popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2021-05-20 02:43:30

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x00035f74 0x00036000 6.08680793477
.rsrc 0x00038000 0x00000418 0x00000600 2.45142625218
.reloc 0x0003a000 0x0000000c 0x00000200 0.0980041756627

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x00038058 0x000003bc LANG_NEUTRAL SUBLANG_NEUTRAL data

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
KDBM(
DLeFJJknobUUNsEBv^V^JW
USZ^XXPyZnnClwKmycAlndFAVWr{kqls{f3@c
%(*+?8,011787#]0:>"0
kymucFO_MPOGR{sLT_WNMc
H@AU_BaQGybggRJt}nlrdt[Wq{illn^lm`|ftrKF`
0"$%/`ycrch
/) *-(x
mm|ckq
[PFdzZ
@OLzIw
i~t|}k
c\d8:V^}cngpsntIeh
;U[Kqws}d~RYT[JG4F
+;8%',-9+,.n<.4
3#32:&
mIFQERU
lZ_RDVBTR
aFoy(Gobi7"LSGskhK{v}lpvrnfr|}Exra
-;=&##
)/"(36
49={9(-:<#%sxq3
nJ\Hg]EIKVM
dUKRI^JpLVXTG^ldERF
Nj|hMg~bojulEovjwrmtBJox`3Tpbv#F
hYG^]J^qwPES
cEQ[xP\ZPH~ZVT^BkaFoy(Mo{mBpaiusjKwxrllsCInwa0UwcuF
6%&'-!o
fBMKO@
oPLWRCUHL_YYVbjOX@
tPBVqYofmgz|,OplwrcuAi
v}wjl<_`|gbseH@
:&9<)?
|icwa}eHV@|oheMVHXA
pSTK\\]ICV\URCUXVu}ln
myATG@FweqI)$:,(;<11
02;&#>'!"48#+
!)8:#1%
YX_F\K
PJ_VYPR
Pdfl FhhlwigobvYnvh^0kqm&+v$.#$v\_X
B/y-+(}|+o%`
+3/ 0 l># %
W4+4k0R0"`= =`hjq:xwuqm!?1# !&'$7TCAUA
KUWEz))
;{k#55,gbp:2<'nm08:!
q\ags3#kmmt?:akkn;{vrpn 00 !tv"#HU
*/??!- +
IWi{x+/yzo|e5 45
yu=77*a`;==$q588:
65h`by"`omiu9'9+({
)*?,hX^[Ri)E
/9<4r`*",7~} (*1z8751-a
qc`37abw
Q[[~54oaax-allnt:&&*+zx()>#iU"l*8rz
%%<wr)##6c#.*(6xxxhi<>jkpm+
NL2u5!iccv=<giip%yttvl">>"#rp !6+
~1qm%//2yx#55,y=002 nrrfg64
iDXP}V_YGNdSOQAriXJPNK
nZV\]dRSgojln:?=
,./<\vwsywcK|
ZYXgfedcba`onmlkjihwvutsrqp*^Z|{Z^8
/)cNHSAKN
Ja`gdgpOqcueFriwt{C[r}t|tJT|g
( 9.:i
]^@DVFfHTBBJBguVDVPQSovXDRRZrWAjkLmy^No{okhdFr{|}~hABr|t[x{{6&
)=-)6:
Awflzhmyg
tDEOJJVT_P[L`
^RSZ~VC^VHqkk}Jbz_8qcd|vnn|pql@^kqucpxlI:
PL_;K9T'U$UV
+)-8.7
4(",6>7+7853
&"=#$1'
K_IuB@KDLPm@LHVhSUWK
;&<=MI!5@A5,5157^#.,X-Y(Ez~uy`g59
R%$ PNBATFH=E_G2@FZ5G{~e
35<6),|
NNF]GN@^
<:?:8M:K1A28Qnjaulk9]myyw}dxw{gP\R,^V\T@[R"TKS"&CV@@:JQOAC4E2C76x
'!("50`
)*%,4{
<,+5;;01%3w
j\JHHLWI@J
:;89#?<=23016745*H{q{r}TvcBtexag
99*&.5/$%15)
5;293&
uGGNGA_qoJCSITKCNg}]YZ`hAVB
rV@TOool.Ld
mnitk[IlyiwjqyhAQauusy`|
)+#6,5
*&("(-;;
)=!163
YX{DZ_
HPUESOIGW__QT_VPuyvinubfgOE\V[\I_^Pogrpew
~LTcs{g
*;:9 >)
=:-9.!
