popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2021-10-27 13:23:17

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x000586c4 0x00058800 6.28986279688
.rsrc 0x0005c000 0x00010f22 0x00011000 4.07747919812
.reloc 0x0006e000 0x0000000c 0x00000200 0.101910425663

Resources

Name Offset Size Language Sub-language File type
RT_ICON 0x0005c18c 0x00010828 LANG_NEUTRAL SUBLANG_NEUTRAL dBase III DBT, version number 0, next free block index 40
RT_STRING 0x0006c9b4 0x00000178 LANG_ENGLISH SUBLANG_ENGLISH_US data
RT_GROUP_ICON 0x0006cb2c 0x00000014 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_VERSION 0x0006cb40 0x000001f8 LANG_ENGLISH SUBLANG_ENGLISH_US data
RT_MANIFEST 0x0006cd38 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
@[@[(q
@Y@Y(q
`]@X(q
@T@Z(q
[@X(q
`V@Y(q
[YZ_bX
[YZ_bX
[XZ_bX
[YZ_bX
[XZ_bX
[XZ_bX
[XZ_bX
[XZ_bX
#J3+wK
[XZ_bX
[XZ_bX
[XZ_bX
[YZ_bX
W@[(q
[YZ_bX
[YZ_bX
[XZ_bX
[YZ_bX
#TO gi
[XZ_bX
#[Doj_
[XZ_bX
[YZ_bX
[YZ_bX
#QArfCu
[XZ_bX
[XZ_bX
[XZ_bX
[XZ_bX
[YZ_bX
[YZ_bX
[YZ_bX
[YZ_bX
#=b1,l
[YZ_bX
[YZ_bX
[XZ_bX
[XZ_bX
#oz6k
[XZ_bX
[XZ_bX
#P^N{_a
[YZ_bX
#6k+i4{
[XZ_bX
[XZ_bX
[XZ_bX
[XZ_bX
[YZ_bX
[XZ_bX
[YZ_bX
[YZ_bX
[YZ_bX
#2Z6'b
[YZ_bX
[YZ_bX
[XZ_bX
[XZ_bX
#maS_%
[YZ_bX
[YZ_bX
[YZ_bX
[XZ_bX
[XZ_bX
[XZ_bX
[YZ_bX
[YZ_bX
[YZ_bX
[YZ_bX
[XZ_bX
[XZ_bX
[YZ_bX
[YZ_bX
[XZ_bX
#/(){|
[XZ_bX
@P>LA#
#*}&|`@
[YZ`(^
[XZX(m
[YZX(m
[YZX(m
[YZX(s
[YZX(m
[YZX(m
[XZX(m
[YZX(m
fZXXaY}
fafee}
aiaYYY
Wd.aiZ
feaXff}
WBaifY
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADPx
/&nzR!)
OO~[ZY
?w]lowT
1^%AKO
djBI"_
/(&oTS
mAxP0R
qq#G0R
zRW}Kh
kD'"mkiT
=9J`tTm
$k6h#o/YXxx
Mis&N?g
|)`'M;
k+`BlDZB
S*v;*JM
WNN2i4
l/<y3n
P%k@(}
L3})!a
>0x/<_
!g 'b)s
21QW,"
z=FL)J
5Z`f)I
xXN3~PE
B9TYP(
wRS@]fF
>2-&6s
`g(HoG2
;nrXI4
vogSu%
j>\/):#
9UoatC
N.3jEa
G?f-3'
FiGMi'
Z>WJQo#
)&hRz_c
ubAwf,
$3{z_M!/
*"~X&$/
mF+'MZ_mt
#57!>a~
FCZ5Rk
q6cfIs
8lO)rq?7
$n>rJ3!H
QI2_%i
v:<w"T
y4+raZN
hq~k8<
G}h%B`
_c^"Y?=B=w
[dy2G9
$nVfyd
qv\_)F+
W[RW_l
w<Z21[
ZllS/-
H(GXu>
/HjF$)
<Bbm1E
EPU*vz
](X gGf
HliHmIu\
( 'Z]v
|&]/%NQ_rO.
