Static | ZeroBOX

Name	Virtual Address	Virtual Size	Size of Raw Data	Entropy
.text	0x00001000	0x0000da14	0x0000dc00	6.78775755783
.rdata	0x0000f000	0x000003d0	0x00000400	4.45330581288
.data	0x00010000	0x000015ec	0x00001000	7.59149156952
.rsrc	0x00012000	0x00000da7	0x00000e00	7.90733617332
.reloc	0x00013000	0x000008fc	0x00000a00	6.42515500113

Name

Virtual Address

Virtual Size

Size of Raw Data

Entropy

.text

0x00001000

0x0000da14

0x0000dc00

6.78775755783

.rdata

0x0000f000

0x000003d0

0x00000400

4.45330581288

.data

0x00010000

0x000015ec

0x00001000

7.59149156952

.rsrc

0x00012000

0x00000da7

0x00000e00

7.90733617332

.reloc

0x00013000

0x000008fc

0x00000a00

6.42515500113

!This program cannot be run in DOS mode.

`.rdata

@.data

.reloc

_^ZY[]

X_^ZY[

=j&&LZ66lA??~

}{))R>

f""D~**T

V22dN::t

o%%Jr..\$

&&Lj66lZ??~A

99rKJJ

==zGdd

""Df**T~

;22dV::tN

$$Hl\\

C77nYmm

%%Jo..\r

>!KK

55j_WW

&Lj&6lZ6?~A?

~=zG=d

"Df"*T~*

2dV2:tN:

x%Jo%.\r.

t>!K

a5j_5W

ggV}++

Lj&&lZ66~A??

bS11*?

Xt,,4.

RRvM;;

MMfU33

PPxD<<%

Bc!! 0

~~zG==

Df""T~**;

dV22tN::

xxJo%%\r..8$

tt>!

pp|B>>q

aaj_55

UUPx((

cccc||||wwww{{{{

kkkkoooo

gggg++++

YYYYGGGG

&&&&6666????

nnnnZZZZ

RRRR;;;;

