popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2093-11-14 06:10:03

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x00004354 0x00004400 5.96425262662
.rsrc 0x00008000 0x0000d5fc 0x0000d600 7.20380945313
.reloc 0x00016000 0x0000000c 0x00000200 0.0815394123432

Resources

Name Offset Size Language Sub-language File type
RT_ICON 0x0000d9c0 0x0000763d LANG_NEUTRAL SUBLANG_NEUTRAL PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
RT_ICON 0x0000d9c0 0x0000763d LANG_NEUTRAL SUBLANG_NEUTRAL PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
RT_ICON 0x0000d9c0 0x0000763d LANG_NEUTRAL SUBLANG_NEUTRAL PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
RT_ICON 0x0000d9c0 0x0000763d LANG_NEUTRAL SUBLANG_NEUTRAL PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
RT_ICON 0x0000d9c0 0x0000763d LANG_NEUTRAL SUBLANG_NEUTRAL PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
RT_ICON 0x0000d9c0 0x0000763d LANG_NEUTRAL SUBLANG_NEUTRAL PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
RT_ICON 0x0000d9c0 0x0000763d LANG_NEUTRAL SUBLANG_NEUTRAL PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
RT_GROUP_ICON 0x00015000 0x00000068 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_VERSION 0x00015068 0x000003a6 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_MANIFEST 0x00015410 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
VZna}W
.W{^
F\ya}c
.W{^
n*tf s
$&Oa}
bMNa}<
ff rYD
OIff ^
v4.0.30319
#Strings
Duofr.exe
<Module>
IssuerListenerInstance
WindowsFormsApp23
Object
System
mscorlib
MethodAdapterMock
Mapping
RequestParameterDispatcher
Method
Resources
WindowsFormsApp23.Properties
Settings
ApplicationSettingsBase
System.Configuration
<Module>{98636e66-6c0f-49a2-8a98-5499ad60173b}
StartWriter
ReadWriter
Boolean
ListWriter
RegisterWriter
EnableMapping
Process
System.Diagnostics
WaitForExit
ProcessStartInfo
set_Arguments
String
set_FileName
get_StartInfo
PopWriter
ResolveWriter
ProcessWindowStyle
set_WindowStyle
CallWriter
OrderWriter
InitWriter
InvokeWriter
CheckMapping
Reverse
UpdateWriter
Assembly
System.Reflection
ConnectWriter
get_FullName
PublishWriter
MoveWriter
TestWriter
AssetMapping
HttpClient
System.Net.Http
GetTypeFromHandle
RuntimeTypeHandle
GetMethod
MethodInfo
MethodBase
Invoke
Task`1
System.Threading.Tasks
get_Result
CalcWriter
Replace
LogoutWriter
SetupWriter
InsertWriter
MapMapping
AppDomain
GetAssemblies
Func`2
IntPtr
Enumerable
System.Linq
System.Core
IEnumerable`1
System.Collections.Generic
SelectMany
FirstOrDefault
ConcatWriter
get_CurrentDomain
ResetWriter
VisitWriter
reponse
policy
SelectWriter
.cctor
ForgotMapping
ConnectMapping
GetTypes
FindMapping
Equals
DestroyWriter
AddWriter
EnableWriter
get_IsDynamic
_Container
ResourceManager
System.Resources
m_Adapter
CultureInfo
System.Globalization
CollectWriter
get_ResourceManager
get_Assembly
get_Culture
set_Culture
ComputeWriter
RestartWriter
Culture
defaultInstance
PrintWriter
get_Default
SettingsBase
Synchronized
GetWriter
SearchWriter
