分析任务
| 分析类型 | 虚拟机标签 | 开始时间 | 结束时间 | 持续时间 |
|---|---|---|---|---|
| 文件 (Windows) | win7-sp1-x64-shaapp02-1 | 2024-03-27 12:10:47 | 2024-03-27 12:11:40 | 53 秒 |
魔盾分数
3.875
可疑的
文件详细信息
| 文件名 | OblivionModManager.exe |
|---|---|
| 文件大小 | 1490944 字节 |
| 文件类型 | PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows |
| MD5 | dad50f9ca4e6ec37abfe0b5e258f6360 |
| SHA1 | f9f37d551f5eda38b43cdc39c5ed64f653f1c317 |
| SHA256 | 13bd886745942819f9e29b7a6ed9fbd35b20aa342320ac1f2728628322f8ae92 |
| SHA512 | dba934194c9cc6c30023449e47343290d3c2fe70a9b9b71a0a2006533935d68204c6c2a6795cf71a303446fac8532dc6298fdce78411f1d03447a59ff3ba3f61 |
| CRC32 | E11F2ACA |
| Ssdeep | 24576:iMqJGABEpiDmm2RdonpOZLO+UZgd3LT0og:MJGImm2vonpOZKdUf0o |
| Yara | 登录查看Yara规则 |
| 找不到该样本 提交漏报 |
登录查看威胁特征
运行截图
访问主机纪录 (可点击查询WPING实时安全评级)
无主机纪录.
域名解析 (可点击查询WPING实时安全评级)
无域名信息.
摘要
登录查看详细行为信息PE 信息
| 初始地址 | 0x00400000 |
|---|---|
| 入口地址 | 0x0055edde |
| 声明校验值 | 0x00000000 |
| 实际校验值 | 0x0016ccce |
| 最低操作系统版本要求 | 4.0 |
| 编译时间 | 2011-09-14 11:56:07 |
| 载入哈希 | f34d5f2d4577ed6d9ceec516c1f5a744 |
版本信息
| Translation | |
|---|---|
| LegalCopyright | |
| Assembly Version | |
| InternalName | |
| FileVersion | |
| CompanyName | |
| Comments | |
| ProductName | |
| ProductVersion | |
| FileDescription | |
| OriginalFilename |
PE 数据组成
| 名称 | 虚拟地址 | 虚拟大小 | 原始数据大小 | 特征 | 熵(Entropy) |
|---|---|---|---|---|---|
| .text | 0x00002000 | 0x0015cde4 | 0x0015d000 | IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ | 5.81 |
| .rsrc | 0x00160000 | 0x0000c880 | 0x0000d000 | IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ | 5.97 |
| .reloc | 0x0016e000 | 0x0000000c | 0x00001000 | IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ | 0.02 |
导入
库: mscoree.dll:
• 0x402000 _CorExeMain
装载信息
| 名称 | OblivionModManager |
|---|---|
| 版本 | 1.1.12.0 |
装载参考
| 名称 | 版本 |
|---|---|
| mscorlib | 2.0.0.0 |
| System.Windows.Forms | 2.0.0.0 |
| BaseTools | 10.11.15.0 |
| System | 2.0.0.0 |
| System.Drawing | 2.0.0.0 |
| System.ServiceProcess | 2.0.0.0 |
| IronPython | 1.1.0.0 |
| System.Xml | 2.0.0.0 |
类型参考
| 装载 | 类型名称 |
|---|---|
| BaseTools | BaseTools.Configuration.ConfigList |
| BaseTools | BaseTools.Configuration.ConfigPair |
| BaseTools | BaseTools.Configuration.IConfig |
| BaseTools | BaseTools.Configuration.Parsers.BuilderConfig |
| BaseTools | BaseTools.Configuration.Parsers.GeneralConfig |
| BaseTools | BaseTools.Configuration.Parsers.IniConfig |
| BaseTools | BaseTools.Configuration.Parsers.JSONConfig |
| BaseTools | BaseTools.Dialog.InputBox |
| BaseTools | BaseTools.Searching.IValidator`1 |
| BaseTools | BaseTools.Searching.StringValidator |
| BaseTools | BaseTools.XS.XConf |
| BaseTools | BaseTools.XS.XSettings |
| IronPython | IronPython.Hosting.CompiledCode |
| IronPython | IronPython.Hosting.EngineModule |
| IronPython | IronPython.Hosting.PythonEngine |
| IronPython | IronPython.Runtime.Exceptions.PythonSyntaxErrorException |
| IronPython | IronPython.Runtime.PythonFile |
| IronPython | IronPython.Runtime.SystemState |
| System | Microsoft.CSharp.CSharpCodeProvider |
| System | Microsoft.VisualBasic.VBCodeProvider |
| System | System.CodeDom.Compiler.CodeDomProvider |
| System | System.CodeDom.Compiler.CompilerError |
| System | System.CodeDom.Compiler.CompilerErrorCollection |
| System | System.CodeDom.Compiler.CompilerParameters |
| System | System.CodeDom.Compiler.CompilerResults |
| System | System.CodeDom.Compiler.GeneratedCodeAttribute |
| System | System.Collections.Generic.Queue`1 |
| System | System.Collections.Generic.Stack`1 |
| System | System.Collections.Specialized.StringCollection |
| System | System.ComponentModel.BackgroundWorker |
| System | System.ComponentModel.BrowsableAttribute |
| System | System.ComponentModel.CancelEventArgs |
| System | System.ComponentModel.CancelEventHandler |
| System | System.ComponentModel.CategoryAttribute |
