3.2
中危
59 个模型检测该样本为恶意!
重新分析
更多

c773993caab5bfa7f121ca1e79713083d5a2d386aebb803f52971e0cc1320599

f04effdc5bee0d724fb05018f49fc55d.exe

分析耗时

88s

最近分析

文件大小

1.9MB
静态报毒 动态报毒 5R0@AK2W50PI AAKA AI SCORE=88 BANKERX BSCOPE CONFIDENCE DGZLOGLN4A1PKKDGNA ELDORADO FSGA GENCIRC GENERICKDZ GENETIC GENKRYPTIK HDHT HIGH CONFIDENCE HJUKXC INJECT3 KPGXK KRYPT KRYPTIK KZIP MALICIOUS PE MALWARE@#IANFTD85AXMP QAKBOT QBOT R011C0DE220 R335066 SCORE SHADE SUSGEN UNSAFE URSNIF ZENPAK ZEXAF 更多
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
查杀引擎 查杀结果 查杀时间 查杀版本
McAfee Trojan-FSGA!F04EFFDC5BEE 20200515 6.0.6.653
Alibaba Backdoor:Win32/KZip.22c16f7e 20190527 0.3.0.5
Baidu 20190318 1.0.0.2
Avast Win32:BankerX-gen [Trj] 20200515 18.4.3895.0
Kingsoft 20200515 2013.8.14.323
Tencent Malware.Win32.Gencirc.10b9ebcd 20200515 1.0.0.1
CrowdStrike win/malicious_confidence_70% (W) 20190702 1.0
静态指标
Queries for the computername (1 个事件)
Time & API Arguments Status Return Repeated
1620031711.584626
GetComputerNameW
computer_name: OSKAR-PC
success 1 0
行为判定
动态指标
Allocates read-write-execute memory (usually to unpack itself) (4 个事件)
Time & API Arguments Status Return Repeated
1620031645.740626
NtAllocateVirtualMemory
process_identifier: 428
region_size: 225280
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 12288 (MEM_COMMIT|MEM_RESERVE)
base_address: 0x005f0000
success 0 0
1620031711.428626
NtAllocateVirtualMemory
process_identifier: 428
region_size: 221184
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 12288 (MEM_COMMIT|MEM_RESERVE)
base_address: 0x01fc0000
success 0 0
1620031711.428626
NtProtectVirtualMemory
process_identifier: 428
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
length: 237568
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
base_address: 0x00400000
success 0 0
1620031713.209999
NtAllocateVirtualMemory
process_identifier: 2236
region_size: 225280
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
process_handle: 0xffffffff
allocation_type: 12288 (MEM_COMMIT|MEM_RESERVE)
base_address: 0x01e30000
success 0 0
A process created a hidden window (1 个事件)
Time & API Arguments Status Return Repeated
1620031712.819626
CreateProcessInternalW
thread_identifier: 2412
thread_handle: 0x00000154
process_identifier: 2236
current_directory:
filepath:
track: 1
command_line: C:\Users\Administrator.Oskar-PC\AppData\Local\Temp\f04effdc5bee0d724fb05018f49fc55d.exe /C
filepath_r:
stack_pivoted: 0
creation_flags: 134217728 (CREATE_NO_WINDOW)
process_handle: 0x00000158
inherit_handles: 0
success 1 0
Searches running processes potentially to identify processes for sandbox evasion, code injection or memory dumping (2 个事件)
网络通信
Communicates with host for which no DNS query was performed (1 个事件)
host 172.217.24.14
File has been identified by 59 AntiVirus engines on VirusTotal as malicious (50 out of 59 个事件)
MicroWorld-eScan Trojan.GenericKDZ.66875
McAfee Trojan-FSGA!F04EFFDC5BEE
Cylance Unsafe
VIPRE Trojan.Win32.Generic!BT
Sangfor Malware
K7AntiVirus Trojan ( 00565c7f1 )
Alibaba Backdoor:Win32/KZip.22c16f7e
K7GW Trojan ( 00565c7f1 )
Cybereason malicious.c5bee0
TrendMicro TROJ_GEN.R011C0DE220
F-Prot W32/Kryptik.BMN.gen!Eldorado
Symantec Packed.Generic.459
APEX Malicious
Avast Win32:BankerX-gen [Trj]
ClamAV Win.Dropper.Qakbot-7727897-0
Kaspersky Trojan.Win32.Zenpak.aaka
BitDefender Trojan.GenericKDZ.66875
NANO-Antivirus Trojan.Win32.Inject3.hjukxc
Paloalto generic.ml
Rising Backdoor.Qakbot!8.C7B (TFE:dGZlOgLn4a1PkkDgNA)
Endgame malicious (high confidence)
Emsisoft Trojan.GenericKDZ.66875 (B)
Comodo Malware@#ianftd85axmp
F-Secure Trojan.TR/AD.Qbot.kpgxk
DrWeb Trojan.Inject3.39416
Zillya Trojan.Zenpak.Win32.2004
Invincea heuristic
McAfee-GW-Edition BehavesLike.Win32.Dropper.tz
MaxSecure Trojan.Malware.98461218.susgen
FireEye Generic.mg.f04effdc5bee0d72
Sophos Troj/Qbot-FS
Ikarus Trojan.Win32.Krypt
Cyren W32/Kryptik.BMN.gen!Eldorado
Jiangmin Trojan.Zenpak.bpc
Avira TR/AD.Qbot.kpgxk
MAX malware (ai score=88)
Antiy-AVL Trojan/Win32.Zenpak
Microsoft Trojan:Win32/Qbot.MXI!MTB
Arcabit Trojan.Generic.D1053B
ZoneAlarm Trojan.Win32.Zenpak.aaka
GData Trojan.GenericKDZ.66875
AhnLab-V3 Malware/Win32.RL_Generic.R335066
Acronis suspicious
VBA32 BScope.TrojanRansom.Shade
ALYac Trojan.GenericKDZ.66875
Ad-Aware Trojan.GenericKDZ.66875
Malwarebytes Backdoor.Qbot
ESET-NOD32 a variant of Win32/Kryptik.HDHT
TrendMicro-HouseCall Backdoor.Win32.QAKBOT.SMP
Tencent Malware.Win32.Gencirc.10b9ebcd
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

