popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2021-10-25 17:00:07

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x0002cfe4 0x0002d000 7.72145470728
.rsrc 0x00030000 0x000a2e52 0x000a3000 3.3841015042
.reloc 0x000d4000 0x0000000c 0x00000200 0.0980041756627

Resources

Name Offset Size Language Sub-language File type
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_GEORGIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_DIALOG 0x000d2270 0x00000076 LANG_GEORGIAN SUBLANG_NEUTRAL data
RT_STRING 0x000d22e8 0x00000178 LANG_GEORGIAN SUBLANG_NEUTRAL data
RT_GROUP_ICON 0x000d27f4 0x00000148 LANG_GEORGIAN SUBLANG_NEUTRAL data
RT_GROUP_ICON 0x000d27f4 0x00000148 LANG_GEORGIAN SUBLANG_NEUTRAL data
RT_GROUP_ICON 0x000d27f4 0x00000148 LANG_GEORGIAN SUBLANG_NEUTRAL data
RT_GROUP_ICON 0x000d27f4 0x00000148 LANG_GEORGIAN SUBLANG_NEUTRAL data
RT_VERSION 0x000d293c 0x0000032c LANG_GEORGIAN SUBLANG_NEUTRAL data
RT_MANIFEST 0x000d2c68 0x000001ea LANG_GEORGIAN SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
Ivan Medvedev
sXfafa O
#YXfX
eXae ?ir
>fafa
XzfXaf}
XeaeY
XXf y6
4XeX k
fXaYe
 wae $
[XX f
0teXe}
fea Ofm
Za #h:r
fYaYf}
e87 1:-
eaXXafff
bK*^_[
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
L\M'SP
Ah[[J,
@AB}Na:I
yRUw{&
cP@V\^
9)n5x&
!i(++vR==N
ma=2C:
dF)!o*
lM7~IC
;vnn)?
>3GxPsrLY
mkahZ?
F4CV$*%m
MXhM>~q%
oWd,.K
$|ubLO>
[P9 dN0
:gk3gw(
n!b:rI
4^dPu[l3
_)E@W7
Pg,JD8
{%1>]Ka
nuH{122^
9) Ip2
X*_"0N
1[s:gh=
1ho1vi
i}l:^a
uqD"D
a?j}xs
gtkR)C
^iuzsMh
2nm3tpN
o"6fG
U[aV3U
Lmzf=U
o"6fG
U[aV3U
Lmzf=U
Lmzf=U
o"6fG
U[aV3U
Lmzf=U
o"6fG
U[aV3U
Lmzf=U
o"6fG
U[aV3U
Lmzf=U
w'g4CntZ
o"6fG
U[aV3U
Lmzf=U
o"6fG
U[aV3U
Lmzf=U
U[aV3U
Lmzf=U
o"6fG
U[aV3U
Lmzf=U
o"6fG
U[aV3U
Lmzf=U
"pk~/
v>kh;u
">5t(Pjj
~Iw6Z*!`1
3w$bE'
[M]<OP
4\QtY_c
++g-VRrC)
X|e<^JU
rkSKA
HP$7*G
#p8pL
KIrsqD
U:`EA
lEVd`nJ
KIrsqD
Op%8$5v
cz?AQX+
z.h[;G|n
k1lJ(Y
j2z|7
($asA0R
-mqt6:
:Rak.
/\yj&d{
?t]Sfv
6xI^$,D++i
E_ =YA
Pp#`X@TB/
uzycF,2
|"f<eF
uzycF,2
g6_XYn
|"f<eF
uzycF,2
|"f<eF
uzycF,2
|"f<eF
uzycF,2
|"f<eF
uzycF,2
|"f<eF
uzycF,2
|"f<eF
uzycF,2
|"f<eF
j05;i0
v'M*)2y
F&S7<O
vF.oJw
ttEg6)&s
b&pNq?%
\:C|NZ
;'Q@D
P(8f2}{
^rR~lZi
Q4_<Ycf
rZglBP
(d=k=h$+{
_}o%.3^
QE1#c~
aI60;v
`v)=~?(
od;7`m
@ofC5%lKr
<cekr[9
e\0O;H,7
||3N:*
%Mj/VW
rY L47
@}gkDe
Fq9UX0
3/@]Fy
p|qzT:@
~4j]J_
^T<|tqY6
0[<eGv
"K.ZW+O
s[<j2B
v<Whe=
kzo&Mj~
&Oz_:{B
jNf;v)Eb
z<*P}
FnTb-g
&i%;}:0
cxY1vKm!F
}y/O0s
C,EDN_
q.{_eW
p]pWHO
fTvLL^
9=TAMpJDZa
L(7MW5+.:>
X l<Su
s(rd^l
Jq@GP=^BjK
inQNd~S
]b=Y)p
qvYX"
ZK'9vf
Gtu*6G
M%|a/S
rVchmg
g%W5Rz
WEBOHN
]/tIV}
I2rP[l
O>!l?\
H{[=y~
"@V6MS
6&+T6l
d5%@vx |
V7uO3u
mz@/\PL
V"!y<}
6$gd_!