dPJhVM>
ikv<!x
X)0n=>X
)1;Esrk
v)W8}ca
CLlu"]/V
'O]G+bJ
?kP~Ak
s,zvPB)+
B"B"l%e
H11FPN
ajMQ87
LMutD;
'|XCR)Z
a`otX[
hHv1qH0
};NGM-t
4j!xr&
DzV2E=
zddhMh%
6!IM>#&:[
kU[+eB
,H`lPA
7pmxmj
syQKnwI
~*Nt6D
rI" I.
256^hz
E"8:j3
s8h8@q@
r<jG3Q
R##s~<6?B
zX-(s-N\
caGX7@
3M`0Z
*?dHX7
AcL.[?
sx,[485>h
4*Ba<)|_
bN9X2S6I|
*,E%G_X\
gBz~So
7.G);@=
@?p=iK
$\B#'s
>99 *?
Mpv:"i
R2@`X`
2('em[
f'dmzI
0a[~jr
BPl{W+
#Z}ud^
z&:M)m
D&kxUS[
\`Uz`5H
<DNouL
jbep;9O
~Qvr8/
s"&0Um
4D`_|@
>qiBhH
M%'%&TA@
zC=dGj
y&'Ii:
yO0@J>
2-V:k`
s_cSwQu
>-obPi
yf=x&J
L-l]'*
kTT^!f
3|NnNP
vi5r:
wlx)W
5}wNxA
iHCACo
#Ik;HY
dhF[*tR
l_agp3
\=91X.
X=)('x
ij17lA
@od*}`
wF.)3|
F ZQs6)
9&gQAB
b#Zc|hd
[]V8pj
%N}J{N
X!QNj(
SKTtgR
)-k8E&
%Rv3Uq
w+;xl2
{>E\bw
LnAAOg
N~:R@+}
t6aS[dK
v5P/UQ-
n"+||?O+H
=v|8lL-H
cdZW9{
7FgXJU
^jt{`]\
bgB<|0l<
vo3}1t
HfPvdQ
*y.w<~
v4.0.30319
#Strings
#gdfg#
#gsdfg#
#fsdfsd.dll#
#hsd.dll#
#fsdfgdddddfchafhghgsdf.dll#
#sf.dll#
#fafg.dll#
#hdfh.dll#
#agsh.dll#
#adas.dll#
#js.dll#
MS_CLR_10
<WriteTo>b__62_0
<InitializeGenericParamConstraints>b__5_0
PrintAsI1
sigma_1
IEnumerable`1
EventHandler`1
WriteFormat1
Advapi32
ToUInt32
ToInt32
Func`2
GetElementType2
ReadFieldLayoutRow2
_empty2
$$method0x600427a-4
Mmap64
HexNumberToInt64
Ldind_I4
Stelem_I4
Conv_I4
Action`4
ToInt16
get_UTF8
<Module>
S_notUsedSinceLastGC
S_LPROC32_DPC
WAIT_ABANDONED
TIME_ZONE_ID_INVALID
CultureID
ListStandAloneSigMD
COR_E_FILENOTFOUND
TIME_ZONE_ID_STANDARD
STORAGE
LOCALE_SENGLISHDISPLAYNAME
STATE_DONE
mohSmgdgkF
LOCALE_SGROUPING
get_ASCII
Stind_I
Conv_I
FILE_TYPE_DISK
VT_BOOL
STREAM
ERROR_NO_TOKEN
STATUS_ACCOUNT_RESTRICTION
System.IO
POWERPCFP
IncompleteSlashP
SECURITY_ATTRIBUTES
USEROBJECTFLAGS
Stloc_S
MAX_RECURSION_COUNT
S_LOCALSLOT
ERROR_NOT_READY
REG_BINARY
IgnorableComma
ExtraData
SizeOfInitializedData
GetRawData
mscorlib
hgdfgdfgc
System.Collections.Generic
get_IsStatic
C_localId
GetProcessById
lpNumberOfBytesRead
hThread
get_CurrentThread
thread
RijndaelManaged
get_IsAttached
Set_IsCacheEnabled
BestFitEnabled
Unrestricted
IsValueInitialized
Uninitialized
gdfgdfghfgd
Invalid
<Addr1>k__BackingField
WriteOperand
UriKind
set_IsBackground
DynamicMethod
DefinePInvokeMethod
ResolveMethod
GetMethod
SetSetMethod
NetGuard
get_IsInterface
Replace
CreateCaInstance
LoadResource
FindResource
SizeofResource
Reduce
CacheCode
GetTypeCode
GetHashCode
SetCode
set_Mode
LegacyCompareMode
CryptoStreamMode
CipherMode
FromBase64_Decode
Xenocode.Client.Attributes.AssemblyAttributes.ProcessedByXenocode
DuplicateWaitObjectMessage
UtcOffsetOutOfRange
EndInvoke
BeginInvoke
M_Table
PointerToSymbolTable
EventTable
GetEnvironmentVariable
Enumerable
IDisposable
set_Visible
OADateMinAsDouble
get_Handle
RuntimeFieldHandle
get_MethodHandle
RuntimeMethodHandle
GetModuleHandle
get_TypeHandle
RuntimeTypeHandle
CloseHandle
GetFieldFromHandle
GetTypeFromHandle
IsExeFile
SetEndOfFile
Console
get_Module
DefineDynamicModule
set_FormBorderStyle
get_Name
GetNamespaceAndName
