popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2093-07-25 06:45:14

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x0000b684 0x0000b800 5.26543398439
.rsrc 0x0000e000 0x00000588 0x00000600 4.00198733078
.reloc 0x00010000 0x0000000c 0x00000200 0.0815394123432

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x0000e0a0 0x000002fc LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_MANIFEST 0x0000e39c 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
*********** @
*********** @
!4333333
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
v4.0.30319
#Strings
N21xfSY4Pa86423G309h50Q7f8f0x5b90
get_M9cvC3baM0
set_M9cvC3baM0
9O85y1b5F2a0
Lcfd1z9c79Qs2XZC3112f0
D6bVa2nb34b8a5u1a3B3C17f0
E15b3bfa954ap461db545Eaf0
2P7a3fy93VbVJ22Rcl0
K3Fa564awZ15473hr9a8X3Lcz011
A2c1kVnj5GaLv7768b152048TXL04D21
72ad2Pb1G1v731
7c9c73Nd27yk42NepY41341
B5D31ZP4eJWa1xk1792a73w41
8X05Qeq5tIu5171
802QdB462dvO2VZtB2Lac11RfHfpOc081
15b1VU1706yfi57djT9Gc1e7c249dfw443R81
get_6b93521ye1817Z7aPKEfObwdO84M817754f4205f43u2A1
1b671G2Vc963aed34171Abv15f914P1
0t35Jd1k198Mj1L7K9Z3Iqf3a3e1bO191f1LddX1
IEnumerable`1
List`1
F34szfet26a1
4c95Gf4we1na09nr7ZlHd1
2aEa94Y9cd1
Rvfbaty374w604LXk93672o92dHaf3H9332b414f1
24582l3fJ08ra0DJ6L02
Ja03e8dajw0ae22
11512xb0ff5Ye79H4k4XSio9c32
UInt32
ToInt32
get_44q2Y320acdM35fbfQ62
set_44q2Y320acdM35fbfQ62
P84R150e1a6L3No73438gGN4D47l974bTI9vdbt62
R08OKat48Seae44aJ13T2872
P42fP0f951Vxywmbd71Kd9P950md3q55FXenj92
S10ry4F7253GdFYfB2
8t5be07nL9v4aR2
Func`2
48cfF11gf2
4280fMI33
1848knd0P88ar2121x2ZCW27c1bdo85Af5143
90Ea191ede55xrET3aae17z8se2g33e1923b7B4u53
0O93LZ15Qc8s8Qf25a41i140co89xb98af1866bc3
7L659d24e67095cq3
5ce1240XD63mOaQ18oT50cd1Bdm83V9039afjERt3
530r5195Ln1O294U290u1d01J3HM9E4d303731x3
BQo2104Mi1246G14V5n30a6785z04
F0daOzc42ma4b170E08f3aO22ifa491daaWzbmwA4714
C2f1812bA3d424
F7Aa6159aI0b492e73gi21w612b442f13fN754
L1f29299a99633aa0L264
UInt64
ToInt64
Cc262Zr1yK4
6gVdc3bKGdDc5Gc9T8I252aJB5U4
N473a2C7R0w0e2dV4
EcdeGVkL10n7z5bPupH7jLfd0eX270A4b7e4b4a6a43238a4
9zu41Edt855t1aCZ1d4
G23e70gB1cc0d78ffe311b9748HEf51Z091f4
D2aN2i4JX40a0f3rd8045172X2p4
Fc4385Sh277d37Z207c2e2715
44f1vfdl065EP2bI3a0aw4H2hdNbm15
Koaa0Od1iJ98aaG225
QaWO3Ib39w6704G2dQ6Me20di0f383499b17sb19d50o335
3d14LCYa35793E57CcO1R9UhoehK5b7L69b9297Pd9UY35
248fYU926a4266a21q56a164e23MVa5N4le6841b30N65
R0bVTafkz525xq178x7uee0HbJ85
A19t0jabag4md4fNGM5
Le5TRc7Wr3V5328B8a91a38dV0cxa7N5
1DfccfI6K003CcD005a0a6abb73k77c61178baT6IfcFd8sO5
AbNmcU0a76Y4GbWbd7mgdc9c5d3kd4bu9a5