[[[[jjjj

9999JJJJLLLLXXXX

CCCCMMMM3333

PPPP<<<<

~~~~====dddd]]]]

ssss````

""""****

2222::::

$$$$\\\\

7777mmmm

llllVVVV

eeeezzzz

xxxx%%%%....

ttttKKKK

pppp>>>>

ffffHHHH

aaaa5555WWWW

UUUU((((

BBBBhhhhAAAA

='9-6d

_jbF~T

11#?*0

,4$8_@

t\lHBW

QPeA~S

>4$8,@

p\lHtW

+HpXhE

T[$:.6

00006666

CCCCDDDD

TTTT{{{{

####====

ffff((((

vvvv[[[[

IIIImmmm

%%%%rrrr

]]]]eeee

llllppppHHHHPPPP

FFFFWWWW

kkkk::::

AAAAOOOOgggg

tttt""""

nnnnGGGG

VVVV>>>>KKKK

yyyy

YYYY''''

____````QQQQ

;;;;MMMM

ccccUUUU!!!!

WVhP]@

WVhd]@

WVh,^@

SQRVWj

SQRVW3

_^ZY[]

SQRVW3

_^ZY[]

SQRVW3

.text$mn

.idata$5

.rdata

.rdata$zzzdbg

.idata$2

.idata$3

.idata$4

.idata$6

CreateFontW

CreateSolidBrush

GetDeviceCaps

GetTextCharset

SelectPalette

gdi32.dll

CreateDialogParamW

CreateMenu

DefWindowProcW

EndDialog

GetClassNameW

GetDlgItem

GetDlgItemTextW

IsDlgButtonChecked

LoadImageW

LoadMenuW

USER32.dll

FormatMessageW

FreeLibrary

GetAtomNameW

GetCommandLineA

GetCommandLineW

GetFileAttributesW

GetModuleHandleA

SetLastError

KERNEL32.dll

B=6VOJ

B%U,5{

pO)Sso}

T${NN5

3dhD<t

B<6@OK

B 6IOK

B 6]OJ

B;6AOK

Ntnc~I

H9Um!T

Ifi>B?

>eL. j0*

<e=l=s=z=

> ?'?.?5?

0$0B0I0P0W0

191@1G1N1

1&2V2]2d2k2

3C3J3Q3X3

394@4G4N4

4E5L5S5Z5

8(8:8@8J8P8b8h8r8;9M9S9]9c9u9{9

9':-:V:k:x:

?!?&?2?7?C?H?T?Y?e?j?v?{?

2:233c3z3

4*4I5s5

6$6-6Q6W6`6

7#7,7C7T7Z7d7j7

959L9h9w9

;6;U;v;

<-<H<w<

<&=E=V=

3!3*333N3u3~3

4I5V5f5p5

8&8@8^8i8~8

;><^<y<

-0<0K0s0

192Q2k2

3#404N4

585A5[5

6)6;6h6z6

9'919Z9c9u9

9 :):;:F:S:\:z:

;8;B;k;t;

;%<.<@<K<X<a<

=1>T>w>

1<2e2o2

415I5s5

6%6+6D6L6R6_6j6

7%7,757;7C7

:%:A:`:

;!;[;n;t;y;

4)4e4A5N5^5h5

858E8j8|8

9!9*9?9p9

9(:1:F:f:u:

1#1O1U1[1i1

1292P2b2k2t2

3@3S3r3

4:5i5o5y5

77%7;7A7h7n7

7!8'828;8A8

909?9W9m9

;b<k<|<

=+=G=M=`=g=m=

>.>;>[>p>

1%1+1;1L1

232<2S2^2k2t2

3=3F3]3h3u3~3

555O5X5"656?6,7?7`7v7

= >)>D>

?]?g?w?

1,1@1_1i1{1

2m2w2}2

3 3+363<3B3

4+4P4n4

525F5p5

6)727;7S7k7

:+:S:q:

;*;7;H;\;

7=7Q7d7

Antivirus	Signature
Bkav	W32.AIDetect.malware1
Lionic	Clean
Elastic	malicious (high confidence)
ClamAV	Clean
CMC	Clean
CAT-QuickHeal	Clean
Qihoo-360	Win32/Trojan.Generic.HxQB9jsA
McAfee	RDN/Ransom
Malwarebytes	MachineLearning/Anomalous.96%
Zillya	Clean
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Clean
Alibaba	Clean
K7GW	Riskware ( 0040eff71 )
Cybereason	malicious.fef81e
Baidu	Clean
Cyren	W32/Trojan.QSPK-5949
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Generik.HLXFKFN
APEX	Malicious
Paloalto	generic.ml
Cynet	Malicious (score: 100)
Kaspersky	Trojan-Ransom.Win32.Encoder.njw
BitDefender	Gen:Heur.Mint.Zard.25
NANO-Antivirus	Virus.Win32.Gen.ccmw
SUPERAntiSpyware	Clean
MicroWorld-eScan	Gen:Heur.Mint.Zard.25
Tencent	Clean
Ad-Aware	Gen:Heur.Mint.Zard.25
Sophos	Mal/Generic-S
Comodo	Clean
F-Secure	Trojan.TR/Crypt.EPACK.Gen2
DrWeb	Trojan.Encoder.34207
VIPRE	Clean
TrendMicro	Ransom_Encoder.R002C0WH121
McAfee-GW-Edition	BehavesLike.Win32.Dropper.kh
