popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2021-04-08 20:09:01

PE Imphash

7babf25e4ed6abf9b92ec07e1cf261dd

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x0000e430 0x0000e600 6.33820806209
.rdata 0x00010000 0x00033d62 0x00033e00 4.71319561154
.data 0x00044000 0x00001cd8 0x00000a00 1.97591681672
.pdata 0x00046000 0x00000c18 0x00000e00 4.29567706534
.reloc 0x00047000 0x00000620 0x00000800 4.78646192952

Imports

Library KERNEL32.dll:
0x140010000 QueryPerformanceCounter
0x140010008 GetCurrentProcessId
0x140010010 GetCurrentThreadId
0x140010018 GetSystemTimeAsFileTime
0x140010020 InitializeSListHead
0x140010028 RtlCaptureContext
0x140010030 RtlLookupFunctionEntry
0x140010038 RtlVirtualUnwind
0x140010040 IsDebuggerPresent
0x140010048 UnhandledExceptionFilter
0x140010058 GetStartupInfoW
0x140010068 GetModuleHandleW
0x140010070 RtlUnwindEx
0x140010078 GetLastError
0x140010080 SetLastError
0x140010088 EnterCriticalSection
0x140010090 LeaveCriticalSection
0x140010098 DeleteCriticalSection
0x1400100a8 TlsAlloc
0x1400100b0 TlsGetValue
0x1400100b8 TlsSetValue
0x1400100c0 TlsFree
0x1400100c8 FreeLibrary
0x1400100d0 GetProcAddress
0x1400100d8 LoadLibraryExW
0x1400100e0 RaiseException
0x1400100e8 GetStdHandle
0x1400100f0 WriteFile
0x1400100f8 GetModuleFileNameW
0x140010100 GetCurrentProcess
0x140010108 ExitProcess
0x140010110 TerminateProcess
0x140010118 GetModuleHandleExW
0x140010120 HeapAlloc
0x140010128 HeapFree
0x140010130 FindClose
0x140010138 FindFirstFileExW
0x140010140 FindNextFileW
0x140010148 IsValidCodePage
0x140010150 GetACP
0x140010158 GetOEMCP
0x140010160 GetCPInfo
0x140010168 GetCommandLineA
0x140010170 GetCommandLineW
0x140010178 MultiByteToWideChar
0x140010180 WideCharToMultiByte
0x140010188 GetEnvironmentStringsW
0x140010190 FreeEnvironmentStringsW
0x140010198 SetStdHandle
0x1400101a0 GetFileType
0x1400101a8 GetStringTypeW
0x1400101b0 LCMapStringW
0x1400101b8 GetProcessHeap
0x1400101c0 HeapSize
0x1400101c8 HeapReAlloc
0x1400101d0 FlushFileBuffers
0x1400101d8 GetConsoleCP
0x1400101e0 GetConsoleMode
0x1400101e8 SetFilePointerEx
0x1400101f0 CreateFileW
0x1400101f8 CloseHandle
0x140010200 WriteConsoleW
!This program cannot be run in DOS mode.
`.rdata
@.data
.pdata
@.reloc
}eHcD$
D$DHcD$@:
HcD$@H
HcD$4H
HcD$4H
HcD$0H
HcD$Df;
D$(H9D$0u-
H9D$`v
H9D$8s
H+D$8H
D$$9D$P
D$xH9D$8
D$ ;D$L
H9D$Xs#
HcT$(L
HcD$ HcL$ f;
HcD$$H
HcD$ H
HcD$$H
HcD$ HcL$(:
D$(R^+
D$P9D$
H;D$(s
;D$(}n
$H;D$8u
H;D$(s
H;D$8u
H3E H3E
u0HcH<H
WATAUAVAWH
A_A^A]A\_
t<ffff
WATAUAVAWH
A_A^A]A\_
fffffff
UVWAVAWH
0A_A^_^]
WAVAWH
fA94@u
fA94nu
0A_A^_
u3HcH<H
t$ WAVAWH
A_A^_
WAVAWH
A_A^_
UVWATAUAVAWH
fA9<Cu
fC9<`u
A_A^A]A\_^]
WATAUAVAWH
0A_A^A]A\_
H97u+A
UVWATAUAVAWH
L$&8\$&t,8Y
@A_A^A]A\_^]
fD9t$b
@UATAUAVAWH
e0A_A^A]A\]
WATAUAVAWH
A_A^A]A\_
\$ VWATAUAVH
D!l$xA
@A^A]A\_^
L$ VWAVH
@8l$Ht
ATAUAVH
L$ fff
L$ |+L;
A^A]A\
@UATAUAVAWH
H!T$0D
ue!T$(H!T$
A_A^A]A\]
x AVAWE3
|$0A_A^
UVWATAUAVAWH
D8T8>t
A_A^A]A\_^]
VWATAVAW
A_A^A\_^
WATAUAVAWH
A_A^A]A\_
\$ UVWATAUAVAWH
H!D$ H
`A_A^A]A\_^]
WATAUAVAWH
A_A^A]A\_
UVWAVAWH
@A_A^_^]
ffffff
