popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2048-07-01 15:51:24

PDB Path

Mnr.pdb

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x000163a4 0x00016400 6.17413865639
.sdata 0x0001a000 0x000001e8 0x00000200 6.63760210145
.rsrc 0x0001c000 0x00000578 0x00000600 3.98517596231
.reloc 0x0001e000 0x0000000c 0x00000200 0.101910425663

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x0001c0a0 0x000002ec LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_MANIFEST 0x0001c38c 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.sdata
@.reloc
X<X(_
X8X(_
#333333
Z?_d
_b`*
UUUU_
UUUU_
v4.0.30319
#Strings
CompilationRelaxationsAttribute
System.Runtime.CompilerServices
mscorlib
System
Boolean
RuntimeCompatibilityAttribute
DebuggableAttribute
System.Diagnostics
DebuggingModes
AssemblyTitleAttribute
System.Reflection
String
AssemblyDescriptionAttribute
AssemblyConfigurationAttribute
AssemblyCompanyAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyTrademarkAttribute
ComVisibleAttribute
System.Runtime.InteropServices
GuidAttribute
AssemblyFileVersionAttribute
TargetFrameworkAttribute
System.Runtime.Versioning
SuppressIldasmAttribute
dcbc0cb3-980c-4a9a-b961-db226481bfc8
Mnr.exe
<Module>
o4AiWOj43oiFpWqYxi
rb3dwZ72Omvvj8Hd3k
Object
Ld67cHGJwe1vSEkKEP
uD6VnptqyOi884k7sL
ValueType
FullScreenDetect
Inject
H5UT031d3sdF3PIfm0
TBUQ5jXvFMyQvcaKQp
fvCBUypeDgK0ipIEjt
xMBfLl9XFWuFQpZ1fJ
ServerSettings
Km5eKFvG9rFPuQKncO
awLJy10qgueWqH7f1Z
Update
eLUMv1IC9P7Xke2kEM
d30mameMfuZf2DBD9U
EHNchaRbmHdF9eax49
mdamEYYjJgaEoZxpSk
<Module>{6A2007D7-2401-4E83-B2F0-7CF03741F841}
cVBlqYMIbPnDgg74I7
INIGS4K2Y9Lorw2nDo
g8LFdu2y7dxP7OhXI8
MulticastDelegate
tNl6sLk9f63dp0yR35
H5qshco2LvIHYMMdvD
JtKv7cWafDkhshl2yi
Attribute
iul9QDVKrYB50menn1`1
Nj3Ip0FPf1x6sVE0FB
P9NJVJ3ysK21WxhexJ
GZN0Q0d9wdF9kum5UD
k2FVjpxmaiuAhXnGHa
tbXNDonY7I7rIJS8hm
odeBQTJvNrDdIMAw8J
YU1P4NUHIGjNeZtN4J
bWGUdBinARsIAaH1VE
i4L867mDHq1SW7sRvr
qSpJu5ZCKXWEAjBKQF
WDyF62NGBjW19uvCwP
cnda9uqBdR0QphWQCf
GyrehBwNw3kPMid71d
<PrivateImplementationDetails>{0A90E42F-B6E9-408D-A7D1-100D5C81DE67}
