骚猪8.07自动刷图全屏秒杀

社会你吊哥666 · 发表于 2018-8-7 14:01:37

请我去问了几家能够看清你，健康

EC丿冥府 · 发表于 2018-8-7 14:52:56

哈哈哈哈哈

1834413471 · 发表于 2018-8-7 15:35:51

vhke猪8.07自动刷图全

hdm2077 · 发表于 2018-8-7 15:39:50

回复看隐藏。

1834413471 · 发表于 2018-8-7 15:42:52

基本信息
关键行为
进程行为
文件行为
网络行为
注册表行为
其他行为
基本信息
文件名称：
骚猪8.07版本.exe
MD5： 6405351cc7d76a4dc0a23c156d264249
文件类型： EXE
上传时间： 2018-08-07 15:37:19
出品公司： N/A
版本： N/A
壳或编译器信息： PACKER:UPolyX v0.5
关键行为
行为描述：直接调用系统关键API
详情信息：
Index = 0x0000009A, Name: NtQueryInformationProcess, Instruction Address = 0x0080B373
Index = 0x000000E5, Name: NtSetInformationThread, Instruction Address = 0x008183BE
Index = 0x0000009A, Name: NtQueryInformationProcess, Instruction Address = 0x0081B43C
行为描述：探测 Virtual PC是否存在
详情信息：
N/A
行为描述：查询注册表_检测虚拟机相关
详情信息：
\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\0000\DriverDesc
\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion
\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion
行为描述：尝试打开调试器或监控软件的驱动设备对象
详情信息：
\??\SICE
\??\SIWVID
\??\NTICE
行为描述：获取TickCount值
详情信息：
TickCount = 219909, SleepMilliseconds = 50.
TickCount = 219956, SleepMilliseconds = 50.
TickCount = 220784, SleepMilliseconds = 50.
TickCount = 220846, SleepMilliseconds = 50.
TickCount = 220862, SleepMilliseconds = 50.
TickCount = 220893, SleepMilliseconds = 50.
TickCount = 220909, SleepMilliseconds = 50.
TickCount = 220940, SleepMilliseconds = 50.
TickCount = 221003, SleepMilliseconds = 50.
TickCount = 221081, SleepMilliseconds = 50.
TickCount = 221159, SleepMilliseconds = 50.
TickCount = 221175, SleepMilliseconds = 50.
TickCount = 221206, SleepMilliseconds = 50.
TickCount = 221221, SleepMilliseconds = 50.
TickCount = 221346, SleepMilliseconds = 50.
行为描述：打开注册表_检测虚拟机相关
详情信息：
\REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__
行为描述：设置特殊文件夹属性
详情信息：
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache
C:\Documents and Settings\Administrator\IECompatCache
行为描述：直接获取CPU时钟
详情信息：
EAX = 0xbde6df5e, EDX = 0x000000b5
EAX = 0xbde6dfaa, EDX = 0x000000b5
EAX = 0xbde6dff6, EDX = 0x000000b5
EAX = 0xbde6e042, EDX = 0x000000b5
EAX = 0xbde6e08e, EDX = 0x000000b5
EAX = 0xbde6e0da, EDX = 0x000000b5
EAX = 0xbde6e126, EDX = 0x000000b5
EAX = 0xbde6e172, EDX = 0x000000b5
EAX = 0xbde6e1be, EDX = 0x000000b5
EAX = 0xbde6e20a, EDX = 0x000000b5
行为描述：查找指定内核模块
详情信息：
lstrcmpiA: ntice.sys <------> ntkrnlpa.exe Des: SoftICE驱动
lstrcmpiA: ntice.sys <------> hal.dll Des: SoftICE驱动
lstrcmpiA: ntice.sys <------> KDCOM.DLL Des: SoftICE驱动
lstrcmpiA: ntice.sys <------> BOOTVID.dll Des: SoftICE驱动
lstrcmpiA: ntice.sys <------> ACPI.sys Des: SoftICE驱动
lstrcmpiA: ntice.sys <------> WMILIB.SYS Des: SoftICE驱动
lstrcmpiA: ntice.sys <------> pci.sys Des: SoftICE驱动
lstrcmpiA: ntice.sys <------> isapnp.sys Des: SoftICE驱动
lstrcmpiA: ntice.sys <------> compbatt.sys Des: SoftICE驱动
lstrcmpiA: ntice.sys <------> BATTC.SYS Des: SoftICE驱动
lstrcmpiA: ntice.sys <------> intelide.sys Des: SoftICE驱动
lstrcmpiA: ntice.sys <------> PCIIDEX.SYS Des: SoftICE驱动
lstrcmpiA: ntice.sys <------> MountMgr.sys Des: SoftICE驱动
lstrcmpiA: ntice.sys <------> ftdisk.sys Des: SoftICE驱动
lstrcmpiA: ntice.sys <------> dmload.sys Des: SoftICE驱动
行为描述：查找反病毒常用工具窗口
详情信息：
NtUserFindWindowEx: [Class,Window] = [OLLYDBG,]
NtUserFindWindowEx: [Class,Window] = [GBDYLLO,]
NtUserFindWindowEx: [Class,Window] = [pediy06,]
NtUserFindWindowEx: [Class,Window] = [FilemonClass,]
NtUserFindWindowEx: [Class,Window] = [,File Monitor - Sysinternals: www.sysinternals.com]
NtUserFindWindowEx: [Class,Window] = [PROCMON_WINDOW_CLASS,]
NtUserFindWindowEx: [Class,Window] = [,Process Monitor - Sysinternals: www.sysinternals.com]
NtUserFindWindowEx: [Class,Window] = [RegmonClass,]
NtUserFindWindowEx: [Class,Window] = [,Registry Monitor - Sysinternals: www.sysinternals.com]
行为描述： VMWare特殊指令检测虚拟机
详情信息：
N/A

蒂花之秀 · 发表于 2018-8-7 15:52:07

...................................

烛影醉痴仙 · 发表于 2018-8-7 16:13:57

稳不稳？、、、?

1149593169 · 发表于 2018-8-7 16:31:36

奥利给好哦啊哈哈哈

qiqiaojun · 发表于 2018-8-7 16:33:26

，，，，，，，，，，，，，，，，，，，，，，，，，，，

215561238 · 发表于 2018-8-7 16:45:38

凌辉QQ飞车卡商城辅助V1.0

账号		自动登录	找回密码
密码			【点我注册】

[dnf辅助] 骚猪8.07自动刷图全屏秒杀

浏览过的版块

[dnf辅助] 骚猪8.07自动刷图 全屏秒杀

浏览过的版块

[dnf辅助] 骚猪8.07自动刷图全屏秒杀