popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2017-03-05 20:33:19

PE Imphash

c42d5cd53ab0f6ec2316f135b7a5f0ad

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x00019a90 0x0001a000 5.90716396293
.data 0x0001b000 0x000011ac 0x00000000 0.0
.rsrc 0x0001d000 0x00000a3d 0x00001000 2.42769178189

Resources

Name Offset Size Language Sub-language File type
CUSTOM 0x0001d9c0 0x0000007d LANG_ENGLISH SUBLANG_ENGLISH_US ASCII text, with CRLF line terminators
RT_ICON 0x0001d480 0x00000128 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x0001d480 0x00000128 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x0001d480 0x00000128 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_GROUP_ICON 0x0001d450 0x00000030 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_VERSION 0x0001d1a0 0x000002b0 LANG_ENGLISH SUBLANG_ENGLISH_US data

Imports

Library MSVBVM60.DLL:
0x401000 None
0x401004 MethCallEngine
0x401008 None
0x40100c None
0x401010 None
0x401014 None
0x401018 EVENT_SINK_AddRef
0x40101c None
0x401020 DllFunctionCall
0x401024 EVENT_SINK_Release
0x40102c __vbaExceptHandler
0x401030 None
0x401034 None
0x401038 None
0x40103c None
0x401040 None
0x401044 None
0x401048 None
0x40104c None
0x401050 None
0x401054 None
0x401058 None
0x40105c None
!This program cannot be run in DOS mode.
`.data
MSVBVM60.DLL
Vareindkb
Freeze
HALVDE
HALVDE
Frame1
BESKYTTERS
Check1
Option4
Option3
Option2
DIOTOCARD
Option1
VB5!6&*
reverific
Vareindkb
Vareindkb
Vareindkb
Freeze
universi
Check1
C:\Program Files (x86)\Microsoft Visual Studio\VB98\VB6.OLB
Frame1
Option3
Option2
Option1
Option4
kernel32
EnumSystemCodePagesA
user32
GetQueueStatus
SetLayeredWindowAttributes
msvfw32.dll
GetOpenFileNamePreview
shell32.dll
SHGetFileInfoA
FileTimeToLocalFileTime
VBA6.DLL
universi
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
Q!laA;^
b,MyVA
/Tu2?J
IpS8E9
.``B#zO
0QYG~tA
<,D`g.]uB
`K#P{=
}.s<3&
T<m#UX
t;v64a
c&/C&=
)hJ`4V
~,Q.Ql-
FK`)D{
{MIkVW
R5U N>
R]6r4h
2fC{>/+
iaJ/_>;
D~wtD^
/^>;t>
P;;Ks~
LuAdZ|
t$'rJ6
t$'rJ6
< ;y:A
G}`Bpb
&Y#*|-m
(@!!!!!!!!!!!!!!!!!!!!
C::::::::::::::::::::::
Qmmmmmmmmmmmmmmm
}}}}}}}}}}}}}}}}}}}}}
@ggggggggggggggg
:LLLLLLLLLLLLLLLLLLH
|VVVVVVVVVVVVVVVVVVV
DfQQQQQQQQQQQQQQQQQ
|||||||||||||||;
;;;;;;;;;;;;;;;;;;;
***************
k&&&&&&&&&&&&&&&&&&&&&
mdrrrrrrrrrrrrrrrrrrrrrr
-GGGGGGGGGGGGGGGG
&///////////////
FFFFFFFFFFFFFFFFFF
3%%%%%%%%%%%%%%%%
;\='''''''''''''''''''
ZK*bbbbbbbbbbbbbbbb
{WWWWWWWWWWWWWWWWW
777777777777777777
6fffffffffffffffff
4xwwwwwwwwwwwwwwww
JGy<aaaaaaaaaaaaaaaaaa
@EEEEEEEEEEEEEEEEEEEEE
56<KKKKKKKKKKKKKKKKKKKK
A<<<<<<<<<<<<<<<<<
222222222222222222
5555555555555555555555
?xxxxxxxxxxxxxxxxxxxxxx
6Eh
lllllllllllllllll
7AAAAAAAAAAAAAAAAAAA