| System | System.ComponentModel.Component |
| System | System.ComponentModel.ComponentResourceManager |
| System | System.ComponentModel.Container |
| System | System.ComponentModel.DefaultValueAttribute |
| System | System.ComponentModel.DescriptionAttribute |
| System | System.ComponentModel.DesignerSerializationVisibility |
| System | System.ComponentModel.DesignerSerializationVisibilityAttribute |
| System | System.ComponentModel.DoWorkEventArgs |
| System | System.ComponentModel.DoWorkEventHandler |
| System | System.ComponentModel.EditorBrowsableAttribute |
| System | System.ComponentModel.EditorBrowsableState |
| System | System.ComponentModel.IContainer |
| System | System.ComponentModel.ISupportInitialize |
| System | System.ComponentModel.ISynchronizeInvoke |
| System | System.ComponentModel.ProgressChangedEventArgs |
| System | System.ComponentModel.ProgressChangedEventHandler |
| System | System.ComponentModel.ReadOnlyAttribute |
| System | System.ComponentModel.ToolboxItemAttribute |
| System | System.Diagnostics.FileVersionInfo |
| System | System.Diagnostics.Process |
| System | System.Diagnostics.ProcessModule |
| System | System.Diagnostics.ProcessStartInfo |
| System | System.IO.FileSystemEventArgs |
| System | System.IO.FileSystemEventHandler |
| System | System.IO.FileSystemWatcher |
| System | System.Net.HttpWebRequest |
| System | System.Net.HttpWebResponse |
| System | System.Net.WebClient |
| System | System.Net.WebRequest |
| System | System.Net.WebResponse |
| System | System.Text.RegularExpressions.MatchCollection |
| System | System.Text.RegularExpressions.Regex |
| System | System.Text.RegularExpressions.RegexOptions |
| System | System.Threading.ThreadExceptionEventArgs |
| System | System.Threading.ThreadExceptionEventHandler |
| System | System.Uri |
| System.Drawing | System.Drawing.Bitmap |
| System.Drawing | System.Drawing.Brush |
| System.Drawing | System.Drawing.Brushes |
| System.Drawing | System.Drawing.Color |
| System.Drawing | System.Drawing.ContentAlignment |
| System.Drawing | System.Drawing.Drawing2D.GraphicsPath |
| System.Drawing | System.Drawing.Drawing2D.HatchBrush |
| System.Drawing | System.Drawing.Drawing2D.HatchStyle |
| System.Drawing | System.Drawing.Drawing2D.LinearGradientBrush |
| System.Drawing | System.Drawing.Drawing2D.PathGradientBrush |
| System.Drawing | System.Drawing.Font |
| System.Drawing | System.Drawing.FontFamily |
| System.Drawing | System.Drawing.FontStyle |
| System.Drawing | System.Drawing.Graphics |
| System.Drawing | System.Drawing.GraphicsUnit |
| System.Drawing | System.Drawing.IDeviceContext |
| System.Drawing | System.Drawing.Icon |
| System.Drawing | System.Drawing.Image |
| System.Drawing | System.Drawing.Imaging.BitmapData |
| System.Drawing | System.Drawing.Imaging.FrameDimension |
| System.Drawing | System.Drawing.Imaging.ImageFormat |
| System.Drawing | System.Drawing.Imaging.ImageLockMode |
| System.Drawing | System.Drawing.Imaging.PixelFormat |
| System.Drawing | System.Drawing.Pen |
| System.Drawing | System.Drawing.Pens |
| System.Drawing | System.Drawing.Point |
| System.Drawing | System.Drawing.PointF |
| System.Drawing | System.Drawing.Printing.PrintDocument |
| System.Drawing | System.Drawing.Printing.PrintEventArgs |
| System.Drawing | System.Drawing.Printing.PrintEventHandler |
| System.Drawing | System.Drawing.Printing.PrintPageEventArgs |
| System.Drawing | System.Drawing.Printing.PrintPageEventHandler |
| System.Drawing | System.Drawing.Rectangle |
| System.Drawing | System.Drawing.RectangleF |
| System.Drawing | System.Drawing.Size |
| System.Drawing | System.Drawing.SizeF |
| System.Drawing | System.Drawing.SolidBrush |
| System.Drawing | System.Drawing.StringAlignment |
| System.Drawing | System.Drawing.StringFormat |