GetDefaultPdbFileName
GetFileName
IsCaptureName
<>3__fullName
lpApplicationName
Get_MemberName
CountName
GetDayName
M_strAssemblyName
PropertyName
m_name
Get_MinSupportedDateTime
EndLine
lpCommandLine
WriteLine
LocalMachine
HandleTimeZone
UriIdnScope
RootScope
Type_Type
ExportedType
get_FieldType
DefineType
CreateType
ValueType
IsSubsetOfType
get_DeclaringType
flAllocationType
get_ReturnType
get_ParameterType
MakeArrayType
System.Core
ResolveSignature
SetLocalSignature
MethodBase
M_methodBase
VerifyCodeBase
_ordinalIgnoreCase
Dispose
Truncate
CreateDelegate
Async_NullDelegate
IsDelegate
MulticastDelegate
ResourceHelperState
set_WindowState
FormWindowState
FAllowTrailingWhite
Get_IsDebugSatellite
STAThreadAttribute
CompilerGeneratedAttribute
UnverifiableCodeAttribute
BindableAttribute
UnsafeValueTypeAttribute
BabelAttribute
SuppressIldasmAttribute
AssemblyInfoAttribute
YanoAttribute
DotNetPatcherPackerAttribute
BabelObfuscatorAttribute
CryptoObfuscator.ProtectedWithCryptoObfuscatorAttribute
DotNetPatcherObfuscatorAttribute
DotfuscatorAttribute
CompilationRelaxationsAttribute
SmartAssembly.Attributes.PoweredByAttribute
RuntimeCompatibilityAttribute
SetValue
get_IsAlive
Relative
_ModuleResolve
mohSmgdgkF.exe
get_Size
CharSize
dwSize
SizeOf
fsafafwwwwwwwwaf
fshjkkgdf
_GetSigOfMethodDef
GetMethodDef
get_IsTypeRef
MethodDefOrRef
get_IsByRef
KoreanMonthSuff
ChineseHourSuff
AbgkhASdkif
TryGetTypeDefOrRefSig
TryGetGenericInstSig
System.Threading
UnicodeEncoding
IsLogging
Ceiling
FromBase64String
HString
GetRawCertDataString
OutputDebugString
ToString
GetString
ComputeHash
get_ExecutablePath
ObfuscatedByGoliath
get_Length
Format_StringZeroLength
GetRootLength
CreateUri
fhfghj
AsyncCallback
EncoderFallback
callback
MaxStack
Contains_NoLock
FlushFinalBlock
TransformFinalBlock
Get_LocalVarSigTok
SEP_LocalTimeMark
Add_DoWork
DeleteFieldMarshal
YieldInternal
BreakInternal
XmlDecl
InitializeAll
ContinueWhenAll
Get_IsStdCall
kernel32.dll
SharedLibPublicKeyFull
CreateNull
Control
SaveToStream
CryptoStream
MemoryStream
get_Item
System
SymmetricAlgorithm
HashAlgorithm
ICryptoTransform
LoaderMaximum
TEraToken
get_MetadataToken
hToken
lpNumberOfBytesWritten
AppDomain
get_CurrentDomain
InformationalVersion
M_informationalVersion
Application
get_Location
GetGeneration
NineRays.Obfuscator.Evaluation
MaxFraction
System.Reflection
ManagementObjectCollection
RanToCompletion
CallingConvention
RuntimeWrappedException
RightPortion
FullDateTimePattern
NumberNegativePattern
GetDynamicILInfo
ThaiBuddhistEraInfo
FieldInfo
MethodInfo
SerializationInfo
startupInfo
MemberInfo
ParameterInfo
UriSchemeMailto
PrepareDataForSetup
System.Linq
set_ShowInTaskbar
FormatBadDateTimeCalendar
MD5CryptoServiceProvider
DESCryptoServiceProvider
_FieldBuilder
MethodBuilder
ModuleBuilder
TypeBuilder
AssemblyBuilder
SpecialFolder
GetMonthDayOrder
lpBuffer
GetBuffer
ResourceManager
Debugger
ManagementObjectSearcher
