popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2021-10-25 16:24:26

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x0002d174 0x0002d200 7.72309143799
.rsrc 0x00030000 0x000a2e52 0x000a3000 3.3839280291
.reloc 0x000d4000 0x0000000c 0x00000200 0.101910425663

Resources

Name Offset Size Language Sub-language File type
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_ALBANIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_DIALOG 0x000d2270 0x00000076 LANG_ALBANIAN SUBLANG_NEUTRAL data
RT_STRING 0x000d22e8 0x00000178 LANG_ALBANIAN SUBLANG_NEUTRAL data
RT_GROUP_ICON 0x000d27f4 0x00000148 LANG_ALBANIAN SUBLANG_NEUTRAL data
RT_GROUP_ICON 0x000d27f4 0x00000148 LANG_ALBANIAN SUBLANG_NEUTRAL data
RT_GROUP_ICON 0x000d27f4 0x00000148 LANG_ALBANIAN SUBLANG_NEUTRAL data
RT_GROUP_ICON 0x000d27f4 0x00000148 LANG_ALBANIAN SUBLANG_NEUTRAL data
RT_VERSION 0x000d293c 0x0000032c LANG_ALBANIAN SUBLANG_NEUTRAL data
RT_MANIFEST 0x000d2c68 0x000001ea LANG_ALBANIAN SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
Ivan Medvedev
PeaZYf
eefae b
efXa I
X9baYY}
ZeaYf}
3KYYY}
=eYX ?
t ,/lZaaa}
eYYeY
\fX ="6
Yfa Ve
bZXYYe}
)rtl^_[
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADPqr;5
(SsaS1
`iL<yvx
C#G\UP
"^w6,r
Fma|G\
zpH]mx
2b`mi:k
%beQzIz
OLpJHEz
TqhM*|
DzQ;D&X=
z|g$X^/
~|[u0Z
N$[Bb?
`T0x^;Q
Z/?hZ.
cD+;1~
&X[;!\Qd
#>H-Ej
D"BAor3
ZSE&h|
C5.E4E
!jQPM@
"BAor3
8XVG4Q
%{knJq8
GxS|}Z=2
cRQvA2
[NdiwU
?(;SbQ
K\YTR,
>:CN9,
T?W%@a
2Z=ajL
)kq8*H|
)kq8*H|
,v_lT-
B'vS#t
t_.S*_
e~sv-'&-
IY:sSV
W+Vw,fz
kx'<1,
m2[s\]J
A-O=L^
Bl\hw:s;
Qc@aA/
r5Y28j
*PT',;
A-'>xl
A-'>xl
tVEdNR
A-'>xl
A-'>xl
A-'>xl
A-'>xl
A-'>xl
A-'>xl
N_1=Yvs
A-'>xl
*/=^R[O
A-'>xl
rvz1BH
)E~TVF
)tUr-p
Sf' "n'
$;mD":d
p|_=ni
,iK,Gy
)F8wjE
?vuo3%
aX3h39>
?vuo3%
mB?h7'
"*=:>U
zQt_7N
lIJ\6~x*j
m@Vk,B
Xh5$,X
?Aegm8
E`9t*9E
OVt^ekE,d
80qN9c
@dI>'o
b;UERAb
#k9"dP
PA)T=M
uS&wzX
)8{};w?*
k{e<Ja
6WQA)shu
0s(}{{<
Vj'u2J
8L|aC
@!tK/f!f
MH1K'K
d(4\+V
FcR|Ts
_5B!r!
;q0-][D
?/WAz/I
1>1@d_
MeIfOqm
8t uO<
B](l+eL
W}e<Pd$
{CC{G*
H]sy[RJ
#eoO&
d|l3}6
/>=J5it
m^0-HN
PEnIvr&C4+
'[j3UP"
),/P"N
EHsbb-
LFd\w
|9ZC/_
&mq4x]h
,p;qM q4
,p;qM q4
,p;qM q4
1`mgEq
6"HSB5
oqE/sX%
@|bQa9.
