popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2021-09-23 07:58:10

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x00003174 0x00003200 6.02957949999
.rsrc 0x00006000 0x00029eb4 0x0002a000 4.29816599367
.reloc 0x00030000 0x0000000c 0x00000200 0.0815394123432

Resources

Name Offset Size Language Sub-language File type
RT_ICON 0x0002f410 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x0002f410 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x0002f410 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x0002f410 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x0002f410 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x0002f410 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x0002f410 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x0002f410 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x0002f410 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_GROUP_ICON 0x0002f878 0x00000084 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_VERSION 0x0002f8fc 0x00000404 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_MANIFEST 0x0002fd00 0x000001b4 LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with very long lines, with no line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
%|nef
g7sU
f E-zma
g7sU
%|nef
v4.0.30319
#Strings
Product_Specifications_Details_200550_RFQ
Product_Specifications_Details_200550_RFQ.exe
<Module>
Settings
Dpzgyimbnvqtkdp.Properties
ApplicationSettingsBase
System.Configuration
System
AttributeCreatorException
Product_Specifications_Details_200550_RFQ.Exceptions
Object
mscorlib
WriterCreatorException
Setter
Product_Specifications_Details_200550_RFQ.Records
RequestSetterMap
Dpzgyimbnvqtkdp.Maps
ParamCreatorException
<Module>{36599e00-51f8-40dd-b8d7-4dd9051fec32}
.cctor
SettingsBase
Synchronized
DefineConfig
String
Convert
FromBase64String
CompareConfig
Encoding
System.Text
get_UTF8
GetString
Replace
m_Config
ResetConfig
Queue`1
System.Collections.Generic
Enqueue
get_Count
InsertConfig
Boolean
Thread
System.Threading
AwakeConfig
ServicePointManager
System.Net
set_SecurityProtocol
SecurityProtocolType
WebClient
DownloadData
PushConfig
instance
Format
Dequeue
Console
ReadKey
ConsoleKeyInfo
WriteLine
PostConfig
Assembly
System.Reflection
GetTypes
InvokeMember
BindingFlags
Binder
composer
ResourceManager
System.Resources
_Specification
CultureInfo
System.Globalization
DestroyConfig
GetTypeFromHandle
RuntimeTypeHandle
get_Assembly
ComputeConfig
MapConfig
publisher
factory
_Facade
m_b78c839c9499432aacdd1995c71e7d6a
m_ef3dc9ae9a4a4c06b6914d7b750057d1
m_5db853856fe94c799e6f90aec3918be0
m_dbe1e00358194a5bae24ded3c698aa7f
m_0fe7e40cfdd243588bba370f291d7bd1
m_9f483b086c7d4a6c859d123bdf878ad4
m_1320f830383c42b999b71402dd333c62
m_ad6fe53b0c444e44b0567089e3153955
m_a7a1973e5e534f2dbbfd80d88bee8fb5
m_fbe2a46e47ba4d6fa477048ed1580d67
m_f5fe82fca951488daa25db0f45a8132a
m_1c442dc870fa460fa1d8c59d302ea8ed
m_75d317d6a7b14054a3af474f9ca020b8
m_d96cf54f34bc496691161f53594ad211
m_dd92d9f6d936421d9b78b29b7c715ba8
m_9a90a19f725e4a61b514e078d74e322e
m_4c7616692e5e4346b4a24cd888ced767
m_fc5d39f46b6e4e7cb2617ffeb47bf1cd
m_4148dbabcfd0461db284c01f2862a592
m_680360c3b1534c2e8af1bcc5d8a4a851
m_c7b0547979e644f2b3cb89e655a21d9d
m_a9607b9477dc4350af8bf517187c42d9
m_a71946ffe61b4df1b2581ff5c1ece0f1
m_72af4b375657406ebcdb3d872b9a1cf6
m_227edfb6d6264c3c8d9ab8ec1816fc38
m_f7680569bf9447d7b86ff8104e6ad9a0
m_5849ca80e8e240a8a21ff640490bfef6
m_e93cf645fb0a435a9d332552b0e3ac3a
m_8c007afe90634f1197650cdb23922940
m_ad643b72b2d64d8a95c38f50e19faa85
m_a7bc0946cf704f56a94656c8f11a24a6
m_62408616427448358868cc7d5c64576a
