Static | ZeroBOX

PE Compile Time

2105-12-27 18:56:14

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x00003bb4 0x00003c00 6.03596508803
.rsrc 0x00006000 0x0001eeec 0x0001f000 3.4335035518
.reloc 0x00026000 0x0000000c 0x00000200 0.0815394123432

Resources

Name Offset Size Language Sub-language File type
RT_ICON 0x00024284 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x00024284 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x00024284 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x00024284 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x00024284 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x00024284 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x00024284 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_GROUP_ICON 0x000246ec 0x00000068 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_VERSION 0x00024754 0x000005aa LANG_NEUTRAL SUBLANG_NEUTRAL Dyalog APL version 52.0
RT_MANIFEST 0x00024d00 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain

!This program cannot be run in DOS mode.
`.rsrc
@.reloc
7Y tHj
RhIa gup
Y ZVC a
y}jj %>
S1Ye +
Y ZVC a
cf |!_
#Pf tA
Y ZVC a +K
S1Ye +
Y ZVC a
"TEa s_
(<WI
y}jj %>
@#f 8T?
b ~J*Ka
>e @1/
v4.0.30319
#Strings
ConsoleApp15
ConsoleApp15.exe
<Module>
CollectionDispatcherTask
ConsoleApp15.Tasks
Object
System
mscorlib
QueueDic
Vohpkozigrdxrqdsdb.Dictionaries
Resources
Vohpkozigrdxrqdsdb.Properties
Settings
ApplicationSettingsBase
System.Configuration
<Module>{634aadc8-67ef-477e-9da0-4936125d21d3}
String
DestroyProduct
MapAccount
Thread
System.Threading
Console
WriteLine
VerifyAccount
Assembly
System.Reflection
Exception
GetType
ServicePointManager
System.Net
set_SecurityProtocol
SecurityProtocolType
op_Equality
Boolean
CheckAccount
InvokeMember
BindingFlags
Binder
CountAccount
Encoding
System.Text
get_Default
WebClient
GetBytes
InsertAccount
config
get_UTF8
PopProduct
SetProduct
AddProduct
DownloadString
account
ResourceManager
System.Resources
CultureInfo
System.Globalization
CustomizeProduct
get_ResourceManager
GetTypeFromHandle
RuntimeTypeHandle
get_Assembly
get_Culture
set_Culture
ResolveProduct
AssetProduct
Culture
defaultInstance
CallProduct
.cctor
SettingsBase
Synchronized
PostProduct
InsertProduct
Default
m_1156af63514447a8b2aedc90b67e1a60
m_39aece1af17a421482d6f4f7aff858d4
m_46299d802a7f4bccb230537efe746d41
m_86a3bb1209bf48b7b3b45447a3304d71
m_0d17179fcd184b1ba1cf957d9d0df7ce
m_fbbc7fa3ea254e83822d72bc1c97461f
m_a4d1bfcb58c3406caa8d66a7f6dd6a01
m_eec81ba6e7de45208deba0db146502a6
m_8dcf7f52e0374a9883914063b147f269
m_0d396b191f9f4cdd819107a185f8c672
m_51b496cb7bde4b9db10614425e2da37b
m_feb201ef53df4994a5c26026e53ca2ee
m_a8a586422c284e7a8488091523c144e5
m_c58ef6112f2449088c5688d0b98199a4
m_3822584f65aa49abb1a642faa4261af8
m_7aa4554728604b519c74d62cf44a9bd3
m_24205127caea4ab5b8621aa92fbf7579
m_cc6d713a39bd49a3bac0970ff44747a3
m_600e11a7da7941d2ad2b147f29f95ac7
m_8fffa23542604dae96d5c87a5515e0ba
m_407e1f5eb01442e2bd491326cccd797f
m_f9d6ecbcac094d69b1b10d30f2f3c21e
m_259c2494a9344656bfae5661d1f6a82c
m_d8fc351dad67447daf0e303310bc5da6
m_f5285f23dba5490a89f96d5bd5209051
m_6760e5b4776741f7a6ab0df59c676b7e
m_cb16817d2ce0495b9a3d09f035f3b1e5
m_812bfff630f24f5e8997c8ae887c2b2f
m_bd8e6abcc5d8490d9cbed65d5cb9e388
m_63076bc42dc84a728cab0fdfb0492441
m_887a9ad5c6244aed8466f9e68645a4ee
