popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2104-08-11 02:10:10

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x0002d4d4 0x0002d600 7.94511784688
.rsrc 0x00030000 0x0001ca74 0x0001cc00 5.79872555292
.reloc 0x0004e000 0x0000000c 0x00000200 0.101910425663

Resources

Name Offset Size Language Sub-language File type
RT_ICON 0x00048270 0x00004228 LANG_NEUTRAL SUBLANG_NEUTRAL dBase IV DBT of \200.DBF, blocks size 0, block length 16384, next free block index 40, next free block 0, next used block 0
RT_ICON 0x00048270 0x00004228 LANG_NEUTRAL SUBLANG_NEUTRAL dBase IV DBT of \200.DBF, blocks size 0, block length 16384, next free block index 40, next free block 0, next used block 0
RT_ICON 0x00048270 0x00004228 LANG_NEUTRAL SUBLANG_NEUTRAL dBase IV DBT of \200.DBF, blocks size 0, block length 16384, next free block index 40, next free block 0, next used block 0
RT_ICON 0x00048270 0x00004228 LANG_NEUTRAL SUBLANG_NEUTRAL dBase IV DBT of \200.DBF, blocks size 0, block length 16384, next free block index 40, next free block 0, next used block 0
RT_ICON 0x00048270 0x00004228 LANG_NEUTRAL SUBLANG_NEUTRAL dBase IV DBT of \200.DBF, blocks size 0, block length 16384, next free block index 40, next free block 0, next used block 0
RT_ICON 0x00048270 0x00004228 LANG_NEUTRAL SUBLANG_NEUTRAL dBase IV DBT of \200.DBF, blocks size 0, block length 16384, next free block index 40, next free block 0, next used block 0
RT_GROUP_ICON 0x0004c498 0x0000005a LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_VERSION 0x0004c4f4 0x00000394 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_MANIFEST 0x0004c888 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
3iWY `
gP xX:"a
MX uq7
2a j2%7a
Y Z$W`a
ef J[_
gzGR
D|a :;
MX uq7
BY n\^
:a )>~
v4.0.30319
#Strings
BTL_01880433
BTL_01880433.exe
<Module>
Jbsowre.Common
Object
System
mscorlib
TokenComp
Jbsowre.Composer
AuthenticationGetterSpec
BTL_01880433.Specifications
ValueType
AnnotationTokenizerStub
BTL_01880433.Stubs
PredicateAdvisorState
BTL_01880433.States
SetterVisitorQueue
Jbsowre.Queues
ComposerReponseProperty
BTL_01880433.Properties
MapperComp
DescriptorAttributeSchema
BTL_01880433.Schemes
StubListenerCollection
BTL_01880433.Collections
SchemaAdvisorState
Reponse
Jbsowre.Pools
PoolCandidateWrapper
MulticastDelegate
Advisor
ExceptionIdentifierPool
<PrivateImplementationDetails>
<Module>{f02eb5a2-451b-4073-8074-d6ecf9b5cf43}
InvokeStatus
ListStatus
SetStatus
SortStatus
QueryStatus
CallStatus
ForgotStatus
CalculateStatus
ComputeStatus
CancelStatus
m_Status
_Identifier
InsertResolver
PrepareStatus
ResolveStatus
indexOf_spec
RateStatus
GetStatus
value_max
SearchStatus
InvokeResolver
Boolean
CallResolver
m_Visitor
m_Server
TestResolver
AwakeStatus
PushStatus
remove_VAt
WriteStatus
ValidateStatus
config_end
CustomizeStatus
PublishResolver
StopResolver
_Rules
candidate
UpdateResolver
SelectStatus
ReflectStatus
instance
StopStatus
LoginStatus
PopStatus
PrepareResolver
ListResolver
DefineStatus
CollectStatus
CreateStatus
ManageStatus
NewStatus
InterruptStatus
