哈勃
文件名称:
风夏_PVE.vmp.exe
MD5: ab229cca714152bd35690e774b3d0470
文件类型: EXE
上传时间: 2018-10-29 18:42:00
出品公司: 域界星空
版本: 9.0.0.0---9.0.0.0
壳或编译器信息: PACKER:UPolyX v0.5
关键行为
行为描述: 查找反病毒常用工具窗口
详情信息:
NtUserFindWindowEx: [Class,Window] = [ollydbg,]
其他行为
行为描述: 查找指定窗口
详情信息:
NtUserFindWindowEx: [Class,Window] = [1212121,]
NtUserFindWindowEx: [Class,Window] = [icu_dbg,]
NtUserFindWindowEx: [Class,Window] = [pe--diy,]
NtUserFindWindowEx: [Class,Window] = [odbydyk,]
NtUserFindWindowEx: [Class,Window] = [TDeDeMainForm,]
NtUserFindWindowEx: [Class,Window] = [TIdaWindow,]
NtUserFindWindowEx: [Class,Window] = [,Import REConstructor v1.6 FINAL (C) 2001-2003 MackT/uCF]
NtUserFindWindowEx: [Class,Window] = [kk1,]
NtUserFindWindowEx: [Class,Window] = [Eew75,]
NtUserFindWindowEx: [Class,Window] = [Shadow,]
行为描述: 创建事件对象
详情信息:
EventName = DINPUTWINMM
行为描述: 打开事件
详情信息:
HookSwitchHookEnabledEvent
行为描述: 查找反病毒常用工具窗口
详情信息:
NtUserFindWindowEx: [Class,Window] = [ollydbg,]
进程树
****.exe (PID: 0x00000aa8)
|