popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2020-10-13 15:58:09

PDB Path

C:\hobopimawawivo-gal\net49\hererumovuy-poxigu.pdb

PE Imphash

9d007788623d69514f22ced610d164ef

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x0002e371 0x0002e400 7.8409093802
.rdata 0x00030000 0x0000476e 0x00004800 4.39767187996
.data 0x00035000 0x02837cc0 0x00004400 1.32415495606
.rsrc 0x0286d000 0x00019b28 0x00019c00 6.60237680797

Resources

Name Offset Size Language Sub-language File type
RT_CURSOR 0x02886400 0x000000b0 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_CURSOR 0x02886400 0x000000b0 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x02885d90 0x00000468 LANG_GERMAN SUBLANG_GERMAN_LUXEMBOURG GLS_BINARY_LSB_FIRST
RT_ICON 0x02885d90 0x00000468 LANG_GERMAN SUBLANG_GERMAN_LUXEMBOURG GLS_BINARY_LSB_FIRST
RT_ICON 0x02885d90 0x00000468 LANG_GERMAN SUBLANG_GERMAN_LUXEMBOURG GLS_BINARY_LSB_FIRST
RT_ICON 0x02885d90 0x00000468 LANG_GERMAN SUBLANG_GERMAN_LUXEMBOURG GLS_BINARY_LSB_FIRST
RT_ICON 0x02885d90 0x00000468 LANG_GERMAN SUBLANG_GERMAN_LUXEMBOURG GLS_BINARY_LSB_FIRST
RT_ICON 0x02885d90 0x00000468 LANG_GERMAN SUBLANG_GERMAN_LUXEMBOURG GLS_BINARY_LSB_FIRST
RT_ICON 0x02885d90 0x00000468 LANG_GERMAN SUBLANG_GERMAN_LUXEMBOURG GLS_BINARY_LSB_FIRST
RT_ICON 0x02885d90 0x00000468 LANG_GERMAN SUBLANG_GERMAN_LUXEMBOURG GLS_BINARY_LSB_FIRST
RT_ICON 0x02885d90 0x00000468 LANG_GERMAN SUBLANG_GERMAN_LUXEMBOURG GLS_BINARY_LSB_FIRST
RT_ICON 0x02885d90 0x00000468 LANG_GERMAN SUBLANG_GERMAN_LUXEMBOURG GLS_BINARY_LSB_FIRST
RT_ICON 0x02885d90 0x00000468 LANG_GERMAN SUBLANG_GERMAN_LUXEMBOURG GLS_BINARY_LSB_FIRST
RT_ICON 0x02885d90 0x00000468 LANG_GERMAN SUBLANG_GERMAN_LUXEMBOURG GLS_BINARY_LSB_FIRST
RT_ICON 0x02885d90 0x00000468 LANG_GERMAN SUBLANG_GERMAN_LUXEMBOURG GLS_BINARY_LSB_FIRST
RT_ICON 0x02885d90 0x00000468 LANG_GERMAN SUBLANG_GERMAN_LUXEMBOURG GLS_BINARY_LSB_FIRST
RT_ICON 0x02885d90 0x00000468 LANG_GERMAN SUBLANG_GERMAN_LUXEMBOURG GLS_BINARY_LSB_FIRST
RT_ICON 0x02885d90 0x00000468 LANG_GERMAN SUBLANG_GERMAN_LUXEMBOURG GLS_BINARY_LSB_FIRST
RT_ICON 0x02885d90 0x00000468 LANG_GERMAN SUBLANG_GERMAN_LUXEMBOURG GLS_BINARY_LSB_FIRST
RT_ICON 0x02885d90 0x00000468 LANG_GERMAN SUBLANG_GERMAN_LUXEMBOURG GLS_BINARY_LSB_FIRST
