Analysis Report
Overview
General Information |
---|
Joe Sandbox Version: | 20.0.0 |
Analysis ID: | 33765 |
Start time: | 19:10:19 |
Joe Sandbox Product: | CloudBasic |
Start date: | 08.10.2017 |
Overall analysis duration: | 0h 9m 58s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Sample file name: | obtG43AWHP.bin (renamed file extension from bin to exe) |
Cookbook file name: | default.jbs |
Analysis system description: | Windows 7 SP1 (with Office 2010 SP2, IE 11, FF 54, Chrome 60, Acrobat Reader DC 17, Flash 26, Java 8.0.1440.1) |
Number of analysed new started processes analysed: | 40 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies |
|
Detection: | MAL |
Classification: | mal80.evad.winEXE@77/2@0/0 |
HCA Information: |
|
EGA Information: |
|
HDC Information: |
|
Cookbook Comments: |
|
Warnings: | Show All
|
Detection |
---|
Strategy | Score | Range | Reporting | Detection | |
---|---|---|---|---|---|
Threshold | 80 | 0 - 100 | Report FP / FN |
Confidence |
---|
Strategy | Score | Range | Further Analysis Required? | Confidence | |
---|---|---|---|---|---|
Threshold | 5 | 0 - 5 | false |
Classification |
---|
Signature Overview |
---|
Click to jump to signature section
AV Detection: |
---|
Antivirus detection for dropped file | Show sources |
Source: C:\Users\user\AppData\Roaming\Microsoft\DirectX\nthost.exe | virustotal: | Perma Link |
Antivirus detection for submitted file | Show sources |
Source: obtG43AWH.exe | virustotal: | Perma Link |
DDoS: |
---|
Too many similar processes found | Show sources |
Source: obtG43AWHP.exe | Process created: |
Boot Survival: |
---|
Creates an autostart registry key | Show sources |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Registry value created or modified: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Registry value created or modified: |
Creates autostart registry keys with suspicious names | Show sources |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Registry value created or modified: |
Persistence and Installation Behavior: |
---|
Drops PE files | Show sources |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | File created: |
Data Obfuscation: |
---|
Contains functionality to dynamically determine API calls | Show sources |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 1_2_030073AC |
PE file contains an invalid checksum | Show sources |
Source: obtG43AWH.exe | Static PE information: | ||
Source: nthost.exe.36.dr | Static PE information: |
Uses code obfuscation techniques (call, push, ret) | Show sources |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 1_2_03005088 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 1_2_002962B3 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 1_2_002841D9 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 1_2_00294E79 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 1_2_0028441C | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 1_2_00297474 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 1_2_0028DFBA | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 1_2_00284A14 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 1_2_00295243 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 1_2_00296610 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 1_2_0028FA01 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 1_2_0028E064 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 1_2_002843E4 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 1_2_002962FC | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 1_2_00295243 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 1_2_002962FC | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 1_2_002952D8 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 1_2_0028AD37 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 1_2_0028AE1C | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 1_2_0028E92D | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 1_2_002846F4 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 1_2_0028ADE4 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 1_2_00297474 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 1_2_0028DFBA | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 1_2_0028F80D | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 1_2_002815FC | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 1_2_0028AD37 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 1_2_0028B610 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 1_2_0028ACC4 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 1_2_0028E964 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 1_2_0028E144 |
Spreading: |
---|
Contains functionality to enumerate / list files inside a directory | Show sources |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 2_2_00404E08 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 4_2_00404E08 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 6_2_00404E08 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 8_2_00404E08 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 10_2_00404E08 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 12_2_00404E08 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 14_2_00404E08 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 16_2_00404E08 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 18_2_00404E08 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 20_2_00404E08 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 22_2_00404E08 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 24_2_00404E08 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 26_2_00404E08 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 28_2_00404E08 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 30_2_00404E08 |
System Summary: |
---|
Classification label | Show sources |
Source: classification engine | Classification label: |
Contains functionality to check free disk space | Show sources |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 2_2_004076D4 |
Contains functionality to load and extract PE file embedded resources | Show sources |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 2_2_0040BA10 |
Creates files inside the user directory | Show sources |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | File created: |
Launches a second explorer.exe instance | Show sources |
Source: unknown | Process created: |
PE file has an executable .text section and no other executable section | Show sources |
Source: obtG43AWH.exe | Static PE information: |
Parts of this applications are using Borland Delphi (Probably coded in Delphi) | Show sources |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Key opened: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Key opened: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Key opened: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Key opened: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Key opened: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Key opened: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Key opened: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Key opened: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Key opened: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Key opened: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Key opened: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Key opened: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Key opened: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Key opened: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Key opened: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Key opened: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Key opened: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Key opened: | ||
Source: C:\Users\user\AppData\Roaming\Microsoft\DirectX\nthost.exe | Key opened: |
Reads ini files | Show sources |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | File read: |
Reads software policies | Show sources |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Key opened: |
Sample is known by Antivirus (Virustotal or Metascan) | Show sources |
Source: obtG43AWH.exe | Virustotal: |
Spawns processes | Show sources |
Source: unknown | Process created: | ||
Source: unknown | Process created: | ||
Source: unknown | Process created: | ||
Source: unknown | Process created: | ||
Source: unknown | Process created: | ||
Source: unknown | Process created: | ||
Source: unknown | Process created: | ||
Source: unknown | Process created: | ||
Source: unknown | Process created: | ||
Source: unknown | Process created: | ||
Source: unknown | Process created: | ||
Source: unknown | Process created: | ||
Source: unknown | Process created: | ||
Source: unknown | Process created: | ||
Source: unknown | Process created: | ||
Source: unknown | Process created: | ||
Source: unknown | Process created: | ||
Source: unknown | Process created: | ||
Source: unknown | Process created: | ||
Source: unknown | Process created: | ||
Source: unknown | Process created: | ||
Source: unknown | Process created: | ||
Source: unknown | Process created: | ||
Source: unknown | Process created: | ||
Source: unknown | Process created: | ||
Source: unknown | Process created: | ||
Source: unknown | Process created: | ||
Source: unknown | Process created: | ||
Source: unknown | Process created: | ||
Source: unknown | Process created: | ||