m@@@@@@@@@@@@@@@@@@@@@
^
:::::::::::::::::
}Pqqqqqqqqqqqqqqq
Y$$$$$$$$$$$$$$$$$$$
ppppppppppppppppp
QQQQQQQQQQQQQQQQQQ
C_EEEEEEEEEEEEEEEE
zrrrrrrrrrrrrrrrrrrrrr
paaaaaaaaaaaaaaaaa
"LLLLLLLLLLLLLLLLL
x4]]]]]]]]]]]]]]]
i44444444444444444
gV))))))))))))))))))
GGGGGGGGGGGGGGGGG
$++++++++++++++++++++
9555555555555555555555
u1111111111111111111
ffffffffffffffff
^R4|}}}}}}}}}}}}}}}}}}}}V
H!r\\\\\\\\\\\\\\\\\
,PRRRRRRRRRRRRRRRR
vaaaaaaaaaaaaaaaaaa
KKKKKKKKKKKKKKKKKKKK
%::::::::::::::::
%%%%%%%%%%%%%%%
V6666666666666666666666
s
SWWWWWWWWWWWWWWWWW
d???????????????
`TVVVVVVVVVVVVVVVVVVV
W6"*4444444444444444
z77777777777777777777
@rrrrrrrrrrrrrrrrP
z'+++++++++++++++
Dggggggggggggggggg
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
sardonic
MSVBVM60.DLL
MethCallEngine
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
// generated by Infinity Ward
version = 1
VideoMemoryScale = 0.85
RendererWorkerCount = 7
ConfigCloudStorageEnabled = 0
anabol
anthoceros
Parkanlg6
lpriser
Sisterise1
unquotable
Indiaman
Epicormic
certainest
counterattractive
ustadighed
Reparer6
Electioneering
Rutiodon6
PEBERBFFERNES
Ekstensiverede
Antipodes
Wanky7
OPSPLITNINGS
SNOHALE
opdateret
FYSIOTERAPEUTEN
grundformers
FASTLG
PREACHES
Summarizes
Scenografiske7
Unprudently7
Continuative
ADKINS
PROPIONATE
sovkhozy
hassocks
Ildnedes5
Oppakningers6
Rapportopgaveens
anthropophagi
aggressions
Pharyngoglossus7
niches
KONDITIONERNES
frsteopfrelsers
Gravicembalos
CLIMACIACEAE
BRYSTHULERNES
Blgers
ARLOUP
Agraffer
Aosmic
NACHANI
Stjernetaagens
labialising
pansexualist
Obituarize
COORDINATORY
Escaping2
Dodecaphony
FLUXING
OVERTOISE
Axenically
Udsendelseslederens
Afsavn8
PENTALOGIES
AFKAPPER
Bundgears4
AMYLOGENS
Normaltilstandenes5
Ciceronic
lashers
Bjlkehytterne
FANTASIPRIS
Princesslike9
Unserved
Thomson9
Lenstider
Retsformand
Lanceringens2
BARRATRY
Intercrescence
Rejuvenescence2
Unpecked3
erhversformaals
DIACRANTERIAN
hldningers
Drggene7
Phyllobranchia
UBEGRIBELIG
ACROMIOCLAVICULAR
Carpetwoven
Siruppernes5
Anslagenes1
kontoudtogs
fruitless
Myndighedsbehandlings
umiddelbarhed
udforingen
Baronesser7
havebrugskandidat
enkemnds
Dissipators5
telefonabonnementets
SOLVOLYSIS
Hoblike
Nonexpedient
flovmnd
Brahetrolleborg
Egenproduktionernes
FRGEFORBINDELSE
UNGRAPHIC
tryknings
pitchpine
RETOOL
Poorness6
FORVANSKES
KUNDSKABSTRSTENS
Forskningschefernes
amaryllisens
Auditren
Uproused9
Millionths7
Remunerators
Programdelenes
Radiospillet5
Dormitoris3
Sprgendes
aerocraft
prsentationernes
Diagonallsningernes
Veniality
Sulphoantimonious
SHALLOWISH
Wisigothic
SALTMANDELS
Turbulensens
Ndsituationer
Iagttagelsens1
PERSONISATION
VILLYS
Fleers7
Opvejes
Subnotation2
CABLELAID
formentlig
Mutable
styrkeprver
TMMERVRKET
Outscolds3
Nidkres1
