Windows Analysis Report SecuriteInfo.com.Trojan.BrowseBan.32054.8200
Overview
General Information
Sample Name: | SecuriteInfo.com.Trojan.BrowseBan.32054.8200 (renamed file extension from 8200 to exe) |
Analysis ID: | 492347 |
MD5: | 7a61d4434b48575332c6d4227b5ed14f |
SHA1: | 3dc79fb21dc1c58a3f9fb3fd5a94b5a4eb5cfd36 |
SHA256: | 44d9fb3b4faeb07506a95eaf45e7d9d40dac2830f2004bb6ca061167aa9a67e4 |
Tags: | exe |
Infos: | |
Most interesting Screenshot: |
Detection
Score: | 8 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 40% |
Signatures
Classification
Analysis Advice |
---|
Sample tries to load a library which is not present or installed on the analysis machine, adding the library might reveal more behavior |
Sample may offer command line options, please run it with the 'Execute binary with arguments' cookbook (it's possible that the command line switches require additional characters like: "-", "/", "--") |
Sample has functionality to log and monitor keystrokes, analyze it with the 'Simulates keyboard and window changes' cookbook |
Process Tree |
---|
|
Malware Configuration |
---|
No configs have been found |
---|
Yara Overview |
---|
No yara matches |
---|
Sigma Overview |
---|
No Sigma rule has matched |
---|
Jbx Signature Overview |
---|
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | Static PE information: |
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: |
Source: | Code function: | ||
Source: | Code function: |
Source: | Code function: |
Source: | Code function: |
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | Section loaded: |
Source: | File deleted: | Jump to behavior |
Source: | Code function: |
Source: | File created: | Jump to behavior |
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: |
Source: | File read: | Jump to behavior |
Source: | Static PE information: |
Source: | Key opened: |
Source: | Code function: |
Source: | Code function: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | File written: | Jump to behavior |
Source: | Classification label: |
Source: | File read: | Jump to behavior |
Source: | Code function: |
Source: | Static file information: |
Source: | Code function: |
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: |
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: | ||
Source: | Process information set: |
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: |
Source: | Code function: |
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: | ||
Source: | Code function: |
Source: | File Volume queried: | ||
Source: | File Volume queried: | ||
Source: | File Volume queried: |
Source: | Code function: |
Source: | Queries volume information: | ||
Source: | Queries volume information: | ||
Source: | Queries volume information: | ||
Source: | Queries volume information: | ||
Source: | Queries volume information: | ||
Source: | Queries volume information: | ||
Source: | Queries volume information: | ||
Source: | Queries volume information: | ||
Source: | Queries volume information: | ||
Source: | Queries volume information: | ||
Source: | Queries volume information: | ||
Source: | Queries volume information: | ||
Source: | Queries volume information: | ||
Source: | Queries volume information: | ||
Source: | Queries volume information: | ||
Source: | Queries volume information: |
Source: | Code function: |
Source: | Code function: |
Source: | Code function: |
Source: | Code function: |
Mitre Att&ck Matrix |
---|
Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Exfiltration | Command and Control | Network Effects | Remote Service Effects | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Valid Accounts | Command and Scripting Interpreter2 | DLL Side-Loading1 | Access Token Manipulation1 | Masquerading1 | Input Capture21 | System Time Discovery12 | Remote Services | Screen Capture1 | Exfiltration Over Other Network Medium | Encrypted Channel1 | Eavesdrop on Insecure Network Communication | Remotely Track Device Without Authorization | System Shutdown/Reboot1 |
Default Accounts | Native API1 | Boot or Logon Initialization Scripts | DLL Side-Loading1 | Access Token Manipulation1 | LSASS Memory | Application Window Discovery1 | Remote Desktop Protocol | Input Capture21 | Exfiltration Over Bluetooth | Junk Data | Exploit SS7 to Redirect Phone Calls/SMS | Remotely Wipe Data Without Authorization | Device Lockout |
Domain Accounts | At (Linux) | Logon Script (Windows) | Logon Script (Windows) | DLL Side-Loading1 | Security Account Manager | File and Directory Discovery3 | SMB/Windows Admin Shares | Archive Collected Data1 | Automated Exfiltration | Steganography | Exploit SS7 to Track Device Location | Obtain Device Cloud Backups | Delete Device Data |
Local Accounts | At (Windows) | Logon Script (Mac) | Logon Script (Mac) | File Deletion1 | NTDS | System Information Discovery26 | Distributed Component Object Model | Input Capture | Scheduled Transfer | Protocol Impersonation | SIM Card Swap | Carrier Billing Fraud |