RT_ICON 0x02885d90 0x00000468 LANG_GERMAN SUBLANG_GERMAN_LUXEMBOURG GLS_BINARY_LSB_FIRST
RT_ICON 0x02885d90 0x00000468 LANG_GERMAN SUBLANG_GERMAN_LUXEMBOURG GLS_BINARY_LSB_FIRST
RT_ICON 0x02885d90 0x00000468 LANG_GERMAN SUBLANG_GERMAN_LUXEMBOURG GLS_BINARY_LSB_FIRST
RT_ICON 0x02885d90 0x00000468 LANG_GERMAN SUBLANG_GERMAN_LUXEMBOURG GLS_BINARY_LSB_FIRST
RT_ICON 0x02885d90 0x00000468 LANG_GERMAN SUBLANG_GERMAN_LUXEMBOURG GLS_BINARY_LSB_FIRST
RT_ICON 0x02885d90 0x00000468 LANG_GERMAN SUBLANG_GERMAN_LUXEMBOURG GLS_BINARY_LSB_FIRST
RT_ICON 0x02885d90 0x00000468 LANG_GERMAN SUBLANG_GERMAN_LUXEMBOURG GLS_BINARY_LSB_FIRST
RT_ICON 0x02885d90 0x00000468 LANG_GERMAN SUBLANG_GERMAN_LUXEMBOURG GLS_BINARY_LSB_FIRST
RT_ICON 0x02885d90 0x00000468 LANG_GERMAN SUBLANG_GERMAN_LUXEMBOURG GLS_BINARY_LSB_FIRST
RT_ICON 0x02885d90 0x00000468 LANG_GERMAN SUBLANG_GERMAN_LUXEMBOURG GLS_BINARY_LSB_FIRST
RT_ICON 0x02885d90 0x00000468 LANG_GERMAN SUBLANG_GERMAN_LUXEMBOURG GLS_BINARY_LSB_FIRST
RT_DIALOG 0x02886690 0x000000cc LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_STRING 0x02886998 0x0000018e LANG_GERMAN SUBLANG_GERMAN_LUXEMBOURG data
RT_STRING 0x02886998 0x0000018e LANG_GERMAN SUBLANG_GERMAN_LUXEMBOURG data
RT_ACCELERATOR 0x028862a8 0x00000028 LANG_GERMAN SUBLANG_GERMAN_LUXEMBOURG data
RT_ACCELERATOR 0x028862a8 0x00000028 LANG_GERMAN SUBLANG_GERMAN_LUXEMBOURG data
RT_GROUP_CURSOR 0x028864b0 0x00000022 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_GROUP_ICON 0x02879198 0x00000068 LANG_GERMAN SUBLANG_GERMAN_LUXEMBOURG data
RT_GROUP_ICON 0x02879198 0x00000068 LANG_GERMAN SUBLANG_GERMAN_LUXEMBOURG data
RT_GROUP_ICON 0x02879198 0x00000068 LANG_GERMAN SUBLANG_GERMAN_LUXEMBOURG data
RT_GROUP_ICON 0x02879198 0x00000068 LANG_GERMAN SUBLANG_GERMAN_LUXEMBOURG data
RT_VERSION 0x028864d8 0x000001b4 LANG_NEUTRAL SUBLANG_NEUTRAL data

Imports

Library KERNEL32.dll:
0x430008 lstrlenA
0x430010 LocalCompact
0x430014 MoveFileExW
0x43001c GetCurrentProcess
0x430024 GetUserDefaultLCID
0x430028 WriteConsoleInputA
0x43002c SetEvent
0x430034 IsBadReadPtr
0x43003c GetConsoleTitleA
0x430040 ReadConsoleW
0x430044 ReadConsoleOutputA
0x430048 WriteFile
0x43004c CreateActCtxW
0x430054 GetVolumePathNameW
0x430058 FindResourceExA
0x43005c GetConsoleCP
0x430060 GlobalAlloc
