popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2093-07-25 06:45:14

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x00004f24 0x00005000 5.22608555757
.rsrc 0x00008000 0x00000588 0x00000600 3.9994481807
.reloc 0x0000a000 0x0000000c 0x00000200 0.0815394123432

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x000080a0 0x000002fc LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_MANIFEST 0x0000839c 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
v4.0.30319
#Strings
get_A7z82dbpCw49d7aS5IXph408e2v616v21
set_A7z82dbpCw49d7aS5IXph408e2v616v21
4d2t2c7c40co54t31
List`1
6M5An8HGca665J14w1k0k1
get_2RK20kAt02
set_2RK20kAt02
UInt32
ToInt32
Ae44LdDaGa7D53K5d6884L607edh5H2
4h605C636224bc57u4AaSgZ2
FqJkL1b2
EdB47a514nSc056d477c1iVm5qaqa2aU889K3
U2cF9bRf9aw64418eKdf784a1C56b3fgu3
44Pe4156744sS613A4612Mba6a58lc12G6b444
C6BZf64
2K2762bQa373y85Adan4da2ddETbdPW4
Dwax1Yta4
get_Lb8d0801y64e1Nce5tn246G6fd37e4
11V43L0c4642d46e8v18n4
1CUg6e6zd4As1Q04dt06
6r51236
284710b2k876
Me44dsbdfc1ka2I6Ic7OVG6
F407e4OaNeb6
16e04fee6
DsLc4IcnDa47
4d4feOe788Ka4PTLV7
Cce826LWaUte82b0e06eqa57X4E4naSf7
Fmjv1b761738Ugbf3S10DW3dd1Pje6Zf977wdd46749ae7qn8
Rb22041Q39
E8Se9hbe02eLc76WK4cdFa2848mBA08aosdwhTM3c44D
N4604Zbc389DE
W31dGtaj3L
Ip4KY031U8P66dc0e4Bc30lHJO0dd6B6006662M
V5am18RFRQc7d8Ie146O06162dL8840kb4Baea1kxB8b440fM
System.IO
D1uj2d262a83jxBR
X41ycT6cav41I0e4d1B791ZH64gU2wcG49w6bU46wS
G71d8f7e44b42011k7A6QT
3vc87044daNa48486TcnaF8943cdb6Qa328FZ
D644544O5Prhi86n476f7Zde2do64EcFahw8UV47a4181b
1e768aEZ1e02b
0wHd459c82duEt2765b
5cBef4zG388dkb38vub044wRchd0erB9b
G07eca5e8xt2K0hCp3dE7380DgeFcb
mscorlib
B82aBXc6a6d4Q7cmdN46G264U6188NacaWX2434c
6bydt4Kc7dmDcdnFb6c
System.Collections.Generic
Microsoft.VisualBasic
TypeDesc
814d60768581ad71ER0emF4rc41fd834Wff11dCd
4dqG8NbB7Ma40QW1avz6266mb6U704wbP761073d22DTd
V66cX4d8e44fc6Yd
57g7bfc8eo261ad
Thread
Versioned
Synchronized
Append
CanonicalFormKind
CompareMethod
Zbd4vdsd
get_073c1u7ra1PoKnd34Xe6bfPcd2bbN1705x4R1m4zd
1fT32a51enS3f422rdR861ifet61B76Rncfs2e
A4d1x434a45c6E3611m6eOY0cJLCddf9VdJ4k4w3e
get_IsInterface
Replace
get_HasVariance
IDisposable
RuntimeTypeHandle
GetTypeFromHandle
CallByName
Internal.Runtime
get_IsValueType
get_IsDefType
get_UnderlyingType
CallType
IsWellKnownType
get_ElementType
CorElementType
ArrayType
IsCanonicalSubtype
get_Architecture
TargetArchitecture
Capture
ApplicationSettingsBase
Dispose
EditorBrowsableState
CompilerGeneratedAttribute
GeneratedCodeAttribute
DebuggerNonUserCodeAttribute
EditorBrowsableAttribute
DefaultSettingValueAttribute
UserScopedSettingAttribute
ParamArrayAttribute
get_Value
get_IsPrimitive
1e768aEZ1e02b.exe
A4a410hec34d2jga59bd6187742Yf
get_IsByRef
Ez2a1db0ULu3yd82i44O813eg
System.Threading
DownloadString
ToString
GetFolderPath
get_Length
61abR2Gdbb64d1o411X3Jc1e200m813dD6e4s46Hf3c70l
Decimal
System.ComponentModel
get_Item
Internal.TypeSystem
get_IsEnum
G3Lct42NRbaGF1875ta0ax4vfrD1ddvwR60N22n
Boolean
get_HasInstantiation
System.Configuration
System.Globalization
System.Reflection