m_161d16a2ec7f4d40aa3340034000cc20
m_9f7e8c6fd2c3450f8d860ebf01f72df1
m_a232f16c1c344ddf9ce4e6e563f76db0
m_76fde673bc76401eb8d62e580db082db
m_2eb809cac5bf40ccb635251441f22e7c
m_1b24e4b55f03432797ef49b3ee9742de
m_5fac063ca50f42c0944e3501ec037e0b
m_9c822ea663a54b62b5183d22b1956bec
m_f9792c28ac6a4305a6ce3e63ec186aba
m_c4eaa1b619ac42dfb4e2b78394dbbbed
m_eef08b82290f4dcab7241a1cf24da329
m_af4ad011614e4f8d8d5d0b50a39771de
m_956bc85c1b6a438f9cf40e32beea603e
m_398f8b8304e64c99a75b32f57bdfaf0e
m_9ddf1496489c4d59a741848c282d362e
m_c6af61a998a84cbf88040219a2ef7969
m_8ab50e86a02d49c7934d274e8c81ebab
m_d7cd1ed3ad204f85b37a33888625b628
m_f87322daeaa74980bf33031a060bf3a8
m_9749aa35c8064fb786ff1eaddbdc20a8
m_ad791196378c47b6884727ee53a6b997
m_28dcf7f3770e435696ab10526cc5d156
m_fa85b2be73e24c5caa4d61a9f5e14213
m_93eef51850f440e6aee1b6155c9abe2f
m_12dd14e3fd6f40ea87a1e219b092f301
m_310e2e4617024cbaa1c6a899e3e5870f
m_8d93d7d8d3fe4f11bbe2c62406a8a635
m_e35b49dc41c2434382b48c23210429c7
m_2e457806094d4cf2ad6835b59cb2eae8
m_8addf1d6674543d6bd2305cd197db9ac
m_27d576e65b0d465683ac694cf6411705
m_377c81f38d8140f6800ecce5b2303c0c
m_1ff45cc9be9942758aded8145c1ec285
m_124511141b3c4a48b60cd0fb5ff5608a
m_721216c56dce45ceac7615622695cc70
m_7c6f5bf41aba47589f3cd1618a9afe3a
m_48764e18a5b742c9a6dbec49d66cb012
m_d1423511e09a41e08825f491b919076b
m_44118da7a66f4b22b5e3b4c798d0cab9
m_9afd8c9ff5b043ae8405c32876ae5500
m_023df30bc3354428a60b682bbeb42c5c
m_04aba190bbdd4a15a71e2089c7b10f3d
m_fb888521e56649b8b72d8711f19d926a
m_8df562f8f6544d4989f3a8d38ce8de7d
m_af61f98f0290478888882cc498bee205
m_cbc27efb321d44678c34b2e8f3e4919c
m_9a3b4d9d652744739afaf731284593c9
m_476402dad26740ffb43e0a17c76c3c60
m_2584090b5c2a4b5ab75b64ad97225413
m_2fb55e6c15fb40fbb165ee4b9f0b90e0
m_9c7e13354e3e4f0b84a4667b0269efb6
m_bf2cd9590416445db28ea6e4ec2e288c
m_dd4483f637fa4915aec28b557000ef49
m_e99b7dba2a214119b31edf553e407726
m_be9fda8162fb43e8a7dff860af7f9d53
m_60994426df4040218343433004924a8b
m_0c0fc0a6fa504f6b858ef4a21da28d9c
m_3bc843a9c80548438c9740335baf38d6
m_e80bba3beceb405f9e73207a8566fa94
m_a7fb882c75034cf7a4cc5cf39f3c3e7b
m_224dd0054bb84bfda60d4230456108e1
m_31d77b18f12e49df9075398c11fa9e08
m_696b5395753747f595e7a5e6321818a3
m_5de974f39fed4418b89040ed03fdefc1
m_559151ce2677428dac52144de6698502
m_1eb54b351578485480488c9866e5aa92
m_bd05da821431473996cd37628bfa0737
m_f5ac9ce2d95b43dfb0ae16906ef5151d
m_274cb1d36e0d4d78a4d2c3663bed5814
m_1855711dc021424a941364b35d3e3662
m_c1357a18b2ed4197961d0af51d262a4f
m_12fea9222a6f451aa3329baf5ab7b930
m_ff82ae3699644848b4960c91e738deae
m_e1485814d12f49a5b07abaffe3581bf8
m_3b6d41de912e44a281c244e8c1c2e45c
m_70ee7f44da034051bbc1e4073176530c
m_8a67268cd946418a9799b91aecb15b92
m_8ca97fc24c724b708fd47fbf62596850
m_68841ad4f9624b1cbded6c5cb9844718
m_09f730af08cd44a0a90f6bc6d0f3a1e8
m_434cbb3c7a574c30995441bf534f9b10
m_f19360fa408f4354955d75a5c352dde3
m_29f847e4620e47a5bf322a7101a7fe70
m_0d8a43573de14cc69aeedaf1512433cc
m_6042e838396d4d629cda0b14bf20315d
m_04e814d1b40f4017b4deb02ce084bb22
m_39921e0ff1f84f4a876c21352aab040d
m_5c18d319ab5c4fa6969236f4bfe38c24
m_14312688c9ef401e94cdb52c38cf994e
m_158375994dd1421a81d5c4e28e1bde60
m_a0eba66a89b545598f88f7b7a9cd8d29
m_19627b3445334c1082ca79883115fbb9
m_cd8809996a794fdea6a587e1cf12fb37
m_4c6f4af511e046888723782ba1b87a46
m_0a5a6736730b450bb6dae56b4a32e037
