popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2090-02-07 03:37:16

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x0006b884 0x0006ba00 3.7310536913
.rsrc 0x0006e000 0x000002ac 0x00000400 2.20205456148
.reloc 0x00070000 0x0000000c 0x00000200 0.101910425663

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x0006e058 0x00000254 LANG_NEUTRAL SUBLANG_NEUTRAL data

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
v4.0.30319
#Strings
Unchastity
Unchastity.exe
<Module>
WorkerConfigurationStub
Unchastity.Stubs
Object
System
mscorlib
DescriptorIssuerStatus
Unchastity.States
<>c__DisplayClass2_0
ComparatorConfigurationStub
StructAuthenticationListener
Unchastity.Listeners
<>o__4
ExpressionPropertyConsumer
Unchastity.Consumers
Unchastity.Factories
<>o__5
Product
CustomerMapperImporter
Unchastity.Importers
ItemMapperPool
Unchastity.Pools
InitializerDescriptorWorker
MulticastDelegate
Strategy
InfoMapperImporter
ParamsConfigurationStub
Struct
Filter
ConnectionProductExpression
FilterAuthenticationListener
VisitorIssuerStatus
ValueType
Unchastity.Expressions
Attribute
EventConfigurationStub
Dispatcher
Unchastity.Attributes
Mapping
Decorator
ModelMapperImporter
PredicatePropertyConsumer
<PrivateImplementationDetails>
__StaticArrayInitTypeSize=423400
GetBridge
String
EntryPointNotFoundException
CustomizeBridge
ListBridge
RestartBridge
Func`1
Boolean
IntPtr
Invoke
InvalidOleVariantTypeException
System.Runtime.InteropServices
_Printer
ForgotBridge
UInt64
UInt32
UInt16
op_Explicit
Marshal
SizeOf
Application
System.Windows.Forms
get_ExecutablePath
op_Inequality
Thread
System.Threading
ToInt64
GetTypeFromHandle
RuntimeTypeHandle
AllocHGlobal
FreeHGlobal
_Bridge
_Descriptor
.cctor
StartBridge
visitor
Replace
SetupBridge
PopBridge
Binder
Microsoft.CSharp.RuntimeBinder
Microsoft.CSharp
Convert
CallSiteBinder
System.Runtime.CompilerServices
System.Core
CSharpBinderFlags
CallSite`1
Func`3
CallSite
Create
Target
ToCharArray
FindBridge
FromBase64String
Encoding
System.Text
get_UTF8
GetString
RateBridge
_Publisher
ResolveBridge
config
caller
StringBuilder
ToChar
Append
ToString
ReadBridge
SelectBridge
RuntimeHelpers
InitializeArray
RuntimeFieldHandle
Exception
ManageBridge
Action
InsertBridge
IncludeBridge
m_Configuration
LogoutBridge
ValidateBridge
CSharpArgumentInfo
CSharpArgumentInfoFlags
InvokeMember
IEnumerable`1
System.Collections.Generic
Func`4
yrotcaFreePIslennahCledoMecivreSmetsyS95255
Func`5
setter
_Repository
m_Composer
m_Factory
m_Client
CountBridge
LoadLibrary
kernel32.dll
NewBridge
FreeLibrary
VisitBridge
GetProcAddress
kernel32
m_Property
MoveBridge
PostBridge
GetDelegateForFunctionPointer
Delegate
DeleteBridge
m_Mapper
hProcess
isWow64
BeginInvoke
IAsyncResult
AsyncCallback
callback
object
EndInvoke
result
lpBaseAddress
lssalCyalpsiDcypoCkluBlqStneilClqSataDmetsyS21462
lpNumberOfBytesWritten
exitCode
handle
