popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2021-10-25 08:15:09

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x0002cef4 0x0002d000 7.71329161626
.rsrc 0x00030000 0x000a2e52 0x000a3000 3.38389944664
.reloc 0x000d4000 0x0000000c 0x00000200 0.101910425663

Resources

Name Offset Size Language Sub-language File type
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000d1e08 0x00000468 LANG_SLOVENIAN SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_DIALOG 0x000d2270 0x00000076 LANG_SLOVENIAN SUBLANG_NEUTRAL data
RT_STRING 0x000d22e8 0x00000178 LANG_SLOVENIAN SUBLANG_NEUTRAL data
RT_GROUP_ICON 0x000d27f4 0x00000148 LANG_SLOVENIAN SUBLANG_NEUTRAL data
RT_GROUP_ICON 0x000d27f4 0x00000148 LANG_SLOVENIAN SUBLANG_NEUTRAL data
RT_GROUP_ICON 0x000d27f4 0x00000148 LANG_SLOVENIAN SUBLANG_NEUTRAL data
RT_GROUP_ICON 0x000d27f4 0x00000148 LANG_SLOVENIAN SUBLANG_NEUTRAL data
RT_VERSION 0x000d293c 0x0000032c LANG_SLOVENIAN SUBLANG_NEUTRAL data
RT_MANIFEST 0x000d2c68 0x000001ea LANG_SLOVENIAN SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
Ivan Medvedev
ZYfee}
3<!}a
YYffX
i7{ #so
0ffY H
YZYXYe
pv8eaX}
5jfff a
8a c$R
fYeYX @
aZaYe
XXeZaf wY
E t`~UYXY}
OaXXXff
Yeaea
ZfeaYeY}
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
"+#52'{
5\.!K
nuD$c;JT%
*]jh/!
a</?la
mL,O0y,
vHyY:(
Ez;]uZot
vZS#)j
-!{Tg=
Se.;03b
Hg{eWSi
G-<NG=J
@`38#X
IqZDgmD
%TGaW_fq4
hN,L[d0
}MHKG8
r^H9H(
dmnoni
Zf(KGZ]
O%-i^{
0/\bi
{+$ogH
_XX~L`
Y.T/5h
J1ax#UI
efU$8z:\]
xYW(X:
*o?!VQ
H}LqT!
+EP68L
+gj_w
(,Sj|Bf
QAnoc
Y6KH;4#
1,ICoU
5|o0X^*L
XsFUz+
5|o0X^*L
XsFUz+
5|o0X^*L
XsFUz+
5|o0X^*L
XsFUz+
5|o0X^*L
XsFUz+
5|o0X^*L
XsFUz+
@%vndpC
5|o0X^*L
XsFUz+
5|o0X^*L
XsFUz+
5|o0X^*L
XsFUz+
5|o0X^*L
*.rN*Q
XsFUz+
5|o0X^*L
$_bhUz
0Ii@AM
2=_ub4
Dio.:AG#
$9]~?{R
Dio.:AG#
Y.T/5h
=5i>bR
SKS8x30
T=HoXF
N&*P1ET
ZnRHsR9>
XhAhNi
Q@@i6D-
'7zPt7
%)[OT7
2@EqC=;
yuy>Z{6t
2-frS|2
4^tM*ni
tXiKc_|T
22u1'|\^GY
;fN{F"
yvqMmx
Sd(u03
R{40m:
e,Z9vk
Si'97/
38N#Q))
Wf.>Lv@
5@p,'}"c
L%}T|v
.*XC*n2D
(2vZQQ
(2vZQQ
(2vZQQ
(2vZQQ
(2vZQQ
(2vZQQ
(2vZQQ
(2vZQQ
%H^%t^
Tz6NZ#
62xl,'
P#mqitq
)\S(]>
_&FC,C
Cq1$"D
UPk/`
j7#^CIi
yxM5/3
_}*AVRn
{%?+Wn
p%hnQS
3Jq~pw
+VS)r I>
/0^,|^
68h5Y
[1*I{o
gtWod$
+VwUW@
,QhH:n
G+z;=~t
gD]b9<
]<mxLS
EXFaH
'*P~/i#
lF_7f?