Source: unknown | Process created: | ||
Source: unknown | Process created: | ||
Source: unknown | Process created: | ||
Source: unknown | Process created: | ||
Source: unknown | Process created: | ||
Source: unknown | Process created: | ||
Source: unknown | Process created: | ||
Source: unknown | Process created: | ||
Source: unknown | Process created: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Process created: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Process created: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Process created: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Process created: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Process created: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Process created: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Process created: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Process created: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Process created: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Process created: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Process created: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Process created: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Process created: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Process created: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Process created: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Process created: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Process created: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Process created: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Process created: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Process created: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Process created: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Process created: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Process created: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Process created: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Process created: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Process created: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Process created: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Process created: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Process created: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Process created: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Process created: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Process created: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Process created: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Process created: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Process created: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Process created: | ||
Source: C:\Users\user\AppData\Roaming\Microsoft\DirectX\nthost.exe | Process created: | ||
Source: C:\Users\user\AppData\Roaming\Microsoft\DirectX\nthost.exe | Process created: |
Uses an in-process (OLE) Automation server | Show sources |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Key value queried: |
Contains functionality to call native functions | Show sources |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 1_2_0027E080 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 2_2_00417F5C | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 3_2_0029E080 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 4_2_00417F5C | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 5_2_0020E080 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 6_2_00417F5C | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 7_2_0028E080 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 8_2_00417F5C | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 9_2_0028E080 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 10_2_00417F5C | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 11_2_001AE080 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 12_2_00417F5C | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 13_2_002DE080 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 14_2_00417F5C | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 15_2_0020E080 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 16_2_00417F5C | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 17_2_0037E080 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 18_2_00417F5C | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 19_2_0018E080 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 20_2_00417F5C | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 21_2_0024E080 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 22_2_00417F5C | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 23_2_0020E080 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 24_2_00417F5C | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 25_2_0027E080 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 26_2_00417F5C | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 27_2_0024E080 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 28_2_00417F5C | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 29_2_0027E080 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 30_2_00417F5C |
Found potential string decryption / allocating functions | Show sources |
HIPS / PFW / Operating System Protection Evasion: |
---|
Contains functionality to inject code into remote processes | Show sources |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 1_2_0027E080 |
Injects a PE file into a foreign processes | Show sources |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Memory written: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Memory written: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Memory written: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Memory written: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Memory written: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Memory written: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Memory written: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Memory written: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Memory written: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Memory written: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Memory written: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Memory written: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Memory written: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Memory written: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Memory written: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Memory written: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Memory written: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Memory written: | ||
Source: C:\Users\user\AppData\Roaming\Microsoft\DirectX\nthost.exe | Memory written: |
Modifies the context of a thread in another process (thread injection) | Show sources |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Thread register set: |
Anti Debugging: |
---|
Contains functionality to register its own exception handler | Show sources |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 1_2_03003F30 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 1_2_03003CD8 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 1_2_03006BA0 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 2_2_03003CD8 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 2_2_03006BA0 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 2_2_03003F30 |
Contains functionality to check if a debugger is running (IsDebuggerPresent) | Show sources |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 1_2_03003CD8 |
Contains functionality to dynamically determine API calls | Show sources |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 1_2_030073AC |
Contains functionality to read the PEB | Show sources |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 1_2_0027DFB2 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 3_2_0029DFB2 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 5_2_0020DFB2 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 7_2_0028DFB2 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 9_2_0028DFB2 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 11_2_001ADFB2 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 13_2_002DDFB2 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 15_2_0020DFB2 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 17_2_0037DFB2 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 19_2_0018DFB2 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 21_2_0024DFB2 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 23_2_0020DFB2 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 25_2_0027DFB2 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 27_2_0024DFB2 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 29_2_0027DFB2 |
Malware Analysis System Evasion: |
---|
