popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2056-08-11 11:39:41

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x001aa8f4 0x001aaa00 2.58265435654
.rsrc 0x001ae000 0x000006b0 0x00000800 5.02467161687
.reloc 0x001b0000 0x0000000c 0x00000200 0.101910425663

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x001ae0a0 0x00000424 LANG_ENGLISH SUBLANG_ENGLISH_US data
RT_MANIFEST 0x001ae4c4 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
v4.0.30319
#Strings
IEnumerable`1
CallSite`1
ToInt32
Func`3
Action`4
System.IO
mscorlib
System.Collections.Generic
Microsoft.VisualBasic
Versioned
Replace
Invoke
RuntimeTypeHandle
GetTypeFromHandle
CallByName
CallType
GetType
System.Core
Create
CallSite
STAThreadAttribute
CompilerGeneratedAttribute
WriteByte
ToByte
ToString
get_Length
MemoryStream
System
FormCollection
CSharpArgumentInfo
Microsoft.CSharp
InvokeMember
GetMember
Microsoft.CSharp.RuntimeBinder
CallSiteBinder
.cctor
Microsoft.VisualBasic.CompilerServices
System.Runtime.CompilerServices
CSharpArgumentInfoFlags
CSharpBinderFlags
System.Windows.Forms
get_Chars
Format
Object
Target
Convert
ToArray
op_Equality
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>PAPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDING
dd Ct Tll t W t t t l t t t Luu Luu t t Tbl t t t t t t t fl t t t t t t t t t t t t t t t t t t t t t t t t t t t t t t t t t t t TLb t t t Tl WT Tbf Tl t Tbt C Ltu WW Tbl T df Ltu WW bl Ttl Ttu TTu WL TTL TTl TTT TtW TTl Cd TtC WL CC Cd TTt TTt TTT TTf WL Cb TtT WL TTl TTd TTt WL Ttu TTt WL fb dC bW WL TtC TTT Ttt TtT lf TW TW Tt Wf t t t t t t t bt fC t t df T W t LLl uf CC TfL t t t t t t t t LLl t Wl t TT T bt t t TCt W t t f t t t t t t TlL LLT W t t WL t t t LLl W t t t t Tf t WL t t t L t t l t t t t t t t l t t t t t t t t WL l t t L t t t t t t L t fl TWW t t Tf t t Tf t t t t Tf t t Tf t t t t t t Tf t t t t t t t t t t t fl LLT W t du t t t t LLl W t TWf W t t t t t t t t t t t t t t t t t t t t l t TL t t t t t t t t t t t t t t t t t t t t t t t t t t t t t t t t t t t t t t t t t t t t t t t t t t t t WL t t b t t t t t t t t t t t b WL t t dL t t t t t t t t t t t lf TTf TtT TLt TTf t t t Tlb TbC W t t WL t t t TCt W t t L t t t t t t t t t t t t t t WL t t Cf lf TTl TTu TTl CC t t t TWf W t t
{0}{1}{2}{3}{4}{5}{6}{7}{8}{9}
{0}{1}{2}{3}{4}{5}{6}{7}
{0}{1}{2}{3}
{0}{1}{2}{3}{4}{5}
VS_VERSION_INFO
StringFileInfo
040904e4
Comments
CompanyName
FileDescription
FileVersion
1.819.771.743
LegalCopyright
All Rights Reserved
InternalName
LegalTrademarks
OriginalFilename
ProductName
ProductVersion
1.819.771.743
Assembly Version
1.819.771.743
VarFileInfo
Translation
Antivirus Signature
Bkav Clean
Elastic malicious (high confidence)
MicroWorld-eScan Clean
FireEye Generic.mg.56626bf21f8de8d0
CAT-QuickHeal Clean
McAfee Clean
Cylance Unsafe
Zillya Clean
Sangfor Clean
K7AntiVirus Clean
BitDefender Clean
K7GW Clean
Cybereason malicious.684434
Baidu Clean
Cyren Clean
Symantec ML.Attribute.HighConfidence
ESET-NOD32 Clean
APEX Malicious
Paloalto generic.ml
Cynet Malicious (score: 100)
Kaspersky Clean
Alibaba Clean
NANO-Antivirus Clean
ViRobot Clean
SUPERAntiSpyware Clean
Ad-Aware Clean
Comodo Clean
F-Secure Clean
DrWeb Clean
VIPRE Clean
TrendMicro Clean
McAfee-GW-Edition BehavesLike.Win32.Generic.tz
CMC Clean
Emsisoft Clean
Ikarus Trojan.Inject
GData Clean
Jiangmin Clean
Webroot Clean
Avira Clean
MAX Clean
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Clean
Arcabit Clean
AegisLab Clean
ZoneAlarm Clean
Microsoft Clean
AhnLab-V3 Clean
Acronis Clean
BitDefenderTheta Gen:NN.ZemsilF.34688.Qn0@aGIqSsli
ALYac Clean
TACHYON Clean
VBA32 Clean
Malwarebytes MachineLearning/Anomalous.95%
Panda Clean
Zoner Clean
TrendMicro-HouseCall Clean
Rising Clean
Yandex Clean
SentinelOne Static AI - Malicious PE
eGambit Unsafe.AI_Score_76%
Fortinet Clean
Qihoo-360 Clean
Avast Clean
CrowdStrike win/malicious_confidence_100% (D)
MaxSecure Clean
No IRMA results available.