popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2042-01-05 01:22:53

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x000e8524 0x000e8600 3.28563637844
.rsrc 0x000ec000 0x000006ac 0x00000800 4.65383682543
.reloc 0x000ee000 0x0000000c 0x00000200 0.101910425663

Resources

Name Offset Size Language Sub-language File type
RT_GROUP_ICON 0x000ec0e8 0x00000006 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_VERSION 0x000ec0f0 0x000003d0 LANG_ENGLISH SUBLANG_ENGLISH_US data
RT_MANIFEST 0x000ec4c0 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
v4.0.30319
#Strings
IEnumerable`1
ThreadSafeObjectProvider`1
ConsoleApp1
NR_WindowsApp1
ToInt32
252C0B6B080FA045ACFCD1437F693F3BE2BE2AC8223EA525D492FA19AB028942
<Module>
<PrivateImplementationDetails>
FULL_TEXT
Dispose__Instance__
Create__Instance__
mscorlib
System.Dynamic
System.Collections.Generic
Microsoft.VisualBasic
Synchronized
GetCurrentMethod
Replace
CreateInstance
get_GetInstance
defaultInstance
instance
GetHashCode
Enumerable
RuntimeFieldHandle
RuntimeTypeHandle
GetTypeFromHandle
get_Name
MethodName
CallByName
ChangeType
UseCallType
GetType
System.Core
get_Culture
set_Culture
resourceCulture
MethodBase
ConsoleApplicationBase
ApplicationSettingsBase
DebuggerBrowsableState
EditorBrowsableState
ThreadStaticAttribute
STAThreadAttribute
CompilerGeneratedAttribute
GuidAttribute
HelpKeywordAttribute
GeneratedCodeAttribute
DebuggerNonUserCodeAttribute
DebuggableAttribute
DebuggerBrowsableAttribute
EditorBrowsableAttribute
ComVisibleAttribute
AssemblyTitleAttribute
StandardModuleAttribute
HideModuleNameAttribute
AssemblyTrademarkAttribute
TargetFrameworkAttribute
DebuggerHiddenAttribute
AssemblyFileVersionAttribute
MyGroupCollectionAttribute
AssemblyDescriptionAttribute
CompilationRelaxationsAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
ParamArrayAttribute
AssemblyCompanyAttribute
RuntimeCompatibilityAttribute
m_ThreadStaticValue
GetObjectValue
AutoPropertyValue
ConsoleApp1.exe
NewLateBinding
System.Runtime.Versioning
GetResourceString
ToString
System.ComponentModel
LateCall
System
resourceMan
Boolean
System.ComponentModel.Design
get_Application
MyApplication
System.Configuration
System.Globalization
System.Reflection
ArgumentException
CultureInfo
MemberInfo
System.Linq
IDynamicMetaObjectProvider
m_AppObjectProvider
m_UserObjectProvider
m_ComputerObjectProvider
m_MyWebServicesObjectProvider
StringBuilder
get_IDOBinder
set_IDOBinder
get_ResourceManager
System.CodeDom.Compiler
get_User
get_Computer
MyComputer
Activator
.cctor
System.Diagnostics
Microsoft.VisualBasic.Devices
get_WebServices
MyWebServices
Microsoft.VisualBasic.ApplicationServices
System.Runtime.InteropServices
Microsoft.VisualBasic.CompilerServices
System.Runtime.CompilerServices
System.Resources
ConsoleApp1.My.Resources
ConsoleApp1.Resources.resources
DebuggingModes
get_Settings
MySettings
ReferenceEquals
get_IDOUtils
set_IDOUtils
Conversions
RuntimeHelpers
Arguments