Contains functionality to enumerate / list files inside a directory | Show sources |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 2_2_00404E08 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 4_2_00404E08 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 6_2_00404E08 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 8_2_00404E08 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 10_2_00404E08 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 12_2_00404E08 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 14_2_00404E08 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 16_2_00404E08 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 18_2_00404E08 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 20_2_00404E08 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 22_2_00404E08 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 24_2_00404E08 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 26_2_00404E08 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 28_2_00404E08 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 30_2_00404E08 |
Contains functionality to query system information | Show sources |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 2_2_0041844E |
Program exit points | Show sources |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | API call chain: | graph_1-19518 | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | API call chain: | graph_1-18629 | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | API call chain: | graph_1-19034 | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | API call chain: | graph_1-19038 | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | API call chain: | graph_1-19161 | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | API call chain: | graph_2-17672 | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | API call chain: | graph_2-17610 | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | API call chain: | graph_4-14048 | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | API call chain: | graph_6-14048 | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | API call chain: | graph_8-14048 | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | API call chain: | graph_10-14048 | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | API call chain: | graph_12-14048 | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | API call chain: | graph_14-14048 | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | API call chain: | graph_16-14048 | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | API call chain: | graph_18-14048 | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | API call chain: | graph_20-14048 | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | API call chain: | graph_22-14048 | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | API call chain: | graph_24-14048 | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | API call chain: | |||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | API call chain: | |||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | API call chain: |
Found evasive API chain (may stop execution after checking a module file name) | Show sources |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Evasive API call chain: | graph_1-18709 |
Found large amount of non-executed APIs | Show sources |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | API coverage: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | API coverage: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | API coverage: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | API coverage: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | API coverage: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | API coverage: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | API coverage: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | API coverage: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | API coverage: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | API coverage: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | API coverage: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | API coverage: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | API coverage: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | API coverage: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | API coverage: |
May sleep (evasive loops) to hinder dynamic analysis | Show sources |
Source: C:\Windows\explorer.exe TID: 3720 | Thread sleep time: |
Hooking and other Techniques for Hiding and Protection: |
---|
Disables application error messsages (SetErrorMode) | Show sources |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Process information set: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Process information set: | ||
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Process information set: |
Extensive use of GetProcAddress (often used to hide API calls) | Show sources |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 2_2_00417A70 |
Language, Device and Operating System Detection: |
---|
Contains functionality to query local / system time | Show sources |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 1_2_0300521F |
Contains functionality to query windows version | Show sources |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 2_2_0040AD2C |
Queries the cryptographic machine GUID | Show sources |
Source: C:\Windows\explorer.exe | Key value queried: |
Contains functionality locales information (e.g. system language) | Show sources |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 1_2_0300966F | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 2_2_00404FC0 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 2_2_004050CC | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 2_2_0040587A | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 2_2_0040B2B4 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 2_2_00409DB0 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 2_2_0040587C | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 2_2_00409DFC | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 2_2_0300966F | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 4_2_00404FC0 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 4_2_004050CC | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 4_2_0040587A | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 4_2_0040B2B4 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 4_2_00409DB0 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 4_2_0040587C | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 4_2_00409DFC | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 6_2_00404FC0 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 6_2_004050CC | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 6_2_0040587A | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 6_2_0040B2B4 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 6_2_00409DB0 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 6_2_0040587C | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 6_2_00409DFC | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 8_2_00404FC0 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 8_2_004050CC | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 8_2_0040587A | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 8_2_0040B2B4 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 8_2_00409DB0 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 8_2_0040587C | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 8_2_00409DFC | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 10_2_00404FC0 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 10_2_004050CC | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 10_2_0040587A | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 10_2_0040B2B4 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 10_2_00409DB0 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 10_2_0040587C | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 10_2_00409DFC | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 12_2_00404FC0 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 12_2_004050CC | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 12_2_0040587A | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 12_2_0040B2B4 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 12_2_00409DB0 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 12_2_0040587C | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 12_2_00409DFC | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 14_2_00404FC0 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 14_2_004050CC | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 14_2_0040587A | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 14_2_0040B2B4 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 14_2_00409DB0 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 14_2_0040587C | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 14_2_00409DFC | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 16_2_00404FC0 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 16_2_004050CC | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 16_2_0040587A | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 16_2_0040B2B4 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 16_2_00409DB0 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 16_2_0040587C | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 16_2_00409DFC | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 18_2_00404FC0 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 18_2_004050CC | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 18_2_0040587A | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 18_2_0040B2B4 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 