__StaticArrayInitTypeSize=256
__StaticArrayInitTypeSize=40
__StaticArrayInitTypeSize=30
__StaticArrayInitTypeSize=32
__StaticArrayInitTypeSize=16
__StaticArrayInitTypeSize=64
__StaticArrayInitTypeSize=18
p7svLE5UT
i3d03sdF3
o4AjiWO43
qiF7pWqYx
FileStream
System.IO
FileMode
XmlDocument
System.Xml
Exception
zVbG3dwZ2
Nmvtvj8Hd
Stream
WebClient
System.Net
XmlSerializer
System.Xml.Serialization
uk81d67cH
WebResponse
StreamReader
xweX1vSEk
nEPp3D6Vn
gqy9Oi884
DateTime
AddMinutes
Double
ToString
ProcessStartInfo
RegistryKey
Microsoft.Win32
Registry
CurrentUser
.cctor
jKZang2dKpasEnkAwJ
gBkEaTptn7wJUfxchG
cNEcUAPDevV886f5yN
Tqo0pRQtWevtNyoR3O
Assembly
GetEntryAssembly
M3wP91lJ5NTCBvQD92
get_Location
Kbe2hATTB7UXMsCn1o
Directory
CreateDirectory
DirectoryInfo
SVROkx814Vl11mGwbv
Gx7A0lW18mRqhs5YyL
Concat
AuOaECVBeD1iTgFI21
Exists
nGEP9F3ONd4auTrweV
qr4NAxhZVGhfsv0b4E
Process
HcNTjq7lQl264KH6UY
axSF1x1wFthfPm9laS
Environment
P68WsrEM7XKd9F5D7h
aNlMxGnDvQ0gCcFsSL
SQQZ57vSCgLmyc2ude
sKrfnDcpnJKA9yKegW
LoadXml
uMb8tiDnhyyIlMESDK
EbcKngq8UIBc0m808I
IDisposable
Dispose
KqLV4OtZlawjtukg7m
GHwyul6OEY507xZwxx
l4Y7lSjQLxKu8gdrcM
FAPJ7wujbnZyk4bJwp
OpenRead
E2PX7lG5iiqp6nSFLY
RuntimeTypeHandle
GK2nPYxPDALtar3uJC
GetTypeFromHandle
ApFwht4R6pkctJ4pVa
Deserialize
RWKVcHJ0EvynB6cNwM
CGY60kBmM87VBrK5qr
ivbhQ4a9y3LbMdr5yb
M1ZQttUXCudNCgNXHm
jRlLg5NCkUID761Ogy
EwK8skwnxdCldxCd3i
upLPIGdsB6uU6leHMj
WebRequest
Create
Scb3g1CH228tO0EROZ
GetResponse
jd2AWEePlF0PQXP88G
GetResponseStream
JESqKeAU3RuJCdXdC7
TextReader
ReadToEnd
PRj6Jgmk0wmCKRFvFL
sX3pg65qckQa1ehJsk
SecurityProtocolType
ServicePointManager
set_SecurityProtocol
wZVddr9jsfEbONFmGX
DownloadFile
jYEU9ykkSfjsujFbYm
get_Now
wZ8lyaf7SxTBUffCiU
VZykcNYEv8Q4jgRhPi
set_Arguments
DeAvUWyGwiJ0CHJuTD
ProcessWindowStyle
set_WindowStyle
YeJT7vMoWEpQVNBx2v
set_CreateNoWindow
ccOMQMKSf140NeuV0Q
set_FileName
jLOtuIXVFVZkaJC3p7
set_RedirectStandardOutput
vTtKMGH2P6Mtb5XH92
set_UseShellExecute
F02jaARcLMSy271rhl
FWk4Z7s3ZxCgCWjH3Z
OpenSubKey
f7by13gF1VcO0Ypl2J
Application
System.Windows.Forms
get_ExecutablePath
xIxR4PSS1SqZLU72To
SetValue
pLwt4JFGc207ycn99x
SpecialFolder
