popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2094-07-28 06:26:10

PDB Path

C:\Users\VICTOR\Downloads\Cryptedfiles\JDSKJDSKJSDLKDSSLDKJSD\JDSKJDSKJSDLKDSSLDKJSD\obj\Debug\JDSKJDSKJSDLKDSSLDKJSD.pdb

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x0000393c 0x00003a00 4.429907524
.rsrc 0x00006000 0x0001a220 0x0001a400 3.80362188995
.reloc 0x00022000 0x0000000c 0x00000200 0.0815394123432

Resources

Name Offset Size Language Sub-language File type
RT_ICON 0x0001f7b0 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x0001f7b0 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x0001f7b0 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x0001f7b0 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x0001f7b0 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x0001f7b0 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_GROUP_ICON 0x0001fc28 0x0000005a LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_VERSION 0x0001fc94 0x0000038c LANG_NEUTRAL SUBLANG_NEUTRAL PGP symmetric key encrypted data - Plaintext or unencrypted data
RT_MANIFEST 0x00020030 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
  s&
v4.0.30319
#Strings
colorDialog1
button1
checkBox1
comboBox1
colorDialog2
checkBox2
comboBox2
checkBox3
comboBox3
checkBox4
<Module>
JDSKJDSKJSDLKDSSLDKJSD
DownloadData
FromArgb
mscorlib
get_Red
set_FormattingEnabled
Synchronized
defaultInstance
set_AutoScaleMode
IDisposable
RuntimeTypeHandle
GetTypeFromHandle
Console
set_Name
WriteLine
GetType
get_Culture
set_Culture
resourceCulture
ButtonBase
ApplicationSettingsBase
Dispose
EditorBrowsableState
CompilerGeneratedAttribute
GuidAttribute
GeneratedCodeAttribute
DebuggerNonUserCodeAttribute
DebuggableAttribute
EditorBrowsableAttribute
ComVisibleAttribute
AssemblyTitleAttribute
AssemblyTrademarkAttribute
TargetFrameworkAttribute
AssemblyFileVersionAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
CompilationRelaxationsAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyCompanyAttribute
RuntimeCompatibilityAttribute
JDSKJDSKJSDLKDSSLDKJSD.exe
set_Size
set_AutoSize
set_ClientSize
System.Runtime.Versioning
String
disposing
System.Drawing
ColorDialog
System.ComponentModel
ContainerControl
ListControl
Program
System
resourceMan
Boolean
set_ShowIcon
set_Location
System.Configuration
System.Globalization
System.Reflection
ControlCollection
get_ActiveCaption
Button
CultureInfo
set_ShowInTaskbar
InvokeMember
Binder
get_ResourceManager
System.CodeDom.Compiler
IContainer
set_BackColor
set_UseVisualStyleBackColor
.cctor
ashkashkaskhas
System.Diagnostics
System.Runtime.InteropServices
System.Runtime.CompilerServices
System.Resources
JDSKJDSKJSDLKDSSLDKJSD.Form1.resources
JDSKJDSKJSDLKDSSLDKJSD.Properties.Resources.resources
DebuggingModes
JDSKJDSKJSDLKDSSLDKJSD.Properties
BindingFlags
Settings
get_Controls
System.Windows.Forms
set_AutoScaleDimensions
SystemColors
components
Object
System.Net
get_Default
WebClient
InitializeComponent
SuspendLayout
ResumeLayout
PerformLayout
set_Text
set_TabIndex