0x43006c GetFileAttributesA
0x430074 lstrcpynW
0x430078 GetConsoleAliasW
0x430080 VerifyVersionInfoA
0x430084 WriteConsoleW
0x430088 GetComputerNameA
0x43008c GetACP
0x430090 DeactivateActCtx
0x430094 GetCPInfoExW
0x430098 GetLastError
0x43009c GetLongPathNameW
0x4300a0 GetProcAddress
0x4300a4 EnumDateFormatsExA
0x4300a8 GlobalGetAtomNameA
0x4300ac LoadLibraryA
0x4300b0 GlobalGetAtomNameW
0x4300b8 SetSystemTime
0x4300c0 SetConsoleTitleW
0x4300c4 GetModuleHandleA
0x4300c8 lstrcatW
0x4300cc UpdateResourceW
0x4300d0 EraseTape
0x4300d8 BuildCommDCBA
0x4300dc VirtualProtect
0x4300e0 PeekConsoleInputA
0x4300e4 SetCalendarInfoA
0x4300e8 FindFirstVolumeA
0x4300ec EndUpdateResourceA
0x4300f0 ReadConsoleInputW
0x4300f8 AreFileApisANSI
0x4300fc CreateActCtxA
0x43010c HeapReAlloc
0x430110 HeapAlloc
0x430114 GetCommandLineA
0x430118 GetStartupInfoA
0x43011c RaiseException
0x430120 RtlUnwind
0x430124 GetModuleHandleW
0x430128 Sleep
0x43012c ExitProcess
0x430130 GetStdHandle
0x430134 GetModuleFileNameA
0x430138 TerminateProcess
0x43013c IsDebuggerPresent
0x430140 HeapFree
0x43014c HeapCreate
0x430150 VirtualFree
0x430154 VirtualAlloc
0x430164 WideCharToMultiByte
0x43016c SetHandleCount
0x430170 GetFileType
0x430174 TlsGetValue
0x430178 TlsAlloc
0x43017c TlsSetValue
0x430180 TlsFree
0x430188 SetLastError
0x43018c GetCurrentThreadId
0x430194 GetTickCount
0x430198 GetCurrentProcessId
0x4301a4 HeapSize
0x4301a8 GetCPInfo
0x4301ac GetOEMCP
0x4301b0 IsValidCodePage
0x4301b4 GetLocaleInfoA
0x4301b8 LCMapStringA
0x4301bc MultiByteToWideChar
0x4301c0 LCMapStringW
0x4301c4 GetStringTypeA
0x4301c8 GetStringTypeW
Library USER32.dll:
0x4301d0 GetAltTabInfoW
0x4301d4 RealGetWindowClassA
Library ADVAPI32.dll:
0x430000 BackupEventLogA
!This program cannot be run in DOS mode.
`.rdata
@.data
u!h C
0WWWWW
0WWWWW
jXh07C
QQSVWd
j hx7C
0SSSSS
tNIt?It0It
>=Yt1j
jThX8C
j@j ^V
teh j@
j,hh9C
HtHu4j
s[S;7|G;w
tR99u2
0SSSSS
0SSSSS
tRHtCHt4Ht%HtFHHt
URPQQh|
0A@@Ju
;t$,v-
UQPXY]Y[
_VVVVV
^WWWWW
t"SS9]
PPPPPPPP
PPPPPPPP
0SSSSS
_VVVVV
t+WWVPV
<+t(<-t$:
+t HHt
B*uuUzz
9Z,eOSQ
<U. o5
T2R|AD
S]yGJ?
bqo|Xm
{]1JLD
wsVi3K!M4qjr
(pcgsmT>
KzD{C{|
h')-#*
B!|Et"w$
4_V<B0
#*`z`=
b;.n~u"
"^Bs18
DjCw!H
9,2(4e)
bh3To(
>#/<49-r
N:+zBX
`2Od=y
\Bs_Dd
Kz}xl
eDsq8a
+pL|q5
}`wV@"w
SZbMo4
zA2P%!