| System.Drawing | System.Drawing.StringFormatFlags |
| System.Drawing | System.Drawing.SystemBrushes |
| System.Drawing | System.Drawing.SystemColors |
| System.Drawing | System.Drawing.SystemPens |
| System.Drawing | System.Drawing.Text.TextRenderingHint |
| System.Drawing | System.Drawing.ToolboxBitmapAttribute |
| System.ServiceProcess | System.ServiceProcess.ServiceController |
| System.ServiceProcess | System.ServiceProcess.ServiceControllerStatus |
| System.Windows.Forms | System.Windows.Forms.AnchorStyles |
| System.Windows.Forms | System.Windows.Forms.Application |
| System.Windows.Forms | System.Windows.Forms.AutoScaleMode |
| System.Windows.Forms | System.Windows.Forms.BorderStyle |
| System.Windows.Forms | System.Windows.Forms.Button |
| System.Windows.Forms | System.Windows.Forms.ButtonBase |
| System.Windows.Forms | System.Windows.Forms.CheckBox |
| System.Windows.Forms | System.Windows.Forms.CheckState |
| System.Windows.Forms | System.Windows.Forms.CheckedListBox |
| System.Windows.Forms | System.Windows.Forms.CheckedListBox/ObjectCollection |
| System.Windows.Forms | System.Windows.Forms.Clipboard |
| System.Windows.Forms | System.Windows.Forms.ColumnHeader |
| System.Windows.Forms | System.Windows.Forms.ColumnHeaderAutoResizeStyle |
| System.Windows.Forms | System.Windows.Forms.ColumnHeaderStyle |
| System.Windows.Forms | System.Windows.Forms.ColumnStyle |
| System.Windows.Forms | System.Windows.Forms.ComboBox |
| System.Windows.Forms | System.Windows.Forms.ComboBox/ObjectCollection |
| System.Windows.Forms | System.Windows.Forms.CommonDialog |
| System.Windows.Forms | System.Windows.Forms.ContainerControl |
| System.Windows.Forms | System.Windows.Forms.ContextMenu |
| System.Windows.Forms | System.Windows.Forms.ContextMenuStrip |
| System.Windows.Forms | System.Windows.Forms.Control |
| System.Windows.Forms | System.Windows.Forms.Control/ControlCollection |
| System.Windows.Forms | System.Windows.Forms.ControlStyles |
| System.Windows.Forms | System.Windows.Forms.CreateParams |
| System.Windows.Forms | System.Windows.Forms.Cursor |
| System.Windows.Forms | System.Windows.Forms.Cursors |
| System.Windows.Forms | System.Windows.Forms.DataFormats |
| System.Windows.Forms | System.Windows.Forms.DataObject |
| System.Windows.Forms | System.Windows.Forms.DialogResult |
| System.Windows.Forms | System.Windows.Forms.DockStyle |
| System.Windows.Forms | System.Windows.Forms.DragDropEffects |
| System.Windows.Forms | System.Windows.Forms.DragEventArgs |
| System.Windows.Forms | System.Windows.Forms.DragEventHandler |
| System.Windows.Forms | System.Windows.Forms.FileDialog |
| System.Windows.Forms | System.Windows.Forms.FolderBrowserDialog |
| System.Windows.Forms | System.Windows.Forms.FontDialog |
| System.Windows.Forms | System.Windows.Forms.Form |
| System.Windows.Forms | System.Windows.Forms.FormBorderStyle |
| System.Windows.Forms | System.Windows.Forms.FormClosedEventArgs |
| System.Windows.Forms | System.Windows.Forms.FormClosedEventHandler |
| System.Windows.Forms | System.Windows.Forms.FormClosingEventArgs |
| System.Windows.Forms | System.Windows.Forms.FormClosingEventHandler |
| System.Windows.Forms | System.Windows.Forms.FormCollection |
| System.Windows.Forms | System.Windows.Forms.FormStartPosition |
| System.Windows.Forms | System.Windows.Forms.FormWindowState |
| System.Windows.Forms | System.Windows.Forms.GiveFeedbackEventArgs |
| System.Windows.Forms | System.Windows.Forms.GiveFeedbackEventHandler |
| System.Windows.Forms | System.Windows.Forms.GroupBox |
| System.Windows.Forms | System.Windows.Forms.HScrollBar |
| System.Windows.Forms | System.Windows.Forms.IButtonControl |
| System.Windows.Forms | System.Windows.Forms.IDataObject |
| System.Windows.Forms | System.Windows.Forms.ImageList |
| System.Windows.Forms | System.Windows.Forms.ImageList/ImageCollection |
