Static | ZeroBOX

Name	Virtual Address	Virtual Size	Size of Raw Data	Entropy
.text	0x00001000	0x00000c7e	0x00000e00	4.5365504767
.rdata	0x00002000	0x000005fa	0x00000600	4.73161162686
.data	0x00003000	0x00000421	0x00000600	5.09991496345
.rsrc	0x00004000	0x000001e0	0x00000200	4.70150325825
.reloc	0x00005000	0x00000054	0x00000200	1.25734615418

Name

Virtual Address

Virtual Size

Size of Raw Data

Entropy

.text

0x00001000

0x00000c7e

0x00000e00

4.5365504767

.rdata

0x00002000

0x000005fa

0x00000600

4.73161162686

.data

0x00003000

0x00000421

0x00000600

5.09991496345

.rsrc

0x00004000

0x000001e0

0x00000200

4.70150325825

.reloc

0x00005000

0x00000054

0x00000200

1.25734615418

Name	Offset	Size	Language	Sub-language	File type
RT_MANIFEST	0x00004060	0x0000017d	LANG_ENGLISH	SUBLANG_ENGLISH_US	XML 1.0 document text

Name

Offset

Size

Language

Sub-language

File type

RT_MANIFEST

0x00004060

0x0000017d

LANG_ENGLISH

SUBLANG_ENGLISH_US

XML 1.0 document text

!This program cannot be run in DOS mode.

