popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2056-08-03 19:29:01

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x0000d5d4 0x0000d600 6.84944233112
.rsrc 0x00010000 0x00008cac 0x00008e00 4.54399559176
.reloc 0x0001a000 0x0000000c 0x00000200 0.0815394123432

Resources

Name Offset Size Language Sub-language File type
RT_ICON 0x00017830 0x00000eb0 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_ICON 0x00017830 0x00000eb0 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_ICON 0x00017830 0x00000eb0 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_ICON 0x00017830 0x00000eb0 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_ICON 0x00017830 0x00000eb0 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_ICON 0x00017830 0x00000eb0 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_ICON 0x00017830 0x00000eb0 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_ICON 0x00017830 0x00000eb0 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_ICON 0x00017830 0x00000eb0 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_GROUP_ICON 0x000186e0 0x00000084 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_VERSION 0x00018764 0x0000035c LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_MANIFEST 0x00018ac0 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
v4.0.30319
#Strings
get_E8MPE1ebc2d17cZef2c1ece26Aaf20
set_E8MPE1ebc2d17cZef2c1ece26Aaf20
IEnumerable`1
CallSite`1
ReadOnlyCollection`1
NonGenericProperytWriter`1
IEnumerator`1
IList`1
ToInt32
Func`3
Func`4
Action`4
get_M869c6Rfq26e55l1P12cJ2e7a1g1Ssc6
get_41vZba76pe4a2ifB90b447
System.IO
get_UserData
mscorlib
System.Collections.Generic
Thread
System.Collections.Specialized
Synchronized
Append
GetService
set_AutoScaleMode
Invoke
IDisposable
get_IsEditable
RuntimeTypeHandle
GetTypeFromHandle
CalendarWeekRule
GetToolboxDisplayName
SecurityProtocolType
GetType
UserDataKey_ActivityType
System.Core
Capture
SidNameUse
ApplicationSettingsBase
Dispose
X509Certificate
Create
EditorBrowsableState
get_Site
CallSite
CompilerGeneratedAttribute
GeneratedCodeAttribute
DebuggerNonUserCodeAttribute
EditorBrowsableAttribute
WriteByte
get_Value
set_Expect100Continue
Remove
set_ClientSize
System.Diagnostics.Tracing
System.Threading
DownloadString
ToString
GetString
disposing
System.Drawing
GetTempPath
get_Length
RemoteCertificateValidationCallback
set_ServerCertificateValidationCallback
System.Security.Principal
System.Collections.ObjectModel
System.ComponentModel
System.Workflow.ComponentModel
set_SecurityProtocol
ContainerControl
MemoryStream
get_Item
set_Item
ActivityToolboxItem
System
IsAssignableFrom
TimeSpan
System.Workflow.ComponentModel.Design
X509Chain
AppDomain
GetDomain
System.Configuration
System.Globalization
System.Reflection
NameValueCollection
MatchCollection
GroupCollection
WebHeaderCollection
ActivityCollection
MissingManifestResourceException
DivideByZeroException
ArgumentException
StringComparison
FoundDatePattern
IsUdtReturn
CultureInfo
_MemberInfo
CSharpArgumentInfo
Microsoft.CSharp
InvokeMember
GetMember
WorkflowDesignerLoader
IServiceProvider
RSACryptoServiceProvider
StringBuilder
Microsoft.CSharp.RuntimeBinder
CallSiteBinder
System.Resources.ResourceManager
ServicePointManager
System.CodeDom.Compiler
UserDataKey_Designer
StructuredCompositeActivityDesigner
IContainer
DateTimeFormatInfoScanner
IEnumerator
GetEnumerator
.cctor
System.Diagnostics
System.Runtime.InteropServices
System.Runtime.CompilerServices
System.Resources
.Properties.Resources.resources
Matches
get_Activities
System.Security.Cryptography.X509Certificates
CSharpArgumentInfoFlags
CSharpBinderFlags
Equals
System.Runtime.Remoting.Channels
System.Windows.Forms
System.Text.RegularExpressions
System.Collections
get_Groups
get_Headers
TransportHeaders
SslPolicyErrors
Exists
get_Views
Concat
Format
DependencyObject
System.Net
Target
WebClient
get_Current
get_Count
