Static | ZeroBOX

Name	Virtual Address	Virtual Size	Size of Raw Data	Entropy
.text	0x00002000	0x00011994	0x00011a00	6.10912951302
.rsrc	0x00014000	0x000005e8	0x00000600	4.31513258935
.reloc	0x00016000	0x0000000c	0x00000200	0.101910425663

Name	Offset	Size	Language	Sub-language	File type
RT_GROUP_ICON	0x000140e8	0x00000006	LANG_NEUTRAL	SUBLANG_NEUTRAL	data
RT_VERSION	0x000140f0	0x0000030c	LANG_NEUTRAL	SUBLANG_NEUTRAL	data
RT_MANIFEST	0x000143fc	0x000001ea	LANG_NEUTRAL	SUBLANG_NEUTRAL	XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

!This program cannot be run in DOS mode.

`.rsrc

@.reloc

U(si

((si

(Usi

((si

U(si

h}se

((si

U(si

((si

U(si

((si

lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet

PADPADP

lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet

PADPADP

v4.0.30319

#Strings

NR_Expect100

get_btn0

set_btn0

ThreadSafeObjectProvider`1

List`1

get_btn1

set_btn1

kernel32

ToInt32

get_btn2

set_btn2

get_btn3

set_btn3

get_btn4

set_btn4

get_btn5

set_btn5

get_btn6

set_btn6

get_btn7

set_btn7

get_btn8

set_btn8

get_btn9

set_btn9

NR_PatchAMSI

System.IO

Dispose__Instance__

Create__Instance__

ProjectData

mscorlib

get_btndec

set_btndec

System.Collections.Generic

Microsoft.VisualBasic

Thread

Form1_Load

add_Load

get_btnadd

set_btnadd

set_Enabled

Synchronized

get_btncube

set_btncube

get_Namespace

CreateInstance

get_GetInstance

defaultInstance

instance

source

GetHashCode

set_AutoScaleMode

IDisposable

RuntimeTypeHandle

GetTypeFromHandle

hModule

FontStyle

get_Name

set_Name

procName

set_Multiline

SecurityProtocolType

GetType

get_Culture

set_Culture

resourceCulture

ConsoleApplicationBase

ButtonBase

ApplicationSettingsBase

SomethingElse

Dispose

EditorBrowsableState

ThreadStaticAttribute

STAThreadAttribute

CompilerGeneratedAttribute

DesignerGeneratedAttribute

GuidAttribute

HelpKeywordAttribute

GeneratedCodeAttribute

DebuggerNonUserCodeAttribute

DebuggableAttribute

EditorBrowsableAttribute

ComVisibleAttribute

AssemblyTitleAttribute

StandardModuleAttribute

HideModuleNameAttribute

DebuggerStepThroughAttribute

AssemblyTrademarkAttribute

DebuggerHiddenAttribute

AssemblyFileVersionAttribute

MyGroupCollectionAttribute

AssemblyDescriptionAttribute

CompilationRelaxationsAttribute

AssemblyProductAttribute

AssemblyCopyrightAttribute

AssemblyCompanyAttribute

RuntimeCompatibilityAttribute

AccessedThroughPropertyAttribute

WriteByte

m_ThreadStaticValue

WithEventsValue

GetObjectValue

set_Expect100Continue

Remove

Sci_Cal.exe

set_Size

set_ClientSize

dwSize

System.Threading

DownloadString

CompareString

ToString

disposing

System.Drawing

get_btnlog

set_btnlog

get_btntanh

set_btntanh

get_btnsinh

set_btnsinh

get_btncosh

set_btncosh

get_Length

length

NR_Bostoroth

get_btnpi

set_btnpi

