popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2009-12-09 01:00:32

PE Imphash

cd6cada764d740d8782222f9ccbeed47

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x000191ac 0x0001a000 6.24902872148
.data 0x0001b000 0x00001e50 0x00000000 0.0
.rsrc 0x0001d000 0x000016a8 0x00002000 2.90302899598

Resources

Name Offset Size Language Sub-language File type
CUSTOM 0x0001d4f0 0x000002fe LANG_ENGLISH SUBLANG_ENGLISH_US MS Windows icon resource - 1 icon, 32x32, 4 colors
CUSTOM 0x0001d4f0 0x000002fe LANG_ENGLISH SUBLANG_ENGLISH_US MS Windows icon resource - 1 icon, 32x32, 4 colors
CUSTOM 0x0001d4f0 0x000002fe LANG_ENGLISH SUBLANG_ENGLISH_US MS Windows icon resource - 1 icon, 32x32, 4 colors
CUSTOM 0x0001d4f0 0x000002fe LANG_ENGLISH SUBLANG_ENGLISH_US MS Windows icon resource - 1 icon, 32x32, 4 colors
RT_ICON 0x0001d3c8 0x00000128 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_GROUP_ICON 0x0001d3b4 0x00000014 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_VERSION 0x0001d1d0 0x000001e4 LANG_ENGLISH SUBLANG_ENGLISH_US data

Imports

Library MSVBVM60.DLL:
0x401000 MethCallEngine
0x401004 None
0x401008 EVENT_SINK_AddRef
0x40100c DllFunctionCall
0x401010 EVENT_SINK_Release
0x401018 __vbaExceptHandler
0x40101c None
0x401020 None
0x401024 None
0x401028 None
!This program cannot be run in DOS mode.
`.data
MSVBVM60.DLL
NONPROFAN
Fejlkont9
Hashtpens
Hashtpens
Frame1
Overma4
Check1
Option4
stille
Option3
synkop
Option2
Option1
VB5!6&*
enfrenzy
NONPROFAN
NONPROFAN
NONPROFAN
Fejlkont9
Grinsh2
Poultices
HEADINGS
Faste6
manicha
Lusoryradu
Pauli3
Sildebe1
ANKERTR
MAMPAR
Pennetegni8
Knkketdri1
brudurtens
velellidou
Stoma6
VIKLENDESS
Dlgsmaals4
HULLOING
Lgenbrow9
Nonanac
PARFOCA
Vamsen2
C:\Program Files (x86)\Microsoft Visual Studio\VB98\VB6.OLB
Option3
Option2
Option1
Option4
Check1
Frame1
kernel32
EnumSystemCodePagesA
advapi32.dll
RegSaveKeyA
shlwapi.dll
PathIsSystemFolderA
user64
TabbedTextOutA
wininet.dll
FindFirstUrlCacheEntryA
Ekstremistiskes
VBA6.DLL
B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B
I7wv8%8
I7wv8%8
&VNDVk86
$}$KOm
_/FNDA
?>r8Wi|
1c{Mz".B
17=gIH
^`E&MK'
ML7rSH
F:8(9]
M'LLT`
_5RvF8=
B?*M2}
lN7Hr
vLfR0`
Q!$ro&
BN3LR
N7Hr,
h[NOly
aN0OJ
\F8apD
"NBt
77N:MZ
0c40NB
Ll686A
vCv}O^
2N>Iz
F dJ[+
[A\kJh
D]S#.X
Y%7oz
_C>3M6~.
zF:+xe
bE=K},
nOJ#
bhP".B
zWC<&aC=
|yP&cF
JC/Hr
C6&cF8,
XDk%,L^dY
m=;~#&I
grd#-,
@2Ak $MJ2
1PH2xsG
>!9I86
$1^".B
RW 5/
&cC=&x0
"!,c86
o ]L".B
M=o86x
'\C-xc
+PoVH*
]nx".B
_s;&aF;P
;&WF#(
2ImboI]b
F'Z&=g
B'fL|d
6DSPxc
=xSB!
MLk86x
0'@".B
><X8hJ
'EF =Y
ooooooooooooooooooooo
/jjjjjjjjjjjjjjjjjjjjj
fNNNNNNNNNNNNNNNN
?TTTTTTTTTTTTTTT
-EEEEEEEEEEEEEEEEEEEE
W:::::::::::::::::::::
G>>>>>>>>>>>>>>>>>
X~z(((((((((((((((((((
-tttttttttttttttttttt
JJJJJJJJJJJJJJJJJJJJJJ
$IIIIIIIIIIIIIIII
F})))))))))))))))))
O|||||||||||||||
dddddddddddddddddddddd
MYYYYYYYYYYYYYYY
wwwwwwwwwwwwwwww
,[[[[[[[[[[[[[[[[[[
`1eeeeeeeeeeeeeeeeeee
3taaaaaaaaaaaaaaaaaa
RKKKKKKKKKKKKKKKKKKKK
ZJPj9999999999999999
{%%%%%%%%%%%%%%%
SUL5555555555555555555555
R
QQ???????????????
8VVVVVVVVVVVVVVVVVVV
4444444444444444
zzzzzzzzzzzzzzzzzzzz
qqqqqqqqqqqqqqqq
T-***************
Qfffffffffffffffff
|g\oCCCCCCCCCCCCCCCCC
!#""""""""""""""""""""""
,vvvvvvvvvvvvvvvvvv
pppppppppppppppppp
6UUUUUUUUUUUUUUUUUUUUU
2______________________
ZZZZZZZZZZZZZZZZZZZZ
DDDDDDDDDDDDDDD
8888888888888888888888
b2---------------[f
Msssssssssssssssssss
P}}}}}}}}}}}}}}}}}}}}
)xxxxxxxxxxxxxxxxxxx
ccccccccccccccccccccc
K<<<<<<<<<<<<<<<<
(DnMMMMMMMMMMMMMMM
77777777777777777
(oooooooooooooooQ
!!!!!!!!!!!!!!!!!!!
Ynnnnnnnnnnnnnnnnnnnn
NNNNNNNNNNNNNNNNNNNN
v&BBBBBBBBBBBBBBBB
,~~~~~~~~~~~~~~~~~~
4^^^^^^^^^^^^^^^^^^^1
11111111111111111Wf
Z&&&&&&&&&&&&&&&&&&
)llllllllllllllllllllll
[wwwwwwwwwwwwwwwww
`]]]]]]]]]]]]]]]]]
KKKKKKKKKKKKKKKKKKKKK
&x-777777777777777777777
.ZGGGGGGGGGGGGGGGGGGG