S_adUnloadEventHandler
GetDefaultScheduler
ThreadHelper
ContractHelper
AssemblyNameComparer
MarshalBlobWriter
UnsafeCastToStackPointer
get_IsPointer
BitConverter
ToLower
GetTokenFor
SymbolReaderCreator
InvariantTimeSeparator
ParagraphSeparator
ManagementObjectEnumerator
GetEnumerator
.cctor
dotNetProtector
get_IsConstructor
CreateDecryptor
FieldPtr
IntPtr
InternalOptionsForReplicas
System.Diagnostics
GetMethods
System.Runtime.InteropServices
System.Runtime.CompilerServices
System.Resources
_ReadResources
mohSmgdgkF.resources
bInheritHandles
EnableVisualStyles
InternalEqualTypes
EmptyTypes
lpThreadAttributes
MethodAttributes
TypeAttributes
MethodImplAttributes
GetCustomAttributes
lpProcessAttributes
GetBytes
S_legalBlockSizes
BindingFlags
MapToSpecialFlags
dwCreationFlags
GetMethodImplementationFlags
SetImplementationFlags
CreateThis
ThreadPoolWorkQueueThreadLocals
Equals
LoggingLevels
System.Windows.Forms
SystemWindowsForms
M_platforms
TooManyParens
Contains
Get_PESections
HasImperativeRestrictions
ReadInstructions
CallingConventions
CompareOptions
get_Chars
GetOptionalCustomModifiers
GetCustomModifiers
GetParameters
MaxHours
Get_IsClass
get_IsClass
GetTypeAccess
NoAccess
AssemblyBuilderAccess
hProcess
GetCurrentProcess
lpBaseAddress
lpAddress
IPForWatsonBuckets
PercentDecimalDigits
MaxFractionDigits
WrapNonExceptionThrows
EqualStringArrays
Always
ReadUInt32At
Concat
Format
CreateCaObject
ManagementBaseObject
GetStockObject
GetObject
object
Select
flProtect
LPStruct
DelegateConstruct
NotECMASpaceSet
Get_PermissionSet
CharSet
AutoReset
GetUtcOffset
_rightToLeft
ScaleShift
Copyright
op_Explicit
System.Reflection.Emit
SetCompatibleTextRenderingDefault
IAsyncResult
result
SysUInt
ToUpperInvariant
IsCovariant
System.Management
lpEnvironment
Document
AllowExponent
get_Current
CheckRemoteDebuggerPresent
IsDebuggerPresent
Content
M_iOpenScopeCount
M_syncRoot
Set_Start
ParameterizedThreadStart
TrimStart
Convert
IsUnmanagedExport
FailFast
GetExportedTypeRidList
c_timeZonesRegistryHivePermissionList
M_resWriterList
MatchTimeout
FieldLayout
SuspendLayout
ResumeLayout
DeleteClassLayout
RegexInput
MoveNext
System.Text
M_synchronizationContext
context
ReadTypeSpecRow
RawImplMapRow
Friday
Sunday
Saturday
ToArray
get_IsArray
set_Key
StrongNamePublicKey
TryGetTimeZoneByRegistryKey
System.Security.Cryptography
DefineDynamicAssembly
CallingAssembly
GetExecutingAssembly
BlockCopy
UnicodeCategory
CleanDirectory
lpCurrentDirectory
op_Equality
ForceIntegrity
System.Security
SuppressUnmanagedCodeSecurity
IsNullOrEmpty
198 Protector V2
System.Security.Permissions.SecurityPermissionAttribute, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
SkipVerification
WrapNonExceptionThrows
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
mohSmgdgkF
GetEnvironmentVariable
_ENABLE_PROFILING
_PROFILER
-1704632984
1704710875
1443269881
1443239602
-508541936
508502450
2066454016
2066449235
