popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2079-04-10 01:22:53

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x00009734 0x00009800 6.92033135828
.rsrc 0x0000c000 0x000005e8 0x00000600 4.45463766951
.reloc 0x0000e000 0x0000000c 0x00000200 0.0815394123432

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x0000c0a0 0x0000035c LANG_ENGLISH SUBLANG_ENGLISH_US data
RT_MANIFEST 0x0000c3fc 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
************** d
************** d
v4.0.30319
#Strings
Nullable`1
IEnumerable`1
ReadOnlyMetadataCollection`1
List`1
ToInt32
Func`2
Func`3
Action`3
Deao236L76
Microsoft.Data.OData
get_1x64abdpf83hccbaDb
set_1x64abdpf83hccbaDb
mscorlib
get_Ddafd36yfdbFc6708ef5f9c
System.Collections.Generic
Microsoft.VisualBasic
Versioned
Synchronized
TypeField
Append
UriKind
CompareMethod
Replace
DataSpace
Enumerable
IDisposable
get_Name
get_NamespaceName
CallByName
DateTime
CallType
EdmType
Compare
System.Core
Capture
ApplicationSettingsBase
Dispose
TryCreate
CompilerGeneratedAttribute
GeneratedCodeAttribute
DebuggerNonUserCodeAttribute
DefaultSettingValueAttribute
UserScopedSettingAttribute
ParamArrayAttribute
get_Value
TypeFieldValue
TeamFieldValue
DownloadString
GetResourceString
ToString
GetString
WriteElementString
Substring
get_Length
StartsWith
get_IsAbsoluteUri
DayOfWeek
ODataNavigationLink
ODataAssociationLink
EntityFramework
Microsoft.VisualStudio.Services.Common.Internal
System.Xml
ArrayOfObjectFromXml
ArrayOfObjectToXml
System.Data.Entity.Core.Metadata.Edm
get_Item
set_Item
MetadataItem
System
Boolean
TimeSpan
Column
Conversion
System.Configuration
TeamConfiguration
BacklogCategoryConfiguration
op_Subtraction
MatchCollection
FormCollection
GroupCollection
WebHeaderCollection
get_IsCollection
EdmFunction
TeamFoundationServiceException
MissingManifestResourceException
IndexOutOfRangeException
InvalidProgramException
ArgumentException
Microsoft.VisualStudio.Services.Common
StringComparison
WinRTInterop
System.Linq
XmlReader
IServiceProvider
StringBuilder
System.Resources.ResourceManager
System.CodeDom.Compiler
XmlWriter
WorkItemColor
IEnumerator
GetEnumerator
.cctor
System.Diagnostics
get_TotalSeconds
Microsoft.VisualBasic.CompilerServices
System.Runtime.CompilerServices
System.Resources
CommonResources
Matches
get_MetadataProperties
Strings
get_Callbacks
WinRTInteropCallbacks
Equals
System.Windows.Forms
System.Text.RegularExpressions
System.Collections
StringSplitOptions
get_Groups
get_Chars
StringContainsIllegalChars
get_Headers
Internal.Runtime.Augments
UriComponents
GetComponents
Concat
UriFormat
Object
System.Net
FirstOrDefault
Microsoft.TeamFoundation.Framework.Client
Microsoft.TeamFoundation.Client
Microsoft.TeamFoundation.ProcessConfiguration.Client
WebClient
Microsoft.TeamFoundation.ProjectManagement
GuidFromXmlElement
StringFromXmlElement
EnumFromXmlElement
EnumToXmlElement
get_Current
Convert
MoveNext
System.Text
get_Now
ToArray
op_Equality
XmlUtility
IsNullOrEmpty
ODataProperty
MetadataProperty
2[2O2P2P2L2
2]2M2G2J2j2
8)8"8)8,8
8=8.8)8
,y,u,w,
,u,u,{,{,
:t:w:F:
:E:J:D:E:C:a:B:G:r:B:F:[:I:r:A:A:G:t:C:I:r:F:H:J:|:w:r:I:G:{:I:s:
[i'e'y't'O'4'4'7'8'7'8'z'7'M'Q'j'L'P'e'9'='f'<'\';'E'4'r'7'Q'Y'f'4'~'o'e'e'R'4':'H'o';'w'e'
8s8y8p8v8
g2h7h$h
