popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2021-08-24 20:31:17

PE Imphash

b211bec2627ea9b5322d60ef3ed97e1a

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x0000c921 0x0000ca00 6.73116681784
.rdata 0x0000e000 0x00000472 0x00000600 3.79303660771
.data 0x0000f000 0x0005f5c0 0x0005f600 5.43915623368
.pdata 0x0006f000 0x000000a8 0x00000200 1.44440103653

Imports

Library KERNEL32.dll:
0x18000e000 GetThreadPriority
0x18000e008 TlsGetValue
0x18000e010 WaitForSingleObject
0x18000e018 GetCurrentThread
0x18000e020 LoadLibraryA
0x18000e028 GetProcAddress
0x18000e030 VirtualAlloc
0x18000e038 VirtualFree
0x18000e040 GetSystemTime

Exports

Ordinal Address Name
4 0x18000107e CvvuibpxxnejxroDsqhgxyzcujno
5 0x180001084 JfvrwqpngZxcdineOxnuutznn
6 0x180001078 MzqvvwcgmfEvubknxjygklx
1 0x18000102a StartW
2 0x180001044 fgrererere
3 0x18000105e qwwwwww
!This program cannot be run in DOS mode.
`.rdata
@.data
.pdata
AWAVAUATVWUSH
8[]_^A\A]A^A_
AWAVAUATVWUSH
[]_^A\A]A^A_
AWAVAUATVWUSH
[]_^A\A]A^A_
AWAVAUATVWUSH
[]_^A\A]A^A_
AWAVAUATVWUSH
[]_^A\A]A^A_
AWAVAUATVWUSH
H[]_^A\A]A^A_
AWAVAUATVWUSH
[]_^A\A]A^A_
AWAVAUATVWUSH
WdYSH)
L$89H\A
L$89HlA
[]_^A\A]A^A_
AWAVAUATVWUSH
x[]_^A\A]A^A_
.text$mn
.idata$5
.rdata
.rdata$zzzdbg
.xdata
.edata
.idata$2
.idata$3
.idata$4
.idata$6
.pdata
StartW
fgrererere
qwwwwww
CvvuibpxxnejxroDsqhgxyzcujno
JfvrwqpngZxcdineOxnuutznn
MzqvvwcgmfEvubknxjygklx
GetThreadPriority
TlsGetValue
WaitForSingleObject
GetCurrentThread
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
GetSystemTime
KERNEL32.dll
b%Z^Ja
.:K`bC9
{)o"qYJ
a{hyr^
Antivirus Signature
Bkav Clean
Lionic Clean
Elastic malicious (high confidence)
MicroWorld-eScan Gen:Variant.Razy.913977
CMC Clean
CAT-QuickHeal Clean
McAfee Clean
Cylance Unsafe
VIPRE Clean
Sangfor Clean
CrowdStrike Clean
BitDefender Gen:Variant.Razy.913977
K7GW Clean
K7AntiVirus Clean
Arcabit Trojan.Razy.DDF239
BitDefenderTheta Clean
Cyren Clean
Symantec Clean
ESET-NOD32 a variant of Win64/BazarLoader.AZ
Baidu Clean
APEX Malicious
Paloalto Clean
ClamAV Clean
Kaspersky UDS:DangerousObject.Multi.Generic
Alibaba Clean
NANO-Antivirus Clean
ViRobot Clean
Rising Clean
Ad-Aware Gen:Variant.Razy.913977
TACHYON Clean
Sophos Clean
Comodo Clean
F-Secure Clean
DrWeb Clean
Zillya Clean
TrendMicro Clean
McAfee-GW-Edition Clean
FireEye Generic.mg.6a124d95c5c5038d
Emsisoft Gen:Variant.Razy.913977 (B)
Ikarus Clean
Jiangmin Clean
eGambit Clean
Avira Clean
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Clean
Microsoft Clean
SUPERAntiSpyware Clean
ZoneAlarm Clean
GData Gen:Variant.Razy.913977
Cynet Malicious (score: 100)
AhnLab-V3 Trojan/Win.IcedID.C4608701
Acronis Clean
VBA32 Clean
ALYac Gen:Variant.Razy.913977
MAX malware (ai score=81)
Malwarebytes Clean
Panda Clean
Zoner Clean
TrendMicro-HouseCall Clean
Tencent Clean
Yandex Clean
SentinelOne Clean
MaxSecure Clean
Fortinet W64/BazarLoader.AZ!tr
Webroot Clean
AVG FileRepMalware
Avast FileRepMalware
No IRMA results available.