popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2096-07-05 04:25:02

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x0000dbd4 0x0000dc00 5.5054219491
.rsrc 0x00010000 0x00004664 0x00004800 4.10723161752
.reloc 0x00016000 0x0000000c 0x00000200 0.0815394123432

Resources

Name Offset Size Language Sub-language File type
RT_ICON 0x00010130 0x00004028 LANG_NEUTRAL SUBLANG_NEUTRAL dBase III DBT, version number 0, next free block index 40
RT_GROUP_ICON 0x00014158 0x00000014 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_VERSION 0x0001416c 0x0000030c LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_MANIFEST 0x00014478 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
%Grm(
%Lr!)
%Mrq(
%Nru(
%Ory(
%Pr}(
%~rm(
%5rq(
%6ru(
%7ry(
%8r}(
%grm(
%nrq(
%oru(
%pry(
%qr}(
v4.0.30319
#Strings
List`1
Dictionary`2
System.IO
value__
RemotingFieldCachedData
System.Runtime.Remoting.Metadata
mscorlib
System.Collections.Generic
Microsoft.VisualBasic
Synchronized
Replace
IDisposable
Capture
ApplicationSettingsBase
Dispose
CompilerGeneratedAttribute
GeneratedCodeAttribute
DebuggerNonUserCodeAttribute
DefaultSettingValueAttribute
UserScopedSettingAttribute
get_Value
get_KLGuDWXmdiqusrqbJCtLbyiFmBobHmJHSgFYNdlJIQSmwe
NewLateBinding
DownloadString
ToString
System.Runtime.Remoting
Microsoft.Runtime.Hosting
GetFolderPath
get_Length
LateCall
ToCall
get_Item
System
System.Deployment.Internal.Isolation
System.Configuration
ITaskCompletionAction
ValueCollection
MatchCollection
GroupCollection
WebHeaderCollection
Exception
get_SrGcBmBrQmCahbHWFQzJClMsn
set_SrGcBmBrQmCahbHWFQzJClMsn
ToChar
SpecialFolder
System.CodeDom.Compiler
IEnumerator
GetEnumerator
.cctor
System.Diagnostics
Microsoft.VisualBasic.CompilerServices
System.Runtime.CompilerServices
Matches
System.Threading.Tasks
Contains
System.Text.RegularExpressions
System.Collections
get_Groups
get_Chars
get_Headers
StrongNameHelpers
Exists
Concat
Format
Object
LateGet
System.Net
WebClient
Environment
get_Current
Convert
System.Deployment.Internal.Isolation.Manifest
MoveNext
ReadAllText
WriteAllText
ToArray
RemoteAppEntry
EntryPointEntry
IReferenceIdentity
Ue6ebeLe_eCe9ejedeJe
Ue6ebeLe_eCe9ejedeJeB
Ue6ebeLe_eCe9ejedeJee
Ue6ebeLe_eCe9ejedeJew
Ue6ebeLe_eCe9ejedeJes
Ue6ebeLe_eCe9ejedeJet
Ue6ebeLe_eCe9ejedeJer
Ue6ebeLe_eCe9ejedeJew
Ue6ebeLe_eCe9ejedeJew
Ue6ebeLe_eCe9ejedeJeG
Ue6ebeLe_eCe9ejedeJet
Ue6ebeLe_eCe9ejedeJey
Ue6ebeLe_eCe9ejedeJee
Ue6ebeLe_eCe9ejedeJe
Ue6ebeLe_eCe9ejedeJeA
Ue6ebeLe_eCe9ejedeJes
Ue6ebeLe_eCe9ejedeJem
Ue6ebeLe_eCe9ejedeJel
Ue6ebeLe_eCe9ejedeJe
Ue6ebeLe_eCe9ejedeJeL
Ue6ebeLe_eCe9ejedeJea
