Static | ZeroBOX

Name	Virtual Address	Virtual Size	Size of Raw Data	Entropy
.text	0x00002000	0x002521c4	0x00252200	2.59392454754
.rsrc	0x00256000	0x00000588	0x00000600	4.01111930109
.reloc	0x00258000	0x0000000c	0x00000200	0.101910425663

Name

Virtual Address

Virtual Size

Size of Raw Data

Entropy

.text

0x00002000

0x002521c4

0x00252200

2.59392454754

.rsrc

0x00256000

0x00000588

0x00000600

4.01111930109

.reloc

0x00258000

0x0000000c

0x00000200

0.101910425663

Name	Offset	Size	Language	Sub-language	File type
RT_VERSION	0x002560a0	0x000002fc	LANG_NEUTRAL	SUBLANG_NEUTRAL	data
RT_MANIFEST	0x0025639c	0x000001ea	LANG_NEUTRAL	SUBLANG_NEUTRAL	XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Name

Offset

Size

Language

Sub-language

File type

RT_VERSION

0x002560a0

0x000002fc

LANG_NEUTRAL

SUBLANG_NEUTRAL

data

RT_MANIFEST

0x0025639c

0x000001ea

LANG_NEUTRAL

SUBLANG_NEUTRAL

XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

!This program cannot be run in DOS mode.

`.rsrc

@.reloc

v4.0.30319

#Strings

ToInt32

Dictionary`2

System.IO

RemotingXmlConfigFileData

mscorlib

System.Collections.Generic

Microsoft.VisualBasic

Versioned

CompareMethod

Replace

PinnableBufferCache

FileSystemAuditRule

CallByName

DateTime

CallType

OutAttribute

ParamArrayAttribute

AccessedThroughPropertyAttribute

WriteByte

System.Threading

ToString

get_Length

System.Security.AccessControl

MemoryStream

get_Item

System

Boolean

TimeSpan

Conversion

System.Runtime.Remoting.Activation

System.Runtime.Serialization

op_Subtraction

IndexOutOfRangeException

FormatterConverter

.cctor

get_TotalSeconds

System.Runtime.InteropServices

Microsoft.VisualBasic.CompilerServices

System.Runtime.CompilerServices

Strings

Equals

get_Chars

Object

Convert

get_Now

SinkProviderEntry

_CorExeMain

mscoree.dll

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>

</requestedPrivileges>

</security>

</trustInfo>

</assembly>

NN Vk dKK k L k k k K k k k SJJ SJJ k k doK k k k k k k k fK k k k k k k k k k k k k k k k k k k k k k k k k k k k k k k k k k k k dSo k k k dK Ld dof dK k dok V SkJ LL doK d Nf SkJ LL oK dkK dkJ ddJ LS ddS ddK ddd dkL ddK VN dkV LS VV VN ddk ddk ddd ddf LS Vo dkd LS ddK ddN ddk LS dkJ ddk LS fo NV oL LS dkV ddd dkk dkd Kf dL dL dk Lf k k k k k k k ok fV k k Nf d L k SSK Jf VV dfS k k k k k k k k SSK k LK k dd d ok k k JS J k k f k k k k k k ddk oL J k k LS k k k Vf J k k k k df k LS k k k S k k K k k k k k k k K k k k k k k k k dfk J k k S k k k k k k S k fK dLL k k df k k df k k k k df k k df k k k k k k df k k k k k k k k k k k SK oL J k oL k k k k Vf J k dLf L k k k k k k k k k k k k k k k k k k k dSo J k dS k k k k k k k k k k k k k k k k k k k k k k k k k k k k k k k k k k k k k k k k k k k k k k k k k k k k LS k k o k k k k k k k k k k k o LS k k NS k k k k k k k k k k k Kf ddf dkd dSk ddf k k k ddf Jd J k k LS k k k JS J k k S k k k k k k k k k k k k k k LS k k Vf Kf ddK ddJ ddK VV k k k dLf L k k k V