2020-04-30 22:42:56

Imports

Library KERNEL32.dll:
0x5e29e4 GetFileSize
0x5e29e8 GetStartupInfoA
0x5e29ec GetModuleHandleA
0x5e29f0 GetFileAttributesA
0x5e29f4 lstrcpynA
0x5e29f8 CreateDirectoryA
0x5e29fc GetACP
0x5e2a00 GetOEMCP
0x5e2a04 DeleteFileA
0x5e2a08 lstrlenA
0x5e2a0c WriteFile
0x5e2a10 SetFilePointer
0x5e2a14 ReadFile
0x5e2a18 CreateFileA
0x5e2a1c CloseHandle
0x5e2a20 GetModuleFileNameA
0x5e2a24 CopyFileA
0x5e2a28 GetTempPathA
0x5e2a2c GetTempFileNameA
0x5e2a34 LoadLibraryA
0x5e2a38 GetLastError
0x5e2a3c GetProcAddress
0x5e2a40 FreeLibrary
0x5e2a44 lstrcpyA
0x5e2a48 lstrcatA
0x5e2a50 FindFirstVolumeA
0x5e2a58 CreateFileW
0x5e2a5c GlobalGetAtomNameW
0x5e2a60 LocalFree
0x5e2a68 Module32FirstW
0x5e2a6c GetCalendarInfoW
0x5e2a70 GetWriteWatch
0x5e2a74 FindResourceExW
0x5e2a78 LoadModule
0x5e2a80 _hwrite
0x5e2a94 VirtualFree
0x5e2a98 VirtualAlloc
0x5e2a9c LocalAlloc
0x5e2aa0 GetTickCount
0x5e2aa8 GetVersion
0x5e2aac GetCurrentThreadId
0x5e2ab8 VirtualQuery
0x5e2abc WideCharToMultiByte
0x5e2ac0 MultiByteToWideChar
0x5e2ac4 LoadLibraryExA
0x5e2ac8 GetThreadLocale
0x5e2acc GetLocaleInfoA
0x5e2ad0 GetCommandLineA
0x5e2ad4 FindFirstFileA
0x5e2ad8 FindClose
0x5e2adc ExitProcess
0x5e2ae0 ExitThread
0x5e2ae4 CreateThread
0x5e2aec RtlUnwind
0x5e2af0 RaiseException
0x5e2af4 GetStdHandle
0x5e2af8 TlsSetValue
0x5e2afc TlsGetValue
0x5e2b00 lstrcmpA
0x5e2b08 WaitForSingleObject
0x5e2b0c Sleep
0x5e2b10 SizeofResource
0x5e2b14 SetThreadLocale
0x5e2b18 SetEvent
0x5e2b1c SetErrorMode
0x5e2b20 SetEndOfFile
0x5e2b24 ResumeThread
0x5e2b28 ResetEvent
0x5e2b30 MulDiv
0x5e2b34 LockResource
0x5e2b38 LoadResource
0x5e2b3c GlobalUnlock
0x5e2b40 GlobalSize
0x5e2b44 GlobalReAlloc
0x5e2b48 GlobalHandle
0x5e2b4c GlobalLock
0x5e2b50 GlobalFree
0x5e2b54 GlobalFindAtomA
0x5e2b58 GlobalDeleteAtom
0x5e2b5c GlobalAlloc
0x5e2b60 GlobalAddAtomA
0x5e2b64 GetVersionExA
0x5e2b68 GetUserDefaultLCID
0x5e2b6c GetSystemInfo
0x5e2b70 GetStringTypeExA
0x5e2b78 GetLocalTime
0x5e2b7c GetFullPathNameA
0x5e2b80 GetExitCodeThread
0x5e2b84 GetDiskFreeSpaceA
0x5e2b88 GetDateFormatA
0x5e2b8c GetCurrentProcessId
0x5e2b90 GetComputerNameA
0x5e2b94 GetCPInfo
0x5e2b98 FreeResource
0x5e2b9c InterlockedExchange
0x5e2ba0 FormatMessageA
0x5e2ba4 FindResourceA
0x5e2bb4 EnumCalendarInfoA
0x5e2bb8 CreateProcessA
0x5e2bbc CreateMutexA