Object
MyProject
LateGet
LateSet
get_Default
Convert
System.Text
ConsoleApp1.My
InitializeArray
get_Assembly
MySettingsProperty
77 90 144 0 3 0 0 0 4 0 0 0 255 255 0 0 184 0 0 0 0 0 0 0 64 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 128 0 0 0 14 31 186 14 0 180 9 205 33 184 1 76 205 33 84 104 105 115 32 112 114 111 103 114 97 109 32 99 97 110 110 111 116 32 98 101 32 114 117 110 32 105 110 32 68 79 83 32 109 111 100 101 46 13 13 10 36 0 0 0 0 0 0 0 80 69 0 0 76 1 3 0 50 251 125 208 0 0 0 0 0 0 0 0 224 0 2 1 11 1 48 0 0 74 4 0 0 8 0 0 0 0 0 0 142 105 4 0 0 32 0 0 0 128 4 0 0 0 64 0 0 32 0 0 0 2 0 0 4 0 0 0 0 0 0 0 4 0 0 0 0 0 0 0 0 192 4 0 0 2 0 0 0 0 0 0 2 0 64 133 0 0 16 0 0 16 0 0 0 0 16 0 0 16 0 0 0 0 0 0 16 0 0 0 0 0 0 0 0 0 0 0 60 105 4 0 79 0 0 0 0 128 4 0 224 4 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 160 4 0 12 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 32 0 0 8 0 0 0 0 0 0 0 0 0 0 0 8 32 0 0 72 0 0 0 0 0 0 0 0 0 0 0 46 116 101 120 116 0 0 0 148 73 4 0 0 32 0 0 0 74 4 0 0 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 32 0 0 96 46 114 115 114 99 0 0 0 224 4 0 0
VIyF9qdot4z990
B31R6fb0d947901
Cv36H7Bd86f0fO1
T1818g60bM3e6W1
CDPc55UcX6a9Vb1
Abae4bCeuf1ofv1
F2Lf345fadcZr02
UInt32
PU923d4cb40842
Ed3eE1x35f90182
D6b632668412ad2
D2t7rHmD388do2
U18n98a96f62p03
D094eaTo6694rL3
get_R8Xxb182297fZU3
E3Z02L0Zd1e0Kj3
NlaF2o59392Pd14
ZW148op1df8d454
Q7fl2yeO7fMbd54
Wb1M9ap2QE12094
Bo5Fb3ed465d2b4
PNL1lBfsD1bLb66
Kf230mf9Ry19Ai6
get_Lda9Vk7P80l6
A9HbO7Lcb6rDaM7
GXpQffi4Xd2U028
L93jdik69468
Qf25g6Zcf401a88
V1eAbGff1b7P8
BbZ25jAdr4n6U9
DLe8b148fUpWLn9
Z0916ad47N168y9
Fx3nd5am15a42EB
CK33QNT46ftbvJB
BbUl65958NcwC
C5noexsj8T1d2dD
get_Q68b3101352ceE
set_Q68b3101352ceE
Reb01fbQf3b498F
CMS_ASSEMBLY_REFERENCE_DEPENDENT_ASSEMBLY_FLAG
P2c4865HDbQFtfI
get_Y796S52f81rcosK
W9656235pN17aM
System.IO
A7QaN3193bbDP
C6f8bm6brSaP
OyU2a5V8Cey7m9Y
Ie1b6E5N5T87a
get_F26d13K2V42e79a
Cc7x7ef8V7kH4va
E66cdV6Ze2145b
B5ff635Dfacq68b
T0e74qht0b015Ib
E1Kca27T98ab7Kb
U6C51b7bQbo3bRb
get_Ff9f638u894a6db
set_Ff9f638u894a6db
CdmLf69feb0kfb
Dod2Q48a4358jb
SOa7r35azd8VAYc
NxRMbanvIe5ng3d
Ro8f395c9d51bLd
E9q9P11Md
get_V8Ns2l4410b4bd
get_Ar8a71gJNcaQbd
Vdx2f8dn478Xbd
F7Kb2ZLPfKfabd
BIfdv9d8V1Y5dd
X8d84b7ldT2FJdd
CB3Os5abt0a8hd
BZ9f61264d661nd
I9l0nfxB954bA6e
If169pS1854nde
CallType
IStore
SettingsBase
DictionaryBase
Ed3eE1x35f90182.exe
LA87u83beofb4f
Acf796Sda0y9UVf
LecG8zbdf436Ccf
get_D9Ef9eX9mae9of
set_D9Ef9eX9mae9of
Yf76521bD9xwdqf
L4b24249ds6gxf
KedfQ4DSt6g
String
System.Runtime.Hosting
Qd1471RdsydYi
Decimal
CodePageDataItem
System.Deployment.Internal.Isolation
get_P9Sz5FEn9V128o
AppDomainSetup
RafRkTb3To16e1q
Y6aG1d8bq
Pruzd9191a6F2r
StreamReader
ResourceManager
EventHandler
ManifestRunner
Computer
UIntPtr
ConsoleApp1.Dod2Q48a4358jb.resources
Equals
System.Collections
System.Deployment.Internal.Isolation.Manifest
D93ja4mb451090u
get_Dl4E5Ph6489oRVu
G69eI4ucadt1cfw
RWc8q398f0yfe2x