fffffff
USVWAVH
A^_^[]
LcA<E3
u HcA<H
08b78860bfeca36d6a9457fcfab816b659d42291e60ae82b42bd0fe665860c940c94e0bbd9752905b5c02226eaa2ac71f042d6cbe65d58f8237bd6c015058b1c95fde2db9ced2779cd684c8e67f6e8f4e200c2924f3cc59d34aa3049e35061c2acd47c4d7b30d69e729488a66c965bdd64e55695528d2f0e80a6895ea952735ec0c57427f7a134972c15b5facfe274cd79f15a613df99678e0faf5033b1cc915cf5165476f9317edcd407a36bc80372af6560b8d4248388cfdf3a1b419b9a393b7deaf16dc8c64527ae8b9143536e3963b98d16c2bd23d9ccc8fd73b680fecfb3c5191f2310bdecefcd7e719bf16de861aedbbc35f3dc4f8c903d0bdad1570db9708805dbbd0afdb2f7b28831170294d423ec3910fbefbaae905800db08714e78fa9f8d8b15d803022624653b58756d9bab85bafbd98ecc71f6fbd8d1357c74c2267fcee7d4d3d2e0b1089ff931cce83c956081fe17f878ae30445b472c8a237a4bcff9bfdb4abc4da8699bcb48d49c4358a4a3ba805f472d73cdd72edd611052e74a31513103a2218fd41ba6c33199e66807f2792f5db5c54f89aaa22411eb5ae3b5a3427d61cc1a84893d4fb51e5ca651c9a04239407440c0314ffe30d2296fe87beee40728e7870486cfb4aa42534238be1583b2f31297925f9681691609c39dbf2835723847ff8cc21f23185e64d7107acaab7085b48055a1037bace987a
FlsAlloc
FlsFree
FlsSetValue
InitializeCriticalSectionEx
__based(
__cdecl
__pascal
__stdcall
__thiscall
__fastcall
__vectorcall
__clrcall
__eabi
__swift_1
__swift_2
__ptr64
__restrict
__unaligned
restrict(
delete
operator
`vftable'
`vbtable'
`vcall'
`typeof'
`local static guard'
`string'
`vbase destructor'
`vector deleting destructor'
`default constructor closure'
`scalar deleting destructor'
`vector constructor iterator'
`vector destructor iterator'
`vector vbase constructor iterator'
`virtual displacement map'
`eh vector constructor iterator'
`eh vector destructor iterator'
`eh vector vbase constructor iterator'
`copy constructor closure'
`udt returning'
`local vftable'
`local vftable constructor closure'
new[]
delete[]
`omni callsig'
`placement delete closure'
`placement delete[] closure'
`managed vector constructor iterator'
`managed vector destructor iterator'
`eh vector copy constructor iterator'
`eh vector vbase copy constructor iterator'
`dynamic initializer for '
`dynamic atexit destructor for '
`vector copy constructor iterator'
`vector vbase copy constructor iterator'
`managed vector copy constructor iterator'
`local static thread guard'
operator ""
operator co_await
Type Descriptor'
Base Class Descriptor at (
Base Class Array'
Class Hierarchy Descriptor'
Complete Object Locator'
CorExitProcess
Sunday
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
January
February
August
September
October
November
December
MM/dd/yy
dddd, MMMM dd, yyyy
HH:mm:ss
 !"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
InitializeCriticalSectionEx
LCMapStringEx
LocaleNameToLCID
AppPolicyGetProcessTerminationMethod
UUUUUU
UUUUUU
=imb;D
/>58d%
VM>cQ6
>jtm}S
)>6{1n
+f)>0'
;H9>&X
*StO9>T
n03>Pu
K~Je#>!
bp(=>?g
BC?>6t9^
K&>.yC
.xJ>Hf
y\PD>!
|b=})>
c [1>H'
uzKs@>
3>N;kU
kE>fvw
V6E>`"(5
?UUUUUU
?7zQ6$
.text$mn
.text$mn$00
.text$x
.idata$5
.00cfg
.CRT$XCA
.CRT$XCAA
.CRT$XCZ
.CRT$XIA
.CRT$XIAA
.CRT$XIAC
.CRT$XIC
.CRT$XIZ
.CRT$XPA
.CRT$XPX
.CRT$XPXA
.CRT$XPZ
.CRT$XTA
.CRT$XTZ
