6.0
高危
57 个模型检测该样本为恶意!
重新分析
更多

3ced281c8086605280ee98f491a59889e7754e6682e0933085c14f8cc1256da0

d9c6716c25da9e5ba2e9903fb8522593.exe

分析耗时

76s

最近分析

文件大小

548.0KB
静态报毒 动态报毒 AI SCORE=80 BANKERX CLASSIC CRYPRENI CV1A EMOTET EPAZ FAMVT GENCIRC GENETIC GENKRYPTIK HIGH CONFIDENCE HPOWBF KBNU KCLOUD KRYPTIK MALWARE@#17GZTOXZKGRJP NGEK R + TROJ SBCGR SCORE SUSGEN THHOFBO UNSAFE 更多
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
查杀引擎 查杀结果 查杀时间 查杀版本
McAfee Emotet-FRG!D9C6716C25DA 20201211 6.0.6.653
Alibaba Trojan:Win32/Emotet.2084ba6d 20190527 0.3.0.5
Avast Win32:BankerX-gen [Trj] 20201210 21.1.5827.0
Tencent Malware.Win32.Gencirc.10cde55d 20201211 1.0.0.1
Baidu 20190318 1.0.0.2
Kingsoft Win32.Hack.Undef.(kcloud) 20201211 2017.9.26.565
CrowdStrike 20190702 1.0
静态指标
Queries for the computername (1 个事件)
Time & API Arguments Status Return Repeated
1619948433.780531
GetComputerNameA
computer_name: OSKAR-PC
success 1 0
Uses Windows APIs to generate a cryptographic key (3 个事件)
Time & API Arguments Status Return Repeated
1619948418.576531
CryptGenKey
crypto_handle: 0x025c0f90
algorithm_identifier: 0x0000660e ()
provider_handle: 0x025c0b88
flags: 1
key: fM €—yƛ™…’‹–÷ç
success 1 0
1619948433.795531
CryptExportKey
crypto_handle: 0x025c0f90
crypto_export_handle: 0x025c0f50
buffer: f¤]fUOeö²™›»5¤…å£Ùæ"7Žã(°'ӐÓÑ*ñjY=F𕴱¾b 瓉Px#…~ówÆl¬2CÛª§r‚î)©ítü?>žK~L‹×…Œ›¢)ÉÃóO>b
blob_type: 1
flags: 64
success 1 0
1619948468.983531
CryptExportKey
crypto_handle: 0x025c0f90
crypto_export_handle: 0x025c0f50
buffer: f¤‰§CÊî_Zhýõë\¢E­m†%3ÏwA¾E9@i]´ÙQJvê©°3Ê¶i<›°­$YK;mðüâåÛ0§«ˆ¸Õ^¼î7ì™i¹¸ùð>BYÆ l«W£ÿ¹T
blob_type: 1
flags: 64
success 1 0
The file contains an unknown PE resource name possibly indicative of a packer (1 个事件)
resource name None
行为判定
动态指标
Allocates read-write-execute memory (usually to unpack itself) (1 个事件)
Time & API Arguments Status Return Repeated
1619948417.842531
NtAllocateVirtualMemory
process_identifier: 2228
region_size: 36864
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 12289 (MEM_COMMIT|MEM_RESERVE)
base_address: 0x003e0000
success 0 0
Checks adapter addresses which can be used to detect virtual network interfaces (1 个事件)
Time & API Arguments Status Return Repeated
1619948434.326531
GetAdaptersAddresses
flags: 0
family: 0
failed 111 0
Expresses interest in specific running processes (1 个事件)
process d9c6716c25da9e5ba2e9903fb8522593.exe
Reads the systems User Agent and subsequently performs requests (1 个事件)
Time & API Arguments Status Return Repeated
1619948433.951531
InternetOpenW
proxy_bypass:
access_type: 0
proxy_name:
flags: 0
user_agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
success 13369348 0
网络通信
Communicates with host for which no DNS query was performed (3 个事件)
host 172.217.24.14
host 198.57.203.63
host 201.235.10.215
Sets or modifies WPAD proxy autoconfiguration file for traffic interception (8 个事件)
Time & API Arguments Status Return Repeated
1619948436.905531
RegSetValueExA
key_handle: 0x000003b0
value: 1
regkey_r: WpadDecisionReason
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecisionReason
success 0 0
1619948436.905531
RegSetValueExA
key_handle: 0x000003b0
value: Ðq†ÎP?×
