popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2068-11-12 00:12:19

PDB Path

C:\Users\JOHN\source\repos\WindowsApp1\WindowsApp1\obj\Debug\WindowsApp1.pdb

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x00002060 0x00002200 5.47135205293
.rsrc 0x00006000 0x000005bc 0x00000600 4.12277303757
.reloc 0x00008000 0x0000000c 0x00000200 0.0815394123432

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x00006090 0x0000032c LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_MANIFEST 0x000063cc 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
v4.0.30319
#Strings
ThreadSafeObjectProvider`1
WindowsApp1
<Module>
Dispose__Instance__
Create__Instance__
ProjectData
mscorlib
Microsoft.VisualBasic
get_IsDisposed
m_FormBeingCreated
Synchronized
CreateInstance
get_GetInstance
defaultInstance
instance
GetHashCode
get_Message
IDisposable
Hashtable
RuntimeTypeHandle
GetTypeFromHandle
DownloadFile
GetType
get_Culture
set_Culture
resourceCulture
ConsoleApplicationBase
ApplicationSettingsBase
Dispose
EditorBrowsableState
ThreadStaticAttribute
STAThreadAttribute
CompilerGeneratedAttribute
GuidAttribute
HelpKeywordAttribute
GeneratedCodeAttribute
DebuggerNonUserCodeAttribute
DebuggableAttribute
EditorBrowsableAttribute
ComVisibleAttribute
AssemblyTitleAttribute
StandardModuleAttribute
HideModuleNameAttribute
AssemblyTrademarkAttribute
TargetFrameworkAttribute
DebuggerHiddenAttribute
AssemblyFileVersionAttribute
MyGroupCollectionAttribute
AssemblyDescriptionAttribute
CompilationRelaxationsAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyCompanyAttribute
RuntimeCompatibilityAttribute
m_ThreadStaticValue
GetObjectValue
Remove
WindowsApp1.exe
System.Runtime.Versioning
GetResourceString
ToString
System.ComponentModel
Control
get_FileSystem
resourceMan
System.ComponentModel.Design
dataMain
get_Application
MyApplication
System.Configuration
System.Globalization
System.Reflection
TargetInvocationException
InvalidOperationException
get_InnerException
CultureInfo
ProcessStartInfo
get_Temp
m_AppObjectProvider
m_UserObjectProvider
m_ComputerObjectProvider
m_MyWebServicesObjectProvider
m_MyFormsObjectProvider
get_ResourceManager
System.CodeDom.Compiler
get_User
get_Computer
ServerComputer
MyComputer
SetProjectError
Activator
.cctor
System.Diagnostics
Microsoft.VisualBasic.Devices
get_WebServices
MyWebServices
Microsoft.VisualBasic.ApplicationServices
System.Runtime.InteropServices
Microsoft.VisualBasic.CompilerServices
System.Runtime.CompilerServices
Microsoft.VisualBasic.MyServices
System.Resources
WindowsApp1.My.Resources
WindowsApp1.Resources.resources
DebuggingModes
get_SpecialDirectories
get_Settings
MySettings
ReferenceEquals
System.Windows.Forms
get_Forms
MyForms
System.Collections
RuntimeHelpers
Process
Concat
Object
MyProject
System.Net
get_Default
WebClient
Component
WindowsApp1.My
ContainsKey
get_Assembly
MySettingsProperty
FileSystemProxy
SpecialDirectoriesProxy
WrapNonExceptionThrows
WindowsApp1
Copyright
2021
$02a62f3a-7557-4b97-97c1-e17731c3e4d5
1.0.0.0
.NETFramework,Version=v4.7.2
FrameworkDisplayName
.NET Framework 4.7.2
MyTemplate
11.0.0.0
3System.Resources.Tools.StronglyTypedResourceBuilder
16.0.0.0
KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator
16.6.0.0
System.Windows.Forms.Form
Create__Instance__
Dispose__Instance__
My.MyProject.Forms
4System.Web.Services.Protocols.SoapHttpClientProtocol
Create__Instance__
Dispose__Instance__
My.Computer
My.Application
My.User
My.Forms
My.WebServices
My.Settings
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
C:\Users\JOHN\source\repos\WindowsApp1\WindowsApp1\obj\Debug\WindowsApp1.pdb
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
Q[`ejo
WindowsApp1.Resources
http://45.144.225.135/csrss.exe
bds.exe
WinForms_RecursiveFormCreate
WinForms_SeeInnerException
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
WindowsApp1
FileVersion
1.0.0.0
InternalName
WindowsApp1.exe
LegalCopyright
Copyright
2021
LegalTrademarks
OriginalFilename
WindowsApp1.exe
ProductName
WindowsApp1
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0
Antivirus Signature
Bkav Clean
Elastic malicious (high confidence)
DrWeb Trojan.Siggen12.56619
ClamAV Clean
CMC Clean
CAT-QuickHeal Clean
McAfee RDN/Generic Downloader.x
Cylance Unsafe
Zillya Trojan.Miner.Win32.12523
AegisLab Trojan.Win32.Miner.4!c
Sangfor Trojan.Win32.Save.a
K7AntiVirus Trojan-Downloader ( 005798a51 )
BitDefender Trojan.GenericKD.36768230
K7GW Trojan-Downloader ( 005798a51 )
CrowdStrike win/malicious_confidence_70% (W)
BitDefenderTheta Clean
Cyren Clean
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of MSIL/TrojanDownloader.Small.CLG
APEX Malicious
Paloalto generic.ml
Cynet Malicious (score: 100)
Kaspersky Trojan.Win32.Miner.auuln
Alibaba Trojan:Win32/Miner.d6f21ee3
NANO-Antivirus Trojan.Win32.Miner.iuhoru
SUPERAntiSpyware Clean
MicroWorld-eScan Trojan.GenericKD.36768230
Rising Downloader.Small!8.B41 (CLOUD)
Ad-Aware Trojan.GenericKD.36768230
Sophos Mal/Generic-S
Comodo Clean
F-Secure Clean
Baidu Clean
VIPRE Clean
TrendMicro Clean
McAfee-GW-Edition RDN/Generic Downloader.x
FireEye Generic.mg.2cf6144870e0ba1a
Emsisoft Trojan-Downloader.Small (A)
SentinelOne Static AI - Malicious PE
GData Win32.Trojan-Downloader.Generic.M2KAVL
Jiangmin Clean
eGambit Unsafe.AI_Score_86%
Avira TR/Downloader.Gen
MAX malware (ai score=100)
Antiy-AVL Clean
Kingsoft Win32.Troj.Undef.(kcloud)
Gridinsoft Trojan.Win32.Downloader.sa
Arcabit Trojan.Generic.D23109E6
ViRobot Trojan.Win32.Z.Downloader.11264.A
ZoneAlarm Trojan.Win32.Miner.auuln
Microsoft Backdoor:Win32/Bladabindi!ml
AhnLab-V3 Trojan/Win.Generic.C4387213
Acronis Clean
VBA32 TScope.Trojan.MSIL
ALYac Clean
TACHYON Clean
Malwarebytes Malware.AI.1417145416
Panda Trj/Downloader.FUM
Zoner Clean
TrendMicro-HouseCall TrojanSpy.Win32.MALXMR.USMANDK21
Tencent Clean
Yandex Clean
Ikarus Win32.Outbreak
MaxSecure Clean
Fortinet Riskware/Miner
Webroot Clean
AVG Win32:Trojan-gen
Cybereason malicious.f7bcbe
Avast Win32:Trojan-gen
Qihoo-360 Clean
No IRMA results available.