1.2
低危
8 个模型检测该样本为恶意!
重新分析
更多

50760615d30d5f1d04b632bee1291437abc2fe498b1454e3a14939a7a8044621

fd366af36d44a9e1b0213f07c3580e99.exe

分析耗时

77s

最近分析

文件大小

1.0MB
静态报毒 动态报毒 ARTEMIS PREDATOR PRESENOKER UNSAFE
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
查杀引擎 查杀结果 查杀时间 查杀版本
McAfee Artemis!FD366AF36D44 20200115 6.0.6.653
Alibaba 20190527 0.3.0.5
Baidu 20190318 1.0.0.2
Avast 20200115 18.4.3895.0
Kingsoft 20200115 2013.8.14.323
Tencent 20200115 1.0.0.1
CrowdStrike 20190702 1.0
行为判定
动态指标
File has been identified by 8 AntiVirus engines on VirusTotal as malicious (8 个事件)
McAfee Artemis!FD366AF36D44
Cylance Unsafe
Kaspersky UDS:DangerousObject.Multi.Generic
McAfee-GW-Edition BehavesLike.Win64.Dropper.th
Jiangmin Trojan.PSW.Predator.fk
AegisLab Trojan.Multi.Generic.4!c
ZoneAlarm UDS:DangerousObject.Multi.Generic
VBA32 Adware.Presenoker
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