GetFolderPath
Bottom
NIfIm0DBU
HandleRef
GetWindowRect
user32.dll
O5jevFMyQ
IntPtr
GetForegroundWindow
IsForegroundFullScreen
icaRKQpXv
Rectangle
System.Drawing
get_Width
get_Height
VqJCA5zyh2ehWIKH9i
gTAyDcZ0WUGRZnXVmaN
Screen
get_PrimaryScreen
lp0M4nZZIKj8kYSRke0
get_Bounds
hHM1SJIiYwQKXv9uwE
uFRBkBL0fc2oeLIHoh
MlXO0yZO2aIos2ZqcWy
x3mWhvZiAWYcEyiHl4V
HideBotPath
FileInfo
dh3dTaZPmTKnnWmSqhx
SoiGY1Z2EYu3f3gy2Uq
SearchOption
GetDirectories
z1Wi8UZQ7w1vjd2KuGp
FileAttributes
FileSystemInfo
set_Attributes
S7HwKrZlSUR8ubOo0Mm
GetFiles
J2Kh7NZTt5AxEjgBxnh
get_Attributes
S1556uZobYcIDS5WWGU
rIkh44ZpNwdS6yTwloN
IBUYyeDgK
UInt32
CreateProcess
kernel32.dll
iipMIEjtn
VirtualAllocEx
mBfKLlXFW
WriteProcessMemory
JFQ2pZ1fJ
ZwUnmapViewOfSection
ntdll.dll
Km5keKFG9
SetThreadContext
aFPouQKnc
GetThreadContext
MrwWLJy1q
ResumeThread
WueVWqH7f
CloseHandle
hostPath
hostName
hostArgs
eZ1HLUMv1
ToInt64
I9PF7Xke2
BkZe1VZVQibxyXoDxO6
Marshal
ReadInt32
DoU0OsZ32cxTGcOKgCR
ReadInt16
DUVxYiZhlU0dj3RV48O
ReadInt64
r8PGivZ7WHVD7cBoExd
hU8kjFZ1QHA8i2iSmwe
GetCurrentDirectory
bmxfAUZEWHXDDGCW7dB
WriteInt32
HOKsVjZnnk27MDyWoFx
X08SR2ZveSbwDuqinbl
OH1jL9ZcD18op42iE3a
Buffer
BlockCopy
UUn20kZDLSvGP44ruMI
BitConverter
GetBytes
NlFxV0Zq7mdHNCLbSCg
rSb6uIZtuMVojpNm30m
WriteInt64
bY2x7rZ67hhXk8Ra97A
FreeHGlobal
sbDJ6EZ89oaLGxPyAqy
LWKoVFZWvWFXKTaG7wk
pqgcMqZjn0if6AGJAHf
AllocHGlobal
D4RNeFZulImpdqFJGF7
E5kwm4ZGRoek606eyy9
Yn1RToZxiEQe9rchafh
pEM3G30ma
IsWow64Process
WD9xUNHNc
kaxJ49Mda
qZxipSk7V
ManagementObjectEnumerator
ManagementObjectCollection
System.Management
ManagementObjectSearcher
TggS74I7C
ManagementBaseObject
zMfduZf2D
MorZw2nDo
uxPq7OhXI
J1UNZJZBrhWF09VUsku
B356w5Za6MOiCwJnoW0
DownloadString
nXiDvIZ40aM2qFLJjyd
LWws63ZJCv05Fcg9ANB
ja9Le7ZUMFaN0QWQmk3
RegionInfo
System.Globalization
get_CurrentRegion
TOGEySZNJM5C2o7dt25
get_Name
KTVNudZwY7Ahw8f78h6
jW2jdlZdsEEiXf4EF6x
GetEnumerator
LFZk08ZCCKLH0IZsVCW
get_Current
kFvwAIZeL1v7gOdsWDk
get_Item
kZluk6ZAdBMn7K5ErIF
MoveNext
aHgy5HZm68sFaVucOPa
wAnuYuZ5sd9yDcLLkKv
CsUdl8Z91H5aSCo7rBe
Convert
cJFhh9Zk7Xtw444ZjRW
GetCurrentProcess
fFuWykZfN8FXaKbAlYt