hToken
lpApplicationName
lpCommandLine
lpProcessAttributes
lpThreadAttributes
bInheritHandles
dwCreationFlags
lpEnvironment
lpCurrentDirectory
lpStartupInfo
lpProcesrotadilaVepyTderalceDnoitarugifnoCnoitazilaireSemitnuRmetsyS66537
hNewToken
reference
hThread
pContext
ProcessHandle
BaseAddress
ZeroBits
RegionSize
AllocationType
Protect
nCmdShow
m_Iterator
adapter
account
m_Info
template
m_Consumer
m_Database
parameter
_Utils
global
facade
_Schema
interpreter
_Observer
importer
instance
service
_Indexer
_Manager
_Worker
m_Identifier
candidate
_Expression
_Predicate
_System
_Definition
prototype
interceptor
specification
m_Role
m_Collection
creator
_Getter
m_Tests
listener
m_Process
FlushBridge
FillBridge
B75A989AC4FFC8128D5477F8E371B5E9FDA0D1A3
CompilationRelaxationsAttribute
RuntimeCompatibilityAttribute
DebuggableAttribute
System.Diagnostics
DebuggingModes
TargetFrameworkAttribute
System.Runtime.Versioning
UnverifiableCodeAttribute
System.Security
ParamArrayAttribute
DynamicAttribute
ReliabilityContractAttribute
System.Runtime.ConstrainedExecution
Consistency
CompilerGeneratedAttribute
System.Security.Permissions.SecurityPermissionAttribute, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
SkipVerification
WrapNonExceptionThrows
.NETFramework,Version=v4.0
FrameworkDisplayName
.NET Framework 4
_CorExeMain
mscoree.dll
FHnoitpecxEtnenopmoCslennahCledoMecivreSmetsyS284701ASDS41ODgLCD8XHjM0Kw==
FHnoitpecxEtnenopmoCslennahCledoMecivreSmetsyS28470AwWHy4fGT4cNQ4R
JHnoitpecxEtnenopmoCslennahCledoMecivreSmetsyS284701EOGBUAPCcTOjwUHUYaIg17KgcSJRINLjUoOBAFS18=
IHnoitpecxEtnenopmoCslennahCledoMecivreSmetsyS28470CUSDS4PAj4fKiQOETwGLjd5EAgVFXlJ
JHnoitpecxEtnenopmoCslennahCledoMecivreSmetsyS284701A8Ai9qOAIfJUMJJjMZZQ==
JHnoitpecxEtnenopmoCslennahCledoMecivreSmetsyS28470ToKLC5rDXkINDQbJkYCNA14C08=
IHnoitpecxEtnenopmoCslennahCledoMecivreSmetsyS28470gwWIi41XyMlNCwSHiwoCDQnCB4vURYELmpadg==
IHnoitpecxEtnenopmoCslennahCledoMecivreSmetsyS28470gwWNi4fFj0fQDBSHiIWKA0lFEMvNTw6Fg9fPSUcHV8=
IHnoitpecxEtnenopmoCslennahCledoMecivreSmetsyS28470FEOBCgfOBolH08IHiwCIjocEAYUUQ5B
IHnoitpecxEtnenopmoCslennahCledoMecivreSmetsyS28470FB9RwIyPAMcKiQ3JTwGNDccFDYUUHFEFgAGew==
JHnoitpecxEtnenopmoCslennahCledoMecivreSmetsyS28470FASRBofBjIcJTAJFUZ1LQoMEEYSI3lJ
IHnoitpecxEtnenopmoCslennahCledoMecivreSmetsyS28470FB9RwIyPB8cKiQ3JTwGNDccFDYUUHFEFgAGew==
IHnoitpecxEtnenopmoCslennahCledoMecivreSmetsyS284701ASRBofBjIcJTAJFUZ1LQoMEEYSI3lJ
IHnoitpecxEtnenopmoCslennahCledoMecivreSmetsyS28470w8SDigPXycQNR4bHiMKMw==
HnoitpecxEtnenopmoCslennahCledoMecivreSmetsyS28470
JHnoitpecxEtnenopmoCslennahCledoMecivreSmetsyS28470FASRB1qVz4lQE8RHiIoKAwmFAQSFXlJ
EHnoitpecxEtnenopmoCslennahCledoMecivreSmetsyS28470joKGC8yIzIKHyQRJjVxZQ==
IHnoitpecxEtnenopmoCslennahCledoMecivreSmetsyS284701AsAihpCjskHyQUIANxZQ==
yrotcaFreePIslennahCledoMecivreSmetsyS95255
Replace
FromBase64String
GetString
