popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2065-08-30 23:28:59

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x00060e34 0x00061000 3.73113604728
.rsrc 0x00064000 0x000002a4 0x00000400 2.15960902412
.reloc 0x00066000 0x0000000c 0x00000200 0.101910425663

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x00064058 0x0000024c LANG_NEUTRAL SUBLANG_NEUTRAL data

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
v4.0.30319
#Strings
Inserter
Inserter.exe
<Module>
TokenizerGetterMap
Inserter.Maps
Object
System
mscorlib
PredicateGetterMap
<>c__DisplayClass2_0
Inserter.Managers
IteratorPredicateStructBuilder
Inserter.Structs
<>o__4
WriterPredicateStructBuilder
Mapper
<>o__5
DispatcherGetterManager
Inserter.Templates
Observer
Inserter.Common
FacadeGetterManager
MulticastDelegate
AccountPredicateStructBuilder
ProccesorMapWorker
Visitor
Importer
PrototypeMapWorker
Method
WatcherGetterManager
GlobalMapWorker
Helper
Wrapper
TemplateMapWorker
Inserter.Workers
ValueType
ModelGetterMap
ReaderMapperService
Inserter.Services
Instance
UtilsPredicateStructBuilder
GetterGetterMap
AdapterMapperService
<PrivateImplementationDetails>
__StaticArrayInitTypeSize=379644
ManageRef
String
config
EntryPointNotFoundException
PublishRef
MapRef
InsertRef
instance
Func`1
Boolean
IntPtr
Invoke
InvalidOleVariantTypeException
System.Runtime.InteropServices
_Iterator
ReadRef
UInt64
UInt32
UInt16
op_Explicit
Marshal
SizeOf
Application
System.Windows.Forms
get_ExecutablePath
op_Inequality
Thread
System.Threading
ToInt64
GetTypeFromHandle
RuntimeTypeHandle
AllocHGlobal
FreeHGlobal
tokenizer
_Predicate
.cctor
CollectRef
remove_CONTAt
m_Model
Replace
SetRef
InvokeRef
Binder
Microsoft.CSharp.RuntimeBinder
Microsoft.CSharp
Convert
CallSiteBinder
System.Runtime.CompilerServices
System.Core
CSharpBinderFlags
CallSite`1
Func`3
CallSite
Create
Target
ToCharArray
NewRef
get_Length
FromBase64CharArray
Encoding
System.Text
get_UTF8
GetString
VerifyRef
m_Writer
_Getter
CheckRef
StringBuilder
get_Chars
ToChar
Append
ToString
PatchRef
ResetRef
RuntimeHelpers
InitializeArray
RuntimeFieldHandle
Exception
CloneRef
Action
VisitRef
ValidateRef
CustomizeRef
CountRef
CSharpArgumentInfo
CSharpArgumentInfoFlags
InvokeMember
IEnumerable`1
System.Collections.Generic
Func`4
reldnaHtnevEdetelpmoCgniPnoitamrofnIkrowteNteNmetsyS5408
Func`5
Func`6
GetMember
_Utils
_Account
context
_Annotation
_Message
reader
_Adapter
_Param
m_Service
_Strategy
m_Rules
RemoveRef
LoadLibrary
kernel32.dll
InitRef
FreeLibrary
FlushRef
counter
GetProcAddress
kernel32
ForgotRef
CalcRef
GetDelegateForFunctionPointer
Delegate
EnableRef
schema
hProcess
isWow64
BeginInvoke
IAsyncResult
AsyncCallback
callback
object
EndInvoke
result
lpBaseAddress
lliateDnoitpecxEledoMecivreSmetsyS23419