Default
m_84a272330ebe4816a532e58ea3947939
m_0ccaded17e404f5da572c9f79c80fe17
m_7e9ecfc70c614a08a8b52b07c1d67b1b
m_cb2886158d9b4307aecac2be198bdc17
m_85193059f0fd4e678959850429203f38
m_a7e0142af5084f11908a90c693722f01
m_ec91fc5d8982418887e11f49e32b4287
m_e8111c1eeaed43fbb70cc2c9d00f48f8
m_3abb539934d84c6881a6b6e70f6bf2ee
m_ca09bfabfac94c538021d2e3b297f3ec
m_d2c84daf180242339a03bc990f628010
m_8d111b215fce4308b108bf2679b230b1
m_d81d0483d0414ea5b8eb3aad8006a7f4
m_f1333a14ab584acaae86cffe2d16952e
m_eb550a19f5454dfba5c0a5d81afba9bc
m_ded255be37024f47bf41e9aead5cacad
m_8b6702c3483a4f048f94b53bd39be558
m_9fe6d16607b744beae33bdad3a771d1a
m_6ec6d4a383244ba9b561e4ceae7218e6
m_fa7e7c8a7a284d7fb5b863928986f26f
m_84cd12a6928f4c01896bb9018990333a
m_81d0cc98769a46628fb9c0ef7e764b1d
m_569a8e0c692242d896588b94d9f8ed01
m_05f25c17eb904c2b8a61218ad99c3cb1
m_f0977d521e164996b661d1391bdaab78
m_09f0adbc2bf945e6bf16594aa5d9759d
m_d0ea8dd081c542d1948a3eb22b21be33
m_fa2f9d0042af4b248bd5d10c439d6b98
m_2d6c45ce10e74109833c1583cc2f8e8e
m_4d6533520cd6447e877571e3926a0f36
m_674c211ddddb49f6ac039786010e0405
m_4782336feb4348f69451fe3b6a7a3a54
m_19dbed16e26046e09c073df38f0da9ba
m_12b18ff3e1ce4b66b3417bbc1c8a3a76
m_717bddf700fb4a6db3d46031d2f8cfd4
m_73e4f876bf8549f2b893904a9879c117
m_9660dacf8e6742c8b61775fa9e5e5383
m_bcc08fadf6f44e1c8a244023e99cf388
m_ef809e1ef2414ce6a39c231c12beb61e
m_602511d924624cbaa169403b280023e5
m_9ecdbc45994d4a84a83e67ab796ec340
m_88a24c096c17442693c106dfac1e86c3
m_80f60c9d425a4e948cb8fe84904a7a57
m_5dd130af26844c80b66be6942cc5530e
m_4089933d794b4c9b9d4cd0a63dd65b6b
m_1e44eb5f876441048e42756ae54477bf
m_0dd0b7d7ee0a4504be9bf9f3c54ee51e
m_2d043ddcfbef4d1ba78a03a7d6be3972
m_0081af9374284636bdac333f9da66115
m_62ebfdfa880d47988b6b86008b820220
m_6d6862cbb1034045a13055a594707706
m_6e255919b7154140917b858d39cca393
m_59cf4dcb33f14520a68ed8134d7b443f
m_e5c8c2c6074348d6be54597a7fe9a861
m_65daa748314c4af583cf6ec3d5eeedc9
m_5244ab9a0b9f4df09654e6af05d7e70a
m_4e3b8bdf1cb54050bf0aa39214bcb2cd
m_edf637b28673433ca5f9dd76ed2d1275
m_297f7a1b061e42b7b74fd954ffee62dc
m_7333ec26c7d54020a0b9d0c78273a5f4
m_c064b5a3b136489790e9bda0ce14fc76
m_2f0717fb3f854fc5962548cfbd599621
m_9536d0a0e9fe4f3b89e5a8854c012895
m_bfd9bdb3efbf4facac9c984a8f2c149c
m_fbc14122cc9c4736a278eaa88a3d77af
m_373a04b1afc441489cfbb398eee00614
m_9aa0fe35c13b44e4a4c3ffb10d3246e6
m_69faa946c02f43d3a3bce38a279b4c13
m_f21cd2b83b4541869d4ca90f87dc9834
m_9aca693d23044d27ae004a255c80ac11
m_ed872d7c2d454ff2bc90a89496bfe4a4
m_2cd66ee403d847dfa06a6a91fb21bb80
m_9af0d828ee62439f903dc0f72b415c9d
m_06af3bcd0b3e4ce2ab994bbcb08d02e4
m_347913bff388464abfc1685f7cbdb0c8
m_be64e4f8a1b24017aa0bb5f9ae43b204
m_acb1b407a07f4024a5ee21c8493a7881
m_976214ba46874985a8639aa8f49bd86f
m_e596a914ba7341e49ad9bb46e3424d7c
m_0187bc5965244cf28c3f6c74ffc83d1e
m_98e147408b1b46f99667e309579555ec
m_4c32d56a578d4a2684b1fb9d319bf312
m_3a6d7a50c7fe4ce2b3c80c158708fda3
m_19bcab8acc694dfba7acd6a3a3f2290a
m_e5a75ea2789444a4a2257098e3a62ccd
