Static | ZeroBOX

Name	Virtual Address	Virtual Size	Size of Raw Data	Entropy
.text	0x00001000	0x00000c40	0x00000e00	4.45896632252
.rdata	0x00002000	0x0000054a	0x00000600	4.2831253224
.data	0x00003000	0x0000042e	0x00000600	5.08733460626
.rsrc	0x00004000	0x000001e0	0x00000200	4.70150325825
.reloc	0x00005000	0x00000040	0x00000200	0.933534643019

Name

Virtual Address

Virtual Size

Size of Raw Data

Entropy

.text

0x00001000

0x00000c40

0x00000e00

4.45896632252

.rdata

0x00002000

0x0000054a

0x00000600

4.2831253224

.data

0x00003000

0x0000042e

0x00000600

5.08733460626

.rsrc

0x00004000

0x000001e0

0x00000200

4.70150325825

.reloc

0x00005000

0x00000040

0x00000200

0.933534643019

Name	Offset	Size	Language	Sub-language	File type
RT_MANIFEST	0x00004060	0x0000017d	LANG_ENGLISH	SUBLANG_ENGLISH_US	XML 1.0 document text

Name

Offset

Size

Language

Sub-language

File type

RT_MANIFEST

0x00004060

0x0000017d

LANG_ENGLISH

SUBLANG_ENGLISH_US

XML 1.0 document text

!This program cannot be run in DOS mode.