}9iMbO
-;d3l
#?z|O+
l,Q`jl
#5JXudK
<rXeO4
'#OB7T)L
vPeR@|
M$algF7
]T.jA
kCGsJf
P?4\0
WL7PtI
s#Q,m{]
f$gEwi
qtgr
1W)g9$=
2.3`\=I
|8C@Dj`
qLUg35
-Ki#Pf
1R<jlwR'
63RW7G*^
!CMcA8
p|?v}\
e2~h-V
}?uAC$
#=UgR6
f:fks?
Nvj>jA_
EDX@>5n@
"M)Ex_YF
bO\^\6Wee
Q(tuhQ
=kTJJy
J276}`
e!Jp88w
q0*L{N
tsb5e]
UkZ,IE
BX;T9`,
e^\ 9{
K7C.F"k
+LxW4r
HgO7;vM
xWC8=]
yRc;Vw
uroN#\N
xBx0h+
L7p@h@A
m!92rXh
8cVh}.KN
\<[F~Z
w] daKH
pG;Ebt
,H^)Rc
*Z.9z8A
lw 58H
~]u)Lu
RDkC[sI
Y$~ 6"
@@R;m=
oYFn,l
&Sf<SM(
W9uR3X
OXZ%UV
y-qU)%
W2=cJ-
Kh:LP3
GA@,E_A,
dgzh(s
w?otY+
|=E$~#(
xUI?=<
Qj$cs6X9
Z`+2Bo
K%f)~G
:i:DC)W
U)xlEy
2wQEgE
8~z[%q
yU^F}v
X:#_E2{
TV(cl8
(fYg9h
>1RbhGC
ueX+tz
o=qjw`
'+$bs8y
\'LfeE
b63MQL
)(CEX
}N>)&Y
L3$ReqW
F4ZuA~
rIp> DAC)
8i{1J0'2
YxHJ"R
.8_{A
WFOFm
|Nw.Vs
iMp~rIE
A \3CR
C2n*7r*
+ k/:x
hfZnGy
XjPYu%S
aj1(jg
TC9o[Kl_
c+2wuG
u;]>U(
K2fe]H
L~W{W%AV
M')fV?
Fec3Za"
1fD?/4
D#>52R
~vMvb)
NfPA\~<O
DF5#*H
}3_`i:%C
a`*;S
n\%K+#"
PB#dM9
&N%kd
UJ\rW0
o/"K4m
Vrs]O[
eZ1'*k
Lej$_$
;!&dER
|U*PRS
BSbr/M
b~B3d$
GT`0kP
g<kK+v
d1!-jN
}?1l:&"o&l
5}pG4$
E '5l}
w[R/5p
mS-`%[
Y** JV
,G/_mw
QF ^CG
UEKn{n
6F#t*.
;J8UaA.
J=+E(r
sQl=l
2tZ\3h
l8K&"
golyoeMN;
N`2R7n
qC=1S^
.qRpAp<
s(S5Ack
$PdSpY<,
7jRN=h
!aGM3r
u`qFZ{
%=ikW/Q
u3rV7 #
@2YFWw}
7J;OwA
X|^w';
e)JE&
0w^y.
{bkfro
fF4(~V]
$:J<uE
/%'L7F
LKUqth]
Mr`=)"
R<PDj,n
?Dr5ui
TP"\#A{
zFGg|"
c8yuTE
v!(^CnDi
#y82:CB
PW@'>K
[jP$O]
Me:]Oeb
o!K_\a
Y=x.X,h
MH:mV;u
u{XCF_
Z49UD#
5AO^j_M
^ \lD>
==}ZL9j
1e"m'
`>p &e
M6daEtBft
R~@q\3U
9}WvMfT
g*a"*R
.G{]mn
ix.>H;
~MC;wm"
aIuit~
+>c>5)
u&IOVK
-M{T^-
@-'vW>
6_?y:Q]
bad allocation
string too long
invalid string position
Unknown exception
CorExitProcess
runtime error
TLOSS error
SING error
DOMAIN error
An application has made an attempt to load the C runtime library incorrectly.
Please contact the application's support team for more information.