RegisterStatus
ChangeStatus
CheckStatus
m_Container
InterruptResolver
DisableStatus
Interlocked
System.Threading
CompareExchange
DestroyStatus
Delegate
Remove
FillStatus
PrintResolver
Combine
CollectResolver
OrderResolver
DefineResolver
IntPtr
Invoke
BeginInvoke
IAsyncResult
AsyncCallback
callback
object
EndInvoke
result
DestroyResolver
ViewStatus
AppDomain
get_CurrentDomain
ResolveEventHandler
add_AssemblyResolve
Thread
ReadStatus
Assembly
System.Reflection
ResolveEventArgs
MemoryStream
System.IO
Stream
GetExecutingAssembly
GetManifestResourceStream
String
UpdateStatus
ClassLibrary
Crzxmbubwygfl
PatchResolver
ValidateResolver
CustomizeResolver
CopyTo
ManageResolver
ToArray
AssetResolver
EnableResolver
IDisposable
Dispose
ChangeResolver
LogoutResolver
MapStatus
CryptoStream
System.Security.Cryptography
RijndaelManaged
Rfc2898DeriveBytes
RuntimeHelpers
System.Runtime.CompilerServices
InitializeArray
RuntimeFieldHandle
SymmetricAlgorithm
set_KeySize
ICryptoTransform
CryptoStreamMode
get_BlockSize
DeriveBytes
GetBytes
set_IV
VisitResolver
set_BlockSize
IncludeResolver
Encoding
System.Text
get_UTF8
NewResolver
RegisterResolver
get_KeySize
StartResolver
set_Key
SearchResolver
CipherMode
set_Mode
ConnectResolver
CreateDecryptor
InitResolver
SetupResolver
AddResolver
CalculateResolver
66840DDA154E8A113C31DD0AD32F7F3A366A80E8136979D8F5A101D3D29D6F72
m_a9b2db617f304e42bdaf8644337a8d10
m_ddc2afe0418c490687a4b7c66c3c99ce
m_7432851c6401432cbde2c7d765f7f0df
m_db0493adbb2e4e4883c1407582404724
m_b8b5002cabb54b87ac17830cc282411f
m_52d363bb8e80469bb183915e0dee8460
m_7088196730074453a509aef9709ae2d1
m_50f384304f9b4c36a729438ddd38d0eb
m_e71058aa0ae9460a8730b3baed320ae1
m_cda2c8fce2824f5089c2b86eaf5cd406
m_fd3515e5354443d78822606cba89de4b
m_78a2966a69bf46048ca50ed13fed8330
m_3501c2d35fd5431faaf5055a136f1b13
m_175e9afce0a8456a882556a4d599a141
m_b091a5d13deb4621942e5f355ebe993b
m_e4c3bcbdd8b64fddb659fca9d5d91211
m_81375efd40da41a4a018af856c74717b
m_c84a73c35c664c9bae9c9f800c1d218e
m_e026dff21d99494f9b88cb8560c85d53
m_57f1f39839bf4dd1813d190c6596f681
m_0a95ff528e084142b2570401252a390e
m_dafe87e296034edbbb84160a907b300c
m_a2ef2929a6a54967b6a17dfa1f4e7cbb
m_e1dfeb92ddc64401aaf6791ea248e73d
m_168b22761c6144218f85c41aebcce8c7
m_7e8b2dc42de44dc5b9d03090e3879ea7
m_710fdb97282247af9997df50f10d1eb9
m_81cc23b0238e49e59836feaa1a508c7b
m_a43687dc585244dea08ec40a138e0b1f
m_5a4b6e51251a41e79cc026b70ed9c3a9
m_1a61566ece72452d884f48a8ee26087f
m_eb69bc15bf864e11831907a49e116756
m_3968dfbe50844e1fa8f506b2989ac513
m_acfc5e53b6904309a094f633f09aa29e
m_76ee4d9f48054a24a3e49cbdb0969094
m_29119ebd1a8b4bd49467c8514a23706e
m_306b92469ae7430a84aecab302459867
m_f3c3d38f99b14c8bade583cdf70b92c8
m_64d377423b5c4c5eb66c9099ce4d77c2
m_cbc754f0b2fc4e358a4e163116209405
m_30a4dc42befb49f6867eb0b275848b60
m_2928af48922146559bf8c870e683c07b
m_acec9b385ebf47f4855d9c842c3f660b
m_5ca3ca73be8a4d00b9214db300efbaa1
m_34f6427593f146bb9046075000d2b414
m_7504a04f4bad460ea730a5a19550af4b
m_752ef8315c5e43a7acdacf89f699e72c
m_ef8c5c26196443c9a3a5a93573838e03
m_b6a548272b184a9b858db48e7d176502