vbDtLXnKFr
VHnoitpecxEtnenopmoCslennahCledoMecivreSmetsyS28470FZxUUFBTUFBQUFFQUFBQS8vOEFBTGdBQUFBQUFBQUFRQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFnQUFBQUE0ZnVnNEF0QW5OSWJnQlRNMGhWR2hwY3lCd2NtOW5jbUZ0SUdOaGJtNXZkQ0JpWlNCeWRXNGdhVzRnUkU5VElHMXZaR1V1RFEwS0pBQUFBQUFBQUFCUVJRQUFUQUVEQUJ5YTlNWUFBQUFBQUFBQUFPQUFBZ0VMQVRBQUFMZ0JBQUFNQUFBQUFBQUEwc1VCQUFBZ0FBQUE0QUVBQUFCQUFBQWdBQUFBQkFBQUJBQUFBQUFBQUFBRUFBQUFBQUFBQUFBZ0FnQUFCQUFBQnYwQkFBTUFRSVVBQUJBQUFCQUFBQUFBRUFBQUVBQUFBQUFBQUJBQUFBQUFBQUFBQUFBQUFJREZBUUJQQUFBQUFPQUJBTXdFQUFBQUFBQUFBQUFBQUFESUFRRHdDQUFBQUFBQ0FBd0FBQUJreFFFQUhBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUlBQUFDQUFBQUFBQUFBQUFBQUFBQ0NBQUFFZ0FBQUFBQUFBQUFBQUFBQzUwWlhoMEFBQUE0TGNCQUFBZ0FBQUF1QUVBQUFRQUFBQUFBQUFBQUFBQUFBQUFBQ0FBQUdBdWNuTnlZd0FBQU13RUFBQUE0QUVBQUFnQUFBQzhBUUFBQUFBQUFBQUFBQUFBQUFCQUFBQkFMbkpsYkc5akFBQU1BQUFBQUFBQ0FBQUVBQUFBeEFFQUFBQUFBQUFBQUFBQUFBQUFRQUFBUWdBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQU
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
FileDescription
FileVersion
0.0.0.0
InternalName
Unchastity.exe
LegalCopyright
OriginalFilename
Unchastity.exe
ProductVersion
0.0.0.0
Assembly Version
0.0.0.0
Antivirus Signature
Bkav Clean
Elastic malicious (high confidence)
MicroWorld-eScan Gen:Variant.Bulz.699108
FireEye Generic.mg.2f59580ee2366c8c
CAT-QuickHeal Clean
McAfee GenericRXPZ-KW!2F59580EE236
Cylance Unsafe
VIPRE Clean
Sangfor Suspicious.Win32.Save.a
K7AntiVirus Clean
BitDefender Gen:Variant.Bulz.699108
K7GW Clean
Cybereason malicious.87fc87
BitDefenderTheta Gen:NN.ZemsilF.34142.Bm0@ay7TR!l
Cyren W32/MSIL_Troj.CY.gen!Eldorado
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of MSIL/Kryptik.ACCF
Baidu Clean
APEX Malicious
Paloalto Clean
ClamAV Clean
Kaspersky HEUR:Trojan-PSW.MSIL.Agent.gen
Alibaba Clean
NANO-Antivirus Clean
ViRobot Clean
Tencent Clean
Ad-Aware Gen:Variant.Bulz.699108
Emsisoft Gen:Variant.Bulz.699108 (B)
Comodo Clean
F-Secure Clean
DrWeb Trojan.PackedNET.972
Zillya Clean
TrendMicro Clean
McAfee-GW-Edition BehavesLike.Win32.Generic.gz
CMC Clean
Sophos ML/PE-A
SentinelOne Static AI - Malicious PE
GData Gen:Variant.Bulz.699108
Jiangmin Clean
eGambit Unsafe.AI_Score_100%
Avira HEUR/AGEN.1144480
MAX malware (ai score=85)
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Clean
Arcabit Clean
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft Trojan:MSIL/AgentTesla.JPX!MTB
Cynet Malicious (score: 100)
AhnLab-V3 Trojan/Win.Generic.C4628732
Acronis Clean
VBA32 Clean
ALYac Gen:Variant.Bulz.699108
TACHYON Clean
Malwarebytes Trojan.Crypt.MSIL.Generic
Panda Clean
Zoner Clean
TrendMicro-HouseCall Clean
Rising Clean
Yandex Clean
Ikarus Trojan-Spy.MSIL.Agent
MaxSecure Clean
Fortinet MSIL/Kryptik.ACCF!tr
Webroot Clean
AVG Win32:MalwareX-gen [Trj]
Avast Win32:MalwareX-gen [Trj]
CrowdStrike win/malicious_confidence_70% (D)
No IRMA results available.