1451429548
1451447756
405358592
405353882
1587731744
1587722625
1621737029
1621659556
703910539
703880794
-496681394
496684025
-905380185
905414816
-746958525
746921219
-1290095953
1290128916
1092515883
1092557867
1199519630
1199522109
-1205878618
1205870467
-1026290240
1026220397
2081124378
2081046745
-556157026
556261633
1675202643
1675187622
-1984230005
1984279207
-1528876753
1528901638
762242857
762237691
930902804
930875673
-151321951
151319484
1883210515
1883159135
-2106659354
2106715354
669106530
669064585
-662320942
662377125
631946509
631944382
1244127043
1244038455
-747222855
747207411
-148851654
148876174
-1564337594
1564244041
922218322
922205076
-2071509763
2071463559
-1934835118
1934688413
654217758
654279884
2072168817
2072174906
-1200817002
1200860297
2071274419
2071229246
-798679710
798650340
-1341654895
1341825000
-1949370763
1949527717
-295682953
295679682
627446643
627488921
-1903962077
1904042697
991758986
991778689
920422879
920406460
818702812
818729393
-1557709938
1557842611
-1391819476
1391762030
611906682
611965360
955148795
955160633
-480205436
480227999
-1940091424
1939998671
1976301497
1976281765
583914579
583864500
-354668105
354663389
-691552229
691586069
1927631472
1927659486
-152520209
152461634
-781770293
781833071
-75115243
74981390
153923811
153980409
-1910507533
1910512441
2104423498
2104464677
1079903817
1079996958
-262349588
262386525
-1433922769
1433787540
-1453442619
1453414239
-1144676456
1144763191
-1388273922
1388247055
2120307658
2120287308
-381401803
381265331
1599766817
1599851321
348424684
348512579
-1766084448
1766067790
-1376834963
1376833358
1481489932
1481416202
1377136532
1377052056
-862508784
862480582
445186500
445233729
441521683
441477521
844037610
844080289
-1847111858
1847191108
-1346481388
1346373290
-592012216
592029752
2016152329
2016178776
-350928902
350889893
-199461833
199403438
-751155651
751279420
1919904310
1919934561
1705706311
1705710645
959613515
959628892
568121949
568073744
-132558811
132636819
1868816952
1868793084
-882002160
882084756
-451613912
451667770
-858539941
858605428
112293998
112294547
1739794826
1739797327
-1112445998
1112438785
1266586097
1266594976
495976579
496047777
-2004519196
2004390401
-177122943
177187225
-598094318
598158025
1512738372
1512827301
329534996
329578698
-436594374
436495811
1543874485
1543851791
-712863893
712988422
-32773870
32796973
1822548380
1822553704
2075839520
2075852336
-844731696
844638997
176460006
176451116
-1014595056
1014621060
1053512695
1053491877
-197105985
197062604
1633345328
1633388523
526984964
527019218
1330517355
1330521883
955520382
955563802
-1515245037
1515323293
-913131068
913077485
863191407
863207079
-1113365674
1113367198
-1645635471
1645643336
2114809246
2114825705
-354550899
354551345
1723915303
1723911862
268724289
268740405
-2027388451
2027402609
248550357
248549274
-1649783143
1649723701
155544337
155460484
330662958
330666003
