popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2008-03-26 03:47:17

PE Imphash

000ed791bfecbc3bb69fb230428c55f9

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x00013978 0x00014000 6.29564991664
.data 0x00015000 0x000018dc 0x00001000 0.0
.rsrc 0x00017000 0x00000ce8 0x00001000 3.33823043247

Resources

Name Offset Size Language Sub-language File type
RT_ICON 0x00017440 0x000008a8 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_GROUP_ICON 0x0001742c 0x00000014 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_VERSION 0x000170f0 0x0000033c LANG_CHINESE SUBLANG_CHINESE_TRADITIONAL data

Imports

Library MSVBVM60.DLL:
0x401000 _CIcos
0x401004 _adj_fptan
0x401008 __vbaFreeVarList
0x40100c _adj_fdiv_m64
0x401010 __vbaFreeObjList
0x401014 _adj_fprem1
0x40101c _adj_fdiv_m32
0x401020 __vbaObjSet
0x401024 None
0x401028 _adj_fdiv_m16i
0x40102c _adj_fdivr_m16i
0x401030 _CIsin
0x401034 __vbaChkstk
0x401038 EVENT_SINK_AddRef
0x40103c _adj_fpatan
0x401040 EVENT_SINK_Release
0x401044 _CIsqrt
0x40104c __vbaExceptHandler
0x401050 _adj_fprem
0x401054 _adj_fdivr_m64
0x401058 __vbaFPException
0x40105c _CIlog
0x401060 __vbaNew2
0x401064 _adj_fdiv_m32i
0x401068 _adj_fdivr_m32i
0x40106c _adj_fdivr_m32
0x401070 _adj_fdiv_r
0x401074 None
0x401078 _CIatan
0x40107c _allmul
0x401080 _CItan
0x401084 _CIexp
0x401088 __vbaFreeObj
0x40108c __vbaFreeStr
!This program cannot be run in DOS mode.
`.data
MSVBVM60.DLL
Preeduca6
Premierlj6
nykalk
nykalk
Timer1
Option3
upstroke
Smoerpjat
Option2
Option1
Skrivefor
Command4
ERSTATNI
Command3
Command2
semidiape
Command1
Telegra
Paralipo4
AZURIN
Enkelttil7
twinshipe
Torment7
minicom
saxtento
dgnberm
Tapasvij1
CANTONMEN
requiemj
Brndoff2
Deviou7
guarneri
glathvlen
bronzevi
Vikarier
blodpls
unreclus
OVERJUDIC
Anisbolsj
Lobbiedc
spicelan
Affilie
Intolera
Ridesdg1
distorti
enosis
Carbolics
KONDEM
aphonic
fremtid
Gensta
BLINDSM
RMNINGERN
Nonpoint
Roarkest7
Prescrib
FABRIKSFR
Histori
homone
Refract8
OVERBA
BRUGERAN
tubulat
UNMYTHOL
Multic
Scenefunk1
DIALOGIS
NONPRESC
Catch5
ELECTRA
Stomato5
LIFTERABS
NAPRON
hvislel
Betaling
forest
Sarier
sampling
Akkilless1
equalise
Bebyrde6
Skygninge
COPLOTHN
Descenden
CITADE
Agtpa1
Certifik4
Konfer
Transmo
Twatsopht8
unicyc
Sydha8
tricho
Figure7
DRACHMP
Smoothbo6
INSPICER
Fejlinves5
Dinar4
spaltebr
Bortk1
CAPILLARI
STELLUL
aAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR
[<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
(
3sssssssssssssssssssssssssssssssssssssssssss
&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
rrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
OSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS
]qGD1q
<VC5y^td
AifuJI
AifuJI
s&qJ|W
JSp8<~
67#Jq`
zZy_FX
?!sqhd
zZy Z9
?!sqhd
I7rT<Nc
+pAj4u0:;
B!]qDD
z;y049
qKSzu$C
Q!Q<V
/z;qG,
m-qKz5
uvG60Jz4t
xe@4ta
!sqidx
{~4{=N43K
z;y(R9
]um)]uv
h/H@V$
z;{8N:
@,&[SQi
z;78\9
QqRwyeA
6j]sGz]{(
z;qzz9
z;qzz9
z;y(p9
B+]qDj
um+]un
z;y E9
z4tAz;
.vC]ul
<~w$@
ni{(99
z;y:n3
qG;<oV
z;y"j3
*<NT#
BFry0H9
z;{0H9
z;{:z3
{4tgx;
]J3`]qG
z4ta{;
Kqz7P6M
864qD
z;y859
:6,qG:;
VI]qD1
z4tf{;
<{8Z9
qK^wf9
z;78r:
z4u4w;
8<=/-8
z4u|s;
s?AulO
z;78z:
36ew<N
[4uS];
z;pDG]
z;pDM]
z;pD1]
|scy8R:
<V@GP
V(|Ox\{8
z;78>:
z;{8F:
^{(b9
z;{ F:
t,#j!?
z;yvAg
z;y8b:
>fqKP
KH@DK]
c/)_/^
2+.+S}
z;x8@9
z;y8R9
!s{~zy(
z4t:z;
]sBz]{
z;-yky`<
1_Z22~
qC48NxC
2pAs4u
067'J-
z;y8m9
6=/sE:
'pAf4u<
{:0&=
'=y9to
^pG4u
!6):tt
rxy8[9
z4u.z;
3<NnS
ssQRwy
6*?sGz
z;qPz:
4"?s}~kue
z;s}bksU~
VB5!6&*
Kuvertbrd
Skovd4
Preeduca6
Preeduca6
Premierlj6
Chemisern4
Randjea
guarneri
C:\Program Files (x86)\Microsoft Visual Studio\VB98\VB6.OLB
bronzevi
Gensta
Agtpa1
STELLUL
hvislel
twinshipe
Figure7
enosis
FABRIKSFR
Command2
Command3
Command4
forest
Bortk1
Telegra
DIALOGIS
Nonpoint
COPLOTHN
OVERJUDIC
AZURIN
Affilie
Torment7
CANTONMEN
Dinar4
fremtid
equalise
Brndoff2
Twatsopht8
tubulat
BLINDSM
Bebyrde6
Smoothbo6
Konfer
Command1
Fejlinves5
sampling
Option3
Option2
Option1
Catch5
blodpls
Lobbiedc
KONDEM
Timer1
Scenefunk1
dgnberm
homone
LIFTERABS
Sydha8
ACTINOPHORE
VBA6.DLL
__vbaFreeStr
__vbaFreeVarList
__vbaFreeObj
__vbaFreeObjList
__vbaHresultCheckObj
__vbaNew2
__vbaObjSet
Chemisern4
Randjea
LAKAJSV
LAKAJSV
PROTONER
Dioder
MSVBVM60.DLL
_CIcos
_adj_fptan
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaObjSet
_adj_fdiv_m16i
_adj_fdivr_m16i
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
_CIlog
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
_adj_fdivr_m32
_adj_fdiv_r
_CIatan
_allmul
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr
Stormkur1
Cultir71
konstern1
Kugl71
admissi1&0$
Decibelmo2@GLHAGBUS.Vve0
210907084229Z
220907084229Z0
Stormkur1
Cultir71
konstern1
Kugl71
admissi1&0$
Decibelmo2@GLHAGBUS.Vve0
Stormkur1
Cultir71
konstern1
Kugl71
admissi1&0$
Decibelmo2@GLHAGBUS.Vve
20210907084230Z0
GlobalSign nv-sa1*0(
!Globalsign TSA for CodeSign1 - R6
GlobalSign nv-sa110/
(GlobalSign Timestamping CA - SHA384 - G40
210128110839Z
320301110839Z0T1
GlobalSign nv-sa1*0(
!Globalsign TSA for CodeSign1 - R60
&https://www.globalsign.com/repository/0
-http://ocsp.globalsign.com/ca/gstsacasha384g40C