| System.Windows.Forms | System.Windows.Forms.ImageListStreamer |
| System.Windows.Forms | System.Windows.Forms.ItemCheckEventArgs |
| System.Windows.Forms | System.Windows.Forms.ItemCheckEventHandler |
| System.Windows.Forms | System.Windows.Forms.ItemCheckedEventArgs |
| System.Windows.Forms | System.Windows.Forms.ItemCheckedEventHandler |
| System.Windows.Forms | System.Windows.Forms.ItemDragEventArgs |
| System.Windows.Forms | System.Windows.Forms.ItemDragEventHandler |
| System.Windows.Forms | System.Windows.Forms.KeyEventArgs |
| System.Windows.Forms | System.Windows.Forms.KeyEventHandler |
| System.Windows.Forms | System.Windows.Forms.KeyPressEventArgs |
| System.Windows.Forms | System.Windows.Forms.KeyPressEventHandler |
| System.Windows.Forms | System.Windows.Forms.Keys |
| System.Windows.Forms | System.Windows.Forms.Label |
| System.Windows.Forms | System.Windows.Forms.LabelEditEventArgs |
| System.Windows.Forms | System.Windows.Forms.LabelEditEventHandler |
| System.Windows.Forms | System.Windows.Forms.Layout.ArrangedElementCollection |
| System.Windows.Forms | System.Windows.Forms.LinkLabel |
| System.Windows.Forms | System.Windows.Forms.LinkLabelLinkClickedEventArgs |
| System.Windows.Forms | System.Windows.Forms.LinkLabelLinkClickedEventHandler |
| System.Windows.Forms | System.Windows.Forms.ListBox |
| System.Windows.Forms | System.Windows.Forms.ListBox/ObjectCollection |
| System.Windows.Forms | System.Windows.Forms.ListBox/SelectedIndexCollection |
| System.Windows.Forms | System.Windows.Forms.ListBox/SelectedObjectCollection |
| System.Windows.Forms | System.Windows.Forms.ListControl |
| System.Windows.Forms | System.Windows.Forms.ListView |
| System.Windows.Forms | System.Windows.Forms.ListView/ColumnHeaderCollection |
| System.Windows.Forms | System.Windows.Forms.ListView/ListViewItemCollection |
| System.Windows.Forms | System.Windows.Forms.ListView/SelectedIndexCollection |
| System.Windows.Forms | System.Windows.Forms.ListView/SelectedListViewItemCollection |
| System.Windows.Forms | System.Windows.Forms.ListViewAlignment |
| System.Windows.Forms | System.Windows.Forms.ListViewItem |
| System.Windows.Forms | System.Windows.Forms.ListViewItem/ListViewSubItem |
| System.Windows.Forms | System.Windows.Forms.ListViewItem/ListViewSubItemCollection |
| System.Windows.Forms | System.Windows.Forms.Message |
| System.Windows.Forms | System.Windows.Forms.MessageBox |
| System.Windows.Forms | System.Windows.Forms.MessageBoxButtons |
| System.Windows.Forms | System.Windows.Forms.MessageBoxDefaultButton |
| System.Windows.Forms | System.Windows.Forms.MessageBoxIcon |
| System.Windows.Forms | System.Windows.Forms.MethodInvoker |
| System.Windows.Forms | System.Windows.Forms.MouseButtons |
| System.Windows.Forms | System.Windows.Forms.MouseEventArgs |
| System.Windows.Forms | System.Windows.Forms.MouseEventHandler |
| System.Windows.Forms | System.Windows.Forms.NumericUpDown |
| System.Windows.Forms | System.Windows.Forms.OpenFileDialog |
| System.Windows.Forms | System.Windows.Forms.Orientation |
| System.Windows.Forms | System.Windows.Forms.Padding |
| System.Windows.Forms | System.Windows.Forms.PaintEventArgs |
| System.Windows.Forms | System.Windows.Forms.Panel |
| System.Windows.Forms | System.Windows.Forms.PictureBox |
| System.Windows.Forms | System.Windows.Forms.PictureBoxSizeMode |
| System.Windows.Forms | System.Windows.Forms.ProgressBar |
| System.Windows.Forms | System.Windows.Forms.ProgressBarStyle |
| System.Windows.Forms | System.Windows.Forms.RadioButton |
| System.Windows.Forms | System.Windows.Forms.RichTextBox |
| System.Windows.Forms | System.Windows.Forms.RichTextBoxFinds |
| System.Windows.Forms | System.Windows.Forms.RowStyle |
| System.Windows.Forms | System.Windows.Forms.SaveFileDialog |
| System.Windows.Forms | System.Windows.Forms.Screen |