968006165
968086659
634878925
634799117
519368558
519313736
1241369284
1241339734
840059624
840113653
-500678211
500610696
77329094
77327806
-1730051844
1730079739
-1985430862
1985362884
-1663345251
1663353220
-967471072
967489185
209637309
209669352
-582333549
582340482
-877652974
877628587
-2071096455
2071085934
-1280561820
1280398497
-328922924
328986646
-209818162
209811958
-1802856398
1802825731
1637282887
1637237475
-1584601091
1584596792
-760625709
760650285
2007658927
2007636524
846212796
846240976
606602703
606617953
569525184
569555906
826975604
827051456
963671537
963678241
-1365517985
1365587881
-1523101045
1523137796
-2128038073
2128059098
1475124912
1475091874
1781351741
1781271433
-1817775336
1817749621
-991415039
991378489
-1895603982
1895680718
1058254948
1058228926
-810217230
810200732
680691715
680689958
-54851093
54836907
-1343391341
1343420014
-91554850
91598362
-1391761615
1391806598
-980904082
980907571
1898647345
1898609962
-103461808
103506227
769211928
769260671
584909512
584870658
2028978856
2028926570
-1115538735
1115471178
-120852030
120895252
2041045185
2040969282
-897234173
897245853
875695161
875729261
1528979784
1528981466
1029393315
1029418606
412586429
412589066
583497972
583490158
71421423
71404468
-1327043557
1326996950
1956081369
1956048129
377491327
377584612
-1123156034
1123167719
1529626012
1529616340
419971093
419982947
891022782
890953074
-1908103016
1908080535
382027758
382046511
792118184
792093617
794730285
794725624
646991052
646992196
-1344791113
1344656416
1152171868
1152184609
485823606
485849954
-795565016
795420543
742847814
742813697
-327701254
327700565
-212743599
212803644
1588996099
1589062294
-650949746
650950975
-1203189186
1203133722
-1493622033
1493597393
-639890145
639813738
-685773622
685876279
-952965864
952916974
-623861994
623853417
-681364489
681420290
1004749593
1004670504
1812041490
1811977261
305455826
305523727
-1058485183
1058479792
818904040
818892964
1964615213
1964591525
-737083979
737033611
-1135437852
1135348450
-1299553660
1299547372
1127465310
1127409459
-427954642
428067243
-570853948
570818980
-17291537
17226792
-1112025953
1112020886
1523829257
1523753985
1057942322
1057904024
1175837371
1175810592
829771322
829791298
442467779
442422927
-36363277
36213177
1822243683
1822187650
-1706721830
1706758351
2112392909
2112407555
-673930679
673944037
-1199688519
1199693504
1754213411
1754210140
581687826
581690154
-662763563
662806457
1433050625
1433111505
-1798824498
1798810319
1734901784
1734976274
1861939343
1861940973
-76908388
76846674
670352258
670410996
-1341296779
1341297492
-39603766
39585921
-168903729
168824911
112341761
112373924
590911371
590990948
-243492005
243523876
-356560513
356646096
-1802744168
1802639449
-897338675
897336392
-1056379519
1056376231
1407687887
1407621664
-382313811
382284530
803815304
803856187
-1309806680
1309825900
2071548838
2071559705
-1679010154
1678837027