%ZThSLb
LjZ cQ
MnC7X}
603".R!y
E.8#Lq%A
Y1JrFZ
U!lN:Z
t~;1nf
sKE><
{e.yP]
K6oT]8
j MyQP
sm49AQ/~
w<rh<5
IfKzk(4WL
CuN*e$
=eB@dJ2
@u%zu3
.FbOnNV
M&7(TA
vRAwR
p~W0{4
C-u/5D
AJ3Nb$
KhJ=uy
(iMzHK/+
J>-Pt
;Hd.M6
wO7F~"
5~~:x{
k^9 {~
CaPtUS
F&B/B:
,,)ob:
r8TnE2
wO7F~"
e)$[X^
aDoW{=#
e)$[X^
e)$[X^
cr:z0/
e)$[X^
e)$[X^
Oxm8i%hY
K7jR}2
[I)H$t
j"Y54W
wO7F~"
wO7F~"
Mz=ZEE-rT
*hL7(a&
]Y=>MV
(e= 2`
6,o|V/r
&E(L a_
iA'PS_a
gaxd:5
]nrh^
;hgP626=
J|7P?w%B-
%-6:8ux
=a3itW
:9ee9k
`DzI4T
v4.0.30319
#Strings
#gdfgdfg#
#dfgfg#
#fsdfsd.dll#
#fsdhcfsdf.dll#
#fshghhhgfgggghdfsdf.dll#
#fsdfgdddddfchafhghgsdf.dll#
#gdfgdfgf.dll#
#fsdgdfghhahffdsf.dll#
#gdfgdfg.dll#
#gdfgfg.dll#
#sssssssss.dll#
HotTableStreamCLR40
<IterateAll>b__0
DwReserved0
$$method0x6000022-1
$$method0x600423a-1
S_RESERVED1
IEnumerable`1
CodePageMacGB2312
ToUInt32
ToInt32
Func`2
Action`2
CheckDemand2
$$method0x600425d-3
IsLdcI4
<Initialize>b__89_4
MIPSFPU16
ToInt16
M_Item6
get_UTF8
SPM2359
<Module>
CAL_UMALQURA
ListAssemblyDefMD
GenericParamMD
STD_INPUT_HANDLE
SISO3166CTRYNAME
S_TOKENREF
GREGORIAN_XLIT_ENGLISH
get_ASCII
Ldelem_I
S_ATTR_FRAMEREL
NTE_FAIL
System.IO
COR_E_MISSINGMEMBER
ERROR_CANT_OPEN_ANONYMOUS
Stloc_S
MB_RIGHT
set_IV
KEY_NOTIFY
REG_MULTI_SZ
DiscardBufferedData
CreatePartialData
M_delta
mscorlib
RawBlob
hgdfgdfgc
System.Collections.Generic
get_IsStatic
amFpmkkkfnc
GetProcessById
lpNumberOfBytesRead
M_read
hThread
get_CurrentThread
thread
RijndaelManaged
get_IsAttached
Inherited
Get_IsNested
_emitted
Get_PositiveLocalized
Initialized
gdfgdfgd
fshdddddddddghd
GpcRidToOwnerRid
BindToField
IsField
BinderGetSetField
MustUnderstand
Get_Append
set_IsBackground
DynamicMethod
DefinePInvokeMethod
ResolveMethod
M_removeMethod
GetMethod
NetGuard
get_IsInterface
Replace
Appearance
ExclusiveReference
LoadResource
AddLinkedResource
AssemblyLinkedResource
FindResource
SizeofResource
Get_UseUserOverride
GetHashCode
TypeFromCode
SetCode
set_Mode
CryptoStreamMode
Get_DesignMode
CipherMode
get_Unicode
Xenocode.Client.Attributes.AssemblyAttributes.ProcessedByXenocode
LocalFree
RegexTree
EndInvoke
BeginInvoke
Get_ManifestResourceTable
_caseInsensitiveTable
HotTable
SymbolVariable
GetEnvironmentVariable
Enumerable
IDisposable
IsRetargetable
set_Visible
Double
get_Handle
RuntimeFieldHandle
get_MethodHandle
RuntimeMethodHandle
GetModuleHandle
get_TypeHandle
RuntimeTypeHandle
CloseHandle
GetFieldFromHandle
GetTypeFromHandle
Console
IsFixedDateRule
get_Module
DefineDynamicModule
NullModule
set_FormBorderStyle
set_WindowStyle
ProcessWindowStyle
get_Name
EnglishEraName
GetSymbolStoreFileName
Get_FrameworkName
Set_TargetFrameworkName
lpApplicationName
M_memberName
GetArgumentName
AssemblyName
GetDirectoryName
BadScheme
lpCommandLine
WriteLine
Unescape
CheckCorLibType
get_FieldType
CreateUserResourceType
DefineType
CreateType
ValueType