Convert
MoveNext
System.Text
set_Text
ReadAllText
WriteAllText
DesignerView
SecondaryView
ToArray
System.Security.Cryptography
get_Assembly
AsReadOnly
IDictionary
op_Equality
System.Net.Security
get_Activity
ICompensatableActivity
CompositeActivity
CancellationHandlerActivity
CompensationHandlerActivity
FaultHandlersActivity
5E565N5
5L5/5F5C5
* * *L*K*
*J*]*^*
*]*H*J*I*N* *J*R*;*a*M*R*
G3G5G4G
a9v/v)vpv0v0vEv\v\v[vYv]v@v,vLvlv)v)vdv/v1v0vIv0v=v@vrvYv,v0vmvCvYv0vZv]v]v(v/v)v-v,v^v]v0vgv[v(v
-akZkqk
k\kbk[k~k
k_k[knk
I]JXJnJZJ
JyJVJ\J
JVJUJrJ
JXJ\JVJ[JTJ
J[JVJlJ}JXJ
3System.Resources.Tools.StronglyTypedResourceBuilder
4.0.0.0
KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator
11.0.0.0
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>PAPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADD
User-Agent
{0}{1}{2}{3}{4}{5}{6}{7}{8}{9}{10}{11}{12}{13}{14}{15}{16}{17}{18}{19}{20}{21}{22}{23}{24}{25}{26}{27}{28}{29}{30}{31}{32}{33}{34}{35}{36}{37}{38}{39}{40}{41}{42}{43}{44}{45}{46}{47}{48}{49}{50}{51}{52}{53}{54}{55}{56}{57}{58}{59}{60}{61}{62}{63}{64}{65}{66}{67}{68}{69}{70}{71}{72}
Referer
google.com
45edf9c5cf364c329bd412f991d2e6a7
{0}{1}{2}{3}{4}{5}{6}{7}{8}{9}{10}{11}{12}{13}{14}{15}{16}{17}{18}{19}{20}{21}{22}{23}{24}{25}{26}{27}{28}{29}{30}{31}{32}{33}{34}{35}{36}{37}{38}{39}{40}{41}{42}
{0}{1}{2}{3}{4}{5}{6}{7}{8}{9}{10}{11}{12}{13}{14}{15}{16}{17}{18}{19}{20}{21}{22}{23}{24}{25}{26}{27}{28}{29}{30}{31}{32}{33}{34}{35}{36}{37}{38}{39}{40}{41}{42}{43}{44}{45}{46}{47}{48}{49}{50}{51}{52}{53}{54}{55}{56}{57}{58}{59}{60}{61}{62}{63}{64}{65}{66}{67}{68}{69}{70}{71}{72}{73}{74}{75}{76}{77}{78}{79}{80}{81}{82}{83}{84}{85}{86}{87}{88}{89}{90}{91}{92}{93}{94}{95}{96}{97}{98}{99}{100}{101}{102}{103}{104}{105}{106}{107}{108}{109}{110}{111}{112}{113}{114}{115}{116}{117}{118}{119}{120}{121}{122}{123}{124}{125}{126}{127}{128}{129}{130}{131}
EntryPoint
Invoke
WindowsFormsApp1.Properties.Resources
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
WindowsFormsApp1
FileVersion
1.0.0.0
InternalName
WindowsFormsApp1.exe
LegalCopyright
Copyright
2021
LegalTrademarks
OriginalFilename
WindowsFormsApp1.exe
ProductName
WindowsFormsApp1
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0
Antivirus Signature
Bkav Clean
Lionic Clean
Elastic malicious (high confidence)
DrWeb Clean
MicroWorld-eScan Gen:Variant.MSILHeracles.20992
CMC Clean
CAT-QuickHeal Clean
McAfee Artemis!3B352F748C8F
Cylance Unsafe
VIPRE Clean
Sangfor Trojan.Win32.Save.a
K7AntiVirus Clean
BitDefender Gen:Variant.MSILHeracles.20992
K7GW Clean
Cybereason malicious.8d3073
BitDefenderTheta Gen:NN.ZemsilF.34790.fm0@aO8U0jm
Cyren W32/MSIL_Kryptik.CXK.gen!Eldorado
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of MSIL/TrojanDownloader.Agent.IHH
Zoner Clean
TrendMicro-HouseCall TROJ_GEN.R06CH09GC21
Paloalto Clean
ClamAV Clean
Kaspersky UDS:DangerousObject.Multi.Generic
Alibaba Clean
NANO-Antivirus Clean
ViRobot Clean
Tencent Clean
Ad-Aware Gen:Variant.MSILHeracles.20992
Sophos Clean
Comodo Clean
F-Secure Clean
Baidu Clean
Zillya Clean
TrendMicro Clean
McAfee-GW-Edition Artemis!Trojan
SentinelOne Static AI - Malicious PE
FireEye Generic.mg.3b352f748c8f3829
Emsisoft Gen:Variant.MSILHeracles.20992 (B)
Ikarus Clean
GData Gen:Variant.MSILHeracles.20992
Jiangmin Clean
Webroot Clean
Avira Clean
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Clean
Arcabit Clean
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft Trojan:Win32/Wacatac.B!ml
Cynet Clean
AhnLab-V3 Malware/Win32.RL_Generic.R357748
Acronis Clean
VBA32 Clean
ALYac Gen:Variant.MSILHeracles.20992
MAX malware (ai score=80)
Malwarebytes Clean
Panda Clean
APEX Malicious
Rising Clean
Yandex Clean
TACHYON Clean
MaxSecure Trojan.Malware.300983.susgen
Fortinet Clean
AVG Win32:Trojan-gen
Avast Win32:Trojan-gen
CrowdStrike win/malicious_confidence_90% (W)
Qihoo-360 Clean
No IRMA results available.