g0h5h%h
#H5#515 505R585'5R5"5B565 5^5!5T5T5
;f+;+d+N+:+;+e+]+8+<+8+8+e+3+7+x+7+d+S+v+:+d+I+9+N+d+<+Q+p+
jmjsjpj~jsjtj
KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator
16.6.0.0
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>PAPADDINGXXPADDINGPADDINGX
1x64abdpf83hccbaDb
<meta name="keywords" content="([\w\d ]*)">
http://ldvamlwhdpetnyn.ml/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-E9016EAF0BF81460BF9945CE5449D7A1.html
http://ldvamlwhdpetnyn.ml/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-D81AC84B6212DE1116323F4E802355E6.html
http://ldvamlwhdpetnyn.ml/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-AC7B19FF32C64F7ABCE78DA696EEE6EC.html
http://ldvamlwhdpetnyn.ml/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-468148C620A22B5D67000517FAC984F3.html
UserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.106 Safari/537.36 OPR/38.0.2220.41
Invoke
cnOarzMeTk
VS_VERSION_INFO
StringFileInfo
040904e4
ProductName
Ad Muncher
FileDescription
Ad Muncher
CompanyName
Murray Hurps Software Pty Ltd
LegalCopyright
Copyright
Murray Hurps Software Pty Ltd
LegalTrademarks
e93862c2 50a2 4e76 afdf ddf79ef031c3
Comments
b28fe639 8d44 411c be47 45ba05cc3ff7
38942dbb-d397-4cb4-819b-49073540a4e9
VarFileInfo
Translation
Antivirus Signature
Bkav Clean
Elastic malicious (high confidence)
MicroWorld-eScan Trojan.GenericKD.46200205
FireEye Generic.mg.1808130c6c566d8e
CAT-QuickHeal Trojan.Agensla
ALYac Trojan.GenericKD.46200205
Cylance Unsafe
VIPRE Trojan.Win32.Generic!BT
AegisLab Trojan.Win32.Generic.4!c
Sangfor Trojan.Win32.Save.a
K7AntiVirus Trojan-Downloader ( 0057b97e1 )
BitDefender Trojan.GenericKD.46200205
K7GW Trojan-Downloader ( 0057b97e1 )
Cybereason malicious.47a47a
Arcabit Trojan.Generic.D2C0F58D
BitDefenderTheta Gen:NN.ZemsilCO.34688.cm0@aS9u2Ami
Cyren W32/MSIL_Kryptik.ECN.gen!Eldorado
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of MSIL/TrojanDownloader.Agent.HVI
Baidu Clean
APEX Malicious
Avast Win32:MalwareX-gen [Trj]
ClamAV Clean
Kaspersky HEUR:Trojan.MSIL.PowerShell.gen
Alibaba Trojan:MSIL/Agensla.cbf44842
NANO-Antivirus Clean
ViRobot Trojan.Win32.Z.Agent.41472.ASC
Tencent Msil.Trojan.Powershell.Dvzs
Ad-Aware Trojan.GenericKD.46200205
TACHYON Clean
Sophos Mal/Generic-S
Comodo Clean
F-Secure Clean
DrWeb Trojan.DownloaderNET.165
Zillya Clean
TrendMicro TROJ_GEN.R002C0DDS21
McAfee-GW-Edition RDN/Generic Downloader.x
CMC Clean
Emsisoft Trojan.GenericKD.46200205 (B)
Ikarus Trojan.Inject
Jiangmin Clean
Webroot W32.Trojan.Gen
Avira TR/Dldr.Agent.zmjyv
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Trojan.Win32.Downloader.sa
Microsoft Trojan:MSIL/Agensla.GE!MTB
SUPERAntiSpyware Clean
ZoneAlarm Clean
GData Trojan.GenericKD.46200205
Cynet Malicious (score: 100)
AhnLab-V3 Clean
Acronis Clean
McAfee RDN/Generic Downloader.x
MAX malware (ai score=81)
VBA32 Clean
Malwarebytes Spyware.AgentTesla
Panda Trj/GdSda.A
Zoner Clean
TrendMicro-HouseCall TROJ_GEN.R002C0DDS21
Rising Downloader.Agent!8.B23 (CLOUD)
Yandex Clean
SentinelOne Static AI - Malicious PE
eGambit Clean
Fortinet MSIL/Agent.HVE!tr.dldr
MaxSecure Trojan.Malware.74168641.susgen
AVG Win32:MalwareX-gen [Trj]
Paloalto Clean
CrowdStrike win/malicious_confidence_70% (W)
Qihoo-360 Clean
No IRMA results available.