p^GWTHH@W
SUQe}S]JA
]P_[hVfj
z|l|lqpkd
7idio}kAo}nacxcwdqJ
:&;!(>
knjo27
69**:.
"2#"&?&4
)/UYR\]KOySGQuSTFLz
`hFfsGjhgn:YjvilyoS_\DERFF:9'/'#)1>'
3%,'=:?(0-!,#zy5;(+.1-8`t
hyd~@OO@NCVfNK\LQ]PWREE^
PT~jmgz}c}{Lpdh'RUTNK\LONRTZ\TJXdp
).&==*>;'13o>*(y
>*/;-ba
<#%hk{
O~[L\aM@GsUCJNGn_B~PRZlR@G~D[UQG89SY\FZLVF JC^$IUXYMWPR'21k!k5IB
0/$)y:= -$b)#7
{7+7.f-*;-a-3 #l5%14
XBX]^]CJPBMGOKAV
vrnwad
y`z*HGGHFK-TBLTCT,"[x{vkqh^}}dcy{xp
=5$&7%1
wnHX@^DVFS}wRMFQ
{VPQY^Folb[VFAL_XUMcehlw 3(7XC{mwkwkynNBexu|4V
(#*rqm
" '8"4<
`NAHetqeHIH[U\\LczibtUEBRFiynz
#znl=ubvs
i&%mznkwaOxf)(:
*:$:=ps?(05%3
683:ba} 5# 2&
}jzlryEYCOWDTLWy~n{lmznSS^U
}e!&88<<884488GEGA_]_QWUWQ_]_AGEGA?=?175
"%(1+.u
%&'RSP
OY[uICCOCO|@EDKPTOK
Z^H|QP_DXCGaxbdegnb^metvguaYWr{kqls{fO_wp~wp6Z]G^3#
|yspqpw#w
Owe@M]C^MET}qNJAULK
sZONSTY_Q
g@hxqzzjaQRqogokavF"+.+\Z["'!"'&%qY)PQ/_\\RW"S'QRRL(
.,5107
!?7?;1&
u~{l|s
BDWW@TBxd_IW_QG`{]K]P_[dGo}alyJthavt`dkaMQ^AF]JNOW]DNCDQG68
/&BXF2
2&) "-9*
5)5%"?
9#""59
cGZZ|ayrkORRnJFUVQWYlYODVBayg
ekx{~a}hKm{m`ok1D-*DVnzn|2^qxzK[e
,004400
NNt{KN@{l`|vOIrky
j\_Sjsq
Nd{s^\I[KS^hcoVOE[rkyh}khznN]UDFWEQI8
!=!<-!
