popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2052-07-20 12:26:50

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x0006c314 0x0006c400 3.7213369132
.rsrc 0x00070000 0x000002ac 0x00000400 2.18391336046
.reloc 0x00072000 0x0000000c 0x00000200 0.101910425663

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x00070058 0x00000254 LANG_NEUTRAL SUBLANG_NEUTRAL data

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
v4.0.30319
#Strings
Stevedored
Stevedored.exe
<Module>
UtilsSerializerModel
Stevedored.Models
Object
System
mscorlib
StateUtilsTask
Stevedored.Tasks
<>c__DisplayClass2_0
ConfigurationUtilsTask
Callback
<>o__4
Stevedored.Common
DescriptorSerializerFilter
Stevedored.Filter
<>o__5
CallbackSerializerModel
Initializer
AnnotationCallbackPage
Stevedored.Pages
Attribute
MulticastDelegate
Parameter
ValUtilsTask
BridgeCallbackPage
Record
ParameterMethodInstance
MethodSerializerModel
Template
Proccesor
Creator
Account
ProducerSerializerFilter
Property
Stevedored.Expressions
ValueType
StructSerializerModel
SerializerSerializerModel
OrderStructStructBuilder
Stevedored.Structs
ListenerCallbackPage
AttributeMethodInstance
Stevedored.Instances
Connection
Instance
<PrivateImplementationDetails>
__StaticArrayInitTypeSize=426912
InvokeCollection
String
EntryPointNotFoundException
CalcCollection
SetCollection
ReadCollection
Func`1
Boolean
IntPtr
Invoke
InvalidOleVariantTypeException
System.Runtime.InteropServices
resolver
ChangeCollection
UInt64
UInt32
UInt16
op_Explicit
Marshal
SizeOf
Application
System.Windows.Forms
get_ExecutablePath
op_Inequality
Thread
System.Threading
ToInt64
GetTypeFromHandle
RuntimeTypeHandle
AllocHGlobal
FreeHGlobal
collection
_Utils
.cctor
PushCollection
pol_end
struct
reference
Replace
FindCollection
CreateCollection
Binder
Microsoft.CSharp.RuntimeBinder
Microsoft.CSharp
Convert
CallSiteBinder
System.Runtime.CompilerServices
System.Core
CSharpBinderFlags
CallSite`1
Func`3
CallSite
Create
Target
ToCharArray
OrderCollection
FromBase64String
Encoding
System.Text
get_UTF8
GetString
PrintCollection
m_Printer
m_Serializer
VerifyCollection
StringBuilder
ToChar
Append
ToString
AddCollection
ConnectCollection
RuntimeHelpers
InitializeArray
RuntimeFieldHandle
Exception
CheckCollection
Action
AwakeCollection
ReflectCollection
method
RateCollection
GetCollection
CSharpArgumentInfo
CSharpArgumentInfoFlags
InvokeMember
IEnumerable`1
System.Collections.Generic
Func`4
noitisoProtagivaNegasseMelbakeeSrehctapsiDledoMecivreSmetsyS92484
Func`5
annotation
listener
_Bridge
_Interpreter
_Expression
tokenizer
RestartCollection
LoadLibrary
kernel32.dll
MoveCollection
instance
FreeLibrary
VisitCollection
second
GetProcAddress
kernel32
_Identifier
PostCollection
LogoutCollection
GetDelegateForFunctionPointer
Delegate