m_aa06f38e581b4b028fd33372e7d4c4f2
m_988ca85ab28c4e6fb59189d8f1e1ba6d
m_47405a01032e4ef9b6707b901bf6eb35
m_59b155ca595146bf80028a7cb18451f0
m_01289d06ff4c46d8ac777e6418e15335
m_1bf8d0ec05124b34b725c41d273ec01a
m_c2d520bef45e42edb4f19981062dcb44
m_f271e3ee21ce40b2940151dacee0d56f
m_89432c6aaea64596969fc3ffeea6cf64
m_247b381d5b654cfda6c3d65a769bc9af
m_b0d302de04844e6eaa7bfb29072a033b
m_ed22e5be5b674aebbf2c60f24be7af7d
m_671e23506403453abc3e03b046bff216
m_0b831b78e34a4b7ca1e8bce64abb98a9
m_eed5461bb7a640878104b9b4d6e66e1d
m_cccb1ba266e64d0eb70ad3d8cdb942cb
m_3c6fbb267a5c48678049e7a127b746e8
m_3db11cd88ffc4f969f5a00e4af9dab2a
m_304c81fd63e94247bff7ad6f187e131e
m_6bc54be8df9d493aa70706a236cf2202
m_660c1b9d863443ea96cc18715095c96b
m_f119abaadb5842bcb4794f501463421b
m_a1b1328a74544f84b69cba619d86e69b
m_e1091a8d17044c7bbf5546d1f7097d6a
m_4a14d82849bb4964aaad0908a0f429f7
m_d22ccae7d3c54c00865531ab5f67d201
m_185e8cc1d4e64bd0a766552ca76ed14d
m_f17268ce3f9a481e9ce7a93db435fee7
m_91f3d787b5cf46058df63be88a915ac8
m_82c6171e48664effbc632448f11e24d8
m_f6c70a77971f42038a210362021ef211
m_547766b66a3b4330924bf0d746e8b30a
m_63165b6c130a4745b3b5ff7451065caa
m_7c15b3f0f4c047a48b2b465872ab965d
m_49cbf01e444b4cd2a8584e8305f5380a
m_828b1097ec344419946b0a57d5079df5
m_ed8d27dc1f9f45e2a2d8ca25b1e73905
m_a58135adfaca4aeea0a698a0c99c2d63
m_1a9a09a814d24fc6927e115841c541e1
m_44036e316aa6424dac2d8a373b00ea1e
m_9379cfeec9fb4a6182a1c8869be61331
m_20e518b4825b41f9bad7685d48913759
m_cc955c6f7646411bac8bab8e8d236dec
m_ba57b4704ad341c985d0f752d7313d30
m_e8ad6148deca4ca08e75bd7a11877c67
m_6faafe2b433c405e8b3ebdd1bd9ca09c
m_b86be51b09dc4d40a2f768d59577d9e1
m_ee21b68ab0d5464ca554dcc0822a00ad
m_d0335ebefdaa49e1b9b1f523b789ccb8
m_706102367a8d4a4cb9b1e1c3df551192
m_f709204c9d2349b4a7e945d4935c1344
m_ab506d859cff410ebea2d32c30f8ecbd
m_a8f4d53767b645978aef15b06ef6d21b
m_a484f170090e41e88d9581ca39aa82df
m_90df3e28bb4a4bb4b9a996ed01dceeb4
m_75f919688747451c984eabe97b90f766
m_d6d3348dae5c4db0a8887bf811c68e6a
m_edae4d12f65649a3821541e2d739dc55
m_be365bf3d83f48d782ad3fd883fd290d
m_1e0bd209900745878d25e47e7b169324
m_1aef448ae32a4a9ebe45148821f4c05e
DisableResolver
.cctor
k0051b4e45f13436c85638d47fe4dc11e
RunResolver
DeleteResolver
PostResolver
CompilationRelaxationsAttribute
RuntimeCompatibilityAttribute
DebuggableAttribute
System.Diagnostics
DebuggingModes
AssemblyTitleAttribute
AssemblyDescriptionAttribute
AssemblyConfigurationAttribute
AssemblyCompanyAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyTrademarkAttribute
ComVisibleAttribute
System.Runtime.InteropServices
GuidAttribute
AssemblyFileVersionAttribute
TargetFrameworkAttribute
System.Runtime.Versioning
CompilerGeneratedAttribute
STAThreadAttribute
Euesvhqookch.Crzxmbubwygfl.dll
WrapNonExceptionThrows
Telegram Desktop
Telegram FZ-LLC
Copyright (C) 2014-2021
$f31f3973-6d1f-46fd-b2bc-b2523548f978
2.7.4.0
.NETFramework,Version=v4.0
FrameworkDisplayName
.NET Framework 4
gYl4v8
hp7,WI
'RQ')[
PY_j-5
!4UFEJ
=,#n/8
^|vRCB@]a
BLDh'O
dd_!\5
mTo!*7
U$^O)T
z`?iP+
:.`0xA
?1^R,G
fGQ(!]
