popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2103-10-04 05:12:43

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x00003f74 0x00004000 5.59012310594
.rsrc 0x00006000 0x000005e8 0x00000600 4.46643722912
.reloc 0x00008000 0x0000000c 0x00000200 0.0815394123432

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x000060a0 0x0000035c LANG_ENGLISH SUBLANG_ENGLISH_US data
RT_MANIFEST 0x000063fc 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
v4.0.30319
#Strings
0aa93f0Za8p42893960
ThreadLocal`1
List`1
5fTcba8TQE07c9c0zOla4Faend0RKo6QfyOd1
B13Pa8Lba46db8afeBf9eclG65laat28fbr49aJ9c396e1
ToInt32
AcaHBen66e895ecdaf673u8fiA8f0362
03f8213aw8vr6cnh662e2Tclf8b56B4SO2
F0fKc6f8EebezV65164Zb9cgBc48K5hf3wQ2
IDictionary`2
4bH964vda76Ech7TwJQ4dM68p7f216g2
7k90rCf2caGn4cq4be4q4
Qo76acq3f6A0b9dfc4jrE2F09640o6Bc27bf502e5085
A1541epH505W6Zla6Q2cyA5
7bfbHxN9c5
get_N41ace8f383Q82493C5aigcJt0657bcc56
set_N41ace8f383Q82493C5aigcJt0657bcc56
IK9b6a9rfnacCe108EmIf17a88yZeBJTYcINb2C1ea6
Bbb5b1faU48v1fbS5Z8cdbCQ6Kn50c8882e7NRQc1f8fk27
Ci1pefPf68
3Jrs3679Y8V8
1Y0nq7epf8
A9mu736GQvSzGejfc42P54698469
4HtYc025bnzM0bv1Qb0b9
505eTS9aBfc0bg58Pc9
F6cUb9qbE9bOcl11eB
8aS6xaw5bfae4E
0a10BX5AVF
get_6erad2fUajyd718cdrLwe8Af1y78H
set_6erad2fUajyd718cdrLwe8Af1y78H
945f9hY2a8x06c0kpK230iTK
9y1b4g8d0bAHf2b90fdb8ffYz0L
A6943ZbbeUP7H1ab4524X9CaYfeM85Ae86002eq9bjDVM
System.IO
B060004Yj611N9648X58i4a4CfdMX5207vda0843158035fV
B74693evcahba4l8b8FC3ac5Kf1287zeDaT7qj24e08W
OKdpczf6vN10kd3d491xJb5AGaaJdpw208Cj65X
S10HBe19365aF5f5XRrPkNae8S37b9Ot7Y
Aua52b888fT785U25Wa5dc91SG7DXP7a
SMnjf084KcajScz4fdUa
M98cHf3ftB7689U35c87585q7lcc6CQ8eSde42BidT4fan3Ab
mscorlib
get_F0fDpd86m0UibJ6482k5865ITV66P56k0xb
9aaba8c
System.Collections.Generic
Microsoft.VisualBasic
8t2D0556Aa82Ve40fhY421d
6Qfbv3d
Versioned
Synchronized
Append
FBfa8e280aK6IW778190v58aY6f6P5e0e47e
52zg95w0b9Qd3858N8J4e4q6Efgie6fHCfJdapW190Ce
Replace
get_920yBe7mfLbJptaa6fcce
Tcf4dH1b5IK9Tld9A40ckfeccxS8cdce
set_AutoScaleMode
5f99nWbaI2W0v2K5d72cwa22ff7153097ad38nfe
IDisposable
RuntimeTypeHandle
GetTypeFromHandle
CallByName
CallType
Capture
ApplicationSettingsBase
Dispose
EditorBrowsableState
CompilerGeneratedAttribute
GeneratedCodeAttribute
DebuggerNonUserCodeAttribute
EditorBrowsableAttribute
DefaultSettingValueAttribute
UserScopedSettingAttribute
ParamArrayAttribute
get_Value
S10HBe19365aF5f5XRrPkNae8S37b9Ot7Y.exe
set_ClientSize
1Vaedf56La18d4C1qe1f
96EDb7781vea9b4yaMsfu4rdbefo40cuo2f
5a844cfTldsa5f
809Sb5av6Tnf
3EFHfzeNOtf8b63b3Hecg
System.Threading
DownloadString
ToString
disposing
System.Drawing
BH3fcS85v2sqZ501i3dd9fa09gM3077Hh
