popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2021-09-06 20:50:52

PE Imphash

c954d787ed83e16e93cd194e921d4d5c

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x00000cb4 0x00000e00 4.63582474788
.rdata 0x00002000 0x000006fe 0x00000800 4.24938145623
.data 0x00003000 0x00000428 0x00000600 5.12875473944
.rsrc 0x00004000 0x000001e0 0x00000200 4.70150325825
.reloc 0x00005000 0x00000060 0x00000200 1.42028604607

Resources

Name Offset Size Language Sub-language File type
RT_MANIFEST 0x00004060 0x0000017d LANG_ENGLISH SUBLANG_ENGLISH_US XML 1.0 document text

Imports

Library KERNEL32.dll:
0x402014 VirtualProtect
Library MPR.dll:
0x402038 WNetAddConnection3A
0x402044 WNetAddConnection2W
Library MSVFW32.dll:
0x402074 DrawDibRealize
0x402078 ICImageDecompress
0x40207c DrawDibEnd
Library AVIFIL32.dll:
0x402004 AVIStreamFindSample
0x402008 AVIStreamRelease
0x40200c EditStreamClone
Library SHELL32.dll:
0x402094 SHGetDesktopFolder
0x402098 ShellExecuteW
0x40209c ExtractIconEx
Library MSACM32.dll:
0x40204c acmDriverAddA
0x402050 acmFormatSuggest
0x402054 acmFormatEnumA
0x402058 acmDriverDetailsA
0x40205c acmFormatDetailsW
0x402060 XRegThunkEntry
0x402064 acmFormatTagEnumA
0x402068 acmStreamMessage
0x40206c acmFormatDetailsA
Library mscms.dll:
0x4020ac TranslateBitmapBits
0x4020b0 GetCMMInfo
Library msi.dll:
0x4020bc None
0x4020c0 None
0x4020c4 None
0x4020c8 None
0x4020cc None
0x4020d0 None
Library MAPI32.dll:
0x40201c None
0x402020 None
0x402024 None
0x402028 None
Library SETUPAPI.dll:
Library USER32.dll:
0x4020a4 MessageBoxW
!This program cannot be run in DOS mode.
!RichV
`.rdata
@.data
@.reloc
.text$mn
.idata$5
.rdata
.rdata$zzzdbg
.idata$2
.idata$3
.idata$4
.idata$6
.rsrc$01
.rsrc$02
VirtualProtect
KERNEL32.dll
WNetGetResourceInformationA
WNetCancelConnection2W
WNetAddConnection3A
WNetGetNetworkInformationA
WNetConnectionDialog
WNetAddConnection2W
MPR.dll
ICImageDecompress
EditStreamClone
DrawDibRealize
AVIStreamFindSample
AVIStreamRelease
AVIStreamSampleToTime
DrawDibEnd
MSVFW32.dll
AVIFIL32.dll
ExtractIconEx
ShellExecuteW
SHGetDesktopFolder
SHELL32.dll
acmFormatEnumA
acmDriverDetailsA
acmFormatDetailsW
XRegThunkEntry
acmFormatTagEnumA
acmStreamMessage
acmFormatDetailsA
acmFormatSuggest
acmDriverAddA
MSACM32.dll
TranslateBitmapBits
GetColorProfileHeader
GetCMMInfo
mscms.dll
msi.dll
MAPI32.dll
SetupDiGetHwProfileFriendlyNameExA
SetupQueueDeleteSectionW
SetupDiRemoveDeviceInterface
SETUPAPI.dll
MessageBoxW
USER32.dll
SVWjuYjrXjl^jmf
XjoZjn[j.f
Xjk_jaf
YjjXjhf
jmXjgf
XjnYjef
_jaXjrf
_jlXjtf
<?xml version='1.0' encoding='UTF-8' standalone='yes'?>
<assembly xmlns='urn:schemas-microsoft-com:asm.v1' manifestVersion='1.0'>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
<security>
<requestedPrivileges>
<requestedExecutionLevel level='asInvoker' uiAccess='false' />
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
< <&<,<2<8<><D<J<P<V<\<b<h<n<t<z<
Antivirus Signature
Bkav Clean
Lionic Clean
Elastic malicious (high confidence)
MicroWorld-eScan Clean
FireEye Generic.mg.1ad28c768524311e
CAT-QuickHeal Clean
ALYac Clean
Cylance Unsafe
VIPRE Lookslike.Win32.Sirefef.c!ag (v)
Sangfor Clean
K7AntiVirus Clean
BitDefender Gen:Variant.Razy.920134
K7GW Clean
Cybereason malicious.f3d573
Baidu Clean
Cyren W32/Agent.DJF.gen!Eldorado
Symantec Clean
ESET-NOD32 a variant of Win32/TrojanDownloader.Agent.FVU
APEX Malicious
Paloalto Clean
ClamAV Clean
Kaspersky VHO:Trojan.Win32.Convagent.gen
Alibaba Clean
NANO-Antivirus Virus.Win32.Gen.ccmw
ViRobot Clean
Tencent Clean
Ad-Aware Clean
Sophos Clean
Comodo Clean
F-Secure Clean
DrWeb Trojan.DownLoader42.27899
Zillya Clean
McAfee-GW-Edition Clean
CMC Clean
Emsisoft Gen:Variant.Razy.920134 (B)
Ikarus Clean
GData Clean
Jiangmin Clean
Webroot Clean
Avira Clean
MAX Clean
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Clean
Arcabit Clean
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft Trojan:Script/Phonzy.C!ml
Cynet Clean
AhnLab-V3 Clean
Acronis Clean
McAfee GenericRXPX-TH!1AD28C768524
TACHYON Clean
VBA32 BScope.Trojan.Injects
Malwarebytes Clean
Panda Clean
Zoner Clean
Rising Trojan.Generic@ML.88 (RDML:jPZdi1CGbiAOp4e+nWK+bg)
Yandex Clean
SentinelOne Static AI - Malicious PE
eGambit Clean
Fortinet Clean
BitDefenderTheta Gen:NN.ZexaF.34126.auW@a05O@rai
AVG Win32:MalwareX-gen [Trj]
Avast Win32:MalwareX-gen [Trj]
CrowdStrike win/malicious_confidence_60% (D)
MaxSecure Trojan.Malware.300983.susgen
No IRMA results available.