1CfnC4e245dE4943z7m739aa5
1Vefcl24VP3677b5
Ot37OIt197d1812z12gEadR03b2u2L24b72ut8Jp9f5
4Z0caV17y5n4s81u0316x21g1f8907H1g5
20d27xc4abb1a60j78305br5
KdAYKaa5S75d45Ajb06
0brLau5au4ac9O3ca613005f4e6YO12389Qk3q16
2xG1379c09fCBd47Ea6
37616790QbvyIRh1479Zf117
1Tu9b452a041aed76ab9f322be24c4Qa1xf5f477
I75Va647xA1vb2xfS7Kc8c77
98t9cocby42p21I211242a6qu3e3bqb9edB7
Mdbf2e4adTci2pl2JF7
B8mgf3d57cctB4xf30300eEeHA39H7
B2B1127961fPa0FctI7
Ba9xd3611ao0xWfC1d9EC7p1cX85Aa19602qncK3c2p13eQ7
4iz521a7
A9T4911Tk27f9f7c3ac7PfqD8kbf33S14Bbx2e728Of7
F4e0f117f72G667o8Ae4438
Bma216beY57e6g1d0a41x3b8978
4692cz78
B39119a8lvb6L6P1P673494Hd6412b2f1f8B788
Lfba85f87X9beB22Rb296f88
BV79e4e3e48Q64bva5493n7461b27m6qz398
5vh5o4fi43R6564K31c19166M7jcC8
5cf3m47al3uFTRbcd8tb74la64dq8
2pld4Gf8409
9DcVoEe609
Qo8e32Wf4bcW1dIo90aW9qA1529
8J9f3a01f3fY497b1S0J6L8a73P86bc84dM51gS1icS39
QaKIz1Za0926gCVqbLi1c27M2SFR3c1Pa4u5IeV741c49
T1242Ce1x49
7da828R9r359
4u77Ha5Byex1O1b1G59
1fb91Lc3i1c69
Bc37Zc1e0aape1b5e99
84755sG9
FE0dgaOausew84eyW17a5Tb82e17hswq44fX4c543Dac2fL9
CG4bNr66cslb0aP9
UdcdZhDq2319b478f92b387cH11ec7D643WY9
41ba4c9
De2a55fn8bl9
6ca121d2K9d1pb180o9
4bd3ev9
0d9bbt197D1rf4Y73fh14cMddxfG18f4f8Z15I0fclb0A
59997577V592bUc5A
F3406q7464emaCL471bCZ7e6j1sb9db5Q8R3qa3B
Y8c507Q3225aSUD0bM1G82T19aB
Le72l3j1K41aN08r24b39O11C
5Sa415b1xSv9282f61C
69129bgA44ky9iEKB7mLY2dhmbI40d491d1GP1dB3ddfcZ1C
2Pt2f1qJfX196166b33lPS27aa56C
Ng5t1e0agfI431Hy55LM3e881jabYB19C
3fy11b5SKpu9a1iX15x2xE
65U15f2Jd53416s3482er8w3s9F
R3Wf1f5bKf48H8dHIc77PO5aa94wq0147n4afjE1QMG
ENfadme8aRA8Ya1937P9107zeArKJpG
14dh13ec6RdZ9L1H
F6XgH51cc91f47aIH
6910w90b7v4Ma55922A440332qc22b82PD9fF3QH
BMbB02naa31aLf31231f4d6C71b5WH
Ca0Ka171L51se1fd1OM47ldn7e3zmG0adH
K6Raf99kaa982e2U2afd43fNcbX1I
79fs2c598r10bT2L34b0f2I
7f0v37K17141871217Adc3eO7dEA7b1c7ieW516BI
UiNt1Mq1e176aaN4cld7154a2au56214a9O7e2ITAYrI
Y62m4T86593J
7crWV99Y593K
J1b022oDd5fxdyEAZ2a9Cv95a107547K
0893ad4a4b5M1Bb48aZ76a4E39633eR4UK
XB2a9852a0u118S4apd887Vc9sa2497eK
256dkQHaqbu3zdLAffp8fubP93caA3eRd9fk5Syfz20L
G6zk60W4f7a29Vn299vdea9faz5984V9mEL
98Z4o7kackXb19armx1a0Y37WMi2cfT2eae2M
C242nfB492S248kcG77cf7C192rad221c0zee4fHM
Fe0Qfcp4d42fdP4144102N
64de47G1fbaUvfacKa610djG5T3pc6we9N8TN
57C58L162J2p80rhb8aJ9E7vfece9c9E8u2y26x5d2K64O
System.IO
UBAfdjqb9X03168v7f9631XP22WF1019yc30aS4qbP
3K115323f162Hy4Q
B9hY9619q6ZG4a3a148386e9Q
FE9LB2l6R829Mta6d9f14R
1x4Bdak511Z2Xcea3W29b1M4fR
E772JPY9h116a332my0oVawD9wR
0t4UM7UH6b2YdJ4r8S45073ZAS
859bmi86t3S953244BMa8RbDJa594T
7bDv94eav33f8Y9T