553658612
553697455
1985476221
1985424519
-468434625
468420045
1454005486
1454005695
-2075107778
2075083275
2069905526
2069957521
1843409152
1843490888
1277478454
1277451507
-1175321714
1175249798
-114136444
114080203
1922603290
1922597266
-1634871323
1634972509
-949080632
949008998
-1897453593
1897508455
138076027
138046536
-1634151856
1634143333
-1849412400
1849422130
-389092042
389146607
454103270
454147978
-863663913
863678697
299471367
299465894
-1203574827
1203708093
-1070200244
1070195779
-1127519587
1127588727
-666211022
666147731
1596349404
1596333674
1797678768
1797682587
-1629814290
1629798254
-755215570
755180614
1712401834
1712353745
-699731734
699669976
1822296024
1822338675
-240494826
240594214
469853551
469848118
1713431795
1713422821
1468305674
1468301172
-2045510705
2045664336
1053791522
1053720893
-1466711946
1466803070
346301283
346313560
370850105
370903006
-1917129220
1917162774
-325027505
325043502
1522160918
1522236103
865646809
865657605
2013546729
2013558533
-360893839
360889961
351443976
351522982
-2110579812
2110549669
1703959983
1703948086
-1750095622
1750123324
-1263010549
1263086616
-1691722674
1691826224
2108833166
2108855015
-267787977
267864521
-1549050560
1549072678
-375102366
375088534
-1362304402
1362332950
-1844991436
1845003677
-1349327770
1349299366
537309478
537289593
-355897336
355763651
-755543014
755527193
-1816277875
1816317972
-2061912218
2061954931
-1266542433
1266456690
246809302
246853080
-1101265990
1101156535
118274464
118250151
-1128405663
1128522719
618274159
618290736
1901635940
1901718031
-1879222736
1879258278
-2040993550
2040935789
-210648623
210645182
948796586
948729865
-450909793
451037002
-1385813016
1385823887
1421008949
1421006147
-992938651
992914944
-880564716
880651010
120889836
120950132
1878453592
1878520517
1308457644
1308434270
-600808270
600696874
-106937162
106822837
-2131120220
2131138977
804585549
804613104
879984599
879916525
-33573224
33562795
-1671834717
1671906832
126203578
126216143
148312910
148251425
787093720
787132193
-1186673972
1186582587
987827872
987876455
-84994474
85040181
1868381650
1868319892
879715807
879707350
1606053687
1606105654
-109830666
109752666
1337995192
1338022418
-640922988
640788734
638699400
638661450
281263422
281264419
-329233749
329071307
-475584501
475632086
465395615
465384704
1112087098
1112030046
-613739752
613682265
-777809984
777867933
2086869280
2086864413
-1632457915
1632418529
-1649817212
1649885774
1278510599
1278489281
-1075788258
1075657564
-1262380570
1262437837
-1886333888
1886323427
432807354
432891400
-523593054
523536191
721826531
721835065
2065371229
2065328207
-1725650014
1725602830
-224235870
224221464
1570907867
1570977247
-900287847
900213047
Area =
{0:F2}
-1357886506
1357902299
-1144824351
1144844069
managed
native
mohSmgdgkF
Select * from Win32_ComputerSystem
Manufacturer
microsoft corporation
bbbbbbbbbbbbbk
mmmmmmmmmmmmmmmmmmmm