MatchCollection
FormCollection
GroupCollection
WebHeaderCollection
get_IsGenericDefinition
IndexOutOfRangeException
CultureInfo
FGa2P5Z4Cd027Piz9ar
System.Private.TypeLoader
StringBuilder
SpecialFolder
ResourceManager
System.CodeDom.Compiler
get_IsGCPointer
get_IsPointer
get_HasFinalizer
IEnumerator
GetEnumerator
.cctor
UIntPtr
System.Diagnostics
Microsoft.VisualBasic.CompilerServices
System.Runtime.CompilerServices
System.Resources
G07eca5e8xt2K0hCp3dE7380DgeFcb.Properties.Resources.resources
Matches
7h06ew2rY58c71a7Hakfs
TypeFlags
Strings
Equals
TargetDetails
System.Windows.Forms
System.Text.RegularExpressions
System.Collections
StringSplitOptions
get_Groups
get_Chars
get_Headers
TypeSystemHelpers
get_ContainsGCPointers
Exists
Concat
Object
System.Net
get_Target
get_AsInt
LayoutInt
WebClient
get_InstanceByteAlignment
Environment
get_Current
5b2TP86bqt
Convert
MoveNext
System.Text
ReadAllText
WriteAllText
get_Context
TypeSystemContext
AWHb6d5u
get_IsArray
get_Assembly
get_Category
TypeSystemEntity
3System.Resources.Tools.StronglyTypedResourceBuilder
4.0.0.0
KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator
16.6.0.0
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
first.Properties.Resources
2RK20kAt02
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
FileVersion
1.0.0.0
InternalName
first.exe
LegalCopyright
Copyright
2021
LegalTrademarks
OriginalFilename
first.exe
ProductName
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0
Antivirus Signature
Bkav Clean
Elastic malicious (high confidence)
MicroWorld-eScan Clean
FireEye Generic.mg.778deeb02865595a
CAT-QuickHeal Clean
ALYac Clean
Cylance Unsafe
Sangfor Trojan.Win32.Save.a
K7AntiVirus Clean
BitDefender Clean
K7GW Clean
Cybereason Clean
Arcabit Clean
BitDefenderTheta Gen:NN.ZemsilF.34684.bm0@aOREEUk
Cyren W32/MSIL_Kryptik.EAY.gen!Eldorado
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of MSIL/TrojanDownloader.Agent.HUV
Baidu Clean
APEX Malicious
Paloalto generic.ml
Cynet Malicious (score: 100)
Kaspersky UDS:DangerousObject.Multi.Generic
Alibaba Trojan:MSIL/Generic.cf2ba929
NANO-Antivirus Clean
SUPERAntiSpyware Clean
Ad-Aware Clean
Sophos Mal/Generic-S
Comodo Clean
F-Secure Clean
DrWeb Trojan.DownloaderNET.163
VIPRE Clean
TrendMicro Clean
McAfee-GW-Edition Artemis!Trojan
CMC Clean
Emsisoft Clean
SentinelOne Static AI - Malicious PE
Jiangmin Clean
Webroot W32.Trojan.Gen
Avira Clean
MAX Clean
Antiy-AVL Clean
Kingsoft Win32.Troj.Generic_a.a.(kcloud)
Gridinsoft Trojan.Win32.Downloader.oa
Microsoft Trojan:Win32/AgentTesla!ml
ViRobot Clean
ZoneAlarm UDS:DangerousObject.Multi.Generic
GData Clean
AhnLab-V3 Clean
Acronis Clean
VBA32 Clean
TACHYON Clean
Malwarebytes Trojan.Downloader
Panda Clean
Zoner Clean
TrendMicro-HouseCall TROJ_GEN.R002H0DDQ21
Tencent Clean
Yandex Clean
Ikarus Win32.Outbreak
eGambit Unsafe.AI_Score_99%
Fortinet Clean
MaxSecure Clean
AVG FileRepMalware
Avast FileRepMalware
CrowdStrike win/malicious_confidence_90% (W)
Qihoo-360 Clean
No IRMA results available.