popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2042-02-23 14:39:08

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x000057a4 0x00005800 5.98525693477
.rsrc 0x00008000 0x0000475c 0x00004800 2.26638522425
.reloc 0x0000e000 0x0000000c 0x00000200 0.0815394123432

Resources

Name Offset Size Language Sub-language File type
RT_ICON 0x00008130 0x00004028 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_GROUP_ICON 0x0000c158 0x00000014 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_VERSION 0x0000c16c 0x00000404 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_MANIFEST 0x0000c570 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
a~:g
n-Fef
T+dhYf GU
fe Hkv:a
f vB}%a
oY H,G"a
o_Jee
5[!xf
3|1!
5[!xf
3|1!
5[!xf
3|1!
a~:g
v4.0.30319
#Strings
Product_Specifications_Details_202330_RFQ
Product_Specifications_Details_202330_RFQ.exe
<Module>
TestRefConsumer
Product_Specifications_Details_202330_RFQ.Consumers
System.Windows.Forms
Object
System
mscorlib
RoleErrorConfig
Product_Specifications_Details_202330_RFQ.Configurations
GlobalPublisherConnector
Lroxnilj.Connections
Strategy
Lroxnilj.Services
Reponse
Product_Specifications_Details_202330_RFQ.Candidates
Resources
Lroxnilj.Properties
Settings
ApplicationSettingsBase
System.Configuration
<PrivateImplementationDetails>
<Module>{bf6f2778-33ae-4604-95ee-b78cea207917}
collection
publisher
m_Reader
_Decorator
IContainer
System.ComponentModel
CalculateIndexer
ChangeCollection
EventArgs
CountCollection
ProcessStartInfo
System.Diagnostics
set_FileName
String
set_Arguments
set_WindowStyle
ProcessWindowStyle
set_CreateNoWindow
Boolean
Process
WaitForExit
ThreadStart
System.Threading
IntPtr
Thread
DisableCollection
ServicePointManager
System.Net
set_SecurityProtocol
SecurityProtocolType
InvokeMember
BindingFlags
System.Reflection
Binder
Assembly
PublishCollection
TimeSpan
get_TotalMilliseconds
Double
Control
get_Text
get_Length
set_Text
ValidateCollection
WebClient
DownloadData
Dispose
outputinstance
IDisposable
CheckCollection
set_Name
EventHandler
add_Load
System.Drawing
Single
ContainerControl
set_AutoScaleDimensions
set_ClientSize
RunIndexer
PushIndexer
FindIndexer
ForgotIndexer
CalcIndexer
VerifyIndexer
LogoutIndexer
GetType
CallIndexer
FromSeconds
MapIndexer
ReadIndexer
SuspendLayout
DeleteIndexer
AutoScaleMode
set_AutoScaleMode
CollectIndexer
ResumeLayout
request
_Error
AddIndexer
.cctor
CalcCollection
NewIndexer
LoginIndexer
CheckIndexer
DisableIndexer
PopIndexer
ManageIndexer
_Server
m_Initializer
PrepareIndexer
isasset
ResetCollection
Container
OrderIndexer
ListIndexer
SearchIndexer
ChangeIndexer
FlushIndexer
m_Writer
AwakeIndexer
PopCollection
MoveCollection
config
RijndaelManaged
System.Security.Cryptography
Rfc2898DeriveBytes
CryptoStream
MemoryStream
System.IO
RuntimeHelpers
System.Runtime.CompilerServices
InitializeArray
RuntimeFieldHandle
ToArray
SymmetricAlgorithm
