popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2021-08-30 20:15:23

PE Imphash

dae02f32a21e03ce65412f6e56942daa

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x00006494 0x00006600 5.58596163662
.rsrc 0x0000a000 0x00000318 0x00000400 2.57073966982
.reloc 0x0000c000 0x0000000c 0x00000200 0.0815394123432

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x0000a058 0x000002bc LANG_NEUTRAL SUBLANG_NEUTRAL data

Imports

Library mscoree.dll:
0x10002000 _CorDllMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
.,o
v4.0.30319
#Strings
<Module>
System.Runtime.CompilerServices
RuntimeCompatibilityAttribute
CompilationRelaxationsAttribute
SuppressIldasmAttribute
System
Attribute
Object
AttributeUsageAttribute
AttributeTargets
System.Runtime.InteropServices
ComVisibleAttribute
System.Threading
WaitCallback
CompilerGeneratedAttribute
ThreadStart
ThreadPool
QueueUserWorkItem
String
Thread
Console
WriteLine
InvalidCastException
System.Collections.Generic
Dictionary`2
get_Item
List`1
get_Count
get_Chars
IndexOf
Concat
get_Length
Replace
Double
Substring
ToLower
op_Equality
FormatException
System.Reflection
DefaultMemberAttribute
Enumerator
GetEnumerator
get_Current
MoveNext
IDisposable
Dispose
Activator
CreateInstance
BindingFlags
Binder
InvokeMember
Assembly
GetType
Func`2
Environment
get_MachineName
System.Security.Principal
WindowsIdentity
GetCurrent
System.Security.Claims
ClaimsIdentity
get_Name
System.Text
StringBuilder
System.Globalization
NumberStyles
Convert
ToChar
ToString
Append
IntPtr
RuntimeTypeHandle
GetTypeFromHandle
Marshal
SizeOf
OperatingSystem
Version
get_OSVersion
get_Version
get_Major
get_Minor
op_Inequality
get_ServicePack
WindowsPrincipal
WindowsBuiltInRole
IsInRole
Random
ToCharArray
IEnumerable`1
System.Linq
Enumerable
ToArray
GetEnvironmentVariable
System.IO
Directory
GetFiles
GetFileName
ReadAllText
WriteAllText
System.Security.Cryptography
ICryptoTransform
MemoryStream
CryptoStream
Create
SymmetricAlgorithm
set_BlockSize
set_Key
GenerateIV
CipherMode
set_Mode
get_Key
get_IV
CreateEncryptor
Stream
CryptoStreamMode
get_BlockSize
set_IV
CreateDecryptor
WriteByte
ReadByte
RNGCryptoServiceProvider
RSACryptoServiceProvider
RandomNumberGenerator
GetBytes
AsymmetricAlgorithm
FromXmlString
Encoding
get_ASCII
Buffer
BlockCopy
Encrypt
set_PersistKeyInCsp
System.Net
HttpWebRequest
WebResponse
WebException
HttpWebResponse
WebRequest
set_Method
set_Timeout
set_ReadWriteTimeout
ServicePoint
get_ServicePoint
set_Expect100Continue
GetRequestStream
GetResponse
GetResponseStream
CopyTo
get_Response
HttpStatusCode
get_StatusCode
get_UTF8
GetString
FromBase64String
System.Diagnostics
ProcessStartInfo
set_CreateNoWindow
set_UseShellExecute
set_RedirectStandardInput
Process
StreamWriter
get_StandardInput
TextWriter
ParamArrayAttribute
WriteAllBytes
5c4c5071-b74e-4e6e-aac5-9ed9109a41f4.dll
mscorlib
System.Core
DotfuscatorAttribute
Deimos
Interact
value__
5c4c5071-b74e-4e6e-aac5-9ed9109a41f4
WrapNonExceptionThrows
F=H?JG@FBEAOzKS
R!"#$%&