Behavior Graph |
---|
Screenshots |
---|
Thumbnails
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Antivirus, Machine Learning and Genetic Malware Detection |
---|
Initial Sample |
---|
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
3% | Virustotal | Browse | ||
5% | Metadefender | Browse | ||
2% | ReversingLabs |
Dropped Files |
---|
No Antivirus matches |
---|
Unpacked PE Files |
---|
No Antivirus matches |
---|
Domains |
---|
No Antivirus matches |
---|
URLs |
---|
No Antivirus matches |
---|
Domains and IPs |
---|
General Information |
---|
Joe Sandbox Version: | 33.0.0 White Diamond |
Analysis ID: | 492347 |
Start date: | 28.09.2021 |
Start time: | 16:11:05 |
Joe Sandbox Product: | CloudBasic |
Overall analysis duration: | 0h 5m 49s |
Hypervisor based Inspection enabled: | false |
Report type: | light |
Sample file name: | SecuriteInfo.com.Trojan.BrowseBan.32054.8200 (renamed file extension from 8200 to exe) |
Cookbook file name: | default.jbs |
Analysis system description: | Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211 |
Number of analysed new started processes analysed: | 13 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | CLEAN |
Classification: | clean8.winEXE@1/2@0/0 |
EGA Information: | Failed |
HDC Information: | Failed |
HCA Information: |
|
Cookbook Comments: |
|
Warnings: | Show All
|
Simulations |
---|
Behavior and APIs |
---|
No simulations |
---|
Joe Sandbox View / Context |
---|
Created / dropped Files |
---|
Process: | C:\Users\user\Desktop\SecuriteInfo.com.Trojan.BrowseBan.32054.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 35 |
Entropy (8bit): | 4.307714802597438 |
Encrypted: | false |
SSDEEP: | 3:ExLzdCwpA6jOYp:ENzoLSOI |
MD5: | D94D1652055EDF8F49C7991664AFEE1A |
SHA1: | 97B41753CF7CF84A886E094217BFA850F9D474F8 |
SHA-256: | 6B6D4B0D139E08A0773CF7A591D64DD88825210CE184226423D50DC2BC20F19E |
SHA-512: | 58B734C2B16339C39ED01B106931AFF9DB41FCEF3435F8E5149F847C028F28C67F171B7711B00242A1BC14C6ED3503F247C01BAFE3184C44F8049ABB91B2EA5B |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | C:\Users\user\Desktop\SecuriteInfo.com.Trojan.BrowseBan.32054.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 288 |
Entropy (8bit): | 4.686889438956984 |
Encrypted: | false |
SSDEEP: | 6:t10rm+aX2qyzwWSXmXlBhMGvqjt/al6wnKfRBm0opzlLNlv8uFRxjw3:707H02XkR0LXphNlv8uFg3 |
MD5: | DDBD22FCBC5FC8DD7E120DBF85CA9519 |
SHA1: | 877C624A1829038173D8BF1B898ABA3EDD99BF81 |
SHA-256: | E0C5778E7BFEC2EB403609850616FFA2ADD712AED5616D5B1F6891B99C6CB8F3 |
SHA-512: | F699679FEAC9364186BEEA2FBEAC3541F44280BD42FF3A716F384EBE27AAF2674858F86941CF2F756EAB28E13DDC18F83999F42A0CC802A0D09666D65DB9DF9B |
Malicious: | false |
Reputation: | low |
Preview: |
|
Static File Info |
---|
General | |
---|---|
File type: | |
Entropy (8bit): | 6.267914993120473 |
TrID: |
|
File name: | SecuriteInfo.com.Trojan.BrowseBan.32054.exe |
File size: | 1570477 |
MD5: | 7a61d4434b48575332c6d4227b5ed14f |
SHA1: | 3dc79fb21dc1c58a3f9fb3fd5a94b5a4eb5cfd36 |
SHA256: | 44d9fb3b4faeb07506a95eaf45e7d9d40dac2830f2004bb6ca061167aa9a67e4 |
SHA512: | f51b4a93a2aebdbe89dc31d53363497d9d50cc178c530b7a25c0baa9770e01e7430ceb4365034e4fc6209aa3411e6b1d4fa4f79184f0de3735956278943dc668 |
SSDEEP: | 24576:rjGjEneWcf3c+rkqPGIwLqyz6phJLxwpX16ON/+vxM1fVQLcmOZ4WM7:fGnf3wOl0HgMpVQLMZM7 |
File Content Preview: | MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....c.;............................@.............@.....................................................................5.. |
File Icon |
---|
Icon Hash: | f2ecd4b2f6f4c4ec |
Static PE Info |
---|
General | |
---|---|
Entrypoint: | 0x4f1340 |
Entrypoint Section: | .text |
Digitally signed: | false |
Imagebase: | 0x400000 |
Subsystem: | windows gui |
Image File Characteristics: | LOCAL_SYMS_STRIPPED, 32BIT_MACHINE, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED |
DLL Characteristics: | |
Time Stamp: | 0x3B8363CE [Wed Aug 22 07:48:30 2001 UTC] |
TLS Callbacks: | |
CLR (.Net) Version: | |
OS Version Major: | 4 |
OS Version Minor: | 0 |
File Version Major: | 4 |
File Version Minor: | 0 |
Subsystem Version Major: | 4 |
Subsystem Version Minor: | 0 |
Import Hash: |
Entrypoint Preview |
---|
Instruction |
---|
mov eax, dword ptr fs:[00000000h] |
push ebp |
mov ebp, esp |
push FFFFFFFFh |
push 004FF220h |
push 004F7084h |
push eax |
mov dword ptr fs:[00000000h], esp |
sub esp, 60h |
push ebx |
push esi |
push edi |
mov dword ptr [ebp-18h], esp |
call dword ptr [0050FACCh] |
mov dword ptr [00505140h], eax |
xor eax, eax |
mov al, byte ptr [00505141h] |
mov dword ptr [0050514Ch], eax |
mov eax, dword ptr [00505140h] |
shr dword ptr [00505140h], 10h |
and eax, 000000FFh |
mov dword ptr [00505148h], eax |
shl eax, 08h |
add eax, dword ptr [0050514Ch] |
mov dword ptr [00505144h], eax |
call 00007FD7FC9A99CFh |
test eax, eax |
jne 00007FD7FC9A3D3Ch |
push 0000001Ch |