get_BlockSize
set_IV
CreateDecryptor
ICryptoTransform
Stream
CryptoStreamMode
set_Mode
CipherMode
get_KeySize
DeriveBytes
GetBytes
Encoding
System.Text
get_UTF8
RemoveCollection
TestIndexer
GetIndexer
ValidateIndexer
set_KeySize
RestartIndexer
set_BlockSize
WriteIndexer
set_Key
PublishIndexer
InstantiateIndexer
DestroyIndexer
ExcludeIndexer
m_Comparator
MethodInfo
m_Composer
CreateIndexer
QueryCollection
selection
isreference
AssetCollection
ComputeIndexer
SortIndexer
RateIndexer
CloneIndexer
Application
EnableVisualStyles
SetCompatibleTextRenderingDefault
_Candidate
ResourceManager
System.Resources
CultureInfo
System.Globalization
FillIndexer
get_ResourceManager
get_Assembly
get_Culture
set_Culture
InterruptIndexer
RuntimeTypeHandle
GetTypeFromHandle
InitIndexer
SetupIndexer
Culture
defaultInstance
PrintIndexer
get_Default
SelectIndexer
SettingsBase
Synchronized
AssetIndexer
ViewIndexer
Default
66840DDA154E8A113C31DD0AD32F7F3A366A80E8136979D8F5A101D3D29D6F72
m_ad4738b0f508491d9e7edc7d2612f82a
m_7e863e6bb9b2468286184f5058cda7b5
m_5a984117f89c44899d060cb63f1c4d7a
m_c7b63c9f68944717ae9e98f450af6145
m_b2cba4f59cfc4bc2b8711865111cefa0
m_9090fe86dca742c9a02dfb207baa0472
m_ff6182e715b1494b94bc76cd1f128877
m_97d98561c3834dd987ce435f5fb1f5e3
m_2319bae0dbbd442d84564499877d2a1c
m_62bcc2e4c92d45a1be426e69da686da9
m_4a8ff88dd82d4b299fae4dc9e2b248e9
m_b94b8f8475754893a96342cb2c935da1
m_1433f858ba6c4cbca3aa52257c38477d
m_a7984656199b4e6c86767ab76b0cb599
m_40b64a84808742849db29724d7182cf5
m_d7409267ec984547b732ab6d5efcd198
m_98d84f20dd2949a69e9414d89ebb269d
m_60366e2b48fd47488f72c6555794981b
m_37b74bc2b2ad404fa9658cdeeb875058
m_6741a1993fb94042b1b2c556878a50f1
m_64706befcf8c4c769d3b5df536b534be
m_1687c9b48ea64643993750291f2ffc4b
m_26c3222de3fa4b5b88f473e26f48c6bd
m_f9e7b16d882e4b1fb983d6779040bb61
m_f3abfa26a60a4b70a0784aa7cf995e19
m_a3aa069667784e478e0d306e7395259f
m_fe2a0d0af13a4c019fba9271047381be
m_823e2cbf4a0b4afebef78d17462112aa
m_503b5e84a96f4021861a84e163e4b66d
m_9a3ab883b9f14ff1bbc52b50a25684cc
m_f3744241d3b74402b878a8066ad5ae1c
m_a70cfd056b014ca898ba9a76b404a083
m_a0056e97a4544c60adc2fc128b70e92a
m_6353bab4b5984b2ca585d3b5976d8181
m_f6b07fa39337425ba78f8b0557104567
m_db7a96c90d334453a83cd217630f66b4
m_76d3805572784cb488721436cb168a2d
m_f0351e5d4da9453cb55d0884c5746088
m_deb0a143674c4c39aa85c5e0e66c5f03
m_08d774faaba14636984c0ecc697a9030
m_5892116703634e4db66dc7c4007e7428
m_a2daf763edf0413a99e8a831f425d5a3
m_297cc7b593e74cd880069ac89532611c
m_5b599339eb9e4868ab32123dcc6054fd
m_9c019612b6284ecfa45482a6272054a4
m_44cfcd8911f142e5bc365cec1a1384d9
m_e86de52304c4410b802f96cd515f6da7
m_a6c41d3e9730417bbf409f8faefad59d
m_067ecfd147434685ac96397452787954
m_9a38f46db3e043548627796a64c3faa1
m_84dae4400f64446e80b686171b9ead83
m_22dbd79f5ad846b885055c104dd11884
m_d53d02e7e2d44e8e95466c4822639de9
m_908a6afef4324b61a1de04367aad62c5
m_77c509e5b23c417f9c578ea8f7da9ebb
