popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

1970-01-01 09:00:00

PE Imphash

4bfde1223391e32fec766cd1d41fa3e7

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x00000418 0x00000600 3.83841066575
.rdata 0x00002000 0x0000049d 0x00000600 5.23281507756
.bss 0x00003000 0x00000004 0x00000000 0.0
.rsrc 0x00004000 0x000001f0 0x00000200 4.80843328983

Resources

Name Offset Size Language Sub-language File type
RT_MANIFEST 0x00004058 0x00000198 LANG_ENGLISH SUBLANG_ENGLISH_US XML 1.0 document, UTF-8 Unicode (with BOM) text

Imports

Library msvcrt.dll:
0x40233c strlen
0x402340 malloc
0x402344 memset
0x402348 _sleep
0x40234c __argc
0x402350 __argv
0x402354 _environ
0x402358 _XcptFilter
0x40235c __set_app_type
0x402360 _controlfp
0x402364 __getmainargs
0x402368 exit
Library kernel32.dll:
0x402370 CreateProcessA
0x402374 CloseHandle
!This program cannot be run in DOS mode.
`.rdata
(tyg4j$$&p9+b5+wyxcf8llg4_i.d@qf
VtT_B
NAJPJjR
]ELJr0
Pr$^42
[1InLg
B0Q=*B
KVCHU1
'\I!YB
PLD-[6
msvcrt.dll
strlen
malloc
memset
_sleep
__argc
__argv
_environ
_XcptFilter
__set_app_type
_controlfp
__getmainargs
kernel32.dll
CreateProcessA
CloseHandle
SetUnhandledExceptionFilter
<?xml version="1.0" encoding="utf-8"?>
<assembly manifestVersion="1.0" xmlns="urn:schemas-microsoft-com:asm.v1">
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
Antivirus Signature
Bkav Clean
Lionic Trojan.Win32.Nitol.4!c
Elastic Clean
MicroWorld-eScan Gen:Variant.Zusy.401118
FireEye Generic.mg.c69a436220ad459a
CAT-QuickHeal Trojan.Nitol
McAfee GenericRXQB-TQ!C69A436220AD
Cylance Unsafe
VIPRE Clean
Sangfor Clean
K7AntiVirus Trojan ( 005883fd1 )
BitDefender Gen:Variant.Zusy.401118
K7GW Trojan ( 005883fd1 )
Cybereason malicious.220ad4
BitDefenderTheta Gen:NN.ZexaF.34266.aqW@aar8A2mi
Cyren W32/Nitol.AO.gen!Eldorado
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of Win32/Agent.ADMO
Baidu Clean
TrendMicro-HouseCall TROJ_GEN.R002C0PK721
Paloalto generic.ml
ClamAV Clean
Kaspersky Trojan.Win32.Bsymem.advz
Alibaba Trojan:Win32/Bsymem.7724fe34
NANO-Antivirus Clean
ViRobot Clean
Tencent Win32.Trojan.Zusy.Szbm
Ad-Aware Gen:Variant.Zusy.401118
Emsisoft Gen:Variant.Zusy.401118 (B)
Comodo Clean
F-Secure Clean
DrWeb Clean
Zillya Clean
TrendMicro TROJ_GEN.R002C0PK721
McAfee-GW-Edition GenericRXQB-TQ!C69A436220AD
SentinelOne Clean
CMC Clean
Sophos Mal/Generic-S
APEX Malicious
GData Gen:Variant.Zusy.401118
Jiangmin Clean
eGambit Unsafe.AI_Score_52%
Avira TR/Agent.rchrq
MAX malware (ai score=100)
Antiy-AVL Clean
Kingsoft Win32.Troj.Bsymem.ad.(kcloud)
Gridinsoft Ransom.Win32.Sabsik.sa
Arcabit Trojan.Zusy.D61EDE
SUPERAntiSpyware Clean
Microsoft Trojan:Win32/Sabsik.FL.B!ml
Cynet Malicious (score: 100)
AhnLab-V3 Trojan/Win.Generic.R440300
Acronis Clean
VBA32 BScope.Trojan.Nitol
ALYac Gen:Variant.Zusy.401118
TACHYON Clean
Malwarebytes Trojan.Downloader
Panda Clean
Zoner Clean
Rising Clean
Yandex Trojan.Agent!ZCDuBYOd0Ms
Ikarus Trojan.Win32.Agent
MaxSecure Clean
Fortinet W32/Tiny.NFR!tr
Webroot W32.Trojan.Gen
AVG Win32:TrojanX-gen [Trj]
Avast Win32:TrojanX-gen [Trj]
CrowdStrike win/malicious_confidence_100% (W)
No IRMA results available.