GetFolderPath
get_Length
System.Security.Principal
System.ComponentModel
ContainerControl
get_Item
System
Boolean
System.Configuration
System.Globalization
System.Reflection
MatchCollection
GroupCollection
WebHeaderCollection
IndexOutOfRangeException
CultureInfo
5dc49p9b4Nf0d1eubbc521frid66Kfp
ToChar
StringBuilder
SpecialFolder
SafeBuffer
ResourceManager
System.CodeDom.Compiler
IContainer
IEnumerator
GetEnumerator
.cctor
Kacab51adaeaRl881S2H1aRXqW70cxMs
System.Diagnostics
System.Runtime.InteropServices
Microsoft.VisualBasic.CompilerServices
System.Runtime.CompilerServices
System.Resources
Bbb5b1faU48v1fbS5Z8cdbCQ6Kn50c8882e7NRQc1f8fk27.Properties.Resources.resources
Matches
Equals
System.Windows.Forms
System.Text.RegularExpressions
System.Collections
StringSplitOptions
get_Groups
get_Chars
get_Headers
TokenInformationClass
Exists
Concat
Format
Object
System.Net
WebClient
Environment
get_Current
Convert
MoveNext
System.Text
set_Text
ReadAllText
WriteAllText
8XRwVeNFav62bvmE87a26ef0kce6M6362Q2b87du
2sewhvb5VACeZ38jb4R5S35y5f0s80a0bJf8i82a68w
Da7P8btD9mheJngSe5026qL9ea7QBb0d071Gkrw
Ce0p8Qja542926Vf1678zmLf5a80hx
A38c16y
get_Assembly
A83402bafv2f75dacf8Cbb5rc58Xf88e8fw64z
3System.Resources.Tools.StronglyTypedResourceBuilder
4.0.0.0
KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator
16.6.0.0
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>PAPADDINGXXPADDINGPADDINGX
{0}{1}{2}{3}{4}{5}{6}{7}{8}{9}{10}{11}{12}{13}{14}{15}{16}{17}{18}{19}{20}{21}{22}{23}{24}{25}{26}{27}{28}{29}{30}{31}{32}{33}{34}{35}{36}{37}{38}{39}{40}{41}{42}{43}{44}{45}{46}{47}{48}{49}{50}{51}{52}{53}{54}{55}{56}{57}{58}{59}{60}{61}{62}{63}{64}{65}{66}{67}{68}{69}{70}{71}{72}{73}{74}{75}{76}{77}{78}{79}{80}{81}{82}{83}{84}{85}{86}{87}{88}{89}{90}{91}{92}{93}{94}{95}{96}{97}{98}{99}{100}{101}{102}{103}{104}{105}{106}{107}{108}{109}{110}{111}{112}{113}{114}{115}{116}{117}{118}{119}{120}{121}{122}{123}{124}{125}{126}{127}{128}{129}{130}{131}{132}{133}{134}{135}{136}{137}{138}
{0}{1}{2}{3}{4}{5}{6}{7}{8}{9}
{0}{1}{2}{3}{4}{5}{6}{7}{8}{9}{10}{11}{12}{13}{14}{15}{16}{17}{18}{19}{20}{21}{22}{23}{24}{25}{26}{27}{28}{29}{30}{31}{32}{33}{34}{35}{36}{37}{38}{39}{40}{41}{42}
{0}{1}{2}{3}{4}{5}{6}{7}{8}{9}{10}{11}{12}{13}{14}{15}{16}{17}{18}{19}{20}{21}{22}{23}{24}{25}{26}{27}{28}{29}{30}{31}{32}{33}{34}{35}{36}{37}{38}{39}{40}{41}{42}{43}{44}{45}{46}{47}{48}{49}{50}{51}{52}{53}{54}{55}{56}{57}{58}{59}{60}{61}{62}{63}{64}{65}{66}{67}{68}{69}{70}{71}{72}{73}{74}{75}{76}{77}{78}{79}{80}{81}{82}{83}{84}{85}{86}{87}{88}{89}{90}{91}{92}{93}{94}{95}{96}{97}{98}{99}{100}{101}{102}{103}{104}{105}{106}{107}{108}{109}{110}{111}{112}{113}{114}{115}{116}{117}{118}{119}{120}{121}{122}{123}{124}{125}{126}{127}{128}{129}{130}{131}{132}