call 00007FD7FC9A3E64h |
add esp, 04h |
mov dword ptr [ebp-04h], 00000000h |
call 00007FD7FC9A97D5h |
call 00007FD7FC9A4E80h |
call dword ptr [0050F998h] |
mov dword ptr [0050E070h], eax |
call 00007FD7FC9A9630h |
mov dword ptr [00505120h], eax |
test eax, eax |
je 00007FD7FC9A3D3Bh |
cmp dword ptr [0050E070h], 00000000h |
jne 00007FD7FC9A3D3Ch |
push FFFFFFFFh |
call 00007FD7FC9A3F77h |
add esp, 04h |
call 00007FD7FC9A938Fh |
call 00007FD7FC9A929Ah |
call 00007FD7FC9A3F35h |
mov esi, dword ptr [0050E070h] |
mov al, byte ptr [esi] |
Data Directories |
---|
Name | Virtual Address | Virtual Size | Is in Section |
---|---|---|---|
IMAGE_DIRECTORY_ENTRY_EXPORT | 0xfffe0 | 0x35 | .rdata |
IMAGE_DIRECTORY_ENTRY_IMPORT | 0x10f000 | 0xf0 | .idata |
IMAGE_DIRECTORY_ENTRY_RESOURCE | 0x112000 | 0x5c490 | .rsrc |
IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_SECURITY | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BASERELOC | 0x16f000 | 0xa130 | .reloc |
IMAGE_DIRECTORY_ENTRY_DEBUG | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_TLS | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IAT | 0x10f784 | 0x694 | .idata |
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
Sections |
---|
Name | Virtual Address | Virtual Size | Raw Size | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
---|---|---|---|---|---|---|---|---|
.text | 0x1000 | 0xfb3f6 | 0xfb400 | False | 0.512184196206 | data | 6.37515393741 | IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ |
.rdata | 0xfd000 | 0x3015 | 0x3200 | False | 0.435078125 | data | 5.40448218626 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.data | 0x101000 | 0xd074 | 0x5e00 | False | 0.400556848404 | data | 4.46430466957 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_WRITE, IMAGE_SCN_MEM_READ |
.idata | 0x10f000 | 0x28f8 | 0x2a00 | False | 0.407087053571 | data | 5.53322081171 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_WRITE, IMAGE_SCN_MEM_READ |
.rsrc | 0x112000 | 0x5c490 | 0x5c600 | False | 0.179288417625 | data | 4.12178722438 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.reloc | 0x16f000 | 0xba6a | 0xbc00 | False | 0.625020777926 | data | 6.2745480459 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ |
Resources |
---|
Name | RVA | Size | Type | Language | Country |
---|---|---|---|---|---|
RT_CURSOR | 0x15e2f4 | 0x134 | data | English | United States |
RT_CURSOR | 0x15e43c | 0x134 | data | English | United States |
RT_CURSOR | 0x15e584 | 0x134 | data | English | United States |
RT_CURSOR | 0x15e6cc | 0x134 | data | English | United States |
RT_CURSOR | 0x15e814 | 0x134 | data | English | United States |
RT_CURSOR | 0x15e95c | 0x134 | data | English | United States |
RT_CURSOR | 0x15eaa4 | 0x134 | data | English | United States |
RT_CURSOR | 0x15ebec | 0x134 | AmigaOS bitmap font | English | United States |
RT_BITMAP | 0x155cf8 | 0xec | data | English | United States |
RT_BITMAP | 0x1244c0 | 0xa458 | data | English | United States |
RT_BITMAP | 0x12e918 | 0x5080 | data | English | United States |
RT_BITMAP | 0x155de4 | 0x29a | data | English | United States |
RT_BITMAP | 0x156080 | 0x2d2 | data | English | United States |
RT_BITMAP | 0x133998 | 0x16c94 | data | English | United States |
RT_BITMAP | 0x14a62c | 0xb670 | data | English | United States |
RT_BITMAP | 0x157dbc | 0x192 | data | English | United States |
RT_BITMAP | 0x157f50 | 0x192 | data | English | United States |
RT_BITMAP | 0x157c28 | 0x192 | data | English | United States |
RT_BITMAP | 0x156df4 | 0x192 | data | English | United States |
RT_BITMAP | 0x156f88 | 0x192 | data | English | United States |
RT_BITMAP | 0x15711c | 0x192 | data | English | United States |
RT_BITMAP | 0x1572b0 | 0x192 | data | English | United States |
RT_BITMAP | 0x157444 | 0x192 | data | English | United States |
RT_BITMAP | 0x1575d8 | 0x192 | data | English | United States |
RT_BITMAP | 0x15776c | 0x192 | data | English | United States |
RT_BITMAP | 0x157900 | 0x192 | data | English | United States |
RT_BITMAP | 0x157a94 | 0x192 | data | English | United States |
RT_BITMAP | 0x15bd74 | 0x150 | data | English | United States |
RT_BITMAP | 0x15bec4 | 0x168 | data | English | United States |
RT_BITMAP | 0x15c02c | 0x150 | data | English | United States |
RT_BITMAP | 0x15c17c | 0x168 | data | English | United States |
RT_BITMAP | 0x156354 | 0xa8 | data | English | United States |
RT_BITMAP | 0x1563fc | 0x54 | data | English | United States |
RT_BITMAP | 0x156450 | 0x54 | data | English | United States |
RT_BITMAP | 0x1564a4 | 0x58 | data | English | United States |
RT_BITMAP | 0x1564fc | 0x1e0 | data | English | United States |
RT_BITMAP | 0x1566dc | 0x29a | data | English | United States |
RT_BITMAP | 0x156978 | 0x2d2 | data | English | United States |
RT_BITMAP | 0x158540 | 0x45a | data | English | United States |
RT_BITMAP | 0x15899c | 0x45a | data | English | United States |