0x5e2bc0 CreateEventA
0x5e2bc4 CompareStringA
0x5e2bc8 GetModuleHandleW
0x5e2bcc LoadLibraryW
Library USER32.dll:
0x5e2bd4 GetCursorPos
0x5e2bd8 GetWindowRect
0x5e2bdc GetActiveWindow
0x5e2be0 SetClassLongA
0x5e2be4 GetSystemMenu
0x5e2be8 AppendMenuA
0x5e2bec LoadIconA
0x5e2bf0 wsprintfA
0x5e2bf4 EnableWindow
0x5e2bf8 SendMessageA
0x5e2bfc DispatchMessageA
0x5e2c00 TranslateMessage
0x5e2c04 PeekMessageA
0x5e2c08 PostQuitMessage
0x5e2c0c MessageBoxA
0x5e2c10 LoadStringA
0x5e2c14 GetWindowLongA
0x5e2c18 LoadCursorFromFileA
0x5e2c1c SetMenu
0x5e2c20 HiliteMenuItem
0x5e2c24 OffsetRect
0x5e2c2c SetLastErrorEx
0x5e2c34 GetUpdateRgn
0x5e2c38 DefDlgProcA
0x5e2c40 LockWindowUpdate
0x5e2c44 CascadeWindows
0x5e2c4c EnumPropsExA
0x5e2c54 MessageBoxIndirectW
0x5e2c58 GetKeyboardType
0x5e2c5c CharNextA
0x5e2c60 CreateWindowExA
0x5e2c64 WindowFromPoint
0x5e2c68 WinHelpA
0x5e2c6c WaitMessage
0x5e2c70 UpdateWindow
0x5e2c74 UnregisterClassA
0x5e2c78 UnhookWindowsHookEx
0x5e2c7c TrackPopupMenu
0x5e2c84 ShowWindow
0x5e2c88 ShowScrollBar
0x5e2c8c ShowOwnedPopups
0x5e2c90 ShowCursor
0x5e2c94 SetWindowsHookExA
0x5e2c98 SetWindowTextA
0x5e2c9c SetWindowPos
0x5e2ca0 SetWindowPlacement
0x5e2ca4 SetWindowLongA
0x5e2ca8 SetTimer
0x5e2cac SetScrollRange
0x5e2cb0 SetScrollPos
0x5e2cb4 SetScrollInfo
0x5e2cb8 SetRect
0x5e2cbc SetPropA
0x5e2cc0 SetParent
0x5e2cc4 SetMenuItemInfoA
0x5e2cc8 SetForegroundWindow
0x5e2ccc SetFocus
0x5e2cd0 SetCursor
0x5e2cd4 SetClipboardData
0x5e2cd8 SetCapture
0x5e2cdc SetActiveWindow
0x5e2ce0 ScrollWindow
0x5e2ce4 ScreenToClient
0x5e2ce8 RemovePropA
0x5e2cec RemoveMenu
0x5e2cf0 ReleaseDC
0x5e2cf4 ReleaseCapture
0x5e2d00 RegisterClassA
0x5e2d04 RedrawWindow
0x5e2d08 PtInRect
0x5e2d0c PostMessageA
0x5e2d10 OpenClipboard
0x5e2d14 OemToCharA
0x5e2d18 MessageBeep
0x5e2d1c MapWindowPoints
0x5e2d20 MapVirtualKeyA
0x5e2d24 LoadKeyboardLayoutA
0x5e2d28 LoadCursorA
0x5e2d2c LoadBitmapA
0x5e2d30 KillTimer
0x5e2d34 IsZoomed
0x5e2d38 IsWindowVisible
0x5e2d3c IsWindowEnabled
0x5e2d40 IsWindow
0x5e2d44 IsRectEmpty
0x5e2d48 IsIconic
0x5e2d4c IsDialogMessageA
0x5e2d54 IsChild
0x5e2d58 InvalidateRect
0x5e2d5c IntersectRect
0x5e2d60 InsertMenuItemA
0x5e2d64 InsertMenuA
0x5e2d68 InflateRect
0x5e2d70 GetWindowTextA
0x5e2d74 GetWindowPlacement
0x5e2d78 GetWindowDC
0x5e2d7c GetTopWindow