- Attempt to use MSIL code from this assembly during native code initialization
This indicates a bug in your application. It is most likely the result of calling an MSIL-compiled (/clr) function from a native constructor or from DllMain.
- not enough space for locale information
- Attempt to initialize the CRT more than once.
This indicates a bug in your application.
- CRT not initialized
- unable to initialize heap
- not enough space for lowio initialization
- not enough space for stdio initialization
- pure virtual function call
- not enough space for _onexit/atexit table
- unable to open console device
- unexpected heap error
- unexpected multithread lock error
- not enough space for thread data
This application has requested the Runtime to terminate it in an unusual way.
Please contact the application's support team for more information.
- not enough space for environment
- not enough space for arguments
- floating point support not loaded
Microsoft Visual C++ Runtime Library
<program name unknown>
Runtime Error!
Program:
EncodePointer
DecodePointer
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
bad exception
GetProcessWindowStation
GetUserObjectInformationA
GetLastActivePopup
GetActiveWindow
MessageBoxA
USER32.DLL
_nextafter
_hypot
Complete Object Locator'
Class Hierarchy Descriptor'
Base Class Array'
Base Class Descriptor at (
Type Descriptor'
`local static thread guard'
`managed vector copy constructor iterator'
`vector vbase copy constructor iterator'
`vector copy constructor iterator'
`dynamic atexit destructor for '
`dynamic initializer for '
`eh vector vbase copy constructor iterator'
`eh vector copy constructor iterator'
`managed vector destructor iterator'
`managed vector constructor iterator'
`placement delete[] closure'
`placement delete closure'
`omni callsig'
delete[]
new[]
`local vftable constructor closure'
`local vftable'
`udt returning'
`copy constructor closure'
`eh vector vbase constructor iterator'
`eh vector destructor iterator'
`eh vector constructor iterator'
`virtual displacement map'
`vector vbase constructor iterator'
`vector destructor iterator'
`vector constructor iterator'
`scalar deleting destructor'
`default constructor closure'
`vector deleting destructor'
`vbase destructor'
`string'
`local static guard'
`typeof'
`vcall'
`vbtable'
`vftable'
operator
delete
__unaligned
__restrict
__ptr64
__clrcall
__fastcall
__thiscall
__stdcall
__pascal
__cdecl
__based(
 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
GAIsProcessorFeaturePresent
KERNEL32
 !"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~
HH:mm:ss
dddd, MMMM dd, yyyy
MM/dd/yy
December
November
October
September
August
February