Bz1(ch
krO]AaR
pzt:"UA>:!
e=FCEJ
\\%-5uAjO
F`a%hD*
NGs/ie
oc6t8~_
Og\EB?
ryxO.6
hvm5E%
8A1iN
Ral>$>
G$N T|
6!^(ar
Nq@xR"wsl=
Iu#5`2H
A~qOPYO^
zCj9S
-w{rM^
.+h1#G
Nal#3{
kNl+b,
}#V3y:
YHWSc)
Xt)6Se7yR
2cgAX%
qVsMi7
4?x/GN
fFO4d~A
+m/C;q@_
`4I1o3
\Rmbp-
UAl\JG
G&eT#=s
[/p12V
O~QE$sj
VAGc|K
Y'N\N7=
Q]aK38
P@y)IF
mt9@vn
N'5J;O
3:s^iX
Y,Mc2\
Mm>.0Q=)G
'walM%
iR>T00b
iR>T00b
h>5Oqj
:F^D2,
2{3Z.1
=?cP9"Az1{
wC0.@Ff
=?cP9"Az1{
qJONi|\[q
Hcy3N..
=?cP9"Az1{
=?cP9"Az1{
=?cP9"@mv{
`/{3Z.1
%>#(>L
=?cP9"Az1{
}dffFr
p?*;Ue
8=0mStU3
<@*g)w
k#`X(bA
Oq{!=}w3
]9/38n
yx98Lw
}rHrf8K
ZJ9_ .l
c&sIL[
X]vWM(Yu
bj$E#`F
 Z6B_
[:3kheU
YRsMbWem
w=55^B
~n;&E`u
|pj';;
F@U 09^
&)&`6[
+7}*`H
R.QCjK4u
p0d%m{>d
v4.0.30319
#Strings
#gdfgdfg#
#dfgfg#
#fsdfsd.dll#
#fsdhcfsdf.dll#
#fshghhhgfgggghdfsdf.dll#
#fsdfgdddddfchafhghgsdf.dll#
#gdfgdfgf.dll#
#fsdgdfghhahffdsf.dll#
#gdfgdfg.dll#
#gdfgfg.dll#
#sssssssss.dll#
<path2>5__10
HotHeapStreamCLR20
<InitializeCustomAttributes>b__19_0
<>9__129_0
WAIT_OBJECT_0
$$method0x6000022-1
S_RESERVED1
Ldelem_I1
Ldarg_1
Func`1
IEnumerable`1
Iterator`1
Prime1
StatusLevel1
WriteTypeDefAndMemberDefCustomAttributes1
S_LPROC32
ToUInt32
ToInt32
LOCALE_SSHORTESTDAYNAME2
Func`2
ISymUnmanagedWriter2
_empty2
PA_IA64
FormatUInt64
Ldc_I4_5
S_LABEL16
<Initialize>b__89_16
ToInt16
get_UTF8
<FromAsyncImpl>b__9
Digit9
<Module>
CAL_SAKA
PushFC
LINGUISTIC_IGNOREDIACRITIC
BigGUID
Serialization_InvalidID
ListFieldDefMD
LOCALE_SNATIVELANGUAGENAME
SECOND_PRIME
S_TOKENREF
get_ASCII
S_LOCAL
SetMethodIL
COR_E_ENDOFSTREAM
NOOPEN
CALG_RSA_SIGN
ERROR_UNKNOWN_REVISION
TASK_STATE_WAIT_COMPLETION_NOTIFICATION
S_SECTION
System.IO
DEFAULT_SPIN_MP
CSIDL_COMMON_TEMPLATES
CSIDL_WINDOWS
VT_VARIANT
REG_RESOURCE_LIST
set_IV
CSIDL_DESKTOPDIRECTORY
Get_KeepExtraPEData
OverlappedData
PerformanceData
Get_DefaultQuota
Set_WritePdb
mscorlib
CodePageNoMac
TypeSpec
hgdfgdfgc
rdedrddmbhc
FindMostSpecific
System.Collections.Generic
get_IsStatic
GetProcessById
lpNumberOfBytesRead
M_head
hThread
get_CurrentThread
thread
MemberForwarded
RijndaelManaged
get_IsAttached
_isBlocked
CheckEnabled
NotOnCanceled
SetCanceled
M_bytesUsed
HostNotParsed
Set_Inherited
FReserved
gdfgdfgd
fshdddddddddghd
GetClassLayoutRid
M_underlyingField
Set_IsField
MaxCapacityField
set_IsBackground
DynamicMethod
Get_IsGenericMethod
DefinePInvokeMethod
GetCallableMethod
InlineMethod
ResolveMethod
Get_DefiningMethod
SetGetMethod
NetGuard
get_IsInterface
ImplementInterface
Replace
UsingNamespace
Set_ControlEvidence
LoadResource
FindResource
SizeofResource
ExceptionResource
FindPosForResource
Get_UseUserOverride
M_useUserOverride
GetHashCode
SetCode
set_Mode
CryptoStreamMode
CipherMode
get_Unicode
Xenocode.Client.Attributes.AssemblyAttributes.ProcessedByXenocode
FormatMessage
AddRange
EndInvoke
BeginInvoke
Get_FieldMarshalTable