Ual&e
@2J5.c
,,!I;t
_WLXL_
N(rYTo8
Wdb`0z
P:ATgi
^j.HJ;9R
3.lOYw
<51L@O
9+FM:p
^Z/}L'4
|6K.7b
7":ubrN
uyd=v-
|6K.7b
u(t/v0
,%Tg*e
7=9MCc*
pTcX`c
on_Tnh
zl9Trp
ltxFw,[
|6K.7b
H??<~s
^r;/}T
Hco37Qf
ez6|HIK7
Nl+t~R
_Yx[C
7":ubrN
7":ubrN
h!RKSY
i7wjI-
3=a'D5
yVlP&>Gl
_?tG {
?9K!1
7]+P0f
W"$0iu
T7?.^s
$tDY=l
n#{cMU
%P7q2,
38l3
nw>~rK
xU@92NF
t<XEYq
@Uf-=|
0f8!AmU
U=sbv\
9<o}YT
>QCYSN1sj
bato.D
d$Z4@Fm
OcC1zRn
v4.0.30319
#Strings
#gdfgdfg#
#dfgfg#
#fsdfsd.dll#
#fsdhcfsdf.dll#
#fshghhhgfgggghdfsdf.dll#
#fsdfgdddddfchafhghgsdf.dll#
#gdfgdfgf.dll#
#fsdgdfghhahffdsf.dll#
#gdfgdfg.dll#
#gdfgfg.dll#
#sssssssss.dll#
<>9__129_0
$$method0x6000022-1
$$method0x6004233-1
$$method0x6004239-1
<OnRun>b__1
SimpleLazyList2`1
IEnumerable`1
FUseHour12
ToUInt32
ToInt32
Func`2
MDInitializeTypeDefsAndMemberDefs2
<Initialize>b__89_13
<value>5__3
S_RESERVED4
<gacInfo>5__5
ToInt16
ISO10126
<Initialize>b__89_18
get_UTF8
<Module>
POWERPC
FILE_MAP_READ
CANNOT_BE_CANCELED
LMEM_FIXED
ConstantMD
CSIDL_PRINTHOOD
SE_GROUP_RESOURCE
LOCALE_SENGCURRNAME
CERT_STORE_READONLY_FLAG
get_ASCII
Set_UI
InlineI
IFIRSTDAYOFWEEK
INVOCATION_FLAGS_UNKNOWN
System.IO
ReadShortInlineR
KEY_ENUMERATE_SUB_KEYS
DEFAULT_METADATA_ALIGNMENT
S_MANSLOT
S_BLOCK32_ST
set_IV
M_iocb
mscorlib
M_blob
hgdfgdfgc
System.Collections.Generic
get_IsStatic
<ContinueWhenAnyImpl>b__1d
DwOemId
GetProcessById
lpNumberOfBytesRead
hThread
get_CurrentThread
IsHeldByCurrentThread
thread
RijndaelManaged
get_IsAttached
IsAllocated
Get_IsDeleted
SetCompleted
Get_IsValueFaulted
lihhrmaerfd
gdfgdfgd
fshdddddddddghd
<Documents>k__BackingField
LineEnd
set_IsBackground
Get_Method
DynamicMethod
M_addMethod
DefinePInvokeMethod
ResolveMethod
Set_DeclaringMethod
GetMethod
NetGuard
get_IsInterface
Replace
NoSpace
AddUsingNamespace
HasEmbeddedSource
LoadResource
FindResource
SizeofResource
DefineManifestResource
GetHashCode
SetCode
set_Mode
CryptoStreamMode
CipherMode
get_Unicode
Xenocode.Client.Attributes.AssemblyAttributes.ProcessedByXenocode
UiFamilyCodePage
LogMessage
Get_UserMessage
FindCache
EndInvoke
BeginInvoke
Set_ModuleRefTable
get_PropertyMapTable
GetEnvironmentVariable
Enumerable
IDisposable
set_Visible
Double
get_Handle
RuntimeFieldHandle
get_MethodHandle
RuntimeMethodHandle
GetModuleHandle
get_TypeHandle
RuntimeTypeHandle
CloseHandle
GetFieldFromHandle
GetTypeFromHandle
SafeTokenHandle
WritePdbFile
M_file
Console
get_Module
DefineDynamicModule
set_FormBorderStyle
set_WindowStyle
ProcessWindowStyle
get_Name
s_unrestrictedPermissionInferfaceName
TableName
m_strModuleName
M_invalidCultureName
M_strFullQualName
lpApplicationName
M_strName
AssemblyName
GetDirectoryName
CreateTransitionTime
lpCommandLine
WriteLine
EqualsResolutionScope
get_FieldType
CreateModuleType
DefineType
CreateType
ValueType
