popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

1970-01-01 09:00:00

PE Imphash

4bfde1223391e32fec766cd1d41fa3e7

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x00000418 0x00000600 3.85351034665
.rdata 0x00002000 0x000004ad 0x00000600 5.35416009967
.bss 0x00003000 0x00000004 0x00000000 0.0
.rsrc 0x00004000 0x000001f0 0x00000200 4.80843328983

Resources

Name Offset Size Language Sub-language File type
RT_MANIFEST 0x00004058 0x00000198 LANG_ENGLISH SUBLANG_ENGLISH_US XML 1.0 document, UTF-8 Unicode (with BOM) text

Imports

Library msvcrt.dll:
0x40234c strlen
0x402350 malloc
0x402354 memset
0x402358 _sleep
0x40235c __argc
0x402360 __argv
0x402364 _environ
0x402368 _XcptFilter
0x40236c __set_app_type
0x402370 _controlfp
0x402374 __getmainargs
0x402378 exit
Library kernel32.dll:
0x402380 CreateProcessA
0x402384 CloseHandle
!This program cannot be run in DOS mode.
`.rdata
6l(*m1^2nuvu9!@zk)=(gkwhq:1]7lzn
NY}wD^
L&@R4
BWE7UC>RNZH
HSLGI6
GU[3VS#I
"M]@~<X
lZCcRA
LQDGI_&
^F5UF3[
HU__+
%XU(ZLBRD
UT&M@2
'^7\C%
msvcrt.dll
strlen
malloc
memset
_sleep
__argc
__argv
_environ
_XcptFilter
__set_app_type
_controlfp
__getmainargs
kernel32.dll
CreateProcessA
CloseHandle
SetUnhandledExceptionFilter
<?xml version="1.0" encoding="utf-8"?>
<assembly manifestVersion="1.0" xmlns="urn:schemas-microsoft-com:asm.v1">
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
Antivirus Signature
Bkav Clean
Lionic Trojan.Win32.Nitol.4!c
Elastic Clean
MicroWorld-eScan Gen:Variant.Zusy.401118
FireEye Generic.mg.dc1db19dc72e4fc4
CAT-QuickHeal Clean
McAfee GenericRXQB-TQ!DC1DB19DC72E
Cylance Unsafe
VIPRE Clean
Sangfor Clean
K7AntiVirus Trojan ( 005883fd1 )
BitDefender Gen:Variant.Zusy.401118
K7GW Trojan ( 005883fd1 )
Cybereason malicious.dc72e4
Arcabit Clean
BitDefenderTheta Gen:NN.ZexaF.34266.aqW@aSCpdMfi
Cyren W32/Nitol.AO.gen!Eldorado
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of Win32/Agent.ADMO
Baidu Clean
APEX Malicious
Paloalto Clean
ClamAV Clean
Kaspersky Trojan.Win32.Bsymem.adxl
Alibaba Trojan:Win32/Bsymem.d5bc472a
NANO-Antivirus Clean
ViRobot Trojan.Win32.Z.Zusy.4608.AJN
Rising Clean
Ad-Aware Gen:Variant.Zusy.401118
TACHYON Clean
Sophos Mal/Generic-S
Comodo Clean
F-Secure Clean
DrWeb Clean
Zillya Clean
TrendMicro TROJ_GEN.R002C0PK821
McAfee-GW-Edition GenericRXQB-TQ!DC1DB19DC72E
CMC Clean
Emsisoft Gen:Variant.Zusy.401118 (B)
SentinelOne Clean
Jiangmin Clean
Webroot W32.Trojan.Gen
Avira TR/Agent.blute
Antiy-AVL Trojan/Generic.ASMalwS.34C9F2A
Kingsoft Win32.Troj.Bsymem.ad.(kcloud)
Gridinsoft Clean
Microsoft Trojan:Win32/Tnega.C!MTB
SUPERAntiSpyware Clean
GData Gen:Variant.Zusy.401118
Cynet Malicious (score: 100)
AhnLab-V3 Trojan/Win.Generic.R440300
Acronis Clean
VBA32 BScope.Trojan.Nitol
ALYac Gen:Variant.Zusy.401118
MAX malware (ai score=100)
Malwarebytes Trojan.Downloader
Panda Trj/CI.A
Zoner Clean
TrendMicro-HouseCall TROJ_GEN.R002C0PK821
Tencent Win32.Trojan.Zusy.Wrgn
Yandex Trojan.Agent!ElSFgwKFGBg
Ikarus Trojan.Win32.Agent
MaxSecure Clean
Fortinet W32/Tiny.NFR!tr
AVG Win32:TrojanX-gen [Trj]
Avast Win32:TrojanX-gen [Trj]
CrowdStrike Clean
No IRMA results available.