Static | ZeroBOX

PE Compile Time

2021-09-06 20:31:33

PE Imphash

c954d787ed83e16e93cd194e921d4d5c

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x00000cb4 0x00000e00 4.63638278359
.rdata 0x00002000 0x000006fe 0x00000800 4.25944525713
.data 0x00003000 0x0000042f 0x00000600 5.09790360592
.rsrc 0x00004000 0x000001e0 0x00000200 4.70150325825
.reloc 0x00005000 0x00000060 0x00000200 1.42028604607

Resources

Name Offset Size Language Sub-language File type
RT_MANIFEST 0x00004060 0x0000017d LANG_ENGLISH SUBLANG_ENGLISH_US XML 1.0 document text

Imports

Library KERNEL32.dll:
0x402014 VirtualProtect
Library MPR.dll:
0x402038 WNetAddConnection3A
0x402044 WNetAddConnection2W
Library MSVFW32.dll:
0x402074 DrawDibRealize
0x402078 ICImageDecompress
0x40207c DrawDibEnd
Library AVIFIL32.dll:
0x402004 AVIStreamFindSample
0x402008 AVIStreamRelease
0x40200c EditStreamClone
Library SHELL32.dll:
0x402094 SHGetDesktopFolder
0x402098 ShellExecuteW
0x40209c ExtractIconEx
Library MSACM32.dll:
0x40204c acmDriverAddA
0x402050 acmFormatSuggest
0x402054 acmFormatEnumA
0x402058 acmDriverDetailsA
0x40205c acmFormatDetailsW
0x402060 XRegThunkEntry
0x402064 acmFormatTagEnumA
0x402068 acmStreamMessage
0x40206c acmFormatDetailsA
Library mscms.dll:
0x4020ac TranslateBitmapBits
0x4020b0 GetCMMInfo
Library msi.dll:
0x4020bc None
0x4020c0 None
0x4020c4 None
0x4020c8 None
0x4020cc None
0x4020d0 None
Library MAPI32.dll:
0x40201c None
0x402020 None
0x402024 None
0x402028 None
Library SETUPAPI.dll:
Library USER32.dll:
0x4020a4 MessageBoxW

!This program cannot be run in DOS mode.
!RichV
`.rdata
@.data
@.reloc
.text$mn
.idata$5
.rdata
.rdata$zzzdbg
.idata$2
.idata$3
.idata$4
.idata$6
.rsrc$01
.rsrc$02
VirtualProtect
KERNEL32.dll
WNetGetResourceInformationA
WNetCancelConnection2W
WNetAddConnection3A
WNetGetNetworkInformationA
WNetConnectionDialog
WNetAddConnection2W
MPR.dll
ICImageDecompress
EditStreamClone
DrawDibRealize
AVIStreamFindSample
AVIStreamRelease
AVIStreamSampleToTime
DrawDibEnd
MSVFW32.dll
AVIFIL32.dll
ExtractIconEx
ShellExecuteW
SHGetDesktopFolder
SHELL32.dll
acmFormatEnumA
acmDriverDetailsA
acmFormatDetailsW
XRegThunkEntry
acmFormatTagEnumA
acmStreamMessage
acmFormatDetailsA
acmFormatSuggest
acmDriverAddA
MSACM32.dll
TranslateBitmapBits
GetColorProfileHeader
GetCMMInfo
mscms.dll
msi.dll
MAPI32.dll
SetupDiGetHwProfileFriendlyNameExA
SetupQueueDeleteSectionW
SetupDiRemoveDeviceInterface
SETUPAPI.dll
MessageBoxW
USER32.dll
SVWjuXjrZjl^jmf
XjdYjzf
Xjs[jyf
Zja_jtf
jmXj.Yjnf
ZjkXjof
<?xml version='1.0' encoding='UTF-8' standalone='yes'?>
<assembly xmlns='urn:schemas-microsoft-com:asm.v1' manifestVersion='1.0'>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
<security>
<requestedPrivileges>
<requestedExecutionLevel level='asInvoker' uiAccess='false' />
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
< <&<,<2<8<><D<J<P<V<\<b<h<n<t<z<
Antivirus Signature
Bkav W32.AIDetect.malware2
Elastic malicious (high confidence)
MicroWorld-eScan Trojan.GenericKD.37545900
CMC Clean
CAT-QuickHeal Clean
ALYac Clean
Cylance Unsafe
VIPRE Lookslike.Win32.Sirefef.c!ag (v)
Sangfor Clean
K7AntiVirus Clean
BitDefender Trojan.GenericKD.37545900
K7GW Clean
CrowdStrike win/malicious_confidence_60% (D)
Baidu Clean
Cyren W32/Agent.DJF.gen!Eldorado
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of Win32/TrojanDownloader.Agent.FVU
APEX Malicious
Paloalto generic.ml
ClamAV Clean
Kaspersky UDS:DangerousObject.Multi.Generic
Alibaba TrojanDownloader:Win32/AgentTesla.b02dfe1c
NANO-Antivirus Virus.Win32.Gen.ccmw
ViRobot Clean
Rising Trojan.Generic@ML.88 (RDML:jPZdi1CGbiAOp4e+nWK+bg)
Ad-Aware Trojan.GenericKD.37545900
Sophos Clean
Comodo Clean
F-Secure Trojan.TR/Dldr.Agent.ayahm
DrWeb Trojan.DownLoader42.27899
Zillya Clean
TrendMicro Clean
McAfee-GW-Edition BehavesLike.Win32.Dropper.zt
FireEye Generic.mg.63425ec377156298
Emsisoft Trojan.GenericKD.37545900 (B)
SentinelOne Static AI - Malicious PE
GData Trojan.GenericKD.37545900
Jiangmin Clean
Webroot Clean
Avira TR/Dldr.Agent.ayahm
MAX malware (ai score=83)
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Trojan.Win32.Downloader.sa
Arcabit Trojan.Razy.DE0A46
SUPERAntiSpyware Clean
ZoneAlarm UDS:DangerousObject.Multi.Generic
Microsoft Trojan:Win32/AgentTesla.BLK!MTB
Cynet Malicious (score: 99)
AhnLab-V3 Clean
Acronis Clean
McAfee RDN/Generic.hbg
TACHYON Clean
VBA32 BScope.Trojan.Injects
Malwarebytes Trojan.Downloader
Panda Clean
Zoner Clean
TrendMicro-HouseCall Clean
Tencent Win32.Trojan-downloader.Agent.Wmis
Yandex Clean
Ikarus Win32.Outbreak
eGambit Clean
Fortinet W32/Agent.FVU!tr.dldr
BitDefenderTheta Gen:NN.ZexaF.34126.auW@aGIIHspi
AVG Win32:MalwareX-gen [Trj]
Cybereason malicious.6a86a4
Avast Win32:MalwareX-gen [Trj]
MaxSecure Trojan.Malware.300983.susgen
No IRMA results available.