RT_BITMAP | 0x1580e4 | 0x45a | data | English | United States |
RT_BITMAP | 0x158df8 | 0x87a | data | English | United States |
RT_BITMAP | 0x159674 | 0x87a | data | English | United States |
RT_BITMAP | 0x159ef0 | 0x45a | data | English | United States |
RT_BITMAP | 0x15a34c | 0x45a | data | English | United States |
RT_BITMAP | 0x15a7a8 | 0x45a | data | English | United States |
RT_BITMAP | 0x15ac04 | 0x45a | data | English | United States |
RT_BITMAP | 0x15b060 | 0x45a | data | English | United States |
RT_BITMAP | 0x15b4bc | 0x45a | data | English | United States |
RT_BITMAP | 0x15b918 | 0x45a | data | English | United States |
RT_BITMAP | 0x15c2e4 | 0x2a8 | data | English | United States |
RT_BITMAP | 0x15c58c | 0x2d8 | data | English | United States |
RT_BITMAP | 0x15c864 | 0x2a8 | data | English | United States |
RT_BITMAP | 0x15cb0c | 0x2d8 | data | English | United States |
RT_BITMAP | 0x15d09c | 0x150 | data | English | United States |
RT_BITMAP | 0x15d1ec | 0x168 | data | English | United States |
RT_BITMAP | 0x15cf4c | 0x150 | data | English | United States |
RT_BITMAP | 0x15cde4 | 0x168 | data | English | United States |
RT_BITMAP | 0x156c4c | 0xa8 | data | English | United States |
RT_BITMAP | 0x156cf4 | 0x54 | data | English | United States |
RT_BITMAP | 0x156d48 | 0x54 | data | English | United States |
RT_BITMAP | 0x156d9c | 0x58 | data | English | United States |
RT_BITMAP | 0x15d354 | 0x168 | data | English | United States |
RT_ICON | 0x116330 | 0x128 | GLS_BINARY_LSB_FIRST | English | United States |
RT_ICON | 0x116458 | 0x568 | GLS_BINARY_LSB_FIRST | English | United States |
RT_ICON | 0x1169c0 | 0x2e8 | data | English | United States |
RT_ICON | 0x116ca8 | 0x8a8 | data | English | United States |
RT_ICON | 0x117590 | 0x128 | GLS_BINARY_LSB_FIRST | English | United States |
RT_ICON | 0x1176b8 | 0x568 | GLS_BINARY_LSB_FIRST | English | United States |
RT_ICON | 0x117c20 | 0x2e8 | data | English | United States |
RT_ICON | 0x117f08 | 0x8a8 | data | English | United States |
RT_ICON | 0x1187f0 | 0x128 | GLS_BINARY_LSB_FIRST | English | United States |
RT_ICON | 0x118918 | 0x568 | GLS_BINARY_LSB_FIRST | English | United States |
RT_ICON | 0x118e80 | 0x2e8 | data | English | United States |
RT_ICON | 0x119168 | 0x8a8 | data | English | United States |
RT_ICON | 0x119a50 | 0x128 | GLS_BINARY_LSB_FIRST | English | United States |
RT_ICON | 0x119b78 | 0x568 | GLS_BINARY_LSB_FIRST | English | United States |
RT_ICON | 0x11a0e0 | 0x2e8 | data | English | United States |
RT_ICON | 0x11a3c8 | 0x8a8 | data | English | United States |
RT_ICON | 0x11acb0 | 0x128 | GLS_BINARY_LSB_FIRST | English | United States |
RT_ICON | 0x11add8 | 0x568 | GLS_BINARY_LSB_FIRST | English | United States |
RT_ICON | 0x11b340 | 0x2e8 | data | English | United States |
RT_ICON | 0x11b628 | 0x8a8 | data | English | United States |
RT_ICON | 0x11bf10 | 0x128 | GLS_BINARY_LSB_FIRST | English | United States |
RT_ICON | 0x11c038 | 0x568 | GLS_BINARY_LSB_FIRST | English | United States |
RT_ICON | 0x11c5a0 | 0x2e8 | data | English | United States |
RT_ICON | 0x11c888 | 0x8a8 | data | English | United States |
RT_ICON | 0x11d170 | 0x128 | GLS_BINARY_LSB_FIRST | English | United States |
RT_ICON | 0x11d298 | 0x568 | GLS_BINARY_LSB_FIRST | English | United States |
RT_ICON | 0x11d800 | 0x2e8 | data | English | United States |
RT_ICON | 0x11dae8 | 0x8a8 | data | English | United States |
RT_ICON | 0x11e3d0 | 0x128 | GLS_BINARY_LSB_FIRST | English | United States |
RT_ICON | 0x11e4f8 | 0x568 | GLS_BINARY_LSB_FIRST | English | United States |
RT_ICON | 0x11ea60 | 0x2e8 | data | English | United States |
RT_ICON | 0x11ed48 | 0x8a8 | data | English | United States |
RT_ICON | 0x11f630 | 0x128 | GLS_BINARY_LSB_FIRST | English | United States |
RT_ICON | 0x11f758 | 0x568 | GLS_BINARY_LSB_FIRST | English | United States |
RT_ICON | 0x11fcc0 | 0x2e8 | data | English | United States |
RT_ICON | 0x11ffa8 | 0x8a8 | data | English | United States |
RT_ICON | 0x120890 | 0x128 | GLS_BINARY_LSB_FIRST | English | United States |
RT_ICON | 0x1209b8 | 0x568 | GLS_BINARY_LSB_FIRST | English | United States |
RT_ICON | 0x120f20 | 0x2e8 | data | English | United States |
RT_ICON | 0x121208 | 0x8a8 | data | English | United States |
RT_ICON | 0x121af0 | 0x128 | GLS_BINARY_LSB_FIRST | English | United States |
RT_ICON | 0x121c18 | 0x568 | GLS_BINARY_LSB_FIRST | English | United States |
RT_ICON | 0x122180 | 0x2e8 | data | English | United States |
RT_ICON | 0x122468 | 0x8a8 | data | English | United States |
RT_ICON | 0x122d50 | 0x128 | GLS_BINARY_LSB_FIRST | English | United States |
RT_ICON | 0x122e78 | 0x568 | GLS_BINARY_LSB_FIRST | English | United States |
RT_ICON | 0x1233e0 | 0x2e8 | data | English | United States |
RT_ICON | 0x1236c8 | 0x8a8 | data | English | United States |
RT_ICON | 0x123fb0 | 0x130 | data | English | United States |
RT_ICON | 0x1240f4 | 0x130 | data | English | United States |
