popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2065-07-21 02:07:18

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x0000d724 0x0000d800 5.76080224273
.rsrc 0x00010000 0x000023c0 0x00002400 4.59738623197
.reloc 0x00014000 0x0000000c 0x00000200 0.0815394123432

Resources

Name Offset Size Language Sub-language File type
RT_ICON 0x000118e0 0x00000568 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000118e0 0x00000568 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000118e0 0x00000568 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_GROUP_ICON 0x00011e48 0x00000030 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_VERSION 0x00011e78 0x0000035c LANG_ENGLISH SUBLANG_ENGLISH_US data
RT_MANIFEST 0x000121d4 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
v4.0.30319
#Strings
CLRIReferenceArrayImpl`1
List`1
ToInt32
__StaticArrayInitTypeSize=3
<PrivateImplementationDetails>
System.IO
STORE_CATEGORY
mscorlib
System.Collections.Generic
Thread
Synchronized
Replace
set_AutoScaleMode
WindowsImpersonationFlowMode
Invoke
IDisposable
RuntimeTypeHandle
GetTypeFromHandle
System.Runtime.InteropServices.WindowsRuntime
Capture
MethodBase
ApplicationSettingsBase
Dispose
EditorBrowsableState
CompilerGeneratedAttribute
GeneratedCodeAttribute
DebuggerNonUserCodeAttribute
EditorBrowsableAttribute
DefaultSettingValueAttribute
UserScopedSettingAttribute
WriteByte
ToByte
get_Value
set_ClientSize
System.Threading
DownloadString
ToString
disposing
System.Drawing
get_Length
IStackWalk
RawAcl
System.ComponentModel
ContainerControl
UserControl
System.Security.AccessControl
MemoryStream
get_Item
set_Item
System
Boolean
AppDomain
get_CurrentDomain
System.Deployment.Internal.Isolation
System.Configuration
System.Globalization
System.Reflection
MatchCollection
GroupCollection
WebHeaderCollection
Exception
MethodInfo
CultureInfo
ToChar
ResourceManager
System.CodeDom.Compiler
IContainer
BinaryConverter
IEnumerator
GetEnumerator
.cctor
System.Diagnostics
System.Runtime.CompilerServices
System.Resources
.Properties.Resources.resources
Matches
System.Windows.Forms
Contains
System.Text.RegularExpressions
System.Collections
get_Groups
get_Chars
get_Headers
GCNotificationStatus
Concat
Object
System.Net
WebClient
get_Current
get_EntryPoint
Convert
InterfaceForwardingSupport
System.Deployment.Internal.Isolation.Manifest
MoveNext
set_Text
ToArray
get_Assembly
System.Runtime.Serialization.Formatters.Binary
DescriptionMetadataEntry
IAssemblyReferenceEntry
System.Security
w7xAx@
w7xAx8
w7xAx:
w7xAx5
w7xAx.
w7xAxE
w7xAx@
w7xAx#
w7xAx5
w7xAxJ
w7xAx
w7xAx#
w7xAx*
w7xAx6
w7xAxA
w7xAxB
w7xAx<
w7xAxB
w7xAx?
w7xAx<
w7xAxm
w7xAxe
w7xAxt
w7xAx@
w7xAx8
w7xAx:
w7xAx5
w7xAx.
w7xAxE
w7xAx@
w7xAx#
w7xAx5
w7xAxJ
w7xAx
w7xAx#
w7xAx*
w7xAx6
w7xAxA
w7xAxB
w7xAx<
w7xAxB
w7xAx?
w7xAxa
w7xAx
w7xAxn
w7xAxa
w7xAxm
w7xAxe
w7xAx=
w7xAx"
w7xAx@
w7xAx8
w7xAx:
w7xAx5
w7xAx.
w7xAxE
w7xAx@
w7xAx#
w7xAx5
w7xAxJ
w7xAx
w7xAx#
w7xAx*
w7xAx6
w7xAxA
w7xAxB
w7xAx<
w7xAxB
w7xAx?
w7xAxk
w7xAxe
w7xAx@
w7xAx8
w7xAx:
w7xAx5
w7xAx.
