Static | ZeroBOX

Name	Virtual Address	Virtual Size	Size of Raw Data	Entropy
.text	0x00001000	0x00000c40	0x00000e00	4.45896632252
.rdata	0x00002000	0x0000054a	0x00000600	4.2831253224
.data	0x00003000	0x0000042e	0x00000600	5.08733460626
.rsrc	0x00004000	0x000001e0	0x00000200	4.70150325825
.reloc	0x00005000	0x00000040	0x00000200	0.933534643019

Name

Virtual Address

Virtual Size

Size of Raw Data

Entropy

.text

0x00001000

0x00000c40

0x00000e00

4.45896632252

.rdata

0x00002000

0x0000054a

0x00000600

4.2831253224

.data

0x00003000

0x0000042e

0x00000600

5.08733460626

.rsrc

0x00004000

0x000001e0

0x00000200

4.70150325825

.reloc

0x00005000

0x00000040

0x00000200

0.933534643019

Name	Offset	Size	Language	Sub-language	File type
RT_MANIFEST	0x00004060	0x0000017d	LANG_ENGLISH	SUBLANG_ENGLISH_US	XML 1.0 document text

Name

Offset

Size

Language

Sub-language

File type

RT_MANIFEST

0x00004060

0x0000017d

LANG_ENGLISH

SUBLANG_ENGLISH_US

XML 1.0 document text

!This program cannot be run in DOS mode.

`.rdata

@.data

@.reloc

.text$mn

.idata$5

.rdata

.rdata$zzzdbg

.idata$2

.idata$3

.idata$4

.idata$6

.rsrc$01

.rsrc$02

FindFirstUrlCacheEntryExW

GetUrlCacheEntryInfoA

InternetGoOnline

FtpRemoveDirectoryW

FindFirstUrlCacheContainerA

GetUrlCacheHeaderData

IncrementUrlCacheHeaderData

WININET.dll

acmDriverMessage

acmFilterEnumW

MSACM32.dll

ResUtilSetPropertyParameterBlock

ResUtilAddUnknownProperties

ResUtilFindSzProperty

ResUtilStopResourceService

ResUtilGetResourceNameDependency

RESUTILS.dll

CoGetClassObjectFromURL

Extract

HlinkSimpleNavigateToString

URLDownloadToFileW

URLOpenPullStreamW

RegisterMediaTypeClass

urlmon.dll

GetOpenFileNameA

GetOpenFileNameW

ReplaceTextA

ChooseColorW

FindTextW

FindTextA

COMDLG32.dll

CoInstall

ole32.dll

SVWjuXjrf

XjlZjm_joYjn[j.f

ZjeXjvf

Xjc^jjf

jgXj._jef

[jkXjof

_jlXjsf

YjpXjaf

<?xml version='1.0' encoding='UTF-8' standalone='yes'?>

</requestedPrivileges>

</security>

</trustInfo>

</assembly>

<$<*<0<6<<<

Antivirus	Signature
Bkav	Clean
Lionic	Trojan.Multi.Generic.4!c
Elastic	Clean
Cynet	Malicious (score: 100)
CMC	Clean
CAT-QuickHeal	Clean
McAfee	RDN/Generic.grp
Cylance	Unsafe
VIPRE	Clean
Sangfor	Clean
K7AntiVirus	Clean
BitDefender	Gen:Variant.Razy.920134
K7GW	Trojan-Downloader ( 00581f381 )
CrowdStrike	win/malicious_confidence_90% (W)
Baidu	Clean
Cyren	W32/Trojan.ELIG-5001
ESET-NOD32	a variant of Win32/TrojanDownloader.Agent.FVZ
APEX	Malicious
Paloalto	generic.ml
ClamAV	Clean
Kaspersky	UDS:DangerousObject.Multi.Generic
Alibaba	Trojan:Win32/Tnega.7dd42b69
NANO-Antivirus	Virus.Win32.Gen.ccmw
ViRobot	Clean
MicroWorld-eScan	Gen:Variant.Razy.920134
Rising	Trojan.Generic@ML.85 (RDML:CWjK5OM8Br6eNWqPSvxMMA)
Ad-Aware	Gen:Variant.Razy.920134
Emsisoft	Gen:Variant.Razy.920134 (B)
Comodo	TrojWare.Win32.UMal.kpzgl@0
F-Secure	Clean
DrWeb	Trojan.DownLoader42.34782
Zillya	Clean
TrendMicro	Clean
McAfee-GW-Edition	BehavesLike.Win32.Generic.xt
FireEye	Generic.mg.3e7e25ad1c141f14
Sophos	Generic ML PUA (PUA)
SentinelOne	Static AI - Malicious PE
Jiangmin	Clean
Webroot	W32.Adware.Gen
Avira	Clean
Antiy-AVL	Clean
Kingsoft	Clean
Microsoft	Trojan:Win32/Tnega.RVT!MTB
Gridinsoft	Clean
Arcabit	Clean
SUPERAntiSpyware	Clean
ZoneAlarm	Clean
GData	Win32.Trojan.PSE.1TJHEHQ
TACHYON	Clean
AhnLab-V3	Clean
Acronis	suspicious
VBA32	BScope.Trojan.Injects
ALYac	Clean
MAX	malware (ai score=82)
Malwarebytes	Clean
Panda	Clean
Zoner	Clean
TrendMicro-HouseCall	Clean
Tencent	Clean
Yandex	Clean
Ikarus	Trojan.Agent.Small
eGambit	Clean
Fortinet	W32/Agent.FVZ!tr
BitDefenderTheta	Gen:NN.ZexaF.34126.auW@aW16Z5oi
AVG	Win32:TrojanX-gen [Trj]
Avast	Win32:TrojanX-gen [Trj]
MaxSecure	Trojan.Malware.300983.susgen