RT_ICON | 0x124238 | 0x130 | data | English | United States |
RT_ICON | 0x12437c | 0x130 | data | English | United States |
RT_DIALOG | 0x15ff38 | 0x19e | data | English | United States |
RT_DIALOG | 0x1602c0 | 0x1aa | data | English | United States |
RT_DIALOG | 0x1604ec | 0x6e | data | English | United States |
RT_DIALOG | 0x15f40c | 0x216 | data | English | United States |
RT_DIALOG | 0x15f354 | 0xb6 | data | English | United States |
RT_DIALOG | 0x15f1bc | 0xd0 | data | English | United States |
RT_DIALOG | 0x162b60 | 0xc2 | data | English | United States |
RT_DIALOG | 0x15f28c | 0xc8 | data | English | United States |
RT_DIALOG | 0x15f65c | 0x238 | data | English | United States |
RT_DIALOG | 0x15f92c | 0x294 | data | English | United States |
RT_DIALOG | 0x155c9c | 0x26 | data | English | United States |
RT_DIALOG | 0x15fbc0 | 0xd6 | data | English | United States |
RT_DIALOG | 0x15f624 | 0x36 | data | English | United States |
RT_DIALOG | 0x15f894 | 0x96 | data | English | United States |
RT_DIALOG | 0x15fd64 | 0x1d4 | data | English | United States |
RT_DIALOG | 0x1600d8 | 0x1e8 | data | English | United States |
RT_DIALOG | 0x16046c | 0x80 | data | English | United States |
RT_STRING | 0x1657bc | 0x76 | data | English | United States |
RT_STRING | 0x165834 | 0x4a | data | English | United States |
RT_STRING | 0x165904 | 0x68 | data | English | United States |
RT_STRING | 0x165a20 | 0x8e | data | English | United States |
RT_STRING | 0x169814 | 0xfc | data | English | United States |
RT_STRING | 0x169910 | 0x92 | data | English | United States |
RT_STRING | 0x16a8d8 | 0x2d8 | data | English | United States |
RT_STRING | 0x16abb0 | 0xe4 | data | English | United States |
RT_STRING | 0x16596c | 0xb4 | data | English | United States |
RT_STRING | 0x165880 | 0x84 | data | English | United States |
RT_STRING | 0x1691a0 | 0x9e | data | English | United States |
RT_STRING | 0x169240 | 0xc2 | data | English | United States |
RT_STRING | 0x169304 | 0x38 | data | English | United States |
RT_STRING | 0x1699a4 | 0xb8 | data | English | United States |
RT_STRING | 0x169a5c | 0x60 | data | English | United States |
RT_STRING | 0x169abc | 0xbc | data | English | United States |
RT_STRING | 0x169b78 | 0xb0 | data | English | United States |
RT_STRING | 0x169c28 | 0x48 | data | English | United States |
RT_STRING | 0x169c70 | 0x2a | Hitachi SH big-endian COFF object file, not stripped, 17152 sections, symbol offset=0x25006400 | English | United States |
RT_STRING | 0x169d1c | 0x62 | data | English | United States |
RT_STRING | 0x169d80 | 0x26 | data | English | United States |
RT_STRING | 0x169da8 | 0x122 | data | English | United States |
RT_STRING | 0x16a094 | 0xa6 | data | English | United States |
RT_STRING | 0x16a13c | 0x56 | data | English | United States |
RT_STRING | 0x16a194 | 0x14e | data | English | United States |
RT_STRING | 0x16a034 | 0x60 | data | English | United States |
RT_STRING | 0x169ecc | 0x58 | data | English | United States |
RT_STRING | 0x169c9c | 0x5a | data | English | United States |
RT_STRING | 0x169cf8 | 0x24 | data | English | United States |
RT_STRING | 0x16933c | 0x21c | data | English | United States |
RT_STRING | 0x169558 | 0x274 | data | English | United States |
RT_STRING | 0x1697cc | 0x46 | data | English | United States |
RT_STRING | 0x16a2e4 | 0x7c | data | English | United States |
RT_STRING | 0x16a360 | 0x72 | data | English | United States |
RT_STRING | 0x16a3d4 | 0x110 | data | English | United States |
RT_STRING | 0x16a4e4 | 0x390 | data | English | United States |
RT_STRING | 0x16a874 | 0x64 | data | English | United States |
RT_STRING | 0x169f24 | 0x5a | data | English | United States |
RT_STRING | 0x169f80 | 0xb2 | data | English | United States |
RT_STRING | 0x16bb8c | 0x6e | data | English | United States |
RT_STRING | 0x16bbfc | 0x142 | data | English | United States |
RT_STRING | 0x16ac94 | 0xc2 | data | English | United States |
RT_STRING | 0x16ad58 | 0x396 | data | English | United States |
RT_STRING | 0x16b0f0 | 0x44a | data | English | United States |
RT_STRING | 0x16b53c | 0x32a | data | English | United States |
RT_STRING | 0x16bdf0 | 0x58 | data | English | United States |
RT_STRING | 0x16b868 | 0x62 | data | English | United States |
RT_STRING | 0x16b8cc | 0x11a | data | English | United States |
RT_STRING | 0x16bd40 | 0xb0 | data | English | United States |
RT_STRING | 0x16b9e8 | 0x62 | data | English | United States |
RT_STRING | 0x16ba4c | 0x106 | data | English | United States |
RT_STRING | 0x16bb54 | 0x36 | data | English | United States |
RT_STRING | 0x16be48 | 0x38 | data | English | United States |
RT_STRING | 0x16be80 | 0x282 | data | English | United States |
RT_STRING | 0x16c104 | 0xf0 | data | English | United States |
RT_STRING | 0x16c1f4 | 0xae | data | English | United States |
RT_STRING | 0x16c2a4 | 0x186 | data | English | United States |
