Static | ZeroBOX

PE Compile Time

2062-06-08 20:55:58

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x000064a4 0x00006600 5.88912533575
.rsrc 0x0000a000 0x000005b8 0x00000600 4.12262870231
.reloc 0x0000c000 0x0000000c 0x00000200 0.0815394123432

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x0000a0a0 0x0000032c LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_MANIFEST 0x0000a3cc 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain

!This program cannot be run in DOS mode.
`.rsrc
@.reloc
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP<
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
v4.0.30319
#Strings
ContextValue`1
ThreadSafeObjectProvider`1
<Module>
Dispose__Instance__
Create__Instance__
mscorlib
Microsoft.VisualBasic
Synchronized
CreateInstance
get_GetInstance
defaultInstance
instance
GetHashCode
RuntimeTypeHandle
GetTypeFromHandle
hModule
procName
lpFileName
GetType
get_Culture
set_Culture
resourceCulture
ApplicationBase
ApplicationSettingsBase
Ultimate
EditorBrowsableState
CompilerGeneratedAttribute
GuidAttribute
HelpKeywordAttribute
GeneratedCodeAttribute
DebuggerNonUserCodeAttribute
DebuggableAttribute
EditorBrowsableAttribute
ComVisibleAttribute
AssemblyTitleAttribute
StandardModuleAttribute
HideModuleNameAttribute
AssemblyTrademarkAttribute
TargetFrameworkAttribute
DebuggerHiddenAttribute
AssemblyFileVersionAttribute
MyGroupCollectionAttribute
AssemblyDescriptionAttribute
CompilationRelaxationsAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyCompanyAttribute
RuntimeCompatibilityAttribute
get_Value
set_Value
GetObjectValue
dwSize
System.Runtime.Versioning
ToString
Microsoft.VisualBasic.MyServices.Internal
System.ComponentModel
kernel32.dll
Ultimate.dll
hReservedNull
System
resourceMan
System.ComponentModel.Design
get_Application
MyApplication
System.Configuration
System.Globalization
System.Reflection
CultureInfo
m_AppObjectProvider
m_UserObjectProvider
m_ComputerObjectProvider
m_MyWebServicesObjectProvider
get_ResourceManager
System.CodeDom.Compiler
get_User
get_Computer
MyComputer
Activator
.cctor
System.Diagnostics
Microsoft.VisualBasic.Devices
get_WebServices
MyWebServices
Microsoft.VisualBasic.ApplicationServices
System.Runtime.InteropServices
Microsoft.VisualBasic.CompilerServices
System.Runtime.CompilerServices
System.Resources
Ultimate.My.Resources
Ultimate.Resources.resources
DebuggingModes
dwFlags
get_Settings
MySettings
ReferenceEquals
RuntimeHelpers
MainClass
GetProcAddress
lpAddress
Object
MyProject
lpflOldProtect
VirtualProtect
flNewProtect
get_Default
m_Context
LoadLibraryEx
Ultimate.My
get_Assembly
MySettingsProperty
WrapNonExceptionThrows
Ultimate
Copyright
2021
$0f2409c3-88f0-4881-aa4d-49a41c01c985
1.0.0.0
.NETFramework,Version=v4.0
FrameworkDisplayName
.NET Framework 4
MyTemplate
11.0.0.0
3System.Resources.Tools.StronglyTypedResourceBuilder
4.0.0.0
KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator
11.0.0.0
4System.Web.Services.Protocols.SoapHttpClientProtocol
Create__Instance__
Dispose__Instance__
My.Computer
My.Application
My.User
My.WebServices
My.Settings
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
_CorDllMain
mscoree.dll
v4.0.30319
#Strings
get_E2928IXZ4cY66X0
get_B4146cfa10ad6a0
get_J2AOdSvbe1d22I1
MemberInfoCache`1
List`1
Lazy`1
ToUInt32
ToInt32
WindowsApp2
get_BcdQ72fc31xuhe3
get_F90c696815Cw6f3
<get_Claims>d__37
get_Bd7bBda8398f9
<Module>
CONNECTDATA