w7xAxE
w7xAx@
w7xAx#
w7xAx5
w7xAxJ
w7xAx
w7xAx#
w7xAx*
w7xAx6
w7xAxA
w7xAxB
w7xAx<
w7xAxB
w7xAx?
w7xAxy
w7xAxw
w7xAx@
w7xAx8
w7xAx:
w7xAx5
w7xAx.
w7xAxE
w7xAx@
w7xAx#
w7xAx5
w7xAxJ
w7xAx
w7xAx#
w7xAx*
w7xAx6
w7xAxA
w7xAxB
w7xAx<
w7xAxB
w7xAx?
w7xAxo
w7xAxr
w7xAx@
w7xAx8
w7xAx:
w7xAx5
w7xAx.
w7xAxE
w7xAx@
w7xAx#
w7xAx5
w7xAxJ
w7xAx
w7xAx#
w7xAx*
w7xAx6
w7xAxA
w7xAxB
w7xAx<
w7xAxB
w7xAx?
w7xAxd
w7xAx@
w7xAx8
w7xAx:
w7xAx5
w7xAx.
w7xAxE
w7xAx@
w7xAx#
w7xAx5
w7xAxJ
w7xAx
w7xAx#
w7xAx*
w7xAx6
w7xAxA
w7xAxB
w7xAx<
w7xAxB
w7xAx?
w7xAxs
w7xAx"
w7xAx
w7xAx@
w7xAx8
w7xAx:
w7xAx5
w7xAx.
w7xAxE
w7xAx@
w7xAx#
w7xAx5
w7xAxJ
w7xAx
w7xAx#
w7xAx*
w7xAx6
w7xAxA
w7xAxB
w7xAx<
w7xAxB
w7xAx?
w7xAxc
w7xAxo
w7xAxn
w7xAxt
w7xAx@
w7xAx8
w7xAx:
w7xAx5
w7xAx.
w7xAxE
w7xAx@
w7xAx#
w7xAx5
w7xAxJ
w7xAx
w7xAx#
w7xAx*
w7xAx6
w7xAxA
w7xAxB
w7xAx<
w7xAxB
w7xAx?
w7xAxe
w7xAxn
w7xAxt
w7xAx@
w7xAx8
w7xAx:
w7xAx5
w7xAx.
w7xAxE
w7xAx@
w7xAx#
w7xAx5
w7xAxJ
w7xAx
w7xAx#
w7xAx*
w7xAx6
w7xAxA
w7xAxB
w7xAx<
w7xAxB
w7xAx?
w7xAx=
w7xAx"
w7xAx(
w7xAx[
w7xAx\
w7xAxw
w7xAx@
w7xAx8
w7xAx:
w7xAx5
w7xAx.
w7xAxE
w7xAx@
w7xAx#
w7xAx5
w7xAxJ
w7xAx
w7xAx#
w7xAx*
w7xAx6
w7xAxA
w7xAxB
w7xAx<
w7xAxB
w7xAx?
w7xAx\
w7xAxd
w7xAx
w7xAx@
w7xAx8
w7xAx:
w7xAx5
w7xAx.
w7xAxE
w7xAx@
w7xAx#
w7xAx5
w7xAxJ
w7xAx
w7xAx#
w7xAx*
w7xAx6
w7xAxA
w7xAxB
w7xAx<
w7xAxB
w7xAx?
w7xAx]
w7xAx*
w7xAx)
w7xAx"
w7xAx@
w7xAx8
w7xAx:
w7xAx5
w7xAx.
w7xAxE
w7xAx@
w7xAx#
w7xAx5
w7xAxJ
w7xAx
w7xAx#
w7xAx*
w7xAx6
w7xAxA
w7xAxB
w7xAx<
w7xAxB
w7xAx?
w7xAx>
w7xAx@
w7xAx8
w7xAx:
w7xAx5
w7xAx.
w7xAxE
w7xAx@
w7xAx#
w7xAx5
w7xAxJ
w7xAx
w7xAx#
w7xAx*
w7xAx6
w7xAxA
w7xAxB
w7xAx<
w7xAxB
w7xAx?