RT_STRING | 0x16c42c | 0x11e | data | English | United States |
RT_STRING | 0x16c54c | 0xda | data | English | United States |
RT_STRING | 0x16c628 | 0x148 | data | English | United States |
RT_STRING | 0x16c904 | 0x322 | data | English | United States |
RT_STRING | 0x16cc28 | 0x314 | data | English | United States |
RT_STRING | 0x16c770 | 0x194 | data | English | United States |
RT_STRING | 0x16cf3c | 0x1ac | data | English | United States |
RT_STRING | 0x16d0e8 | 0xb8 | data | English | United States |
RT_STRING | 0x16d1a0 | 0x32 | data | English | United States |
RT_STRING | 0x16d1d4 | 0x1b2 | data | English | United States |
RT_STRING | 0x16d388 | 0x62 | data | English | United States |
RT_STRING | 0x16d3ec | 0x48 | data | English | United States |
RT_STRING | 0x16d434 | 0x38 | data | English | United States |
RT_STRING | 0x16d46c | 0x7e | data | English | United States |
RT_STRING | 0x16d4ec | 0x84 | data | English | United States |
RT_STRING | 0x16d570 | 0x4e | data | English | United States |
RT_STRING | 0x16d5c0 | 0x3a | data | English | United States |
RT_STRING | 0x16d5fc | 0xca | data | English | United States |
RT_STRING | 0x16d6c8 | 0xe6 | data | English | United States |
RT_STRING | 0x16d7b0 | 0xb2 | data | English | United States |
RT_STRING | 0x16d864 | 0x34 | data | English | United States |
RT_STRING | 0x16d898 | 0x46 | data | English | United States |
RT_STRING | 0x16d8e0 | 0x364 | data | English | United States |
RT_STRING | 0x16dc44 | 0x4fe | data | English | United States |
RT_STRING | 0x16e144 | 0x154 | data | English | United States |
RT_STRING | 0x16e298 | 0x1f8 | data | English | United States |
RT_STRING | 0x165ab0 | 0x9a | data | English | United States |
RT_STRING | 0x165b4c | 0x12c | data | English | United States |
RT_STRING | 0x165c78 | 0xf4 | data | English | United States |
RT_STRING | 0x165d6c | 0x11c | data | English | United States |
RT_STRING | 0x165e88 | 0x146 | data | English | United States |
RT_STRING | 0x165fd0 | 0x14e | data | English | United States |
RT_STRING | 0x166120 | 0x160 | data | English | United States |
RT_STRING | 0x166280 | 0x17e | data | English | United States |
RT_STRING | 0x166400 | 0x19c | data | English | United States |
RT_STRING | 0x16659c | 0x198 | data | English | United States |
RT_STRING | 0x166734 | 0x182 | data | English | United States |
RT_STRING | 0x1668b8 | 0x160 | data | English | United States |
RT_STRING | 0x166a18 | 0x1ac | data | English | United States |
RT_STRING | 0x166bc4 | 0x16e | data | English | United States |
RT_STRING | 0x166d34 | 0xf8 | data | English | United States |
RT_STRING | 0x166e2c | 0x198 | data | English | United States |
RT_STRING | 0x166fc4 | 0x17e | data | English | United States |
RT_STRING | 0x167144 | 0x1a8 | data | English | United States |
RT_STRING | 0x1672ec | 0x234 | data | English | United States |
RT_STRING | 0x167520 | 0x1c0 | data | English | United States |
RT_STRING | 0x1676e0 | 0x188 | data | English | United States |
RT_STRING | 0x167868 | 0x1ee | data | English | United States |
RT_STRING | 0x167a58 | 0x62 | data | English | United States |
RT_STRING | 0x167abc | 0x144 | data | English | United States |
RT_STRING | 0x167c00 | 0x1a2 | data | English | United States |
RT_STRING | 0x167da4 | 0x154 | data | English | United States |
RT_STRING | 0x167ef8 | 0x128 | data | English | United States |
RT_STRING | 0x168020 | 0x124 | data | English | United States |
RT_STRING | 0x168144 | 0x14e | data | English | United States |
RT_STRING | 0x168294 | 0x12a | data | English | United States |
RT_STRING | 0x1683c0 | 0x18c | AmigaOS bitmap font | English | United States |
RT_STRING | 0x16854c | 0x19a | data | English | United States |
RT_STRING | 0x16880c | 0x1c6 | data | English | United States |
RT_STRING | 0x1689d4 | 0x182 | data | English | United States |
RT_STRING | 0x168b58 | 0x186 | data | English | United States |
RT_STRING | 0x168ce0 | 0x194 | data | English | United States |
RT_STRING | 0x168e74 | 0x1ba | data | English | United States |
RT_STRING | 0x169030 | 0x16e | data | English | United States |
RT_STRING | 0x1686e8 | 0x122 | data | English | United States |
RT_RCDATA | 0x15d4bc | 0x120 | data | English | United States |
RT_RCDATA | 0x16055c | 0x1734 | data | English | United States |
RT_RCDATA | 0x161c90 | 0xed0 | data | English | United States |
RT_GROUP_CURSOR | 0x15e428 | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | English | United States |
RT_GROUP_CURSOR | 0x15e570 | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | English | United States |
RT_GROUP_CURSOR | 0x15e6b8 | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | English | United States |
RT_GROUP_CURSOR | 0x15e800 | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | English | United States |
RT_GROUP_CURSOR | 0x15e948 | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | English | United States |