18_2_00409DB0 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 18_2_0040587C | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 18_2_00409DFC | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 20_2_00404FC0 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 20_2_004050CC | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 20_2_0040587A | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 20_2_0040B2B4 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 20_2_00409DB0 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 20_2_0040587C | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 20_2_00409DFC | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 22_2_00404FC0 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 22_2_004050CC | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 22_2_0040587A | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 22_2_0040B2B4 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 22_2_00409DB0 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 22_2_0040587C | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 22_2_00409DFC | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 24_2_00404FC0 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 24_2_004050CC | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 24_2_0040587A | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 24_2_0040B2B4 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 24_2_00409DB0 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 24_2_0040587C | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 24_2_00409DFC | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 26_2_00404FC0 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 26_2_004050CC | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 26_2_0040587A | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 26_2_0040B2B4 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 26_2_00409DB0 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 26_2_0040587C | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 26_2_00409DFC | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 28_2_00404FC0 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 28_2_004050CC | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 28_2_0040587A | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 28_2_0040B2B4 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 28_2_00409DB0 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 28_2_0040587C | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 28_2_00409DFC | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 30_2_00404FC0 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 30_2_004050CC | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 30_2_0040587A | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 30_2_0040B2B4 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 30_2_00409DB0 | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 30_2_0040587C | |
Source: C:\Users\user\Desktop\obtG43AWHP.exe | Code function: | 30_2_00409DFC |
Behavior Graph |
---|
Simulations |
---|
Behavior and APIs |
---|
Time | Type | Description |
---|---|---|
19:11:14 | API Interceptor | 1x Sleep call for process: explorer.exe modified from: 60000ms to: 500ms |
19:11:14 | Autostart | Run: HKCU\Software\Microsoft\Windows\CurrentVersion\Run DX9 C++RTL C:\Users\user\AppData\Roaming\Microsoft\DirectX\nthost.exe |
Antivirus Detection |
---|
Initial Sample |
---|
Source | Detection | Cloud | Link |
---|---|---|---|
46% | virustotal | Browse |
Dropped Files |
---|
Source | Detection | Cloud | Link |
---|---|---|---|
46% | virustotal | Browse |
Domains |
---|
No Antivirus matches |
---|
Yara Overview |
---|
Initial Sample |
---|
No yara matches |
---|
PCAP (Network Traffic) |
---|
No yara matches |
---|
Dropped Files |
---|
No yara matches |
---|
Memory Dumps |
---|
No yara matches |
---|
Unpacked PEs |
---|
No yara matches |
---|
Joe Sandbox View / Context |
---|
Screenshot |
---|
Startup |
---|
|
Created / dropped Files |
---|
File Type: | |
MD5: | 1DE07D0AF66CFA7B504C2F563D45437B |
SHA1: | B340C407A3D703E412C18DDC7FFDE70B3DF932DF |
SHA-256: | D819B9EBF5C342289ABC3CE17A365A50C84616C46A01B7A0B90A1C5F41277DE0 |
SHA-512: | 85BE784A3F2AA0C8A311493F02859B6E8EF51F6294BFCA83027F1BCDD3EB5A59EC3718B9E8E281BD1C2BDBA36809B4853ADA998B5F37BF88E7DB48FF4A118AFE |
Malicious: | true |
Antivirus: |
|
File Type: | |
MD5: | 187F488E27DB4AF347237FE461A079AD |
SHA1: | 6693BA299EC1881249D59262276A0D2CB21F8E64 |
SHA-256: | 255A65D30841AB4082BD9D0EEA79D49C5EE88F56136157D8D6156AEF11C12309 |
SHA-512: | 89879F237C0C051EBE784D0690657A6827A312A82735DA42DAD5F744D734FC545BEC9642C19D14C05B2F01FF53BC731530C92F7327BB7DC9CDE1B60FB21CD64E |
Malicious: | true |
Contacted Domains/Contacted IPs |
---|
Static File Info |
---|
General | |
---|---|
File type: | |
TrID: |
|
File name: | obtG43AWH.exe |
File size: | 498176 |
MD5: | 1de07d0af66cfa7b504c2f563d45437b |
SHA1: | b340c407a3d703e412c18ddc7ffde70b3df932df |
SHA256: | d819b9ebf5c342289abc3ce17a365a50c84616c46a01b7a0b90a1c5f41277de0 |
SHA512: | 85be784a3f2aa0c8a311493f02859b6e8ef51f6294bfca83027f1bcdd3eb5a59ec3718b9e8e281bd1c2bdba36809b4853ada998b5f37bf88e7db48ff4a118afe |
File Content Preview: | MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......2...v.j[v.j[v.j[...[`.j[...[x.j[...[..j[...[..j[v.k[ .j[...[w.j[...[w.j[...[w.j[Richv.j[................PE..L....0.Y........... |
File Icon |
---|
Static PE Info |
---|
General | |
---|---|
Entrypoint: | 0x3002e81 |
Entrypoint Section: | .text |
Digitally signed: | false |
Imagebase: | 0x3000000 |
Subsystem: | windows gui |
Image File Characteristics: | 32BIT_MACHINE, EXECUTABLE_IMAGE |
DLL Characteristics: | TERMINAL_SERVER_AWARE, NX_COMPAT |
Time Stamp: | 0x598830C8 [Mon Aug 7 09:20:08 2017 UTC] |
TLS Callbacks: | |
CLR (.Net) Version: | |
OS Version Major: | 5 |
OS Version Minor: | 1 |
File Version Major: | 5 |
File Version Minor: | 1 |
Subsystem Version Major: | 5 |
Subsystem Version Minor: | 1 |
Import Hash: | 5b44ece315e26b140629a3666ae6a98c |
Entrypoint Preview |
---|
Instruction |
---|
call 00007F53A0F54F3Eh |
jmp 00007F53A0F52A2Eh |
mov edi, edi |
push ebp |
mov ebp, esp |
push ecx |
push esi |
mov esi, dword ptr [ebp+0Ch] |
push esi |
call 00007F53A0F55B58h |
mov dword ptr [ebp+0Ch], eax |
mov eax, dword ptr [esi+0Ch] |
pop ecx |
test al, 82h |
jne 00007F53A0F52BB9h |
call 00007F53A0F53B9Fh |
mov dword ptr [eax], 00000009h |
or dword ptr [esi+0Ch], 20h |
or eax, FFFFFFFFh |
jmp 00007F53A0F52CD4h |
test al, 40h |
je 00007F53A0F52BAFh |
call 00007F53A0F53B84h |
mov dword ptr [eax], 00000022h |
jmp 00007F53A0F52B85h |
push ebx |
xor ebx, ebx |
test al, 01h |
je 00007F53A0F52BB8h |
mov dword ptr [esi+04h], ebx |
test al, 10h |
je 00007F53A0F52C2Dh |
mov ecx, dword ptr [esi+08h] |
and eax, FFFFFFFEh |
mov dword ptr [esi], ecx |
mov dword ptr [esi+0Ch], eax |
mov eax, dword ptr [esi+0Ch] |
and eax, FFFFFFEFh |
or eax, 02h |
mov dword ptr [esi+0Ch], eax |
mov dword ptr [esi+04h], ebx |
mov dword ptr [ebp-04h], ebx |
test eax, 0000010Ch |
jne 00007F53A0F52BCEh |
call 00007F53A0F55935h |
add eax, 20h |
cmp esi, eax |
je 00007F53A0F52BAEh |
call 00007F53A0F55929h |
add eax, 40h |
cmp esi, eax |
jne 00007F53A0F52BAFh |
push dword ptr [ebp+0Ch] |
call 00007F53A0F558C4h |
pop ecx |
test eax, eax |
jne 00007F53A0F52BA9h |
push esi |
call 00007F53A0F55870h |
pop ecx |
test dword ptr [esi+0Ch], 00000108h |
push edi |
je 00007F53A0F52C26h |
mov eax, dword ptr [esi+08h] |
Data Directories |
---|
Name | Virtual Address | Virtual Size | Is in Section |
---|---|---|---|
IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IMPORT | 0x9a9c | 0x64 | .text |
IMAGE_DIRECTORY_ENTRY_RESOURCE | 0x14000 | 0x6e6e2 | .rsrc |
IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_SECURITY | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BASERELOC | 0x83000 | 0x708 | .reloc |
IMAGE_DIRECTORY_ENTRY_DEBUG | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_TLS | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0x2b60 | 0x40 | .text |
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IAT | 0x1000 | 0x140 | .text |
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
Sections |
---|
Name | Virtual Address | Virtual Size | Raw Size | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
---|---|---|---|---|---|---|---|---|
.text | 0x1000 | 0x91e6 | 0x9200 | False | 0.562018407534 | data | 6.38299044249 | IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ |
.data | 0xb000 | 0x80a0 | 0xe00 | False | 0.196986607143 | data | 2.24335225659 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_WRITE, IMAGE_SCN_MEM_READ |
.rsrc | 0x14000 | 0x6e6e2 | 0x6e800 | False | 0.82630885888 | data | 7.96230835772 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.reloc | 0x83000 | 0xd12 | 0xe00 | False | 0.443917410714 | data | 4.1795554597 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ |
Resources |
---|
Name | RVA | Size | Type | Language | Country |
---|---|---|---|---|---|
BBBAAC | 0x142d8 | 0x583e9 | data | ||
RT_BITMAP | 0x6c6c4 | 0x32c8 | data | ||
RT_BITMAP | 0x6f98c | 0x3368 | data | ||
RT_BITMAP | 0x72cf4 | 0x3354 | data | ||
RT_BITMAP | 0x76048 | 0x35f8 | data | ||
RT_BITMAP | 0x79640 | 0x3338 | data | ||
RT_ICON | 0x7c978 | 0x10a8 | data | ||