FireEye	Generic.mg.598c53bfef81e489
Emsisoft	Gen:Heur.Mint.Zard.25 (B)
SentinelOne	Static AI - Suspicious PE
GData	Gen:Heur.Mint.Zard.25
Jiangmin	Clean
Webroot	Clean
Avira	TR/Crypt.EPACK.Gen2
MAX	malware (ai score=89)
Antiy-AVL	Clean
Kingsoft	Win32.Troj.Undef.(kcloud)
Gridinsoft	Ransom.Win32.Ransom.sa
Arcabit	Trojan.Mint.Zard.25
ViRobot	Clean
ZoneAlarm	Trojan-Ransom.Win32.Encoder.njw
Microsoft	Ransom:Win32/Genasom
AhnLab-V3	Clean
Acronis	Clean
ALYac	Gen:Heur.Mint.Zard.25
TACHYON	Clean
VBA32	Clean
Cylance	Unsafe
Panda	Clean
Zoner	Clean
TrendMicro-HouseCall	Ransom_Encoder.R002C0WH121
Rising	Trojan.Generic@ML.98 (RDML:JZFVDQXqy3+v9yTioog97Q)
Yandex	Clean
Ikarus	Trojan.Crypt
eGambit	Unsafe.AI_Score_93%
Fortinet	W32/PossibleThreat
BitDefenderTheta	AI:Packer.531073961E
AVG	Win32:Malware-gen
Avast	Win32:Malware-gen
CrowdStrike	win/malicious_confidence_100% (W)
MaxSecure	Trojan.Malware.300983.susgen

Antivirus

Signature

Bkav

W32.AIDetect.malware1

Lionic

Clean

Elastic

malicious (high confidence)

ClamAV

Clean

CMC

Clean

CAT-QuickHeal

Clean

Qihoo-360

Win32/Trojan.Generic.HxQB9jsA

McAfee

RDN/Ransom

Malwarebytes

MachineLearning/Anomalous.96%

Zillya

Clean

Sangfor

Trojan.Win32.Save.a

K7AntiVirus

Clean

Alibaba

Clean

K7GW

Riskware ( 0040eff71 )

Cybereason

malicious.fef81e

Baidu

Clean

Cyren

W32/Trojan.QSPK-5949

Symantec

ML.Attribute.HighConfidence

ESET-NOD32

a variant of Generik.HLXFKFN

APEX

Malicious

Paloalto

generic.ml

Cynet

Malicious (score: 100)

Kaspersky

Trojan-Ransom.Win32.Encoder.njw

BitDefender

Gen:Heur.Mint.Zard.25

NANO-Antivirus

Virus.Win32.Gen.ccmw

SUPERAntiSpyware

Clean

MicroWorld-eScan

Gen:Heur.Mint.Zard.25

Tencent

Clean

Ad-Aware

Gen:Heur.Mint.Zard.25

Sophos

Mal/Generic-S

Comodo

Clean

F-Secure

Trojan.TR/Crypt.EPACK.Gen2

DrWeb

Trojan.Encoder.34207

VIPRE

Clean

TrendMicro

Ransom_Encoder.R002C0WH121

McAfee-GW-Edition

BehavesLike.Win32.Dropper.kh

FireEye

Generic.mg.598c53bfef81e489

Emsisoft

Gen:Heur.Mint.Zard.25 (B)

SentinelOne

Static AI - Suspicious PE

GData

Gen:Heur.Mint.Zard.25

Jiangmin

Clean

Webroot

Clean

Avira

TR/Crypt.EPACK.Gen2

MAX

malware (ai score=89)

Antiy-AVL

Clean

Kingsoft

Win32.Troj.Undef.(kcloud)

Gridinsoft

Ransom.Win32.Ransom.sa

Arcabit

Trojan.Mint.Zard.25

ViRobot

Clean

ZoneAlarm

Trojan-Ransom.Win32.Encoder.njw

Microsoft

Ransom:Win32/Genasom

AhnLab-V3

Clean

Acronis

Clean

ALYac

Gen:Heur.Mint.Zard.25

TACHYON

Clean

VBA32

Clean

Cylance

Unsafe

Panda

Clean

Zoner

Clean

TrendMicro-HouseCall

Ransom_Encoder.R002C0WH121

Rising

Trojan.Generic@ML.98 (RDML:JZFVDQXqy3+v9yTioog97Q)

Yandex

Clean

Ikarus

Trojan.Crypt

eGambit

Unsafe.AI_Score_93%

Fortinet

W32/PossibleThreat

BitDefenderTheta

AI:Packer.531073961E

AVG

Win32:Malware-gen

Avast

Win32:Malware-gen

CrowdStrike

win/malicious_confidence_100% (W)

MaxSecure

Trojan.Malware.300983.susgen

Static Analysis

PE Compile Time

PE Imphash

Sections

Imports