regkey_r: WpadDecisionTime
reg_type: 3 (REG_BINARY)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecisionTime
success 0 0
1619948436.905531
RegSetValueExA
key_handle: 0x000003b0
value: 3
regkey_r: WpadDecision
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecision
success 0 0
1619948436.905531
RegSetValueExW
key_handle: 0x000003b0
value: 网络 2
regkey_r: WpadNetworkName
reg_type: 1 (REG_SZ)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadNetworkName
success 0 0
1619948436.905531
RegSetValueExA
key_handle: 0x000003c8
value: 1
regkey_r: WpadDecisionReason
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecisionReason
success 0 0
1619948436.905531
RegSetValueExA
key_handle: 0x000003c8
value: Ðq†ÎP?×
regkey_r: WpadDecisionTime
reg_type: 3 (REG_BINARY)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecisionTime
success 0 0
1619948436.905531
RegSetValueExA
key_handle: 0x000003c8
value: 3
regkey_r: WpadDecision
reg_type: 4 (REG_DWORD)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecision
success 0 0
1619948436.936531
RegSetValueExW
key_handle: 0x000003ac
value: {40112ABE-63B3-43C3-BE93-1440EE3AF106}
regkey_r: WpadLastNetwork
reg_type: 1 (REG_SZ)
regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\WpadLastNetwork
success 0 0
File has been identified by 57 AntiVirus engines on VirusTotal as malicious (50 out of 57 个事件)
Bkav W32.FamVT.CryprenI.Trojan
Elastic malicious (high confidence)
DrWeb Trojan.Emotet.996
MicroWorld-eScan Trojan.Emotet.AJE
FireEye Trojan.Emotet.AJE
Qihoo-360 Win32/Trojan.9e8
McAfee Emotet-FRG!D9C6716C25DA
Cylance Unsafe
VIPRE Trojan.Win32.Generic!BT
Sangfor Malware
K7AntiVirus Trojan ( 005600261 )
Alibaba Trojan:Win32/Emotet.2084ba6d
K7GW Trojan ( 005600261 )
Arcabit Trojan.Emotet.AJE
Cyren W32/Trojan.KBNU-6007
Symantec Packed.Generic.554
ESET-NOD32 Win32/Emotet.CD
APEX Malicious
Avast Win32:BankerX-gen [Trj]
ClamAV Win.Malware.Emotet-9789558-0
Kaspersky HEUR:Trojan-Banker.Win32.Emotet.pef
BitDefender Trojan.Emotet.AJE
NANO-Antivirus Trojan.Win32.Emotet.hpowbf
Paloalto generic.ml
Tencent Malware.Win32.Gencirc.10cde55d
Ad-Aware Trojan.Emotet.AJE
TACHYON Banker/W32.Emotet.561152.G
Emsisoft Trojan.Emotet (A)
Comodo Malware@#17gztoxzkgrjp
F-Secure Trojan.TR/AD.Emotet.sbcgr
Zillya Backdoor.Emotet.Win32.843
TrendMicro TrojanSpy.Win32.EMOTET.THHOFBO
McAfee-GW-Edition BehavesLike.Win32.Emotet.hh
Sophos Mal/Generic-R + Troj/Emotet-CKN
Ikarus Trojan-Banker.Emotet
Jiangmin Trojan.Banker.Emotet.oaf
Avira TR/AD.Emotet.sbcgr
Antiy-AVL Trojan[Banker]/Win32.Emotet
Kingsoft Win32.Hack.Undef.(kcloud)
Gridinsoft Trojan.Win32.Emotet.oa
Microsoft Trojan:Win32/Emotet.ARJ!MTB
AegisLab Trojan.Win32.Emotet.L!c
ZoneAlarm HEUR:Trojan-Banker.Win32.Emotet.pef
GData Trojan.Emotet.AJE
Cynet Malicious (score: 90)
AhnLab-V3 Malware/Win32.Generic.C4174557
VBA32 Backdoor.Emotet
ALYac Trojan.Emotet.AJE
MAX malware (ai score=80)
Malwarebytes Trojan.MalPack.TRE
Connects to IP addresses that are no longer responding to requests (legitimate services will remain up-and-running usually) (2 个事件)
dead_host 198.57.203.63:8080
dead_host 201.235.10.215:80
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