RT_ICON | 0x7da20 | 0x4228 | dBase IV DBT of \200.DBF, blocks size 64, next free block index 40, 1st item "\015\033\355\375\013\034\353\376\013\033\355\377\013\033\354\375o\031\244\376\316\026_\375\316\025_\376\316\025_\376\316\025_\375\315\025_\375\317\026^\377\315\027]\376\315\027^\375\316\026_\376\315\026_\375\317\025^" | ||
RT_MENU | 0x81c48 | 0x468 | data | ||
RT_MENU | 0x820b0 | 0x168 | data | ||
RT_MENU | 0x82218 | 0x4a6 | data | ||
RT_GROUP_ICON | 0x826c0 | 0x22 | MS Windows icon resource - 2 icons, 32x32, 256-colors |
Imports |
---|
DLL | Import |
---|---|
KERNEL32.dll | GetLastError, VirtualProtect, GetCalendarInfoW, GetLocaleInfoW, GetTickCount, GetPrivateProfileSectionNamesA, LocalAlloc, GetModuleHandleW, FlushFileBuffers, CloseHandle, CreateFileW, HeapSize, GetCommandLineW, HeapSetInformation, GetStartupInfoW, DecodePointer, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, EncodePointer, TerminateProcess, GetCurrentProcess, GetProcAddress, ExitProcess, WriteFile, GetStdHandle, GetModuleFileNameW, FreeEnvironmentStringsW, GetEnvironmentStringsW, SetHandleCount, InitializeCriticalSectionAndSpinCount, GetFileType, DeleteCriticalSection, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, InterlockedIncrement, SetLastError, GetCurrentThreadId, InterlockedDecrement, HeapCreate, QueryPerformanceCounter, GetCurrentProcessId, GetSystemTimeAsFileTime, SetFilePointer, WideCharToMultiByte, GetConsoleCP, GetConsoleMode, EnterCriticalSection, LeaveCriticalSection, GetCPInfo, GetACP, GetOEMCP, IsValidCodePage, HeapFree, Sleep, LoadLibraryW, RtlUnwind, SetStdHandle, WriteConsoleW, MultiByteToWideChar, LCMapStringW, GetStringTypeW, HeapAlloc, HeapReAlloc, IsProcessorFeaturePresent |
GDI32.dll | GetLogColorSpaceA, ChoosePixelFormat, GetColorSpace, SetICMMode |
SHELL32.dll | ExtractIconA, ShellAboutW, ShellExecuteA |
WINHTTP.dll | WinHttpConnect, WinHttpCloseHandle |
Network Behavior |
---|
No network behavior found |
---|
Code Manipulations |
---|
Statistics |
---|
CPU Usage |
---|
Click to jump to process
Memory Usage |
---|
Click to jump to process
High Level Behavior Distribution |
---|
back
Click to dive into process behavior distribution
Behavior |
---|
Click to jump to process
System Behavior |
---|
General |
---|
Start time: | 19:10:13 |
Start date: | 08/10/2017 |
Path: | C:\Users\user\Desktop\obtG43AWHP.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x75a90000 |
File size: | 498176 bytes |
MD5 hash: | 1DE07D0AF66CFA7B504C2F563D45437B |
Programmed in: | C, C++ or other language |
General |
---|
Start time: | 19:10:17 |
Start date: | 08/10/2017 |
Path: | C:\Users\user\Desktop\obtG43AWHP.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x753f0000 |
File size: | 498176 bytes |
MD5 hash: | 1DE07D0AF66CFA7B504C2F563D45437B |
Programmed in: | Borland Delphi |
General |
---|
Start time: | 19:10:19 |
Start date: | 08/10/2017 |
Path: | C:\Users\user\Desktop\obtG43AWHP.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x73e10000 |
File size: | 498176 bytes |
MD5 hash: | 1DE07D0AF66CFA7B504C2F563D45437B |
Programmed in: | C, C++ or other language |
General |
---|
Start time: | 19:10:23 |
Start date: | 08/10/2017 |
Path: | C:\Users\user\Desktop\obtG43AWHP.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x753f0000 |
File size: | 498176 bytes |
MD5 hash: | 1DE07D0AF66CFA7B504C2F563D45437B |
Programmed in: | Borland Delphi |
General |
---|
Start time: | 19:10:23 |
Start date: | 08/10/2017 |
Path: | C:\Users\user\Desktop\obtG43AWHP.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x73e10000 |
File size: | 498176 bytes |
MD5 hash: | 1DE07D0AF66CFA7B504C2F563D45437B |
Programmed in: | C, C++ or other language |
General |
---|
Start time: | 19:10:26 |
Start date: | 08/10/2017 |
Path: | C:\Users\user\Desktop\obtG43AWHP.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x753f0000 |
File size: | 498176 bytes |
MD5 hash: | 1DE07D0AF66CFA7B504C2F563D45437B |
Programmed in: | Borland Delphi |
General |
---|
Start time: | 19:10:26 |
Start date: | 08/10/2017 |
Path: | C:\Users\user\Desktop\obtG43AWHP.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x73e10000 |
File size: | 498176 bytes |
MD5 hash: | 1DE07D0AF66CFA7B504C2F563D45437B |
Programmed in: | C, C++ or other language |
General |
---|
Start time: | 19:10:29 |
Start date: | 08/10/2017 |
Path: | C:\Users\user\Desktop\obtG43AWHP.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x753f0000 |
File size: | 498176 bytes |
MD5 hash: | 1DE07D0AF66CFA7B504C2F563D45437B |
Programmed in: | Borland Delphi |
General |
---|
Start time: | 19:10:29 |
Start date: | 08/10/2017 |
Path: | C:\Users\user\Desktop\obtG43AWHP.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x73e10000 |
File size: | 498176 bytes |
MD5 hash: | 1DE07D0AF66CFA7B504C2F563D45437B |
Programmed in: | C, C++ or other language |
General |
---|
Start time: | 19:10:32 |
Start date: | 08/10/2017 |
Path: | C:\Users\user\Desktop\obtG43AWHP.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x753f0000 |
File size: | 498176 bytes |
MD5 hash: | 1DE07D0AF66CFA7B504C2F563D45437B |
Programmed in: | Borland Delphi |
General |
---|
Start time: | 19:10:32 |
Start date: | 08/10/2017 |
Path: | C:\Users\user\Desktop\obtG43AWHP.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x73e10000 |
File size: | 498176 bytes |
MD5 hash: | 1DE07D0AF66CFA7B504C2F563D45437B |
Programmed in: | C, C++ or other language |
General |
---|
Start time: | 19:10:35 |
Start date: | 08/10/2017 |
Path: | C:\Users\user\Desktop\obtG43AWHP.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x753f0000 |
File size: | 498176 bytes |
MD5 hash: | 1DE07D0AF66CFA7B504C2F563D45437B |
Programmed in: | Borland Delphi |
General |
---|
Start time: | 19:10:35 |
Start date: | 08/10/2017 |
Path: | C:\Users\user\Desktop\obtG43AWHP.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x73e10000 |
File size: | 498176 bytes |
MD5 hash: | 1DE07D0AF66CFA7B504C2F563D45437B |
Programmed in: | C, C++ or other language |
General |
---|
Start time: | 19:10:38 |
Start date: | 08/10/2017 |
Path: | C:\Users\user\Desktop\obtG43AWHP.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x753f0000 |
File size: | 498176 bytes |
MD5 hash: | 1DE07D0AF66CFA7B504C2F563D45437B |
Programmed in: | Borland Delphi |
General |
---|
Start time: | 19:10:38 |
Start date: | 08/10/2017 |
Path: | C:\Users\user\Desktop\obtG43AWHP.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x73e10000 |
File size: | 498176 bytes |
MD5 hash: | 1DE07D0AF66CFA7B504C2F563D45437B |
Programmed in: | C, C++ or other language |
General |
---|
Start time: | 19:10:41 |
Start date: | 08/10/2017 |
Path: | C:\Users\user\Desktop\obtG43AWHP.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x74150000 |
File size: | 498176 bytes |
MD5 hash: | 1DE07D0AF66CFA7B504C2F563D45437B |
Programmed in: | Borland Delphi |
General |
---|
Start time: | 19:10:41 |
Start date: | 08/10/2017 |
Path: | C:\Users\user\Desktop\obtG43AWHP.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x73e10000 |
File size: | 498176 bytes |
MD5 hash: | 1DE07D0AF66CFA7B504C2F563D45437B |
Programmed in: | C, C++ or other language |
General |
---|
Start time: | 19:10:44 |
Start date: | 08/10/2017 |
Path: | C:\Users\user\Desktop\obtG43AWHP.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x753f0000 |
File size: | 498176 bytes |
MD5 hash: | 1DE07D0AF66CFA7B504C2F563D45437B |
Programmed in: | Borland Delphi |
General |
---|
Start time: | 19:10:44 |
Start date: | 08/10/2017 |
Path: | C:\Users\user\Desktop\obtG43AWHP.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x73e10000 |
File size: | 498176 bytes |
MD5 hash: | 1DE07D0AF66CFA7B504C2F563D45437B |
Programmed in: | C, C++ or other language |
General |
---|
Start time: | 19:10:47 |
Start date: | 08/10/2017 |
Path: | C:\Users\user\Desktop\obtG43AWHP.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x756e0000 |
File size: | 498176 bytes |
MD5 hash: | 1DE07D0AF66CFA7B504C2F563D45437B |
Programmed in: | Borland Delphi |
General |
---|
Start time: | 19:10:47 |
Start date: | 08/10/2017 |
Path: | C:\Users\user\Desktop\obtG43AWHP.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x73e10000 |
File size: | 498176 bytes |
MD5 hash: | 1DE07D0AF66CFA7B504C2F563D45437B |
Programmed in: | C, C++ or other language |
General |
---|
Start time: | 19:10:50 |
Start date: | 08/10/2017 |
Path: | C:\Users\user\Desktop\obtG43AWHP.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x753f0000 |
File size: | 498176 bytes |
MD5 hash: | 1DE07D0AF66CFA7B504C2F563D45437B |
Programmed in: | Borland Delphi |
General |
---|
Start time: | 19:10:50 |
Start date: | 08/10/2017 |
Path: | C:\Users\user\Desktop\obtG43AWHP.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x73e10000 |
File size: | 498176 bytes |
MD5 hash: | 1DE07D0AF66CFA7B504C2F563D45437B |
Programmed in: | C, C++ or other language |
General |
---|
Start time: | 19:10:53 |
Start date: | 08/10/2017 |
Path: | C:\Users\user\Desktop\obtG43AWHP.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x753f0000 |
File size: | 498176 bytes |
MD5 hash: | 1DE07D0AF66CFA7B504C2F563D45437B |
Programmed in: | Borland Delphi |
General |
---|
Start time: | 19:10:53 |
Start date: | 08/10/2017 |
Path: | C:\Users\user\Desktop\obtG43AWHP.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x73e10000 |
File size: | 498176 bytes |
MD5 hash: | 1DE07D0AF66CFA7B504C2F563D45437B |
Programmed in: | C, C++ or other language |
General |
---|
Start time: | 19:10:56 |
Start date: | 08/10/2017 |