'QP%B1
#oNcMv
W|<H^n
x#TJ;v
&+l;,#
nu5j2@
t)Y'9oy
8nvrc6
oj#y'q
<GA#91h
5c<{]T=s
n&k&X7
B`|m!)U
2] +D~
`EUkQ]
;l,mm_
h^n3J+
{`p8K7Q6
2,JaZ1
^p)Q:J
9]/{oD4.HH
6CZl02e1!
O^brB+
}eefw?
DDR@R.
)`/v24
Ump;>V
QEV`8R<
kp\pFaP!
E[0&K~
w4U$le
/EU] -
h5V[p1,xar$L
qP0M$
?O.Hbmx
aSJ$Ma
VUogBi
+xZpbS
OVP"ik'
"lPr_'\Y
2Z7M/c
/b b3gF
CG=AHo
~KhL!6
{/XD2^
C =|\?
K1iS_P
>1k.^?
6e[Haz
gP@W>{Co
Ud.SRS6
tx-Y5P
3>*b%O
`.jRy@
1hDkqz8
,bTJ7yS
2hFVt~~V
tmW>"{
AjH7,2
}Twqz[@
E:<4kta
2I'!`1
v"x>KW
d808wqH
~ng-%W
AJr'w@u^8
y"<M+}`
E]R02P
\x%HBN
L]6yjhQ`
xY%u@X
tw6Tr3
#[_J;<g
{Il>@
s%!WD}
!o]Y22/
DuSh[cd2D
4HA:$D
bW6M|
nWi,kl
oUot<U
:Dn!p}
1'YiYV5
]@G`(
|z"TD$#
U5D"}'
dn$YMK
yH}9rN
|eH494
@H#7Q+
N+),7=
L%`[3k{
3^J3gZ
!6U=Je
- R8Z4
t<q?lw
6:cqI3
@gZ\/$
x-4\"D
BXC2"+
ws!C]n=
WU\}Bx
"0<6k?p
Nt2zf]
`v>+T
&-)E?
^Fw[fg
+z)1Ab
#dNJ@!CA
Ox5/)wP
3=H36(
"GwYAF
EPuZdO
'KL(<'
hoOpu}
ffkX>g
WV/9"[
LuPlu9OB
pc4]?z
}a.N{A
fq5:W;
iOvy<I
h6}3se
N'84Q6]~
5wB3$s
OSRr#&
_$$8aI
UCt`!4
9De%*3
2VC;YC
m]^5]!>
QtVk7&
AE=Kr#)BD
qHrI5U
Kn"8cu
}-%w<Hq0T
tysnA:8\
aAx}Zp
!`VB;EZ
lxkOrel@XL
YQpo@N
hfJF^Qj%Z
p(0D1J
)AC-tr
z$UpbM
nHC[%A
IQc>iWw
kp{6*m
k-!~,Y
b!^G@*Zo
4R$9U
+i!h6xI
eWvN=/
m?,:YAJi
xI)K@5
1pa;?<
z%-hoJ
b.t(?k
KII)b3
wq# vy
-QF=Hg
8x0NQ]/W
6Uwnf`
s"cr{:r
TM&[>5
s{bcBu
jobDAN7~a
y)Mb^i
|c`0`h
LMMW"V\<
6ky<`Y}m
?jP[N|
.d">B'bd
&@/teG
.IB &IK
I+*qpR
MX1b?