`.rdata

@.data

@.reloc

.text$mn

.idata$5

.rdata

.rdata$zzzdbg

.idata$2

.idata$3

.idata$4

.idata$6

.rsrc$01

.rsrc$02

EnumResourceTypesA

KERNEL32.dll

NdrCorrelationInitialize

RpcRevertToSelf

RPCRT4.dll

SetupGetSourceFileLocationW

SetupDiSetClassInstallParamsW

SetupDiOpenDeviceInfoA

SetupDiGetSelectedDriverW

SetupDiDrawMiniIcon

SetupSetSourceListA

SETUPAPI.dll

WSOCK32.dll

waveOutGetPosition

joyGetDevCapsW

mmioSetBuffer

WOW32DriverCallback

midiStreamPause

midiInOpen

mxd32Message

WINMM.dll

MprSetupProtocolFree

LogErrorW

TraceVprintfExW

RouterLogRegisterW

TraceDeregisterA

rtutils.dll

InternetAttemptConnect

FindFirstUrlCacheContainerA

DeleteUrlCacheContainerA

HttpSendRequestW

HttpAddRequestHeadersW

InternetOpenUrlW

DeleteIE3Cache

WININET.dll

MessageBoxW

USER32.dll

SVWjuYjrXjlZjmf

Zjt^jk[jh_jrf

jgXj.Yjnf

XjeZjof

[jaXjrf

YjcXjlf

<?xml version='1.0' encoding='UTF-8' standalone='yes'?>

</requestedPrivileges>

</security>

</trustInfo>

</assembly>

< <&<,<2<8<><D<J<P<V<\<b<h<n<t<z<

Antivirus	Signature
Bkav	Clean
Lionic	Trojan.Multi.Generic.4!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Razy.920134
FireEye	Generic.mg.4f4126b538d7862b
CAT-QuickHeal	Clean
McAfee	RDN/Generic Downloader.x
Cylance	Unsafe
VIPRE	Clean
Sangfor	Clean
K7AntiVirus	Clean
BitDefender	Gen:Variant.Razy.920134
K7GW	Clean
Cybereason	malicious.fa1804
BitDefenderTheta	Gen:NN.ZexaF.34126.auW@a8oJvyci
Cyren	W32/Agent.AECJ-9396
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	Win32/TrojanDownloader.Agent.FWA
Baidu	Clean
APEX	Malicious
Paloalto	generic.ml
ClamAV	Clean
Kaspersky	UDS:DangerousObject.Multi.Generic
Alibaba	Trojan:Win32/MalwareX.22cc71cc
NANO-Antivirus	Clean
ViRobot	Clean
Rising	Trojan.Generic@ML.91 (RDMK:3MnavmwZ7eLeNbXNVUnDUw)
Ad-Aware	Gen:Variant.Razy.920134
Emsisoft	Gen:Variant.Razy.920134 (B)
Comodo	Clean
F-Secure	Clean
DrWeb	Trojan.DownLoader42.36852
Zillya	Clean
TrendMicro	Clean
McAfee-GW-Edition	BehavesLike.Win32.Generic.xt
CMC	Clean
Sophos	Clean
Ikarus	Win32.Outbreak
GData	Gen:Variant.Razy.920134
Jiangmin	Clean
MaxSecure	Trojan.Malware.300983.susgen
Avira	Clean
MAX	malware (ai score=86)
Antiy-AVL	Clean
Kingsoft	Clean
Gridinsoft	Clean
Arcabit	Trojan.Razy.DE0A46
SUPERAntiSpyware	Clean
ZoneAlarm	Clean
Microsoft	Trojan:Win32/Tnega.VAM!MTB
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win.Generic.C4626238
Acronis	Clean
VBA32	BScope.Trojan.Injects
ALYac	Gen:Variant.Razy.920134
TACHYON	Clean
Malwarebytes	Clean
Panda	Clean
Zoner	Clean
TrendMicro-HouseCall	Clean
Tencent	Clean
Yandex	Clean
SentinelOne	Static AI - Suspicious PE
eGambit	Clean
Fortinet	W32/Agent.FWA!tr.dldr
Webroot	Clean
AVG	Win32:MalwareX-gen [Trj]
Avast	Win32:MalwareX-gen [Trj]
CrowdStrike	win/malicious_confidence_90% (W)

Antivirus

Signature

Bkav

Clean

Lionic

Trojan.Multi.Generic.4!c

Elastic

malicious (high confidence)

MicroWorld-eScan

Gen:Variant.Razy.920134

FireEye

Generic.mg.4f4126b538d7862b

CAT-QuickHeal

Clean

McAfee

RDN/Generic Downloader.x

Cylance

Unsafe

VIPRE

Clean

Sangfor

Clean

K7AntiVirus

Clean

BitDefender

Gen:Variant.Razy.920134

K7GW

Clean

Cybereason

malicious.fa1804

BitDefenderTheta

Gen:NN.ZexaF.34126.auW@a8oJvyci

Cyren

W32/Agent.AECJ-9396

Symantec

ML.Attribute.HighConfidence

ESET-NOD32

Win32/TrojanDownloader.Agent.FWA

Baidu

Clean

APEX

Malicious

Paloalto

generic.ml

ClamAV

Clean

Kaspersky

UDS:DangerousObject.Multi.Generic

Alibaba

Trojan:Win32/MalwareX.22cc71cc

NANO-Antivirus

Clean

ViRobot

Clean

Rising

Trojan.Generic@ML.91 (RDMK:3MnavmwZ7eLeNbXNVUnDUw)

Ad-Aware

Gen:Variant.Razy.920134

Emsisoft

Gen:Variant.Razy.920134 (B)

Comodo

Clean

F-Secure

Clean

DrWeb

Trojan.DownLoader42.36852

Zillya

Clean

TrendMicro

Clean

McAfee-GW-Edition

BehavesLike.Win32.Generic.xt

CMC

Clean

Sophos

Clean

Ikarus

Win32.Outbreak

GData

Gen:Variant.Razy.920134

Jiangmin

Clean

MaxSecure

Trojan.Malware.300983.susgen

Avira

Clean

MAX

malware (ai score=86)

Antiy-AVL

Clean

Kingsoft

Clean

Gridinsoft

Clean

Arcabit

Trojan.Razy.DE0A46

SUPERAntiSpyware

Clean

ZoneAlarm

Clean

Microsoft

Trojan:Win32/Tnega.VAM!MTB

Cynet

Malicious (score: 100)

AhnLab-V3

Trojan/Win.Generic.C4626238

Acronis

Clean

VBA32

BScope.Trojan.Injects

ALYac

Gen:Variant.Razy.920134

TACHYON

Clean

Malwarebytes

Clean

Panda

Clean

Zoner

Clean

TrendMicro-HouseCall

Clean

Tencent

Clean

Yandex

Clean

SentinelOne

Static AI - Suspicious PE

eGambit

Clean

Fortinet

W32/Agent.FWA!tr.dldr

Webroot

Clean

AVG

Win32:MalwareX-gen [Trj]

Avast

Win32:MalwareX-gen [Trj]

CrowdStrike

win/malicious_confidence_90% (W)

Static Analysis

PE Compile Time

PE Imphash

Sections

Resources

Imports