m_0a21ac1885c545e78e70970d7c452c3e
m_b959044c72a7496e9adeaf2403bf0972
m_ca20dccf5bba4f6489f0ea0d67c7a7b7
m_1f49475429794274a8845dec47330d54
m_ac435174a97c46e0af9b9069154acfdd
m_37eba6c1dbf44d16832d40da5d3278c7
m_21ac4c25ee884e648fbb43bdaee643c2
m_4cbc24fd369b42e79877cf3347b8098d
m_2b389c25686a41ff9b0defdcffecb901
m_2024ed61688e4f03ad8bbaeed1f6ddbc
m_a2807f3a53384b67b42423ffbdaad988
m_0035349b8e174d3c97d8195d3f4b35bd
m_34f9bcdab17e48aea303bf9574b1b45f
m_f1a180ec86bf442c8026ec5c0fc56840
m_adb55c1628214a0695be776a1fbb1d96
m_56733d2485e7433a89bfc8a19db48c6e
m_ff7514512f884a5fa318974e79732ea8
m_1be71a5cce5546ff9a25af5da66f1654
m_1676d53a70104d288bd338e91a32a931
m_312d228ac92245fa84424980637705d8
m_6b810778d33f4292917aae0dc60ed837
m_6037980c4e484046a7a0771d2b2d4482
m_7fc2ae9e1c0d437ca6f693c914a6d3ac
m_c5c0801ef301429fbcc4253926a07243
m_4a1f1ff4489d4ee1b1392a2a91757603
m_78ba22e0d72144ddac9b66cc65080df3
m_cfc8501754af4c0b9488a59362910de5
m_af7178988b4d4c3d83d9728be5e6f69f
m_d8ef16e4e94d4b358447121c9276a4cf
m_a4008dc26c1d4ece88b3e2446e9b02d3
m_4c3b550827004d62a683de05b9a61c89
m_0ed22fc7a93b4d4d916e48cf2a0dcd44
m_4920823b2dc84664bfb5247fddab4a04
m_944acd12fba944e7b5c8230c5c5e5fb9
m_172dbe7ab65b48fdb5183786d580b9e2
m_7becd76ae31e4ee0a44b73dd411ae703
m_873d23e26cb34b5c9ac1c5d590949018
m_72fbea1e906f4d9da21accbc7a64ece8
m_52dcd5bdc817412aa04f0c12e67fc478
m_63169c4d80c14f318c7fffe93bd97f11
m_6318f5472b0349848901494c4178d375
m_e2a6ecf4c9d248d491fd62d7fa4cf490
m_18237648e2c24fd0857c3c9b438e0fec
m_309f1477b1854aacb10321d59d12bdef
m_23c52c8d02a54fd48dcaecd1461a576c
m_903e0640ea544e7e9a2e4472a9dcc736
m_1be451ac82fe4a25beb3d14413fb12da
m_b69f7d4c3f564f78a030bbaf7b4612cf
m_b93b04ede86f4e98a9b71441c742571c
m_30c8813b9c0b48768bd4d46c0ed8ee87
m_97e88132b43740b1ad6a4ab032c404da
m_81fcad41111a471382e81a4b02ca2470
m_0791a16e06e34da6b81c6302ffed4954
m_31ea7bda14c046aab2dcd00624e6e2ac
m_dfabc76e49e74d53a62cb9880d6f9266
m_c940f0b692e5423daed4afdbe76c611b
m_b7bac85afd0647c2882810217fd55d16
m_9e2064ed17cd477b91c501a92235ca0a
m_122ad7b12d384f6c94d35a2d11ed5ac2
m_2483e0aba0fe4b458fc9910f01014be8
m_e6a148b3a5494517b96ed9783087f9af
m_e75390fec17a45f0a67a8df87bb1a4ba
m_697b8dc68c30459481f788179f8aea4b
m_79848adb56fd4a05bcef70cf1766fbd5
m_9bc25536b04f4eaa95bd9a56f65403e5
m_e5e3df74f48544cd92b1f0dd39cc2eb4
m_7afd87beb8384c72aada64420d2a887e
m_feb1c367746c43698c4643420e1a1225
m_39a70f10b7fa48578397052097d6ebd1
ResolveIndexer
y0272f4c6cabd41d29a7198aea156defb
MoveIndexer
VisitIndexer
CompilationRelaxationsAttribute
RuntimeCompatibilityAttribute
DebuggableAttribute
DebuggingModes
AssemblyTitleAttribute
AssemblyDescriptionAttribute
AssemblyConfigurationAttribute
AssemblyCompanyAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyTrademarkAttribute
ComVisibleAttribute
System.Runtime.InteropServices
GuidAttribute
AssemblyFileVersionAttribute
TargetFrameworkAttribute
System.Runtime.Versioning