btn0_Click

btn1_Click

btn2_Click

Button3_Click

btn3_Click

Button4_Click

btn4_Click

btn5_Click

btn6_Click

Button17_Click

btn7_Click

btn8_Click

btn9_Click

btndec_Click

btnadd_Click

btncube_Click

remove_Click

btnlog_Click

btntanh_Click

btnsinh_Click

btncosh_Click

btneql_Click

btnmul_Click

btntan_Click

btnbacksp_Click

btnclr_Click

btnsqr_Click

btncos_Click

btnminus_Click

btnsqroot_Click

btndiv_Click

Sci_Cal

Marshal

System.ComponentModel

set_SecurityProtocol

ContainerControl

get_btneql

set_btneql

get_btnmul

set_btnmul

MemoryStream

System

resourceMan

get_btntan

set_btntan

get_txtscreen

set_txtscreen

System.ComponentModel.Design

get_btnsin

set_btnsin

Conversion

get_Application

MyApplication

set_Location

destination

System.Configuration

System.Globalization

System.Reflection

ControlCollection

set_StartPosition

FormStartPosition

Exception

Button

CultureInfo

MemberInfo

get_btnrecipro

set_btnrecipro

NR_BitchDoTorto

get_btnbacksp

set_btnbacksp

NR_wkdoqwkdoqwkdq

InvokeMember

m_AppObjectProvider

m_UserObjectProvider

m_ComputerObjectProvider

m_MyWebServicesObjectProvider

sender

Binder

get_ResourceManager

ServicePointManager

EventHandler

System.CodeDom.Compiler

IContainer

get_User

NR_mainclasser

get_Computer

MyComputer

get_btnclr

set_btnclr

set_UseVisualStyleBackColor

CreateProjectError

ClearProjectError

SetProjectError

ScientificCalculator

Activator

.cctor

get_btnsqr

set_btnsqr

UIntPtr

System.Diagnostics

Microsoft.VisualBasic.Devices

get_WebServices

MyWebServices

Microsoft.VisualBasic.ApplicationServices

System.Runtime.InteropServices

Microsoft.VisualBasic.CompilerServices

System.Runtime.CompilerServices

System.Resources

Sci_Cal.My.Resources

Sci_Cal.ScientificCalculator.resources

Sci_Cal.Resources.resources

DebuggingModes

GetExportedTypes

BindingFlags

get_Settings

MySettings

EventArgs

ReferenceEquals

get_Controls

System.Windows.Forms

set_AutoScaleDimensions

Conversions

get_btncos

set_btncos

RuntimeHelpers

Operators

NR_NestedClass

GetProcAddress

lpAddress

components

get_btnminus

set_btnminus

Concat

Object

MyProject

lpflOldProtect

VirtualProtect

flNewProtect

System.Net

set_RightToLeft

op_Explicit

fuckingshit

GraphicsUnit

get_Default

WebClient

InitializeComponent

set_Font

get_btnsqroot

set_btnsqroot

NR_NoCert

Convert

SuspendLayout

ResumeLayout

PerformLayout

set_RightToLeftLayout

get_Text

set_Text

get_btndiv

set_btndiv

set_TabIndex

startIndex

TextBox

Sci_Cal.My

ToArray

get_Assembly

LoadLibrary

MySettingsProperty

B2bjVd0

System.Runtime.Remoting.Metadata.W3cXsd2001

get_Iud381Y4c7e21

set_Iud381Y4c7e21

get_J12A58a1b1l0a41

set_J12A58a1b1l0a41

F0Ek991

get_E6ebaad489ea5W1

set_E6ebaad489ea5W1

I494idY1

IEnumerable`1

BbH2a8x1

ConvertFromUtf32