2019-04-05 05:13:43

Imports

Library WSOCK32.dll:
0x1400c4de8 WSACleanup
0x1400c4df0 inet_addr
0x1400c4df8 gethostbyname
0x1400c4e00 gethostname
0x1400c4e08 WSAStartup
Library WINMM.dll:
0x1400c4d80 mixerSetControlDetails
0x1400c4d88 waveOutGetVolume
0x1400c4d90 joyGetPosEx
0x1400c4d98 mixerGetControlDetailsW
0x1400c4da0 mixerOpen
0x1400c4da8 mixerGetDevCapsW
0x1400c4db0 mixerGetLineControlsW
0x1400c4db8 waveOutSetVolume
0x1400c4dc0 mixerClose
0x1400c4dc8 mciSendStringW
0x1400c4dd0 joyGetDevCapsW
0x1400c4dd8 mixerGetLineInfoW
Library VERSION.dll:
0x1400c4d60 VerQueryValueW
0x1400c4d68 GetFileVersionInfoW
0x1400c4d70 GetFileVersionInfoSizeW
Library COMCTL32.dll:
0x1400c40a0 ImageList_Create
0x1400c40a8 CreateStatusWindowW
0x1400c40b0 ImageList_ReplaceIcon
0x1400c40b8 ImageList_GetIconSize
0x1400c40c0 ImageList_Destroy
0x1400c40c8 ImageList_AddMasked
Library PSAPI.DLL:
0x1400c4780 GetModuleFileNameExW
0x1400c4788 GetProcessImageFileNameW
0x1400c4790 GetModuleBaseNameW
Library KERNEL32.dll:
0x1400c4210 LockResource
0x1400c4218 FindFirstFileW
0x1400c4220 FindNextFileW
0x1400c4228 FindClose
0x1400c4230 FileTimeToLocalFileTime
0x1400c4238 SetEnvironmentVariableW
0x1400c4240 Beep
0x1400c4248 MoveFileW
0x1400c4250 OutputDebugStringW
0x1400c4258 CreateProcessW
0x1400c4260 GetFileAttributesW
0x1400c4268 WideCharToMultiByte
0x1400c4270 MultiByteToWideChar
0x1400c4278 GetExitCodeProcess
0x1400c4280 WriteProcessMemory
0x1400c4288 ReadProcessMemory
0x1400c4290 GetCurrentProcessId
0x1400c4298 OpenProcess
0x1400c42a0 TerminateProcess
0x1400c42a8 SetPriorityClass
0x1400c42b0 SetLastError
0x1400c42b8 GetEnvironmentVariableW
0x1400c42c0 GetLocalTime
0x1400c42c8 GetDateFormatW
0x1400c42d0 GetTimeFormatW
0x1400c42d8 GetDiskFreeSpaceW
0x1400c42e0 SetVolumeLabelW
0x1400c42e8 CreateFileW
0x1400c42f0 DeviceIoControl
0x1400c42f8 GetDriveTypeW
0x1400c4300 GetVolumeInformationW
0x1400c4308 CreateDirectoryW
0x1400c4310 ReadFile
0x1400c4318 WriteFile
0x1400c4320 DeleteFileW
0x1400c4328 SetFileAttributesW
0x1400c4330 LocalFileTimeToFileTime
0x1400c4338 SetFileTime
0x1400c4340 GetFileSizeEx
0x1400c4348 GetSystemTime
0x1400c4358 GetComputerNameW
0x1400c4360 GetWindowsDirectoryW
0x1400c4368 GetTempPathW
0x1400c4370 GetFullPathNameW
0x1400c4378 GetShortPathNameW
0x1400c4380 EnterCriticalSection
0x1400c4388 LeaveCriticalSection
0x1400c4390 VirtualProtect
0x1400c4398 LoadResource
0x1400c43a0 CompareStringW
0x1400c43a8 RemoveDirectoryW
0x1400c43b0 CopyFileW
0x1400c43b8 GetCurrentProcess
0x1400c43c0 FormatMessageW
0x1400c43c8 GetPrivateProfileStringW
0x1400c43f0 SetEndOfFile
0x1400c43f8 GetACP
0x1400c4400 GetFileType
0x1400c4408 GetStdHandle
0x1400c4410 SetFilePointerEx
0x1400c4418 SystemTimeToFileTime
0x1400c4420 FileTimeToSystemTime
0x1400c4428 GetFileSize
0x1400c4430 IsWow64Process
0x1400c4438 VirtualAllocEx
0x1400c4440 VirtualFreeEx
0x1400c4448 EnumResourceNamesW
0x1400c4450 LoadLibraryExW
0x1400c4458 GlobalSize
0x1400c4460 TlsGetValue
0x1400c4468 TlsAlloc
0x1400c4478 RtlUnwindEx
0x1400c4480 RaiseException
0x1400c4488 EncodePointer
0x1400c4490 RtlPcToFileHeader
0x1400c4498 InitializeSListHead
0x1400c44a0 QueryPerformanceCounter
0x1400c44b0 GetStartupInfoW
0x1400c44c0 UnhandledExceptionFilter
0x1400c44c8 IsDebuggerPresent
