popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2021-08-05 18:26:41

PE Imphash

de794eaa348bcab90828044bdaf70bdd

PEiD Signatures

Armadillo v1.71

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x00007145 0x00008000 6.09355394442
.rdata 0x00009000 0x0000113c 0x00002000 3.55071188001
.data 0x0000b000 0x0000363c 0x00003000 0.832082172387

Imports

Library KERNEL32.dll:
0x409000 GetProcAddress
0x409004 LoadLibraryA
0x409008 lstrlenW
0x409010 CloseHandle
0x409014 WriteFile
0x409018 CreateFileW
0x40901c lstrcatW
0x409020 RaiseException
0x409024 LocalFree
0x409028 lstrlenA
0x409030 GetStringTypeW
0x409034 GetStringTypeA
0x409038 LCMapStringW
0x40903c RtlUnwind
0x409040 GetCommandLineA
0x409044 GetVersion
0x409048 ExitProcess
0x40904c GetCurrentThreadId
0x409050 TlsSetValue
0x409054 TlsAlloc
0x409058 SetLastError
0x40905c TlsGetValue
0x409060 GetLastError
0x409064 HeapFree
0x409068 HeapAlloc
0x40906c TerminateProcess
0x409070 GetCurrentProcess
0x409078 GetModuleFileNameA
0x409084 WideCharToMultiByte
0x409090 SetHandleCount
0x409094 GetStdHandle
0x409098 GetFileType
0x40909c GetStartupInfoA
0x4090a0 GetModuleHandleA
0x4090a8 GetVersionExA
0x4090ac HeapDestroy
0x4090b0 HeapCreate
0x4090b4 VirtualFree
0x4090bc IsBadReadPtr
0x4090c0 IsBadWritePtr
0x4090c4 IsBadCodePtr
0x4090d4 VirtualAlloc
0x4090d8 HeapReAlloc
0x4090dc GetCPInfo
0x4090e0 GetACP
0x4090e4 GetOEMCP
0x4090e8 MultiByteToWideChar
0x4090ec LCMapStringA
0x4090f0 HeapSize
Library USER32.dll:
0x409130 wsprintfW
Library ole32.dll:
0x409138 CoInitialize
0x40913c CoUninitialize
Library OLEAUT32.dll:
0x4090f8 VariantCopy
0x4090fc VariantInit
0x409100 SafeArrayGetDim
0x409104 SafeArrayGetLBound
0x409108 SafeArrayGetUBound
0x40910c SafeArrayAccessData
0x409114 VariantClear
0x409118 SysStringLen
0x40911c SysAllocStringLen
0x409120 SysFreeString
0x409124 SysAllocString
0x409128 GetErrorInfo
!This program cannot be run in DOS mode.
`.rdata
@.data
QQSVWd
t.;t$$t(
sO;>|C;~
8t9UW
SS@SSPVSS
t#SSUP
t$$VSS
_^][YY
VC20XC00U
VWuBhh
HSVHWtgHHtF
"WWSht
PPPPPPPP
PPPPPPPP
tFGQPS
__GLOBAL_HEAP_SELECTED
__MSVCRT_HEAP_SELECT
runtime error
TLOSS error
SING error
DOMAIN error
- unable to initialize heap
- not enough space for lowio initialization
- not enough space for stdio initialization
- pure virtual function call
- not enough space for _onexit/atexit table
- unable to open console device
- unexpected heap error
- unexpected multithread lock error
- not enough space for thread data
abnormal program termination
- not enough space for environment
- not enough space for arguments
- floating point not loaded
Microsoft Visual C++ Runtime Library
Runtime Error!
Program:
<program name unknown>
GetLastActivePopup
GetActiveWindow
MessageBoxA
user32.dll
H:mm:ss
dddd, MMMM dd, yyyy
M/d/yy
December
November
October
September
August
February
January
Saturday
Friday
Thursday
Wednesday
Tuesday
Monday
Sunday
SunMonTueWedThuFriSat
JanFebMarAprMayJunJulAugSepOctNovDec
GetProcAddress
LoadLibraryA
lstrlenW
InterlockedDecrement
CloseHandle
WriteFile
CreateFileW
lstrcatW
KERNEL32.dll
wsprintfW
USER32.dll
CoUninitialize
CoInitialize
ole32.dll
OLEAUT32.dll
RtlUnwind
GetCommandLineA
GetVersion
ExitProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
HeapFree
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedIncrement
lstrlenA
LocalFree
RaiseException
HeapSize
CoCreateInstance
CoCreateInstance
.?AV_com_error@@
.?AVtype_info@@
jjjjjj
"%s",global
((((( H
Antivirus Signature
Bkav Clean
Lionic Trojan.Win32.Midie.4!c
Elastic Clean
MicroWorld-eScan Gen:Variant.Midie.95922
FireEye Gen:Variant.Midie.95922
CAT-QuickHeal Clean
Qihoo-360 Win32/Trojan.Generic.HgIASZwA
McAfee RDN/Generic Downloader.x
Cylance Unsafe
VIPRE Clean
Sangfor Trojan.Win32.Malgent.MSR
K7AntiVirus Trojan-Downloader ( 005800a81 )
BitDefender Gen:Variant.Midie.95922
K7GW Trojan-Downloader ( 005800a81 )
CrowdStrike Clean
Baidu Clean
Cyren W32/Agent.DFR.gen!Eldorado
Symantec Trojan.Gen.MBT
ESET-NOD32 a variant of Win32/TrojanDownloader.Agent.FTP
APEX Malicious
Paloalto generic.ml
ClamAV Clean
Kaspersky Clean
Alibaba TrojanDownloader:Win32/DropperX.d3d16beb
NANO-Antivirus Clean
ViRobot Clean
Tencent Win32.Trojan-downloader.Agent.Eym
Ad-Aware Gen:Variant.Midie.95922
Emsisoft Gen:Variant.Midie.95922 (B)
Comodo Malware@#3r3edvcx6w8q0
F-Secure Clean
DrWeb Trojan.DownLoader41.8124
Zillya Clean
TrendMicro Clean
McAfee-GW-Edition RDN/Generic Downloader.x
CMC Clean
Sophos Mal/Generic-S
Ikarus Trojan-Downloader.Win32.Agent
GData Gen:Variant.Midie.95922
Jiangmin Clean
Webroot Clean
Avira TR/Dldr.Agent.frogz
MAX malware (ai score=84)
Antiy-AVL Clean
Gridinsoft Trojan.Win32.Downloader.sa
Arcabit Trojan.Midie.D176B2
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft Trojan:Win32/Malgent!MSR
Cynet Malicious (score: 100)
AhnLab-V3 Dropper/Win.Generic.R436113
Acronis Clean
BitDefenderTheta Clean
ALYac Gen:Variant.Midie.95922
TACHYON Clean
VBA32 Clean
Malwarebytes Trojan.Downloader
Panda Trj/GdSda.A
Zoner Clean
TrendMicro-HouseCall TROJ_GEN.R002H09H521
Rising Clean
Yandex Clean
SentinelOne Clean
eGambit Clean
Fortinet W32/Agent.FTP!tr.dldr
AVG Win32:DropperX-gen [Drp]
Cybereason Clean
Avast Win32:DropperX-gen [Drp]
MaxSecure Clean
No IRMA results available.