popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2080-02-26 04:06:42

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x00001484 0x00001600 5.25964666678
.rsrc 0x00004000 0x0000d5f8 0x0000d600 7.20346542475
.reloc 0x00012000 0x0000000c 0x00000200 0.0815394123432

Resources

Name Offset Size Language Sub-language File type
RT_ICON 0x00009990 0x0000763d LANG_NEUTRAL SUBLANG_NEUTRAL PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
RT_ICON 0x00009990 0x0000763d LANG_NEUTRAL SUBLANG_NEUTRAL PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
RT_ICON 0x00009990 0x0000763d LANG_NEUTRAL SUBLANG_NEUTRAL PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
RT_ICON 0x00009990 0x0000763d LANG_NEUTRAL SUBLANG_NEUTRAL PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
RT_ICON 0x00009990 0x0000763d LANG_NEUTRAL SUBLANG_NEUTRAL PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
RT_ICON 0x00009990 0x0000763d LANG_NEUTRAL SUBLANG_NEUTRAL PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
RT_ICON 0x00009990 0x0000763d LANG_NEUTRAL SUBLANG_NEUTRAL PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
RT_GROUP_ICON 0x00010fe0 0x00000068 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_VERSION 0x00011058 0x0000039e LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_MANIFEST 0x00011408 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
v4.0.30319
#Strings
Task`1
<Module>
mscorlib
Synchronized
GetMethod
Replace
defaultInstance
Invoke
RuntimeTypeHandle
GetTypeFromHandle
get_MainWindowHandle
Console
set_WindowStyle
ProcessWindowStyle
get_Name
set_FileName
WriteLine
get_Culture
set_Culture
resourceCulture
MethodBase
ApplicationSettingsBase
Reverse
EditorBrowsableState
STAThreadAttribute
CompilerGeneratedAttribute
GuidAttribute
GeneratedCodeAttribute
DebuggerNonUserCodeAttribute
DebuggableAttribute
EditorBrowsableAttribute
ComVisibleAttribute
AssemblyTitleAttribute
AssemblyTrademarkAttribute
TargetFrameworkAttribute
AssemblyFileVersionAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
CompilationRelaxationsAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyCompanyAttribute
RuntimeCompatibilityAttribute
Native
try.exe
System.Runtime.Versioning
String
BufferLength
System.ComponentModel
user32.dll
Program
System
resourceMan
System.Configuration
System.Globalization
System.Reflection
Exception
MethodInfo
CultureInfo
MemberInfo
ProcessStartInfo
System.Net.Http
_buffer
get_ResourceManager
System.CodeDom.Compiler
.cctor
System.Diagnostics
GetMethods
System.Runtime.InteropServices
System.Runtime.CompilerServices
System.Resources
Oxbkmihhvdaicricjpmnu.Properties.Resources.resources
DebuggingModes
Oxbkmihhvdaicricjpmnu.Properties
GetExportedTypes
Settings
System.Threading.Tasks
GetCurrentProcess
set_Arguments
Object
WaitForExit
get_Default
get_Result
HttpClient
get_HostContext
Oxbkmihhvdaicricjpmnu
set_CreateNoWindow
ShowWindow
nCmdShow
get_Assembly
_assembly
op_Equality
WrapNonExceptionThrows
Google Chrome
Google LLC
/Copyright 2022 Google LLC. All rights reserved.
$9ed52309-a8ba-46e5-8d13-1d18443695a0
100.0.4869.0
.NETFramework,Version=v4.6
FrameworkDisplayName
.NET Framework 4.6
3System.Resources.Tools.StronglyTypedResourceBuilder
16.0.0.0
KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator
16.10.0.0
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
_CorExeMain
mscoree.dll
hhhhhhhhhhhhhhhhhhhhhh
BQUhhhhhhhhhh
FZYWhhhhhhh,&&#")TZY\hhhhh-**((>9E[ZYXhhhh//.@VJJRS[ZYhhh2113dC:7Af`[Z]hh455+L<::7Jc[Z]hh;60
L=<::Jb`[^hh;8
PD=<Cgaa_]hhh'
OMKeGHINhhhh
$hhhhh
hhhhhhh
hhhhhhhhhh
hhhhhhhhhhhhhhhhhhhhhh