Ue6ebeLe_eCe9ejedeJe
Ue6ebeLe_eCe9ejedeJeE
Ue6ebeLe_eCe9ejedeJet
Ue6ebeLe_eCe9ejedeJey
Ue6ebeLe_eCe9ejedeJeo
Ue6ebeLe_eCe9ejedeJen
Ue6ebeLe_eCe9ejedeJe
Ue6ebeLe_eCe9ejedeJeI
Ue6ebeLe_eCe9ejedeJev
Ue6ebeLe_eCe9ejedeJek
Ue6ebeLe_eCe9ejedeJe
KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator
16.6.0.0
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>PAPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPAD
TI#TI+
SrGcBmBrQmCahbHWFQzJClMsn
imBTgKMdrn
{0}{1}{2}{3}{4}{5}{6}{7}{8}{9}{10}{11}{12}{13}{14}{15}{16}{17}{18}{19}{20}{21}{22}{23}{24}{25}{26}{27}{28}{29}{30}{31}{32}{33}{34}{35}{36}{37}{38}{39}{40}{41}{42}{43}{44}{45}{46}{47}{48}{49}{50}{51}{52}{53}{54}{55}{56}{57}{58}{59}{60}{61}{62}{63}{64}{65}{66}{67}{68}{69}{70}{71}{72}{73}{74}{75}{76}{77}{78}{79}{80}{81}{82}{83}{84}{85}{86}{87}{88}{89}{90}{91}{92}{93}{94}{95}{96}{97}{98}{99}{100}{101}{102}{103}{104}{105}{106}{107}{108}{109}{110}{111}{112}{113}{114}{115}{116}{117}{118}{119}{120}{121}{122}{123}{124}{125}{126}{127}{128}{129}{130}{131}{132}{133}{134}{135}{136}
{0}{1}{2}{3}{4}{5}{6}{7}{8}{9}{10}{11}{12}{13}{14}{15}{16}{17}{18}{19}{20}{21}{22}{23}{24}{25}{26}{27}{28}{29}{30}{31}{32}{33}{34}{35}{36}{37}{38}{39}{40}{41}{42}{43}{44}{45}{46}{47}{48}{49}{50}{51}{52}{53}{54}{55}{56}{57}{58}{59}{60}{61}{62}{63}{64}{65}{66}{67}{68}{69}{70}{71}{72}{73}{74}{75}{76}{77}{78}{79}{80}{81}{82}{83}{84}{85}{86}{87}{88}{89}{90}{91}{92}{93}{94}{95}{96}{97}{98}{99}{100}{101}{102}{103}{104}{105}{106}{107}{108}{109}{110}{111}{112}{113}{114}{115}{116}{117}{118}{119}{120}{121}{122}{123}{124}{125}{126}{127}{128}{129}{130}{131}{132}{133}{134}{135}{136}{137}{138}{139}{140}{141}{142}{143}{144}{145}{146}{147}{148}{149}{150}{151}{152}{153}{154}{155}{156}{157}{158}{159}{160}{161}{162}{163}{164}{165}{166}{167}{168}{169}{170}{171}{172}{173}{174}{175}{176}{177}{178}{179}{180}{181}{182}{183}{184}{185}{186}{187}{188}{189}{190}{191}{192}{193}{194}{195}{196}{197}{198}{199}{200}{201}{202}{203}{204}{205}{206}{207}{208}{209}{210}{211}{212}{213}{214}{215}{216}{217}{218}{219}{220}{221}{222}{223}{224}{225}{226
{0}{1}{2}{3}{4}{5}{6}{7}{8}{9}{10}{11}{12}{13}{14}{15}{16}{17}{18}{19}{20}{21}{22}{23}{24}{25}{26}{27}{28}{29}{30}{31}{32}{33}{34}{35}{36}{37}{38}{39}{40}{41}{42}{43}{44}{45}{46}{47}{48}{49}{50}{51}{52}{53}{54}{55}{56}{57}{58}{59}{60}{61}{62}{63}{64}{65}{66}{67}{68}{69}{70}{71}{72}{73}{74}{75}{76}{77}{78}{79}{80}{81}{82}{83}{84}{85}{86}{87}{88}{89}{90}{91}{92}{93}{94}{95}{96}{97}{98}{99}{100}{101}{102}{103}{104}{105}{106}{107}{108}{109}{110}{111}{112}{113}{114}{115}{116}{117}{118}{119}{120}{121}{122}{123}{124}{125}{126}{127}{128}{129}{