get_Handle
FTfKN6ZYs8A4xH5b3fW
TJIqEKZyBpWExdNAgDf
GtVfAnZMl3wJxyJREYu
VDmqSuZKL1AZiRP2FTp
StOvx4ZXnKFbFGG5Nlg
eKyBj2ZHcFT6tqPcfq1
aVgLvOZRUW5gf9yaN6Y
hRjoa3Zshsvfnnwhv6M
g0AMxWZg6bYlJssGSRE
xDpZTkZSJkJe92MnITV
LC9ZQYZF0SAbsDWBHFp
U63Adp0yR
op_Equality
ThreadStart
System.Threading
Thread
u5cE5qshc
oLvcIHYMM
nHy6k9Zbvgs2oYkkJ5K
jXYCSqZrqD4D0LAuEZG
rVsqHWZItKLdpe6Fpgm
V5TiOaZLegGmwSeGe7n
RyUEDtZzoQmAEaOyGQQ
TimeSpan
FromMinutes
Y4sHrmO0ww727JYWxu3
fk4w5uOZJs8YKVCaSyy
tCqeASOOP2C3GkPU3du
hTJh0bOin1kpZJGg3Ld
ISIOa7OoZhoY1pmcw33
OtCB1oOpBvyvZHlZFrv
ServerUpd
ServerSendArgs
hoiaMrOQy9LqxksOQwd
DQBEFqOlEUH88mdDEQY
xavZayOPHAarmeZnNtn
pw98isO2FDlQLPY15rU
o1WhxhexJ
GZNT0Q09w
vF9bkum5U
Te2DFVjpm
CiufAhXnG
vvDCutKv7
HafuDkhsh
Y2y5i0ul9
ODK8rYB50
AenLn1bLw
CjhOAWy0J
uG3PaB1Pj
PsV6E0FB6
cq9FFWOWZD7xCFW9mbH
GetProcessesByName
FCo5uXOTGcCjVFjVACC
QauNarO87fu5Zddc4U3
X7f5kwOVFTJ8WU3f7od
KL2lS2O3MNRlflhSw6O
ibyCYcOhQDj4DJMUw5k
NtCfaYO7it4VY0JuTY0
Bj24glO1RFKmWqufwXr
qX8j7GOEx3dHy3cOkLh
JRqGjBOnXFfuxd4iYHB
gA3kGBOvTUyykeZpq3e
vf0mKYOcenlQgjIQUZM
Hyp6jhOD9lUEmpOm9uP
koFKWdOqrEPZDH3aw6e
RpI3SbOtkdMXou9ZYgC
ry4huSO6F3cGWOMyG9g
tKtsdsOjZgIU8bo4fGq
ibI6DZOuXD2u7lkeVOq
rjDTjROGBug6dh5AkSD
fP9yM9OxoDuyj1yGhFV
eDGxDmO4w1TFultaQQu
eRNPq9OJd1v9dxAbyEA
get_Properties
PropertyDataCollection
W3Dl5nOBPoDrY6bHDnn
PropertyData
vIMHLROa3c5JlPaV4GT
get_Value
HEPLm3OUbuIFAJOc9hE
ToDouble
EtjwXLONlBdoe1f7r97
rBrQdLOwmM4qc0sYark
uKSUZaOdje19Ob4VYvU
MufdiQOCrS7VtLPno21
ylsEltOe4ET9WHTJqlF
taFsbXNDo
l7Ig7rIJS
LhmB2deBQ
get_Version
set_Version
get_Link
set_Link
set_Name
Version
FdQcCYOAILLceeO1Wyv
pNCBXrOmp25mFIwDImL
t2WJwlO5XR0NkgyrP4L
PeAdSbO9lrOy4oYHWPo
AUYtxEOkID0ggpAU4vM
vcIb1nOfRtr6qILf6Zo
GalUtsOY4422jt4ioPA
plRgpMOyremhSgwGsUp
RvNyrDdIM
ArgumentNullException
QNHzIGjNe
Gw8lJlU1P
AnZx3GOXZo8FY0Kvkei
bBUEGjOHMKr1ccQkER2
biaLQsORioI0jGWqNvv
yBLDgvOsTXvEk7yOG2A
eIF3U5Og1qe1qZjGLJv
kC3XccOSHEgfhjZasHQ
ToLower
cULApJOFpnfVpZkRLNW
ToUpperInvariant
qSWHfTObsH0SN1gafIv
Contains
vZ9skBOre6qs05CknAo
Equals
PeODvlOIuXpQS7dgKJw
rGHYarOLLGkBvp1c9BF
uVrBcSOM5pIhu5hqAUK
Sv6uSmOKrj8GhW7OH2D
QhxsTCOzQXKCpyk0RUg
