popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2021-08-30 02:59:22

PDB Path

c:\Users\Administrator\Desktop\dddx.pdb

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x00000ff4 0x00001000 4.89019993808
.rsrc 0x00004000 0x000005d0 0x00000600 4.24384636146
.reloc 0x00006000 0x0000000c 0x00000200 0.0815394123432

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x000040a0 0x00000340 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_MANIFEST 0x000043e0 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
v4.0.30319
#Strings
<Module>
dddx.exe
UVnopqrstuvwSTUVWXopqrstuvwx
xyzABCDEFGHInopqrstuklmnopqQRSTU
NOPQKLbcdefghiABC
mscorlib
System
Object
MulticastDelegate
xyzABCDExyzABCDEFGTxyz
Invoke
IAsyncResult
AsyncCallback
BeginInvoke
EndInvoke
hexString
object
method
callback
result
System.Reflection
AssemblyTitleAttribute
AssemblyDescriptionAttribute
AssemblyCompanyAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyFileVersionAttribute
System.Diagnostics
DebuggableAttribute
DebuggingModes
System.Runtime.CompilerServices
CompilationRelaxationsAttribute
RuntimeCompatibilityAttribute
System.Net
ServicePointManager
SecurityProtocolType
set_SecurityProtocol
WebClient
String
Concat
DownloadData
Assembly
GetType
MethodInfo
GetMethod
RuntimeTypeHandle
GetTypeFromHandle
Delegate
CreateDelegate
System.Windows.Forms
Application
get_ExecutablePath
DynamicInvoke
get_Length
Substring
Convert
ToByte
System.Text
Encoding
get_Unicode
GetString
Google Update
Google
Google LLC
Google LLC, 2018
1.3.36.101
WrapNonExceptionThrows
c:\Users\Administrator\Desktop\dddx.pdb
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
680074007400700073003A002F002F00
6200750069006C006400650072002E00700070002E00720075002F007100760075006900760068007100750077006800750069007A00710077002E0064006C006C00
https://cdn.discordapp.com/attachments/710557342755848243/881598869778092032/afansdo.exe
490042005100490057004A0052004900510069006F007A006A0069007100770069006F0065007100
2E007600710069006F0077006500750071006800750069007A006800690071007500770069007500650071006800690075006300
76006A0071006F00770069006A00650063006F0069006A0071006F00690077006A007A00690071007700650071007800
Invoke
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
Google
CompanyName
Google LLC
FileDescription
Google Update
FileVersion
1.3.36.101
InternalName
dddx.exe
LegalCopyright
Google LLC, 2018
OriginalFilename
dddx.exe
ProductName
Google Update
ProductVersion
1.3.36.101
Assembly Version
0.0.0.0
Antivirus Signature
Bkav Clean
Lionic Trojan.MSIL.Bingoml.4!c
Elastic Clean
DrWeb Clean
MicroWorld-eScan Clean
FireEye Generic.mg.0a3195ee252660ba
CAT-QuickHeal Clean
McAfee Artemis!0A3195EE2526
Cylance Unsafe
VIPRE Clean
Sangfor Clean
K7AntiVirus Clean
BitDefender Clean
K7GW Clean
CrowdStrike win/malicious_confidence_90% (W)
BitDefenderTheta Gen:NN.ZemsilF.34110.am0@aSkHW@c
Cyren Clean
Symantec Trojan.Gen.2
ESET-NOD32 a variant of MSIL/TrojanDownloader.Tiny.BFJ
Zoner Clean
TrendMicro-HouseCall Clean
Paloalto generic.ml
ClamAV Clean
Kaspersky HEUR:Trojan.MSIL.Bingoml.gen
Alibaba Trojan:MSIL/Bingoml.fa54ac1c
NANO-Antivirus Clean
ViRobot Clean
Rising Clean
Ad-Aware Clean
Sophos Clean
Comodo Clean
F-Secure Clean
Baidu Clean
Zillya Clean
TrendMicro Clean
McAfee-GW-Edition Artemis!Trojan
CMC Clean
Emsisoft Clean
SentinelOne Static AI - Malicious PE
GData Clean
Jiangmin Clean
Webroot Clean
Avira Clean
MAX Clean
Antiy-AVL Clean
Kingsoft Win32.Troj.Undef.(kcloud)
Gridinsoft Clean
Arcabit Clean
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft Trojan:Win32/AgentTesla!ml
Cynet Malicious (score: 100)
AhnLab-V3 Clean
Acronis Clean
ALYac Clean
TACHYON Clean
VBA32 Clean
Malwarebytes Trojan.Downloader.MSIL.Generic
Panda Clean
APEX Malicious
Tencent Msil.Trojan.Bingoml.Eyb
Yandex Clean
Ikarus Clean
eGambit Unsafe.AI_Score_93%
Fortinet Clean
AVG FileRepMetagen [Malware]
Cybereason Clean
Avast FileRepMetagen [Malware]
MaxSecure Clean
No IRMA results available.