popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2065-11-14 03:19:00

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x00004e84 0x00005000 6.16601428796
.rsrc 0x00008000 0x000005e8 0x00000600 4.45421248095
.reloc 0x0000a000 0x0000000c 0x00000200 0.0815394123432

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x000080a0 0x0000035c LANG_ENGLISH SUBLANG_ENGLISH_US data
RT_MANIFEST 0x000083fc 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
v4.0.30319
#Strings
List`1
Microsoft.Win32
UInt32
ToInt32
get_MpVIvMHsjnJlbnVthXoZjH
System.IO
get_GSYJaOPrvrqWgXdRyzZ
set_GSYJaOPrvrqWgXdRyzZ
mscorlib
get_BATleRFuMAEHnLjUrZjzjfBVOVyHrVbfHYFwxpzlArHkIc
set_BATleRFuMAEHnLjUrZjzjfBVOVyHrVbfHYFwxpzlArHkIc
System.Collections.Generic
Microsoft.VisualBasic
ApplicationId
Versioned
Synchronized
Append
Replace
IDisposable
CallByName
CallType
Capture
ApplicationSettingsBase
Dispose
TimeSpanParse
CompilerGeneratedAttribute
GeneratedCodeAttribute
DebuggerNonUserCodeAttribute
DefaultSettingValueAttribute
UserScopedSettingAttribute
ParamArrayAttribute
get_Value
DownloadString
ToString
GetFolderPath
get_Length
Decimal
get_Item
set_Item
System
Boolean
TimeSpanToken
System.Configuration
System.Globalization
System.Reflection
MatchCollection
GroupCollection
WebHeaderCollection
IndexOutOfRangeException
TypeInitializationException
get_DKqZGWjJKekQJkVcdWAgqJtqQgMdhPprbTaYp
set_DKqZGWjJKekQJkVcdWAgqJtqQgMdhPprbTaYp
StringBuilder
SpecialFolder
MngdNativeArrayMarshaler
AsAnyMarshaler
System.CodeDom.Compiler
TypeFilter
IEnumerator
GetEnumerator
.cctor
UIntPtr
System.Diagnostics
Microsoft.VisualBasic.CompilerServices
System.Runtime.CompilerServices
Matches
Equals
System.Text.RegularExpressions
System.Collections
StringSplitOptions
RegistryOptions
get_Groups
get_Chars
get_Headers
System.StubHelpers
Exists
Concat
Object
System.Net
WebClient
Environment
get_Current
Convert
MoveNext
System.Text
ReadAllText
WriteAllText
get_TaRYQTFCsmvrLJxTdjAwLrXVyKCWicvoFICHDNRz
set_TaRYQTFCsmvrLJxTdjAwLrXVyKCWicvoFICHDNRz
KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator
16.6.0.0
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>PAPADDINGXXPADDINGPADDINGX
]I#]I+
]i#]i+
TaRYQTFCsmvrLJxTdjAwLrXVyKCWicvoFICHDNRz
DKqZGWjJKekQJkVcdWAgqJtqQgMdhPprbTaYp
BATleRFuMAEHnLjUrZjzjfBVOVyHrVbfHYFwxpzlArHkIc
GSYJaOPrvrqWgXdRyzZ
http://mmwrlridbhmibnr.ml/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-19EE49C5700776B030152E36ED2C554F.html
http://mmwrlridbhmibnr.ml/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-F34AF28C457A648BA08C35D75F937D24.html
http://mmwrlridbhmibnr.ml/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-DBB9E7EDB1F5656DB92126D1F9358FF0.html
http://mmwrlridbhmibnr.ml/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-ED10632119D2C4CCA8BA266E6E6194BA.html
http://mmwrlridbhmibnr.ml/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-395A3958360174CD4AE44316D1DB9F33.html
http://mmwrlridbhmibnr.ml/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-71A78D1828A61D2BBE14FE1131B790FB.html
http://mmwrlridbhmibnr.ml/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-F3970CF295DED69B24198BD4BCFFDDAB.html
VS_VERSION_INFO
StringFileInfo
040904e4
ProductName
Ad Muncher
FileDescription
Ad Muncher
CompanyName
Murray Hurps Software Pty Ltd
LegalCopyright
Copyright
Murray Hurps Software Pty Ltd
LegalTrademarks
0ec75b48 4e7f 41c1 a7a9 b9057ea7e667
Comments
dd979c69 67f8 455c 9514 f2bb3ea391b3
051e5d1a-6c60-4798-816d-572d31abc8e2
VarFileInfo
Translation
Antivirus Signature
Bkav Clean
Elastic malicious (high confidence)
DrWeb Clean
MicroWorld-eScan Gen:Variant.MSILHeracles.14956
FireEye Generic.mg.20faf56c053933d4
CAT-QuickHeal Clean
Qihoo-360 Clean
McAfee Clean
Cylance Unsafe
VIPRE Clean
AegisLab Clean
Sangfor Trojan.Win32.Save.a
K7AntiVirus Clean
BitDefender Gen:Variant.MSILHeracles.14956
K7GW Clean
Cybereason Clean
Arcabit Trojan.MSILHeracles.D3A6C
BitDefenderTheta Gen:NN.ZemsilCO.34688.bm0@auJAJ7ji
Cyren W32/MSIL_Kryptik.ECN.gen!Eldorado
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of MSIL/TrojanDownloader.Agent.HUI
Zoner Clean
TrendMicro-HouseCall Clean
Avast Win32:RATX-gen [Trj]
ClamAV Clean
Kaspersky Clean
Alibaba Clean
NANO-Antivirus Clean
ViRobot Clean
Tencent Clean
Ad-Aware Gen:Variant.MSILHeracles.14956
Sophos Clean
Comodo Clean
F-Secure Clean
Baidu Clean
Zillya Clean
TrendMicro Clean
McAfee-GW-Edition Clean
SentinelOne Static AI - Malicious PE
CMC Clean
Emsisoft Gen:Variant.MSILHeracles.14956 (B)
Ikarus Trojan.Inject
Jiangmin Trojan.PSW.MSIL.bmrj
Webroot Clean
Avira HEUR/AGEN.1142949
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Clean
Microsoft Trojan:Win32/Wacatac.B!ml
SUPERAntiSpyware Clean
ZoneAlarm Clean
GData Gen:Variant.MSILHeracles.14956
Cynet Malicious (score: 99)
AhnLab-V3 Clean
Acronis Clean
ALYac Gen:Variant.MSILHeracles.14956
MAX malware (ai score=89)
VBA32 Clean
Malwarebytes Trojan.MalPack.MSIL
Panda Clean
APEX Malicious
Rising Downloader.Agent!8.B23 (CLOUD)
Yandex Clean
TACHYON Clean
eGambit Unsafe.AI_Score_99%
Fortinet MSIL/Agent.HUE!tr.dldr
AVG Win32:RATX-gen [Trj]
Paloalto Clean
CrowdStrike win/malicious_confidence_60% (D)
MaxSecure Clean
No IRMA results available.