kdSLKJfNoV

Assembly

ToArray

EntryPoint

GetType

Invoke

VS_VERSION_INFO

VarFileInfo

Translation

StringFileInfo

000004b0

Comments

CompanyName

FileDescription

FileVersion

1.0.0.0

InternalName

first.exe

LegalCopyright

2021

LegalTrademarks

OriginalFilename

first.exe

ProductName

ProductVersion

1.0.0.0

Assembly Version

1.0.0.0

Antivirus	Signature
Bkav	Clean
Elastic	malicious (high confidence)
MicroWorld-eScan	Clean
FireEye	Generic.mg.c37d480d603a248b
CAT-QuickHeal	Clean
McAfee	Clean
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Clean
BitDefender	Clean
K7GW	Clean
CrowdStrike	win/malicious_confidence_90% (W)
Baidu	Clean
Cyren	W32/MSIL_Kryptik.EAY.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/GenKryptik.FESB
APEX	Malicious
Paloalto	generic.ml
Cynet	Malicious (score: 100)
Alibaba	Clean
NANO-Antivirus	Clean
ViRobot	Clean
AegisLab	Clean
Ad-Aware	Clean
Sophos	ML/PE-A
Comodo	Clean
F-Secure	Clean
DrWeb	Clean
VIPRE	Clean
TrendMicro	Clean
CMC	Clean
Emsisoft	Trojan-Downloader.Agent (A)
Ikarus	Clean
GData	Clean
Jiangmin	Clean
eGambit	Clean
Avira	Clean
MAX	Clean
Antiy-AVL	Clean
Kingsoft	Clean
Gridinsoft	Clean
Arcabit	Clean
SUPERAntiSpyware	Clean
ZoneAlarm	Clean
Microsoft	Clean
AhnLab-V3	Clean
Acronis	Clean
BitDefenderTheta	Gen:NN.ZemsilF.34686.uo0@aCPq7!h
ALYac	Clean
TACHYON	Clean
VBA32	Clean
Malwarebytes	Clean
Zoner	Clean
TrendMicro-HouseCall	Clean
Tencent	Clean
Yandex	Clean
SentinelOne	Static AI - Malicious PE
MaxSecure	Clean
Fortinet	Clean
Webroot	Clean
Cybereason	malicious.e8a2ef
Panda	Clean
Qihoo-360	Clean

Antivirus

Signature

Bkav

Clean

Elastic

malicious (high confidence)

MicroWorld-eScan

Clean

FireEye

Generic.mg.c37d480d603a248b

CAT-QuickHeal

Clean

McAfee

Clean

Cylance

Unsafe

Sangfor

Trojan.Win32.Save.a

K7AntiVirus

Clean

BitDefender

Clean

K7GW

Clean

CrowdStrike

win/malicious_confidence_90% (W)

Baidu

Clean

Cyren

W32/MSIL_Kryptik.EAY.gen!Eldorado

Symantec

ML.Attribute.HighConfidence

ESET-NOD32

a variant of MSIL/GenKryptik.FESB

APEX

Malicious

Paloalto

generic.ml

Cynet

Malicious (score: 100)

Alibaba

Clean

NANO-Antivirus

Clean

ViRobot

Clean

AegisLab

Clean

Ad-Aware

Clean

Sophos

ML/PE-A

Comodo

Clean

F-Secure

Clean

DrWeb

Clean

VIPRE

Clean

TrendMicro

Clean

CMC

Clean

Emsisoft

Trojan-Downloader.Agent (A)

Ikarus

Clean

GData

Clean

Jiangmin

Clean

eGambit

Clean

Avira

Clean

MAX

Clean

Antiy-AVL

Clean

Kingsoft

Clean

Gridinsoft

Clean

Arcabit

Clean

SUPERAntiSpyware

Clean

ZoneAlarm

Clean

Microsoft

Clean

AhnLab-V3

Clean

Acronis

Clean

BitDefenderTheta

Gen:NN.ZemsilF.34686.uo0@aCPq7!h

ALYac

Clean

TACHYON

Clean

VBA32

Clean

Malwarebytes

Clean

Zoner

Clean

TrendMicro-HouseCall

Clean

Tencent

Clean

Yandex

Clean

SentinelOne

Static AI - Malicious PE

MaxSecure

Clean

Fortinet

Clean

Webroot

Clean

Cybereason

malicious.e8a2ef

Panda

Clean

Qihoo-360

Clean

Static Analysis

PE Compile Time

PE Imphash

Sections

Resources

Imports