Static | ZeroBOX

Name	Virtual Address	Virtual Size	Size of Raw Data	Entropy
.text	0x00001000	0x00001280	0x00001400	4.76177387548
.rdata	0x00003000	0x000003ae	0x00000400	4.4688660684

Name

Virtual Address

Virtual Size

Size of Raw Data

Entropy

.text

0x00001000

0x00001280

0x00001400

4.76177387548

.rdata

0x00003000

0x000003ae

0x00000400

4.4688660684

!This program cannot be run in DOS mode.

WuIl9&Il9&Il9&@

&Bl9&Il8&Ul9&@

&Hl9&@

&Hl9&RichIl9&

`.rdata

GetWorldTransform

GetTextMetricsW

SelectObject

AddFontResourceExA

CreateCompatibleDC

GdiArtificialDecrementDriver

SetBoundsRect

GDI32.dll

PathIsSystemFolderA

StrCmpW

PathCombineW

UrlEscapeW

PathFindExtensionW

StrNCatW

SHRegOpenUSKeyW

UrlUnescapeA

SHLWAPI.dll

DevQueryPrint

ConnectToPrinterDlg

ConfigurePortA

GetPrinterDataExW

DeviceCapabilitiesA

DeletePrinterDriverA

WINSPOOL.DRV

MCIWndCreate

DrawDibBegin

AVIMakeStreamFromClipboard

ICClose

AVIStreamOpenFromFileA

MSVFW32.dll

AVIFIL32.dll

hm6$iW

W3\UFb]

'|w|S"

zp|l$i

\/k@6p$

B[N"r",

2$[;s

v)D=j&

+dyjSv

+!TR`M

dX{?0%u

2`Rh24

"k)CIlw#]@

4@,rmH

Ll\h<}

;/+-PK

~DAuH9

'Vv2N=

D#Ch >

aXk`88

yD]CTytM7

FJy;I"

difF^g

5= W

*+x<K

2jG9C_

!AJOp

nw#S3

\FP~'FII

?AVY!XO

eJk7#D}

)m>ilG

`P|,i

eJk7#h

Op=2^d

m40\&QL

;GM5=-&?O

Loo'I

cccQBA

>8H Ax}3

VvVA|,IR_

l}3cBb

7~T9wM

&@d}~,flO

i~'FII

1MRy_u

J:Mr><

O/w}|@

N=\T!

Z.Mb4X

q!,:KX

W,33"gM

&2&O`

\s2_u$

~~Fc/w

HBau/5KJ

Mbt}q[9'M

oPC9Op

b_tx6n{w

r|Y\;W

My,jj

BWt)k`@

O},1m6

x@2{!?

y,Fgi|)

lG#[-)

h!80T"{

s|,w#eX

C~nfZ5

Yqbf/u

W1?y}t

rPv&)%)

](yLao

ocP}%,

LS9,P

V0mj>F

DbbiU1

uj^`w7

(b@CG*y:"

lD=j?2O

Ui9WpB

w`plwj

x27w`}C

AOp=2E

jUZ~zF

79-&?O

=/Woh}j

5VvU2L

D@9H%Y

n~'FII

79-&?O

j.&KxD

yG ?q^

j.O-l+

N9]r;g

>+Vxl#j

xHdF'B

4a_Y"{

T`pA5)j

)QF+ 6

1bJ~Ir

qZx=yHk

{u=Nq[

H>Xhqq.

9FVz6>

]sEyEo

gSc-_E

fvXzaV

|V]iUJ

wpP2bW

_>|H>U

htv-kHC

rbF>i@

%{:[b~

>&?N~v

R_Pm=B

T+$c|EG?

kr1`plB

(YGad#

oz2l`>I

/XS7K.

f9Umvy}

~A2QOp

a.@q?~

wWD+wv

Z@d}Zjds

&@d}Zj63

zn`zl\

1j.>K

o'N-$I

rv&YC)

%>Q\Tq+

5gp$SZ

yTb/V<

ke@=ga;

F]sPgUw

j.&Kz.Hdj

?!WP+j

jSvNUBF

VK5=8\

R<Wv?~o

u<<swI

c|~hQ1h

b%um<-w

B[rjuxO

w-tD?_

uv<-wX

uN<sw7

u,<7w;

,|yhn1N

uU<-wS

uv<;w7

uU<Yw

@5b@um<-w

5^y j(

-@hbyu

?AN24[?

z@{byu

;5Ry\j

,|yhn1

@Ubyu8<-w

57y#j:

uw<9w-

R?9N]4

|@h1}

30t}7J

p+Aql?