0x5e2d80 GetSystemMetrics
0x5e2d84 GetSysColorBrush
0x5e2d88 GetSysColor
0x5e2d8c GetSubMenu
0x5e2d90 GetScrollRange
0x5e2d94 GetScrollPos
0x5e2d98 GetScrollInfo
0x5e2d9c GetPropA
0x5e2da0 GetParent
0x5e2da4 GetWindow
0x5e2da8 GetMessageTime
0x5e2dac GetMessagePos
0x5e2db0 GetMenuStringA
0x5e2db4 GetMenuState
0x5e2db8 GetMenuItemInfoA
0x5e2dbc GetMenuItemID
0x5e2dc0 GetMenuItemCount
0x5e2dc4 GetMenu
0x5e2dc8 GetLastActivePopup
0x5e2dcc GetKeyboardState
0x5e2dd4 GetKeyboardLayout
0x5e2dd8 GetKeyState
0x5e2ddc GetKeyNameTextA
0x5e2de0 GetIconInfo
0x5e2de4 GetForegroundWindow
0x5e2de8 GetFocus
0x5e2dec GetDoubleClickTime
0x5e2df0 GetDlgItem
0x5e2df4 GetDesktopWindow
0x5e2df8 GetDCEx
0x5e2dfc GetDC
0x5e2e00 GetCursor
0x5e2e04 GetClipboardData
0x5e2e08 GetClientRect
0x5e2e0c GetClassNameA
0x5e2e10 GetClassInfoA
0x5e2e14 GetCapture
0x5e2e18 GetAsyncKeyState
0x5e2e1c FrameRect
0x5e2e20 FindWindowA
0x5e2e24 FillRect
0x5e2e28 EqualRect
0x5e2e2c EnumWindows
0x5e2e30 EnumThreadWindows
0x5e2e38 EndPaint
0x5e2e3c EndDeferWindowPos
0x5e2e40 EnableScrollBar
0x5e2e44 EnableMenuItem
0x5e2e48 EmptyClipboard
0x5e2e4c DrawTextA
0x5e2e50 DrawMenuBar
0x5e2e54 DrawIconEx
0x5e2e58 DrawIcon
0x5e2e5c DrawFrameControl
0x5e2e60 DrawFocusRect
0x5e2e64 DrawEdge
0x5e2e68 DestroyWindow
0x5e2e6c DestroyMenu
0x5e2e70 DestroyIcon
0x5e2e74 DestroyCursor
0x5e2e78 DeleteMenu
0x5e2e7c DeferWindowPos
0x5e2e80 DefWindowProcA
0x5e2e84 DefMDIChildProcA
0x5e2e88 DefFrameProcA
0x5e2e8c CreatePopupMenu
0x5e2e90 CreateMenu
0x5e2e94 CreateIcon
0x5e2e98 CloseClipboard
0x5e2e9c ClientToScreen
0x5e2ea4 CheckMenuItem
0x5e2ea8 CallWindowProcA
0x5e2eac CallNextHookEx
0x5e2eb0 BeginPaint
0x5e2eb4 BeginDeferWindowPos
0x5e2eb8 CharLowerBuffA
0x5e2ebc CharLowerA
0x5e2ec0 CharUpperBuffA
0x5e2ec4 CharToOemA
0x5e2ec8 AdjustWindowRectEx
0x5e2ed0 LoadIconW
Library GDI32.dll:
0x5e2ed8 Escape
0x5e2ee0 SetColorAdjustment
0x5e2ee4 SetFontEnumeration
0x5e2ee8 GdiEntry14
0x5e2eec GdiEntry4
0x5e2ef0 ResizePalette
0x5e2ef8 GetObjectType
0x5e2efc OffsetClipRgn
0x5e2f00 GdiEntry16
0x5e2f04 GetGlyphOutlineWow
0x5e2f08 OffsetRgn
0x5e2f0c SetBitmapBits
0x5e2f10 RoundRect
0x5e2f14 GetColorSpace
0x5e2f18 GdiEntry12
0x5e2f1c SetMapMode
0x5e2f20 SetTextAlign
0x5e2f24 CombineRgn
0x5e2f28 GetLogColorSpaceW
0x5e2f2c GetFontAssocStatus