get_DeclaringType
flAllocationType
get_ReturnType
get_ParameterType
UpdateThisParameterType
GetElementType
MemberListType
RawSignatureCompare
System.Core
ResolveSignature
SetLocalSignature
M_CurrentUICulture
MethodBase
Dispose
Create
CreateDelegate
MulticastDelegate
Get_AsyncState
HasState
set_WindowState
FormWindowState
STAThreadAttribute
CompilerGeneratedAttribute
UnverifiableCodeAttribute
UnsafeValueTypeAttribute
BabelAttribute
SuppressIldasmAttribute
AssemblyInfoAttribute
YanoAttribute
DotNetPatcherPackerAttribute
BabelObfuscatorAttribute
CryptoObfuscator.ProtectedWithCryptoObfuscatorAttribute
DotNetPatcherObfuscatorAttribute
DotfuscatorAttribute
CompilationRelaxationsAttribute
CoClassAttribute
ContractClassAttribute
SmartAssembly.Attributes.PoweredByAttribute
RuntimeCompatibilityAttribute
Get_SByte
BitsPerByte
CheckValue
MaximumValue
C_timeZoneInfoValue
SetValue
Get_IsAlive
get_IsAlive
Relative
dknmkjSpFl.exe
get_Size
HeaderSize
DefaultSize
dwSize
SizeOf
fsafafwwwwwwwwaf
fshgdf
fsdfhghfafgsdf
Get_IsFieldDef
get_TypeDef
Get_IsMethodRef
get_IsByRef
_replref
Popref
FoundMonthPatternFlag
gfdfffffhhhhhhhhhfhfffg
System.Threading
Encoding
IsLogging
BestFitMapping
FromBase64String
UnescapeDataString
GetLocalizedString
GetOperandString
OutputDebugString
VersionString
ToString
GetString
IsVarArg
Arg_RegKeyStrLenBug
IsMatch
MatchesNameHash
ComputeHash
get_ExecutablePath
CanonicalizePath
LocalPath
GetFolderPath
ObfuscatedByGoliath
get_Length
GetAscii
AsyncCallback
PostCallback
callback
DoubleStack
Insert_NoLock
AddResourceFileNoLock
CreateTypeNoLock
FlushFinalBlock
TransformFinalBlock
SEP_Unk
CharSetMask
dknmkjSpFl
DeclareLocal
Marshal
ResolveFieldHandleInternal
ReflectedTypeInternal
BreakInternal
AreFieldValuesEqual
ForAll
kernel32.dll
Get_PerMilleSymbol
Control
MemberImpl
__ConsoleStream
CreateStream
CryptoStream
MemoryStream
get_Item
System
Subsystem
SymmetricAlgorithm
HashAlgorithm
ICryptoTransform
DefineEnum
EndWritePEChecksum
Conv_R_Un
InfiniteTimeSpan
get_MetadataToken
GetSignatureToken
hToken
BuiltInGetToken
lpNumberOfBytesWritten
AppDomain
get_CurrentDomain
CheckSubKeyWritePermission
Application
get_Location
GetProcessWindowStation
NineRays.Obfuscator.Evaluation
SecuritySerialization
System.Reflection
ManagementObjectCollection
WriteInstruction
CallingConvention
RuntimeWrappedException
InvalidProgramException
VerificationException
GetHRForException
GetException
Pattern
GetDynamicILInfo
EhCurrentCatchFieldInfo
ReflectionFieldInfo
MethodInfo
DoGetLocaleInfo
startupInfo
MemberInfo
EmitLineNumberInfo
ParameterInfo
ProcessStartInfo
Get_TextInfo
DirectoryInfo
HotHeap
System.Linq
set_ShowInTaskbar
System.Collections.Generic.ICollection<dnlib.DotNet.Parameter>.Clear
BytesPerWChar
EscapeAsciiChar
M_catchEndAddr
RgiLineNumber