m_d9254bc21c5d472f972f8ee38ca80668
m_bd1aaad08d0f4ba8889226104d7344a5
m_8c5303f52bbd4239ad737105a6af090f
m_914b59a2c82b421abeffecde052c526c
m_e585559eb7754a55aca1d98295bdd6a6
m_6d8e9d718a194ae0956eff9cedba30f3
m_a881a80371ad49f39f8ed149b251678a
m_6b0487d907474cc083c2f715239c6fc4
m_f35833764cb843da8f393efb6d7590f7
m_016ec6754fe94a77aac323228285c41b
m_bf5ea67112b34393abaa746d681fa659
m_0c89da5a7acc485cb52ee1fca760bc15
m_9bd1f446dfe745aa8ff903014fc7f365
m_da34b64ad4cb4bd8b5770286c1dc2377
m_0b6fabee37fd4c3d8cee970c81523edb
m_651509970e4145c096da802eb4afd4d1
m_44b514f8a9c8484c8b740b88b3a16edc
m_95b1d7c0eba0406d93a28516b1bfe036
m_b5a737187bc14edfa0a10708581042b2
m_e444f69ce83347e99eccc98ae173180b
m_15bd988d16414930a508ec0ba7b2f03b
m_b95dfca24f7e4c26aac1a2db728a04c5
m_360266e99ae24fea86e8b5d29a71f35d
m_ed7235eb01dd480ba46bbf2bc795c464
ForgotWriter
e055f4289c97f407b92e438c8537194ad
MapWriter
CreateWriter
CompilationRelaxationsAttribute
System.Runtime.CompilerServices
RuntimeCompatibilityAttribute
DebuggableAttribute
DebuggingModes
AssemblyTitleAttribute
AssemblyDescriptionAttribute
AssemblyConfigurationAttribute
AssemblyCompanyAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyTrademarkAttribute
ComVisibleAttribute
System.Runtime.InteropServices
GuidAttribute
AssemblyFileVersionAttribute
TargetFrameworkAttribute
System.Runtime.Versioning
STAThreadAttribute
GeneratedCodeAttribute
System.CodeDom.Compiler
DebuggerNonUserCodeAttribute
CompilerGeneratedAttribute
EditorBrowsableAttribute
System.ComponentModel
EditorBrowsableState
WindowsFormsApp23.Properties.Resources.resources
WrapNonExceptionThrows
Google Chrome
Google LLC
/Copyright 2022 Google LLC. All rights reserved.
$be8d22ad-29f9-495a-a459-aae2dd960f0c
97.0.4692.99
.NETFramework,Version=v4.6
FrameworkDisplayName
.NET Framework 4.6
3System.Resources.Tools.StronglyTypedResourceBuilder
16.0.0.0
KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator
16.10.0.0
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
_CorExeMain
mscoree.dll
hhhhhhhhhhhhhhhhhhhhhh
BQUhhhhhhhhhh
FZYWhhhhhhh,&&#")TZY\hhhhh-**((>9E[ZYXhhhh//.@VJJRS[ZYhhh2113dC:7Af`[Z]hh455+L<::7Jc[Z]hh;60
L=<::Jb`[^hh;8
PD=<Cgaa_]hhh'
OMKeGHINhhhh
$hhhhh
hhhhhhh
hhhhhhhhhh
hhhhhhhhhhhhhhhhhhhhhh
NUVUUO
TVVVUUUP
]WZZZZZZVVG
X[[[[[[ZZZVK
\_____[[_[[[LE
```````__[_[ZCe
gaa``aa````__[H=
haahhhha`c
jhhhiihhh
kkkkiiki
rkkkkkkkf
yyyyvt
ollllmml
yyyyvvvt
rmmlmmmd
}}||yyyvvt
sppppmm#
}}||yyyyyt
uqqqqqR
}}||yyyv
pqqqqq
}}||yyv
~qqqqF
'2.**)
.422.**(""
/5422.***(!!
1&88542..**"("!
@:8522..**("!!
I:542.***("!!
B22..**(("
D***((!!
B<>?;977
a_deeeb
gffeeeeeeX
gdfjjeeffffb
cjjjjjffjfeeeX
hkkjjkkffjfjjf]\
immkkkkjjkkjjfff^W
mmmmmmmkkkkkjkkjjPP
qqqqmmmmmmkkmkkkjjZM
pqqqqqqqqqqmmmkmkkkaSJ
nsssssqqqqqqmmmmmkkkhMJ
psssssuussssqqqqqruurQMJ
ussssusssssssqq{
uuuuuuuussusss
uuuuuuuuuuuuuw
uuuuuuvvvvvuu
vvvvvvvvvvvu
~~~~~~
wyyyyyyvvyyyx
wyyyyyyyyyyy
{yyyyyyyyyyl
yyyyyyyyy{w'
|{{{{{{{{{Y
}||{{{{|||
|{{||||{{I
|||||||z
}|||||||7
&0;@;>
,1@@;;;
!)3@@@@@;;?