get_DeclaringType
flAllocationType
get_ReturnType
get_ParameterType
X509ContentType
M_isUncShare
LargeAddressAware
System.Core
FusionStore
ResolveSignature
SetLocalSignature
MethodBase
SafeHandleRelease
Dispose
Create
CreateDelegate
CreateSymbolReaderDelegate
MulticastDelegate
Set_SharedState
set_WindowState
FormWindowState
STAThreadAttribute
CompilerGeneratedAttribute
UnverifiableCodeAttribute
UnsafeValueTypeAttribute
BabelAttribute
SuppressIldasmAttribute
AssemblyInfoAttribute
YanoAttribute
DotNetPatcherPackerAttribute
BabelObfuscatorAttribute
CryptoObfuscator.ProtectedWithCryptoObfuscatorAttribute
DotNetPatcherObfuscatorAttribute
DotfuscatorAttribute
CompilationRelaxationsAttribute
AssemblyCopyrightAttribute
SmartAssembly.Attributes.PoweredByAttribute
RuntimeCompatibilityAttribute
FeedbackSizeValue
SetValue
Get_IsAlive
get_IsAlive
TryResolve
frgllmbfmf.exe
get_Size
PackingSize
M_minSize
dwSize
_ReRegisterForFinalize
SizeOf
fsafafwwwwwwwwaf
fshgdf
fsdfhghfafgsdf
get_TypeDef
TypedByRef
get_IsByRef
_runnerref
frgllmbfmf
Loadperf
Get_MethodDefOrRefTag
gfdfffffhhhhhhhhhfhfffg
CreateTypeSig
ValueTypeSig
ToSZArraySig
System.Threading
_inputEncoding
IsLogging
FromBase64String
OutputDebugString
Get_OriginalString
ToString
GetString
ComputeHash
AutoFlush
get_ExecutablePath
CanonicalizeAsFilePath
GetFolderPath
ObfuscatedByGoliath
get_Length
FileLikeUri
InternalOnNewUri
Net_uri_EmptyUri
M_threadSafeObj
AsyncCallback
TaskCancelCallback
EncoderReplacementFallback
callback
PerformSecurityCheck
M_spinLock
DeclaringType2_NoLock
ReadInitialValue_NoLock
Contains_NoLock
FlushFinalBlock
TransformFinalBlock
Get_Week
Get_Rank
HasFieldMarshal
CreateDelegateInternal
M_changeAcl
GetMutexWithAcl
kernel32.dll
MathSymbol
SetHashControl
HasElementTypeImpl
GetClonedImageStream
CryptoStream
MemoryStream
get_Item
System
SymmetricAlgorithm
HashAlgorithm
ICryptoTransform
Ble_Un
Div_Un
HebrewToGregorian
get_MetadataToken
hToken
lpNumberOfBytesWritten
SystemWebEntityDesign
AppDomain
get_CurrentDomain
Set_StartColumn
CodeAccessPermission
Application
get_Location
Destination
NineRays.Obfuscator.Evaluation
System.Reflection
ManagementObjectCollection
CallingConvention
SEHException
COMException
FileLoadException
RuntimeWrappedException
StackOverflowException
SecurityException
LongTimePattern
Get_LongDatePattern
System.Collections.Generic.ICollection<dnlib.DotNet.Parameter>.CopyTo
GetDynamicILInfo
KoreanEraInfo
EhTypeFieldInfo
MethodInfo
M_callbackInfo
startupInfo
MemberInfo
ParameterInfo
NumberFormatInfo
ProcessStartInfo
DirectoryInfo
UsHeap
inextp
System.Linq
ReadInlineVar
set_ShowInTaskbar
DaysUpToPersianYear
SymbolReader
MD5CryptoServiceProvider
DESCryptoServiceProvider
IFormatProvider
MethodBuilder
ModuleBuilder
TypeBuilder
ParameterBuilder
AssemblyBuilder
PropertyBuilder
SpecialFolder