RT_GROUP_CURSOR | 0x15ea90 | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | English | United States |
RT_GROUP_CURSOR | 0x15ebd8 | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | English | United States |
RT_GROUP_CURSOR | 0x15ed20 | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | English | United States |
RT_GROUP_ICON | 0x117550 | 0x3e | data | English | United States |
RT_GROUP_ICON | 0x1187b0 | 0x3e | data | English | United States |
RT_GROUP_ICON | 0x119a10 | 0x3e | data | English | United States |
RT_GROUP_ICON | 0x11ac70 | 0x3e | data | English | United States |
RT_GROUP_ICON | 0x11bed0 | 0x3e | data | English | United States |
RT_GROUP_ICON | 0x11d130 | 0x3e | data | English | United States |
RT_GROUP_ICON | 0x11e390 | 0x3e | data | English | United States |
RT_GROUP_ICON | 0x11f5f0 | 0x3e | data | English | United States |
RT_GROUP_ICON | 0x120850 | 0x3e | data | English | United States |
RT_GROUP_ICON | 0x121ab0 | 0x3e | data | English | United States |
RT_GROUP_ICON | 0x122d10 | 0x3e | data | English | United States |
RT_GROUP_ICON | 0x123f70 | 0x3e | data | English | United States |
RT_GROUP_ICON | 0x1240e0 | 0x14 | data | English | United States |
RT_GROUP_ICON | 0x124224 | 0x14 | data | English | United States |
RT_GROUP_ICON | 0x124368 | 0x14 | data | English | United States |
RT_GROUP_ICON | 0x1244ac | 0x14 | data | English | United States |
RT_VERSION | 0x1654dc | 0x2de | data | English | United States |
None | 0x163034 | 0x2a1 | data | English | United States |
None | 0x164928 | 0xc9 | data | English | United States |
None | 0x1632d8 | 0x69 | data | English | United States |
None | 0x1649f4 | 0xd3 | data | English | United States |
None | 0x162f60 | 0x59 | data | English | United States |
None | 0x163f80 | 0x111 | data | English | United States |
None | 0x1635ac | 0x51 | data | English | United States |
None | 0x163adc | 0x15b | data | English | United States |
None | 0x164ac8 | 0x35 | data | English | United States |
None | 0x164b00 | 0x32 | data | English | United States |
None | 0x163600 | 0x21c | data | English | United States |
None | 0x164b34 | 0x1a4 | data | English | United States |
None | 0x163930 | 0x43 | data | English | United States |
None | 0x162d8c | 0xb2 | data | English | United States |
None | 0x164cd8 | 0x4e | data | English | United States |
None | 0x1633a8 | 0x91 | data | English | United States |
None | 0x163478 | 0x9f | data | English | United States |
None | 0x162c34 | 0x81 | data | English | United States |
None | 0x162e40 | 0x90 | data | English | United States |
None | 0x162cb8 | 0xd4 | data | English | United States |
None | 0x162ed0 | 0x8d | data | English | United States |
None | 0x162fbc | 0x77 | data | English | United States |
None | 0x16343c | 0x3c | data | English | United States |
None | 0x16381c | 0xc5 | data | English | United States |
None | 0x164d28 | 0x44 | data | English | United States |
None | 0x163c38 | 0x292 | data | English | United States |
None | 0x163ecc | 0x39 | data | English | United States |
None | 0x163f08 | 0x3e | data | English | United States |
None | 0x163518 | 0x93 | data | English | United States |
None | 0x164d6c | 0x34 | data | English | United States |
None | 0x164da0 | 0x3d6 | data | English | United States |
None | 0x163a4c | 0x64 | data | English | United States |
None | 0x162c24 | 0x10 | data | English | United States |
None | 0x1638e4 | 0x49 | data | English | United States |
None | 0x163974 | 0x57 | data | English | United States |
None | 0x163344 | 0x64 | data | English | United States |
None | 0x1639cc | 0x7f | data | English | United States |
None | 0x163ab0 | 0x2a | data | English | United States |
None | 0x163f48 | 0x35 | data | English | United States |
None | 0x164094 | 0xd0 | data | English | United States |
None | 0x165178 | 0x53 | data | English | United States |
None | 0x164164 | 0x3f | data | English | United States |
None | 0x1641a4 | 0x4ab | data | English | United States |
None | 0x164650 | 0x7b | data | English | United States |
None | 0x1646cc | 0x58 | data | English | United States |
None | 0x164724 | 0x75 | data | English | United States |
None | 0x16479c | 0xab | data | English | United States |
None | 0x164848 | 0x92 | data | English | United States |
None | 0x1648dc | 0x4a | data | English | United States |
None | 0x15fc98 | 0x16 | data | English | United States |
None | 0x15fcb0 | 0x16 | data | English | United States |
None | 0x15fd0c | 0x16 | data | English | United States |
None | 0x15fcdc | 0x16 | data | English | United States |
None | 0x15fcf4 | 0x16 | data | English | United States |
None | 0x15fcc8 | 0x12 | data | English | United States |
None | 0x15fd24 | 0x1f | data | English | United States |
None | 0x15fd44 | 0x1f | data | English | United States |
None | 0x1651cc | 0x30c | data | English | United States |
None | 0x1654d8 | 0x4 | data | English | United States |
None | 0x155cc4 | 0x34 | data | English | United States |