January
Saturday
Friday
Thursday
Wednesday
Tuesday
Monday
Sunday
SunMonTueWedThuFriSat
JanFebMarAprMayJunJulAugSepOctNovDec
1#QNAN
1#SNAN
bad allocation
xijetatalasobujunihoriyupeyibewajefuxopizixirejivekuruturavugelavefiyunuze
logumenocox
Riraxaloluw tusoroci
Jimujipebomecuw tevohe
kernel32.dll
LocalAlloc
henoxiwusumekelucefitagodepabofi
C:\hobopimawawivo-gal\net49\hererumovuy-poxigu.pdb
GetSystemDefaultLangID
GetComputerNameA
lstrlenA
WriteConsoleOutputCharacterA
LocalCompact
MoveFileExW
InterlockedDecrement
GetCurrentProcess
GetSystemWindowsDirectoryW
GetUserDefaultLCID
WriteConsoleInputA
SetEvent
GetSystemDefaultLCID
IsBadReadPtr
GetConsoleAliasesLengthA
GetConsoleTitleA
ReadConsoleW
ReadConsoleOutputA
WriteFile
CreateActCtxW
InitializeCriticalSection
GetVolumePathNameW
FindResourceExA
GetConsoleCP
GlobalAlloc
InterlockedPopEntrySList
LeaveCriticalSection
GetFileAttributesA
DnsHostnameToComputerNameW
lstrcpynW
GetConsoleAliasW
SetConsoleCursorPosition
VerifyVersionInfoA
WriteConsoleW
CreateActCtxA
GetACP
DeactivateActCtx
GetCPInfoExW
GetLastError
GetLongPathNameW
GetProcAddress
EnumDateFormatsExA
GlobalGetAtomNameA
LoadLibraryA
GlobalGetAtomNameW
WaitForMultipleObjects
SetSystemTime
SetEnvironmentVariableA
SetConsoleTitleW
GetModuleHandleA
lstrcatW
UpdateResourceW
EraseTape
CancelTimerQueueTimer
BuildCommDCBA
VirtualProtect
PeekConsoleInputA
SetCalendarInfoA
FindFirstVolumeA
EndUpdateResourceA
ReadConsoleInputW
GetPrivateProfileSectionW
AreFileApisANSI
KERNEL32.dll
GetAltTabInfoW
RealGetWindowClassA
USER32.dll
BackupEventLogA
ADVAPI32.dll
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapReAlloc
HeapAlloc
GetCommandLineA
GetStartupInfoA
RaiseException
RtlUnwind
GetModuleHandleW
ExitProcess
GetStdHandle
GetModuleFileNameA
TerminateProcess
IsDebuggerPresent
HeapFree
DeleteCriticalSection
EnterCriticalSection
HeapCreate
VirtualFree
VirtualAlloc
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
HeapSize
GetCPInfo
GetOEMCP
IsValidCodePage
GetLocaleInfoA
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
.?AVlogic_error@std@@
.?AVlength_error@std@@
.?AVout_of_range@std@@
.?AVtype_info@@
.?AVbad_exception@std@@
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
.?AVexception@std@@
.?AVbad_alloc@std@@
#gzwg]
B5e 5e
4[e eB
2gZVe)
QQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQ
QQQQQQQQQQQ
QQQQQQQQQQHu
bQQQQQQQQQ
QQQQQQQQQQ
PXN]QQQQQQQQQQQQQi
QQQQQQQQQQQQQ
|sQQQQQQQQQQQQQ0
QQQQQQQQQVkU lJ
QQQQQQQQQ
QQQQQQQQQC
QQQQQQQQQ{
:=|c#.~
12~s$3
O15~~)%
4OM}wE<
6RYrI1-
IOl8.=
SZ{wC=
==e__XTGc
g@Ch+4O
/Sf?$u
S{~:1~
&Bu~j*z
Ruz%1HpN
+:e='u
Co~;%}
G:e{t1^
kOOOOOOOOOOOOOOOOOOOOOP
YsssssssssssssssssssssY
POOOOOOOOOOOOOOOOOOO
