popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2054-02-04 23:13:03

PDB Path

C:\Users\rezzi\OneDrive\Рабочий стол\Amongus\Amongus\obj\Debug\Amongus.pdb

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x00000de4 0x00000e00 5.28075566503
.rsrc 0x00004000 0x0000059c 0x00000600 4.03491595502
.reloc 0x00006000 0x0000000c 0x00000200 0.0815394123432

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x00004090 0x0000030c LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_MANIFEST 0x000043ac 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
v4.0.30319
#Strings
<Module>
destID
mscorlib
TelegramSendMessage
IDisposable
GetCPUName
GetGPUName
SecurityProtocolType
Dispose
GuidAttribute
DebuggableAttribute
ComVisibleAttribute
AssemblyTitleAttribute
AssemblyTrademarkAttribute
TargetFrameworkAttribute
AssemblyFileVersionAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
CompilationRelaxationsAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyCompanyAttribute
RuntimeCompatibilityAttribute
Amongus.exe
System.Runtime.Versioning
DownloadString
ToString
set_SecurityProtocol
Program
get_Item
System
apilToken
System.Reflection
ManagementObjectCollection
ServicePointManager
ManagementObjectSearcher
ManagementObjectEnumerator
GetEnumerator
System.Diagnostics
System.Runtime.InteropServices
System.Runtime.CompilerServices
DebuggingModes
Amongus
Concat
ManagementBaseObject
ManagementObject
System.Net
WebClient
System.Management
get_Current
MoveNext
WrapNonExceptionThrows
Amongus
Copyright
2021
$cd1cf7ef-029f-4923-880b-9ac86e81065d
1.0.0.0
.NETFramework,Version=v4.5
FrameworkDisplayName
.NET Framework 4.5
C:\Users\rezzi\OneDrive\
\Amongus\Amongus\obj\Debug\Amongus.pdb
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
2026552572:AAHsPVE1-XE3QqnTTeDfJ5cBY-LRzVYRfSY
1396345593
root\CIMV2
SELECT * FROM Win32_Processor
UNKNOWN
SELECT * FROM Win32_VideoController
http://ip-api.com/line?fields=query
https://api.telegram.org/bot
/sendMessage?chat_id=
&text=
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
Amongus
FileVersion
1.0.0.0
InternalName
Amongus.exe
LegalCopyright
Copyright
2021
LegalTrademarks
OriginalFilename
Amongus.exe
ProductName
Amongus
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0
Antivirus Signature
Bkav Clean
Lionic Trojan.MSIL.Agent.4!c
Elastic Clean
MicroWorld-eScan IL:Trojan.MSILZilla.6004
CMC Clean
CAT-QuickHeal Clean
McAfee RDN/Generic.grp
Cylance Clean
VIPRE Clean
K7AntiVirus Clean
K7GW Clean
CrowdStrike Clean
BitDefenderTheta Clean
Cyren Clean
Symantec ML.Attribute.HighConfidence
Baidu Clean
APEX Malicious
Paloalto generic.ml
ClamAV Clean
Kaspersky HEUR:Trojan.MSIL.Agent.gen
Alibaba Trojan:MSIL/MSILZilla.6df84262
NANO-Antivirus Clean
ViRobot Clean
Rising Clean
Sophos Mal/Generic-S
Comodo Clean
F-Secure Clean
DrWeb Trojan.SpyBot.1125
Zillya Trojan.Agent.Win32.2534386
TrendMicro Clean
McAfee-GW-Edition RDN/Generic.grp
Emsisoft IL:Trojan.MSILZilla.6004 (B)
Ikarus Trojan.IL.MSILZilla
Jiangmin Clean
Webroot W32.Trojan.Gen
Avira TR/Spy.Agent.zrtog
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Clean
Arcabit Clean
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft Trojan:Script/Phonzy.C!ml
Cynet Malicious (score: 100)
AhnLab-V3 Trojan/Win.Generic.C4750376
Acronis Clean
VBA32 TScope.Trojan.MSIL
TACHYON Clean
Malwarebytes RiskWare.Agent
Zoner Clean
TrendMicro-HouseCall TROJ_GEN.R002H0CK721
Tencent Clean
Yandex Trojan.Agent!MLn9aLYlrgA
SentinelOne Clean
MaxSecure Trojan.Malware.300983.susgen
Fortinet PossibleThreat
Panda Trj/GdSda.A
No IRMA results available.