Antivirus

Signature

Bkav

Clean

Lionic

Trojan.Multi.Generic.4!c

Elastic

Clean

Cynet

Malicious (score: 100)

CMC

Clean

CAT-QuickHeal

Clean

McAfee

RDN/Generic.grp

Cylance

Unsafe

VIPRE

Clean

Sangfor

Clean

K7AntiVirus

Clean

BitDefender

Gen:Variant.Razy.920134

K7GW

Trojan-Downloader ( 00581f381 )

CrowdStrike

win/malicious_confidence_90% (W)

Baidu

Clean

Cyren

W32/Trojan.ELIG-5001

ESET-NOD32

a variant of Win32/TrojanDownloader.Agent.FVZ

APEX

Malicious

Paloalto

generic.ml

ClamAV

Clean

Kaspersky

UDS:DangerousObject.Multi.Generic

Alibaba

Trojan:Win32/Tnega.7dd42b69

NANO-Antivirus

Virus.Win32.Gen.ccmw

ViRobot

Clean

MicroWorld-eScan

Gen:Variant.Razy.920134

Rising

Trojan.Generic@ML.85 (RDML:CWjK5OM8Br6eNWqPSvxMMA)

Ad-Aware

Gen:Variant.Razy.920134

Emsisoft

Gen:Variant.Razy.920134 (B)

Comodo

TrojWare.Win32.UMal.kpzgl@0

F-Secure

Clean

DrWeb

Trojan.DownLoader42.34782

Zillya

Clean

TrendMicro

Clean

McAfee-GW-Edition

BehavesLike.Win32.Generic.xt

FireEye

Generic.mg.3e7e25ad1c141f14

Sophos

Generic ML PUA (PUA)

SentinelOne

Static AI - Malicious PE

Jiangmin

Clean

Webroot

W32.Adware.Gen

Avira

Clean

Antiy-AVL

Clean

Kingsoft

Clean

Microsoft

Trojan:Win32/Tnega.RVT!MTB

Gridinsoft

Clean

Arcabit

Clean

SUPERAntiSpyware

Clean

ZoneAlarm

Clean

GData

Win32.Trojan.PSE.1TJHEHQ

TACHYON

Clean

AhnLab-V3

Clean

Acronis

suspicious

VBA32

BScope.Trojan.Injects

ALYac

Clean

MAX

malware (ai score=82)

Malwarebytes

Clean

Panda

Clean

Zoner

Clean

TrendMicro-HouseCall

Clean

Tencent

Clean

Yandex

Clean

Ikarus

Trojan.Agent.Small

eGambit

Clean

Fortinet

W32/Agent.FVZ!tr

BitDefenderTheta

Gen:NN.ZexaF.34126.auW@aW16Z5oi

AVG

Win32:TrojanX-gen [Trj]

Avast

Win32:TrojanX-gen [Trj]

MaxSecure

Trojan.Malware.300983.susgen

Static Analysis

PE Compile Time

PE Imphash

Sections

Resources

Imports