popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2021-10-28 06:19:40

PE Imphash

d864f848e8cc402cb451882717c2c0c1

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x000024ea 0x00002600 6.09536713542
.rdata 0x00004000 0x000019e8 0x00001a00 4.3749784907
.data 0x00006000 0x00000710 0x00000200 2.02987684877
.pdata 0x00007000 0x000002f4 0x00000400 3.18877994333
.rsrc 0x00008000 0x00000540 0x00000600 3.83585256236
.reloc 0x00009000 0x00000054 0x00000200 1.18943776126

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x000080a0 0x00000320 LANG_RUSSIAN SUBLANG_RUSSIAN data
RT_MANIFEST 0x000083c0 0x0000017d LANG_ENGLISH SUBLANG_ENGLISH_US XML 1.0 document text

Imports

Library KERNEL32.dll:
0x140004000 GetModuleFileNameA
0x140004008 Sleep
0x140004010 LoadLibraryA
0x140004018 GetProcAddress
0x140004020 ExitProcess
0x140004028 FreeLibrary
0x140004030 RtlLookupFunctionEntry
0x140004038 RtlVirtualUnwind
0x140004040 UnhandledExceptionFilter
0x140004050 GetCurrentProcess
0x140004058 TerminateProcess
0x140004068 IsDebuggerPresent
0x140004070 GetStartupInfoW
0x140004078 GetModuleHandleW
0x140004080 QueryPerformanceCounter
0x140004088 GetCurrentProcessId
0x140004090 RtlCaptureContext
0x140004098 GetCurrentThreadId
0x1400040a0 GetSystemTimeAsFileTime
0x1400040a8 InitializeSListHead
Library MSVCP140.dll:
Library VCRUNTIME140_1.dll:
0x140004128 __CxxFrameHandler4
Library VCRUNTIME140.dll:
0x1400040c8 __current_exception
0x1400040d0 _CxxThrowException
0x1400040d8 __C_specific_handler
0x1400040e0 __std_exception_copy
0x1400040e8 __std_exception_destroy
0x1400040f0 memcpy
0x140004100 strstr
0x140004108 memchr
0x140004110 memset
0x140004118 memmove
Library api-ms-win-crt-string-l1-1-0.dll:
0x140004228 isalnum
Library api-ms-win-crt-runtime-l1-1-0.dll:
0x140004180 exit
0x140004190 _initterm_e
0x140004198 _exit
0x1400041a0 terminate
0x1400041a8 _initterm
0x1400041b0 _c_exit
0x1400041c0 _seh_filter_exe
0x1400041c8 _cexit
0x1400041d0 _crt_atexit
0x1400041e0 _initialize_onexit_table
0x1400041f0 _configure_narrow_argv
0x1400041f8 _set_app_type
Library api-ms-win-crt-heap-l1-1-0.dll:
0x140004138 free
0x140004140 _set_new_mode
0x140004148 _callnewh
0x140004150 malloc
Library api-ms-win-crt-math-l1-1-0.dll:
0x140004170 __setusermatherr
Library api-ms-win-crt-stdio-l1-1-0.dll:
0x140004210 _set_fmode
0x140004218 __p__commode
Library api-ms-win-crt-locale-l1-1-0.dll:
0x140004160 _configthreadlocale