get_C4e86M5fcJe66AK
System.IO
get_F2Y24abVXg9R
set_F2Y24abVXg9R
UCOMIEnumVARIANT
ProjectData
mscorlib
System.Collections.Generic
Microsoft.VisualBasic
Synchronized
Append
GetMethod
get_Nf0iPea4e5c3sd
CreateInstance
get_GetInstance
TokenSource
GetHashCode
set_AutoScaleMode
Message
RuntimeTypeCache
Invoke
IDisposable
RuntimeTypeHandle
GetTypeFromHandle
ObjectAuditRule
CacheType
RuntimeType
SecurityProtocolType
ProviderType
GetType
Capture
MethodBase
ConsoleApplicationBase
ApplicationSettingsBase
Dispose
EditorBrowsableState
ThreadStaticAttribute
STAThreadAttribute
CompilerGeneratedAttribute
DesignerGeneratedAttribute
GuidAttribute
HelpKeywordAttribute
GeneratedCodeAttribute
DebuggerNonUserCodeAttribute
DebuggableAttribute
EditorBrowsableAttribute
ComVisibleAttribute
AssemblyTitleAttribute
StandardModuleAttribute
HideModuleNameAttribute
DebuggerStepThroughAttribute
AssemblyTrademarkAttribute
TargetFrameworkAttribute
DebuggerHiddenAttribute
AssemblyFileVersionAttribute
MyGroupCollectionAttribute
AssemblyDescriptionAttribute
CompilationRelaxationsAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
ParamArrayAttribute
AssemblyCompanyAttribute
RuntimeCompatibilityAttribute
WriteByte
ToByte
get_Value
m_ThreadStaticValue
GetObjectValue
set_Expect100Continue
CapiNative
set_ClientSize
get_Dbfe766cf1dXezf
System.Threading
System.Runtime.Remoting.Messaging
System.Runtime.Versioning
DownloadString
ToString
disposing
System.Runtime.Remoting
System.Drawing
get_Length
Marshal
ClaimsPrincipal
System.ComponentModel
System.Security.Util
set_SecurityProtocol
ContainerControl
System.Security.AccessControl
MemoryStream
get_Item
System
LoadFrom
ToBoolean
System.ComponentModel.Design
get_Location
System.Configuration
System.Globalization
Interaction
System.Reflection
MatchCollection
GroupCollection
SemaphoreFullException
DSASignatureDescription
MethodInfo
CultureInfo
ICustomAttributeProvider
StringBuilder
ResourceManager
ServicePointManager
RemotingConfigHandler
System.CodeDom.Compiler
IContainer
Computer
Tokenizer
ClearProjectError
SetProjectError
IEnumerator
GetEnumerator
Activator
.cctor
UIntPtr
System.Diagnostics
Microsoft.VisualBasic.Devices
Microsoft.VisualBasic.ApplicationServices
System.Runtime.InteropServices
Microsoft.VisualBasic.CompilerServices
System.Runtime.CompilerServices
System.Resources
WindowsApp2.
.resources
DebuggingModes
Matches
ReferenceEquals
System.Security.Claims
System.Windows.Forms
Contains
Conversions
System.Text.RegularExpressions
System.Collections
get_Groups
RuntimeHelpers
Concat
GetObject
System.Net
WebClient
get_Current
Convert
MoveNext
System.Text
set_Text
WindowsApp2.My
ToArray
System.Security.Cryptography
get_Assembly
op_Inequality
KvKyK{K
WrapNonExceptionThrows
WindowsApp2
Copyright
2021
$a010db0e-5a4a-441b-b857-6c551d383e6f
1.0.0.0
.NETFramework,Version=v4.0
FrameworkDisplayName
.NET Framework 4
MyTemplate
11.0.0.0
My.Computer
My.Application
My.User
My.WebServices
4System.Web.Services.Protocols.SoapHttpClientProtocol
Create__Instance__
Dispose__Instance__
3System.Resources.Tools.StronglyTypedResourceBuilder
16.0.0.0
KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator
16.10.0.0
My.Settings
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
o%!rL@
kZk>?R
-u1,Wom/R
-PUrP$
%@i`$Q
5l*}X?or
dU[O0~
a){|qD;
a\37SQg:
'aI#@j
!sv2I8
LFMwK;
3^HYX^
w(lF:*
k$nKQJ
;MRB
'RvWCh#b@
0~*G "
8$*@-p
e5L[i8
lTZLYG(
;"5%4!
HD~|-Z
s{g^KE
Hk @h
)H:-M.