CheckBox
ComboBox
set_TransparencyKey
get_Assembly
WrapNonExceptionThrows
JDSKJDSKJSDLKDSSLDKJSD
Copyright
2021
$e7927630-ebd0-4a55-a4ff-44427ae66709
1.0.0.0
.NETFramework,Version=v4.0
FrameworkDisplayName
.NET Framework 4@
3System.Resources.Tools.StronglyTypedResourceBuilder
4.0.0.0
KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator
11.0.0.0
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
C:\Users\VICTOR\Downloads\Cryptedfiles\JDSKJDSKJSDLKDSSLDKJSD\JDSKJDSKJSDLKDSSLDKJSD\obj\Debug\JDSKJDSKJSDLKDSSLDKJSD.pdb
_CorExeMain
mscoree.dll
db#@"1t=
0?h* +(
x}(b!%
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
DtrVu?
[,ck_Y
B.k;d
s%c=-xTP/
HHD@KV
RX"ZQ%is
']~%8
,LiP'/q
J|I:4=)
Q3|/Z#+
Jn".$`x
Cj[#dV
1o2||w
gRsDL2r
57?rsa
[;[m.;
jb_b~64
@UE<S<
c3j*Y
M@j#d>
yGx"3x
g-{B\3g
uld.Bh
isd8%>
}z3"yS
7"7kJ)
<Ax(={
mXyE}XRd
BBn&)t:
CPhXvY
cdFdMz
,}Hs(j
3E/DO,
w'Kz=/b
`"16HY7
>B&tZsj
zDa@Sv
p]h&"!
>^(dtI
^UO0o_@
6\DsH4
_)7{2u
3jneB_xi
eH4@S%
.lpl#Yqs
T{= f
T{= f
T{= f
T{= f
T{= f
T{= f
T{= f
T{= f
T{= f
T{= f
:p_ &h
P(,q ee
BJ`Fdk
nz$5Un&X
Washington1
Redmond1
Microsoft Corporation1.0,
%Microsoft Windows Production PCA 20110
201215212914Z
211202212914Z0p1
Washington1
Redmond1
Microsoft Corporation1
Microsoft Windows0
I0G1-0+
$Microsoft Ireland Operations Limited1
229879+4633440
Chttp://www.microsoft.com/pkiops/crl/MicWinProPCA2011_2011-10-19.crl0a
Ehttp://www.microsoft.com/pkiops/certs/MicWinProPCA2011_2011-10-19.crt0
Washington1
Redmond1
Microsoft Corporation1200
)Microsoft Root Certificate Authority 20100
111019184142Z
261019185142Z0
Washington1
Redmond1
Microsoft Corporation1.0,
%Microsoft Windows Production PCA 20110
i%(\6
Ehttp://crl.microsoft.com/pki/crl/products/MicRooCerAut_2010-06-23.crl0Z
>http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt0
Washington1
Redmond1
Microsoft Corporation1.0,
%Microsoft Windows Production PCA 2011
,u1qEorzUH3qGrrPZjgl6H99WweaBuGeX6mk5Lft0iUg=0Z
http://www.microsoft.com/windows0
s(PE"E'
20210927154412.055Z0
Washington1
Redmond1
Microsoft Corporation1)0'
Microsoft Operations Puerto Rico1&0$
Thales TSS ESN:F87A-E374-D7B91%0#
Microsoft Time-Stamp Service
Washington1
Redmond1
Microsoft Corporation1&0$
Microsoft Time-Stamp PCA 20100
210114190223Z
220411190223Z0
Washington1
Redmond1
Microsoft Corporation1)0'
Microsoft Operations Puerto Rico1&0$
Thales TSS ESN:F87A-E374-D7B91%0#
Microsoft Time-Stamp Service0
T.s"AR
Ehttp://crl.microsoft.com/pki/crl/products/MicTimStaPCA_2010-07-01.crl0Z
>http://www.microsoft.com/pki/certs/MicTimStaPCA_2010-07-01.crt0
Washington1
Redmond1
Microsoft Corporation1200
)Microsoft Root Certificate Authority 20100
100701213655Z
250701214655Z0|1
Washington1
Redmond1
Microsoft Corporation1&0$
Microsoft Time-Stamp PCA 20100
$`2X`F
Ehttp://crl.microsoft.com/pki/crl/products/MicRooCerAut_2010-06-23.crl0Z
>http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt0
1http://www.microsoft.com/PKI/docs/CPS/default.htm0@
oK0D$"<
r~akow
Washington1
Redmond1
Microsoft Corporation1)0'
Microsoft Operations Puerto Rico1&0$
