popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2065-11-14 03:19:00

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x00004b64 0x00004c00 6.00150689534
.rsrc 0x00008000 0x000005e8 0x00000600 4.4491422283
.reloc 0x0000a000 0x0000000c 0x00000200 0.0776331623432

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x000080a0 0x0000035c LANG_ENGLISH SUBLANG_ENGLISH_US data
RT_MANIFEST 0x000083fc 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
v4.0.30319
#Strings
List`1
ToInt32
get_HnfswZC
set_HnfswZC
get_GCAmhilBabrZBSyqAmkJmdpToZmkpfrKTAkyUnWrmYDHG
set_GCAmhilBabrZBSyqAmkJmdpToZmkpfrKTAkyUnWrmYDHG
get_JhMHYRbTXSDlJgScrauAdzxzEJXNUK
set_JhMHYRbTXSDlJgScrauAdzxzEJXNUK
System.IO
mscorlib
System.Collections.Generic
Microsoft.VisualBasic
Versioned
Synchronized
Append
TypeKind
ParseFailureKind
Replace
WellKnownObjectMode
IDisposable
CallByName
CallType
ChannelDataStore
Capture
ApplicationSettingsBase
Dispose
TimeSpanParse
CompilerGeneratedAttribute
GeneratedCodeAttribute
DebuggerNonUserCodeAttribute
DefaultSettingValueAttribute
UserScopedSettingAttribute
ParamArrayAttribute
get_Value
DownloadString
ToString
System.Runtime.Remoting
GetFolderPath
get_Length
Decimal
get_Item
set_Item
System
get_OsRjWFfmpdmGYhValUKHgaIZvmqSxozInAHubtzlxDlhm
set_OsRjWFfmpdmGYhValUKHgaIZvmqSxozInAHubtzlxDlhm
Boolean
System.Configuration
System.Globalization
MatchCollection
GroupCollection
WebHeaderCollection
IndexOutOfRangeException
XmlSyntaxException
AppDomainSetup
get_LLxREkzLaq
StringBuilder
SpecialFolder
System.CodeDom.Compiler
IEnumerator
GetEnumerator
.cctor
UIntPtr
System.Diagnostics
Microsoft.VisualBasic.CompilerServices
System.Runtime.CompilerServices
Matches
Equals
System.Runtime.Remoting.Channels
System.Text.RegularExpressions
System.Collections
StringSplitOptions
get_Groups
get_Chars
get_Headers
System.StubHelpers
Exists
Concat
Object
System.Net
WebClient
Environment
get_Current
Convert
MoveNext
System.Text
ReadAllText
WriteAllText
System.Security
KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator
16.6.0.0
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>PAPADDINGXXPADDINGPADDINGX
]I#]I+
]i#]i+
JhMHYRbTXSDlJgScrauAdzxzEJXNUK
HnfswZC
GCAmhilBabrZBSyqAmkJmdpToZmkpfrKTAkyUnWrmYDHG
OsRjWFfmpdmGYhValUKHgaIZvmqSxozInAHubtzlxDlhm
http://mmwrlridbhmibnr.ml/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-07ECAFF71F1BA5DD99BA2A8FC48898B0.html
http://mmwrlridbhmibnr.ml/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-BA87016709B91B7BDC2C25FC6C9F0644.html
VS_VERSION_INFO
StringFileInfo
040904e4
ProductName
Ad Muncher
FileDescription
Ad Muncher
CompanyName
Murray Hurps Software Pty Ltd
LegalCopyright
Copyright
Murray Hurps Software Pty Ltd
LegalTrademarks
0ec75b48 4e7f 41c1 a7a9 b9057ea7e667
Comments
dd979c69 67f8 455c 9514 f2bb3ea391b3
9d1efd3f-4b4d-4654-be6a-03f1fa0465c5
VarFileInfo
Translation
Antivirus Signature
Bkav Clean
Elastic malicious (high confidence)
MicroWorld-eScan Gen:Variant.MSILHeracles.14956
FireEye Generic.mg.03c03933b86d2974
CAT-QuickHeal Clean
ALYac Gen:Variant.MSILHeracles.14956
Malwarebytes Trojan.MalPack.MSIL
VIPRE Clean
AegisLab Clean
Sangfor Trojan.Win32.Save.a
K7AntiVirus Clean
BitDefender Gen:Variant.MSILHeracles.14956
K7GW Clean
Cybereason Clean
Arcabit Clean
BitDefenderTheta Gen:NN.ZemsilCO.34688.bm0@a019k6ci
Cyren W32/MSIL_Kryptik.ECN.gen!Eldorado
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of MSIL/TrojanDownloader.Agent.HUI
Baidu Clean
APEX Malicious
Avast Win32:RATX-gen [Trj]
ClamAV Clean
Kaspersky Clean
Alibaba Clean
NANO-Antivirus Clean
ViRobot Clean
Tencent Clean
Ad-Aware Gen:Variant.MSILHeracles.14956
Sophos Clean
Comodo Clean
F-Secure Clean
DrWeb Clean
Zillya Clean
TrendMicro Clean
McAfee-GW-Edition Clean
CMC Clean
Emsisoft Gen:Variant.MSILHeracles.14956 (B)
SentinelOne Static AI - Malicious PE
Jiangmin Trojan.PSW.MSIL.bmrj
MaxSecure Clean
Avira HEUR/AGEN.1142949
MAX malware (ai score=89)
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Clean
Microsoft Trojan:Win32/Wacatac.B!ml
SUPERAntiSpyware Clean
ZoneAlarm Clean
GData Gen:Variant.MSILHeracles.14956
Cynet Malicious (score: 100)
AhnLab-V3 Clean
Acronis Clean
McAfee Clean
TACHYON Clean
VBA32 Clean
Panda Clean
Zoner Clean
TrendMicro-HouseCall Clean
Rising Downloader.Agent!8.B23 (CLOUD)
Yandex Clean
Ikarus Trojan.Inject
eGambit Unsafe.AI_Score_94%
Fortinet MSIL/Agent.HUE!tr.dldr
Webroot Clean
AVG Win32:RATX-gen [Trj]
Paloalto Clean
CrowdStrike Clean
Qihoo-360 Clean
No IRMA results available.