Get_PointerToSymbolTable
GetEnvironmentVariable
Enumerable
IDisposable
Inheritable
Set_IsSerializable
set_Visible
FormatDouble
get_Handle
RuntimeFieldHandle
get_MethodHandle
RuntimeMethodHandle
GetModuleHandle
get_TypeHandle
RuntimeTypeHandle
CloseHandle
GetFieldFromHandle
GetTypeFromHandle
Console
get_Module
DefineDynamicModule
set_FormBorderStyle
set_WindowStyle
ProcessWindowStyle
get_Name
CompareName
MatchAbbreviatedMonthName
lpApplicationName
strName
KeysName
TryGetRealAssemblyName
GetDirectoryName
lpCommandLine
WriteLine
get_FieldType
DefineType
CreateType
Get_IsValueType
get_DeclaringType
flAllocationType
get_ReturnType
get_ParameterType
Get_EventType
System.Core
ResolveSignature
SetLocalSignature
GetLocalsSignature
Get_FixSignature
Set_CurrentUICulture
MethodBase
Dispose
TimeSpanParse
Preallocate
Create
CreateResourceDataDelegate
CreateDelegate
MulticastDelegate
UserSuppliedState
set_WindowState
FormWindowState
STAThreadAttribute
CompilerGeneratedAttribute
UnverifiableCodeAttribute
UnsafeValueTypeAttribute
BabelAttribute
SuppressIldasmAttribute
AssemblyInfoAttribute
YanoAttribute
DotNetPatcherPackerAttribute
BabelObfuscatorAttribute
CryptoObfuscator.ProtectedWithCryptoObfuscatorAttribute
DotNetPatcherObfuscatorAttribute
DotfuscatorAttribute
CompilationRelaxationsAttribute
PolicyStatementAttribute
SmartAssembly.Attributes.PoweredByAttribute
ReferenceAssemblyAttribute
RuntimeCompatibilityAttribute
SetValue
OpenSave
get_IsAlive
_TypeResolve
SizeOfStackReserve
akcrcfjhdl.exe
get_Size
GetFieldSize
_InputBlockSize
HeaderSize
dwSize
SizeOf
fsafafwwwwwwwwaf
fshgdf
fsdfhghfafgsdf
Stelem_Ref
MakeByRef
get_IsByRef
gfdfffffhhhhhhhhhfhfffg
CreateMethodSig
IsModuleSig
IsPreserveSig
System.Threading
Encoding
SystemMessaging
IsLogging
FromBase64String
_stackTraceString
OutputDebugString
IsWellFormedUriString
Get_VersionString
System.ITuple.ToString
GetString
Get_CharUnknownHigh
ComputeHash
ScanBackslash
get_ExecutablePath
CanonicalizeAsFilePath
GetFolderPath
ObfuscatedByGoliath
get_Length
M_StringHeapByteLength
MemStreamMaxLength
StringToHGlobalUni
S_platformCryptoApi
PrivateParseMinimalIri
AsyncCallback
callback
Loopback
GetObjectHandleOnStack
FastEqualsCheck
GetTypeTokenWorkerNoLock
FlushFinalBlock
TransformFinalBlock
BinaryReaderChunk
Trademark
IriCanonical
Get_IsSecuritySafeCritical
Marshal
M_parsedOriginal
akcrcfjhdl
LogLevel
IsCallConvThiscall
kernel32.dll
CreateNull
Control
CryptoStream
MemoryStream
get_Item
ExecuteWorkItem
System
SymmetricAlgorithm
HashAlgorithm
Custom
ICryptoTransform
PA_NoPlatform
Get_AllowIdn
get_MetadataToken
hToken
lpNumberOfBytesWritten
AppDomain
get_CurrentDomain
GetMDStreamVersion
GetSubKeyWritePermission
Application
get_Location
NineRays.Obfuscator.Evaluation
Get_LoaderOptimization
Set_Synchronization