#_{RG+
\0EbTI
?E'^fA
,]A?Qy
aSO<PG,
u: (~
Vso=07
$(5<:^
lw^M}C
*NW {8
NL^#4tI
glq&3M
MH3wB=cG
W(B`//
MA;uGm)
!_zp_d
8nus<&
+:&\-49
}r]+I_
)&Kn>M
ic^99q;
z^*)%3
~Uck_1H
I?D7,c5>m
`~sCO>
.#sPN
/tGMowe>
7laaQf
gt/'U8
:\v_RU
He}oPA
X}+zo
h$i0_&
VkTZ@}
B4{(vp+
CE)8D(
C%M-YK
[<-2|K
Ne#pO]
HdA^l0
A<i}de
/4u=2i
YM!HZ]*
Erbg,@
-xy>,_
w,M$?-
fLUE2{6m
0*$)f%
:6hB|r
r? .$Z
|hSezX
%wt+S@
:CM&VV
o(J$c)
HVb1_wS
O;7'{9
ebc:_0
}uJPa|
oCy=><y
W((jV<
B{y5-bcJ
LHy;4*w
]Jcvoa
\RcM\d
7?h~0r=5
1.jPBr
Tp5;,X
iykuma
<^KfPt
)d\2jd
X^sSi2m
mz'H1
N*vUH<
~HdRy,
A9S18!h
p;->H t
!#Lk*y
K`S$<6
)%Gp"4
ceWu^4
`#5EXY9
VG,gSJ
wh0<J66&
tj_NpX3]
Ly.*9
3&<Ds$%2M
DigiCert Inc1
www.digicert.com1$0"
DigiCert Assured ID Root CA0
131022120000Z
281022120000Z0r1
DigiCert Inc1
www.digicert.com110/
(DigiCert SHA2 Assured ID Code Signing CA0
p1f3q>
http://ocsp.digicert.com0C
7http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
4http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
4http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0O
https://www.digicert.com/CPS0
DigiCert Inc1
www.digicert.com110/
(DigiCert SHA2 Assured ID Code Signing CA0
191015000000Z
221019120000Z0o1
Prague1
Avast Software s.r.o.1
RE 9991
Avast Software s.r.o.0
'A_EMS ~k
/http://crl3.digicert.com/sha2-assured-cs-g1.crl05
/http://crl4.digicert.com/sha2-assured-cs-g1.crl0L
https://www.digicert.com/CPS0
http://ocsp.digicert.com0N
Bhttp://cacerts.digicert.com/DigiCertSHA2AssuredIDCodeSigningCA.crt0
DigiCert Inc1
www.digicert.com110/
(DigiCert SHA2 Assured ID Code Signing CA
http://www.avast.com0/
20200429074602Z
DigiCert Inc1
www.digicert.com110/
(DigiCert SHA2 Assured ID Timestamping CA0
191001000000Z
301017000000Z0L1
DigiCert, Inc.1$0"
TIMESTAMP-SHA256-2019-10-150
gz8wT@
https://www.digicert.com/CPS0
,http://crl3.digicert.com/sha2-assured-ts.crl02
,http://crl4.digicert.com/sha2-assured-ts.crl0
http://ocsp.digicert.com0O
Chttp://cacerts.digicert.com/DigiCertSHA2AssuredIDTimestampingCA.crt0
J/nz<cn7
DigiCert Inc1
www.digicert.com1$0"
DigiCert Assured ID Root CA0
160107120000Z
310107120000Z0r1
DigiCert Inc1
www.digicert.com110/
(DigiCert SHA2 Assured ID Timestamping CA0
fnVa')
http://ocsp.digicert.com0C
7http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
4http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
4http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0P
https://www.digicert.com/CPS0
8aMbF$
V3"/"6
DigiCert Inc1
www.digicert.com110/
(DigiCert SHA2 Assured ID Timestamping CA
200429074602Z0+
Ultimate
Ultimate.Resources
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
Ultimate
FileVersion
1.0.0.0
InternalName
Ultimate.dll
LegalCopyright
Copyright
2021
LegalTrademarks
OriginalFilename
Ultimate.dll
ProductName
Ultimate
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0
WindowsApp2.