| System.Windows.Forms | System.Windows.Forms.ScrollBar |
| System.Windows.Forms | System.Windows.Forms.ScrollBars |
| System.Windows.Forms | System.Windows.Forms.ScrollableControl |
| System.Windows.Forms | System.Windows.Forms.SelectionMode |
| System.Windows.Forms | System.Windows.Forms.SizeType |
| System.Windows.Forms | System.Windows.Forms.SortOrder |
| System.Windows.Forms | System.Windows.Forms.SplitContainer |
| System.Windows.Forms | System.Windows.Forms.Splitter |
| System.Windows.Forms | System.Windows.Forms.SplitterPanel |
| System.Windows.Forms | System.Windows.Forms.SystemInformation |
| System.Windows.Forms | System.Windows.Forms.TabAlignment |
| System.Windows.Forms | System.Windows.Forms.TabControl |
| System.Windows.Forms | System.Windows.Forms.TabPage |
| System.Windows.Forms | System.Windows.Forms.TableLayoutColumnStyleCollection |
| System.Windows.Forms | System.Windows.Forms.TableLayoutControlCollection |
| System.Windows.Forms | System.Windows.Forms.TableLayoutPanel |
| System.Windows.Forms | System.Windows.Forms.TableLayoutRowStyleCollection |
| System.Windows.Forms | System.Windows.Forms.TextBox |
| System.Windows.Forms | System.Windows.Forms.TextBoxBase |
| System.Windows.Forms | System.Windows.Forms.TextFormatFlags |
| System.Windows.Forms | System.Windows.Forms.TextImageRelation |
| System.Windows.Forms | System.Windows.Forms.TextRenderer |
| System.Windows.Forms | System.Windows.Forms.ToolStrip |
| System.Windows.Forms | System.Windows.Forms.ToolStripButton |
| System.Windows.Forms | System.Windows.Forms.ToolStripComboBox |
| System.Windows.Forms | System.Windows.Forms.ToolStripControlHost |
| System.Windows.Forms | System.Windows.Forms.ToolStripDropDown |
| System.Windows.Forms | System.Windows.Forms.ToolStripDropDownButton |
| System.Windows.Forms | System.Windows.Forms.ToolStripDropDownItem |
| System.Windows.Forms | System.Windows.Forms.ToolStripItem |
| System.Windows.Forms | System.Windows.Forms.ToolStripItemCollection |
| System.Windows.Forms | System.Windows.Forms.ToolStripItemDisplayStyle |
| System.Windows.Forms | System.Windows.Forms.ToolStripMenuItem |
| System.Windows.Forms | System.Windows.Forms.ToolTip |
| System.Windows.Forms | System.Windows.Forms.TreeNode |
| System.Windows.Forms | System.Windows.Forms.TreeNodeCollection |
| System.Windows.Forms | System.Windows.Forms.TreeView |
| System.Windows.Forms | System.Windows.Forms.TreeViewAction |
| System.Windows.Forms | System.Windows.Forms.TreeViewEventArgs |
| System.Windows.Forms | System.Windows.Forms.TreeViewEventHandler |
| System.Windows.Forms | System.Windows.Forms.UserControl |
| System.Windows.Forms | System.Windows.Forms.VScrollBar |
| System.Windows.Forms | System.Windows.Forms.View |
| System.Xml | System.Xml.Schema.ValidationEventArgs |
| System.Xml | System.Xml.Schema.ValidationEventHandler |
| System.Xml | System.Xml.Schema.XmlSchema |
| System.Xml | System.Xml.Schema.XmlSchemaSet |
| System.Xml | System.Xml.ValidationType |
| System.Xml | System.Xml.XmlAttribute |
| System.Xml | System.Xml.XmlAttributeCollection |
| System.Xml | System.Xml.XmlDocument |
| System.Xml | System.Xml.XmlElement |
| System.Xml | System.Xml.XmlNode |
| System.Xml | System.Xml.XmlNodeList |
| System.Xml | System.Xml.XmlNodeType |
| System.Xml | System.Xml.XmlReader |
| System.Xml | System.Xml.XmlReaderSettings |
| System.Xml | System.Xml.XmlTextReader |
| mscorlib | System.AccessViolationException |
| mscorlib | System.Activator |
| mscorlib | System.AppDomain |
| mscorlib | System.ApplicationException |
| mscorlib | System.ArgumentException |
| mscorlib | System.ArgumentNullException |
| mscorlib | System.ArgumentOutOfRangeException |
| mscorlib | System.Array |
| mscorlib | System.AsyncCallback |
| mscorlib | System.BitConverter |
| mscorlib | System.Boolean |
| mscorlib | System.Byte |