0x5e2f30 SetGraphicsMode
0x5e2f34 GetDeviceCaps
0x5e2f38 GetTextCharset
0x5e2f3c InvertRgn
0x5e2f40 GetCharABCWidthsI
0x5e2f44 ExcludeClipRect
0x5e2f48 EngStretchBltROP
0x5e2f4c TextOutW
0x5e2f50 EndPath
0x5e2f58 CheckColorsInGamut
0x5e2f60 GdiGetSpoolMessage
0x5e2f64 GetPaletteEntries
0x5e2f68 GetWindowExtEx
0x5e2f6c GdiConvertBrush
0x5e2f70 GetETM
0x5e2f74 bMakePathNameW
0x5e2f78 Pie
0x5e2f7c StartPage
0x5e2f80 EngComputeGlyphSet
0x5e2f84 SelectClipPath
0x5e2f88 CreateRoundRectRgn
0x5e2f8c EngCopyBits
0x5e2f90 GetClipRgn
0x5e2f94 UnrealizeObject
0x5e2f98 StretchBlt
0x5e2f9c SetWindowOrgEx
0x5e2fa0 SetWinMetaFileBits
0x5e2fa4 SetViewportOrgEx
0x5e2fa8 SetTextColor
0x5e2fac SetStretchBltMode
0x5e2fb0 SetROP2
0x5e2fb4 SetPixel
0x5e2fb8 SetEnhMetaFileBits
0x5e2fbc SetDIBColorTable
0x5e2fc0 SetBrushOrgEx
0x5e2fc4 SetBkMode
0x5e2fc8 SetBkColor
0x5e2fcc SelectPalette
0x5e2fd0 SelectObject
0x5e2fd4 SelectClipRgn
0x5e2fd8 SaveDC
0x5e2fdc RestoreDC
0x5e2fe0 Rectangle
0x5e2fe4 RectVisible
0x5e2fe8 RealizePalette
0x5e2fec Polyline
0x5e2ff0 PlayEnhMetaFile
0x5e2ff4 PatBlt
0x5e2ff8 MoveToEx
0x5e2ffc MaskBlt
0x5e3000 LineTo
0x5e3004 LPtoDP
0x5e3008 IntersectClipRect
0x5e300c GetWindowOrgEx
0x5e3010 GetWinMetaFileBits
0x5e3014 GetTextMetricsA
0x5e301c GetStockObject
0x5e3020 GetRgnBox
0x5e3024 GetPixel
0x5e3028 GetObjectA
0x5e302c GetFontLanguageInfo
0x5e303c GetEnhMetaFileBits
0x5e3040 GetDIBits
0x5e3044 GetDIBColorTable
0x5e3048 GetDCOrgEx
0x5e3050 GetClipBox
0x5e3054 GetBrushOrgEx
0x5e3058 GetBitmapBits
0x5e305c ExtTextOutA
0x5e3060 Ellipse
0x5e3064 DeleteObject
0x5e3068 DeleteEnhMetaFile
0x5e306c DeleteDC
0x5e3070 CreateSolidBrush
0x5e3074 CreateRectRgn
0x5e3078 CreatePenIndirect
0x5e307c CreatePalette
0x5e3084 CreateFontIndirectA
0x5e3088 CreateEnhMetaFileA
0x5e308c CreateDIBitmap
0x5e3090 CreateDIBSection
0x5e3094 CreateCompatibleDC
0x5e309c CreateBrushIndirect
0x5e30a0 CreateBitmap
0x5e30a4 CopyEnhMetaFileA
0x5e30a8 CloseEnhMetaFile
0x5e30ac BitBlt
0x5e30b0 GetEnhMetaFileA
Library COMDLG32.dll:
0x5e30b8 ChooseColorA
0x5e30bc GetSaveFileNameA
0x5e30c0 GetOpenFileNameA
Library ADVAPI32.dll:
0x5e30c8 RegDeleteKeyA
0x5e30cc RegCreateKeyExA
0x5e30d0 RegQueryValueExA
0x5e30d4 RegOpenKeyExA
0x5e30d8 RegSetValueExA
0x5e30dc RegCloseKey
0x5e30e0 RegEnumValueA
0x5e30e4 RegDeleteValueA
