Static | ZeroBOX

Name	Virtual Address	Virtual Size	Size of Raw Data	Entropy
.text	0x00002000	0x00008374	0x00008400	7.92637692837
.rsrc	0x0000c000	0x000004d6	0x00000600	3.74860066292
.reloc	0x0000e000	0x0000000c	0x00000200	0.0815394123432

Name

Virtual Address

Virtual Size

Size of Raw Data

Entropy

.text

0x00002000

0x00008374

0x00008400

7.92637692837

.rsrc

0x0000c000

0x000004d6

0x00000600

3.74860066292

.reloc

0x0000e000

0x0000000c

0x00000200

0.0815394123432

Name	Offset	Size	Language	Sub-language	File type
RT_VERSION	0x0000c0a0	0x0000024c	LANG_NEUTRAL	SUBLANG_NEUTRAL	data
RT_MANIFEST	0x0000c2ec	0x000001ea	LANG_NEUTRAL	SUBLANG_NEUTRAL	XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Name

Offset

Size

Language

Sub-language

File type

RT_VERSION

0x0000c0a0

0x0000024c

LANG_NEUTRAL

SUBLANG_NEUTRAL

data

RT_MANIFEST

0x0000c2ec

0x000001ea

LANG_NEUTRAL

SUBLANG_NEUTRAL

XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

!This program cannot be run in DOS mode.

`.rsrc

@.reloc

M_xCKp

+&@xWf

OhhSn~

6_p\,q4c7!

hNl?(5

Kjm(J|W

a)Kz:xC

%Fke-

<vHo14

~:(N1O

l5esT%

8K)WVi

ck2OTs8

_m 8+U

2@5;)FN

5]aJmM_8<

)-#;U=

9qW^lO/

kA(7?Qa`

zBqv&Y

$5f+^^

|Of1<q

!@hD<gq

WqkJ(z]

&U2: M

s2KWl-)[

"(N$&k

mBn*f/

)9cM)?