D4W7f687f13f98y
Assembly
WrapNonExceptionThrows
ConsoleApp1
Copyright
2021
$9410136e-1d96-4246-ba0b-d6576141fabd
1.0.0.0
.NETFramework,Version=v4.7.2
FrameworkDisplayName
.NET Framework 4.7.2
MyTemplate
11.0.0.0
3System.Resources.Tools.StronglyTypedResourceBuilder
16.0.0.0
KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator
16.6.0.0
4System.Web.Services.Protocols.SoapHttpClientProtocol
Create__Instance__
Dispose__Instance__
My.Computer
My.Application
My.User
My.WebServices
My.Settings
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>PAPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADD
!"#$%&'()*+,-
ConsoleApp1.Resources
TryCastToIDMOP
IDOSet
Argument_InvalidValue1
CallType
totallistGetotallisttTtotallistypetotallist
totallist
totallistAstotallistsemtotallistblytotallist
totallistLtotallistoadtotallist
totallistEnttotallistryPtotallistointotallistt
totallistIntotallistvototallistketotallist
ConsoleApp1.Dod2Q48a4358jb
VS_VERSION_INFO
StringFileInfo
040904e4
Comments
F97dbXEh4Paza8
CompanyName
F97dbXEh4Paza8 Inc.
FileDescription
F97dbXEh4Paza8
FileVersion
2.850.619.439
LegalCopyright
All Rights Reserved
InternalName
F97dbXEh4Paza8.exe
LegalTrademarks
F97dbXEh4Paza8
OriginalFilename
F97dbXEh4Paza8.exe
ProductName
F97dbXEh4Paza8
ProductVersion
2.850.619.439
Assembly Version
2.850.619.439
VarFileInfo
Translation
Antivirus Signature
Bkav Clean
Lionic Trojan.Win32.Mardom.4!c
Elastic malicious (high confidence)
MicroWorld-eScan Gen:Trojan.Mardom.IN.14
FireEye Generic.mg.b2a06b4fb1811354
CAT-QuickHeal Clean
McAfee Artemis!B2A06B4FB181
Cylance Unsafe
VIPRE Clean
Sangfor Trojan.Win32.Save.a
K7AntiVirus Clean
BitDefender Gen:Trojan.Mardom.IN.14
K7GW Clean
Cybereason malicious.785d9b
Arcabit Clean
Baidu Clean
Cyren Clean
Symantec ML.Attribute.HighConfidence
ESET-NOD32 Clean
APEX Malicious
Paloalto generic.ml
ClamAV Clean
Kaspersky UDS:DangerousObject.Multi.Generic
Alibaba Clean
NANO-Antivirus Clean
ViRobot Clean
Rising Clean
Ad-Aware Gen:Trojan.Mardom.IN.14
Emsisoft Gen:Trojan.Mardom.IN.14 (B)
Comodo Clean
F-Secure Clean
DrWeb Clean
Zillya Clean
TrendMicro Clean
McAfee-GW-Edition BehavesLike.Win32.Generic.dz
CMC Clean
Sophos Mal/Generic-R
Ikarus Trojan.Inject
Jiangmin Clean
eGambit Unsafe.AI_Score_100%
Avira Clean
MAX malware (ai score=89)
Antiy-AVL Clean
Kingsoft Win32.Troj.Generic_a.a.(kcloud)
Gridinsoft Clean
Microsoft Trojan:Win32/Wacatac.B!ml
SUPERAntiSpyware Clean
ZoneAlarm Clean
GData Gen:Trojan.Mardom.IN.14
Cynet Malicious (score: 100)
AhnLab-V3 Clean
Acronis Clean
BitDefenderTheta Gen:NN.ZemsilF.34104.6m0@aCQzTcoi
ALYac Gen:Trojan.Mardom.IN.14
TACHYON Clean
VBA32 Clean
Malwarebytes Trojan.Injector
Panda Clean
Zoner Clean
TrendMicro-HouseCall TROJ_GEN.R002H09HP21
Tencent Clean
Yandex Clean
SentinelOne Static AI - Malicious PE
MaxSecure Clean
Fortinet PossibleThreat
Webroot Clean
AVG FileRepMalware
Avast FileRepMalware
CrowdStrike win/malicious_confidence_100% (W)
No IRMA results available.