0x5e30e8 CryptDestroyHash
0x5e30ec CryptHashData
0x5e30f0 CryptCreateHash
0x5e30f4 CryptDecrypt
0x5e30f8 CryptEncrypt
0x5e30fc CryptDestroyKey
0x5e3100 CryptDeriveKey
0x5e3104 CryptReleaseContext
Library SHELL32.dll:
0x5e311c FindExecutableW
0x5e3120 SHGetDesktopFolder
0x5e3124 SHGetFolderLocation
0x5e3128 DragQueryFile
0x5e3134 ExtractIconExW
0x5e3138 ExtractIconA
0x5e313c ShellExecuteEx
0x5e3144 SHEmptyRecycleBinW
0x5e3148 WOWShellExecute
0x5e3154 ShellExecuteW
0x5e3158 SHGetMalloc
0x5e315c Shell_NotifyIcon
0x5e3160 DragFinish
0x5e3168 ExtractIconW
0x5e316c DuplicateIcon
0x5e3170 SHBrowseForFolderA
0x5e3178 SHGetFileInfoW
0x5e317c Shell_NotifyIconA
0x5e3180 ShellExecuteA
Library ole32.dll:
0x5e3188 CoTaskMemFree
0x5e318c StringFromCLSID
0x5e3194 IsAccelerator
0x5e3198 OleDraw
0x5e31a0 CoTaskMemAlloc
0x5e31a4 CoCreateGuid
0x5e31a8 ProgIDFromCLSID
0x5e31ac CoCreateInstance
0x5e31b4 CoGetClassObject
0x5e31b8 CoUninitialize
0x5e31bc CoInitialize
0x5e31c0 IsEqualGUID
Library SHLWAPI.dll:
0x5e31c8 StrRStrIW
0x5e31cc StrRChrA
0x5e31d0 StrCmpNA
0x5e31d4 StrRChrIW
Library COMCTL32.dll:
0x5e31e4 ImageList_Write
0x5e31e8 ImageList_Read
0x5e31f8 ImageList_DragMove
0x5e31fc ImageList_DragLeave
0x5e3200 ImageList_DragEnter
0x5e3204 ImageList_EndDrag
0x5e3208 ImageList_BeginDrag
0x5e320c ImageList_GetIcon
0x5e3210 ImageList_Remove
0x5e3214 ImageList_DrawEx
0x5e3218 ImageList_Replace
0x5e321c ImageList_Draw
0x5e322c ImageList_Add
0x5e3234 ImageList_Destroy
0x5e3238 ImageList_Create
0x5e323c

Hosts

No hosts contacted.

TCP

No TCP connections recorded.

UDP

Source Source Port Destination Destination Port
192.168.56.101 49235 114.114.114.114 53
192.168.56.101 50534 114.114.114.114 53
192.168.56.101 56539 114.114.114.114 53
192.168.56.101 65004 114.114.114.114 53
192.168.56.101 137 192.168.56.255 137
192.168.56.101 138 192.168.56.255 138
192.168.56.101 55368 224.0.0.252 5355
192.168.56.101 56804 224.0.0.252 5355
192.168.56.101 60123 224.0.0.252 5355
192.168.56.101 62191 224.0.0.252 5355
192.168.56.101 1900 239.255.255.250 1900
192.168.56.101 50535 239.255.255.250 3702
192.168.56.101 50537 239.255.255.250 3702
192.168.56.101 56540 239.255.255.250 3702
192.168.56.101 56807 239.255.255.250 1900
192.168.56.101 58707 239.255.255.250 3702

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.