lpNumberOfBytesWritten
exitCode
handle
hToken
lpApplicationName
lpCommandLine
lpProcessAttributes
lpThreadAttributes
bInheritHandles
dwCreationFlags
lpEnvironment
lpCurrentDirectory
lpStartupInfo
lpProcesretpadArotaremunEnoitcelloCylnOdaeRdezinorhcnyScireneGsnoitcelloCmetsyS1794
hNewToken
hThread
pContext
connection
ProcessHandle
BaseAddress
ZeroBits
RegionSize
AllocationType
Protect
nCmdShow
m_Database
m_Setter
customer
m_Order
consumer
m_Info
bridge
_Class
_Object
m_Authentication
m_Token
_Status
m_Mapping
m_Parameter
m_Parser
_Struct
_Publisher
_Template
_Proccesor
prototype
_Global
broadcaster
identifier
policy
expression
listener
request
composer
thread
interceptor
attribute
_Comparator
m_Exporter
record
GetRef
IncludeRef
10035BA07759E4A9FE565FDC917325F46D342E66
CompilationRelaxationsAttribute
RuntimeCompatibilityAttribute
DebuggableAttribute
System.Diagnostics
DebuggingModes
TargetFrameworkAttribute
System.Runtime.Versioning
UnverifiableCodeAttribute
System.Security
ParamArrayAttribute
DynamicAttribute
ReliabilityContractAttribute
System.Runtime.ConstrainedExecution
Consistency
CompilerGeneratedAttribute
System.Security.Permissions.SecurityPermissionAttribute, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
SkipVerification
WrapNonExceptionThrows
.NETFramework,Version=v4.0
FrameworkDisplayName
.NET Framework 4
_CorExeMain
mscoree.dll
JalpsiDcdnammoClqStneilClqSataDmetsyS15628HUGLAoAJSkvEjA3PQI/Iw==
JalpsiDcdnammoClqStneilClqSataDmetsyS15628ykCPgoqBC84LwEx
FalpsiDcdnammoClqStneilClqSataDmetsyS15628HQaOTE1ITY3IDM0PncRKjZYAQY+JT4AIAoDNAYiVVA=
EalpsiDcdnammoClqStneilClqSataDmetsyS15628wAGLAo6Hy87MCsuMg0NJgxaOwk5FVVE
FalpsiDcdnammoClqStneilClqSataDmetsyS15628HUoIwtfJRM7P0wpBQISbQ==
FalpsiDcdnammoClqStneilClqSataDmetsyS15628h8eDQpeEGgsLjs7BXcJPDZbIE4=
EalpsiDcdnammoClqStneilClqSataDmetsyS15628SkCAwoAQjIBLiMyPR0jAA8EIx8DUToJIFVxeg==
EalpsiDcdnammoClqStneilClqSataDmetsyS15628SkCFwoqCyw7Wj9yPRMdIDYGP0IDNRA3GDB0MTM7A1A=
EalpsiDcdnammoClqStneilClqSataDmetsyS156283QaJQwqJQsBBUAoPR0JKgE/Owc4USJM
EalpsiDcdnammoClqStneilClqSataDmetsyS156283VpZiYHIRI4MCsXBg0NPAw/Pzc4UF1JGD8tdw==
FalpsiDcdnammoClqStneilClqSataDmetsyS156283UGZT4qGyM4Pz8pNnd+JTEvO0c+I1VE
EalpsiDcdnammoClqStneilClqSataDmetsyS156283VpZiYHIQ44MCsXBg0NPAw/Pzc4UF1JGD8tdw==
EalpsiDcdnammoClqStneilClqSataDmetsyS15628HUGZT4qGyM4Pz8pNnd+JTEvO0c+I1VE
EalpsiDcdnammoClqStneilClqSataDmetsyS15628CoGLww6QjY0LxE7PRIBOw==
alpsiDcdnammoClqStneilClqSataDmetsyS15628
FalpsiDcdnammoClqStneilClqSataDmetsyS156283UGZTlfSi8BWkAxPRMjIDcFPwU+FVVE
IalpsiDcdnammoClqStneilClqSataDmetsyS15628R8eOQsHPiMuBSsxBQR6bQ==
EalpsiDcdnammoClqStneilClqSataDmetsyS15628HU4IwxcFyoABSs0AzJ6bQ==
reldnaHtnevEdetelpmoCgniPnoitamrofnIkrowteNteNmetsyS5408
Replace
FromBase64CharArray
ToCharArray
Length
GetString
EGPUhmsZbhyBg