SystemInformation
get_TerminalServerSession
pHfZh4i0kf6Xgv0HxZJ
APxZIniZlq8KlHmQL2m
lICKLiiOssNMGXtJrdx
dLIHupiiYpqbxIlOR6K
pjRfIAiPieAApERZYnJ
DRUofYi2xRssgvNUkQ6
NMJT1hioeIO1dV3Ehu0
RBUhoOip0WnHoP6M98G
ydBjjnARsI
oJdYrklliydaS
typemdt
FieldInfo
MethodInfo
GetFields
get_Assembly
sYRMhHiWfg7cAkr6LOw
Module
ResolveType
lCnMvmiVt1YmeClO6JW
MemberInfo
get_MetadataToken
Dl5fKZi31EkwDYKqo38
ResolveMethod
MethodBase
IFPBX8ihIcV97P11EQ4
Delegate
CreateDelegate
tt4EjUi7cw0jD7fXYD5
qDPnDSiTfxTDIfPW2wM
OBlrjoi8uX9JKbPBbDO
VFcfwri1vYpt6XpNcfF
gP4mDyiEfXeUKhxes1p
YI52NWinwxvx8u92YfY
EwvFt3ivoIBaNXskjvY
LsCX2LicKWd5Yxhqa0H
get_ManifestModule
Invoke
BeginInvoke
IAsyncResult
AsyncCallback
callback
object
EndInvoke
result
peEjanauhb
MHQjNqnckf
fA7jEMvkDM
fetj5Z5I06
UWxjOF78GO
yN8jPLKPEI
G9mj61hesS
rxjjhMTbiR
HQyjfD52kA
Kppjgq3L2D
ETPjlua6G3
gsnj8BrWHY
s4MjqJXbar
TM9jDhvC5R
SQKjcCUcNr
ELZjsvpAUv
Xmqj4SJuPd
P9xjTxrnux
yBxjQ3fWrZ
ImdjBlUfIT
KqrjCWUWY8
AumjAQptHc
p4bjLIOvku
myXjyk3bMH
HsCjw0wLjV
L9UjuqDyRL
R1yjZK0CUb
j8EjbOABBl
RuntimeHelpers
InitializeArray
RuntimeFieldHandle
SortedList
System.Collections
Hashtable
RSACryptoServiceProvider
System.Security.Cryptography
set_UseMachineKeyStore
UEFYrkljFeybF
FaHj71VEv4
UInt64
L86jG7DHq1
UInt16
BW7jtsRvrh
ditj1ZHeJh
EcpjX6lMDa
q5tjpE9ETB
l4fj9wginG
rWSjvpJu5C
SymmetricAlgorithm
AesCryptoServiceProvider
System.Core
RijndaelManaged
Activator
CreateInstance
ObjectHandle
System.Runtime.Remoting
Unwrap
nXWj0EAjBK
CryptoConfig
get_AllowOnlyFipsAlgorithms
OFBjIDyF62
MD5CryptoServiceProvider
HashAlgorithm
ComputeHash
dBjjeW19uv
BinaryReader
ICryptoTransform
MemoryStream
CryptoStream
GetManifestResourceStream
get_BaseStream
set_Position
get_Length
ReadBytes
GetName
AssemblyName
GetPublicKeyToken
set_Mode
CipherMode
CreateDecryptor
CryptoStreamMode
FlushFinalBlock
ToArray
ToInt32
JBdjYR0Qph
rQCjMfEyre
QBNjKw3kPM
FromBase64String
Encoding
System.Text
get_Unicode
GetString
zd7j21dHtU
X4Njkfrv5c
C8Fjo8OWV2
GetMethod
Xt7jWsXn6j
get_CodeBase
Replace
GetType
GetProperty
PropertyInfo
GetValue
L74jVLPRqU
FileAccess
FileShare
RALjHgR8VR
set_Key
set_IV
OFVjFaDYlw