.rdata
.rdata$zzzdbg
.rtc$IAA
.rtc$IZZ
.rtc$TAA
.rtc$TZZ
.xdata
.idata$2
.idata$3
.idata$4
.idata$6
.pdata
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
RtlUnwindEx
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
RaiseException
GetStdHandle
WriteFile
GetModuleFileNameW
GetCurrentProcess
ExitProcess
TerminateProcess
GetModuleHandleExW
HeapAlloc
HeapFree
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
GetFileType
GetStringTypeW
LCMapStringW
GetProcessHeap
HeapSize
HeapReAlloc
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
CreateFileW
CloseHandle
WriteConsoleW
KERNEL32.dll
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
api-ms-win-core-fibers-l1-1-1
api-ms-win-core-synch-l1-2-0
kernel32
api-ms-
ext-ms-
mscoree.dll
Sunday
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
January
February
August
September
October
November
December
MM/dd/yy
dddd, MMMM dd, yyyy
HH:mm:ss
((((( H
api-ms-win-core-datetime-l1-1-1
api-ms-win-core-fibers-l1-1-1
api-ms-win-core-file-l1-2-2
api-ms-win-core-localization-l1-2-1
api-ms-win-core-localization-obsolete-l1-2-0
api-ms-win-core-processthreads-l1-1-2
api-ms-win-core-string-l1-1-0
api-ms-win-core-synch-l1-2-0
api-ms-win-core-sysinfo-l1-2-1
api-ms-win-core-winrt-l1-1-0
api-ms-win-core-xstate-l2-1-0
api-ms-win-rtcore-ntuser-window-l1-1-0
api-ms-win-security-systemfunctions-l1-1-0
ext-ms-win-ntuser-dialogbox-l1-1-0
ext-ms-win-ntuser-windowstation-l1-1-0
advapi32
kernel32
api-ms-win-appmodel-runtime-l1-1-2
user32
api-ms-
ext-ms-
zh-CHS
az-AZ-Latn
uz-UZ-Latn
kok-IN
syr-SY
div-MV
quz-BO
sr-SP-Latn
az-AZ-Cyrl
uz-UZ-Cyrl
quz-EC
sr-SP-Cyrl
quz-PE
smj-NO
bs-BA-Latn
smj-SE
sr-BA-Latn
sma-NO
sr-BA-Cyrl
sma-SE
sms-FI
smn-FI
zh-CHT
az-az-cyrl
az-az-latn
bs-ba-latn
div-mv
kok-in
quz-bo
quz-ec
quz-pe
sma-no
sma-se
smj-no
smj-se
smn-fi
sms-fi
sr-ba-cyrl
sr-ba-latn
sr-sp-cyrl
sr-sp-latn
syr-sy
uz-uz-cyrl
uz-uz-latn
zh-chs
zh-cht
CONOUT$
Antivirus Signature
Bkav Clean
Elastic Clean
MicroWorld-eScan Clean
FireEye Clean
CAT-QuickHeal Clean
McAfee Clean
Cylance Unsafe
Zillya Clean
AegisLab Clean
Sangfor Clean
K7AntiVirus Clean
BitDefender Clean
K7GW Clean
Cybereason Clean
Arcabit Clean
Baidu Clean
Cyren Clean
Symantec Clean
ESET-NOD32 Clean
APEX Clean
Avast FileRepMalware
Cynet Clean
Kaspersky UDS:Trojan.Win32.Injuke
Alibaba Clean
NANO-Antivirus Clean
ViRobot Clean
Rising Clean
Ad-Aware Clean
Comodo Clean
F-Secure Clean
DrWeb Clean
VIPRE Clean
TrendMicro Clean
McAfee-GW-Edition Clean
CMC Clean
Emsisoft Clean
Ikarus Clean
Jiangmin Clean
MaxSecure Clean
Avira Clean
MAX Clean
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Clean
Microsoft Trojan:Win32/Wacatac.B!ml
SUPERAntiSpyware Clean
ZoneAlarm Clean
GData Clean
AhnLab-V3 Clean
Acronis Clean
BitDefenderTheta Clean
ALYac Clean
TACHYON Clean
VBA32 Clean
Malwarebytes Clean
Panda Clean
Zoner Clean
TrendMicro-HouseCall Clean
Tencent Clean
Yandex Clean
SentinelOne Clean
eGambit Clean
Fortinet Clean
Webroot W32.Malware.Gen
AVG FileRepMalware
Paloalto Clean
CrowdStrike Clean
Qihoo-360 Clean
No IRMA results available.