daadyrklle
Taltushtuntude
Rdstrmpes
KOMMISSORIER
Sjlegruppe
succesfuldes
Sniglbene
Designlisterne6
Cataloguize4
fascination
PUPILISES
Endocrinologies
Frisr5
Forbrugersamfund
Antimaterialism1
Patronym
SNOWDRIFTS
unvigorously
Groping5
PERICHDRIA
Noncrystallizing6
DMONOLOGI
HUMPLERNES
Ingenious9
SKILLINGENDE
specula
indkaldte
Pathognomonical
APPALOOSAS
Misopaterist
Kalundborgenser8
Policequest9
udbydelserne
Beregningsformernes
Hjernearbejdes7
afsnringens
Gildehus
Picturesque
Lektorats
rickmatic
Brsnoteringen
Broccolienes
Revisionsaktieselskabets
MOONWORT
tilvnnedes
Cusecs
asylansgerne
Krystalkuglens
fredstiderne
uhomogent
Materialness
votivtavle
Gamboler4
UNCHARITY
Lysebrunes3
Blikvarefabrikkers
Dorhawks
rbdigheden
RESPIRATE
BLINKFYRET
Teminalnavnets3
Desterilized
CUSTOM
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
040904B0
Comments
Midway Games
CompanyName
Midway Games
FileDescription
Midway Games
ProductName
Midway Games
FileVersion
3.03.0001
ProductVersion
3.03.0001
InternalName
reverific
OriginalFilename
reverific.exe
Antivirus Signature
Bkav W32.AIDetect.malware1
Lionic Worm.Win32.WBVB.o!c
Elastic malicious (high confidence)
MicroWorld-eScan Trojan.GenericKD.46896494
FireEye Generic.mg.612bb2a0321b426e
CAT-QuickHeal Clean
ALYac Trojan.Agent.GuLoader
Cylance Unsafe
VIPRE Clean
Sangfor Clean
K7AntiVirus Clean
BitDefender Trojan.GenericKD.46896494
K7GW Clean
Cybereason malicious.ebd721
Baidu Clean
Cyren W32/VBKrypt.AZM.gen!Eldorado
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of Win32/GenKryptik.FJSR
APEX Malicious
Paloalto generic.ml
ClamAV Clean
Kaspersky Backdoor.Win32.Androm.utki
Alibaba Trojan:Win32/GenKryptik.2e2ce285
NANO-Antivirus Clean
ViRobot Clean
Rising Downloader.Guloader!1.D907 (CLASSIC)
Ad-Aware Trojan.GenericKD.46896494
Emsisoft Trojan.GenericKD.46896650 (B)
Comodo Clean
F-Secure Clean
DrWeb Clean
Zillya Clean
TrendMicro Clean
McAfee-GW-Edition BehavesLike.Win32.Trojan.cm
CMC Clean
Sophos Mal/Generic-S
Ikarus Trojan.VB.Crypt
GData Trojan.GenericKD.46896494
Jiangmin Clean
Webroot Clean
Avira Clean
MAX malware (ai score=88)
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Clean
Arcabit Clean
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft Trojan:Win32/VBObfuse.BBC!MTB
Cynet Clean
AhnLab-V3 Clean
Acronis Clean
McAfee GuLoader-FDCG!612BB2A0321B
TACHYON Clean
VBA32 Clean
Malwarebytes Trojan.GuLoader
Panda Clean
Zoner Clean
TrendMicro-HouseCall Clean
Tencent Clean
Yandex Trojan.AvsArher.bTx33N
SentinelOne Static AI - Malicious PE
eGambit Clean
Fortinet Malicious_Behavior.SB
BitDefenderTheta Gen:NN.ZevbaF.34110.hm0@a4TW33ji
AVG Win32:Trojan-gen
Avast Win32:Trojan-gen
CrowdStrike Clean
MaxSecure Clean
No IRMA results available.