0x1400c44d0 RtlVirtualUnwind
0x1400c44d8 RtlLookupFunctionEntry
0x1400c44e0 RtlCaptureContext
0x1400c44e8 CreateEventW
0x1400c44f0 WaitForSingleObjectEx
0x1400c44f8 ResetEvent
0x1400c4500 SetEvent
0x1400c4508 GetCommandLineW
0x1400c4510 ExitProcess
0x1400c4518 GetModuleHandleExW
0x1400c4520 HeapSize
0x1400c4528 HeapReAlloc
0x1400c4530 HeapQueryInformation
0x1400c4538 HeapFree
0x1400c4540 HeapAlloc
0x1400c4548 SizeofResource
0x1400c4550 FindResourceW
0x1400c4558 GetSystemTimeAsFileTime
0x1400c4560 GetModuleFileNameW
0x1400c4568 DeleteCriticalSection
0x1400c4570 GetCPInfo
0x1400c4578 GetVersionExW
0x1400c4580 FreeLibrary
0x1400c4588 LoadLibraryW
0x1400c4590 GetModuleHandleW
0x1400c4598 GetProcAddress
0x1400c45a0 GetLastError
0x1400c45a8 CreateMutexW
0x1400c45b0 CloseHandle
0x1400c45b8 GetExitCodeThread
0x1400c45c0 SetThreadPriority
0x1400c45c8 CreateThread
0x1400c45d0 GetStringTypeExW
0x1400c45d8 lstrcmpiW
0x1400c45e0 GetCurrentThreadId
0x1400c45e8 GlobalUnlock
0x1400c45f0 GlobalFree
0x1400c45f8 GlobalAlloc
0x1400c4600 GlobalLock
0x1400c4608 GetCurrentDirectoryW
0x1400c4610 SetErrorMode
0x1400c4620 SetCurrentDirectoryW
0x1400c4628 Sleep
0x1400c4630 GetTickCount
0x1400c4638 MulDiv
0x1400c4640 TlsSetValue
0x1400c4648 TlsFree
0x1400c4650 LCMapStringW
0x1400c4658 GetStringTypeW
0x1400c4660 GetConsoleCP
0x1400c4668 GetConsoleMode
0x1400c4670 GetProcessHeap
0x1400c4678 FindFirstFileExW
0x1400c4680 IsValidCodePage
0x1400c4688 GetCommandLineA
0x1400c4690 GetOEMCP
0x1400c4698 GetEnvironmentStringsW
0x1400c46a0 FreeEnvironmentStringsW
0x1400c46a8 SetStdHandle
0x1400c46b0 FlushFileBuffers
0x1400c46b8 WriteConsoleW
0x1400c46c0 QueryDosDeviceW
0x1400c46c8 ReadConsoleW
Library USER32.dll:
0x1400c4810 RedrawWindow
0x1400c4818 SetWindowLongPtrW
0x1400c4820 SetParent
0x1400c4828 GetClassInfoExW
0x1400c4830 GetAncestor
0x1400c4838 UpdateWindow
0x1400c4840 GetMessagePos
0x1400c4848 GetClassLongPtrW
0x1400c4850 DefDlgProcW
0x1400c4858 CallWindowProcW
0x1400c4860 CheckRadioButton
0x1400c4868 IntersectRect
0x1400c4870 GetUpdateRect
0x1400c4878 PtInRect
0x1400c4888 GetWindowLongPtrW
0x1400c4890 CreateAcceleratorTableW
0x1400c4898 DestroyAcceleratorTable
0x1400c48a0 InsertMenuItemW
0x1400c48a8 SetMenuDefaultItem
0x1400c48b0 RemoveMenu
0x1400c48b8 SetMenuItemInfoW
0x1400c48c0 IsMenu
0x1400c48c8 GetMenuItemInfoW
0x1400c48d0 CreateMenu
0x1400c48d8 CreatePopupMenu
0x1400c48e0 SetMenuInfo
0x1400c48e8 AppendMenuW
0x1400c48f0 DestroyMenu
0x1400c48f8 TrackPopupMenuEx
0x1400c4900 GetDesktopWindow
0x1400c4908 CopyImage
0x1400c4910 CreateIconIndirect
0x1400c4918 CreateIconFromResourceEx
0x1400c4920 EnumClipboardFormats
0x1400c4928 GetWindow
0x1400c4930 BringWindowToTop
0x1400c4938 MessageBoxW
0x1400c4940 GetTopWindow
0x1400c4948 MoveWindow
0x1400c4950 GetQueueStatus
0x1400c4958 GetWindowRect
0x1400c4960 GetClientRect
0x1400c4968 SystemParametersInfoW
0x1400c4970 AdjustWindowRectEx
0x1400c4978 DrawTextW
0x1400c4980 SetRect
0x1400c4988 GetIconInfo
0x1400c4990 MapWindowPoints
0x1400c4998 IsWindowVisible
0x1400c49a0 LoadImageW
0x1400c49a8 ChangeClipboardChain
0x1400c49b0 SetClipboardViewer
0x1400c49b8 LoadAcceleratorsW
0x1400c49c0 EnableMenuItem
0x1400c49c8 GetMenu
0x1400c49d0 CreateWindowExW
0x1400c49d8 RegisterClassExW