m_2600a00d653442589cccebeb8e3717fc
m_40345152a3dd447f948802a8589daede
m_7f6c06c8c61840709e080dadce19d5ac
m_419209f986de4c4eb20a1788755bf5d5
m_c36f81ae6e4540dd8727dfa5055c692b
m_df1c8f75043f4a25bfa430c99c70cfc2
m_464a1291024e49958e65defe6ea5daa1
m_bc4a2c30b4504966b85d9094b2a02f46
m_d239266fb96d487d94fd819aa9e72d72
m_961ce0167a7e4f669d3fc62cde6bfd36
m_2537c81c6b07476f9bab57849420cf73
m_b62aeae5461343af84cf8fb605f8ec3b
m_66162a6dc2594cf590d0b632487f6de1
m_4b614f4b3887404884b98b82a00ea349
m_c37442e838524a1386e89fb8c7f8a145
m_8efbdf44d88146fb80fce59a114a5638
m_23a8dcb63e8c4cd5bbfe86d6864b25ed
m_0c6733461cc34f0c8e40e69fa44ec304
m_1ead893f1ab34c3a9d6bc78f238c568c
m_59265c29fa8c4cc481aa46ecba829144
m_97e7f58200a34c8bae5a5e53a1790625
m_f0d41c5f99ed46e88be42555c081ee65
m_fa97ceebf9344cdd9163dcbcb7f4c937
m_71beb951f24f4d02b15a469b4cbabe54
m_d9fd49e3bba745adbca9f883cfe8bdbb
m_878644c7147f40c0b91f13dabc73ee5f
m_fda422ca094a409c8571c3ffae7a1043
m_ed95c8bcd4fb439e8422d936ce34c284
m_2aaf906fbed64826be9e8645d2386223
m_dab1c5c9fac4433ca0cc2cf6113706cb
m_10c57791a8434dd5948b2e5cb714e816
m_400d625d3f304f83a40fc92e325d5fd7
m_c6cde072e2da44f38404211afee12e08
m_aa82ba50bd374d9f940c96496e8d0d94
m_281b8210c3a94a2eaf1729bdf4c0ad21
m_d84bb7072e754288bddd49b4b2613afd
m_69273b03e8b94831a16813188b20ff0f
m_6b9112128b1b413a959e882a80b8f56a
m_bc0f32ad68144621bd8415a28cfa7479
m_6be41c16e04c496a8edd6866c4430a43
m_83bf311911c149c297e3c9b145ea57be
m_40674e1ca9b4486a8a2e5a34a3ce1a73
m_886c6953bd1a414185f512d1495c983a
m_7d4dbf57ca76496eb290359545b3f1af
m_21635438fa534a778701612210c61407
m_f41c6d1247234933a2e5967335faf5b1
m_f1ce7fdc116e49ca831a3e7b26a0def4
m_378194e961ff4564a4756525ad812cb8
m_2efaf7266c4840ada7460e11281fbc0c
m_5310d6b079494c5a89421079fe3f840c
m_45a22fb5cf774d9795c381df9344ace7
m_fb8529aa6d7745dfbc057db8a84fa1b0
m_423a2c03f8bc4e4bb2efdb24ae4a63c9
m_21fab2b95aeb4930b2f8c3282eeac4fe
m_20a97c7ea3f44723bd89a83e1e4b5951
m_e1f6007a65ee4fc58e3b79e682da271a
m_580a7b4a18614c1a82589c7cc5a18f35
m_eee311e73746445b81b0753ea56c5b03
m_368a01ddec1d4a95992381dead3e9858
m_27695bfe550246e4be9fa7ebcee9464d
m_55fd35a4d9ad4bda9223d8aab0e05aa3
m_55122104984b4aebaeb32fb92bc32e77
m_d89ea2856f5e4d93a196d0c188f1766c
m_ca9d60a22a5d488cb2b9f5293de41631
m_dcb0c664b90b4a37a15a461db41b5252
m_e582600ffba8462489bae062089a1ede
m_91d0a7c3577b4493b0789aafb8c163cd
m_5319e6bebc7942399d2fcbfe8ef62d2a
m_56aa951099ae499b8c546fcfd73517b3
m_436f06ca9a554271b6abb029c9fa7f71
m_f7eec8ec76f747eebdccf533b86364fe
m_f4b74cf8e3f643a3b10db8d3d9e5bf0e
cc29e690137a94145b35d07811ec39654
AssemblyProductAttribute
CompilationRelaxationsAttribute
System.Runtime.CompilerServices
RuntimeCompatibilityAttribute
TargetFrameworkAttribute
System.Runtime.Versioning
AssemblyTitleAttribute
AssemblyDescriptionAttribute
AssemblyConfigurationAttribute
AssemblyCompanyAttribute
AssemblyFileVersionAttribute
AssemblyTrademarkAttribute
ComVisibleAttribute
System.Runtime.InteropServices
GuidAttribute
AssemblyCopyrightAttribute
CompilerGeneratedAttribute
GeneratedCodeAttribute
System.CodeDom.Compiler
STAThreadAttribute
DebuggerNonUserCodeAttribute
System.Diagnostics
Dpzgyimbnvqtkdp.Properties.Resources.resources
Telegram Desktop
WrapNonExceptionThrows
.NETFramework,Version=v4.0
FrameworkDisplayName
.NET Framework 4
Telegram FZ-LLC
3.1.0.0
$a2075a34-f17d-4963-bf1d-fef3d391042b
Copyright (C) 2014-2021
KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator
11.0.0.0
3System.Resources.Tools.StronglyTypedResourceBuilder
16.0.0.0
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
_CorExeMain
mscoree.dll
z[]>!^
"^h#O;
Nwo]_:|
Ld`%N2
f{l7;E
n&5z9nv
`fr-.|
zKr]7h=%-!