Path: | C:\Users\user\Desktop\obtG43AWHP.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x753f0000 |
File size: | 498176 bytes |
MD5 hash: | 1DE07D0AF66CFA7B504C2F563D45437B |
Programmed in: | Borland Delphi |
General |
---|
Start time: | 19:10:56 |
Start date: | 08/10/2017 |
Path: | C:\Users\user\Desktop\obtG43AWHP.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x73e10000 |
File size: | 498176 bytes |
MD5 hash: | 1DE07D0AF66CFA7B504C2F563D45437B |
Programmed in: | C, C++ or other language |
General |
---|
Start time: | 19:10:59 |
Start date: | 08/10/2017 |
Path: | C:\Users\user\Desktop\obtG43AWHP.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x753f0000 |
File size: | 498176 bytes |
MD5 hash: | 1DE07D0AF66CFA7B504C2F563D45437B |
Programmed in: | Borland Delphi |
General |
---|
Start time: | 19:10:59 |
Start date: | 08/10/2017 |
Path: | C:\Users\user\Desktop\obtG43AWHP.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x73e10000 |
File size: | 498176 bytes |
MD5 hash: | 1DE07D0AF66CFA7B504C2F563D45437B |
Programmed in: | C, C++ or other language |
General |
---|
Start time: | 19:11:02 |
Start date: | 08/10/2017 |
Path: | C:\Users\user\Desktop\obtG43AWHP.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x753f0000 |
File size: | 498176 bytes |
MD5 hash: | 1DE07D0AF66CFA7B504C2F563D45437B |
Programmed in: | Borland Delphi |
General |
---|
Start time: | 19:11:02 |
Start date: | 08/10/2017 |
Path: | C:\Users\user\Desktop\obtG43AWHP.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x73e10000 |
File size: | 498176 bytes |
MD5 hash: | 1DE07D0AF66CFA7B504C2F563D45437B |
Programmed in: | C, C++ or other language |
General |
---|
Start time: | 19:11:05 |
Start date: | 08/10/2017 |
Path: | C:\Users\user\Desktop\obtG43AWHP.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x753f0000 |
File size: | 498176 bytes |
MD5 hash: | 1DE07D0AF66CFA7B504C2F563D45437B |
Programmed in: | Borland Delphi |
General |
---|
Start time: | 19:11:05 |
Start date: | 08/10/2017 |
Path: | C:\Users\user\Desktop\obtG43AWHP.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x73e10000 |
File size: | 498176 bytes |
MD5 hash: | 1DE07D0AF66CFA7B504C2F563D45437B |
Programmed in: | C, C++ or other language |
General |
---|
Start time: | 19:11:08 |
Start date: | 08/10/2017 |
Path: | C:\Users\user\Desktop\obtG43AWHP.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x753f0000 |
File size: | 498176 bytes |
MD5 hash: | 1DE07D0AF66CFA7B504C2F563D45437B |
Programmed in: | Borland Delphi |
General |
---|
Start time: | 19:11:08 |
Start date: | 08/10/2017 |
Path: | C:\Users\user\Desktop\obtG43AWHP.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x73e10000 |
File size: | 498176 bytes |
MD5 hash: | 1DE07D0AF66CFA7B504C2F563D45437B |
Programmed in: | C, C++ or other language |
General |
---|
Start time: | 19:11:11 |
Start date: | 08/10/2017 |
Path: | C:\Users\user\Desktop\obtG43AWHP.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x75a90000 |
File size: | 498176 bytes |
MD5 hash: | 1DE07D0AF66CFA7B504C2F563D45437B |
Programmed in: | Borland Delphi |
General |
---|
Start time: | 19:11:11 |
Start date: | 08/10/2017 |
Path: | C:\Users\user\AppData\Roaming\Microsoft\DirectX\nthost.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x73e10000 |
File size: | 498176 bytes |
MD5 hash: | 1DE07D0AF66CFA7B504C2F563D45437B |
Programmed in: | C, C++ or other language |
Antivirus matches: |
|
General |
---|
Start time: | 19:11:14 |
Start date: | 08/10/2017 |
Path: | C:\Windows\explorer.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x75340000 |
File size: | 2972672 bytes |
MD5 hash: | 6DDCA324434FFA506CF7DC4E51DB7935 |
Programmed in: | C, C++ or other language |
General |
---|
Start time: | 19:11:14 |
Start date: | 08/10/2017 |
Path: | C:\Users\user\AppData\Roaming\Microsoft\DirectX\nthost.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x753b0000 |
File size: | 498176 bytes |
MD5 hash: | 1DE07D0AF66CFA7B504C2F563D45437B |
Programmed in: | Borland Delphi |
Disassembly |
---|
Code Analysis |
---|
Execution Graph |
---|
Execution Coverage: | 3.9% |
Dynamic/Decrypted Code Coverage: | 30.6% |
Signature Coverage: | 5.8% |
Total number of Nodes: | 967 |
Total number of Limit Nodes: | 18 |
Graph
Executed Functions |
---|
C-Code - Quality: 73% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 51% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 57% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 78% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 24% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 21% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 90% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 23% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 86% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 37% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Non-executed Functions |
---|
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 90% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 78% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 96% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 95% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 91% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 58% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 81% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 58% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 91% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Execution Graph |
---|
Execution Coverage: | 1.4% |
Dynamic/Decrypted Code Coverage: | 0% |
Signature Coverage: | 6.6% |
Total number of Nodes: | 622 |
Total number of Limit Nodes: | 5 |
Graph
Executed Functions |
---|
C-Code - Quality: 65% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 61% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 33% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 68% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 85% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 68% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 37% |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Non-executed Functions |
---|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 73% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 76% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 53% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 50% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 46% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 51% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 51% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 62% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 90% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 78% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 56% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 77% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 78% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 86% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 65% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 96% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 24% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 21% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 64% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 82% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 90% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 68% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 75% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 81% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 91% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 82% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 58% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 81% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 58% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 53% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 91% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 83% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 78% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 82% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 96% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Execution Graph |
---|
Execution Coverage: | 2.6% |
Dynamic/Decrypted Code Coverage: | 100% |
Signature Coverage: | 45.8% |
Total number of Nodes: | 24 |
Total number of Limit Nodes: | 5 |
Graph
Executed Functions |
---|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Non-executed Functions |
---|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Execution Graph |
---|
Execution Coverage: | 2% |
Dynamic/Decrypted Code Coverage: | 0% |
Signature Coverage: | 5% |
Total number of Nodes: | 622 |
Total number of Limit Nodes: | 8 |
Graph
Executed Functions |
---|
C-Code - Quality: 65% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 61% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 33% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 68% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 85% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 68% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 37% |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Non-executed Functions |
---|