gZ7j3Qh0iT
oEMjdy7diD
xCqjxZp417
I4RjnMe3UI
uyvjJiRLRX
SqqjU8UWqO
bCejitoDpa
iydjmKFKyw
AmDjSfLoRS
PHnIY8Jgd9DqOHgbiv
sQF0l5ZR98H90koGdg
biJoJkQkTgliJAtEWQ
mtmXsWq1C8IBwJfmij
wZH7dAs1yiE5EWFZKp
hiPGR5F1XLmMMqUNEL
SWIHoVWeAsbf2c3Ah6
Reverse
IKkedpwfbWtbAVsnXr
y3YhmUE5s21mgT7NDx
GH8TGOkTdYeq5yEo6j
eYc6P3pvkTXhDZil4S
VMacIFxGsxBr7MqKM4
h1WLiuAVlIX40U3Wq0
OHG1orlF5jVocWfG98
TSBvkpM413adDvCALd
RTC3ii8F1ZUFgmymKU
Q7cIxqR4b6lbPv0ocv
dJuKi3XZY33v6iVH1Z
K8JcDBdANI6G4NZaE6
w66dTYu485dcrXMZOk
UMwI64bFlMUhNX5QgV
Fgq7ihitT2e50qOVyUT
eURVGyi6KNh9rxju6Ca
EPWv5EijHw9BPrRdeYW
RhyECLiuCSLSou79eQM
SLwZjhHAWy0J3G3aB1
iUDjzfmB9g
JPMildi4V6gIWgdsbed
ibPU6iiJ3UEsGFY6CLt
eJEunHiBWdXe7fwvJOM
l5VsstiaK4AbAReE6GK
Kaw0AriUX47C8bPW7ph
o7W4sjiNBOC46PcyMeF
ghRaroiwmEaKgw7UWPA
R0XG3Side7Y91HXf3sh
CreateEncryptor
Pbo3vfiCF51NEcHxx4F
esLV3GieLJCmWwPP5xO
lBSMj8iApSwai8A0Xe1
nJxUXxim1cDmn1hHSow
ToBase64String
AMtGJBi5tnkHIOtE34b
yXflm1i995YRWWyuDFg
classthis
nativeEntry
nativeSizeOfCode
PB57rQcBZ3
k9k7jx14R8
value__
X4d77YWufr
GmmYrklzqQ7Kx
lWSa6miXsLgn9uvnnKH
ito7GoNrnK
ModuleHandle
Q8IYrkjWcliMb
GetRuntimeTypeHandleFromMetadataToken
CAqYrkjPx6Rdv
GetRuntimeFieldHandleFromMetadataToken
Ys0DuKiHgVcYFY119cl
f2RcdxiRhbfrjCYKr8s
pupI1EisbjAuxCwgitg
TkDaXAigTGVX8y3NbEU
DUx5wIiSiUrZAVHlBOF
GetModules
WP56xbiFSnqG90eXL7o
get_ModuleHandle
x84793b4PM
NTP7vEQmPk
kb070rNTC5
XS37Ie90TE
jCa71Pnl7r
J427XNax7a
List`1
System.Collections.Generic
GetManifestResourceNames
AddRange
IEnumerable`1
sYX7p5K8w1
ResolveEventArgs
AppDomain
get_CurrentDomain
ResolveEventHandler
add_ResourceResolve
kLjw4iIsCLsZtxc4lksN0j
mZQXpbJLQAuv7j0AhM
cNMTGg3bNKOygsQ7qZ
vwm3exRLuvmG2GnOmm
EAM74btsQ24PGsELcZ
r2bexJrV9t75q11xrS
irK5g48efDLNw3UHwH
CS6mK1lFsDGGAjRnAE
qvL75dpwdeHb2pZS2L
YIvsRqEPFYassLUaan
U7l5KLvOFNVGZfCy4H
V90xG2bPFq1xES1XOv
EfL7e3kJCL
IsLittleEndian
gWK7RRUBce
fHw7YrmGUh
SlP7Mj4fMO
p8d7KKTg49
jxd72OJthn
yXX7kTFLhG
kni7oZRmEl
VdG7WO6iQR
Hao7VV90iF
MOy7Hvyi1E
MRZ7FyJJAC
PhD73e7y5U
aYL7dSOyYl
qI87xPuU8h
T3X7nXv7Am
HTa7JW8OxV
GW37UWLsV1
wjk7iCrPme
JOA7mHH2uu
LpG7SP5gB8
KTPAGloPFaR5DcpLiiE
get_ASCII
tQMYrwo2UsdVxSf8uvG