Exports

Ordinal Address Name
1 0x140002080 exec
!This program cannot be run in DOS mode.
`.rdata
@.data
.pdata
@.rsrc
@.reloc
UVWATAUAVAWH
`A_A^A]A\_^]
@SUWAVAWH
A_A^_][
A_A^_][
@SUVAWH
(A_^][
UVWAVAWH
D$ R!Adf
`A_A^_^]
|$ UATAUAVAWH
A_A^A]A\]
WAVAWH
@SVATAUH
8A]A\^[
u0HcH<H
H3E H3E
bad allocation
Unknown exception
bad array new length
string too long
ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/
GUQzCkENfGAPJQhI
EVMkBVAEHyBOIgFXEg4=
Ik42AVYSJzdNLUpBGSo=
f1ZhDARMKjxCYS1lICQTZgQldDANImAJB2UCKBNGACdHIC4TY3ElbDAOMWAAUmUidxNtNiVcIAs5YA8lZRQOFmQAK2UgOBNidSVpMA5hYAU1ZS0oE1kAIH0gATVgNyVsCg4xRgMPZSJ7E0IAJl4gCxdgCxNlBg4REQAydSM1E2YUJXUGDTpgCSllAB4QSwAiZSAeA2M4JWwsDjNwAxFlJiwTaAAmHCAIOWAbNWZVDhMcfA==
HlQsDUoAPRNobwFcBA==
.text$di
.text$mn
.text$mn$00
.text$x
.text$yd
.idata$5
.00cfg
.CRT$XCA
.CRT$XCAA
.CRT$XCU
.CRT$XCZ
.CRT$XIA
.CRT$XIAA
.CRT$XIAC
.CRT$XIZ
.CRT$XPA
.CRT$XPZ
.CRT$XTA
.CRT$XTZ
.rdata
.rdata$r
.rdata$voltmd
.rdata$zzzdbg
.rtc$IAA
.rtc$IZZ
.rtc$TAA
.rtc$TZZ
.xdata
.xdata$x
.edata
.idata$2
.idata$3
.idata$4
.idata$6
.data$r
.data$rs
.pdata
.rsrc$01
.rsrc$02
LuminarAI.exe
GetModuleFileNameA
LoadLibraryA
GetProcAddress
ExitProcess
FreeLibrary
KERNEL32.dll
?_Xlength_error@std@@YAXPEBD@Z
MSVCP140.dll
__CxxFrameHandler4
__std_exception_destroy
__std_exception_copy
strstr
__C_specific_handler
_CxxThrowException
__current_exception
__current_exception_context
memset
VCRUNTIME140_1.dll
VCRUNTIME140.dll
isalnum
_invalid_parameter_noinfo_noreturn
_callnewh
malloc
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_crt_atexit
_cexit
_seh_filter_exe
_set_app_type
__setusermatherr
_get_narrow_winmain_command_line
_initterm
_initterm_e
_set_fmode
_c_exit
_register_thread_local_exe_atexit_callback
_configthreadlocale
_set_new_mode
__p__commode
terminate
api-ms-win-crt-string-l1-1-0.dll
api-ms-win-crt-runtime-l1-1-0.dll
api-ms-win-crt-heap-l1-1-0.dll
api-ms-win-crt-math-l1-1-0.dll
api-ms-win-crt-stdio-l1-1-0.dll
api-ms-win-crt-locale-l1-1-0.dll
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
memchr
memcpy
memmove
.?AVbad_alloc@std@@
.?AVexception@std@@
.?AVbad_array_new_length@std@@
.?AVtype_info@@
<?xml version='1.0' encoding='UTF-8' standalone='yes'?>
<assembly xmlns='urn:schemas-microsoft-com:asm.v1' manifestVersion='1.0'>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
<security>
<requestedPrivileges>
<requestedExecutionLevel level='asInvoker' uiAccess='false' />
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
VS_VERSION_INFO
StringFileInfo
000204b0
CompanyName
Skylum Software
FileDescription
LuminarAI_Setup
FileVersion
2.1.5.393
InternalName
LuminarAI.exe
LegalCopyright
Copyright
2017-2021 Skylum Software. All Rights Reserved.
OriginalFilename
LuminarAI.exe
ProductName
LuminarAI
ProductVersion
2.1.5.393
VarFileInfo
Translation
Antivirus Signature
Bkav Clean
Lionic Trojan.Multi.Generic.4!c
Elastic Clean
MicroWorld-eScan Trojan.GenericKD.47296435
CMC Clean
CAT-QuickHeal Clean
McAfee Artemis!7F9EA44699D6
Malwarebytes Trojan.Agent
VIPRE Clean
Sangfor Riskware.Win32.Agent.ky
K7AntiVirus Clean
BitDefender Trojan.GenericKD.47296435
K7GW Clean
CrowdStrike Clean
Baidu Clean
Cyren Clean
Symantec Trojan.Gen.2
ESET-NOD32 Win64/Agent.AWO
APEX Clean
Paloalto Clean
ClamAV Clean
Kaspersky UDS:DangerousObject.Multi.Generic
Alibaba Clean
NANO-Antivirus Clean
SUPERAntiSpyware Clean
Tencent Clean
Ad-Aware Trojan.GenericKD.47296435
Emsisoft Clean
Comodo Clean
F-Secure Clean
DrWeb Trojan.DownLoader43.54983
Zillya Clean
TrendMicro Clean
McAfee-GW-Edition Clean
FireEye Trojan.GenericKD.47296435
Sophos Clean
SentinelOne Clean
Jiangmin Clean
Webroot Clean
Avira Clean
MAX Clean
Antiy-AVL Clean
Kingsoft Clean
Microsoft Trojan:Win32/Sabsik.TE.B!ml
Gridinsoft Clean
Arcabit Clean
ViRobot Clean
ZoneAlarm Clean
GData Trojan.GenericKD.47296435
Cynet Clean
AhnLab-V3 Clean
Acronis Clean
BitDefenderTheta Clean
ALYac Clean
TACHYON Clean
VBA32 Clean
Cylance Clean
Zoner Clean
TrendMicro-HouseCall TROJ_GEN.R002H0DJV21
Rising Clean
Yandex Clean
Ikarus Trojan.Win64.Agent
eGambit Clean
Fortinet W64/Agent.AWO!tr
AVG Win64:Trojan-gen
Cybereason Clean
Avast Win64:Trojan-gen
MaxSecure Clean
No IRMA results available.