| mscorlib | System.Char |
| mscorlib | System.Collections.ArrayList |
| mscorlib | System.Collections.CollectionBase |
| mscorlib | System.Collections.DictionaryEntry |
| mscorlib | System.Collections.Generic.Dictionary`2 |
| mscorlib | System.Collections.Generic.ICollection`1 |
| mscorlib | System.Collections.Generic.IComparer`1 |
| mscorlib | System.Collections.Generic.IDictionary`2 |
| mscorlib | System.Collections.Generic.IEnumerable`1 |
| mscorlib | System.Collections.Generic.IEnumerator`1 |
| mscorlib | System.Collections.Generic.IList`1 |
| mscorlib | System.Collections.Generic.KeyValuePair`2 |
| mscorlib | System.Collections.Generic.List`1 |
| mscorlib | System.Collections.Generic.List`1/Enumerator |
| mscorlib | System.Collections.Hashtable |
| mscorlib | System.Collections.ICollection |
| mscorlib | System.Collections.IComparer |
| mscorlib | System.Collections.IEnumerable |
| mscorlib | System.Collections.IEnumerator |
| mscorlib | System.Collections.ObjectModel.ReadOnlyCollection`1 |
| mscorlib | System.Collections.ReadOnlyCollectionBase |
| mscorlib | System.Console |
| mscorlib | System.Convert |
| mscorlib | System.DateTime |
| mscorlib | System.DateTimeKind |
| mscorlib | System.Decimal |
| mscorlib | System.Delegate |
| mscorlib | System.Diagnostics.DebuggerNonUserCodeAttribute |
| mscorlib | System.Double |
| mscorlib | System.Enum |
| mscorlib | System.Environment |
| mscorlib | System.Environment/SpecialFolder |
| mscorlib | System.EventArgs |
| mscorlib | System.EventHandler |
| mscorlib | System.Exception |
| mscorlib | System.FlagsAttribute |
| mscorlib | System.GC |
| mscorlib | System.Globalization.CultureInfo |
| mscorlib | System.Globalization.DateTimeStyles |
| mscorlib | System.Globalization.NumberStyles |
| mscorlib | System.Guid |
| mscorlib | System.IAsyncResult |
| mscorlib | System.ICloneable |
| mscorlib | System.IComparable |
| mscorlib | System.IComparable`1 |
| mscorlib | System.IDisposable |
| mscorlib | System.IFormatProvider |
| mscorlib | System.IO.BinaryReader |
| mscorlib | System.IO.BinaryWriter |
| mscorlib | System.IO.Directory |
| mscorlib | System.IO.DirectoryInfo |
| mscorlib | System.IO.File |
| mscorlib | System.IO.FileAccess |
| mscorlib | System.IO.FileAttributes |
| mscorlib | System.IO.FileInfo |
| mscorlib | System.IO.FileMode |
| mscorlib | System.IO.FileNotFoundException |
| mscorlib | System.IO.FileShare |
| mscorlib | System.IO.FileStream |
| mscorlib | System.IO.FileSystemInfo |
| mscorlib | System.IO.IOException |
| mscorlib | System.IO.MemoryStream |
| mscorlib | System.IO.Path |
| mscorlib | System.IO.SearchOption |
| mscorlib | System.IO.SeekOrigin |
| mscorlib | System.IO.Stream |
| mscorlib | System.IO.StreamReader |
| mscorlib | System.IO.StreamWriter |
| mscorlib | System.IO.StringWriter |
| mscorlib | System.IO.TextReader |
| mscorlib | System.IO.TextWriter |
| mscorlib | System.IndexOutOfRangeException |
| mscorlib | System.Int16 |
| mscorlib | System.Int32 |
| mscorlib | System.Int64 |
| mscorlib | System.IntPtr |
| mscorlib | System.InvalidOperationException |
| mscorlib | System.Math |
| mscorlib | System.MulticastDelegate |
| mscorlib | System.NotImplementedException |
| mscorlib | System.NotSupportedException |
| mscorlib | System.Nullable`1 |
| mscorlib | System.Object |
| mscorlib | System.ObsoleteAttribute |
| mscorlib | System.OperatingSystem |
| mscorlib | System.OutOfMemoryException |
| mscorlib | System.ParamArrayAttribute |
| mscorlib | System.PlatformID |
| mscorlib | System.Predicate`1 |
| mscorlib | System.Random |
| mscorlib | System.Reflection.Assembly |
| mscorlib | System.Reflection.AssemblyCompanyAttribute |
| mscorlib | System.Reflection.AssemblyConfigurationAttribute |
| mscorlib | System.Reflection.AssemblyCopyrightAttribute |
| mscorlib | System.Reflection.AssemblyDescriptionAttribute |