System.Reflection
ManagementObjectCollection
CallingConvention
RuntimeWrappedException
Unknown
SendTo
CanCastTo
GetDynamicILInfo
VamMethodFieldInfo
RslvLocalsFieldInfo
IRuntimeMethodInfo
startupInfo
MemberInfo
ParameterInfo
ProcessStartInfo
DirectoryInfo
FuncMDTokenMap
Get_Group
RecordTokenFixup
System.Linq
ToGenericVar
set_ShowInTaskbar
FirstGregorianTableYear
SignatureReader
MD5CryptoServiceProvider
DESCryptoServiceProvider
MethodBuilder
ModuleBuilder
GetTypeUsingTypeBuilder
AssemblyBuilder
SpecialFolder
ITypeDefFinder
lpBuffer
_maxCharsPerBuffer
CompressBuffer
ResourceManager
DomainManager
Debugger
ManagementObjectSearcher
AsyncCompletedEventHandler
Scheduler
IocbHelper
CheckAuthorityHelper
get_IsPointer
BitConverter
ToLower
KeyPair
GetTokenFor
BadAuthorityTerminator
ManagementObjectEnumerator
GetEnumerator
.cctor
dotNetProtector
get_IsConstructor
CreateDecryptor
IntPtr
SymCustomAttr
UpdateFieldRvas
System.Diagnostics
Get_CalendarIds
GetMethods
Interfaces
AllowBraces
System.Runtime.InteropServices
System.Runtime.CompilerServices
System.Resources
akcrcfjhdl.resources
Directories
bInheritHandles
EnableVisualStyles
GetEnumNames
InitializeBaseTypes
AllowParentheses
lpThreadAttributes
MethodAttributes
TypeAttributes
Set_ImplAttributes
MethodImplAttributes
HasCustomAttributes
GetCustomAttributes
lpProcessAttributes
Rfc2898DeriveBytes
WriteAllBytes
GetBytes
EnumMemberRefs
ModifyComImageFlags
BindingFlags
dwCreationFlags
GetMethodImplementationFlags
SetImplementationFlags
NetTcpSyntaxFlags
Equals
_items
System.Windows.Forms
Contains
M_iEndColumns
IOExtensions
CallingConventions
M_innerExceptions
CreateExceptionInfos
GetGenericParamProps
get_Chars
GetOptionalCustomModifiers
ExecuteCallbackHandlers
RuntimeHelpers
M_illegalCharacters
GetParameters
GetIndexParameters
AddHours
get_IsClass
FileSecurityStateAccess
AssemblyBuilderAccess
hProcess
GetCurrentProcess
TrimExcess
GetFinallyEndAddress
lpBaseAddress
lpAddress
DoubleToInt64Bits
ParseAttributeArguments
ReUseDeletedMethodRows
S_GPROC32_16t
GetMethodAt
Concat
Format
Set_IsAbstract
ManagementBaseObject
GetObject
object
Select
Collect
flProtect
Struct
AddSet
CharSet
ShortInlineBrTarget
AdjustTarget
M_RefusedPset
M_handlerOffset
RidsOffset
op_Explicit
System.Reflection.Emit
SetCompatibleTextRenderingDefault
Set_HResult
IAsyncResult
result
ToUpperInvariant
PrejitGrant
AddConstant
System.Management
RecursionDecrement
lpEnvironment
Get_HijriAdjustment
Get_SymUnmanagedDocument
GetNamedArgument
get_Current
<>2__current
CheckRemoteDebuggerPresent
IsDebuggerPresent
Get_GenParamCount
Get_SpinCount
Set_IsolatedStorageRoot
ParameterizedThreadStart
Convert
FailFast
RidList
GetConstructorList
ArrayList
SuspendLayout
ResumeLayout
Set_ClassLayout
RegexInput
MoveNext
System.Text
OpenText
WaitCallback_Context
context