7http://secure.globalsign.com/cacert/gstsacasha384g4.crt0
0http://crl.globalsign.com/ca/gstsacasha384g4.crl0
.@]|Gt0
GlobalSign Root CA - R61
GlobalSign1
GlobalSign0
180620000000Z
341210000000Z0[1
GlobalSign nv-sa110/
(GlobalSign Timestamping CA - SHA384 - G40
a:c|9#ymt
"http://ocsp2.globalsign.com/rootr606
%http://crl.globalsign.com/root-r6.crl0G
&https://www.globalsign.com/repository/0
$KtZ}r
GlobalSign Root CA - R61
GlobalSign1
GlobalSign0
141210000000Z
341210000000Z0L1 0
GlobalSign Root CA - R61
GlobalSign1
GlobalSign0
PmBf/M
'YLv9[
GlobalSign nv-sa110/
(GlobalSign Timestamping CA - SHA384 - G4
GlobalSign nv-sa110/
(GlobalSign Timestamping CA - SHA384 - G4
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
040404B0
Comments
Pixel light art
CompanyName
Pixel light art
FileDescription
Pixel light art
LegalCopyright
Pixel light art
LegalTrademarks
Pixel light art
ProductName
Pixel light art
FileVersion
ProductVersion
InternalName
Kuvertbrd
OriginalFilename
Kuvertbrd.exe
Antivirus Signature
Bkav Clean
Elastic malicious (high confidence)
ClamAV Clean
CMC Clean
CAT-QuickHeal Clean
ALYac Trojan.GenericKD.46941175
Malwarebytes Clean
VIPRE Clean
Sangfor Clean
K7AntiVirus Clean
Alibaba Clean
K7GW Trojan ( 00581ff21 )
CrowdStrike win/malicious_confidence_100% (W)
Baidu Clean
Cyren Clean
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of Win32/GenKryptik.FKCH
APEX Malicious
Paloalto Clean
Cynet Clean
Kaspersky Trojan.Win32.Mucc.qyf
BitDefender Trojan.GenericKD.46941175
NANO-Antivirus Clean
SUPERAntiSpyware Clean
MicroWorld-eScan Trojan.GenericKD.46941175
Tencent Clean
Ad-Aware Trojan.GenericKD.46941175
Sophos Mal/Generic-S
Comodo TrojWare.Win32.UMal.qetvq@0
F-Secure Clean
DrWeb Trojan.VbCrypt.2331
Zillya Clean
TrendMicro Clean
McAfee-GW-Edition RDN/Generic.dx
FireEye Trojan.GenericKD.46941175
Emsisoft Trojan.GenericKD.46941175 (B)
SentinelOne Clean
Jiangmin Clean
Webroot W32.Trojan.Gen
Avira Clean
Antiy-AVL Clean
Kingsoft Clean
Microsoft Trojan:Win32/VBObfuse.RA!MTB
Gridinsoft Clean
Arcabit Clean
ViRobot Clean
ZoneAlarm Trojan.Win32.Mucc.qyf
GData Trojan.GenericKD.46941175
TACHYON Clean
AhnLab-V3 Clean
Acronis Clean
McAfee RDN/Generic.dx
MAX malware (ai score=86)
VBA32 Clean
Cylance Unsafe
Panda Trj/RnkBend.A
Zoner Clean
TrendMicro-HouseCall Clean
Rising Clean
Yandex Clean
Ikarus Trojan.Win32.Krypt
eGambit Clean
Fortinet W32/GenKryptik.FKCH!tr
BitDefenderTheta Gen:NN.ZevbaF.34142.gm1@aal7@5nb
AVG Win32:Trojan-gen
Avast Win32:Trojan-gen
MaxSecure Trojan.Malware.300983.susgen
No IRMA results available.