YWdrxM29aa60113V590yMvL494fw925Z4kW19795D9U
Za11P5f8V
541f18QUc4lX745v44p2aYV
C8J62Ic8801284e62RmW
8fE25buXaO46c5X
M1955g4o0cf47fB142e2Z
1x22f6cfL59f7Z
83Eafec8b494347152Lpl010f3Q1t381Y1ct18Z
317m158a41eep1a
42Rb97f5hv5a75d45kV357Of752a
AIh8Ck7584a
A125p43c72078po659d4a
0bf25FpP3e85a
Ec78a1b4b3D2b1a20c8691d5a
Ao19n49G36yVW3103j1Raa71cJEMeaa95HQNr67c122272Ra
BsLm44dfm92475f7zm596ed1G2abf0m8d1a0ba
S2hm7m7vr732g3d2ca
M27Ua19D477915zecKY20L8da
8efFbQFfa2fa9GV18463Dbfzs239bfb8ia
6z65Pw1210B1V4Vi1ad9ecdrs4kK3bb33D1b
Y25Q770z143dU5Rv7bD42b
74b1fGQR4N6d2a54tfX697L4UT0z3a19d21f119a5K2ddfJb
mscorlib
Ge0431c
1b5gF97c2Fk9Oc22sz72cU1gCYb4cBb2fjv2c
NR0C457aX60ua037gdb73c
622aFaa5bawv9n442089aFJZc
29Lb4111vda29rb28792493xP3V6el8acR4819ac
P1W8r48Jc0c7cXEecf1h5aK980131a7Idf922bdf1848fc
80aa69F2a38e44a9b1cWZ1dg431hc
System.Collections.Generic
Microsoft.VisualBasic
EU41naVYH250ksc9479a301a3Ca39867456v5bhL2d
935d28se3k299cfEbf6f7y9bh1Ix2qZR73d
P71b138X1f7b11j6af7d
AYEdfeOjaN114cc3454Pxh8d
UniqueId
5S2bYad
Thread
Versioned
Synchronized
Append
get_Kind
DateTimeKind
get_Second
CompareMethod
8l4d01JQc5eW864u97kbX1a53pwd
0212afcexu4e319q514nO0ebe91ifsh921e4C89T9ab431e
294a99ybS0v4b6n1Ea3dAq752O493e
Oda10dNbRs0uIGk0291271k98N73Cd788t99e57e
Replace
XmlDateTimeSerializationMode
Enumerable
IDisposable
ToDouble
RuntimeTypeHandle
GetTypeFromHandle
ToSingle
get_Name
CallByName
ToDateTime
ToLocalTime
CallType
System.Core
Capture
ApplicationSettingsBase
Dispose
EditorBrowsableState
CompilerGeneratedAttribute
GeneratedCodeAttribute
DebuggerNonUserCodeAttribute
EditorBrowsableAttribute
DefaultSettingValueAttribute
UserScopedSettingAttribute
ParamArrayAttribute
get_Minute
get_Value
MinValue
MaxValue
90bBj32964i.exe
1113CW4Bw3Ne03ba8fzbk3M2f663ccdd0f
6XzXf5R07XKbdO4fLF85b7a92JMaX3f
3791cdfcz3mYf69ne8u3f
9bT1e63d28019b1c72e264698L7f
A1w1019d88X8S011Jf
IndexOf
1qVf2f076iH342b474H3f1211v1Ecba1834bf
541q4dc11353b74d70du1a29V9869ake022123avbf
643151cf
B69Q9aefCc310394021dhn24aff
14R171at879fdac91b334e57ka9m4a97f5al43XtiadZwf
Fw98S00H7O1Ufhu49i8c688d9cb2Ne3Xe42Kc1o1O4222g
System.Threading
Base64Encoding
UTF8Encoding
UnicodeEncoding
DownloadString
ToString
GetString
Substring
5c416fH0zZa21a0Z2d1329a7B3c4d1a3ch
GetFolderPath
get_Length
get_Month
90bBj32964i
Vf1D6bcaH71a85f9xb0dEi
4aq9dO2h39aMi
D26711k0a8k
EntityFramework
get_Local
ToDecimal
System.ComponentModel
System.Xml
System.Data.Entity.Core.Metadata.Edm
get_Item
INamedDataModelItem
System
Ka36941hc471j03qFa6n
ToBoolean
op_GreaterThan
op_LessThan
