: bbd87164e1f90c12f27a15d98c5bfb01
Host: www.systemrequirementslab.com
Cache-Control: no-cache
http://www.systemrequirementslab.com/services/systeminfo//1046/?apikey=0 
POST /services/systeminfo//1046/?apikey=0 HTTP/1.1
User-Agent: bbd87164e1f90c12f27a15d98c5bfb01
Content-Type: text/plain
Host: www.systemrequirementslab.com
Content-Length: 7842
Cache-Control: no-cache
Cookie: AWSALB=YtsOr7WOzAqcJvMTYmdSh8eg0xPrP2TqSJIB//RCfU3Yki1YYz9yAKCSG1OTOOsMDuNaZeOM6KV61YHoV3cbe0hfPAp1ZM6kOP5WXorNit9BKOm86zdTgsV6CI2o; AWSALBCORS=YtsOr7WOzAqcJvMTYmdSh8eg0xPrP2TqSJIB//RCfU3Yki1YYz9yAKCSG1OTOOsMDuNaZeOM6KV61YHoV3cbe0hfPAp1ZM6kOP5WXorNit9BKOm86zdTgsV6CI2o
http://www.systemrequirementslab.com/cyri/api/LogUserEvent 
POST /cyri/api/LogUserEvent HTTP/1.1
User-Agent: bbd87164e1f90c12f27a15d98c5bfb01
Content-Type: application/json
Host: www.systemrequirementslab.com
Content-Length: 106
Cache-Control: no-cache
Cookie: AWSALB=YtsOr7WOzAqcJvMTYmdSh8eg0xPrP2TqSJIB//RCfU3Yki1YYz9yAKCSG1OTOOsMDuNaZeOM6KV61YHoV3cbe0hfPAp1ZM6kOP5WXorNit9BKOm86zdTgsV6CI2o; AWSALBCORS=YtsOr7WOzAqcJvMTYmdSh8eg0xPrP2TqSJIB//RCfU3Yki1YYz9yAKCSG1OTOOsMDuNaZeOM6KV61YHoV3cbe0hfPAp1ZM6kOP5WXorNit9BKOm86zdTgsV6CI2o

{Tag:"detection-app",EventType:"exit",Description:"success",UserId:"4F5046CD-C91A-4289-AE6D-DDA1EFE0A5AC"}
http://www.systemrequirementslab.com/services/configuration/1046/0/?apikey=0 
GET /services/configuration/1046/0/?apikey=0 HTTP/1.1
User-Agent: bbd87164e1f90c12f27a15d98c5bfb01
Host: www.systemrequirementslab.com
Cache-Control: no-cache
Cookie: AWSALB=YtsOr7WOzAqcJvMTYmdSh8eg0xPrP2TqSJIB//RCfU3Yki1YYz9yAKCSG1OTOOsMDuNaZeOM6KV61YHoV3cbe0hfPAp1ZM6kOP5WXorNit9BKOm86zdTgsV6CI2o; AWSALBCORS=YtsOr7WOzAqcJvMTYmdSh8eg0xPrP2TqSJIB//RCfU3Yki1YYz9yAKCSG1OTOOsMDuNaZeOM6KV61YHoV3cbe0hfPAp1ZM6kOP5WXorNit9BKOm86zdTgsV6CI2o
http://www.systemrequirementslab.com/services/session/4F5046CD-C91A-4289-AE6D-DDA1EFE0A5AC/?apikey=9972FAF8-F36D-4FAA-9EF1-4301C3D354C0 
GET /services/session/4F5046CD-C91A-4289-AE6D-DDA1EFE0A5AC/?apikey=9972FAF8-F36D-4FAA-9EF1-4301C3D354C0 HTTP/1.1
User-Agent: bbd87164e1f90c12f27a15d98c5bfb01
Host: www.systemrequirementslab.com
Cache-Control: no-cache
Cookie: AWSALB=YtsOr7WOzAqcJvMTYmdSh8eg0xPrP2TqSJIB//RCfU3Yki1YYz9yAKCSG1OTOOsMDuNaZeOM6KV61YHoV3cbe0hfPAp1ZM6kOP5WXorNit9BKOm86zdTgsV6CI2o; AWSALBCORS=YtsOr7WOzAqcJvMTYmdSh8eg0xPrP2TqSJIB//RCfU3Yki1YYz9yAKCSG1OTOOsMDuNaZeOM6KV61YHoV3cbe0hfPAp1ZM6kOP5WXorNit9BKOm86zdTgsV6CI2o
http://www.systemrequirementslab.com/services/session/4F5046CD-C91A-4289-AE6D-DDA1EFE0A5AC/?apikey=9972FAF8-F36D-4FAA-9EF1-4301C3D354C0 
POST /services/session/4F5046CD-C91A-4289-AE6D-DDA1EFE0A5AC/?apikey=9972FAF8-F36D-4FAA-9EF1-4301C3D354C0 HTTP/1.1
User-Agent: bbd87164e1f90c12f27a15d98c5bfb01
Content-Type: text/plain
Host: www.systemrequirementslab.com
Content-Length: 113
Cache-Control: no-cache

{id:"",computerId:"",DetectionApp:false,detection:{start:true,exit:false,error:false,cancel:false,success:false}}
http://www.systemrequirementslab.com/services/session//?apikey=9972FAF8-F36D-4FAA-9EF1-4301C3D354C0 
POST /services/session//?apikey=9972FAF8-F36D-4FAA-9EF1-4301C3D354C0 HTTP/1.1
User-Agent: bbd87164e1f90c12f27a15d98c5bfb01
Content-Type: text/plain
Host: www.systemrequirementslab.com
Content-Length: 111
Cache-Control: no-cache
Cookie: AWSALB=YtsOr7WOzAqcJvMTYmdSh8eg0xPrP2TqSJIB//RCfU3Yki1YYz9yAKCSG1OTOOsMDuNaZeOM6KV61YHoV3cbe0hfPAp1ZM6kOP5WXorNit9BKOm86zdTgsV6CI2o; AWSALBCORS=YtsOr7WOzAqcJvMTYmdSh8eg0xPrP2TqSJIB//RCfU3Yki1YYz9yAKCSG1OTOOsMDuNaZeOM6KV61YHoV3cbe0hfPAp1ZM6kOP5WXorNit9BKOm86zdTgsV6CI2o

{id:"",computerId:"",DetectionApp:true,detection:{start:true,exit:false,error:false,cancel:false,success:true}}

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.