3System.Resources.Tools.StronglyTypedResourceBuilder
4.0.0.0
KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator
16.6.0.0
_CorExeMain
mscoree.dll
sOX4A__p
ttttG9
=HHE25Q+S
]}TEG==
&rrprrQ|
uSccktt[O{
8^_cjqv}
Vecb_^_hpv
Jo_I5fc-9Wjs{
vuL8'om!+>^cox
X}}D)TusL"0c^_mv\
|zusojc__kv
}wtqjf__m%v
zuqkf__&W
{vqjc^&%
{uqjc/
Jj[*$`\ddddl\rt}7
((((((
'*(%*2+
==<:741-
6>>=<84$
;>>><8!'
.>>>;6(
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>PAPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDING
QSgAXNBamt
[^\u0000-\u007F]+
HacivatNishane.Properties.Resources
VS_VERSION_INFO
StringFileInfo
040904e4
ProductName
Ad Muncher
FileDescription
Ad Muncher
CompanyName
Murray Hurps Software Pty Ltd
LegalCopyright
Copyright
Murray Hurps Software Pty Ltd
LegalTrademarks
136c9754 fe2f 43af 999c 00e5729f0d80
Comments
fed85209 4a0c 4876 816c 71d41a3db3da
5d8d6e50-4dd7-4152-83b9-7f48a5b98324
VarFileInfo
Translation
Antivirus Signature
Bkav Clean
Elastic malicious (high confidence)
MicroWorld-eScan Gen:Variant.Bulz.413783
FireEye Generic.mg.517ad3b7e85ad8c1
CAT-QuickHeal Clean
Qihoo-360 Clean
McAfee GenericRXOD-FX!517AD3B7E85A
Cylance Unsafe
VIPRE Clean
Sangfor Trojan.Win32.Save.a
K7AntiVirus Clean
BitDefender Gen:Variant.Bulz.413783
K7GW Clean
Cybereason malicious.f35c05
Baidu Clean
Cyren W32/MSIL_Kryptik.ECN.gen!Eldorado
Symantec Scr.Malcode!gdn34
ESET-NOD32 a variant of MSIL/TrojanDownloader.Agent.HQY
APEX Malicious
Paloalto Clean
ClamAV Clean
Kaspersky Clean
Alibaba Clean
NANO-Antivirus Clean
ViRobot Clean
Rising Downloader.Agent!8.B23 (CLOUD)
Ad-Aware Gen:Variant.Bulz.413783
Sophos Clean
Comodo Clean
F-Secure Clean
DrWeb Trojan.Siggen12.62184
Zillya Clean
TrendMicro Clean
McAfee-GW-Edition GenericRXOD-FX!517AD3B7E85A
CMC Clean
Emsisoft Gen:Variant.Bulz.413783 (B)
SentinelOne Static AI - Malicious PE
GData Gen:Variant.Bulz.413783
Jiangmin Trojan.PSW.MSIL.bkkt
Webroot Clean
Avira HEUR/AGEN.1124750
MAX malware (ai score=80)
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Clean
Arcabit Clean
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft Trojan:Win32/Wacatac.B!ml
Cynet Malicious (score: 100)
AhnLab-V3 Trojan/Win.Generic.R417060
Acronis Clean
BitDefenderTheta Gen:NN.ZemsilF.34688.em0@aus3Hsgi
ALYac Gen:Variant.Bulz.413783
TACHYON Clean
VBA32 Clean
Malwarebytes Trojan.Downloader.MSIL
Panda Clean
Zoner Clean
TrendMicro-HouseCall Clean
Tencent Clean
Yandex Clean
Ikarus Trojan-Downloader.MSIL.Agent
eGambit Unsafe.AI_Score_99%
Fortinet MSIL/Agent.DRH!tr.dldr
AVG Win32:PWSX-gen [Trj]
Avast Win32:PWSX-gen [Trj]
CrowdStrike win/malicious_confidence_80% (D)
MaxSecure Clean
No IRMA results available.