2020-07-31 04:52:02

Imports

Library KERNEL32.dll:
0x4481a4 LCMapStringA
0x4481a8 LCMapStringW
0x4481b0 HeapDestroy
0x4481b4 HeapCreate
0x4481b8 VirtualFree
0x4481bc IsBadWritePtr
0x4481c4 GetStdHandle
0x4481dc SetHandleCount
0x4481e0 HeapSize
0x4481e8 GetCurrentProcessId
0x4481f0 GetStringTypeA
0x4481f4 GetStringTypeW
0x4481f8 IsBadReadPtr
0x4481fc IsBadCodePtr
0x448200 SetStdHandle
0x448208 TerminateProcess
0x44820c HeapReAlloc
0x448210 InterlockedExchange
0x448214 GetCommandLineA
0x448218 GetStartupInfoA
0x44821c GetDateFormatA
0x448220 GetTimeFormatA
0x448224 VirtualQuery
0x448228 GetSystemInfo
0x44822c VirtualAlloc
0x448230 VirtualProtect
0x448234 HeapFree
0x448238 HeapAlloc
0x44823c RtlUnwind
0x448240 GetTickCount
0x448244 SetErrorMode
0x44824c GetShortPathNameA
0x448250 CreateFileA
0x448258 DuplicateHandle
0x44825c GetFileSize
0x448260 SetEndOfFile
0x448264 UnlockFile
0x448268 LockFile
0x44826c FlushFileBuffers
0x448270 SetFilePointer
0x448274 WriteFile
0x448278 ReadFile
0x44827c DeleteFileA
0x448280 MoveFileA
0x44828c GetOEMCP
0x448290 GetCPInfo
0x448298 RaiseException
0x44829c TlsFree
0x4482a4 LocalReAlloc
0x4482a8 TlsSetValue
0x4482ac TlsAlloc
0x4482b4 TlsGetValue
0x4482bc GlobalHandle
0x4482c0 GlobalReAlloc
0x4482c8 LocalAlloc
0x4482cc GlobalFlags
0x4482d0 GetDiskFreeSpaceA
0x4482d4 GetFullPathNameA
0x4482d8 GetTempFileNameA
0x4482dc GetFileTime
0x4482e0 SetFileTime
0x4482e4 GetFileAttributesA
0x4482f8 GetCurrentThread
0x4482fc GetModuleFileNameA
0x448308 lstrcmpA
0x44830c SetLastError
0x448310 GlobalFree
0x448314 MulDiv
0x448318 GlobalAlloc
0x44831c FormatMessageA
0x448320 LocalFree
0x448324 FreeResource
0x448328 GetCurrentThreadId
0x44832c GlobalFindAtomA
0x448330 GlobalDeleteAtom
0x448334 LoadLibraryA
0x448338 FreeLibrary
0x44833c lstrcatA
0x448340 lstrcmpW
0x448344 GetModuleHandleA
0x448348 lstrcpynA
0x44834c GlobalLock
0x448350 GlobalUnlock
0x448354 GlobalGetAtomNameA
0x448358 GlobalAddAtomA
0x44835c GetLogicalDrives
0x448360 FindNextFileA
0x448364 FindClose
0x448368 GetDriveTypeA
0x44836c lstrcpyA
0x448370 FindFirstFileA
0x448374 CloseHandle
0x448380 ExitProcess
0x448384 LoadLibraryExW
0x448388 GetProcAddress
0x44838c LoadLibraryExA
0x448390 GetCurrentProcess
0x448394 FindResourceA
0x448398 LoadResource
0x44839c LockResource
0x4483a0 SizeofResource
0x4483a4 GetStringTypeExA
0x4483a8 CompareStringW
0x4483ac CompareStringA
0x4483b0 lstrlenA
0x4483b4 lstrcmpiA
0x4483b8 GetVersion
0x4483bc GetLastError
0x4483c0 WideCharToMultiByte
0x4483c4 MultiByteToWideChar
0x4483c8 GetVersionExA
0x4483cc GetThreadLocale
0x4483d0 GetLocaleInfoA