0x1400c49e0 LoadCursorW
0x1400c49e8 DestroyIcon
0x1400c49f0 DestroyWindow
0x1400c49f8 IsCharAlphaW
0x1400c4a00 MapVirtualKeyW
0x1400c4a08 ClientToScreen
0x1400c4a10 MapVirtualKeyExW
0x1400c4a18 GetKeyboardLayoutNameW
0x1400c4a20 ActivateKeyboardLayout
0x1400c4a28 GetGUIThreadInfo
0x1400c4a30 GetWindowTextW
0x1400c4a38 mouse_event
0x1400c4a40 WindowFromPoint
0x1400c4a48 GetSystemMetrics
0x1400c4a50 keybd_event
0x1400c4a58 SetKeyboardState
0x1400c4a60 GetKeyboardState
0x1400c4a68 GetCursorPos
0x1400c4a70 GetAsyncKeyState
0x1400c4a78 AttachThreadInput
0x1400c4a80 SendInput
0x1400c4a88 UnregisterHotKey
0x1400c4a90 RegisterHotKey
0x1400c4a98 PostQuitMessage
0x1400c4aa0 SendMessageTimeoutW
0x1400c4aa8 UnhookWindowsHookEx
0x1400c4ab0 SetWindowsHookExW
0x1400c4ab8 PostThreadMessageW
0x1400c4ac0 IsCharAlphaNumericW
0x1400c4ac8 IsCharUpperW
0x1400c4ad0 IsCharLowerW
0x1400c4ad8 ToUnicodeEx
0x1400c4ae0 GetKeyboardLayout
0x1400c4ae8 CallNextHookEx
0x1400c4af0 CharLowerW
0x1400c4af8 ReleaseDC
0x1400c4b00 GetDC
0x1400c4b08 OpenClipboard
0x1400c4b10 GetClipboardData
0x1400c4b18 GetClipboardFormatNameW
0x1400c4b20 RemovePropW
0x1400c4b28 SetPropW
0x1400c4b30 GetPropW
0x1400c4b38 FlashWindow
0x1400c4b40 SetMenu
0x1400c4b48 ExitWindowsEx
0x1400c4b50 GetMenuStringW
0x1400c4b58 GetSubMenu
0x1400c4b60 GetMenuItemID
0x1400c4b68 GetMenuItemCount
0x1400c4b70 GetSystemMenu
0x1400c4b78 GetLastInputInfo
0x1400c4b80 SetWindowTextW
0x1400c4b88 GetCursor
0x1400c4b90 CloseClipboard
0x1400c4b98 SetClipboardData
0x1400c4ba0 EmptyClipboard
0x1400c4ba8 PostMessageW
0x1400c4bb0 FindWindowW
0x1400c4bb8 EndDialog
0x1400c4bc0 IsWindow
0x1400c4bc8 DispatchMessageW
0x1400c4bd0 TranslateMessage
0x1400c4bd8 ShowWindow
0x1400c4be0 MessageBeep
0x1400c4be8 SetDlgItemTextW
0x1400c4bf0 GetDlgItem
0x1400c4bf8 SendDlgItemMessageW
0x1400c4c00 DialogBoxParamW
0x1400c4c08 SetForegroundWindow
0x1400c4c10 DefWindowProcW
0x1400c4c18 FillRect
0x1400c4c20 DrawIconEx
0x1400c4c28 GetSysColorBrush
0x1400c4c30 GetSysColor
0x1400c4c38 RegisterWindowMessageW
0x1400c4c40 IsIconic
0x1400c4c48 IsZoomed
0x1400c4c50 EnumWindows
0x1400c4c58 GetWindowTextLengthW
0x1400c4c60 EnableWindow
0x1400c4c68 InvalidateRect
0x1400c4c78 SetWindowPos
0x1400c4c80 SetWindowRgn
0x1400c4c88 CountClipboardFormats
0x1400c4c90 SetWindowLongW
0x1400c4c98 ScreenToClient
0x1400c4ca0 IsDialogMessageW
0x1400c4ca8 SendMessageW
0x1400c4cb0 IsWindowEnabled
0x1400c4cb8 GetWindowLongW
0x1400c4cc0 GetKeyState
0x1400c4cc8 TranslateAcceleratorW
0x1400c4cd0 KillTimer
0x1400c4cd8 PeekMessageW
0x1400c4ce0 GetFocus
0x1400c4ce8 GetClassNameW
0x1400c4cf0 GetWindowThreadProcessId
0x1400c4cf8 GetForegroundWindow
0x1400c4d00 GetMessageW
0x1400c4d08 SetTimer
0x1400c4d10 GetParent
0x1400c4d18 GetDlgCtrlID
0x1400c4d20 CharUpperW
0x1400c4d30 SetFocus
0x1400c4d38 SetActiveWindow
0x1400c4d40 VkKeyScanExW
0x1400c4d48 EnumChildWindows
0x1400c4d50 CheckMenuItem
Library GDI32.dll:
0x1400c40f8 GetPixel
0x1400c4100 GetClipRgn
0x1400c4108 GetCharABCWidthsW
0x1400c4110 SetBkMode
0x1400c4118 CreatePatternBrush
0x1400c4120 SetBrushOrgEx
0x1400c4128 EnumFontFamiliesExW
0x1400c4130 CreateDIBSection
0x1400c4138 GdiFlush
0x1400c4140 SetBkColor
0x1400c4148 ExcludeClipRect
0x1400c4150 SetTextColor
0x1400c4158 GetClipBox