)!02;)=
Kw}EZ]M{l`|TJSVDLU[
WQUMS@CFRGUFy|l;^}cjpbmGokavFNtml~JSQOe}beuc
)+(+&;!8>l'!5#
?>=&>%
XbLL@[EYKFSoIU@sjuvVL[jm|
TXDRWAeyq)``x-dluob&Jjh
Nip1yew9ebse:v
/5$*%,sh
>'1. +"c
u-95+:
K_Iu~]E[CWE
oIP@HU]M
~_^W@CmRV@TVjkjazby,isnh).'oh}kp~qx0)298=+<HEBK
D]FMTQGP\/
/9&,:o
.!&32z&67;"fe:6?)lo#%$>:2
KIDL}@JYUBRDzcKRTWWXZr]SSTUCjgUFy|g{j|PHl`P`utsjh
Qwjznswg0Uy`zy
BVQNNJ\C^AXFN=
,35(&) hkhy
02370$899t0
^DZzZN^YkMFN`NH@tZU\bkSOnG_C
RLPKyo|cjbyqVsdUoaiv^`|}jhx@vtxdrwa9
60+=4<
%#\ZBLQGADKHJ
62|FKsob\BE
ao|dhf`oorukijzkjipny26xpe
+/%ac3+7>2*|
SKW^RJ
EYEDTyx-az{|~8,/vqp*qr~wwwpro}fdtd9wz
ew)gep$?'%
uumo8#31j{
yiAQMTJR
[]MFVBrYYR\m~zhzfccKSEogeh`~Vyz_{xow`cr/ !s
-35')' )
NJ\HLN_H
EOSKFPv
jm|p|y
I<CE\LIJ^-
LCUCSWQHRV^>
S_XVSE_SQ[>". +=L
>.%x';) p-32
5-3;/=8on=lbab0na`m
umB_PZZdx&z
ceygno{Ykkbsukqqlhss~utxtfl
9"''s{b}lsnq0"66346dlqlsb}`<%4;'
KBDjBFICV
aBEHQKNH
RY]wTWZ
e|Jaajdevr`rnkkWzqu]sux|g>Put{`
)&1%25|-+<4
:=0)3&
??0>3
v2.0.50727
#Strings
" "d"s"
#M$[$v$
&&&0&H&i&
'/(O(b(q(
HMACSHA1
IEnumerable`1
ICollection`1
EventHandler`1
IList`1
HMACSHA512
Advapi32
kernel32
Microsoft.Win32
user32
ReadUInt32
ToUInt32
ReadInt32
ToInt32
KeyValuePair`2
Dictionary`2
ToUInt64
ReadInt64
ToInt64
ReadUInt16
ToUInt16
ReadInt16
ToInt16
HMACSHA256
get_UTF8
F4A98466-A54A-4EE3-B266-8AC312CBF3C9
<Module>
GetModuleFileNameA
GetVolumeInformationA
get_bindingConfigurationUID
set_bindingConfigurationUID
get_FormatID
GetHINSTANCE
get_ASCII
get_URL
set_URL
get_sSL
set_sSL
System.IO
TripleDES
get_IV
set_IV
MoveFileExW
get_value__
set_value__
get_Data
set_Data
ProtectedData
GetObjectData
ProjectData
PropertyData
rJZnHbfPEzLeCGooGSkfUvOeRdofUQb
mscorlib
System.Collections.Generic
Microsoft.VisualBasic
SendAsync
ReceiveAsync
WndProc
get_Id
GetWindowThreadProcessId
GetProcessById
OpenRead
Thread
SHA1Managed
RijndaelManaged
get_LastModified
set_LastModified
set_Enabled
get_enabled
set_enabled
get_BytesTransferred
add_Elapsed
IsBypassed
get_LastAccessed
set_LastAccessed
get_Connected
add_Completed
System.Collections.Specialized
get_IsInvalid
get_Guid
GetField
TrimEnd
ReadToEnd
Append
get_Second
get_Millisecond
UBound
set_Method
CompareMethod
get_Clipboard
get_Keyboard
get_Password
set_Password
get_password
set_password
Replace
CreateInstance
get_GetInstance
GetHashCode
get_SocketErrorCode
set_Mode
FileMode
PaddingMode
CryptoStreamMode
CompressionMode
CipherMode
XmlNode
get_Unicode
get_BigEndianUnicode
IsTextUnicode
VaultFree
get_useSeparateFolderTree
set_useSeparateFolderTree
FromImage
SendMessage
MailMessage
AddRange
CredentialCache
EndInvoke
BeginInvoke
GetEnvironmentVariable
IEnumerable
IDisposable
ISerializable
ToDouble
get_Handle
RuntimeFieldHandle
SafeHandle
RuntimeTypeHandle
ReleaseHandle
CreateHandle
GetTypeFromHandle
handle
Rectangle
DownloadFile
DeleteFile
get_securityProfile
set_securityProfile
Console
get_MainModule
ProcessModule
MsgBoxStyle
get_Name
set_Name
get_FileName
set_FileName
GetRandomFileName
GetTempFileName
GetFileName
typeName
get_OSFullName
get_FullName
get_providerName