Microsoft.Win32

XL4a4A62

E0199cD2

get_HX34e804014vd2

set_HX34e804014vd2

get_BjlpXmd03

set_BjlpXmd03

GfKG4833

get_F28nlp984WubG24

set_F28nlp984WubG24

get_E4b94697B4944

set_E4b94697B4944

B0afH3e4

C718e145

get_SXH8euwaGF66Da5

set_SXH8euwaGF66Da5

get_E9Sb47Ffgu8006

set_E9Sb47Ffgu8006

get_FfeUed865wb966

set_FfeUed865wb966

get_Ic2ebX26A1fad86

set_Ic2ebX26A1fad86

get_AagcO1aa0P12F6

set_AagcO1aa0P12F6

KenUc9N6

<CreateRanges>d__6

get_SJTKa8c1P62zfq6

get_Wfba4DcI82d8K8

SdsffkW8

get_Pde6rCdffr08a89

set_Pde6rCdffr08a89

B5t6YcI9

get_DTE

EnvDTE

get_LucWi4a3d5Qe94F

set_LucWi4a3d5Qe94F

Qe56c02G

Ae3b1f5H

get_P4c2eed1mdfX68H

set_P4c2eed1mdfX68H

get_B8S190ac0ddI

set_B8S190ac0ddI

get_AF8a010c0d72ceI

set_AF8a010c0d72ceI

get_L70K2f05Dfb2fI

get_QeB001fM4o2J

set_QeB001fM4o2J

get_Wa84FtVcjza4cK

set_Wa84FtVcjza4cK

get_Ob0845vE3s6dRU

E1853bcV

Qwp845X

get_G297S0V806Y

set_G297S0V806Y

get_DRd296243xv4jtY

set_DRd296243xv4jtY

AcbfRz3a

get_C3J150O9cUj6a

set_C3J150O9cUj6a

Ba4FoIa

C8akaQa

get_WzPyd4fNC40a9ta

BLffn5za

M8V7bcLb

get_F5bfOaw2e4be7Ub

get_EUG5xdj26dao6c

get_D474a8aA3Br19Tc

set_D474a8aA3Br19Tc

M3b8b61d

get_N564P0f94Msid

set_N564P0f94Msid

Append

get_Qbxh1c6e4d0ei2e

set_Qbxh1c6e4d0ei2e

get_Fz81akcD3Uab14e

get_Ao149cfX6d46abe

set_Ao149cfX6d46abe

CodeNamespace

LJS0de

AutoScaleMode

ISoapMessage

Enumerable

RegistryAuditRule

SoapNcName

get_FullName

CodeTypeFromFullName

SoapName

get_IsCodeType

System.Core

SettingsBase

IsReadOnlyAttribute

LastIndexOf

get_Flf2f3Kb0a06af

set_Flf2f3Kb0a06af

GetString

Substring

add_Click

ReadWriteTask

get_CodeModel

get_FileCodeModel

System.Security.AccessControl

get_Aa18f4o690f045m

set_Aa18f4o690f045m

get_Ac96kf4id8pb4am

set_Ac96kf4id8pb4am

Stream

get_ProjectItem

MissingManifestResourceException

EncoderFallbackException

ArgumentException

get_Solution

Uab892o

get_Adp76GR883affo

set_Adp76GR883affo

BinaryCrossAppDomainMap

System.Linq

DSACryptoServiceProvider

StringBuilder

LocalDataStoreHolder

System.Resources.ResourceManager

Partitioner

Computer

IEnumerator

GetEnumerator

IntPtr

UnsafeNativeMethods

Sci_Cal.

.resources

Sci_Cal.

.resources

Equals

get_ProjectItems

System.Collections

RegistryOptions

get_Members

System.Runtime.Serialization.Formatters

CodeClass

get_Projects

get_CodeElements

get_Z1s21249azD6E6t

set_Z1s21249azD6E6t

Format

get_Dfba0C2I3616Sbt

set_Dfba0C2I3616Sbt

get_ContainingProject

RightToLeft

ToLowerInvariant

CodeElement

get_Current

System.Collections.Concurrent

System.Deployment.Internal.Isolation.Manifest

ToList

MoveNext

System.Text

ManifestEtw

System.Security.Cryptography

Assembly

System.Runtime.Serialization.Formatters.Binary

COMServerEntry

op_Equality

i`{`u`7`

)<cXcRcac^cbc^cUccc

cBcPc]cbc

cBcTcacXcUc

*:<:6:,:-:+:

>VPVJV?VHVNV

70I0C0H0F0G0D0D0I0

=:=:=?=

Mm_mYmWmZmRm

S V N

WrapNonExceptionThrows

Sci_Cal

2019

$f19c0e2f-8d7d-4aff-bb26-b8cfb1b846ca

1.0.0.0

txtscreen

btnadd

btnminus

btnmul

btndiv

btndec

btneql

btnclr

btnbacksp

btnsin

btncos

btntan

btnrecipro

btnsinh

btncosh

btntanh

btnsqroot

btnsqr

btncube

btnlog

MyTemplate

11.0.0.0

3System.Resources.Tools.StronglyTypedResourceBuilder

16.0.0.0

KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator

16.10.0.0

4System.Web.Services.Protocols.SoapHttpClientProtocol

Create__Instance__

Dispose__Instance__

My.Computer

My.Application

My.User

My.WebServices

My.Settings

_CorExeMain

mscoree.dll

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>

</requestedPrivileges>

</security>

</trustInfo>

</assembly>PAPADDINGXXPADDINGPADDINGX

/0123456

!"#$%&'()*+,-.1

!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~

Q_.5<Ct

Sci_Cal.Resources

BIG_DISCORD_LINK_STRING

snmpath

membertoinvoke

Microsoft Sans Serif

txtscreen

btnadd

btnminus

btnmul

btndiv

btndec

btneql

btnclr

btnbacksp

btnsin

btncos

btntan

btnrecipro

btnsinh

btncosh

btntanh

btnsqroot

btnsqr

btncube

btnlog

ScientificCalculator

Scientific Calculator

UaP6f420

A82VL0B

Xaa6Ca98

Acy6m4Zg

Sci_Cal.

AlienRunPE.AlienRunPE.

VS_VERSION_INFO

VarFileInfo

Translation

StringFileInfo

000004b0

Comments

CompanyName

FileDescription

Sci_Cal

FileVersion

1.0.0.0

InternalName

Sci_Cal.exe

LegalCopyright

2019

LegalTrademarks

OriginalFilename

Sci_Cal.exe

ProductName

Sci_Cal

ProductVersion

1.0.0.0

Assembly Version

1.0.0.0

Antivirus	Signature
Bkav	Clean
Lionic	Trojan.MSIL.NanoBot.m!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.MSILHeracles.27607
FireEye	Generic.mg.bb5b3ca8658a2f79
CAT-QuickHeal	Clean
ALYac	Gen:Variant.MSILHeracles.27607
Cylance	Unsafe
VIPRE	Clean
Sangfor	Suspicious.Win32.Save.a
K7AntiVirus	Trojan-Downloader ( 0058830e1 )
BitDefender	Gen:Variant.MSILHeracles.27607
K7GW	Trojan-Downloader ( 0058830e1 )
Cybereason	malicious.03e9ba
BitDefenderTheta	Clean
Cyren	W32/MSIL_Agent.CFL.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/TrojanDownloader.Agent.IXG
Baidu	Clean
APEX	Malicious
Paloalto	generic.ml
ClamAV	Clean
Kaspersky	HEUR:Backdoor.MSIL.NanoBot.gen
Alibaba	Backdoor:MSIL/NanoBot.83663f3c
NANO-Antivirus	Clean
ViRobot	Clean
Rising	Clean
Ad-Aware	Gen:Variant.MSILHeracles.27607
Emsisoft	Gen:Variant.MSILHeracles.27607 (B)
Comodo	Clean
F-Secure	Clean
DrWeb	Clean
Zillya	Clean
TrendMicro	Clean
McAfee-GW-Edition	RDN/Generic Downloader.x
CMC	Clean
Sophos	Mal/Generic-S
SentinelOne	Static AI - Malicious PE
GData	Gen:Variant.MSILHeracles.27607
Jiangmin	Clean
Webroot	W32.Trojan.Gen
Avira	TR/Dldr.Agent.icirp
MAX	malware (ai score=88)
Antiy-AVL	Clean
Kingsoft	Clean
Gridinsoft	Trojan.Win32.Downloader.sa
Arcabit	Clean
SUPERAntiSpyware	Clean
ZoneAlarm	Clean
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win.Generic.C4662731
Acronis	Clean
McAfee	RDN/Generic Downloader.x
TACHYON	Clean
VBA32	TScope.Trojan.MSIL
Malwarebytes	Trojan.Downloader
Panda	Trj/CI.A
Zoner	Clean
TrendMicro-HouseCall	TROJ_GEN.R002H0DIT21
Tencent	Msil.Trojan-downloader.Agent.Pgmt
Yandex	Trojan.DL.Agent!6jeGLiTgEp0
Ikarus	Trojan-Downloader.MSIL.Agent
MaxSecure	Clean
Fortinet	MSIL/Agent.IXG!tr.dldr
AVG	Win32:Trojan-gen
Avast	Win32:Trojan-gen
CrowdStrike	win/malicious_confidence_60% (W)

Static Analysis

PE Compile Time

PE Imphash

Sections

Resources

Imports