None | 0x15d5dc | 0x100 | data | English | United States |
None | 0x15d6dc | 0x8 | data | English | United States |
None | 0x15d6e4 | 0x400 | data | English | United States |
None | 0x15dae4 | 0x10 | data | English | United States |
None | 0x15daf4 | 0x800 | data | English | United States |
None | 0x15ed34 | 0x64 | RIFF (little-endian) data, palette, version 68, 0 entries | English | United States |
None | 0x15ed98 | 0x424 | RIFF (little-endian) data, palette, version 1028, 0 entries | English | United States |
Version Infos |
---|
Description | Data |
---|---|
Translation | 0x0409 0x04b0 |
LegalCopyright | 1987-1998, Macromedia, Inc. |
CompanyName | Macromedia, Inc. |
LegalTrademarks | Macromedia, the Macromedia Logo and Authorware are registered trademarks of Macromedia, Inc. |
FileVersion | 6.0 |
FileDescription | Authorware Runtime |
Possible Origin |
---|
Language of compilation system | Country where language is spoken | Map |
---|---|---|
English | United States |
Network Behavior |
---|
Network Port Distribution |
---|
UDP Packets |
---|
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Sep 28, 2021 16:12:25.662106991 CEST | 57459 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 28, 2021 16:12:25.681663990 CEST | 53 | 57459 | 8.8.8.8 | 192.168.2.3 |
Sep 28, 2021 16:12:32.004306078 CEST | 57875 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 28, 2021 16:12:32.023658037 CEST | 53 | 57875 | 8.8.8.8 | 192.168.2.3 |
Sep 28, 2021 16:12:47.941556931 CEST | 54154 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 28, 2021 16:12:47.960385084 CEST | 53 | 54154 | 8.8.8.8 | 192.168.2.3 |
Sep 28, 2021 16:12:49.861414909 CEST | 52806 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 28, 2021 16:12:49.870047092 CEST | 53910 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 28, 2021 16:12:49.885335922 CEST | 53 | 52806 | 8.8.8.8 | 192.168.2.3 |
Sep 28, 2021 16:12:49.889545918 CEST | 53 | 53910 | 8.8.8.8 | 192.168.2.3 |
Sep 28, 2021 16:12:50.316499949 CEST | 64021 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 28, 2021 16:12:50.336370945 CEST | 53 | 64021 | 8.8.8.8 | 192.168.2.3 |
Sep 28, 2021 16:12:50.866606951 CEST | 60784 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 28, 2021 16:12:50.883982897 CEST | 53 | 60784 | 8.8.8.8 | 192.168.2.3 |
Sep 28, 2021 16:12:51.208616018 CEST | 51143 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 28, 2021 16:12:51.228117943 CEST | 53 | 51143 | 8.8.8.8 | 192.168.2.3 |
Sep 28, 2021 16:12:51.651036024 CEST | 56009 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 28, 2021 16:12:51.670914888 CEST | 53 | 56009 | 8.8.8.8 | 192.168.2.3 |
Sep 28, 2021 16:12:51.766568899 CEST | 59026 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 28, 2021 16:12:51.794857025 CEST | 53 | 59026 | 8.8.8.8 | 192.168.2.3 |
Sep 28, 2021 16:12:52.171520948 CEST | 49572 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 28, 2021 16:12:52.191257954 CEST | 53 | 49572 | 8.8.8.8 | 192.168.2.3 |
Sep 28, 2021 16:12:52.760643959 CEST | 60823 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 28, 2021 16:12:52.795089006 CEST | 53 | 60823 | 8.8.8.8 | 192.168.2.3 |
Sep 28, 2021 16:12:53.160218000 CEST | 52130 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 28, 2021 16:12:53.188272953 CEST | 53 | 52130 | 8.8.8.8 | 192.168.2.3 |
Sep 28, 2021 16:12:53.533149004 CEST | 55102 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 28, 2021 16:12:53.553311110 CEST | 53 | 55102 | 8.8.8.8 | 192.168.2.3 |
Sep 28, 2021 16:12:54.226035118 CEST | 56236 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 28, 2021 16:12:54.246094942 CEST | 53 | 56236 | 8.8.8.8 | 192.168.2.3 |
Sep 28, 2021 16:12:54.888566017 CEST | 56527 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 28, 2021 16:12:54.906147003 CEST | 53 | 56527 | 8.8.8.8 | 192.168.2.3 |
Sep 28, 2021 16:13:01.458327055 CEST | 49559 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 28, 2021 16:13:01.477133989 CEST | 53 | 49559 | 8.8.8.8 | 192.168.2.3 |
Sep 28, 2021 16:13:13.235512972 CEST | 52650 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 28, 2021 16:13:13.258397102 CEST | 53 | 52650 | 8.8.8.8 | 192.168.2.3 |
Sep 28, 2021 16:13:30.183695078 CEST | 63297 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 28, 2021 16:13:30.204565048 CEST | 53 | 63297 | 8.8.8.8 | 192.168.2.3 |
Sep 28, 2021 16:13:49.759965897 CEST | 58361 | 53 | 192.168.2.3 | 8.8.8.8 |
Sep 28, 2021 16:13:49.779611111 CEST | 53 | 58361 | 8.8.8.8 | 192.168.2.3 |
Code Manipulations |
---|
Statistics |
---|
System Behavior |
---|
General |
---|
Start time: | 16:12:02 |
Start date: | 28/09/2021 |
Path: | C:\Users\user\Desktop\SecuriteInfo.com.Trojan.BrowseBan.32054.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x400000 |
File size: | 1570477 bytes |
MD5 hash: | 7A61D4434B48575332C6D4227B5ED14F |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Disassembly |
---|
Code Analysis |
---|