bbbbbbbbbbb
87654321
-1313675803
1313728923
177086256
177146973
-781373093
781420276
1972739491
1972756250
-355653721
355656807
1536237385
1536278910
tSBg8Of83Nc8vLF/p5Tw8dRMRz2VgHL5
tSBg8Of83NfIwNB8zDNfhTRmQJXaTnym
DynamicDllInvokeType
-161620531
161702200
1059857884
1059891058
d2Sr3d5oE6s=
1851134327
1851228157
-1252648828
1252549825
797060820
797091728
-496234484
496084942
-1522778036
1522769707
1954338670
1954342991
-159571745
159645504
-1473149670
1473136080
-2027081172
2027082891
-1707144288
1707152489
1538214965
1538223331
772067439
772127192
-544532943
544599627
1252687152
1252711961
-981325636
981223930
-908755029
908824698
453233134
453236033
3601288
3555783
577230987
577146930
-1246326099
1246288340
1088507533
1088497625
kkrHdT2N6r3kEvHo0CqwMw==
GirRs0n1+ymrrTjYmbSv2+88Uj6xRm8t
EKww8XWrLUoAUHznzIQrVAavx7Z4u2x8
O3G87G9GYYCH5/sFEri5l1RSsuJr6l0a
I2mTPRbtZ8F58Z0ZQ4Kmvg==
i619qcyCD+dxnm/yQ1Y/yO0gASKOtywx
2iWQ0WEc0mkHnYqb8msWCE650d/moioi
6hqGh0qN46fp5BwmgBXb0IpB0FVq8Gwr
Vvmhq26Q/8j2FHL5krhlIg==
ub7ieBi+1CABqIrxaNjWcQ==
ChHR18UVQCcXbY2CJgLJKKm7B6BA+RLf
MAINICON
Select destination folder
Extracting %s
Skipping %s
Unexpected end of archiveThe file "%s" header is corrupt
%The archive comment header is corrupt
The archive comment is corrupt
VS_VERSION_INFO
StringFileInfo
040904b0
CompanyName
FileVersion
0, 0, 1, 9
FileDescription
LegalCopyright
ProductName
ProductVersion
0, 0, 1, 9
VarFileInfo
Translation
Antivirus Signature
Bkav Clean
Lionic Trojan.MSIL.Stealer.l!c
Elastic malicious (high confidence)
MicroWorld-eScan Clean
CMC Clean
CAT-QuickHeal Clean
ALYac Clean
Cylance Unsafe
VIPRE Clean
Sangfor Suspicious.Win32.Save.a
K7AntiVirus Clean
BitDefender Clean
K7GW Clean
Cybereason malicious.89afa9
Baidu Clean
Cyren Clean
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of MSIL/Injector.VRI
APEX Malicious
Paloalto Clean
ClamAV Clean
Kaspersky UDS:DangerousObject.Multi.Generic
Alibaba Clean
NANO-Antivirus Clean
ViRobot Clean
Rising Clean
Ad-Aware Clean
TACHYON Clean
Sophos ML/PE-A
Comodo Clean
F-Secure Clean
DrWeb Clean
Zillya Clean
TrendMicro Clean
McAfee-GW-Edition BehavesLike.Win32.Generic.gh
FireEye Generic.mg.e574ad4af9b6fc03
Emsisoft Clean
Ikarus Trojan.MSIL.Injector
GData Clean
Jiangmin Clean
Webroot W32.Trojan.Gen
Avira Clean
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Clean
Arcabit Clean
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft Trojan:Win32/Sabsik.FL.B!ml
Cynet Clean
AhnLab-V3 Clean
Acronis Clean
McAfee Artemis!E574AD4AF9B6
MAX Clean
VBA32 Clean
Malwarebytes Clean
Panda Clean
Zoner Clean
TrendMicro-HouseCall Clean
Tencent Clean
Yandex Clean
SentinelOne Static AI - Malicious PE
eGambit Unsafe.AI_Score_99%
Fortinet Clean
BitDefenderTheta Gen:NN.ZemsilF.34236.Am0@ambsAGhi
AVG FileRepMetagen [Malware]
Avast FileRepMetagen [Malware]
CrowdStrike win/malicious_confidence_90% (W)
MaxSecure Trojan.Malware.300983.susgen
No IRMA results available.