W7YJWmoQUUgmV8ZlbXS
CbOZH6ol3L69jwq4rcO
dqvCrMoTv1LB21e9rQp
ydBlswo8gAbBX9gNEta
xhtWInoWFq3WxdgIu3x
fVM12SoVTqZQsryUwZt
ywROFXo3U1qBWUouqtB
c97Mx7ohNoTgaKp3J0l
KxRnopo73lYxiGoxGBo
ahuCCro1W8fL1wsfuvb
qXnDCtoEsxBn8XVs4j4
MNeGL4onm5bfg2FVdBh
ToUInt32
HQGsRpovIxlQANqvB5D
n7cvWrocGkXjGeroQgf
QufUNaoDmgaMQfyZBGm
p0BnPEoqqMQwC2T1bY0
l71akSotvSBSVca1s1r
c7i5hYo64JfeGKWevRh
EDEOiOojg2eQKtGUanw
AKe9BEoun5JNFKhVrb8
SpXhg9oGcSfwECIdRgR
CgnEcDoxBEamVqZlfVF
$$method0x6000007-1
$$method0x6000020-1
$$method0x6000020-2
$$method0x600002a-1
$$method0x600002a-2
$$method0x6000039-1
$$method0x600005f-1
$$method0x600027b-1
rJoO4e62stASa9af2N.pUbgBCGIsBPIpeTuwO
tTwLQEVnda9yo1KWhU.sYVq94CB5ufGelwdnj
CompilerGeneratedAttribute
UnmanagedFunctionPointerAttribute
CallingConvention
FlagsAttribute
WrapNonExceptionThrows
Copyright
2020
$e4ed15eb-6f21-43d2-8edb-989fc3c64795
1.0.0.0
.NETFramework,Version=v4.0
FrameworkDisplayName
.NET Framework 4
H5qshco2LvIHYMMdvD.tNl6sLk9f63dp0yR35+JtKv7cWafDkhshl2yi+iul9QDVKrYB50menn1`1[[System.Object, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]][]
o39UE|
2|=I9A
1wn[tc
7L9 V
.hghBN
yL$jCe
UMa<[L,
Iej`V-^
eX$yfJ
wt[dIE
]\" 9-
F$g8j(
a[H7!L)@
?I~7%a
Mnr.pdb
_CorExeMain
mscoree.dll
Rfhn M
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
)N71NDANSQNSYNSaNSiNSqNSyNS
.[X.SX.K^.c{.{
.#J.;X.3X.+X
!"#$%&
System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
System.Security.Cryptography.AesCryptoServiceProvider
{11111-22222-20001-00000}
{11111-22222-10009-11112}
tTwLQEVnda9yo1KWhU.sYVq94CB5ufGelwdnj
{11111-22222-50001-00000}
GetDelegateForFunctionPointer
file:///
Location
{11111-22222-20001-00001}
{11111-22222-20001-00002}
{11111-22222-30001-00001}
{11111-22222-30001-00002}
{11111-22222-40001-00001}
{11111-22222-40001-00002}
http://141.105.65.84/Data/GetUpdateInfo
http://141.105.65.84/Data/GetInfo
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
FileVersion
1.0.0.0
InternalName
Mnr.exe
LegalCopyright
Copyright
2020
LegalTrademarks
OriginalFilename
Mnr.exe
ProductName
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0
Antivirus Signature
Bkav Clean