0x4483d4 GetACP
0x4483d8 GetFileType
Library USER32.dll:
0x448440 SetWindowRgn
0x448444 DrawIcon
0x448448 FindWindowA
0x44844c MessageBeep
0x448450 GetNextDlgGroupItem
0x448454 SetCapture
0x448458 InvalidateRgn
0x448460 CharNextA
0x448464 DestroyIcon
0x448468 WindowFromPoint
0x44846c KillTimer
0x448470 SetTimer
0x448474 IsRectEmpty
0x448478 GetSysColorBrush
0x44847c GetMenuItemInfoA
0x448480 InflateRect
0x448484 EndPaint
0x448488 BeginPaint
0x44848c GetWindowDC
0x448490 ClientToScreen
0x448494 GrayStringA
0x448498 DrawTextExA
0x44849c DrawTextA
0x4484a0 TabbedTextOutA
0x4484a4 LoadCursorA
0x4484a8 DestroyCursor
0x4484ac SetRect
0x4484b4 MapDialogRect
0x4484b8 GetMessageA
0x4484bc TranslateMessage
0x4484c0 GetCursorPos
0x4484c4 ValidateRect
0x4484c8 ShowOwnedPopups
0x4484cc PostQuitMessage
0x4484d4 GetNextDlgTabItem
0x4484d8 EndDialog
0x4484dc GetMenuStringA
0x4484e0 InsertMenuA
0x4484e4 RemoveMenu
0x4484e8 GetDC
0x4484ec ReleaseDC
0x4484f0 IsZoomed
0x4484f4 SetMenuItemBitmaps
0x4484f8 ModifyMenuA
0x4484fc GetMenuState
0x448500 EnableMenuItem
0x448508 LoadBitmapA
0x44850c MoveWindow
0x448510 SetWindowTextA
0x448514 IsDialogMessageA
0x448518 SetDlgItemTextA
0x44851c CreateWindowExA
0x448520 SetWindowsHookExA
0x448524 CallNextHookEx
0x448528 GetClassLongA
0x44852c GetClassInfoExA
0x448530 SetPropA
0x448534 GetPropA
0x448538 SendDlgItemMessageA
0x44853c IsChild
0x448544 GetWindowTextA
0x448548 GetForegroundWindow
0x44854c DispatchMessageA
0x448550 BeginDeferWindowPos
0x448554 EndDeferWindowPos
0x448558 GetTopWindow
0x44855c DestroyWindow
0x448560 UnhookWindowsHookEx
0x448564 GetMessageTime
0x448568 GetMessagePos
0x44856c MapWindowPoints
0x448570 ScrollWindow
0x448574 MessageBoxA
0x448578 TrackPopupMenu
0x44857c SetScrollRange
0x448580 GetScrollRange
0x448584 SetScrollPos
0x448588 GetScrollPos
0x44858c SetForegroundWindow
0x448590 ShowScrollBar
0x448594 AdjustWindowRectEx
0x448598 ScreenToClient
0x44859c DeferWindowPos
0x4485a0 GetScrollInfo
0x4485a4 SetScrollInfo
0x4485a8 RegisterClassA
0x4485ac UnregisterClassA
0x4485b0 DefWindowProcA
0x4485b4 CallWindowProcA
0x4485b8 EnableWindow
0x4485bc SendMessageA
0x4485c0 CharUpperA
0x4485c4 UpdateWindow
0x4485c8 LoadIconA
0x4485cc GetSystemMenu
0x4485d0 DeleteMenu
0x4485d4 AppendMenuA
0x4485d8 CheckMenuItem
0x4485dc GetMenuItemCount
0x4485e0 GetMenuItemID
0x4485e8 GetWindowPlacement
0x4485ec GetWindowRect
0x4485f0 GetSystemMetrics
0x4485f4 PtInRect
0x4485fc wsprintfA
0x448600 LoadMenuA
0x448604 DestroyMenu
0x448608 GetClassNameA
0x44860c GetSysColor
0x448610 SetWindowPos
0x448614 WinHelpA