CreateParamOrder
lpBuffer
ResourceManager
Debugger
ManagementObjectSearcher
Handler
IMetaDataListener
CompareOrdinalHelper
AssemblyDefUser
get_IsPointer
BitConverter
IsSetter
ToLower
Set_KeyPair
StrongNameKeyPair
GetTokenFor
GetLanguageVendor
IntroducedMethodEnumerator
ManagementObjectEnumerator
GetEnumerator
GetTextElementEnumerator
.cctor
dotNetProtector
Get_IsConstructor
get_IsConstructor
CreateDecryptor
HasParamPtr
StructureToPtr
IntPtr
System.Diagnostics
GetMethods
System.Runtime.InteropServices
System.Runtime.CompilerServices
System.Resources
InitializeResources
frgllmbfmf.resources
Guarantees
FixBranches
PostFindAssemblies
RemoveEmptyProperties
bInheritHandles
EnableVisualStyles
TimeSpanStyles
GetCachedValuesAndNames
lpThreadAttributes
MethodAttributes
TypeAttributes
MethodImplAttributes
GetCustomAttributes
lpProcessAttributes
Rfc2898DeriveBytes
m_charBytes
NumberBufferBytes
GetBytes
NumberOfRvaAndSizes
Set_PercentGroupSizes
M_stateFlags
BindingFlags
MapToSpecialFlags
dwCreationFlags
GetMethodImplementationFlags
SetImplementationFlags
GetCompatibilityFlags
GetSpecialSecurityFlags
MetadataArgs
SetDefaultFallbacks
Equals
GenericParams
System.Windows.Forms
Platforms
Contains
NumberOfSections
CreateGlobalFunctions
CallingConventions
_exceptions
UnclonedLongTimePatterns
GetExceptionDispatchInfos
ClassLayoutInfos
OtherHeaps
get_Chars
GetOptionalCustomModifiers
RuntimeHelpers
GetParameters
subDirs
DwNumberOfProcessors
NestedClass
get_IsClass
AssemblyBuilderAccess
hProcess
GetCurrentProcess
MayCorruptProcess
lpBaseAddress
lpAddress
Get_Events
CopyKeys
S_PUB32_16t
S_VFTABLE32_16t
Concat
Format
ManagementBaseObject
GetObject
object
Select
flProtect
CheckTypeNameConflict
CharSet
CreateInternetSet
Get_Target
RgiILOffset
GetFirstRawDataFileOffset
baseOffset
op_Explicit
NextNonDigit
System.Reflection.Emit
IsContentTypeDefault
SetCompatibleTextRenderingDefault
IAsyncResult
result
ToUpperInvariant
TmAscent
System.Management
Get_Fragment
lpEnvironment
OpenGenericArgument
ReadNamedArgument
Set_PrivateExponent
get_Current
CheckRemoteDebuggerPresent
IsDebuggerPresent
M_completionEvent
get_ManagedEntryPoint
ClassesRoot
GetDirectoryRoot
ParameterizedThreadStart
M_daylightTransitionStart
_textstart
Insert
Convert
IMetaDataImport
FailFast
GetMethodImplRidList
M_host
SuspendLayout
ResumeLayout
MoveNext
System.Text
S_threadStaticContext
context
get_Prev
ReadExportedTypeRow
RawFieldPtrRow
ReadAssemblyRow
InternalFindNLSStringEx
RegEnumKeyEx
IsValidIndex
M_endIndex
AllocateStringForNameIndex
LastFatalErrIndex
M_timeOfDay
Wednesday
Get_DynamicMethodArray
EmptyByteArray
InitializeArray
ToArray
get_IsArray
set_Key
ASPBrowserCapsPublicKey
SilverlightPublicKey
System.Security.Cryptography
DefineDynamicAssembly
IsFamilyAndAssembly
GetExecutingAssembly
GetDefinitionAssembly
Endfinally
CompletedSynchronously
