popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2078-10-22 01:59:34

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x000039f4 0x00003a00 6.11211876715
.rsrc 0x00006000 0x00010ef8 0x00011000 5.1607074418
.reloc 0x00018000 0x0000000c 0x00000200 0.0815394123432

Resources

Name Offset Size Language Sub-language File type
RT_ICON 0x00006130 0x00010828 LANG_NEUTRAL SUBLANG_NEUTRAL dBase IV DBT, blocks size 0, block length 2048, next free block index 40, next free block 0, next used block 0
RT_GROUP_ICON 0x00016958 0x00000014 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_VERSION 0x0001696c 0x0000039e LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_MANIFEST 0x00016d0c 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
$,z Sm
lotlX 0
3 4x _
{?Ye ,
O<a c
e O?Y!a
Tw&e
Tw&e
&|Xf m
lotlX
$,z Sm
ee ubH
x/a T`
'D@0e T%,ra Q
'D@0e T%,ra
v4.0.30319
#Strings
ConsoleApp8
ConsoleApp8.exe
<Module>
Difcgiuwwnzwou.Models
Object
System
mscorlib
Iterator
Difcgiuwwnzwou.Shared
RepositoryPageRecord
Difcgiuwwnzwou.Records
AdvisorQueueImporter
Difcgiuwwnzwou.Importers
Resources
Difcgiuwwnzwou.Properties
Settings
ApplicationSettingsBase
System.Configuration
<Module>{d7ee7bb8-5a97-4671-8def-7dffe224de69}
String
ParameterizedThreadStart
System.Threading
IntPtr
Thread
Console
WriteLine
SearchDic
JsonConvert
Newtonsoft.Json
DeserializeObject
Exception
get_Message
JsonSerializerSettings
set_ConstructorHandling
ConstructorHandling
StartDic
SortDic
List`1
System.Collections.Generic
ServicePointManager
System.Net
set_SecurityProtocol
SecurityProtocolType
GetDomain
AppDomain
WebClient
DownloadData
Assembly
System.Reflection
GetExportedTypes
AddRange
IEnumerable`1
ConnectDic
Enumerator
GetEnumerator
get_Current
InvokeMember
BindingFlags
Binder
MoveNext
Boolean
IDisposable
Dispose
DisableDic
IEnumerator`1
IEnumerator
System.Collections
set_ObjectCreationHandling
ObjectCreationHandling
Auckland
m_Value
setter
IList`1
PushDic
SetupDic
ReadDic
InstantiateDic
instance
ResolveDic
Encoding
System.Text
get_UTF8
GetBytes
LoginDic
DefineDic
config
ArgumentNullException
ResourceManager
System.Resources
_Class
CultureInfo
System.Globalization
get_ResourceManager
GetTypeFromHandle
RuntimeTypeHandle
get_Assembly
get_Culture
set_Culture
Culture
defaultInstance
get_Default
.cctor
SettingsBase
Synchronized
Default
m_eaa258c0d8ea4715a585a52ff8b34fc2
m_3ef75eba0a114eb9beb59941f4dd423e
m_88327185b81642ab84ee0c07eab4a6db
m_1fc25766a1bb479eba9c09b3677f2838
m_4c0e305ae55d4952866ecd7a9ee4a871
m_28c71cfdaf374113b1b15a5311e4b868
m_9c43b61357fe4956992a865b67090a04
m_057691334826407d8bb67a53fc4a1620
m_805e1dae7b524beab08e4d38db9c88b5
m_ab01026a4255418090933a31c45c6a1e
m_3aea86a3346d4f069c9252fecc80d413
m_11cf535df61b41ab9d924988deee5fe8
m_df774c2fe80b43b5ba8fddcc9ffe2a17
m_c877d097415c48f3ab7762fc9a078c6c
m_03f87316c1074e79ba5ce0704b646ece
m_6e55a8bb5b3540cf88771834431c5374
m_3c0a33f4e86a4918b3a8f579732b3827
m_3f0465808c2c40d994cddec4de00aa8a
m_463ad98cade442f1869ade44a9da34d1
m_7c96ebbfcd2441d2beec73ed7321c4a6
m_e0b91437259f44228fd3e8371e21d5cb
m_8dd57810320743eab6a6e5f2f556defc
m_cf601e76ba294e96b21f33f4fc25371e
m_074cec6588a943ebb8ead2539aeb3293
m_e7d440e655954ce7a76309d0536c8961
m_28df9976562c4e47b2dd31f902ebfb54
m_1f310fe6bc424389b27af9b3763bfa90