4O6N=H

\5~K$vN

Antivirus	Signature
Bkav	W32.AIDetect.malware1
Lionic	Clean
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Zusy.394472
FireEye	Generic.mg.422e50c25edd1842
CAT-QuickHeal	Clean
ALYac	Gen:Variant.Ulise.260719
Cylance	Unsafe
Zillya	Clean
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (D)
BitDefender	Gen:Variant.Zusy.394472
K7GW	Clean
K7AntiVirus	Clean
Baidu	Clean
Cyren	W32/Agent.DDT.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	Clean
APEX	Malicious
Paloalto	Clean
ClamAV	Clean
Kaspersky	VHO:Trojan-Spy.Win32.Zbot.gen
Alibaba	Clean
NANO-Antivirus	Clean
ViRobot	Clean
Rising	Trojan.Generic@ML.84 (RDML:PNLQcA7FiKlrFB1i4pXUrQ)
Ad-Aware	Gen:Variant.Zusy.394472
TACHYON	Clean
Sophos	Generic ML PUA (PUA)
Comodo	Clean
F-Secure	Clean
DrWeb	Clean
VIPRE	Clean
TrendMicro	Clean
McAfee-GW-Edition	Clean
CMC	Clean
Emsisoft	Gen:Variant.Zusy.394472 (B)
SentinelOne	Static AI - Suspicious PE
GData	Gen:Variant.Zusy.394472
Jiangmin	Clean
Webroot	Clean
Avira	TR/Crypt.ZPACK.Gen
eGambit	Clean
Antiy-AVL	Clean
Kingsoft	Clean
Gridinsoft	Clean
Arcabit	Trojan.Ulise.D3FA6F
SUPERAntiSpyware	Clean
ZoneAlarm	Clean
Microsoft	Trojan:Win32/VirRansom.DM!MTB
Cynet	Malicious (score: 100)
AhnLab-V3	Clean
Acronis	Clean
McAfee	Clean
MAX	malware (ai score=80)
VBA32	BScope.Trojan-Dropper.Injector
Malwarebytes	Clean
Panda	Clean
Zoner	Clean
TrendMicro-HouseCall	Clean
Tencent	Clean
Yandex	Clean
Ikarus	Clean
MaxSecure	Clean
Fortinet	W32/Generic.AC.359BF1!tr
BitDefenderTheta	Gen:NN.ZexaF.34050.hiZ@aGytgdk
Avast	Clean
Qihoo-360	HEUR/QVM20.1.BEAF.Malware.Gen

Antivirus

Signature

Bkav

W32.AIDetect.malware1

Lionic

Clean

Elastic

malicious (high confidence)

MicroWorld-eScan

Gen:Variant.Zusy.394472

FireEye

Generic.mg.422e50c25edd1842

CAT-QuickHeal

Clean

ALYac

Gen:Variant.Ulise.260719

Cylance

Unsafe

Zillya

Clean

Sangfor

Trojan.Win32.Save.a

CrowdStrike

win/malicious_confidence_100% (D)

BitDefender

Gen:Variant.Zusy.394472

K7GW

Clean

K7AntiVirus

Clean

Baidu

Clean

Cyren

W32/Agent.DDT.gen!Eldorado

Symantec

ML.Attribute.HighConfidence

ESET-NOD32

Clean

APEX

Malicious

Paloalto

Clean

ClamAV

Clean

Kaspersky

VHO:Trojan-Spy.Win32.Zbot.gen

Alibaba

Clean

NANO-Antivirus

Clean

ViRobot

Clean

Rising

Trojan.Generic@ML.84 (RDML:PNLQcA7FiKlrFB1i4pXUrQ)

Ad-Aware

Gen:Variant.Zusy.394472

TACHYON

Clean

Sophos

Generic ML PUA (PUA)

Comodo

Clean

F-Secure

Clean

DrWeb

Clean

VIPRE

Clean

TrendMicro

Clean

McAfee-GW-Edition

Clean

CMC

Clean

Emsisoft

Gen:Variant.Zusy.394472 (B)

SentinelOne

Static AI - Suspicious PE

GData

Gen:Variant.Zusy.394472

Jiangmin

Clean

Webroot

Clean

Avira

TR/Crypt.ZPACK.Gen

eGambit

Clean

Antiy-AVL

Clean

Kingsoft

Clean

Gridinsoft

Clean

Arcabit

Trojan.Ulise.D3FA6F

SUPERAntiSpyware

Clean

ZoneAlarm

Clean

Microsoft

Trojan:Win32/VirRansom.DM!MTB

Cynet

Malicious (score: 100)

AhnLab-V3

Clean

Acronis

Clean

McAfee

Clean

MAX

malware (ai score=80)

VBA32

BScope.Trojan-Dropper.Injector

Malwarebytes

Clean

Panda

Clean

Zoner

Clean

TrendMicro-HouseCall

Clean

Tencent

Clean

Yandex

Clean

Ikarus

Clean

MaxSecure

Clean

Fortinet

W32/Generic.AC.359BF1!tr

BitDefenderTheta

Gen:NN.ZexaF.34050.hiZ@aGytgdk

Avast

Clean

Qihoo-360

HEUR/QVM20.1.BEAF.Malware.Gen

Static Analysis

PE Compile Time

PE Imphash

Sections

Imports