M_QuotaView
RawDeclSecurityRow
ParseReflectionThrow
S_pCategoryLevel1Index
PreserveSyncCtx
InitializeArray
ToArray
get_IsArray
set_Key
RegistryKey
System.Security.Cryptography
DefineDynamicAssembly
IsNestedAssembly
GetExecutingAssembly
FormatAssembly
Company
BlockCopy
Dictionary
NegateCategory
InternalCreateDirectory
lpCurrentDirectory
Get_Capacity
op_Equality
op_Inequality
BinaryCompatibility
System.Security
SuppressUnmanagedCodeSecurity
IsNullOrEmpty
198 Protector V2
System.Security.Permissions.SecurityPermissionAttribute, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
SkipVerification
WrapNonExceptionThrows
_CorExeMain
mscoree.dll
fffffff`
ffffffff`
ffffffff`
ffffffffffffh
ffffffffo
ffffffffo
fffffffffffo
ffffffffo
fffffo
ffffffffo
fffffo
fffffo
ffffffo
fffffo
fffffo
fffffo
fffffo
ffffffffo
ffffffffffffh
ffffffff`
ffffffff`
ffffffff`
fffffff`
ffffffh
:IDATx
:|p5ARy
ffffff
ffffff
ffffff
ffffff
ffffff
ffffff
fffoww
}IDATx
+=BDD<|
ffffff
ffffff
ffffff
ffffff
ffffff
ffffff
'''''''''''''''''''''''
'''''''''''''''''''''''
'''''''''''''''''''''''
'''''''''''''''''''''''
'''''''''''''''''''''''
&&&+.131.+%&
&&.33.&$$%%%&%&%%%%
&%%%&%%%%%%%%%%%%%%%
3+&%%%%%%%%%%%%%%%%%%%%
&$&$&%%%%%%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%
&&&&&&&&"
&&&&&&&&"
((((((((((((((((((
((((((((((((((((((
((((((((((((((((((
((((((((((((((((((
3''%'%+'%'%
-'%'%'%(&%'%'%(&
/'%%'%(&&&&&%'(&&&
%%'(&&&&&&&&&%&&&&
'(&&&&&&&&&&&&&&&&
''''''
'''-''
'''''''''''''''''
'''''''''''''''''
'''''''''''''''''
'''''''''''''''''
0&$&+,,*$$
,&&**&$&$&$&$&$
.*&$$&$$'%%$&$'%&
&$$&$'%%%%%%%%%%$
$&%%%%%%%%%%%%%%&
"&&&&"
"&&&&"
%%%%%%%%%%%%%%
%%%%%%%%%%%%%%
%%%%%%%%%%%%%%
($"((($"
*$"""#"#$"$"#
""%$"####"#"##
$"############
"#$"##########
%%%%%%%%%%
%%%%%%%%%%
(#!""""!""
#!#"""""""
""""""""""
##########
##########
+%&'##%(&%
##########
##########
!!!!!!
!#!!!!
1IDATx
y5??|u
oe2XZK
OHRIu?
P@O=Vp
+Ix5;w
RHH)t4f
ffffff
ffffff
ffffff
ffffff
ffffff
ffffff
########
########
''''''
'''*''
$$$$
$$$$
3IDATx
,@DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDU
-565u]
Ry]na/
[1drYS
>;;mJ9
/_>9Y
DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
akcrcfjhdl
GetEnvironmentVariable
_ENABLE_PROFILING
_PROFILER
Area =
{0:F2}
87654321
managed
kCnXpWScKtsOyjYsarWXCWZPhtZFWBVcfNY98QGP5JO1iZWFYtt7W9VO7Sz5eeeced+niUnkAcaPB9rzxFDrycMyEX6WvKdWfVVIqiuvnWjEDs7dPm2ubY7QJSUhRxqi
akcrcfjhdl
native
update
ackzq3kQCEF2JviBMv1L8vVQTnOLUHCsc/RKw0FSx+I58MLygCgcy5hYxOVDCvjTmg/z6GB2Uph+S/EgPlkK+nk6gDYP+KWtrKfF6DDfkIIiaLZCXnCeOcTs3MnvU/VV78DArf9BBx7NcLE9QsGpvg==
update\update.exe'" /f
v8UByE4JPD45F6UfVP1Z6g==
update\update.exe"
Select * from Win32_ComputerSystem
Manufacturer
microsoft corporation
bbbbbbbbbbbbbk
mmmmmmmmmmmmmmmmmmmm
bbbbbbbbbbb
cmd.exe
w/cSoNL3svqFCV6JCitRr83DgQQ3ck9oFMKAahYe2yMGAay9IBpyVaKvEIo8uEkq