Thales TSS ESN:F87A-E374-D7B91%0#
Microsoft Time-Stamp Service
Washington1
Redmond1
Microsoft Corporation1&0$
Microsoft Time-Stamp PCA 20100
20210927083735Z
20210928083735Z0w0=
Washington1
Redmond1
Microsoft Corporation1&0$
Microsoft Time-Stamp PCA 2010
Washington1
Redmond1
Microsoft Corporation1&0$
Microsoft Time-Stamp PCA 2010
Hello World!
https://saffdsfssfsdfd.000webhostapp.com/gov.exe
https://saffdsfssfsdfd.000webhostapp.com/HDDSLKJSDKJLSDLJKSDLKDSLKJDSKLDJSDLKSLDSK.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\Aspnet_compiler.exe
HDDSLKJSDKJLSDLJKSDLKDSLKJDSKLDJSDLKSLDSK.HDDSLKJSDKJLSDLJKSDLKDSLKJDSKLDJSDLKSLDSK
checkBox1
checkBox2
checkBox3
comboBox1
comboBox2
comboBox3
button1
checkBox4
JDSKJDSKJSDLKDSSLDKJSD.Properties.Resources
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
JDSKJDSKJSDLKDSSLDKJSD
FileVersion
1.0.0.0
InternalName
JDSKJDSKJSDLKDSSLDKJSD.exe
LegalCopyright
Copyright
2021
LegalTrademarks
OriginalFilename
JDSKJDSKJSDLKDSSLDKJSD.exe
ProductName
JDSKJDSKJSDLKDSSLDKJSD
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0
"Microsoft Window
Legal_Policy_Statement
Antivirus Signature
Bkav Clean
Lionic Trojan.MSIL.Androm.m!c
Elastic Clean
MicroWorld-eScan Trojan.GenericKDZ.79231
FireEye Generic.mg.77b25a72ece714ea
CAT-QuickHeal Backdoor.MSIL
McAfee GenericRXQM-IN!77B25A72ECE7
Cylance Unsafe
VIPRE Clean
Sangfor Backdoor.MSIL.Androm.gen
K7AntiVirus Trojan-Downloader ( 005894aa1 )
BitDefender Trojan.GenericKDZ.79231
K7GW Trojan-Downloader ( 005894aa1 )
Cybereason Clean
Arcabit Clean
BitDefenderTheta Clean
Cyren W32/MSIL_Troj.BQL.gen!Eldorado
Symantec MSIL.Downloader!gen7
ESET-NOD32 a variant of MSIL/TrojanDownloader.Agent.JEG
Baidu Clean
APEX Malicious
Paloalto generic.ml
ClamAV Clean
Kaspersky HEUR:Backdoor.MSIL.Androm.gen
Alibaba Backdoor:MSIL/Androm.b6d474fc
NANO-Antivirus Clean
ViRobot Trojan.Win32.Z.Agent.174344
Tencent Msil.Trojan-downloader.Agent.Ajlq
Ad-Aware Trojan.GenericKDZ.79231
Emsisoft Trojan.GenericKDZ.79231 (B)
Comodo Clean
F-Secure Clean
DrWeb Trojan.Inject4.18100
Zillya Clean
TrendMicro TROJ_GEN.R002C0WJQ21
McAfee-GW-Edition Artemis!Trojan
CMC Clean
Sophos Mal/Generic-S
Ikarus Trojan-Downloader.MSIL.Agent
Jiangmin Clean
Webroot Clean
Avira TR/Dldr.Agent.wqbhx
MAX malware (ai score=100)
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Trojan.Win32.Downloader.sa
Microsoft Trojan:Win32/Woreflint.A!cl
SUPERAntiSpyware Clean
ZoneAlarm HEUR:Backdoor.MSIL.Androm.gen
GData Trojan.GenericKDZ.79231
Cynet Malicious (score: 100)
AhnLab-V3 Trojan/Win.Generic.C4726447
Acronis Clean
VBA32 TScope.Trojan.MSIL
ALYac Trojan.GenericKDZ.79231
TACHYON Clean
Malwarebytes Trojan.Downloader
Panda Trj/GdSda.A
Zoner Clean
TrendMicro-HouseCall TROJ_GEN.R002C0WJQ21
Rising Clean
Yandex Clean
SentinelOne Static AI - Malicious PE
MaxSecure Trojan.Malware.300983.susgen
Fortinet MSIL/Agent.JEG!tr
AVG Win32:DropperX-gen [Drp]
Avast Win32:DropperX-gen [Drp]
CrowdStrike win/malicious_confidence_100% (W)
No IRMA results available.