ToTimeSpan
System.Configuration
System.Globalization
System.Runtime.Serialization
op_Subtraction
System.Reflection
MatchCollection
FormCollection
GroupCollection
WebHeaderCollection
MissingManifestResourceException
ArgumentOutOfRangeException
IndexOutOfRangeException
CreateEncodingException
DecoderFallbackException
XmlException
CreateConversionException
InvalidOperationException
FormatException
ArgumentException
OverflowException
StringComparison
TimeZoneInfo
CultureInfo
NumberFormatInfo
get_InvariantInfo
Fee7M2xd4524hyko
76c0609e01hSb4w9m2Y3KPcfbaap
Q7D715X117Xa7u6cy11q7v2ETc6aG63H6726cFfIe4v7dp
7zTE5a6452b5OZ413Aia316cR7014M2Qip
1470dI681Tteatp
4bfl1164p1E60016743k22a53449bq
System.Linq
JFs13w10r
11l8f3acdcEa77A173r
N3mr24r37r
A8afK0k2703442M7f9eC1m84f4g9r
get_Year
IFormatProvider
StringBuilder
SpecialFolder
System.Resources.ResourceManager
System.CodeDom.Compiler
XmlExceptionHelper
ThrowHelperError
IEnumerator
GetEnumerator
.cctor
UIntPtr
get_Hour
4I78eD0u49x2aRcdC8nfM916538V6E23Ls
System.Diagnostics
Microsoft.VisualBasic.CompilerServices
System.Runtime.CompilerServices
System.Resources
2aEa94Y9cd1.Properties.Resources.resources
Matches
System.Data.Entity.Utilities
NumberStyles
get_Minutes
GetBytes
Strings
get_Ticks
AddTicks
Equals
System.Windows.Forms
IEnumerableExtensions
System.Text.RegularExpressions
System.Collections
StringSplitOptions
3odtfah4qf2E7X32Y3f34safa54rAtQzDd5os
get_Groups
get_Chars
GetChars
get_Headers
get_Hours
Exists
340bu96JeidN41b5Rtc3Hfs6Nt
Concat
Format
Object
Select
System.Net
GetUtcOffset
WebClient
Environment
get_Current
XmlConvert
MoveNext
System.Text
ReadAllText
WriteAllText
S7NceE1ffta1de8qeE0dH7aNo7cw20eu
129967wU1e227D1a5b7d43784fbN6l28q4Jd418eu
Z2c9cg9QV9xa9fa2v00aa16OF3crba6hK5355bQahu
PG8b71a9fF8V4p837cIg7n82a2Jv
Ib04936ge7yc86464Ibc9BQ63btfv
641e7aAFk78f59a1w
12w74fei9w
1ff3ve15w8O1lPb3m9bs19697U12ync6N3197Px
65S22c8caZNCcZAf7Cy
get_UmubJfG1s49Ty
get_Day
Uniquify
get_Assembly
FromBinary
DiagnosticUtility
ExceptionUtility
A45be2123wg912tbn1z
La1df7fFoJ1S8o279fDfc3Rp3b2L4kab2FzG4c275cda7z
UY3TaYI3be0W835z4p0PtREdUpIz
Us6ebfz
3System.Resources.Tools.StronglyTypedResourceBuilder
4.0.0.0
KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator
16.6.0.0
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
first.Properties.Resources
M9cvC3baM0
NfccZ7c90qS1i8n9DKNj9cd7m45U6Gbf0kQ
Bf6U1h634V557d9at5x412fb67aa61RM51
Ta7ac1914F972c4U4M7017Zb2KsnRbl1s8wlF23D4020
66TA2940Fafa79f6oMf9030U1467Kd80R51Oz860p1A