w/cSoNL3svqFCV6JCitRr7lCa2xBq8YdCEfEl5BogFDch4A5Pbfi04+XRFFUQeE9
DynamicDllInvokeType
5UIMajjk6UwWmBe6DUBG3Q==
GrXAEI8En6RxQ2m9z/4WxatiCG4rgZXVWLaDrsv7Liw=
Ikr+3k2vpNbprwcenSoBtoG0AJXFF67un/LRZpctE6xcCqS8RVTctDG4fYKKCvhW
8l/pDipsQsCqrFRhOA9JbmjXRhZgPAIy52x+1SCO+YZ+fzlE/V9amWyoIOMissPN
ksEYJ9SJ7D5mSz/iH8swhjrIBATkSJ9K0jvBxnCCKwQC07DYc6pTxWCq9spfbY8y
qRN9Yx48XkvUfccgHcuPlHKso8Zzz2cn0Sl1s4JuKik=
yx0IDDvRnNc3TKUZhNBFcg/Ncm8LklhW/8Gn8hRx7Ca2jYnuShK+h0kKdf8z20Cy
ZPgJVZDEFBmBFvCKGHcq6GKpdswZNC+PAyQUQympCyb6kMyLx854OcovqLDXQHxP
RSDR5DNMuKb/pn6gPEbQ3CEHekc1RwURa+da/t4K9YjYf1Rd8IrFamvBHShRYNZK
OuqFhr6/PM2FgSy4VoGgnMMsEneZ7/oR7l9Wj8oc9N8=
pfKwzJ5+T9lsM+lzCEwIAyYG+z+G52RPAEW1UFIif7A=
LU0+/yezkwpatB2Mt4YIgh5ULfrL8Pe67cjNBKzIqPS3tUSOLozSM66qJvsCVX9d
PuTTYConfigBox
PuTTY Configuration
MS Shell Dlg
Select destination folder
Extracting %s
Skipping %s
Unexpected end of archiveThe file "%s" header is corrupt
%The archive comment header is corrupt
The archive comment is corrupt
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
LimeBinder
FileVersion
1.0.0.0
InternalName
LimeBinder.exe
LegalCopyright
Copyright
2020
LegalTrademarks
OriginalFilename
LimeBinder.exe
ProductName
LimeBinder
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0
Antivirus Signature
Bkav Clean
Lionic Clean
Elastic malicious (high confidence)
Cynet Malicious (score: 100)
FireEye Generic.mg.790e94565421337d
CAT-QuickHeal Clean
McAfee Clean
Cylance Unsafe
VIPRE Clean
Sangfor Suspicious.Win32.Save.a
K7AntiVirus Clean
BitDefender Clean
K7GW Clean
Cybereason malicious.202501
Baidu Clean
Cyren W32/MSIL_Kryptik.FXQ.gen!Eldorado
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of MSIL/Kryptik.ACNA
APEX Malicious
Paloalto generic.ml
ClamAV Clean
Kaspersky UDS:Trojan-PSW.MSIL.Stealer.gen
Alibaba Clean
NANO-Antivirus Clean
ViRobot Clean
MicroWorld-eScan Clean
Tencent Clean
Ad-Aware Clean
Emsisoft Clean
Comodo Clean
F-Secure Clean
DrWeb Clean
Zillya Clean
TrendMicro Clean
McAfee-GW-Edition Clean
CMC Clean
Sophos ML/PE-A
SentinelOne Static AI - Malicious PE
GData Clean
Jiangmin Clean
MaxSecure Trojan.Malware.300983.susgen
Avira Clean
MAX Clean
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Clean
Arcabit Clean
SUPERAntiSpyware Clean
ZoneAlarm UDS:DangerousObject.Multi.Generic
Microsoft Trojan:Win32/Woreflint.A!cl
AhnLab-V3 Clean
Acronis Clean
BitDefenderTheta Gen:NN.ZemsilF.34236.0m0@amqGKWbG
ALYac Clean
TACHYON Clean
VBA32 Clean
Malwarebytes MachineLearning/Anomalous.97%
Panda Clean
Zoner Clean
TrendMicro-HouseCall Clean
Rising Clean
Yandex Clean
Ikarus Trojan.MSIL.Crypt
eGambit Unsafe.AI_Score_100%
Fortinet MSIL/Kryptik.ACNA!tr
Webroot Clean
AVG Win32:RATX-gen [Trj]
Avast Win32:RATX-gen [Trj]
CrowdStrike win/malicious_confidence_70% (D)
No IRMA results available.