0x448618 SetFocus
0x44861c GetActiveWindow
0x448624 LockWindowUpdate
0x448628 GetDCEx
0x44862c GetFocus
0x448630 EqualRect
0x448634 GetDlgItem
0x448638 SetWindowLongA
0x44863c GetKeyState
0x448640 GetDlgCtrlID
0x448644 UnpackDDElParam
0x448648 ReuseDDElParam
0x44864c GetClassInfoA
0x448650 SetCursor
0x448654 PeekMessageA
0x448658 GetCapture
0x44865c ReleaseCapture
0x448664 PostThreadMessageA
0x448668 CreateMenu
0x44866c SetParent
0x448670 RemovePropA
0x448674 GetSubMenu
0x448678 GetMenu
0x44867c GetClientRect
0x448684 IsWindowEnabled
0x448688 GetWindow
0x44868c GetDesktopWindow
0x448690 IsWindow
0x448694 GetWindowLongA
0x448698 ShowWindow
0x44869c SetMenu
0x4486a0 PostMessageA
0x4486a4 BringWindowToTop
0x4486a8 GetLastActivePopup
0x4486ac CopyRect
0x4486b0 SetRectEmpty
0x4486b4 OffsetRect
0x4486b8 IntersectRect
0x4486bc CreatePopupMenu
0x4486c0 InsertMenuItemA
0x4486c4 IsIconic
0x4486c8 InvalidateRect
0x4486cc IsWindowVisible
0x4486d0 SetActiveWindow
0x4486d4 GetParent
0x4486d8 LoadAcceleratorsA
0x4486dc FillRect
Library GDI32.dll:
0x448058 SetWindowOrgEx
0x44805c SetWindowExtEx
0x448060 ScaleWindowExtEx
0x448068 ExtSelectClipRgn
0x44806c CreatePatternBrush
0x448070 CreateSolidBrush
0x448074 ScaleViewportExtEx
0x448078 CombineRgn
0x44807c GetMapMode
0x448080 GetBkColor
0x448084 GetTextColor
0x448088 GetRgnBox
0x44808c CreateEllipticRgn
0x448090 LPtoDP
0x448094 Ellipse
0x448098 GetNearestColor
0x44809c GetBkMode
0x4480a0 GetPolyFillMode
0x4480a4 GetROP2
0x4480a8 GetStretchBltMode
0x4480ac GetTextAlign
0x4480b0 GetTextFaceA
0x4480b4 GetWindowOrgEx
0x4480b8 SetViewportExtEx
0x4480bc OffsetViewportOrgEx
0x4480c0 SetViewportOrgEx
0x4480c4 Escape
0x4480c8 ExtTextOutA
0x4480cc TextOutA
0x4480d0 RectVisible
0x4480d4 PtVisible
0x4480d8 GetPixel
0x4480dc BitBlt
0x4480e0 GetWindowExtEx
0x4480e4 GetViewportExtEx
0x4480e8 CreateRectRgn
0x4480ec SelectClipRgn
0x4480f0 SetTextAlign
0x4480f4 MoveToEx
0x4480f8 LineTo
0x4480fc IntersectClipRect
0x448100 SetRectRgn
0x448104 CreateFontIndirectA
0x448108 SetMapMode
0x44810c SetStretchBltMode
0x448110 SetROP2
0x448114 SetPolyFillMode
0x448118 SetBkMode
0x44811c RestoreDC
0x448120 SaveDC
0x448124 EndDoc
0x448128 AbortDoc
0x44812c SetAbortProc
0x448130 EndPage
0x448134 StartPage
0x448138 StartDocA
0x44813c GetStockObject
0x448140 Rectangle
0x448144 DPtoLP
0x448148 GetViewportOrgEx
0x44814c CreatePen
0x448150 CreateDCA
0x448154 GetDeviceCaps
0x448158 PatBlt
0x448160 CreateFontA
0x448164 GetCharWidthA
0x448168 DeleteObject
0x44816c StretchDIBits
0x448170 DeleteDC
0x448178 GetTextMetricsA
0x44817c SelectObject