130}{131}{132}{133}{134}{135}{136}{137}{138}{139}{140}{141}{142}{143}{144}{145}{146}{147}{148}{149}{150}{151}{152}{153}{154}{155}{156}{157}{158}{159}{160}{161}{162}{163}{164}{165}{166}{167}{168}{169}{170}{171}{172}{173}{174}{175}{176}{177}{178}{179}{180}{181}{182}{183}{184}{185}{186}{187}{188}{189}{190}{191}{192}{193}{194}{195}{196}{197}{198}{199}{200}{201}{202}{203}{204}{205}{206}{207}{208}{209}{210}{211}{212}{213}{214}{215}{216}{217}{218}{219}{220}{221}{222}{223}{224}{225}{226
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
Dimbono
FileVersion
1.0.0.0
InternalName
Dimbono.exe
LegalCopyright
Copyright
2021
LegalTrademarks
OriginalFilename
Dimbono.exe
ProductName
Dimbono
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0
Antivirus Signature
Bkav Clean
Elastic malicious (high confidence)
MicroWorld-eScan Trojan.GenericKD.46048031
FireEye Generic.mg.f40fb54eac2da697
CAT-QuickHeal Clean
McAfee Artemis!F40FB54EAC2D
Cylance Unsafe
VIPRE Clean
Sangfor Trojan.Win32.Save.a
K7AntiVirus Trojan-Downloader ( 0057a5de1 )
BitDefender Trojan.GenericKD.46048031
K7GW Trojan-Downloader ( 0057a5de1 )
Cybereason Clean
BitDefenderTheta Gen:NN.ZemsilF.34670.em0@auvLdcj
Cyren W32/MSIL_Kryptik.CXK.gen!Eldorado
Symantec Trojan.Gen.2
ESET-NOD32 a variant of MSIL/TrojanDownloader.Agent.HRW
Baidu Clean
APEX Malicious
Avast Win32:PWSX-gen [Trj]
ClamAV Clean
Kaspersky HEUR:Trojan.MSIL.PowerShell.gen
Alibaba Clean
NANO-Antivirus Clean
ViRobot Clean
AegisLab Trojan.Win32.Generic.4!c
Rising Downloader.Agent!8.B23 (CLOUD)
Ad-Aware Trojan.GenericKD.46048031
Sophos Mal/Generic-S
Comodo fls.noname@0
F-Secure Clean
DrWeb Trojan.DownloaderNET.154
Zillya Clean
TrendMicro Clean
McAfee-GW-Edition Artemis!Trojan
CMC Clean
Emsisoft Trojan.GenericKD.46048031 (B)
Ikarus Trojan-Downloader.MSIL.Agent
GData Win32.Trojan.Agent.VV39ET
Jiangmin Clean
MaxSecure Clean
Avira TR/Dldr.Agent.rgixj
MAX malware (ai score=84)
Antiy-AVL Clean
Kingsoft Win32.Troj.Generic_a.a.(kcloud)
Gridinsoft Trojan.Win32.Downloader.sa
Arcabit Trojan.Generic.D2BEA31F
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft Trojan:Win32/Ymacco.AB89
Cynet Malicious (score: 100)
AhnLab-V3 Clean
Acronis Clean
VBA32 Clean
ALYac Clean
TACHYON Clean
Malwarebytes Malware.AI.1829431449
Panda Clean
Zoner Clean
TrendMicro-HouseCall Clean
Tencent Win32.Trojan.Inject.Auto
Yandex Clean
SentinelOne Static AI - Suspicious PE
eGambit Clean
Fortinet MSIL/Kryptik.DNK!tr.dldr
Webroot Clean
AVG Win32:PWSX-gen [Trj]
Paloalto generic.ml
CrowdStrike win/malicious_confidence_90% (W)
Qihoo-360 Win32/Trojan.Generic.HgIASSUA
No IRMA results available.