ConnectProduct
x93d65dc098424952857b615cb36f1ab1
SortProduct
CheckProduct
CompilationRelaxationsAttribute
System.Runtime.CompilerServices
RuntimeCompatibilityAttribute
DebuggableAttribute
System.Diagnostics
DebuggingModes
AssemblyTitleAttribute
AssemblyDescriptionAttribute
AssemblyConfigurationAttribute
AssemblyCompanyAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyTrademarkAttribute
ComVisibleAttribute
System.Runtime.InteropServices
GuidAttribute
AssemblyFileVersionAttribute
TargetFrameworkAttribute
System.Runtime.Versioning
STAThreadAttribute
GeneratedCodeAttribute
System.CodeDom.Compiler
DebuggerNonUserCodeAttribute
CompilerGeneratedAttribute
EditorBrowsableAttribute
System.ComponentModel
EditorBrowsableState
Vohpkozigrdxrqdsdb.Properties.Resources.resources
WrapNonExceptionThrows
<Free YouTube Download Setup
<Digital Wave Ltd
<Free YouTube Download (t1181)
d(c) 2006-2021 Digital Wave Ltd
$bfe3d9c6-4122-4344-b260-be94fd9ac790
4.3.47.505
.NETFramework,Version=v4.0
FrameworkDisplayName
.NET Framework 4
3System.Resources.Tools.StronglyTypedResourceBuilder
16.0.0.0
KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator
11.0.0.0
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
_CorExeMain
mscoree.dll
;IDATx
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
zhaFcOqC1Q2SpSjyNVh.w4qp1sqa6IxeUhKqkYb
nMNq25ybnt
http://xamp.chickenkiller.com/MAMA/File.png
Nutyzew
Vohpkozigrdxrqdsdb.Properties.Resources
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
Free YouTube Download Setup
CompanyName
Digital Wave Ltd
FileDescription
Free YouTube Download Setup
FileVersion
4.3.47.505
InternalName
ConsoleApp15.exe
LegalCopyright
(c) 2006-2021 Digital Wave Ltd
LegalTrademarks
OriginalFilename
ConsoleApp15.exe
ProductName
Free YouTube Download (t1181)
ProductVersion
4.3.47.505
Assembly Version
4.3.47.505
Antivirus Signature
Bkav Clean
Lionic Clean
Elastic malicious (high confidence)
DrWeb Clean
MicroWorld-eScan Gen:Variant.Bulz.777395
FireEye Generic.mg.9c8282590f9bc409
CAT-QuickHeal Clean
McAfee Artemis!9C8282590F9B
Cylance Clean
Zillya Clean
Sangfor Trojan.Win32.Save.a
K7AntiVirus Clean
BitDefender Gen:Variant.Bulz.777395
K7GW Clean
CrowdStrike win/malicious_confidence_80% (W)
BitDefenderTheta Clean
Cyren Clean
Symantec Clean
ESET-NOD32 Clean
APEX Malicious
Paloalto generic.ml
ClamAV Clean
Kaspersky UDS:Backdoor.MSIL.Androm.gen
Alibaba Clean
NANO-Antivirus Clean
ViRobot Clean
Rising Clean
Ad-Aware Gen:Variant.Bulz.777395
Emsisoft Gen:Variant.Bulz.777395 (B)
Comodo Clean
F-Secure Clean
Baidu Clean
VIPRE Clean
TrendMicro Clean
McAfee-GW-Edition Artemis!Trojan
CMC Clean
Sophos Clean
SentinelOne Static AI - Malicious PE
GData Gen:Variant.Bulz.777395
Jiangmin Clean
eGambit Clean
Avira Clean
MAX malware (ai score=82)
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Clean
Arcabit Clean
SUPERAntiSpyware Clean
ZoneAlarm UDS:DangerousObject.Multi.Generic
Microsoft Trojan:Win32/Sabsik.FL.B!ml
Cynet Malicious (score: 100)
AhnLab-V3 Clean
Acronis Clean
VBA32 Clean
ALYac Gen:Variant.Bulz.777395
TACHYON Clean
Malwarebytes Trojan.MCrypt.MSIL.Generic
Panda Clean
Zoner Clean
TrendMicro-HouseCall Clean
Tencent Clean
Yandex Clean
Ikarus Trojan.MSIL.Krypt
MaxSecure Trojan.Malware.300983.susgen
Fortinet Clean
Webroot Clean
Cybereason Clean
Avast Clean
No IRMA results available.