STAThreadAttribute
GeneratedCodeAttribute
System.CodeDom.Compiler
DebuggerNonUserCodeAttribute
CompilerGeneratedAttribute
EditorBrowsableAttribute
EditorBrowsableState
Product_Specifications_Details_202330_RFQ.Consumers.TestRefConsumer.resources
Lroxnilj.Services.Strategy.resources
Lroxnilj.Properties.Resources.resources
WrapNonExceptionThrows
Telegram Desktop
Telegram FZ-LLC
Copyright (C) 2014-2021
$57743a45-cb09-4f0f-a6e5-867918a4bfdb
2.8.9.0
.NETFramework,Version=v4.0
FrameworkDisplayName
.NET Framework 4
3System.Resources.Tools.StronglyTypedResourceBuilder
16.0.0.0
KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator
11.0.0.0
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
powershell
Test-Connection www.facebook.com
Test-Connection www.google.com
Test-Connection www.twitter.com
System.Reflection.Assembly
SmartAssembly.Identifiers.Manager
ReflectBroadcaster
https://store2.gofile.io/download/44989e53-4040-4cf6-800e-087ac6154184/Iuugtkemaayyziygy.dll
Test-Connection www.bing.com
Rhjstrcotlnynmgtohgmndj
Lroxnilj.Properties.Resources
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
Telegram Desktop
CompanyName
Telegram FZ-LLC
FileDescription
Telegram Desktop
FileVersion
2.8.9.0
InternalName
Product_Specifications_Details_202330_RFQ.exe
LegalCopyright
Copyright (C) 2014-2021
LegalTrademarks
OriginalFilename
Product_Specifications_Details_202330_RFQ.exe
ProductName
Telegram Desktop
ProductVersion
2.8.9.0
Assembly Version
2.8.9.0
Antivirus Signature
Bkav Clean
Lionic Clean
Elastic Clean
Cynet Malicious (score: 100)
FireEye Clean
CAT-QuickHeal Clean
McAfee Artemis!60B5EFCC9EA0
Malwarebytes Trojan.MCrypt.MSIL.Generic
Zillya Clean
Sangfor Clean
K7AntiVirus Trojan ( 00577e181 )
BitDefender Clean
K7GW Trojan ( 00577e181 )
CrowdStrike win/malicious_confidence_80% (W)
Baidu Clean
Cyren W32/MSIL_Agent.BCR.gen!Eldorado
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of MSIL/Kryptik_AGen.E
APEX Malicious
Paloalto generic.ml
ClamAV Clean
Kaspersky UDS:DangerousObject.Multi.Generic
Alibaba Clean
NANO-Antivirus Clean
ViRobot Clean
MicroWorld-eScan Clean
Rising Clean
Ad-Aware Clean
Sophos Mal/Generic-S
Comodo Clean
F-Secure Clean
DrWeb Clean
VIPRE Clean
TrendMicro Clean
McAfee-GW-Edition Artemis!Trojan
CMC Clean
Emsisoft Clean
SentinelOne Static AI - Malicious PE
GData Clean
Jiangmin Clean
Webroot Clean
Avira Clean
MAX Clean
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Clean
Arcabit Clean
SUPERAntiSpyware Clean
ZoneAlarm UDS:DangerousObject.Multi.Generic
Microsoft Trojan:Win32/Sabsik.FL.B!ml
AhnLab-V3 Clean
Acronis Clean
BitDefenderTheta Gen:NN.ZemsilF.34142.cm0@aKD91Ud
ALYac Clean
TACHYON Clean
VBA32 Clean
Panda Clean
Zoner Clean
TrendMicro-HouseCall Clean
Tencent Clean
Yandex Clean
Ikarus Clean
MaxSecure Trojan.Malware.300983.susgen
Fortinet MSIL/Agent.IUS!tr.dldr
Cybereason Clean
Avast Clean
No IRMA results available.