SetColumnNumber
Get_FileHeader
Get_ResourceReader
StringReader
BinaryReader
MD5CryptoServiceProvider
DESCryptoServiceProvider
VJSharpCodeProvider
_FieldBuilder
MethodBuilder
ModuleBuilder
TypeBuilder
AssemblyBuilder
SpecialFolder
lpBuffer
ResourceManager
DummyLogger
Debugger
ManagementObjectSearcher
Get_IsRequiredModifier
M_appDomainTimer
TypeDefUser
m_returnParameter
get_IsPointer
BitConverter
ToLower
GetTokenFor
Get_Minor
PercentGroupSeparator
ManagementObjectEnumerator
GetEnumerator
M_ctor
.cctor
dotNetProtector
get_IsConstructor
CreateDecryptor
IntPtr
TicksPerHour
AddMethodSemantics
System.Diagnostics
InitializeFields
M_dynamicMethods
GetMethods
System.Runtime.InteropServices
System.Runtime.CompilerServices
System.Resources
dknmkjSpFl.resources
SetCompatibilitySwitches
GetCachedAssemblies
LoadAllTables
bInheritHandles
EnableVisualStyles
Set_MonthNames
M_iEndLines
HasNestedTypes
lpThreadAttributes
MethodAttributes
TypeAttributes
MethodImplAttributes
GetCustomAttributes
ParameterAttributes
lpProcessAttributes
Get_TotalMinutes
Rfc2898DeriveBytes
GetBytes
DontProjectWinMDRefs
MetaDataFlags
BindingFlags
dwCreationFlags
GetMethodImplementationFlags
SetImplementationFlags
AssemblyFlags
PushTypeArgs
InsertLineBreaks
Equals
AddIgnorableSymbols
GetNumEncodingItems
System.Windows.Forms
Contains
Columns
CallingConventions
Set_TablesHeapOptions
AllLongTimePatterns
AllShortDatePatterns
AssemblyInfos
_textpos
GetGroups
get_Chars
PeHeaders
GetOptionalCustomModifiers
RuntimeHelpers
M_illegalCharacters
GetParameters
TermCreateClass
CatchClass
AutoClass
get_IsClass
AssemblyBuilderAccess
hProcess
GetCurrentProcess
unsafeUseAddress
lpBaseAddress
lpAddress
UpdateInstructionOffsets
CanCompareBits
Constants
NamedArguments
ReUseDeletedParamRows
Concat
DigitFormat
Get_Object
ManagementBaseObject
GetObject
object
Select
flProtect
InternalGetResourceSet
Get_PermissionSet
CreatePermissionSet
CreateExecutionSet
CharSet
FileOffset
MoveRight
Get_BestFit
op_Explicit
System.Reflection.Emit
SetCompatibleTextRenderingDefault
Get_HResult
IAsyncResult
M_asyncResult
result
ToUpperInvariant
System.Management
Set_Fragment
lpEnvironment
OpenGenericArgument
ExceptionArgument
IMemberRefParent
get_Current
CheckRemoteDebuggerPresent
IsDebuggerPresent
set_UserEntryPoint
SetUserEntryPoint
NewSlot
ParameterizedThreadStart
SetAssert
Convert
FailFast
GetNestedTypeList
ContainsFaultList
AlignConst
AddFirst
FullTrust
SuspendLayout
ConvertImageLayout
ResumeLayout
ClassLayout
IsExplicitLayout
MoveNext
System.Text
ExecutionContext
context
charUnknownLow
GetFileAttributesEx
GetMaxUsedIndex
FallbackIndex
RunfcPrefix
InitializeArray
ToArray
get_IsArray
AddSzArray
Bitarray
Get_MethodBody
Get_CanFreeMethodBody
set_Key
System.Security.Cryptography
DefineDynamicAssembly