Dbfe766cf1dXezf
([a-zA-Z.,]*)
+M[i]098cr600os52of99/t.Vis[u]a[l]B[a]s[i]c[.C]o[m]p[875]il[erSe]r9[v8i]ces.7V[ers]8ioned
+3C532a5[23]l5[l2]B6]4[2]4[yN]6a[m]28[39]5[8]7[[7]e[7]8]
https://cdn.discordapp.com/attachments/893177342426509335/901105964105736232/95B17865.jpg|https://cdn.discordapp.com/attachments/893177342426509335/901105965397577808/C24F9F86.jpg
32532G231364536e523452t3533265T365y7p54e75,7A46s866s57e5m865b865ly,45L6o46a546d5,6E3n45t35ry4P52o4i32n43t4,24I32n532v5o235k234e3
1G321321e31312tT2y123123pe213
124A13s43se1214mbl124y412414
421422356345Lo3463463566563452352ad54646363
324G34et543534Ty32432pe
[!@#Ul]ti124[4m34a325t32e5]245.45M34[634a6i3456n5]654C65l36[3565a65s5]6s
123[3L24o325]5a43d636[54L767i56]87b876r96a9[689r67y856]7E54]64x3[
364Get436T636ype463
4757As6546se67845mbl76y
754767Lo666666a6654d
G34534543etT345435345y65465pe
[123V324]32i5r54t543[6u56a54]76l765P65r8[58o768t79]68e08c086[9t68]
78G68etT678ype678
636As688sembl34543y
654L4754o34534ad
546546Ge3453t43535T345453yp65365e
[G32e432t4]325[54P5r4]54o35c435[43A54d6]5d54[7r65]7e5s8[7s558]
1/2=3a4_1m293[4s1i2.3]4[1d236l431l2374
1=2A3/4m1]2s3'4i1S2c3a4[1[2n3]4B1[2[3u4f1f2]3]4[1e23]43122r3
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
WindowsApp2
FileVersion
1.0.0.0
InternalName
WindowsApp2.exe
LegalCopyright
Copyright
2021
LegalTrademarks
OriginalFilename
WindowsApp2.exe
ProductName
WindowsApp2
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0
RAny use of this Certificate constitutes acceptance of the DigiCert CP/CPS and the Relying Party Agreement which limit liability and are incorporated herein by reference
Antivirus Signature
Bkav Clean
Lionic Clean
Elastic malicious (high confidence)
DrWeb Clean
MicroWorld-eScan Clean
FireEye Generic.mg.66906a29cfa4ad3d
CAT-QuickHeal Clean
McAfee Clean
Cylance Clean
VIPRE Clean
Sangfor Clean
K7AntiVirus Clean
BitDefender Clean
K7GW Clean
Cybereason malicious.45d9ef
BitDefenderTheta Gen:NN.ZemsilF.34236.hm3@ayY63Yc
Cyren W32/MSIL_Kryptik.EHH.gen!Eldorado
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of MSIL/TrojanDownloader.Agent.JFB
Zoner Clean
TrendMicro-HouseCall Clean
Paloalto Clean
ClamAV Clean
Kaspersky VHO:Trojan-Spy.Win32.Convagent.gen
Alibaba Clean
NANO-Antivirus Clean
ViRobot Clean
Rising Clean
Ad-Aware Clean
Sophos ML/PE-A
Comodo Clean
F-Secure Clean
Baidu Clean
Zillya Clean
TrendMicro Clean
McAfee-GW-Edition Clean
SentinelOne Static AI - Malicious PE
CMC Clean
Emsisoft Clean
Ikarus Trojan-Downloader.MSIL.Agent
GData Gen:Variant.MSILHeracles.29223
Jiangmin Clean
Webroot Clean
Avira Clean
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Clean
Arcabit Clean
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft Trojan:Win32/Sabsik.FL.B!ml
Cynet Malicious (score: 100)
AhnLab-V3 Clean
Acronis Clean
VBA32 Clean
ALYac Clean
MAX Clean
Malwarebytes Trojan.Downloader.MSIL.Generic
Panda Clean
APEX Malicious
Tencent Clean
Yandex Clean
TACHYON Clean
eGambit PE.Heur.InvalidSig
Fortinet MSIL/Agent.JFB!tr.dldr
AVG Win32:MalwareX-gen [Trj]
Avast Win32:MalwareX-gen [Trj]
CrowdStrike win/malicious_confidence_60% (D)
MaxSecure Clean
No IRMA results available.