bC&D;>
*G,M2^
RHT)DT
F%{it$
>S6z:}}
SA1/5c
PwzV?
o`K^O+meoF
Z(bM7)
l,pE%
fyd>yd
9xWWb
7Y~`Vq
%X{GO-o
|%As6'c
C~`|Y`
3L ,%\{
ESIXio
8H%F0a
#_Zabm
@J3o,SK
cG$K1y
SGa}b6(3S
MU |lz\
E0,c"
IIJ25r
nw7CP`
0/tYn'
9<x5,
M>[s">
z}v@}
t+m_^Y
m8x.=%
r fe3
WO3A Jg-
|"h&0z
+nJcD9
P6@(UR
vXIP4k
Har9UPGm
V9M8+m
07W?'+)
M'N%-pZ
h83U<Ez'z,
.w |.Q?X
.0 * b
I`>\6vH
O?K@U
\nRDyI
C`d8Z`
y]65yMw
=R)-}"3
4ER>cc
EJp|Idf
uXFiZX
.>~Nk+*
z44,\f I
B?hEc&
0JS6UN
w;)}46
JmDpHK
mY#gGY
3jJ|_c]
Q}`hIe
gI1z{B
-bZ'zd
1/'AS4GHtb
;sZ'S+
-3O>aC
&BD] N
qlfbd6
Z%(fjnb
Je>$/v
;%=T!@
~CC$)$4
4MeLr{
+-N(#X}
E*_-t
nGs5P^
*2UTz:
3)k[XP
A-tlOGfA
sGoNlen
'Jp(D|
j#Wci8
fOTos!
_CorExeMain
mscoree.dll
=4IDATx
#G)E4A
8E\QAi
'$]9J)b*
MrBZBB
<G&dV8
)PQiUX:
msG&@i
&DpnXR^
|&j*B!
=k=L2&6
|<Y-Et
lJ-~xQ#
@}^+{*
ys?_?9
UJ]$l:
;t?M0;
H?)g-8R
=g*n=wZ
t$Bl{C
'O*\P~`
="vH)p&
fxh}'b&
=F?H$$
Ah+iG^9BW
x,ok`W
al(%@"
[LT22f
22GXUS
n|xVy8
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
Greater Manchester1
Salford1
Comodo CA Limited1!0
AAA Certificate Services0
040101000000Z
281231235959Z0
Greater Manchester1
Salford1
COMODO CA Limited1+0)
"COMODO RSA Certification Authority0
HCgNr*
2http://crl.comodoca.com/AAACertificateServices.crl04
http://ocsp.comodoca.com0
Greater Manchester1
Salford1
COMODO CA Limited1705
.COMODO RSA Extended Validation Code Signing CA0
191007000000Z
221006235959Z0
943491
Private Organization1
Dubai1
Dubai1;09
2Business Central Towers, Tower A, Office 2301 23031
Telegram FZ-LLC1
Telegram FZ-LLC0
https://sectigo.com/CPS0U
Dhttp://crl.comodoca.com/COMODORSAExtendedValidationCodeSigningCA.crl0
Dhttp://crt.comodoca.com/COMODORSAExtendedValidationCodeSigningCA.crt0$
http://ocsp.comodoca.com0#
AE-943490
Greater Manchester1
Salford1
COMODO CA Limited1+0)
"COMODO RSA Certification Authority0
141203000000Z
291202235959Z0
Greater Manchester1
Salford1
COMODO CA Limited1705
.COMODO RSA Extended Validation Code Signing CA0
=U5W5H
https://secure.comodo.com/CPS0L
;http://crl.comodoca.com/COMODORSACertificationAuthority.crl0q
/http://crt.comodoca.com/COMODORSAAddTrustCA.crt0$
http://ocsp.comodoca.com0
Greater Manchester1
Salford1
COMODO CA Limited1705
.COMODO RSA Extended Validation Code Signing CA
20210428095006Z
Greater Manchester1
Salford1
Sectigo Limited1,0*
#Sectigo RSA Time Stamping Signer #2
Greater Manchester1
Salford1
Sectigo Limited1%0#
Sectigo RSA Time Stamping CA0
201023000000Z
320122235959Z0
Greater Manchester1
Salford1
Sectigo Limited1,0*
#Sectigo RSA Time Stamping Signer #20
https://sectigo.com/CPS0D
3http://crl.sectigo.com/SectigoRSATimeStampingCA.crl0t
3http://crt.sectigo.com/SectigoRSATimeStampingCA.crt0#
http://ocsp.sectigo.com0
New Jersey1
Jersey City1
The USERTRUST Network1.0,
%USERTrust RSA Certification Authority0
190502000000Z
380118235959Z0}1
Greater Manchester1
Salford1
Sectigo Limited1%0#
Sectigo RSA Time Stamping CA0
?http://crl.usertrust.com/USERTrustRSACertificationAuthority.crl0v
3http://crt.usertrust.com/USERTrustRSAAddTrustCA.crt0%
http://ocsp.usertrust.com0
rRj;B7|
[C]e=P
Greater Manchester1
Salford1
Sectigo Limited1%0#
Sectigo RSA Time Stamping CA
210428095006Z0?