0x448180 CreateBitmap
0x448184 GetObjectA
0x448188 SetBkColor
0x44818c SetTextColor
0x448190 GetClipBox
0x448194 CreateCompatibleDC
0x44819c ExcludeClipRect
Library comdlg32.dll:
0x4486f8 GetOpenFileNameA
0x4486fc GetSaveFileNameA
0x448700 GetFileTitleA
0x448708 PrintDlgA
Library WINSPOOL.DRV:
0x4486e4 GetJobA
0x4486e8 OpenPrinterA
0x4486ec DocumentPropertiesA
0x4486f0 ClosePrinter
Library ADVAPI32.dll:
0x448000 RegCreateKeyA
0x448004 RegSetValueA
0x448008 RegOpenKeyA
0x44800c RegQueryValueExA
0x448010 RegOpenKeyExA
0x448014 RegDeleteKeyA
0x448018 RegEnumKeyA
0x44801c RegQueryValueA
0x448020 RegCreateKeyExA
0x448024 RegSetValueExA
0x448028 RegDeleteValueA
0x44802c SetFileSecurityA
0x448030 RegCloseKey
0x448034 GetFileSecurityA
Library SHELL32.dll:
0x448414 SHGetFileInfoA
0x448418 DragFinish
0x44841c DragQueryFileA
0x448420 ExtractIconA
0x448424 ShellAboutA
Library COMCTL32.dll:
0x448040 ImageList_Draw
0x448048
0x44804c ImageList_Destroy
0x448050 ImageList_Create
Library SHLWAPI.dll:
0x44842c PathFindFileNameA
0x448430 PathStripToRootA
0x448434 PathFindExtensionA
0x448438 PathIsUNCA
Library oledlg.dll:
0x448760
Library ole32.dll:
0x448710 CoRevokeClassObject
0x448718 OleFlushClipboard
0x44872c CoGetClassObject
0x448730 CLSIDFromString
0x448734 CLSIDFromProgID
0x448738 CoTaskMemAlloc
0x44873c CoTaskMemFree
0x448740 OleInitialize
0x448748 OleUninitialize
0x448754 IsAccelerator
Library OLEAUT32.dll:
0x4483e0 VariantClear
0x4483e4 VariantChangeType
0x4483e8 VariantInit
0x4483ec SysAllocStringLen
0x4483f0 SysFreeString
0x4483f4 SysStringLen
0x4483fc VariantCopy
0x448400 SafeArrayDestroy
0x448408 SysAllocString

Hosts

No hosts contacted.

TCP

No TCP connections recorded.

UDP

Source Source Port Destination Destination Port
192.168.56.101 49235 114.114.114.114 53
192.168.56.101 50534 114.114.114.114 53
192.168.56.101 56539 114.114.114.114 53
192.168.56.101 58367 114.114.114.114 53
192.168.56.101 65004 114.114.114.114 53
192.168.56.101 137 192.168.56.255 137
192.168.56.101 138 192.168.56.255 138
192.168.56.101 123 20.189.79.72 time.windows.com 123
192.168.56.101 53657 224.0.0.252 5355
192.168.56.101 55368 224.0.0.252 5355
192.168.56.101 56804 224.0.0.252 5355
192.168.56.101 60123 224.0.0.252 5355
192.168.56.101 62191 224.0.0.252 5355
192.168.56.101 1900 239.255.255.250 1900
192.168.56.101 56540 239.255.255.250 3702
192.168.56.101 56807 239.255.255.250 1900
192.168.56.101 58368 239.255.255.250 3702
192.168.56.101 58370 239.255.255.250 3702
192.168.56.101 58707 239.255.255.250 3702

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.