0x1400c4160 BitBlt
0x1400c4168 CreateCompatibleBitmap
0x1400c4170 GetSystemPaletteEntries
0x1400c4178 GetDIBits
0x1400c4180 CreateCompatibleDC
0x1400c4188 CreatePolygonRgn
0x1400c4190 CreateRectRgn
0x1400c4198 CreateRoundRectRgn
0x1400c41a0 CreateEllipticRgn
0x1400c41a8 DeleteDC
0x1400c41b0 GetObjectW
0x1400c41b8 GetTextMetricsW
0x1400c41c0 GetTextFaceW
0x1400c41c8 SelectObject
0x1400c41d0 GetStockObject
0x1400c41d8 CreateDCW
0x1400c41e0 CreateSolidBrush
0x1400c41e8 CreateFontW
0x1400c41f0 FillRgn
0x1400c41f8 GetDeviceCaps
0x1400c4200 DeleteObject
Library COMDLG32.dll:
0x1400c40d8 CommDlgExtendedError
0x1400c40e0 GetSaveFileNameW
0x1400c40e8 GetOpenFileNameW
Library ADVAPI32.dll:
0x1400c4000 RegDeleteKeyW
0x1400c4008 RegSetValueExW
0x1400c4010 RegCreateKeyExW
0x1400c4018 RegQueryValueExW
0x1400c4020 AdjustTokenPrivileges
0x1400c4028 LookupPrivilegeValueW
0x1400c4030 OpenProcessToken
0x1400c4038 CloseServiceHandle
0x1400c4040 UnlockServiceDatabase
0x1400c4048 LockServiceDatabase
0x1400c4050 OpenSCManagerW
0x1400c4058 GetUserNameW
0x1400c4060 RegEnumKeyExW
0x1400c4068 RegEnumValueW
0x1400c4070 RegQueryInfoKeyW
0x1400c4078 RegOpenKeyExW
0x1400c4080 RegCloseKey
0x1400c4088 RegConnectRegistryW
0x1400c4090 RegDeleteValueW
Library SHELL32.dll:
0x1400c47a0 DragQueryPoint
0x1400c47a8 SHEmptyRecycleBinW
0x1400c47b0 SHFileOperationW
0x1400c47b8 SHGetPathFromIDListW
0x1400c47c0 SHBrowseForFolderW
0x1400c47c8 SHGetDesktopFolder
0x1400c47d0 SHGetMalloc
0x1400c47d8 SHGetFolderPathW
0x1400c47e0 ShellExecuteExW
0x1400c47e8 Shell_NotifyIconW
0x1400c47f0 DragFinish
0x1400c47f8 DragQueryFileW
0x1400c4800 ExtractIconW
Library ole32.dll:
0x1400c4e18 OleInitialize
0x1400c4e20 OleUninitialize
0x1400c4e28 CoCreateInstance
0x1400c4e30 CoInitialize
0x1400c4e38 CoUninitialize
0x1400c4e40 CLSIDFromString
0x1400c4e48 CoGetObject
0x1400c4e50 StringFromGUID2
0x1400c4e58 CreateStreamOnHGlobal
Library OLEAUT32.dll:
0x1400c46d8 SafeArrayGetLBound
0x1400c46e0 GetActiveObject
0x1400c46e8 SysStringLen
0x1400c46f0 OleLoadPicture
0x1400c46f8 SafeArrayUnaccessData
0x1400c4700 SafeArrayGetElemsize
0x1400c4708 SafeArrayAccessData
0x1400c4710 SafeArrayUnlock
0x1400c4718 SafeArrayPtrOfIndex
0x1400c4720 SafeArrayLock
0x1400c4728 SafeArrayGetDim
0x1400c4730 SafeArrayDestroy
0x1400c4738 SafeArrayGetUBound
0x1400c4740 VariantCopyInd
0x1400c4748 SafeArrayCopy
0x1400c4750 SysAllocString
0x1400c4758 VariantChangeType
0x1400c4760 VariantClear
0x1400c4768 SafeArrayCreate
0x1400c4770 SysFreeString

Hosts

No hosts contacted.

TCP

No TCP connections recorded.

UDP

Source Source Port Destination Destination Port
192.168.56.101 50534 114.114.114.114 53
192.168.56.101 51963 114.114.114.114 53
192.168.56.101 56539 114.114.114.114 53
192.168.56.101 65004 114.114.114.114 53
192.168.56.101 137 192.168.56.255 137
192.168.56.101 138 192.168.56.255 138
192.168.56.101 49235 224.0.0.252 5355
192.168.56.101 56804 224.0.0.252 5355
192.168.56.101 60123 224.0.0.252 5355
192.168.56.101 62191 224.0.0.252 5355
192.168.56.101 1900 239.255.255.250 1900
192.168.56.101 50535 239.255.255.250 3702
192.168.56.101 56540 239.255.255.250 3702
192.168.56.101 56807 239.255.255.250 1900
192.168.56.101 58707 239.255.255.250 3702

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.