C-Code - Quality: 76% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 53% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 46% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 51% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 51% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 77% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 86% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 65% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 64% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 82% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 90% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 68% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 75% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 81% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 82% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 50% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 53% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 83% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 78% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 82% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 96% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Execution Graph |
---|
Execution Coverage: | 2.6% |
Dynamic/Decrypted Code Coverage: | 100% |
Signature Coverage: | 45.8% |
Total number of Nodes: | 24 |
Total number of Limit Nodes: | 5 |
Graph
Executed Functions |
---|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Non-executed Functions |
---|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Execution Graph |
---|
Execution Coverage: | 2% |
Dynamic/Decrypted Code Coverage: | 0% |
Signature Coverage: | 5% |
Total number of Nodes: | 622 |
Total number of Limit Nodes: | 8 |
Graph
Executed Functions |
---|
C-Code - Quality: 65% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 61% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 33% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 68% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 85% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 68% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 37% |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Non-executed Functions |
---|
C-Code - Quality: 76% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 53% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 46% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 51% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 51% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 77% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 86% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 65% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 64% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 82% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 90% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 68% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 75% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 81% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 82% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 50% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 53% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 83% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 78% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 82% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 96% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Executed Functions |
---|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Non-executed Functions |
---|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Executed Functions |
---|
C-Code - Quality: 65% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 61% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 33% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 68% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 85% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 68% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 37% |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Non-executed Functions |
---|
C-Code - Quality: 76% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 53% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 46% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 51% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 51% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 77% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 86% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 65% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 64% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 82% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 90% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 68% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 75% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 81% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 82% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 50% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 53% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 83% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 78% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 82% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 96% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Executed Functions |
---|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Non-executed Functions |
---|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Executed Functions |
---|
C-Code - Quality: 65% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 61% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 33% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 68% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 85% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 68% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 37% |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Non-executed Functions |
---|
C-Code - Quality: 76% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 53% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 46% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 51% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 51% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 77% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 86% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 65% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 64% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 82% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 90% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 68% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 75% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 81% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 82% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 50% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 53% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 83% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 78% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 82% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 96% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Executed Functions |
---|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Non-executed Functions |
---|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Executed Functions |
---|
C-Code - Quality: 65% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 61% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 33% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 68% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 85% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 68% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 37% |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Non-executed Functions |
---|
C-Code - Quality: 76% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 53% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 46% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 51% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 51% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 77% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 86% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 65% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 64% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 82% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 90% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 68% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 75% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 81% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 82% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 50% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 53% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 83% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 78% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 82% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 96% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Executed Functions |
---|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Non-executed Functions |
---|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Executed Functions |
---|
C-Code - Quality: 65% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 61% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 33% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 68% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 85% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 68% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 37% |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Non-executed Functions |