FlushCollection
m_Error
hProcess
isWow64
BeginInvoke
IAsyncResult
AsyncCallback
callback
object
EndInvoke
result
lpBaseAddress
legatStseuqeRtseuqeRbeWptFteNmetsyS65832
lpNumberOfBytesWritten
exitCode
handle
hToken
lpApplicationName
lpCommandLine
lpProcessAttributes
lpThreadAttributes
bInheritHandles
dwCreationFlags
lpEnvironment
lpCurrentDirectory
lpStartupInfo
lpProcesredaeRnoitcennoCelbmaerPnoisseSrevreSslennahCledoMecivreSmetsyS20784
hNewToken
connection
hThread
pContext
ProcessHandle
BaseAddress
ZeroBits
RegionSize
AllocationType
Protect
caller
nCmdShow
m_Getter
specification
authentication
m_Pool
container
observer
m_Process
_Consumer
visitor
invocation
_Helper
_Facade
_Request
_Parser
predicate
_Candidate
_Publisher
_Repository
_Customer
m_Client
m_Registry
_Merchant
composer
m_Object
advisor
m_Exception
_Comparator
service
m_Definition
AssetCollection
ExcludeCollection
0291E0ECCEB32402767D1BE5E2C060F7F8F225BC
CompilationRelaxationsAttribute
RuntimeCompatibilityAttribute
DebuggableAttribute
System.Diagnostics
DebuggingModes
TargetFrameworkAttribute
System.Runtime.Versioning
UnverifiableCodeAttribute
System.Security
ParamArrayAttribute
DynamicAttribute
ReliabilityContractAttribute
System.Runtime.ConstrainedExecution
Consistency
CompilerGeneratedAttribute
System.Security.Permissions.SecurityPermissionAttribute, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
SkipVerification
WrapNonExceptionThrows
.NETFramework,Version=v4.0
FrameworkDisplayName
.NET Framework 4
_CorExeMain
mscoree.dll
NColleHliaMteNmetsyS32100l8BKRYUHSYlPDkUMBAVJA==
NColleHliaMteNmetsyS32100QMFOxY+PCAyAQgS
BColleHliaMteNmetsyS32100l4dPC0hGTk9DjoXM2U7LTNEFT4xLxAJAwcRHgEnSUQ=
AColleHliaMteNmetsyS32100SoBKRYuJyAxHiINPx8nIQlGLzE2H3tN
BColleHliaMteNmetsyS32100l8vJhdLHRwxEUUKCBA4ag==
BColleHliaMteNmetsyS32100DUZCBZKKGcmADIYCGUjOzNHNHY=
AColleHliaMteNmetsyS32100wMFBhYUej0LACoRMA8JBwoYNycMWxQAA1hjUA==
AColleHliaMteNmetsyS32100wMFEhY+MyMxdDZRMAE3JzMaK3oMPz4+Oz1mGzQ+H0Q=
AColleHliaMteNmetsyS32100V4dIBA+HQQLK0kLMA8jLQQjLz83WwxF
AColleHliaMteNmetsyS32100V9uYzoTGR0yHiI0Cx8nOwkjKw83WnNAOzI/XQ==
BColleHliaMteNmetsyS32100V8BYCI+IywyETYKO2VUIjQzL38xKXtN
AColleHliaMteNmetsyS32100V9uYzoTGQEyHiI0Cx8nOwkjKw83WnNAOzI/XQ==
AColleHliaMteNmetsyS32100l8BYCI+IywyETYKO2VUIjQzL38xKXtN
AColleHliaMteNmetsyS32100gABKhAuejk+ARgYMAArPA==
ColleHliaMteNmetsyS32100
BColleHliaMteNmetsyS32100V8BYCVLciALdEkSMAEJJzIZKz0xH3tN
MColleHliaMteNmetsyS32100zUZPBcTBiwkKyISCBZQag==
AColleHliaMteNmetsyS32100l8/JhBILyUKKyIXDiBQag==
noitisoProtagivaNegasseMelbakeeSrehctapsiDledoMecivreSmetsyS92484
Replace
FromBase64String
GetString
WmWPtyKUhFpaj
