popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2010-06-09 03:14:04

PE Imphash

90627e2da294b22ae2833d09baebd2c5

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x00012664 0x00013000 6.37374840526
.data 0x00014000 0x00000a98 0x00001000 0.0
.rsrc 0x00015000 0x00000d5e 0x00001000 1.63282906341

Resources

Name Offset Size Language Sub-language File type
RT_ICON 0x0001538e 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x0001538e 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_GROUP_ICON 0x0001536c 0x00000022 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_VERSION 0x00015120 0x0000024c LANG_NEUTRAL SUBLANG_NEUTRAL data

Imports

Library MSVBVM60.DLL:
0x401000 _CIcos
0x401004 _adj_fptan
0x401008 __vbaFreeVar
0x40100c _adj_fdiv_m64
0x401010 _adj_fprem1
0x401014 __vbaSetSystemError
0x40101c _adj_fdiv_m32
0x401020 _adj_fdiv_m16i
0x401024 _adj_fdivr_m16i
0x401028 _CIsin
0x40102c __vbaChkstk
0x401030 EVENT_SINK_AddRef
0x401034 DllFunctionCall
0x401038 _adj_fpatan
0x40103c EVENT_SINK_Release
0x401040 _CIsqrt
0x401048 __vbaExceptHandler
0x40104c _adj_fprem
0x401050 _adj_fdivr_m64
0x401054 __vbaFPException
0x401058 _CIlog
0x40105c None
0x401060 _adj_fdiv_m32i
0x401064 _adj_fdivr_m32i
0x401068 _adj_fdivr_m32
0x40106c _adj_fdiv_r
0x401070 None
0x401074 _CIatan
0x401078 _allmul
0x40107c _CItan
0x401080 _CIexp
!This program cannot be run in DOS mode.
`.data
MSVBVM60.DLL
Project5
UNINLAIDS
NONREPRESS
knf~5Vz
knf~5Vz
cnwlc#
wO>G]
;g/EbXd
o#Sd;p
:GJy5]2
/~_i&wn/
xJ|qIT)
>>Dn>>-
#Sd*ZJ
m#Sd0t
"')k_'e
J#SdSL
E75JCf<Oj
NIz5]1D
cfwlc~w`
}#SdQ!96
"nO{mh
+#SdV"
"SklyQd
"SklIRd
*SdaRK
*SdaRO
*SdazK
2SdiJGd
*#Sdctw
J~ESq"TM
SdQxu>E
"S]1JP
hkm]>d
;/eW)Wdt
riUWq<o
>#SdS\
''u5]#
tq]m=Qd
SdRDnn
f0]*5I
#Sd/g;d
VXft)
E'I300
#Sdcvwl
4Sdagc]*D
4Sdagk\
4Sdago]*D
hV"Sdl
PGQC'P
'+MA<f
%>)7;]
"SdcbC
SdS:|
ncg7U3
@[]1B5
"3;A"k
"SkmlUd
NkmE@d
Odc~w`h
"2_uzQd
@#SdbaCX*
cfwxcnw`a
Jp%SrSd
S,czs-i
{(avwD
-ch[-cxC,i
-V&av@
-V*a~@
"SkmMQd
SdcjW
o='F5])D
lc"5]8
~5])r9$/bs}v
iRsKx3
c*UQ/
9eiJKd
NONREPRESS
Command1
Skovendemel6
Check2
dagcentretsfo
Option2
Omnivisionsoc
Check1
Glattest9
Option1
thurberiaiphim
Combo2
PARKGSTENCRE
Combo1
Pittings9
VB5!6&*
ANTIPODER
Project5
Project5
Project5
UNINLAIDS
Stanzaedcyclo7
C:\Program Files (x86)\Microsoft Visual Studio\VB98\VB6.OLB
Command1
Check1
Check2
Combo2
Combo1
Option2
Option1
version.dll
GetFileVersionInfoSizeA
advapi32.dll
CryptDeriveKey
user32
SetWindowTextA
iphlpapi
GetIpStatistics
kernel32
SetLastError
Tilfartsvejenes
VBA6.DLL
__vbaHresultCheckObj
__vbaSetSystemError
__vbaFreeVar
MSVBVM60.DLL
_CIcos
_adj_fptan
__vbaFreeVar
_adj_fdiv_m64
_adj_fprem1
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
_adj_fdiv_m16i
_adj_fdivr_m16i
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
_CIlog
_adj_fdiv_m32i
_adj_fdivr_m32i
_adj_fdivr_m32
_adj_fdiv_r
_CIatan
_allmul