GetExecutingAssembly
IsFamily
CompletedSuccessfully
InitOnly
InternalBlockCopy
CreateDirectory
lpCurrentDirectory
RootDirectory
PutEntry
Op_Equality
op_Equality
op_Inequality
BinaryCompatibility
System.Security
SuppressUnmanagedCodeSecurity
IsNullOrEmpty
198 Protector V2
System.Security.Permissions.SecurityPermissionAttribute, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
SkipVerification
WrapNonExceptionThrows
_CorExeMain
mscoree.dll
fffffff`
ffffffff`
ffffffff`
ffffffffffffh
ffffffffo
ffffffffo
fffffffffffo
ffffffffo
fffffo
ffffffffo
fffffo
fffffo
ffffffo
fffffo
fffffo
fffffo
fffffo
ffffffffo
ffffffffffffh
ffffffff`
ffffffff`
ffffffff`
fffffff`
ffffffh
:IDATx
:|p5ARy
ffffff
ffffff
ffffff
ffffff
ffffff
ffffff
fffoww
}IDATx
+=BDD<|
ffffff
ffffff
ffffff
ffffff
ffffff
ffffff
'''''''''''''''''''''''
'''''''''''''''''''''''
'''''''''''''''''''''''
'''''''''''''''''''''''
'''''''''''''''''''''''
&&&+.131.+%&
&&.33.&$$%%%&%&%%%%
&%%%&%%%%%%%%%%%%%%%
3+&%%%%%%%%%%%%%%%%%%%%
&$&$&%%%%%%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%
&&&&&&&&"
&&&&&&&&"
((((((((((((((((((
((((((((((((((((((
((((((((((((((((((
((((((((((((((((((
3''%'%+'%'%
-'%'%'%(&%'%'%(&
/'%%'%(&&&&&%'(&&&
%%'(&&&&&&&&&%&&&&
'(&&&&&&&&&&&&&&&&
''''''
'''-''
'''''''''''''''''
'''''''''''''''''
'''''''''''''''''
'''''''''''''''''
0&$&+,,*$$
,&&**&$&$&$&$&$
.*&$$&$$'%%$&$'%&
&$$&$'%%%%%%%%%%$
$&%%%%%%%%%%%%%%&
"&&&&"
"&&&&"
%%%%%%%%%%%%%%
%%%%%%%%%%%%%%
%%%%%%%%%%%%%%
($"((($"
*$"""#"#$"$"#
""%$"####"#"##
$"############
"#$"##########
%%%%%%%%%%
%%%%%%%%%%
(#!""""!""
#!#"""""""
""""""""""
##########
##########
+%&'##%(&%
##########
##########
!!!!!!
!#!!!!
1IDATx
y5??|u
oe2XZK
OHRIu?
P@O=Vp
+Ix5;w
RHH)t4f
ffffff
ffffff
ffffff
ffffff
ffffff
ffffff
########
########
''''''
'''*''
$$$$
$$$$
3IDATx
,@DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDU
-565u]
Ry]na/
[1drYS
>;;mJ9
/_>9Y
DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
dknmkjSpFl
GetEnvironmentVariable
_ENABLE_PROFILING
_PROFILER
Area =
{0:F2}
87654321
managed
cl8M9glYXQ8Y2nMmsq3a/nhEt6pBQ8jvC/mH0CMu5munE4aV+XTCjXVaLV/fVfDb3fBI3dWf4wyu+rxCc/orelG6uY/yVI3lp2pB/erdcdp2Dgx4q2E+IQreD0850LYH
dknmkjSpFl
native
update
VMbOxbAxikfG7H1L6N3g70fvaToT1LPX8RxAEKW9bo1eJtJ9jfhXB3OHnZhsMXGGovrekAH1gHCwQl2z0UH5kMCV0Qny+oRnrUyEAQ5DnZzXhRAoR8oT2tQHvzpiq0n6lr3pfkMfzR+XbQDHNtyZZg==
update\update.exe'" /f
IpPzQIAMDat32XlqdVcDXg==
update\update.exe"
Select * from Win32_ComputerSystem
Manufacturer
microsoft corporation
bbbbbbbbbbbbbk
mmmmmmmmmmmmmmmmmmmm
bbbbbbbbbbb
cmd.exe
Ci/ufbZiQnIcDSxUjQlLn1fmfUukP0Xb12DG06t0w76PKtjw/iFV+tHb+8MAqeR9
Ci/ufbZiQnIcDSxUjQlLnwxElqJDqBsG3nIjOccCty6ql1K1ZqetoykX7feAZuxw
DynamicDllInvokeType
ZblMpkVRHzqfsvyb2G9gog==
RJT9GBf9ksBj+zPW5o9x0aWZauQWQJqEvIAr5sO1OIQ=