{{{{{{{{{{{{{{{{{{{{{{{
OOOOOOOOOOOOOOOOOOk
GsGsGsGsGsGsGsGsG
kOOOOOOOOOOOOOOOOO
OOOOOOOOOOOOOOOOO
OOOOOOOOOOOOOOOOO
..@@jkGl{s
OOOOOOOOOOOOOOOOO
OOOOOOOOOOOOOOOOO
OOOOOOOOOOOOOOOOO
s{D.AK
OOOOOOOOOOOOOOOOO
ll.l.kG.@@W@PP
OOOOOOOOOOOOOOOOO
A{{{{{K
OOOOOOOOOOOOOOOOO
A{{{{{K.{
OOOOOOOOOOOOOOOOO
A{{{{{Kl{{{
OOOOOOOOOOOOOOOOO
s{DlA{{{{{Kl{{{{{ss
OOOOOOOOOOOOOOOOO
lAAAAAAAAAAAAAAAAAAAAAGl{s
OOOOOOOOOOOOOOOOO
lA{{{{{Kl{{{{{Gs{{
OOOOOOOOOOOOOOOOO
lA{{{{{
l{{{{{GG{{{{
OOOOOOOOOOOOOOOOO
DA{{{{{Kl{{{{{sG{{{{{KGl{s
OOOOOOOOOOOOOOOOO
lA{{{{{
l{{{{{Gs{{{{{kGl{s
OOOOOOOOOOOOOOOOO
Y{{{{Kl{{{{{GG{{{
OOOOOOOOOOOOOOOOO
D.KAAAAAAAAAAAAAAAAA
OOOOOOOOOOOOOOOOO
DDDDDlllllll.l.l..l..l{s
OOOOOOOOOOOOOOOOO
DDlDDllllllll.l....l{s
OOOOOOOOOOOOOOOOO
iiiiii
OOOOOOOOOOOOOOOOO
B2WD{s
OOOOOOOOOOOOOOOOO
OOOOOOOOOOOOOOOOO
OOOOOOOOOOOOOOOOO
=======
OOOOOOOOOOOOOOOOO
OOOOOOOOOOOOOOOOO
OOOOOOOOOOOOOOOOO
hhhh5hh5h5hhh
OOOOOOOOOOOOOOOOO
OOOOOOOOOOOOOOOOO
OOOOOOOOOOOOOOOOO
OOOOOOOOOOOOOOOOO
OOOOOOOOOOOOOOOOO
OOOOOOOOOOOOOOOOO
OOOOOOOOOOOOOOOOOk
kOOOOOOOOOOOOOOOOOO
{{{{{{
OOOOOOOOOOOOOOOOOOOP
Yssssssssssssssssssss
POOOOOOOOOOOOOOOOOOOOOk
kOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO
K{{{{{{{{{{{{{{{{{
WWWWWW
i]]]]]]]]]]]]]]i
xxxxxx
WsWssWssssss
{{{{{{{{{{{{{{{{{{
rrrrrrrrrrr
rrrrrrrrr
rrrrrrrr
rrrrrrrr
rrrrrrrr
rrrrrrrr
?bU
rrrrrrrr
rrrrrrrr
4?44bq4bU
rrrrrrrr
rrrrrrrr
rrrrrrrr
bbb??b??
rrrrrrrr
rrrrrrrr
w<<<<<<<<<<w
rrrrrrrr
rrrrrrrr
rrrrrrrr
rrrrrrrr
<''''''''<
rrrrrrrr
<<<<<<<<<<
rrrrrrrr
rrrrrrrrr
rrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
!{y{h|||
xpqwxw
$ #Z^ds
6F=#ajd|
""""""
""""""""""""""
"""""""""
""""""""
"""""""
""""""
""""""
++J|EE
1111111112
lWWWWWWWWWWWWWWWWWWWWWWWWWWz
uuuuuuuuu
uuuuuuu
uuuuuuuuuuuuu
uuuuuu
uuuuuuuu
uuuuuuuu
uuuuuu
b=tuuuuu
b=tuuuuu
b=tuuuu
111QQOORR
p..VVF
pp..VVF
ppp.VVFF
111QQOORR
CCCCCCCCCCCCCCCCCC
C111111666
QQQQQQQQQQQQQQ
yyyyyyyyyyyy
yhhhhh
yhhhhhhh
%%%%%%%%%}
%%%%%%%%%%%
#P~m M
6C`V&R
ssi"L
mscoree.dll
KERNEL32.DLL
((((( H
h(((( H
H
yehofidahecuverocig fehicezizatatonirewudayuzofazene luvenixovilowilig rehijatuzeha
yevaratukiratiworesototivixefadikuxajuruy
hilemocuculafoxe
hawedev rolozacadatawavisoni buravabucihuc bazokudezacukuhogiturutudalux
fihedodutawixetazifedolekuj kulojefacelivazedajiligojoj buvikudicerenicezaxinasom payeyigumubowi
yevufunuzusalarekis yap
xcehewitakivahamobivupujezogo jocojobojupeloxid dutisobatibeduvodotumovigetoxasu
mekuzehafuyezirugovadigamanuyetefafufohajerucogigobokozegowurojekazazupexuwebuyicaroguko
kipifegibi
ERRORDIALOG
VS_VERSION_INFO
StringFileInform
085564c6
InternalName
kogsmoadeke.exi
Copyright
Copyrighz (C) 2020, fodkageta
ProductVersion
9.51.22.12
VarFileInfo
Translation
Error!