{0}{1}{2}
{0}{1}{2}{3}{4}{5}{6}{7}{8}{9}{10}
{0}{1}{2}{3}{4}{5}{6}
{0}{1}{2}{3}{4}{5}{6}{7}{8}{9}{10}{11}{12}
{0}{1}{2}{3}{4}{5}{6}{7}{8}
{0}{1}{2}{3}{4}
second.Properties.Resources
6erad2fUajyd718cdrLwe8Af1y78H
VS_VERSION_INFO
StringFileInfo
040904e4
ProductName
Ad Muncher
FileDescription
Ad Muncher
CompanyName
Murray Hurps Software Pty Ltd
LegalCopyright
Copyright
Murray Hurps Software Pty Ltd
LegalTrademarks
b12f97bd d372 4272 bf71 541152a12d34
Comments
226f3154 8526 42e5 b20d 3fce68e83444
b49f9751-8d50-4572-b446-666705923c14
VarFileInfo
Translation
Antivirus Signature
Bkav Clean
Elastic malicious (high confidence)
MicroWorld-eScan Trojan.GenericKD.46178240
FireEye Generic.mg.86ab74265ed0cac9
CAT-QuickHeal Clean
Qihoo-360 Clean
McAfee GenericRXOI-EG!86AB74265ED0
Cylance Unsafe
VIPRE Trojan.Win32.Generic!BT
AegisLab Trojan.Win32.Generic.4!c
Sangfor Trojan.Win32.Save.a
K7AntiVirus Trojan-Downloader ( 0057b5a11 )
BitDefender Trojan.GenericKD.46178240
K7GW Trojan-Downloader ( 0057b5a11 )
Cybereason Clean
Baidu Clean
Cyren W32/MSIL_Kryptik.CXK.gen!Eldorado
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of MSIL/TrojanDownloader.Agent.HUS
APEX Malicious
Avast Win32:RATX-gen [Trj]
ClamAV Clean
Kaspersky HEUR:Trojan.MSIL.PowerShell.gen
Alibaba Trojan:MSIL/Generic.782bb935
NANO-Antivirus Clean
ViRobot Clean
Tencent Clean
Ad-Aware Trojan.GenericKD.46178240
Emsisoft Trojan.GenericKD.46178240 (B)
Comodo Clean
F-Secure Clean
DrWeb Clean
Zillya Clean
TrendMicro Clean
McAfee-GW-Edition Artemis!Trojan
CMC Clean
Sophos ML/PE-A
Ikarus Trojan-Downloader.MSIL.Agent
GData Trojan.GenericKD.46178240
Jiangmin Clean
Webroot W32.Trojan.Gen
Avira TR/Dldr.Agent.jfurf
MAX malware (ai score=80)
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Trojan.Win32.Downloader.sa
Arcabit Trojan.Generic.D2C09FC0
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft Trojan:Win32/Wacatac.B!ml
Cynet Malicious (score: 99)
AhnLab-V3 Clean
Acronis Clean
BitDefenderTheta Gen:NN.ZemsilF.34684.bm0@aKnro0li
ALYac Trojan.GenericKD.46178240
TACHYON Clean
VBA32 Clean
Malwarebytes Trojan.PCrypt.MSIL.Generic
Panda Trj/GdSda.A
Zoner Clean
TrendMicro-HouseCall Clean
Rising Downloader.Agent!8.B23 (CLOUD)
Yandex Clean
SentinelOne Static AI - Malicious PE
eGambit Unsafe.AI_Score_99%
Fortinet MSIL/Agent.HUS!tr.dldr
AVG Win32:RATX-gen [Trj]
Paloalto Clean
CrowdStrike win/malicious_confidence_90% (W)
MaxSecure Clean
No IRMA results available.