set_providerName
get_UserName
set_UserName
get_ComputerName
get_ProcessName
get_ProductName
get_accountName
set_accountName
GetProcessesByName
AssemblyName
assemblyName
GetDirectoryName
get_username
set_username
System.Net.Mime
FromFileTime
ToFileTime
DateTime
GetLastWriteTime
SetLastWriteTime
get_CreationTime
set_CreationTime
SetCreationTime
GetLastAccessTime
SetLastAccessTime
ReadLine
AppendLine
WriteLine
get_NewLine
Combine
LocalMachine
Escape
get_archivingScope
set_archivingScope
DataProtectionScope
get_Type
set_Type
set_MediaType
ChangeType
ValueType
StringType
SecurityProtocolType
BindToType
get_avatarType
set_avatarType
GetType
SocketType
set_ContentType
FileShare
Compare
PtrToStructure
get_InvariantCulture
get_CurrentCulture
Capture
ApplicationBase
NameObjectCollectionBase
HttpWebResponse
GetResponse
Dispose
TryParse
Reverse
Create
MulticastDelegate
GetKeyboardState
EditorBrowsableState
Delete
get_CanWrite
ThreadStaticAttribute
STAThreadAttribute
CompilerGeneratedAttribute
GuidAttribute
HelpKeywordAttribute
GeneratedCodeAttribute
EditorBrowsableAttribute
ComVisibleAttribute
FileAttribute
AssemblyTitleAttribute
StandardModuleAttribute
HideModuleNameAttribute
DefaultValueAttribute
AssemblyTrademarkAttribute
DebuggerHiddenAttribute
AssemblyFileVersionAttribute
MyGroupCollectionAttribute
AssemblyDescriptionAttribute
FlagsAttribute
CompilationRelaxationsAttribute
ReliabilityContractAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
ParamArrayAttribute
AssemblyCompanyAttribute
RuntimeCompatibilityAttribute
SuppressUnmanagedCodeSecurityAttribute
AccessedThroughPropertyAttribute
set_UseShellExecute
get_Minute
ReadByte
ToByte
get_Value
DeleteValue
GetObjectValue
GetValue
SetValue
GetPropertyValue
Receive
set_KeepAlive
add_AssemblyResolve
Remove
rJZnHbfPEzLeCGooGSkfUvOeRdofUQb.exe
get_Size
set_Size
get_HashSize
get_KeySize
Deserialize
Initialize
SuppressFinalize
Resize
SizeOf
get_ItemOf
LastIndexOf
get_Jpeg
System.Threading
set_Padding
NewLateBinding
UTF8Encoding
GetEncoding
System.Drawing.Imaging
FromBase64String
ToBase64String
EscapeDataString
UnescapeDataString
DownloadString
GetPrivateProfileString
CompareString
ToString
GetString
Substring
System.Drawing
ToULong
ToLong
get_enableLog
set_enableLog
get_Msg
get_PasswordHash
ComputeHash
get_ExecutablePath
GetFullPath
GetTempPath
GetFolderPath
get_Width
get_Length
SetLength
get_ContentLength
set_ContentLength
GetWindowTextLength
EndsWith
StartsWith
get_Month
PtrToStringUni
AsyncCallback
get_CapsLock
TransformFinalBlock
TransformBlock
get_CanSeek
get_kbok
set_kbok
AllocHGlobal
FreeHGlobal
Marshal
NetworkCredential
Decimal
System.Security.Principal
ConditionalCompareObjectGreaterEqual
ConditionalCompareObjectEqual
ConditionalCompareObjectNotEqual
set_Interval
Rijndael
get_AccountCredentialsModel
set_AccountCredentialsModel
System.Collections.ObjectModel
System.ComponentModel
System.Net.Mail
LateCall
User32.dll
user32.dll
vaultcli.dll
psapi.dll
ntdll.dll
bcrypt.dll
System.Xml
set_IsBodyHtml
set_SecurityProtocol