| mscorlib | System.Reflection.AssemblyFileVersionAttribute |
| mscorlib | System.Reflection.AssemblyProductAttribute |
| mscorlib | System.Reflection.AssemblyTitleAttribute |
| mscorlib | System.Reflection.AssemblyTrademarkAttribute |
| mscorlib | System.Reflection.Binder |
| mscorlib | System.Reflection.BindingFlags |
| mscorlib | System.Reflection.DefaultMemberAttribute |
| mscorlib | System.Reflection.PropertyInfo |
| mscorlib | System.Resources.ResourceManager |
| mscorlib | System.Runtime.CompilerServices.CompilationRelaxationsAttribute |
| mscorlib | System.Runtime.CompilerServices.CompilerGeneratedAttribute |
| mscorlib | System.Runtime.CompilerServices.IsVolatile |
| mscorlib | System.Runtime.CompilerServices.RuntimeCompatibilityAttribute |
| mscorlib | System.Runtime.CompilerServices.RuntimeHelpers |
| mscorlib | System.Runtime.InteropServices.ComVisibleAttribute |
| mscorlib | System.Runtime.InteropServices.ExternalException |
| mscorlib | System.Runtime.InteropServices.Marshal |
| mscorlib | System.Runtime.Serialization.Formatters.Binary.BinaryFormatter |
| mscorlib | System.Runtime.Serialization.SerializationInfo |
| mscorlib | System.Runtime.Serialization.StreamingContext |
| mscorlib | System.RuntimeFieldHandle |
| mscorlib | System.RuntimeTypeHandle |
| mscorlib | System.STAThreadAttribute |
| mscorlib | System.Security.CodeAccessPermission |
| mscorlib | System.Security.Cryptography.CryptoStream |
| mscorlib | System.Security.Cryptography.CryptographicException |
| mscorlib | System.Security.Cryptography.ICryptoTransform |
| mscorlib | System.Security.Cryptography.KeySizes |
| mscorlib | System.Security.Cryptography.SymmetricAlgorithm |
| mscorlib | System.Security.IPermission |
| mscorlib | System.Security.PermissionSet |
| mscorlib | System.Security.Permissions.FileIOPermission |
| mscorlib | System.Security.Permissions.FileIOPermissionAccess |
| mscorlib | System.Security.Permissions.PermissionState |
| mscorlib | System.Security.Permissions.ReflectionPermission |
| mscorlib | System.Security.Permissions.ReflectionPermissionFlag |
| mscorlib | System.Security.Permissions.SecurityPermission |
| mscorlib | System.Security.Permissions.SecurityPermissionFlag |
| mscorlib | System.Security.Permissions.UIPermission |
| mscorlib | System.Security.Permissions.UIPermissionWindow |
| mscorlib | System.Security.Policy.Evidence |
| mscorlib | System.Security.Policy.Zone |
| mscorlib | System.Security.Principal.WindowsBuiltInRole |
| mscorlib | System.Security.Principal.WindowsIdentity |
| mscorlib | System.Security.Principal.WindowsPrincipal |
| mscorlib | System.Security.SecurityZone |
| mscorlib | System.Security.SuppressUnmanagedCodeSecurityAttribute |
| mscorlib | System.Single |
| mscorlib | System.String |
| mscorlib | System.StringComparison |
| mscorlib | System.StringSplitOptions |
| mscorlib | System.Text.Encoding |
| mscorlib | System.Text.StringBuilder |
| mscorlib | System.Threading.Interlocked |
| mscorlib | System.Threading.Monitor |
| mscorlib | System.Threading.Mutex |
| mscorlib | System.Threading.Thread |
| mscorlib | System.Threading.WaitHandle |
| mscorlib | System.TimeSpan |
| mscorlib | System.Type |
| mscorlib | System.UInt32 |
| mscorlib | System.UnauthorizedAccessException |
| mscorlib | System.UnhandledExceptionEventArgs |
| mscorlib | System.UnhandledExceptionEventHandler |
| mscorlib | System.ValueType |
| mscorlib | System.Version |
.text
`.rsrc
@.reloc
_dX}E
_dY}E
X*~i
&*rVP
&*rGS
XjYXoQ
jYXoQ
jXYio]
XjXoQ
YjXoQ
-5rr'
- rr'
XnXoQ
XjYXoQ
YnXoQ
XnXoQ
访问主机纪录 (可点击查询WPING实时安全评级)
无主机纪录.
TCP
| 源地址 | 源端口 | 目标地址 | 目标端口 |
|---|---|---|---|
| 192.168.122.201 | 49160 | 104.86.110.203 | 80 |
UDP
| 源地址 | 源端口 | 目标地址 | 目标端口 |
|---|---|---|---|
| 192.168.122.201 | 63246 | 192.168.122.1 | 53 |
域名解析 (可点击查询WPING实时安全评级)
无域名信息.