al_MMP
B`3^Ka+
<?xml version="1.0" encoding="utf-8" standalone="yes"?><assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"><assemblyIdentity version="1.0.0.0" name="MyApplication.app" /><trustInfo xmlns="urn:schemas-microsoft-com:asm.v2"><security><requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3"><requestedExecutionLevel level="asInvoker" uiAccess="false" /></requestedPrivileges></security></trustInfo></assembly>
https://cdn.discordapp.com/attachments/888490061170110496/890371414232801301/Qapvbbflsprygnfy.dll
: {0}
: {0}
IncludeRule
Dpzgyimbnvqtkdp.Properties.Resources
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
Telegram Desktop
CompanyName
Telegram FZ-LLC
FileDescription
Telegram Desktop
FileVersion
3.1.0.0
InternalName
Product_Specifications_Details_200550_RFQ.exe
LegalCopyright
Copyright (C) 2014-2021
LegalTrademarks
OriginalFilename
Product_Specifications_Details_200550_RFQ.exe
ProductName
Telegram Desktop
ProductVersion
3.1.0.0
Assembly Version
3.1.0.0
Antivirus Signature
Bkav Clean
Lionic Trojan.Multi.Generic.4!c
Elastic malicious (high confidence)
MicroWorld-eScan Clean
FireEye Generic.mg.5627f70136a7169c
CAT-QuickHeal Clean
ALYac Clean
Cylance Unsafe
VIPRE Clean
Sangfor Clean
K7AntiVirus Clean
BitDefender Clean
K7GW Clean
CrowdStrike win/malicious_confidence_80% (W)
BitDefenderTheta Gen:NN.ZemsilF.34170.lm0@aqR2yoe
Cyren W32/MSIL_Agent.BCR.gen!Eldorado
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of MSIL/TrojanDownloader.Agent.IVO
Baidu Clean
APEX Malicious
Paloalto generic.ml
ClamAV Clean
Kaspersky UDS:DangerousObject.Multi.Generic
Alibaba Clean
NANO-Antivirus Clean
ViRobot Clean
Rising Clean
Ad-Aware Clean
Sophos Mal/Generic-S
Comodo Clean
F-Secure Clean
DrWeb Clean
Zillya Clean
TrendMicro Clean
McAfee-GW-Edition Artemis!Trojan
CMC Clean
Emsisoft Clean
SentinelOne Static AI - Malicious PE
GData Clean
Jiangmin Clean
Webroot Clean
Avira Clean
MAX Clean
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Clean
Arcabit Clean
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft Trojan:Win32/Sabsik.FL.B!ml
Cynet Malicious (score: 100)
AhnLab-V3 Clean
Acronis Clean
McAfee Artemis!5627F70136A7
TACHYON Clean
VBA32 Clean
Malwarebytes Trojan.Crypt.MSIL
Panda Clean
Zoner Clean
TrendMicro-HouseCall Clean
Tencent Clean
Yandex Clean
Ikarus Clean
MaxSecure Trojan.Malware.300983.susgen
Fortinet MSIL/Agent.IVO!tr.dldr
AVG FileRepMalware
Cybereason Clean
Avast FileRepMalware
No IRMA results available.