set_EnableSsl
FileStream
get_BaseStream
GetResponseStream
DeflateStream
get_EndOfStream
CryptoStream
GetRequestStream
MemoryStream
get_LParam
get_WParam
get_Param
get_Item
set_Item
VaultGetItem
get_FileSystem
OperatingSystem
SymmetricAlgorithm
HashAlgorithm
Random
ICryptoTransform
ToBoolean
IsLittleEndian
TimeSpan
get_Screen
CopyFromScreen
get_UserToken
set_UserToken
Listen
System.ComponentModel.Design
ChangeClipboardChain
AppDomain
get_CurrentDomain
SeekOrigin
get_OSVersion
get_Version
set_Version
RtlGetVersion
get_version
set_version
Conversion
System.IO.Compression
get_Application
get_Location
SystemInformation
destination
get_AccountConfiguration
set_AccountConfiguration
get_BindingAccountConfiguration
set_BindingAccountConfiguration
MailAccountConfiguration
SmtpAccountConfiguration
System.Globalization
System.Runtime.Serialization
Interaction
System.Reflection
PropertyDataCollection
NameValueCollection
MatchCollection
GroupCollection
KeysCollection
ManagementObjectCollection
AttachmentCollection
KeyCollection
get_disabledByRestriction
set_disabledByRestriction
get_Position
set_Position
get_ContentDisposition
SearchOption
InvalidDataException
CryptographicException
ArgumentOutOfRangeException
ArgumentNullException
InvalidOperationException
SocketException
ArgumentException
get_Description
set_Description
get_StatusDescription
System.Runtime.ConstrainedExecution
Environ
StringComparison
get_CtrlKeyDown
get_ShiftKeyDown
get_AltKeyDown
SocketShutdown
CompareTo
CopyTo
get_Info
ImageCodecInfo
FieldInfo
FileInfo
CultureInfo
FileSystemInfo
FileVersionInfo
GetVersionInfo
SerializationInfo
serializationInfo
ComputerInfo
NumberFormatInfo
get_StartInfo
ProcessStartInfo
GetLastInputInfo
DirectoryInfo
get_CHoo
set_CHoo
Bitmap
get_Year
ToChar
DirectorySeparatorChar
get_avatar
set_avatar
StreamReader
BinaryReader
SHA1CryptoServiceProvider
MD5CryptoServiceProvider
RNGCryptoServiceProvider
TripleDESCryptoServiceProvider
BCryptCloseAlgorithmProvider
BCryptOpenAlgorithmProvider
IFormatProvider
StringBuilder
SpecialFolder
set_Binder
SerializationBinder
GetDecoder
Encoder
SetBuffer
ResourceManager
ServicePointManager
ToInteger
ManagementObjectSearcher
SecurityIdentifier
ElapsedEventHandler
ResolveEventHandler
System.CodeDom.Compiler
ToUpper
get_User
set_User
CurrentUser
get_Browser
set_Browser
ConditionalCompareObjectGreater
ToGenericParameter
EncoderParameter
StreamWriter
TextWriter
BitConverter
BinaryFormatter
get_Computer
ServerComputer
get_DnsResolver
set_DnsResolver
SetClipboardViewer
ToLower
CreateProjectError
ClearProjectError
SetProjectError
SocketError
get_NumberDecimalSeparator
IEnumerator
ManagementObjectEnumerator
GetEnumerator
Activator
.cctor
Monitor
CreateDecryptor
CreateEncryptor
ReadIntPtr
MidStmtStr
get_Hour
Graphics
System.Diagnostics
get_Bounds
Microsoft.VisualBasic.Devices
get_WebServices
Microsoft.VisualBasic.ApplicationServices
System.Runtime.InteropServices
Microsoft.VisualBasic.CompilerServices
System.Runtime.CompilerServices