TCP
| 源地址 | 源端口 | 目标地址 | 目标端口 |
|---|---|---|---|
| 192.168.122.201 | 49160 | 104.86.110.203 | 80 |
UDP
| 源地址 | 源端口 | 目标地址 | 目标端口 |
|---|---|---|---|
| 192.168.122.201 | 63246 | 192.168.122.1 | 53 |
HTTP 请求
| URI | HTTP数据 |
|---|---|
| URL专业沙箱检测 -> http://acroipm.adobe.com/11/rdr/CHS/win/nooem/none/message.zip | GET /11/rdr/CHS/win/nooem/none/message.zip HTTP/1.1 Accept: */* If-Modified-Since: Mon, 08 Nov 2017 08:44:36 GMT User-Agent: IPM Host: acroipm.adobe.com Connection: Keep-Alive Cache-Control: no-cache |
SMTP 流量
无SMTP流量.
IRC 流量
无IRC请求.
ICMP 流量
无ICMP流量.
CIF 报告
无 CIF 结果
网络警报
无警报
TLS
No TLS
Suricata HTTP
No Suricata HTTP
未发现网络提取文件
抱歉! 没有任何文件投放。
没有发现相似的分析.
| HTML 总结报告 (需15-60分钟同步) |
下载 |
|---|
Processing ( 28.438 seconds )
- 11.917 Suricata
- 10.413 NetworkAnalysis
- 4.102 Static
- 0.745 TargetInfo
- 0.641 static_dotnet
- 0.325 peid
- 0.267 BehaviorAnalysis
- 0.012 Strings
- 0.011 AnalysisInfo
- 0.003 config_decoder
- 0.002 Memory
Signatures ( 1.883 seconds )
- 1.615 proprietary_url_bl
- 0.043 antiav_detectreg
- 0.019 infostealer_ftp
- 0.015 api_spamming
- 0.013 stealth_timeout
- 0.013 infostealer_im
- 0.012 stealth_decoy_document
- 0.009 antiav_detectfile
- 0.009 antianalysis_detectreg
- 0.009 proprietary_domain_bl
- 0.008 infostealer_mail
- 0.007 antivm_vbox_files
- 0.006 anomaly_persistence_autorun
- 0.006 geodo_banking_trojan
- 0.006 infostealer_bitcoin
- 0.004 network_http
- 0.004 ransomware_extensions
- 0.004 ransomware_files
- 0.003 tinba_behavior
- 0.003 antiemu_wine_func
- 0.003 kibex_behavior
- 0.003 antivm_generic_scsi
- 0.003 infostealer_browser_password
- 0.003 kovter_behavior
- 0.003 disables_browser_warn
- 0.003 darkcomet_regkeys
- 0.002 bootkit
- 0.002 rat_nanocore
- 0.002 mimics_filetime
- 0.002 stealth_file
- 0.002 antivm_generic_services
- 0.002 betabot_behavior
- 0.002 reads_self
- 0.002 antivm_generic_disk
- 0.002 virus
- 0.002 antivm_parallels_keys
- 0.002 antivm_xen_keys
- 0.002 browser_security
- 0.001 hawkeye_behavior
- 0.001 network_tor
- 0.001 antivm_vbox_libs
- 0.001 antiav_avast_libs
- 0.001 injection_createremotethread
- 0.001 proprietary_anomaly_massive_file_ops
- 0.001 antisandbox_sunbelt_libs
- 0.001 shifu_behavior
- 0.001 anormaly_invoke_kills
- 0.001 cerber_behavior
- 0.001 injection_runpe
- 0.001 hancitor_behavior
- 0.001 antianalysis_detectfile
- 0.001 antidbg_devices
- 0.001 antisandbox_productid
- 0.001 antivm_generic_diskreg
- 0.001 antivm_vmware_files
- 0.001 banker_zeus_mutex
- 0.001 bot_athenahttp
- 0.001 bot_drive
- 0.001 bot_drive2
- 0.001 browser_addon
- 0.001 modify_proxy
- 0.001 disables_system_restore
- 0.001 disables_windows_defender
- 0.001 codelux_behavior
- 0.001 proprietary_malicious_drop_executable_file_to_temp_folder
- 0.001 proprietary_anomaly_invoke_vb_vba
- 0.001 proprietary_bad_drop
- 0.001 network_cnc_http
- 0.001 rat_pcclient
- 0.001 recon_fingerprint
- 0.001 stealth_modify_uac_prompt
Reporting ( 0.56 seconds )
- 0.516 ReportHTMLSummary
- 0.044 Malheur
| Task ID | 743100 |
|---|---|
| Mongo ID | 66039ccfdc327bb8968be765 |
| Cuckoo release | 1.4-Maldun |
沪公网安备 31011502009736号