New Jersey1
Jersey City1
The USERTRUST Network1.0,
%USERTrust RSA Certification Authority
Euesvhqookch.Crzxmbubwygfl.dll
Bqlktlunboz
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
Telegram Desktop
CompanyName
Telegram FZ-LLC
FileDescription
Telegram Desktop
FileVersion
2.7.4.0
InternalName
BTL_01880433.exe
LegalCopyright
Copyright (C) 2014-2021
LegalTrademarks
OriginalFilename
BTL_01880433.exe
ProductName
Telegram Desktop
ProductVersion
2.7.4.0
Assembly Version
2.7.4.0
Antivirus Signature
Bkav Clean
Elastic Clean
DrWeb Clean
MicroWorld-eScan Trojan.GenericKD.37056063
FireEye Generic.mg.bdccbcaabf832a0a
CAT-QuickHeal Clean
McAfee RDN/Generic.grp
Cylance Unsafe
Zillya Clean
AegisLab Trojan.Win32.Malicious.4!c
Sangfor Trojan.Win32.AgentTesla.ml
K7AntiVirus Clean
BitDefender Trojan.GenericKD.37056063
K7GW Trojan ( 0057db4f1 )
Cybereason malicious.8ef982
Arcabit Clean
BitDefenderTheta Clean
Cyren W32/MSIL_Agent.BCR.gen!Eldorado
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of MSIL/Kryptik.ABHY
APEX Malicious
Avast Win32:Malware-gen
ClamAV Clean
Kaspersky HEUR:Trojan-Downloader.MSIL.Seraph.gen
Alibaba Clean
NANO-Antivirus Clean
ViRobot Clean
Tencent Clean
Ad-Aware Trojan.GenericKD.37056063
Sophos Mal/Generic-S
Comodo Clean
F-Secure Clean
Baidu Clean
VIPRE Clean
TrendMicro Clean
McAfee-GW-Edition Artemis!Trojan
CMC Clean
Emsisoft Trojan.GenericKD.37056063 (B)
Ikarus Clean
Jiangmin Clean
eGambit PE.Heur.InvalidSig
Avira Clean
MAX malware (ai score=99)
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Clean
Microsoft Trojan:Win32/AgentTesla!ml
SUPERAntiSpyware Clean
ZoneAlarm Clean
GData Trojan.GenericKD.37056063
Cynet Malicious (score: 100)
AhnLab-V3 Clean
Acronis Clean
ALYac Clean
TACHYON Clean
VBA32 Clean
Malwarebytes MachineLearning/Anomalous.95%
Panda Clean
Zoner Clean
TrendMicro-HouseCall TROJ_GEN.R002H0DF721
Rising Clean
Yandex Clean
SentinelOne Static AI - Malicious PE
MaxSecure Trojan.Malware.300983.susgen
Fortinet MSIL/Kryptik.ABHY!tr
Webroot Clean
AVG Win32:Malware-gen
Paloalto generic.ml
CrowdStrike win/malicious_confidence_100% (W)
Qihoo-360 Clean
No IRMA results available.