TWRP9GCW9k6F9Ex8HH/K6dtxzqASJWDyyS3t9pOsJCoMK56tHwy+QCpEAl8xL/c3
mL1zvc9cc611Z52USbln0GLVXGrB0h6lfW1b6n+FNQgGOc5FW/gs9cY9JclLM3sW
bg2GkTYA4xO2PYWv2CFO09B6NZZsVTys3gWImoKj/BsnUFjdbupD12/VlgipRYHc
VtZa3hw/IxdM7C6XWITen4ehbbCJ82TPfb1Gya7oFmc=
NQFq5DwXB59K0uiPentLHkUQmcTbWuIa+SpfDUy2DhiwYqXwDH1h3eAmKFbynI3r
TaBpJJs0BZcCyz5UHN+QxN9DPtBscXBXiDYTkT4BlluAS5u7naIPIyXYOLaVobBM
pg4wW4TQsPd33/mYrXnFZX3T2zLevelrZsqdOInOzAO0mKodew4Q+Ko2oMHJ931P
dJfkoZMXNjOypqlfMYlie+EDeyVg/HKGpzibA1DtClU=
Jze439c+J0q53T3ERnma9HV3VLUGws/S3qLxO+tugQo=
uXlDahNG+dwTePEOrC++zjM+ezdmzmJ/QF0D8fOCFxb5if2UX3BvdVuoeOvXLcgM
PuTTYConfigBox
PuTTY Configuration
MS Shell Dlg
Select destination folder
Extracting %s
Skipping %s
Unexpected end of archiveThe file "%s" header is corrupt
%The archive comment header is corrupt
The archive comment is corrupt
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
LimeBinder
FileVersion
1.0.0.0
InternalName
LimeBinder.exe
LegalCopyright
Copyright
2020
LegalTrademarks
OriginalFilename
LimeBinder.exe
ProductName
LimeBinder
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0
Antivirus Signature
Bkav Clean
Lionic Trojan.MSIL.Stealer.i!c
Elastic malicious (high confidence)
DrWeb Clean
MicroWorld-eScan Gen:Trojan.Mardom.MN.10
FireEye Generic.mg.1044474c0c340165
CAT-QuickHeal Clean
McAfee Artemis!1044474C0C34
Cylance Unsafe
VIPRE Clean
Sangfor Suspicious.Win32.Save.a
K7AntiVirus Clean
BitDefender Gen:Trojan.Mardom.MN.10
K7GW Clean
CrowdStrike win/malicious_confidence_90% (W)
Arcabit Clean
BitDefenderTheta Gen:NN.ZemsilF.34236.0m0@aq3RiZcG
Cyren W32/MSIL_Kryptik.FXQ.gen!Eldorado
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of MSIL/Kryptik.ACNA
Zoner Clean
TrendMicro-HouseCall Clean
Paloalto generic.ml
ClamAV Clean
Kaspersky UDS:DangerousObject.Multi.Generic
Alibaba Clean
NANO-Antivirus Clean
ViRobot Clean
Tencent Win32.Trojan.Mardom.Dume
Ad-Aware Gen:Trojan.Mardom.MN.10
TACHYON Clean
Emsisoft Gen:Trojan.Mardom.MN.10 (B)
Comodo Clean
F-Secure Clean
Baidu Clean
Zillya Clean
TrendMicro Clean
McAfee-GW-Edition BehavesLike.Win32.Generic.ct
CMC Clean
Sophos Mal/Generic-S
Ikarus Clean
Jiangmin Clean
MaxSecure Trojan.Malware.300983.susgen
Avira Clean
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Clean
Microsoft Trojan:Win32/Woreflint.A!cl
SUPERAntiSpyware Clean
ZoneAlarm Clean
GData Gen:Trojan.Mardom.MN.10
Cynet Malicious (score: 100)
AhnLab-V3 Clean
Acronis Clean
VBA32 Clean
MAX malware (ai score=100)
Malwarebytes MachineLearning/Anomalous.97%
Panda Clean
APEX Malicious
Rising Clean
Yandex Clean
SentinelOne Static AI - Malicious PE
eGambit Unsafe.AI_Score_99%
Fortinet MSIL/Kryptik.ACNA!tr
Webroot W32.Trojan.Gen
AVG Win32:RATX-gen [Trj]
Cybereason malicious.12184f
Avast Win32:RATX-gen [Trj]
No IRMA results available.