:0:0:6.3.0+8b29d6f4a2
_CorDllMain
mscoree.dll
sabcdefghijk
2lmnopqrstu
<RSAKeyValue><Modulus>pwD1BcV23BCJFGFoghoL1GcIFWTXE4tCGBzgd+tt+eQ/ddwjog9NanZ4IIld94Ja6xrFfb4j8tnXygokRqPO2QLv2cZg4ANS6O0aWxRoxxq0qc8FpqOT7tIa100y/x9KFx5zm756kreLnacrkPtc6plq4OeSP2GqnIV5Oy1yyEmxz3SP5/tbvNV5ckZhxngYwxiYTTDaLHW6B9U8/YfZw3HJosyx4WMRqioLwrcOBIhNtOm+DEKH1vSH2ig+X1e8yvf/GGHh/k6hzPGjV5u3zk8PabnolUd66G8vlMMiKKhRUP8lys6Z04JIF8oGiPGnHHzkXiaaYNjb0Q362ssiKQ==</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>
http://216.230.232.134
{}[]:,
-0123456789e+
-.0123456789e+
NT 3.51
NT 4.0
Windows
0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ
0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ_
userprofile
\APPDATA\ROAMING
uniq_hash
":"change_status","
","is_success":
{"action":"ping","
","pc_name":"
","os_name":"
","arch":"
","rights":"
","version":"
| ?","
0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ_
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
FileDescription
FileVersion
0.0.0.0
InternalName
5c4c5071-b74e-4e6e-aac5-9ed9109a41f4.dll
LegalCopyright
OriginalFilename
5c4c5071-b74e-4e6e-aac5-9ed9109a41f4.dll
ProductVersion
0.0.0.0
Assembly Version
0.0.0.0
Antivirus Signature
Bkav Clean
Lionic Trojan.MSIL.Polazert.4!c
Elastic malicious (high confidence)
DrWeb Trojan.PolazertNET.4
MicroWorld-eScan Gen:Variant.Bulz.537505
CMC Clean
CAT-QuickHeal Trojan.MSIL
ALYac Trojan.MSIL.Polazert
Malwarebytes Trojan.Polazert
VIPRE Clean
Sangfor Clean
K7AntiVirus Trojan ( 0057bd5b1 )
BitDefender Gen:Variant.Bulz.537505
K7GW Trojan ( 0057bd5b1 )
CrowdStrike win/malicious_confidence_100% (W)
BitDefenderTheta Clean
Cyren Clean
Symantec Trojan.Gen.MBT
ESET-NOD32 a variant of MSIL/Polazert.M
Zoner Clean
TrendMicro-HouseCall Clean
Paloalto generic.ml
ClamAV Clean
Kaspersky HEUR:Trojan.MSIL.Polazert.gen
Alibaba Trojan:MSIL/Polazert.c6fbcc44
NANO-Antivirus Trojan.Win32.Polazert.izyrxj
SUPERAntiSpyware Clean
Tencent Msil.Trojan.Polazert.Wqdp
Ad-Aware Gen:Variant.Bulz.537505
TACHYON Clean
Emsisoft Gen:Variant.Bulz.537505 (B)
Comodo Malware@#207k6wacknrhf
F-Secure Clean
Baidu Clean
Zillya Trojan.Polazert.Win32.87
TrendMicro Clean
McAfee-GW-Edition RDN/Polazert
FireEye Gen:Variant.Bulz.537505
Sophos Mal/Polazert-A
Ikarus Trojan.MSIL.Polazert
GData MSIL.Trojan-Spy.JupSpy.A
Jiangmin Trojan.MSIL.agpec
MaxSecure Trojan.Malware.116733675.susgen
Avira TR/Redcap.dghiq
Antiy-AVL Clean
Kingsoft Win32.Troj.Undef.(kcloud)
Gridinsoft Trojan.Win32.Gen.oa
Arcabit Trojan.Bulz.D833A1
ViRobot Trojan.Win32.Z.Polazert.28160
ZoneAlarm HEUR:Trojan.MSIL.Polazert.gen
Microsoft Trojan:MSIL/SolarMarker
Cynet Malicious (score: 99)
AhnLab-V3 Trojan/Win.Generic.C4593176
Acronis Clean
McAfee RDN/Polazert
MAX malware (ai score=84)
VBA32 TScope.Trojan.MSIL
Cylance Unsafe
Panda Trj/GdSda.A
APEX Clean
Rising Backdoor.SolarMarker!1.D79F (CLASSIC)
Yandex Trojan.Polazert!5caFV7o6K6s
SentinelOne Clean
eGambit Clean
Fortinet W32/Polazert.A!tr
Webroot Clean
AVG Win32:Trojan-gen
Avast Win32:Trojan-gen
No IRMA results available.