m_d7aab9e2ad124726b092de47085913bf
m_c0fe6495d4374ce5b4e683ee767f6ca3
m_689d20382cd04709a45284b8437ce8c5
m_237a0359b7d24abd825a84a1eeb3cf56
m_7288d7ae2605498dae82e36b9fab41d9
m_43b1f68e063343699979c08ee53eb93b
m_ab0758da5bb546de98b3353a95b3fac1
m_67b693d20fff4441bc92918e3c20c803
m_af9218ede5a947ffaaa2c5888d9c315e
m_aef5bf3bd18149b3948d1725b6ffbfe3
m_dd2ee574004440299570ca23f5671011
m_0a9184e030d140e4bba45f3ac3e7d944
m_394ac0c24a93474ba32e96e06f9e3254
m_7233e510870949d9836436ade3c25e99
m_35d21ec1659240be8150ad76c280c8cb
m_42613f3f6f944842a005c7df727be6ec
m_50fb389800d24d0eb3cf7f98c0d6b3ed
m_9397c7e796014f3e94fd9a3de05b6087
m_792f6628c1404d429cec15cdcf64b292
m_89055577667047de9044ae28ef1d66b6
m_a655c354f0964ca3b763ec8f3dcae0b0
m_c092ef5266414f44b7cb1c625bab9d82
m_5bc5c640d5dc4e8e927e27906560d7d8
m_b7a283fdab6e40ecb7cb957cdf78c5b0
m_d8cdc651be6a4faf96b29b5c30efcac3
m_14aec0d1f7f949bb8c2103c2c7656003
m_09db49ab215e4ca3860452ca71b294f4
m_1a08be9ab40344a9b6e90fe1c1e27412
m_bfc582e8baa048b7aeede8e52af2b3a7
m_eda59527d64042e1ba5087d321a47e8f
m_59a9c95b9e1946a5aa86dc6713c0d32d
m_085db99752d04b81a42868fb95a5a68e
m_8024a29e6c41419aa81328c004a5f223
m_cf56052b63c44208af3354cafcb02c42
m_057ca8875fc74cfaad4cd2a32d8bfa7a
m_2e255e4c66f047ef8a72b5224368a4ae
m_a48fd7a8b9bc4f6c9762e344df8decbe
m_c148b8a7fcb44057b9aced765dedc21f
m_b7d4bacb1acc46729c8ba58ad6947aff
m_0815e88c47fd473db930738fc184a2d4
m_807a9529252143ef8936fc5338999656
m_914262a513e74495ab837f78a32abf50
m_28d0794ba96b43068a5ed19b55b30609
m_3c1b9fd310664228875edc8f0965ce82
m_54db3d4c1c7e4954878a8c353c7f826b
m_6be2fdc0b0ec4220b31f7696e7450ee1
m_424c554c15434eddb0c0057ec3f84cc8
m_d37e744dd5dd483282343adbeede30ea
m_59c13d6c81534da194529f095ac3369f
m_b999321d60224d629e39ac2c9b041c9f
m_4ad5a946af8f45c8927f0637d2c98cf1
m_d9120806177e44b8a7aaba6f3b2991a8
m_ec57d1de9b1b4d0e845f1806d302dc34
m_6e3fbc1229d84e989cabee12b3d5f117
m_52c5faa80a534376abb24d78f184786f
m_258f7aec748b420a8147ed2691ec8678
m_9aa4a1b92ed5443ebf8032a3292ac950
m_153054af3d9449ad94e162d509dcefe0
m_538d585c089c44f9ad39336cbd7dc8f1
m_597a207ad89a487ab3ae950c4273de05
m_3fff1626b71f408cb4c760e2a20f164f
m_dbf8aee1b3704e9aa5b7cf527364c9ef
m_a24ba08ca1df4e17b11bbb4778f2bae5
m_b0b4db9afa43453fb27ad09d3acbfeb9
m_f94699dd1a9f44ad8da42bdd72ea3f4d
m_45746fcc272a44c988106fa0b4e0bab8
m_592477fc50264299875ca4dbdf6cdf20
m_8e4ac5e1793f48c6a76168bee452dd8a
m_48b608f283184f98a6ea31f72fc99f4e
m_707a00509c514a8ca1de55ed9fb05220
m_e77616adc92b4237baac3a4146ea05c3
m_a9c39883b4b44467bbf3b122a6622c18
m_700804921d1e45beb61682dae75e5e90
m_43bd7b2f287c44739f6c0e4472b0379c
m_aa18cb9f53c148ca94e912558034b2f6
m_9e2857e1dbbc49f18c95b32c3807c656
m_5d8863f6b8434ac58a52ea325ae8a468
m_20bd67fd81a54e97bba3dd99d87071e1
m_2891374209b04d0abdf2c5d5abca41d6
m_d1158755b209438b9327792b4cb4da23
m_600903edd2e34dcabaada4d22d7242f5
m_42364d0ddead45f4a620b0ad7f804b5e
m_10f1435a41404b7bafa763cfc0ca8e16
m_1fe78baac4154396967aa6fb8a159968
m_2dc7cd06e914402b8567491a2da7aa00
m_fd379f85f0cf4b6fbf4f140df9c40456
m_2790b6eeb9524213b4368bb697bfbae4
m_f4a9e140200949778f2badf8f72d2a74
m_cd3b2fbdec7449bbb8bd1ee3d4da156e
m_d1823810394d47f5ba1d1efd24196b18
m_ec343b416df045bc87508ae63985dfa8
w744fdd5a554041eb84d08aebf561cbc4
ExtensionAttribute