`.rdata

@.data

@.reloc

.text$mn

.idata$5

.rdata

.rdata$zzzdbg

.idata$2

.idata$3

.idata$4

.idata$6

.rsrc$01

.rsrc$02

FindFirstUrlCacheEntryExW

GetUrlCacheEntryInfoA

InternetGoOnline

FtpRemoveDirectoryW

FindFirstUrlCacheContainerA

GetUrlCacheHeaderData

IncrementUrlCacheHeaderData

WININET.dll

acmDriverMessage

acmFilterEnumW

MSACM32.dll

ResUtilSetPropertyParameterBlock

ResUtilAddUnknownProperties

ResUtilFindSzProperty

ResUtilStopResourceService

ResUtilGetResourceNameDependency

RESUTILS.dll

CoGetClassObjectFromURL

Extract

HlinkSimpleNavigateToString

URLDownloadToFileW

URLOpenPullStreamW

RegisterMediaTypeClass

urlmon.dll

GetOpenFileNameA

GetOpenFileNameW

ReplaceTextA

ChooseColorW

FindTextW

FindTextA

COMDLG32.dll

CoInstall

ole32.dll

SVWjuXjrf

XjlZjm_joYjn[j.f

ZjeXjvf

Xjc^jjf

jgXj._jef

[jkXjof

_jlXjsf

YjpXjaf

<?xml version='1.0' encoding='UTF-8' standalone='yes'?>

</requestedPrivileges>

</security>

</trustInfo>

</assembly>

<$<*<0<6<<<

Antivirus	Signature
Bkav	Clean
Lionic	Clean
Elastic	Clean
MicroWorld-eScan	Gen:Variant.Razy.920134
CMC	Clean
CAT-QuickHeal	Clean
McAfee	Clean
Cylance	Unsafe
VIPRE	Clean
Sangfor	Clean
K7AntiVirus	Clean
BitDefender	Gen:Variant.Razy.920134
K7GW	Clean
Cybereason	malicious.21efd2
Baidu	Clean
Cyren	Clean
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	Clean
APEX	Malicious
Paloalto	Clean
ClamAV	Clean
Kaspersky	UDS:DangerousObject.Multi.Generic
Alibaba	Clean
NANO-Antivirus	Virus.Win32.Gen.ccmw
ViRobot	Clean
Tencent	Clean
Ad-Aware	Gen:Variant.Razy.920134
Sophos	Generic ML PUA (PUA)
Comodo	Clean
F-Secure	Clean
DrWeb	Clean
Zillya	Clean
TrendMicro	Clean
McAfee-GW-Edition	Clean
FireEye	Generic.mg.3e7e25ad1c141f14
Emsisoft	Gen:Variant.Razy.920134 (B)
SentinelOne	Static AI - Malicious PE
GData	Gen:Variant.Razy.920134
Jiangmin	Clean
MaxSecure	Trojan.Malware.300983.susgen
Avira	Clean
MAX	malware (ai score=82)
Antiy-AVL	Clean
Kingsoft	Clean
Gridinsoft	Clean
Arcabit	Clean
SUPERAntiSpyware	Clean
ZoneAlarm	Clean
Microsoft	Trojan:Win32/Tnega!ml
Cynet	Malicious (score: 100)
AhnLab-V3	Clean
Acronis	suspicious
BitDefenderTheta	Gen:NN.ZexaF.34126.auW@aW16Z5oi
ALYac	Clean
TACHYON	Clean
VBA32	BScope.Trojan.Injects
Malwarebytes	Clean
Panda	Clean
Zoner	Clean
TrendMicro-HouseCall	Clean
Rising	Trojan.Generic@ML.85 (RDML:CWjK5OM8Br6eNWqPSvxMMA)
Yandex	Clean
Ikarus	Clean
eGambit	Clean
Fortinet	Clean
Webroot	Clean
Avast	Clean
CrowdStrike	win/malicious_confidence_80% (D)

Antivirus

Signature

Bkav

Clean

Lionic

Clean

Elastic

Clean

MicroWorld-eScan

Gen:Variant.Razy.920134

CMC

Clean

CAT-QuickHeal

Clean

McAfee

Clean

Cylance

Unsafe

VIPRE

Clean

Sangfor

Clean

K7AntiVirus

Clean

BitDefender

Gen:Variant.Razy.920134

K7GW

Clean

Cybereason

malicious.21efd2

Baidu

Clean

Cyren

Clean

Symantec

ML.Attribute.HighConfidence

ESET-NOD32

Clean

APEX

Malicious

Paloalto

Clean

ClamAV

Clean

Kaspersky

UDS:DangerousObject.Multi.Generic

Alibaba

Clean

NANO-Antivirus

Virus.Win32.Gen.ccmw

ViRobot

Clean

Tencent

Clean

Ad-Aware

Gen:Variant.Razy.920134

Sophos

Generic ML PUA (PUA)

Comodo

Clean

F-Secure

Clean

DrWeb

Clean

Zillya

Clean

TrendMicro

Clean

McAfee-GW-Edition

Clean

FireEye

Generic.mg.3e7e25ad1c141f14

Emsisoft

Gen:Variant.Razy.920134 (B)

SentinelOne

Static AI - Malicious PE

GData

Gen:Variant.Razy.920134

Jiangmin

Clean

MaxSecure

Trojan.Malware.300983.susgen

Avira

Clean

MAX

malware (ai score=82)

Antiy-AVL

Clean

Kingsoft

Clean

Gridinsoft

Clean

Arcabit

Clean

SUPERAntiSpyware

Clean

ZoneAlarm

Clean

Microsoft

Trojan:Win32/Tnega!ml

Cynet

Malicious (score: 100)

AhnLab-V3

Clean

Acronis

suspicious

BitDefenderTheta

Gen:NN.ZexaF.34126.auW@aW16Z5oi

ALYac

Clean

TACHYON

Clean

VBA32

BScope.Trojan.Injects

Malwarebytes

Clean

Panda

Clean

Zoner

Clean

TrendMicro-HouseCall

Clean

Rising

Trojan.Generic@ML.85 (RDML:CWjK5OM8Br6eNWqPSvxMMA)

Yandex

Clean

Ikarus

Clean

eGambit

Clean

Fortinet

Clean

Webroot

Clean

Avast

Clean

CrowdStrike

win/malicious_confidence_80% (D)

Static Analysis

PE Compile Time

PE Imphash

Sections

Resources

Imports