Elastic malicious (high confidence)
MicroWorld-eScan Gen:Variant.MSILHeracles.11102
FireEye Generic.mg.3b053dc6b2a1fd69
CAT-QuickHeal Trojan.YakbeexMSIL.ZZ4
ALYac Gen:Variant.MSILHeracles.11102
Cylance Unsafe
VIPRE Trojan.Win32.Generic!BT
AegisLab Trojan.MSIL.Inject.4!c
Sangfor Trojan.Win32.Save.a
CrowdStrike win/malicious_confidence_90% (W)
BitDefender Gen:Variant.MSILHeracles.11102
K7GW Trojan ( 0057983f1 )
K7AntiVirus Trojan ( 0057983f1 )
BitDefenderTheta Gen:NN.ZemsilF.34692.fq0@aWwISCh
Cyren W32/MSIL_Troj.C.gen!Eldorado
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of MSIL/CoinMiner.BIE
Baidu Clean
APEX Malicious
Avast Win32:TrojanX-gen [Trj]
ClamAV Clean
Kaspersky HEUR:Trojan.Win32.Generic
Alibaba Trojan:MSIL/CoinMiner.4177b48b
NANO-Antivirus Trojan.Win32.Inject.iuipcj
ViRobot Trojan.Win32.Z.Wacatac.94720.A
Rising Dropper.Generic!8.35E (TFE:dGZlOg2/n9QYSXkmJw)
Ad-Aware Gen:Variant.MSILHeracles.11102
Sophos Mal/Generic-S
Comodo Clean
F-Secure Clean
DrWeb Trojan.InjectNET.14
Zillya Trojan.CoinMiner.Win32.33203
TrendMicro TROJ_GEN.R002C0PDJ21
McAfee-GW-Edition GenericRXNR-LS!3B053DC6B2A1
CMC Clean
Emsisoft Gen:Variant.MSILHeracles.11102 (B)
SentinelOne Static AI - Malicious PE
GData Gen:Variant.MSILHeracles.11102
Jiangmin Clean
MaxSecure Trojan.Malware.7164915.susgen
Avira TR/Dropper.Gen
MAX malware (ai score=80)
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Trojan.Win32.CoinMiner.vb
Arcabit Trojan.MSILHeracles.D2B5E
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft Backdoor:Win32/Bladabindi!ml
Cynet Malicious (score: 100)
AhnLab-V3 Malware/Gen.RL_Reputation.R365288
Acronis Clean
McAfee GenericRXNR-LS!3B053DC6B2A1
TACHYON Clean
VBA32 TScope.Trojan.MSIL
Malwarebytes Trojan.Downloader
Panda Trj/GdSda.A
Zoner Clean
TrendMicro-HouseCall TROJ_GEN.R002C0PDJ21
Tencent Win32.Trojan.Generic.Ljaj
Yandex Trojan.Inject!afdt7cR8wlM
Ikarus Trojan.MSIL.CoinMiner
eGambit Unsafe.AI_Score_99%
Fortinet Riskware/Miner
Webroot W32.Malware.Gen
AVG Win32:TrojanX-gen [Trj]
Cybereason malicious.6b2a1f
Paloalto generic.ml
Qihoo-360 Clean
No IRMA results available.