popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2074-12-14 22:49:02

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x00005994 0x00005a00 6.1615914271
.rsrc 0x00008000 0x000005e8 0x00000600 4.45050778865
.reloc 0x0000a000 0x0000000c 0x00000200 0.0815394123432

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x000080a0 0x0000035c LANG_ENGLISH SUBLANG_ENGLISH_US data
RT_MANIFEST 0x000083fc 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
v4.0.30319
#Strings
<get_UserClaims>d__11
DynamicPartitionerForIEnumerable`1
List`1
Microsoft.Win32
UInt32
ToInt32
get_JdaPmOijQqOzxfgTgqhjiZwFcAEmWjPWB
get_AdDkoDWUhZD
set_AdDkoDWUhZD
System.IO
TOKEN_STATISTICS
get_MZpzPzrqeWAFuOHaITwEb
set_MZpzPzrqeWAFuOHaITwEb
mscorlib
get_BIlCGKGRGlvzkgeLFbyUnuWjivdZOMCrqUdcJhJDYURderb
set_BIlCGKGRGlvzkgeLFbyUnuWjivdZOMCrqUdcJhJDYURderb
System.Collections.Generic
Microsoft.VisualBasic
Versioned
Synchronized
Append
Replace
OpCode
IDisposable
CallByName
System.Runtime.InteropServices.WindowsRuntime
CallType
Capture
ApplicationSettingsBase
Dispose
CompilerGeneratedAttribute
GeneratedCodeAttribute
DebuggerNonUserCodeAttribute
DefaultSettingValueAttribute
UserScopedSettingAttribute
ParamArrayAttribute
get_Value
Win32Native
DownloadString
ToString
GetFolderPath
get_Length
Decimal
System.Security.Principal
WindowsPrincipal
Parallel
get_Item
set_Item
System
Boolean
System.Configuration
MatchCollection
GroupCollection
WebHeaderCollection
IndexOutOfRangeException
EncodingInfo
StringBuilder
SpecialFolder
System.CodeDom.Compiler
Partitioner
IEnumerator
InternalPartitionEnumerator
GetEnumerator
.cctor
UIntPtr
System.Diagnostics
Microsoft.VisualBasic.CompilerServices
System.Runtime.CompilerServices
Matches
System.Threading.Tasks
Equals
System.Text.RegularExpressions
System.Collections
StringSplitOptions
get_Groups
get_Chars
get_Headers
Exists
Concat
Object
System.Net
System.Reflection.Emit
WebClient
Environment
get_Current
System.Collections.Concurrent
Convert
MoveNext
System.Text
ReadAllText
WriteAllText
get_VlgRurQPSecVZHLXmnqsrALVLpFlOujPBcyDBioBGPiv
set_VlgRurQPSecVZHLXmnqsrALVLpFlOujPBcyDBioBGPiv
KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator
16.6.0.0
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>PAPADDINGXXPADDINGPADDINGX
]I#]I+
]i#]i+
MZpzPzrqeWAFuOHaITwEb
AdDkoDWUhZD
VlgRurQPSecVZHLXmnqsrALVLpFlOujPBcyDBioBGPiv
BIlCGKGRGlvzkgeLFbyUnuWjivdZOMCrqUdcJhJDYURderb
http://mmwrlridbhmibnr.ml/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-4165CC5DE259A94108011D4CFA1C1F5C.html
http://mmwrlridbhmibnr.ml/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-F0D9EBA0ECA23E820CF25A18371FCD73.html
http://mmwrlridbhmibnr.ml/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-099AD35DEC3549DB214997067EDC0EA6.html
VS_VERSION_INFO
StringFileInfo
040904e4
ProductName
Ad Muncher
FileDescription
Ad Muncher
CompanyName
Murray Hurps Software Pty Ltd
LegalCopyright
Copyright
Murray Hurps Software Pty Ltd
LegalTrademarks
0ec75b48 4e7f 41c1 a7a9 b9057ea7e667
Comments
dd979c69 67f8 455c 9514 f2bb3ea391b3
462b205c-154c-4250-9aaa-feae0c222062
VarFileInfo
Translation
Antivirus Signature
Bkav Clean
Elastic malicious (high confidence)
MicroWorld-eScan Trojan.GenericKD.46155078
FireEye Generic.mg.3797a11eaffd59ce
CAT-QuickHeal Clean
McAfee RDN/Generic Downloader.x
Cylance Clean
VIPRE Trojan.Win32.Generic!BT
AegisLab Clean
Sangfor Trojan.Win32.Save.a
K7AntiVirus Trojan-Downloader ( 0057b4631 )
BitDefender Trojan.GenericKD.46155078
K7GW Trojan-Downloader ( 0057b4631 )
Cybereason malicious.38774f
Baidu Clean
Cyren Clean
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of MSIL/TrojanDownloader.Agent.HUI
APEX Malicious
Avast Win32:RATX-gen [Trj]
ClamAV Clean
Kaspersky HEUR:Trojan-Spy.MSIL.Stealer.gen
Alibaba TrojanSpy:MSIL/Stealer.650a932c
NANO-Antivirus Clean
ViRobot Clean
Rising Downloader.Agent!8.B23 (CLOUD)
Ad-Aware Trojan.GenericKD.46155078
Sophos Mal/Generic-S
Comodo Clean
F-Secure Clean
DrWeb Clean
Zillya Clean
TrendMicro Clean
McAfee-GW-Edition RDN/Generic Downloader.x
CMC Clean
Emsisoft Trojan.GenericKD.46155078 (B)
SentinelOne Static AI - Malicious PE
GData Trojan.GenericKD.46155078
Jiangmin Clean
Webroot W32.Trojan.Gen
Avira TR/Dldr.Agent.wqtpu
MAX malware (ai score=81)
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Clean
Arcabit Clean
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft Trojan:Win32/AgentTesla!ml
Cynet Malicious (score: 100)
AhnLab-V3 Clean
Acronis Clean
BitDefenderTheta Gen:NN.ZemsilCO.34684.bm0@aSai2ddi
ALYac Trojan.GenericKD.46155078
TACHYON Clean
VBA32 Clean
Malwarebytes Trojan.Downloader
Panda Trj/GdSda.A
Zoner Clean
TrendMicro-HouseCall TROJ_GEN.R06CC0PDQ21
Tencent Clean
Yandex Trojan.DL.Agent!DH+Tg4qTRVA
Ikarus Trojan.Inject
MaxSecure Clean
Fortinet MSIL/Agent.HUE!tr.dldr
AVG Win32:RATX-gen [Trj]
Paloalto Clean
CrowdStrike win/malicious_confidence_90% (W)
Qihoo-360 Clean
No IRMA results available.