Microsoft.VisualBasic.MyServices
GetInstances
System.Resources
get_ChildNodes
Matches
GetDirectories
get_Properties
ExpandEnvironmentVariables
GetFiles
EnumProcessModules
GetModules
NumberStyles
GetSubKeyNames
ReadAllLines
GetProcesses
GetHostAddresses
FileAttributes
SetAttributes
Rfc2898DeriveBytes
ReadAllBytes
GetAddressBytes
GetBytes
get_Values
SocketFlags
Strings
SocketAsyncEventArgs
ElapsedEventArgs
ResolveEventArgs
get_Ticks
ICredentials
get_Credentials
set_Credentials
get_DefaultCredentials
set_UseDefaultCredentials
Equals
CreateParams
VaultEnumerateItems
System.Windows.Forms
Contains
Conversions
System.Text.RegularExpressions
get_IncludeInGlobalOperations
set_IncludeInGlobalOperations
System.Collections
set_MaximumAutomaticRedirections
StringSplitOptions
RegexOptions
get_Groups
get_Chars
GetChars
GetImageEncoders
System.Timers
RuntimeHelpers
get_advancedParameters
set_advancedParameters
EncoderParameters
Operators
ManagementClass
ConditionalCompareObjectLess
FileAccess
get_Success
GetCurrentProcess
IPAddress
get_Address
set_Address
MailAddress
get_IdnAddress
set_IdnAddress
get_objects
set_objects
System.Net.Sockets
get_signaturePresets
set_signaturePresets
get_templatePresets
set_templatePresets
VaultEnumerateVaults
get_Attachments
set_Arguments
get_Exists
get_Days
arrays
get_Keys
set_Keys
Concat
AppendFormat
ImageFormat
get_NumberFormat
Subtract
ParseExact
AddObject
AndObject
ModObject
DivideObject
ManagementBaseObject
CreateObject
ConcatenateObject
OrObject
XorObject
SubtractObject
GetObject
LeftShiftObject
ManagementObject
NotObject
MultiplyObject
set_Subject
Connect
set_AllowAutoRedirect
Unprotect
LateGet
LateIndexGet
System.Net
GetResourceSet
LateSet
get_passwordIsSet
set_passwordIsSet
set_AcceptSocket
get_signingEncryptionPreset
set_signingEncryptionPreset
get_Height
get_Lenght
set_Lenght
op_Explicit
WaitForExit
VaultCloseVault
VaultOpenVault
get_Default
IAsyncResult
MsgBoxResult
set_UserAgent
WebClient
SmtpClient
System.Management
XmlElement
Attachment
Environment
XmlDocument
get_Parent
GetParent
get_Current
IPEndPoint
get_LocalEndPoint
get_Count
get_TickCount
GetCharCount
EndAccept
BeginAccept
BCryptDecrypt
BCryptEncrypt
ThreadStart
Convert
get_Port
set_Port
get_InternalServerPort
set_InternalServerPort
get_port
set_port
FtpWebRequest
HttpWebRequest
XmlNodeList
get_Host
set_Host
ICredentialsByHost
get_host
set_host
set_Timeout
GetKeyboardLayout
get_StandardOutput
set_RedirectStandardOutput
MoveNext
System.Text
ReadAllText
AppendAllText
WriteAllText
get_InnerText
GetText
GetWindowText
StreamingContext
streamingContext
context
get_Now
GetForegroundWindow
NativeWindow
set_CreateNoWindow
ToUnicodeEx
GetModuleFileNameEx
RegQueryValueEx
UnhookWindowsHookEx
SetWindowsHookEx
CallNextHookEx
RegOpenKeyEx
LateSetComplex
MsgBox
get_Day
InitializeArray
ToArray
ToCharArray
CopyArray
Consistency
set_Body
get_Key
set_Key
OpenSubKey
RegCloseKey
MapVirtualKey
get_GuidMasterKey
set_GuidMasterKey
ContainsKey
BCryptImportKey
BCryptDestroyKey
RegistryKey
System.Security.Cryptography