NUVUUO
TVVVUUUP
]WZZZZZZVVG
X[[[[[[ZZZVK
\_____[[_[[[LE
```````__[_[ZCe
gaa``aa````__[H=
haahhhha`c
jhhhiihhh
kkkkiiki
rkkkkkkkf
yyyyvt
ollllmml
yyyyvvvt
rmmlmmmd
}}||yyyvvt
sppppmm#
}}||yyyyyt
uqqqqqR
}}||yyyv
pqqqqq
}}||yyv
~qqqqF
'2.**)
.422.**(""
/5422.***(!!
1&88542..**"("!
@:8522..**("!!
I:542.***("!!
B22..**(("
D***((!!
B<>?;977
a_deeeb
gffeeeeeeX
gdfjjeeffffb
cjjjjjffjfeeeX
hkkjjkkffjfjjf]\
immkkkkjjkkjjfff^W
mmmmmmmkkkkkjkkjjPP
qqqqmmmmmmkkmkkkjjZM
pqqqqqqqqqqmmmkmkkkaSJ
nsssssqqqqqqmmmmmkkkhMJ
psssssuussssqqqqqruurQMJ
ussssusssssssqq{
uuuuuuuussusss
uuuuuuuuuuuuuw
uuuuuuvvvvvuu
vvvvvvvvvvvu
~~~~~~
wyyyyyyvvyyyx
wyyyyyyyyyyy
{yyyyyyyyyyl
yyyyyyyyy{w'
|{{{{{{{{{Y
}||{{{{|||
|{{||||{{I
|||||||z
}|||||||7
&0;@;>
,1@@;;;
!)3@@@@@;;?
(2>@@@@@@@;;;0,+&&&&
%2<DDDD@@@;;;444444.---***$$$
"!)?BEDD@@@@;;;;44444.--***$$$$
58ADDDDDD@@;;;;;444/4.--***$$$$
?EEEDDD@@@;;;;4444.4...***$
THEEDDDD@@;;;;;4444/..-****$$$$=
LDDDD@@@@;;;44444...--***$$-
UDDD@@@@;;;;44444.--***$$:
[FDD@@;;;;4444/...-***-D
UE@@@;;;;444/4.--*-D
LU@;;;4444...4FE
UKLLNROOKG
C3-QNZ2
=i|tC`
Cab%D_
deONZ2
kwNf389
|!~K!s
uyXg]d
K@2AFI=
gI5d.C`
V~^2G
pryO3y
dF(%X-
ql||/B
Nhn96c
2lDa$G
l*)$bo
J)%T.@
04,04"
? P(*Y
Q"&Z9(
F4?7/5
HP@Q@mN
n5/MEV
"Z(F"Z
L=D(U,)
?CP+ud
-ZC[IWx
r%~y<[
H^"bU
SrzxK(
fC'<\O
DGtq|
@/H7(f
b+~Li1}Z
'=qp'>|
c@cZS~
0=-7;/
e]wQZy
K^zewu
9\^6,T
kCDn>*
=VQ&~Z
u5dV_?m
gy_AX
;!!${~
B7e7jBO
`.Bg F
MX\VXn)
h*,-+H
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
SrdsGetBySrdsteArrSrdsayAsySrdsnc
http://185.222.58.56/try.png
powershell
Test-Connection 127.0.0.1
Qddywbxavgtbjaukcldrpmcm
Oxbkmihhvdaicricjpmnu.Properties.Resources
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
Google Chrome
CompanyName
Google LLC
FileDescription
Google Chrome
FileVersion
100.0.4869.0
InternalName
try.exe
LegalCopyright
Copyright 2022 Google LLC. All rights reserved.
LegalTrademarks
OriginalFilename
try.exe
ProductName
Google Chrome
ProductVersion
100.0.4869.0
Assembly Version
100.0.4869.0
Antivirus Signature
Bkav Clean
Lionic Trojan.Multi.Generic.4!c
Elastic malicious (high confidence)
DrWeb Clean
MicroWorld-eScan Trojan.GenericKD.48267110
FireEye Trojan.GenericKD.48267110
CAT-QuickHeal Clean
ALYac Trojan.GenericKD.48267110
Cylance Unsafe
Zillya Clean
Sangfor Riskware.Win32.Agent.ky
CrowdStrike win/malicious_confidence_100% (W)
Alibaba Clean
K7GW Clean
K7AntiVirus Clean
BitDefenderTheta Gen:NN.ZemsilF.34182.dm0@ay@stbi
VirIT Clean
Cyren W32/MSIL_Kryptik.GMH.gen!Eldorado
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of MSIL/TrojanDownloader.Agent_AGen.IR
APEX Malicious
Avast Win32:DropperX-gen [Drp]
ClamAV Clean
Kaspersky HEUR:Trojan-PSW.MSIL.Agensla.gen
BitDefender Trojan.GenericKD.48267110
NANO-Antivirus Clean
SUPERAntiSpyware Clean
Tencent Clean
TACHYON Clean
Emsisoft Trojan.Generic (A)
Comodo Clean
F-Secure Clean
Baidu Clean
VIPRE Clean
TrendMicro Clean
McAfee-GW-Edition Artemis!Trojan
CMC Clean
Sophos Mal/Generic-S
Paloalto generic.ml
Jiangmin Clean
Webroot Clean
Avira Clean
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Clean
Microsoft Trojan:Script/Phonzy.C!ml
ViRobot Clean
ZoneAlarm HEUR:Trojan-PSW.MSIL.Agensla.gen
GData Trojan.GenericKD.48267110
Cynet Malicious (score: 100)
AhnLab-V3 Clean
McAfee GenericRXRR-CP!83CE3C1BB7B8
MAX malware (ai score=89)
VBA32 Clean
Malwarebytes Clean
Zoner Clean
TrendMicro-HouseCall Clean
Rising Trojan.FakeChrome!1.9C7B (CLASSIC)
Yandex Clean
SentinelOne Clean
MaxSecure Trojan.Malware.300983.susgen
Fortinet MSIL/GenKryptik.FQKH!tr
AVG Win32:DropperX-gen [Drp]
Panda Trj/GdSda.A
No IRMA results available.