InternalRunSynchronously
BlockCopy
InternalCopy
CreateDirectory
lpCurrentDirectory
Set_Capacity
op_Equality
op_Inequality
MustHaveAuthority
System.Security
SuppressUnmanagedCodeSecurity
StartEntity
IsNullOrEmpty
198 Protector V2
System.Security.Permissions.SecurityPermissionAttribute, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
SkipVerification
WrapNonExceptionThrows
_CorExeMain
mscoree.dll
fffffff`
ffffffff`
ffffffff`
ffffffffffffh
ffffffffo
ffffffffo
fffffffffffo
ffffffffo
fffffo
ffffffffo
fffffo
fffffo
ffffffo
fffffo
fffffo
fffffo
fffffo
ffffffffo
ffffffffffffh
ffffffff`
ffffffff`
ffffffff`
fffffff`
ffffffh
:IDATx
:|p5ARy
ffffff
ffffff
ffffff
ffffff
ffffff
ffffff
fffoww
}IDATx
+=BDD<|
ffffff
ffffff
ffffff
ffffff
ffffff
ffffff
'''''''''''''''''''''''
'''''''''''''''''''''''
'''''''''''''''''''''''
'''''''''''''''''''''''
'''''''''''''''''''''''
&&&+.131.+%&
&&.33.&$$%%%&%&%%%%
&%%%&%%%%%%%%%%%%%%%
3+&%%%%%%%%%%%%%%%%%%%%
&$&$&%%%%%%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%
&&&&&&&&"
&&&&&&&&"
((((((((((((((((((
((((((((((((((((((
((((((((((((((((((
((((((((((((((((((
3''%'%+'%'%
-'%'%'%(&%'%'%(&
/'%%'%(&&&&&%'(&&&
%%'(&&&&&&&&&%&&&&
'(&&&&&&&&&&&&&&&&
''''''
'''-''
'''''''''''''''''
'''''''''''''''''
'''''''''''''''''
'''''''''''''''''
0&$&+,,*$$
,&&**&$&$&$&$&$
.*&$$&$$'%%$&$'%&
&$$&$'%%%%%%%%%%$
$&%%%%%%%%%%%%%%&
"&&&&"
"&&&&"
%%%%%%%%%%%%%%
%%%%%%%%%%%%%%
%%%%%%%%%%%%%%
($"((($"
*$"""#"#$"$"#
""%$"####"#"##
$"############
"#$"##########
%%%%%%%%%%
%%%%%%%%%%
(#!""""!""
#!#"""""""
""""""""""
##########
##########
+%&'##%(&%
##########
##########
!!!!!!
!#!!!!
1IDATx
y5??|u
oe2XZK
OHRIu?
P@O=Vp
+Ix5;w
RHH)t4f
ffffff
ffffff
ffffff
ffffff
ffffff
ffffff
########
########
''''''
'''*''
$$$$
$$$$
3IDATx
,@DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDU
-565u]
Ry]na/
[1drYS
>;;mJ9
/_>9Y
DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
frgllmbfmf
GetEnvironmentVariable
_ENABLE_PROFILING
_PROFILER
Area =
{0:F2}
87654321
managed
KdyTdmjgrYZHZfkhwmkemnzhN3+zbydcATPPrRSJo/CdCDpVeWZQBJfklFWU4BkeBgzn/FIFjid8qi57gEMi27zGQqthuZ789VFcegvWMaVcyFjMQr+KfHC5vbwCRT0j
frgllmbfmf
native
update
jPA3yn/5nEdQt43kg0V08wRDMh5cMfGtzfzi5I8x3DlrCO6fE+px3i8FzBAtHW1/1W7Psc59zMbFHfUcPbCtJD8Tn7t0vq1ncmAo8p/KUVvIYFgcyJvnXyagcgitDdpRCD3Z7Cd84s0HdFwbYLZYPw==
update\update.exe'" /f
XO/+bgNpsPbxSQ8kpYMxyA==
update\update.exe"
Select * from Win32_ComputerSystem
Manufacturer
microsoft corporation
bbbbbbbbbbbbbk
mmmmmmmmmmmmmmmmmmmm
bbbbbbbbbbb
cmd.exe
2I8D0sZghsk4vghFrCdQn3X2aUKJnvW6MVqAG6Am3snUBPvwmjGR8YYO7w5wNSDj
2I8D0sZghsk4vghFrCdQnygtVSFDoMFiEN4HkZ8MTSREMnUWfG8/KGBw7Uge4EKs
DynamicDllInvokeType
4AdXaCaymzl94fdNPtJsgg==
Gr7KoZqL6IduNwNbnF/CQfjrK5Btgdps9BRV0HuTpfc=
mwBVoriPI2Hi2/rNrIoi9jNWhMb+ezvn1bwcsvPgOpWkac3KuOn2KiLWjAJgWuVv