%I+>X(tI

1PA$|CF

+J~w[G

ol~~-G

>8@][d

T')"+c

GI}G8v

,zDhy%

*tyZSuG

G%LCc~

fD+GO^N*

;tU$]3T

R]FIj,y

)% #!V

&l{Z6z. 23I

(K\g(xK

^s6Jv

bU+vqF

LKKp w

1X{S'T

v4.0.30319

#Strings

ToInt32

Bin_56655

System.IO

BEKZmkIdjbO

mDubAqFgZU

set_IV

mscorlib

ieobPkFbSd

GetMethod

npkELYBUAhuSWe

CryptoStreamMode

CompressionMode

get_Message

Invoke

IDisposable

RuntimeFieldHandle

ValueType

GetType

MethodBase

Dispose

Create

CompilerGeneratedAttribute

CompilationRelaxationsAttribute

RuntimeCompatibilityAttribute

YiGoRlmyjYHf

String

pMsZFzsEILAh

wEoeZrIFQCKj

ieoOgQJhSUmWkk

CryptoStream

GZipStream

MemoryStream

System

SymmetricAlgorithm

ICryptoTransform

System.IO.Compression

System.Reflection

set_Position

Exception

MethodInfo

QrQzHHGxZdLaJYXrwp

pajAHVXGiIkq

Buffer

BitConverter

.cctor

CreateDecryptor

System.Runtime.CompilerServices

System.Windows.Forms

RuntimeHelpers

Object

System.Net

DialogResult

WebClient

KUsZxniHaCSv

MessageBox

InitializeArray

ToArray

set_Key

System.Security.Cryptography

Assembly

BlockCopy

WrapNonExceptionThrows

_CorExeMain

mscoree.dll

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>

</requestedPrivileges>

</security>

</trustInfo>

</assembly>

FaNnaDpHuvWd.lnMcHOcOUsgaEk

chromeclusterspectr.ddns.net

Default

epsJnsHNq

GoogleChrome

Chrome.exe

VS_VERSION_INFO

VarFileInfo

Translation

StringFileInfo

000004b0

FileDescription

FileVersion

0.0.0.0

InternalName

Bin_56655.exe

LegalCopyright

OriginalFilename

Bin_56655.exe

ProductVersion

0.0.0.0

Assembly Version

0.0.0.0

Antivirus	Signature
Bkav	Clean
Lionic	Clean
Elastic	malicious (high confidence)
Cynet	Malicious (score: 100)
FireEye	Generic.mg.a49b49fc0253c0db
CAT-QuickHeal	Clean
McAfee	Artemis!A49B49FC0253
Cylance	Unsafe
VIPRE	Clean
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Clean
BitDefender	Clean
K7GW	Clean
Cybereason	malicious.14abd5
Baidu	Clean
Cyren	Clean
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	Clean
APEX	Malicious
Paloalto	generic.ml
ClamAV	Clean
Kaspersky	HEUR:Backdoor.MSIL.Androm.gen
Alibaba	Clean
NANO-Antivirus	Clean
ViRobot	Clean
MicroWorld-eScan	Clean
Tencent	Clean
Ad-Aware	Clean
Sophos	ML/PE-A
F-Secure	Clean
DrWeb	Trojan.PackedNET.165
Zillya	Clean
TrendMicro	Clean
McAfee-GW-Edition	BehavesLike.Win32.Generic.nc
CMC	Clean
Emsisoft	Clean
SentinelOne	Static AI - Malicious PE
GData	Clean
Jiangmin	Clean
MaxSecure	Trojan.Malware.300983.susgen
Avira	TR/Dropper.Gen
MAX	Clean
Antiy-AVL	Clean
Kingsoft	Clean
Gridinsoft	Clean
Arcabit	Clean
SUPERAntiSpyware	Clean
ZoneAlarm	Clean
Microsoft	Trojan:Script/Phonzy.B!ml
AhnLab-V3	Trojan/Win.Generic.C4590621
Acronis	Clean
BitDefenderTheta	Gen:NN.ZemsilF.34110.cm0@aWGtdyg
ALYac	Clean
TACHYON	Clean
VBA32	Clean
Malwarebytes	MachineLearning/Anomalous.100%
Panda	Trj/GdSda.A
Zoner	Clean
TrendMicro-HouseCall	Clean
Rising	Clean
Yandex	Clean
Ikarus	Trojan.MSIL.Injector
eGambit	Unsafe.AI_Score_99%
Fortinet	MSIL/TrojanDropper.LY!tr
Webroot	Clean
AVG	Win32:MalwareX-gen [Trj]
Avast	Win32:MalwareX-gen [Trj]
CrowdStrike	win/malicious_confidence_100% (W)

Antivirus

Signature

Bkav

Clean

Lionic

Clean

Elastic

malicious (high confidence)

Cynet

Malicious (score: 100)

FireEye

Generic.mg.a49b49fc0253c0db

CAT-QuickHeal

Clean

McAfee

Artemis!A49B49FC0253

Cylance

Unsafe

VIPRE

Clean

Sangfor

Trojan.Win32.Save.a

K7AntiVirus

Clean

BitDefender

Clean

K7GW

Clean

Cybereason

malicious.14abd5

Baidu

Clean

Cyren

Clean

Symantec

ML.Attribute.HighConfidence

ESET-NOD32

Clean

APEX

Malicious

Paloalto

generic.ml

ClamAV

Clean

Kaspersky

HEUR:Backdoor.MSIL.Androm.gen

Alibaba

Clean

NANO-Antivirus

Clean

ViRobot

Clean

MicroWorld-eScan

Clean

Tencent

Clean

Ad-Aware

Clean

Sophos

ML/PE-A

F-Secure

Clean

DrWeb

Trojan.PackedNET.165

Zillya

Clean

TrendMicro

Clean

McAfee-GW-Edition

BehavesLike.Win32.Generic.nc

CMC

Clean

Emsisoft

Clean

SentinelOne

Static AI - Malicious PE

GData

Clean

Jiangmin

Clean

MaxSecure

Trojan.Malware.300983.susgen

Avira

TR/Dropper.Gen

MAX

Clean

Antiy-AVL

Clean

Kingsoft

Clean

Gridinsoft

Clean

Arcabit

Clean

SUPERAntiSpyware

Clean

ZoneAlarm

Clean

Microsoft

Trojan:Script/Phonzy.B!ml

AhnLab-V3

Trojan/Win.Generic.C4590621

Acronis

Clean

BitDefenderTheta

Gen:NN.ZemsilF.34110.cm0@aWGtdyg

ALYac

Clean

TACHYON

Clean

VBA32

Clean

Malwarebytes

MachineLearning/Anomalous.100%

Panda

Trj/GdSda.A

Zoner

Clean

TrendMicro-HouseCall

Clean

Rising

Clean

Yandex

Clean

Ikarus

Trojan.MSIL.Injector

eGambit

Unsafe.AI_Score_99%

Fortinet

MSIL/TrojanDropper.LY!tr

Webroot

Clean

AVG

Win32:MalwareX-gen [Trj]

Avast

Win32:MalwareX-gen [Trj]

CrowdStrike

win/malicious_confidence_100% (W)

Static Analysis

PE Compile Time

PE Imphash

Sections

Resources

Imports