System.Runtime.CompilerServices
System.Core
CompilationRelaxationsAttribute
RuntimeCompatibilityAttribute
DebuggableAttribute
System.Diagnostics
DebuggingModes
AssemblyTitleAttribute
AssemblyDescriptionAttribute
AssemblyConfigurationAttribute
AssemblyCompanyAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyTrademarkAttribute
ComVisibleAttribute
System.Runtime.InteropServices
GuidAttribute
AssemblyFileVersionAttribute
TargetFrameworkAttribute
System.Runtime.Versioning
STAThreadAttribute
CompilerGeneratedAttribute
GeneratedCodeAttribute
System.CodeDom.Compiler
DebuggerNonUserCodeAttribute
EditorBrowsableAttribute
System.ComponentModel
EditorBrowsableState
Difcgiuwwnzwou.Properties.Resources.resources
WrapNonExceptionThrows
WinRAR archiver
Alexander Roshal
WinRAR
'Copyright
Alexander Roshal 1993-2019
$7fdeb8a1-315c-44dd-942d-2417140cee28
5.71.0.0
.NETFramework,Version=v4.0
FrameworkDisplayName
.NET Framework 4A
3System.Resources.Tools.StronglyTypedResourceBuilder
16.0.0.0
KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator
11.0.0.0
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
_CorExeMain
mscoree.dll
90!U?4#
NA+|PD.
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
{'Url':'http://www.google.com'}
https://store2.gofile.io/download/9f0e979e-fbb3-45f6-bf56-791d49d1e99f/Dauzgvebbdn.dll
OBXPZK8QVL
'Name': 'James',
'Offices': [
'Auckland',
'Wellington',
'Christchurch'
Auckland
Wellington
Christchurch
Qyrhqxzbd
website
Difcgiuwwnzwou.Properties.Resources
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
WinRAR archiver
CompanyName
Alexander Roshal
FileDescription
WinRAR archiver
FileVersion
5.71.0.0
InternalName
ConsoleApp8.exe
LegalCopyright
Copyright
Alexander Roshal 1993-2019
LegalTrademarks
OriginalFilename
ConsoleApp8.exe
ProductName
WinRAR
ProductVersion
5.71.0.0
Assembly Version
5.71.0.0
Antivirus Signature
Bkav Clean
Lionic Clean
Elastic malicious (high confidence)
MicroWorld-eScan Gen:Variant.Ursu.391437
FireEye Generic.mg.41347ab5d1775166
CAT-QuickHeal Clean
McAfee Clean
Cylance Clean
VIPRE Clean
Sangfor Clean
CrowdStrike Clean
BitDefender Gen:Variant.Ursu.391437
K7GW Clean
K7AntiVirus Clean
Arcabit Clean
BitDefenderTheta Gen:NN.ZemsilF.34218.fm0@aGOghRe
Cyren W32/MSIL_Kryptik.FVA.gen!Eldorado
ESET-NOD32 a variant of MSIL/Kryptik.ADFA
Baidu Clean
APEX Malicious
Paloalto generic.ml
ClamAV Clean
Kaspersky UDS:DangerousObject.Multi.Generic
Alibaba Clean
NANO-Antivirus Clean
ViRobot Clean
Rising Clean
Ad-Aware Gen:Variant.Ursu.391437
Sophos Clean
Comodo Clean
F-Secure Clean
DrWeb Clean
Zillya Clean
TrendMicro Clean
McAfee-GW-Edition Clean
CMC Clean
Emsisoft Gen:Variant.Ursu.391437 (B)
Ikarus Clean
Jiangmin Clean
MaxSecure Clean
Avira Clean
MAX malware (ai score=86)
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Clean
Microsoft Trojan:Win32/Sabsik.FL.B!ml
SUPERAntiSpyware Clean
ZoneAlarm Clean
GData Gen:Variant.Ursu.391437
Cynet Malicious (score: 100)
AhnLab-V3 Clean
Acronis Clean
VBA32 Trojan-Downloader.MSIL.gen
TACHYON Clean
Malwarebytes Clean
Panda Clean
Zoner Clean
TrendMicro-HouseCall Clean
Tencent Clean
Yandex Clean
SentinelOne Static AI - Malicious PE
eGambit Clean
Fortinet Clean
Webroot Clean
AVG Win32:CrypterX-gen [Trj]
Avast Win32:CrypterX-gen [Trj]
No IRMA results available.