get_Assembly
GetExecutingAssembly
GetEntryAssembly
get_AddressFamily
Multiply
BlockCopy
System.Runtime.Serialization.Formatters.Binary
get_TotalPhysicalMemory
CreateDirectory
DictionaryEntry
get_Registry
get_Capacity
Quality
op_Equality
op_Inequality
get_priority
set_priority
System.Security
IsNullOrEmpty
BCryptGetProperty
BCryptSetProperty
set_Proxy
IWebProxy
ClipboardProxy
FileSystemProxy
GetProxy
RegistryProxy
<PrivateImplementationDetails>{9D377B6E-2A78-4D10-9E61-46A2118981E8}
MyTemplate
8.0.0.0
My.Computer
My.Application
My.User
My.WebServices
4System.Web.Services.Protocols.SoapHttpClientProtocol
Create__Instance__
Dispose__Instance__
microsoft
microsft
!crryan@belmont.wmicrosofta.gov.au
WrapNonExceptionThrows
$9d7b5824-db0d-41b3-88c1-dfb8182f65d5
_CorExeMain
mscoree.dll
!%--314?7B9P=
)(*(+(,
credential
logins
+-0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz
HTTP/1.1
https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip
sha512
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
microsoft
CompanyName
microsoft
FileDescription
microsft
FileVersion
InternalName
rJZnHbfPEzLeCGooGSkfUvOeRdofUQb.exe
LegalCopyright
microsoft
LegalTrademarks
microsoft
OriginalFilename
rJZnHbfPEzLeCGooGSkfUvOeRdofUQb.exe
ProductName
crryan@belmont.wmicrosofta.gov.au
ProductVersion
Assembly Version
1.0.8.0
Antivirus Signature
Bkav Clean
Elastic malicious (high confidence)
MicroWorld-eScan IL:Trojan.Targaryen.B
FireEye Generic.mg.5e9c34075c2eb3d3
CAT-QuickHeal Clean
ALYac IL:Trojan.Targaryen.B
Cylance Unsafe
VIPRE Clean
AegisLab Clean
K7AntiVirus Clean
BitDefender IL:Trojan.Targaryen.B
K7GW Clean
Cybereason malicious.f82ae2
Baidu Clean
Cyren Clean
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of MSIL/Spy.Agent.AES
APEX Malicious
Paloalto generic.ml
ClamAV Win.Packed.Razy-9862812-0
Kaspersky UDS:Trojan-PSW.MSIL.Agensla.gen
Alibaba TrojanPSW:MSIL/DarkStealer.f3d7c585
NANO-Antivirus Clean
ViRobot Clean
Tencent Clean
Ad-Aware IL:Trojan.Targaryen.B
Emsisoft IL:Trojan.Targaryen.B (B)
Comodo Clean
F-Secure Clean
DrWeb BackDoor.SpyBotNET.25
Zillya Clean
TrendMicro Clean
McAfee-GW-Edition Artemis!Trojan
CMC Clean
Sophos Clean
SentinelOne Static AI - Malicious PE
GData MSIL.Trojan-Stealer.AgentTesla.Z9J88C
Jiangmin Clean
Webroot Clean
Avira TR/Spy.Gen8
eGambit Unsafe.AI_Score_100%
MAX malware (ai score=82)
Kingsoft Clean
Gridinsoft Clean
Arcabit Clean
SUPERAntiSpyware Clean
ZoneAlarm HEUR:Trojan-PSW.MSIL.Agensla.gen
Microsoft PWS:MSIL/DarkStealer!MTB
Cynet Malicious (score: 100)
AhnLab-V3 Infostealer/Win.AgentTesla.R420346
Acronis Clean
McAfee Artemis!5E9C34075C2E
TACHYON Clean
VBA32 Clean
Malwarebytes Spyware.TelegramBot.TOR
Zoner Clean
TrendMicro-HouseCall Clean
Rising Spyware.Agent!8.C6 (TFE:D:ZkYqOVQUviS)
Yandex Clean
Ikarus Trojan-Spy.Keylogger.AgentTesla
MaxSecure Clean
Fortinet MSIL/Razy.749950!tr
BitDefenderTheta Gen:NN.ZemsilF.34690.nm0@aKIvVcm
Panda Clean
CrowdStrike win/malicious_confidence_100% (W)
Qihoo-360 Clean
No IRMA results available.