11111111111111111111111
Z
A5aQQQQQQQQQQQQQQQQQQQQQ
b)*FFFFFFFFFFFFFFFFFFFFFF
#<<<<<<<<<<<<<<<<<<<<<P
aUUUUUUUUUUUUUUUUUUUUUU
B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B
B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B B
uforson
MSVBVM60.DLL
MethCallEngine
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
wwwww33
wwwwww
wwwwww
wwwwww
wwwwww
wwwwww
wwwwwp
wwwwwwwwwwww
wwwwwwwwwwwwx
f:
::
wwwwww
wwwwww
wwwwwwx
wwwwwww
wwwwwww
wwwwwwwwwx
wwwwwwwwwx
wwwwwwwwwx
wwwwwwwwwwwwwx
Beleeho5
tPNJwPDZM100
Urobilino4
Out of string space
CUSTOM
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
040904B0
ProductName
NONPROFAN
FileVersion
ProductVersion
InternalName
enfrenzy
OriginalFilename
enfrenzy.exe
Antivirus Signature
Bkav W32.AIDetect.malware1
Lionic Trojan.Win32.Malicious.4!c
Elastic malicious (high confidence)
MicroWorld-eScan Trojan.GenericKD.37739819
FireEye Generic.mg.d53b5fa49804ec99
CAT-QuickHeal Clean
McAfee RDN/GuLoader
Cylance Clean
VIPRE Clean
Sangfor Trojan.Win32.Save.a
K7AntiVirus Clean
BitDefender Clean
K7GW Clean
Cybereason malicious.92b34a
Arcabit Clean
BitDefenderTheta Gen:NN.ZevbaF.34170.hm0@aioLApmi
Cyren Clean
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of Generik.EZLNZWG
Baidu Clean
APEX Malicious
Paloalto generic.ml
ClamAV Clean
Kaspersky UDS:DangerousObject.Multi.Generic
Alibaba Clean
NANO-Antivirus Clean
ViRobot Clean
Rising Clean
Ad-Aware Clean
TACHYON Clean
Sophos Mal/Generic-S
Comodo Clean
F-Secure Clean
DrWeb Clean
Zillya Clean
TrendMicro Clean
McAfee-GW-Edition BehavesLike.Win32.Downloader.ch
CMC Clean
Emsisoft Clean
SentinelOne Static AI - Malicious PE
Jiangmin Clean
Webroot Clean
Avira HEUR/AGEN.1135694
Antiy-AVL Clean
Kingsoft Win32.Troj.Generic_a.a.(kcloud)
Gridinsoft Clean
Microsoft Trojan:Win32/Sabsik.FL.B!ml
SUPERAntiSpyware Clean
ZoneAlarm Clean
GData Trojan.GenericKD.37739819
Cynet Malicious (score: 99)
AhnLab-V3 Clean
Acronis Clean
VBA32 Clean
ALYac Clean
MAX malware (ai score=81)
Malwarebytes Clean
Panda Clean
Zoner Clean
TrendMicro-HouseCall Clean
Tencent Clean
Yandex Clean
Ikarus Clean
eGambit Unsafe.AI_Score_99%
Fortinet Clean
AVG FileRepMalware
Avast FileRepMalware
CrowdStrike win/malicious_confidence_90% (W)
MaxSecure Clean
No IRMA results available.