Select One:
&Retry
&Abort
&Ignore
Sexasax rofigibanofeyaQFibunetopafofak duye xos lahoso wededixuf hihabezefucedu jojuci vawecohuda jacoziYMado gal robu pew gituhivisowef domete muyiyazi yinapuxar nadugusasetisey kisobuzakucelekLLekup zareluwiyoj jewuh bikuvocus cato wapa cuwitehuxi sifutaf jetuvajepifes
+Sogatide ziyariruh wabirejegit nakiwapikuke
6Jifihuzayigameg wuxew tuy yobizigorupodi visugip pijes
VGozokapiyuyemo yexoj yagisowapunam pefuvoriconuc rumatohefin vocogilekuvuto xezevumive
Antivirus Signature
Bkav W32.AIDetect.malware1
Lionic Trojan.Win32.Agent.mBud
Elastic malicious (high confidence)
MicroWorld-eScan Trojan.GenericKD.46765767
FireEye Generic.mg.69e5b67145f3dd48
CAT-QuickHeal Clean
Qihoo-360 Win32/Trojan.Zenpak.HwoCKlEA
ALYac Trojan.GenericKD.46765767
Cylance Unsafe
Zillya Clean
Sangfor Trojan.Win32.Save.a
K7AntiVirus Trojan ( 0056f9be1 )
BitDefender Trojan.GenericKD.46765767
K7GW Trojan ( 0056f9be1 )
CrowdStrike win/malicious_confidence_100% (W)
Baidu Clean
Cyren W32/Kryptik.EWJ.gen!Eldorado
Symantec Packed.Generic.525
ESET-NOD32 a variant of Win32/Kryptik.HMAJ
APEX Malicious
Paloalto generic.ml
ClamAV Win.Dropper.Upatre-9884831-0
Kaspersky HEUR:Trojan.Win32.Zenpak.gen
Alibaba Trojan:Win32/GandCrab.71069088
NANO-Antivirus Clean
ViRobot Clean
Tencent Clean
Ad-Aware Trojan.GenericKD.46765767
TACHYON Clean
Emsisoft Trojan.GenericKD.46765767 (B)
Comodo Clean
F-Secure Clean
DrWeb Trojan.PWS.Siggen3.1999
VIPRE Clean
TrendMicro Mal_HPGen-50
McAfee-GW-Edition BehavesLike.Win32.Packed.fc
CMC Clean
Sophos Mal/Generic-S
SentinelOne Static AI - Malicious PE
GData Win32.Trojan.BSE.YR40KC
Jiangmin Trojan.Generic.habom
Webroot Clean
Avira TR/AD.RedLineSteal.ssyma
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Ransom.Win32.STOP.dg!se8085
Arcabit Clean
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft Trojan:Win32/Azorult.RM!MTB
Cynet Malicious (score: 100)
AhnLab-V3 CoinMiner/Win.Glupteba.R436299
Acronis suspicious
McAfee GenericRXAA-AA!69E5B67145F3
MAX malware (ai score=82)
VBA32 BScope.Backdoor.Androm
Malwarebytes Trojan.MalPack.GS
Panda Trj/Genetic.gen
Zoner Clean
TrendMicro-HouseCall Mal_HPGen-50
Rising Trojan.Kryptik!1.D82C (CLASSIC)
Yandex Clean
Ikarus Trojan-Banker.UrSnif
eGambit Unsafe.AI_Score_94%
Fortinet W32/Kryptik.ETY!tr
BitDefenderTheta Gen:NN.ZexaF.34058.uq0@aququBA
AVG Win32:RansomX-gen [Ransom]
Cybereason malicious.a7d929
Avast Win32:RansomX-gen [Ransom]
MaxSecure Clean
No IRMA results available.