89al78ZW72
61DsT1e96faT23cKNB6B1nbp82
Q757B3782AY2a8ud2cbf9b2be
Sxa4f9Caa79Xb2f0t446
Af28O9s4ac52UwIvr01bfLF4182aWs7f761vq29
H9o4o35L15R090f2LR9Bbl
0h75C6130a5bwTb4bla44212
905417e4J
JdS1dbef1Dm1C1g4p2P5
EL27vKa5R227ndV0b9b2AK0O2q140Cu99f6
Y2t8a8Sda9b4723Oad98td7Z08Kc
Z74171q3389S18pn4
568aD71Xi7a144fUBW36731c
4V72492
Ne199Pc59eDa77UG9SYQt2gc4C41a1541anB7fMa
346M42f92VIja0e7C4w4a241r2G1agi3fsjucMgae360fr91
49c9xAdv2RaKNa2dfIyVm15b8tn19w4yaaP4URbYMU2487e
D1Z63b41d8dy736122q9r9rf2te1lNbNM24Gae889I
F17HaQ30q1d94a4cJa7l58Erc
Y9aeby3ifkcfax25ru09916deacae
2a7l7yacG8Ce8283b5Cla25
936db85d50be12naJ94xfaf0acz2RakT0S
AMd9tfqfy4
1l31a7k56Hfn7m4p452a6096266f3e3937e1z6Rb1T3
W2b291a6U32s4OIP4dBaeyd83qQAc67
51fa5a9Vt662zY5314Pee21aQo27i492z899siMnK75Td8b1
8297d57f4a6bN8687f6H0B4f4Q96R7d2dM
2edacJw4p1auA74
A21nRf40o3043K89
F12ocaj1Dcd38F1Jfi8L
DE7tbKT25Q4e219fMNyZJ3J1n3TIb3fBa60Ai
A37q431I48972
E124M31be9829q82p
67VT16313f9b49c3fR32s83729A9sb8fDODb53v4PB7ft6
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
FileVersion
1.0.0.0
InternalName
first.exe
LegalCopyright
Copyright
2021
LegalTrademarks
OriginalFilename
first.exe
ProductName
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0
Antivirus Signature
Bkav Clean
Elastic malicious (high confidence)
MicroWorld-eScan Clean
FireEye Generic.mg.9016909878ac1ad6
CAT-QuickHeal Clean
ALYac Clean
Cylance Unsafe
VIPRE Clean
K7AntiVirus Clean
BitDefender Clean
K7GW Clean
Cybereason Clean
Baidu Clean
Cyren W32/MSIL_Kryptik.EAY.gen!Eldorado
Symantec Clean
ESET-NOD32 a variant of MSIL/TrojanDownloader.Agent.HUV
APEX Malicious
Avast FileRepMetagen [Malware]
ClamAV Clean
Alibaba Clean
NANO-Antivirus Clean
ViRobot Clean
Rising Clean
Ad-Aware Clean
Emsisoft Clean
Comodo Clean
F-Secure Clean
DrWeb Clean
Zillya Clean
TrendMicro Clean
McAfee-GW-Edition Artemis
MaxSecure Clean
CMC Clean
Sophos Clean
SentinelOne Static AI - Malicious PE
Jiangmin Clean
Webroot Clean
Avira Clean
Antiy-AVL Clean
Kingsoft Win32.Hack.Undef.(kcloud)
Gridinsoft Clean
Arcabit Clean
SUPERAntiSpyware Clean
GData Clean
Cynet Clean
AhnLab-V3 Clean
Acronis Clean
McAfee Artemis!9016909878AC
MAX Clean
VBA32 Clean
Malwarebytes Trojan.Downloader
Panda Clean
Zoner Clean
TrendMicro-HouseCall Clean
Tencent Clean
Yandex Clean
TACHYON Clean
eGambit Unsafe.AI_Score_96%
Fortinet Clean
BitDefenderTheta Gen:NN.ZemsilCO.34678.dm0@aCQxNOm
AVG FileRepMetagen [Malware]
Paloalto generic.ml
CrowdStrike win/malicious_confidence_90% (W)
Qihoo-360 Clean
No IRMA results available.