(2>@@@@@@@;;;0,+&&&&
%2<DDDD@@@;;;444444.---***$$$
"!)?BEDD@@@@;;;;44444.--***$$$$
58ADDDDDD@@;;;;;444/4.--***$$$$
?EEEDDD@@@;;;;4444.4...***$
THEEDDDD@@;;;;;4444/..-****$$$$=
LDDDD@@@@;;;44444...--***$$-
UDDD@@@@;;;;44444.--***$$:
[FDD@@;;;;4444/...-***-D
UE@@@;;;;444/4.--*-D
LU@;;;4444...4FE
UKLLNROOKG
C3-QNZ2
=i|tC`
Cab%D_
deONZ2
kwNf389
|!~K!s
uyXg]d
K@2AFI=
gI5d.C`
V~^2G
pryO3y
dF(%X-
ql||/B
Nhn96c
2lDa$G
l*)$bo
J)%T.@
04,04"
? P(*Y
Q"&Z9(
F4?7/5
HP@Q@mN
n5/MEV
"Z(F"Z
L=D(U,)
?CP+ud
-ZC[IWx
r%~y<[
H^"bU
SrzxK(
fC'<\O
DGtq|
@/H7(f
b+~Li1}Z
'=qp'>|
c@cZS~
0=-7;/
e]wQZy
K^zewu
9\^6,T
kCDn>*
=VQ&~Z
u5dV_?m
gy_AX
;!!${~
B7e7jBO
`.Bg F
MX\VXn)
h*,-+H
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
-enc YwBtAGQAIAAvAGMAIAB0AGkAbQBlAG8AdQB0ACAAMgAwAA==
powershell
ScbrGetByScbrteArrScbrayAsyScbrnc
http://91.92.120.126/Duofr.png
Vxulhkmljyezcn
Hyalnvfszhy.Sidsnrvotacdeufaugsem
WindowsFormsApp23.Properties.Resources
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
Google Chrome
CompanyName
Google LLC
FileDescription
Google Chrome
FileVersion
97.0.4692.99
InternalName
Duofr.exe
LegalCopyright
Copyright 2022 Google LLC. All rights reserved.
LegalTrademarks
OriginalFilename
Duofr.exe
ProductName
Google Chrome
ProductVersion
97.0.4692.99
Assembly Version
97.0.4692.99
Antivirus Signature
Bkav Clean
Lionic Clean
Elastic malicious (high confidence)
ClamAV Clean
FireEye Clean
CAT-QuickHeal Clean
McAfee Clean
Cylance Clean
Zillya Clean
Sangfor Clean
CrowdStrike win/malicious_confidence_100% (W)
Alibaba Clean
K7GW Clean
K7AntiVirus Clean
BitDefenderTheta Gen:NN.ZemsilF.34182.em0@ayTAZfe
VirIT Clean
Cyren W32/MSIL_Kryptik.GMH.gen!Eldorado
Symantec Clean
ESET-NOD32 Clean
Baidu Clean
TrendMicro-HouseCall Clean
Paloalto generic.ml
Cynet Clean
BitDefender Clean
NANO-Antivirus Clean
ViRobot Clean
MicroWorld-eScan Clean
Rising Trojan.FakeChrome!1.9C7B (CLASSIC)
Ad-Aware Clean
Comodo Clean
F-Secure Clean
DrWeb Clean
VIPRE Clean
TrendMicro Clean
McAfee-GW-Edition Clean
SentinelOne Static AI - Malicious PE
CMC Clean
Sophos ML/PE-A
APEX Malicious
Jiangmin Clean
Webroot Clean
Avira Clean
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Clean
Arcabit Clean
SUPERAntiSpyware Clean
ZoneAlarm UDS:DangerousObject.Multi.Generic
Microsoft Trojan:Win32/Sabsik.FL.A!ml
TACHYON Clean
AhnLab-V3 Clean
Acronis Clean
VBA32 Clean
ALYac Clean
MAX Clean
Panda Clean
Zoner Clean
Tencent Clean
Yandex Clean
Ikarus Clean
MaxSecure Clean
Fortinet MSIL/Agent.KGB!tr.dldr
Cybereason Clean
Avast Clean
No IRMA results available.