ValpsiDcdnammoClqStneilClqSataDmetsyS15628FZxUUFBTUFBQUFFQUFBQS8vOEFBTGdBQUFBQUFBQUFRQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFnQUFBQUE0ZnVnNEF0QW5OSWJnQlRNMGhWR2hwY3lCd2NtOW5jbUZ0SUdOaGJtNXZkQ0JpWlNCeWRXNGdhVzRnUkU5VElHMXZaR1V1RFEwS0pBQUFBQUFBQUFCUVJRQUFUQUVEQUhRUjl1WUFBQUFBQUFBQUFPQUFBZ0VMQVRBQUFJZ0JBQUFNQUFBQUFBQUFObzBCQUFBZ0FBQUF3QUVBQUFCQUFBQWdBQUFBQkFBQUJBQUFBQUFBQUFBRUFBQUFBQUFBQUFBQUFnQUFCQUFBdGQ4QkFBSUFRSVVBQUJBQUFCQUFBQUFBRUFBQUVBQUFBQUFBQUJBQUFBQUFBQUFBQUFBQUFPU01BUUJQQUFBQUFNQUJBTXdFQUFBQUFBQUFBQUFBQUFDWUFRRG9DQUFBQU9BQkFBd0FBQURJakFFQUhBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUlBQUFDQUFBQUFBQUFBQUFBQUFBQ0NBQUFFZ0FBQUFBQUFBQUFBQUFBQzUwWlhoMEFBQUFySVVCQUFBZ0FBQUFpQUVBQUFRQUFBQUFBQUFBQUFBQUFBQUFBQ0FBQUdBdWNuTnlZd0FBQU13RUFBQUF3QUVBQUFnQUFBQ01BUUFBQUFBQUFBQUFBQUFBQUFCQUFBQkFMbkpsYkc5akFBQU1BQUFBQU9BQkFBQUVBQUFBbEFFQUFBQUFBQUFBQUFBQUFBQUFRQUFBUWdBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUF
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
FileDescription
FileVersion
0.0.0.0
InternalName
Inserter.exe
LegalCopyright
OriginalFilename
Inserter.exe
ProductVersion
0.0.0.0
Assembly Version
0.0.0.0
Antivirus Signature
Bkav Clean
Lionic Trojan.MSIL.Stealer.l!c
Elastic malicious (high confidence)
MicroWorld-eScan Trojan.GenericKD.47342500
FireEye Generic.mg.abaecc87a5255a67
CAT-QuickHeal Trojan.Agenttesla
McAfee GenericRXPZ-YL!ABAECC87A525
Cylance Unsafe
CrowdStrike win/malicious_confidence_100% (W)
BitDefender Trojan.GenericKD.47342500
K7GW Trojan ( 005888331 )
K7AntiVirus Trojan ( 005888331 )
Baidu Clean
Cyren W32/MSIL_Troj.CY.gen!Eldorado
ESET-NOD32 a variant of MSIL/Kryptik.ADAC
APEX Malicious
Paloalto generic.ml
Cynet Malicious (score: 100)
Kaspersky HEUR:Trojan-Spy.MSIL.Stealer.gen
Alibaba Trojan:Win32/Kryptik.ali2000016
NANO-Antivirus Clean
ViRobot Trojan.Win32.Z.Kryptik.399360.HN
Rising Clean
Ad-Aware Trojan.GenericKD.47342500
Emsisoft Trojan.GenericKD.47342500 (B)
Comodo Clean
F-Secure Clean
DrWeb Trojan.PackedNET.972
VIPRE Clean
TrendMicro TROJ_GEN.R002C0DK521
CMC Clean
Sophos Mal/Generic-S
SentinelOne Static AI - Malicious PE
Jiangmin Clean
MaxSecure Clean
Avira HEUR/AGEN.1144480
MAX malware (ai score=100)
Kingsoft Win32.Troj.Undef.(kcloud)
Gridinsoft Malware.Win32.GenericMC.cc
Arcabit Trojan.Generic.D2D263A4
SUPERAntiSpyware Clean
Microsoft Trojan:MSIL/AgentTesla.LEG!MTB
AhnLab-V3 Trojan/Win.Generic.C4628732
Acronis Clean
VBA32 Clean
TACHYON Clean
Malwarebytes Trojan.Crypt.MSIL.Generic
Panda Trj/GdSda.A
Zoner Clean
TrendMicro-HouseCall Clean
Tencent Win32.Trojan.Generic.Lplm
Yandex Clean
Ikarus Trojan-Spy.MSIL.Agent
eGambit Unsafe.AI_Score_100%
Fortinet MSIL/Kryptik.ACCF!tr
Webroot Clean
AVG Win32:PWSX-gen [Trj]
Avast Win32:PWSX-gen [Trj]
No IRMA results available.