ForensicLab 분석 리포트

도구: PE/ELF/Mach-O 분석  |  파일: mal.exe  |  크기: 2,048 bytes  |  생성: 2026-06-02 04:24:18

분석 요약

PE | x64 (AMD64)

상세 결과

항목
type PE
machine x64 (AMD64)
bitness 64
compile_time 2024-05-29 16:26:40 UTC
subsystem WINDOWS_CUI (콘솔)
characteristics EXECUTABLE
LARGE_ADDR
num_sections 2
sections name=.text v_size=0 v_addr=0x00000000 r_size=0 r_off=0x00000000 entropy=0 high_entropy=False flags=실행 / 읽기
name= v_size=0 v_addr=0x00000000 r_size=0 r_off=0x00000000 entropy=0 high_entropy=False flags=-
imports kernel32.dll
ws2_32.dll
apis VirtualAlloc
CreateRemoteThread
LoadLibraryA
URLDownloadToFile
suspicious_apis VirtualAlloc
CreateRemoteThread
LoadLibraryA
URLDownloadToFile
overall_entropy 0.553
filename mal.exe
file_size 2048
ForensicLab — 디지털 포렌식 분석 플랫폼 | http://10.8.0.2:405