---|
C-Code - Quality: 76% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 53% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 46% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 51% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 51% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 77% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 86% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 65% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 64% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 82% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 90% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 68% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 75% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 81% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 82% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 50% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 53% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 83% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 78% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 82% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 96% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Executed Functions |
---|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Non-executed Functions |
---|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Executed Functions |
---|
C-Code - Quality: 65% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 61% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 33% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 68% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 85% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 68% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 37% |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Non-executed Functions |
---|
C-Code - Quality: 76% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 53% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 46% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 51% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 51% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 77% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 86% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 65% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 64% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 82% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 90% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 68% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 75% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 81% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 82% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 50% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 53% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 83% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 78% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 82% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 96% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Executed Functions |
---|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Non-executed Functions |
---|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Executed Functions |
---|
C-Code - Quality: 65% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 61% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 33% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 68% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 85% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 68% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 37% |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Non-executed Functions |
---|
C-Code - Quality: 76% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 53% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 46% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 51% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 51% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 77% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 86% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 65% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 64% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 82% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 90% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 68% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 75% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 81% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 82% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 50% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 53% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 83% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 78% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 82% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 96% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Executed Functions |
---|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Non-executed Functions |
---|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Executed Functions |
---|
C-Code - Quality: 65% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 61% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 33% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 68% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 85% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 68% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 37% |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Non-executed Functions |
---|
C-Code - Quality: 76% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 53% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 46% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 51% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 51% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 77% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 86% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 65% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 64% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 82% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 90% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 68% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 75% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 81% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 82% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 50% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 53% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 83% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 78% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 82% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 96% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Executed Functions |
---|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Non-executed Functions |
---|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Executed Functions |
---|
C-Code - Quality: 65% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 61% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 33% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 68% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 85% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 68% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 37% |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Non-executed Functions |
---|
C-Code - Quality: 76% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 53% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 46% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 51% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 51% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 77% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 86% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 65% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 64% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 82% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 90% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 68% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 75% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 81% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 82% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 72% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 50% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 53% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 83% |
|
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 78% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 82% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 96% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Executed Functions |
---|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Non-executed Functions |
---|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Executed Functions |
---|
C-Code - Quality: 65% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 61% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 33% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 68% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 68% |
|
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 79% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 37% |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
C-Code - Quality: 100% |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Non-executed Functions |
---|