ZuoPui0i0e+Ehs0XgjBJlktblx44+LnnR32EbR3gaHcOAzYvFz7pFYfVWpFj9IVa
tFBveMahAgculGy822u7PUzpOu8FOn6w2pnDkOEeda2ekuUwHXqq7FFXUTP8LcZc
icOSOd3wVFz4SqPbNngZm7muqOkDtVcsCcGMnNtJQg8=
7A40gAubgZoooMi/sFXMJvhs5KazBJ/tDwSUt3ozhsaY9RNsHvgwk6Ra3UoX+L3d
RE2zY/XqQmqJXn09tbsmvvYqYxEi8H3cugW8Wu7v7v8LtRE+5KPF0jVo/n8lrK/M
5yw25PKlAXE0z9VGJLWoJYCcAa3kKSmGzIfz4ijPrNqvBK5zZM7QJvQPX1YfrqsR
WnVCMiJKbbUAaz+D0HPHTFMx/pdQSTUUevDOD4aRf5k=
K78FLABL/mF5GHRRyvxgUxqDBphV2KuPKcAGoxNJDb0=
uDKXprvGf1fNZnG2sCKONEFnWanpcQpYPGCw/cb8+KSzW8RnqI/tIOLgBOKRwSnr
PuTTYConfigBox
PuTTY Configuration
MS Shell Dlg
Select destination folder
Extracting %s
Skipping %s
Unexpected end of archiveThe file "%s" header is corrupt
%The archive comment header is corrupt
The archive comment is corrupt
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
LimeBinder
FileVersion
1.0.0.0
InternalName
LimeBinder.exe
LegalCopyright
Copyright
2020
LegalTrademarks
OriginalFilename
LimeBinder.exe
ProductName
LimeBinder
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0
Antivirus Signature
Bkav Clean
Lionic Trojan.MSIL.Stealer.i!c
Elastic malicious (high confidence)
Cynet Malicious (score: 100)
CMC Clean
CAT-QuickHeal Clean
McAfee RDN/Generic.dx
Cylance Unsafe
VIPRE Clean
Sangfor Suspicious.Win32.Save.a
K7AntiVirus Trojan ( 005813311 )
BitDefender Trojan.GenericKD.37864857
K7GW Trojan ( 005813311 )
CrowdStrike win/malicious_confidence_90% (W)
Baidu Clean
Cyren W32/MSIL_Kryptik.FXQ.gen!Eldorado
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of MSIL/Kryptik.ACNA
APEX Malicious
Avast Win32:RATX-gen [Trj]
ClamAV Clean
Kaspersky HEUR:Trojan-PSW.MSIL.Stealer.gen
Alibaba Trojan:Win32/starter.ali1000139
NANO-Antivirus Clean
SUPERAntiSpyware Clean
MicroWorld-eScan Trojan.GenericKD.37864857
Tencent Clean
Ad-Aware Trojan.GenericKD.37864857
Sophos Mal/Generic-S + Troj/Steal-CCM
Comodo Clean
F-Secure Trojan.TR/Kryptik.pidbf
DrWeb Trojan.Siggen15.32239
Zillya Clean
TrendMicro Clean
McAfee-GW-Edition BehavesLike.Win32.Generic.ct
FireEye Generic.mg.8078dc94b90c42ba
Emsisoft Trojan.GenericKD.37864857 (B)
SentinelOne Static AI - Malicious PE
Jiangmin Clean
Webroot Clean
Avira Clean
MAX malware (ai score=82)
Antiy-AVL Clean
Kingsoft Clean
Microsoft Trojan:Win32/Woreflint.A!cl
Gridinsoft Clean
Arcabit Clean
ViRobot Clean
ZoneAlarm HEUR:Trojan-PSW.MSIL.Stealer.gen
GData Trojan.GenericKD.37864857
AhnLab-V3 Trojan/Win.Generic.C4726575
Acronis Clean
VBA32 Clean
ALYac Trojan.GenericKD.37864857
TACHYON Clean
Malwarebytes MachineLearning/Anomalous.97%
Zoner Clean
TrendMicro-HouseCall TROJ_GEN.F0D1C00JP21
Rising Clean
Yandex Clean
Ikarus Trojan.MSIL.Crypt
MaxSecure Trojan.Malware.300983.susgen
Fortinet PossibleThreat.ZDS
BitDefenderTheta Gen:NN.ZemsilF.34236.0m0@aGm2iOhG
AVG Win32:RATX-gen [Trj]
Cybereason malicious.7df118
Paloalto generic.ml
No IRMA results available.