_CItan
_CIexp
Caddords1
Idkatalo1
BEVISINDIGI1
unsolitarysca1
Klersgladsomein1)0'
sandslot@Irrealmoisten7.Ta0
210829130339Z
220829130339Z0
Caddords1
Idkatalo1
BEVISINDIGI1
unsolitarysca1
Klersgladsomein1)0'
sandslot@Irrealmoisten7.Ta0
sq-"f~
!"*B4C*
<7l&_v1
Caddords1
Idkatalo1
BEVISINDIGI1
unsolitarysca1
Klersgladsomein1)0'
sandslot@Irrealmoisten7.Ta
d0q!'g
20210829130342Z
DigiCert Inc1
www.digicert.com110/
(DigiCert SHA2 Assured ID Timestamping CA0
210101000000Z
310106000000Z0H1
DigiCert, Inc.1 0
DigiCert Timestamp 20210
http://www.digicert.com/CPS0
,http://crl3.digicert.com/sha2-assured-ts.crl02
,http://crl4.digicert.com/sha2-assured-ts.crl0
http://ocsp.digicert.com0O
Chttp://cacerts.digicert.com/DigiCertSHA2AssuredIDTimestampingCA.crt0
QJxy6z'
dwc_#Ri
DigiCert Inc1
www.digicert.com1$0"
DigiCert Assured ID Root CA0
160107120000Z
310107120000Z0r1
DigiCert Inc1
www.digicert.com110/
(DigiCert SHA2 Assured ID Timestamping CA0
fnVa')
http://ocsp.digicert.com0C
7http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
4http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
4http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0P
https://www.digicert.com/CPS0
8aMbF$
V3"/"6
DigiCert Inc1
www.digicert.com110/
(DigiCert SHA2 Assured ID Timestamping CA
210829130342Z0+
/1(0&0$0"
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004B0
CompanyName
Zaloni
FileDescription
Zaloni
ProductName
Project5
FileVersion
ProductVersion
InternalName
ANTIPODER
OriginalFilename
ANTIPODER.exe
Antivirus Signature
Bkav Clean
Lionic Trojan.Win32.Stealer.l!c
MicroWorld-eScan Clean
FireEye Clean
CAT-QuickHeal Clean
McAfee Artemis!0CB653B63F1F
Cylance Unsafe
VIPRE Clean
Sangfor Trojan.Win32.Save.a
K7AntiVirus Clean
BitDefender Clean
K7GW Clean
Cybereason malicious.633b6e
BitDefenderTheta Gen:NN.ZevbaF.34110.fm1@aiXW4Zp
Cyren Clean
Symantec Trojan.Gen.2
ESET-NOD32 a variant of Win32/GenKryptik.FJQA
Baidu Clean
APEX Malicious
Paloalto generic.ml
ClamAV Clean
Kaspersky UDS:Trojan.Win32.Mucc
Alibaba Clean
NANO-Antivirus Clean
ViRobot Clean
Tencent Clean
Ad-Aware Clean
TACHYON Clean
Emsisoft Clean
Comodo Clean
F-Secure Clean
DrWeb Clean
Zillya Clean
TrendMicro Clean
McAfee-GW-Edition Artemis!Trojan
CMC Clean
Sophos Mal/Generic-S
Ikarus Clean
GData Clean
Jiangmin Clean
MaxSecure Clean
Avira Clean
Antiy-AVL Clean
Kingsoft Win32.Troj.Generic_a.a.(kcloud)
Gridinsoft Clean
Arcabit Clean
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft Trojan:Win32/Sabsik.FL.B!ml
Cynet Malicious (score: 100)
AhnLab-V3 Clean
Acronis Clean
VBA32 Clean
ALYac Clean
MAX Clean
Malwarebytes Clean
Panda Clean
Zoner Clean
TrendMicro-HouseCall Clean
Rising Clean
Yandex Clean
SentinelOne Clean
eGambit Unsafe.AI_Score_100%
Fortinet Clean
Webroot Clean
AVG FileRepMalware
Avast FileRepMalware
CrowdStrike win/malicious_confidence_80% (W)
No IRMA results available.