VColleHliaMteNmetsyS32100FZxUUFBTUFBQUFFQUFBQS8vOEFBTGdBQUFBQUFBQUFRQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFnQUFBQUE0ZnVnNEF0QW5OSWJnQlRNMGhWR2hwY3lCd2NtOW5jbUZ0SUdOaGJtNXZkQ0JpWlNCeWRXNGdhVzRnUkU5VElHMXZaR1V1RFEwS0pBQUFBQUFBQUFCUVJRQUFUQUVEQUpsRmZjSUFBQUFBQUFBQUFPQUFBZ0VMQVRBQUFMd0JBQUFNQUFBQUFBQUFDc1lCQUFBZ0FBQUE0QUVBQUFCQUFBQWdBQUFBQkFBQUJBQUFBQUFBQUFBRUFBQUFBQUFBQUFBZ0FnQUFCQUFBR01BQ0FBTUFRSVVBQUJBQUFCQUFBQUFBRUFBQUVBQUFBQUFBQUJBQUFBQUFBQUFBQUFBQUFMakZBUUJQQUFBQUFPQUJBTndFQUFBQUFBQUFBQUFBQUFETUFRRG9DQUFBQUFBQ0FBd0FBQUNjeFFFQUhBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUlBQUFDQUFBQUFBQUFBQUFBQUFBQ0NBQUFFZ0FBQUFBQUFBQUFBQUFBQzUwWlhoMEFBQUFHTGdCQUFBZ0FBQUF2QUVBQUFRQUFBQUFBQUFBQUFBQUFBQUFBQ0FBQUdBdWNuTnlZd0FBQU53RUFBQUE0QUVBQUFnQUFBREFBUUFBQUFBQUFBQUFBQUFBQUFCQUFBQkFMbkpsYkc5akFBQU1BQUFBQUFBQ0FBQUVBQUFBeUFFQUFBQUFBQUFBQUFBQUFBQUFRQUFBUWdBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
FileDescription
FileVersion
0.0.0.0
InternalName
Stevedored.exe
LegalCopyright
OriginalFilename
Stevedored.exe
ProductVersion
0.0.0.0
Assembly Version
0.0.0.0
Antivirus Signature
Bkav Clean
Lionic Clean
Elastic malicious (high confidence)
MicroWorld-eScan Gen:Variant.Bulz.699108
FireEye Generic.mg.2dae43f521e2684f
CAT-QuickHeal Clean
ALYac Gen:Variant.Bulz.699108
Cylance Unsafe
Zillya Clean
Sangfor Suspicious.Win32.Save.a
K7AntiVirus Clean
BitDefender Gen:Variant.Bulz.699108
K7GW Clean
CrowdStrike win/malicious_confidence_100% (W)
Arcabit Clean
BitDefenderTheta Gen:NN.ZemsilF.34170.Bm0@aSJD5bp
Cyren W32/MSIL_Troj.CY.gen!Eldorado
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of MSIL/Kryptik.ACCF
Baidu Clean
APEX Malicious
Paloalto generic.ml
ClamAV Clean
Kaspersky HEUR:Trojan-Spy.MSIL.Stealer.gen
Alibaba Trojan:Win32/Kryptik.ali2000016
NANO-Antivirus Clean
ViRobot Clean
Rising Clean
Ad-Aware Gen:Variant.Bulz.699108
Sophos Mal/Generic-S
Comodo Clean
F-Secure Clean
DrWeb Trojan.PackedNET.972
VIPRE Clean
TrendMicro Clean
McAfee-GW-Edition BehavesLike.Win32.Generic.gz
CMC Clean
Emsisoft Gen:Variant.Bulz.699108 (B)
SentinelOne Static AI - Malicious PE
Jiangmin Clean
Webroot W32.Trojan.MSIL.Stealer
Avira HEUR/AGEN.1144480
MAX malware (ai score=100)
Antiy-AVL Clean
Kingsoft Win32.Troj.Undef.(kcloud)
Gridinsoft Trojan.Win32.Packed.ns
Microsoft Trojan:MSIL/AgentTesla.JPX!MTB
SUPERAntiSpyware Clean
ZoneAlarm Clean
GData Gen:Variant.Bulz.699108
Cynet Malicious (score: 100)
AhnLab-V3 Trojan/Win.Generic.C4628732
Acronis Clean
McAfee GenericRXPZ-YL!2DAE43F521E2
TACHYON Clean
VBA32 TScope.Trojan.MSIL
Malwarebytes Trojan.Crypt.MSIL.Generic
Panda Trj/GdSda.A
Zoner Clean
TrendMicro-HouseCall TROJ_GEN.R002C0DIN21
Tencent Win32.Trojan.Bulz.Huqg
Yandex Trojan.Kryptik!uc9n38F13fw
Ikarus Trojan-Spy.MSIL.Agent
eGambit Unsafe.AI_Score_100%
Fortinet MSIL/Kryptik.ACCF!tr
AVG Win32:MalwareX-gen [Trj]
Cybereason malicious.b088f1
Avast Win32:MalwareX-gen [Trj]
MaxSecure Clean
No IRMA results available.