popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2021-06-24 02:26:33

PDB Path

C:\jajijawodatewe11\nipo7\sukasoyi\fedaram\digider.pdb

PE Imphash

3e33b42b701895f28f61548bd88528e1

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x0001faea 0x0001fc00 7.44891393116
.data 0x00021000 0x02728e64 0x00010a00 0.348791694703
.himaxom 0x0274a000 0x00000270 0x00000400 0.0
.howav 0x0274b000 0x00000017 0x00000200 0.0
.rsrc 0x0274c000 0x00013278 0x00013400 6.04537282208

Resources

Name Offset Size Language Sub-language File type
RT_CURSOR 0x0275e608 0x000000b0 LANG_FRENCH SUBLANG_FRENCH_SWISS GLS_BINARY_LSB_FIRST
RT_CURSOR 0x0275e608 0x000000b0 LANG_FRENCH SUBLANG_FRENCH_SWISS GLS_BINARY_LSB_FIRST
RT_CURSOR 0x0275e608 0x000000b0 LANG_FRENCH SUBLANG_FRENCH_SWISS GLS_BINARY_LSB_FIRST
RT_CURSOR 0x0275e608 0x000000b0 LANG_FRENCH SUBLANG_FRENCH_SWISS GLS_BINARY_LSB_FIRST
RT_CURSOR 0x0275e608 0x000000b0 LANG_FRENCH SUBLANG_FRENCH_SWISS GLS_BINARY_LSB_FIRST
RT_CURSOR 0x0275e608 0x000000b0 LANG_FRENCH SUBLANG_FRENCH_SWISS GLS_BINARY_LSB_FIRST
RT_ICON 0x0275c3f8 0x00000468 LANG_MARATHI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x0275c3f8 0x00000468 LANG_MARATHI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x0275c3f8 0x00000468 LANG_MARATHI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x0275c3f8 0x00000468 LANG_MARATHI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x0275c3f8 0x00000468 LANG_MARATHI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x0275c3f8 0x00000468 LANG_MARATHI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x0275c3f8 0x00000468 LANG_MARATHI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x0275c3f8 0x00000468 LANG_MARATHI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x0275c3f8 0x00000468 LANG_MARATHI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x0275c3f8 0x00000468 LANG_MARATHI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x0275c3f8 0x00000468 LANG_MARATHI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x0275c3f8 0x00000468 LANG_MARATHI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x0275c3f8 0x00000468 LANG_MARATHI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x0275c3f8 0x00000468 LANG_MARATHI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x0275c3f8 0x00000468 LANG_MARATHI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x0275c3f8 0x00000468 LANG_MARATHI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x0275c3f8 0x00000468 LANG_MARATHI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x0275c3f8 0x00000468 LANG_MARATHI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x0275c3f8 0x00000468 LANG_MARATHI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_STRING 0x0275efc0 0x000002b4 LANG_FRENCH SUBLANG_FRENCH_SWISS data
RT_STRING 0x0275efc0 0x000002b4 LANG_FRENCH SUBLANG_FRENCH_SWISS data
RT_STRING 0x0275efc0 0x000002b4 LANG_FRENCH SUBLANG_FRENCH_SWISS data
RT_STRING 0x0275efc0 0x000002b4 LANG_FRENCH SUBLANG_FRENCH_SWISS data
RT_GROUP_CURSOR 0x0275e6b8 0x00000022 LANG_FRENCH SUBLANG_FRENCH_SWISS data
RT_GROUP_CURSOR 0x0275e6b8 0x00000022 LANG_FRENCH SUBLANG_FRENCH_SWISS data
RT_GROUP_CURSOR 0x0275e6b8 0x00000022 LANG_FRENCH SUBLANG_FRENCH_SWISS data
RT_GROUP_ICON 0x02756028 0x00000076 LANG_MARATHI SUBLANG_DEFAULT data
RT_GROUP_ICON 0x02756028 0x00000076 LANG_MARATHI SUBLANG_DEFAULT data
RT_GROUP_ICON 0x02756028 0x00000076 LANG_MARATHI SUBLANG_DEFAULT data
RT_VERSION 0x0275e6e0 0x000001a0 LANG_FRENCH SUBLANG_FRENCH_SWISS data

Imports

Library KERNEL32.dll:
0x401008 FreeLibrary
0x40100c MoveFileExW
0x401014 GetUserDefaultLCID
0x401018 EnumCalendarInfoExW
0x401028 LoadLibraryW
0x40102c SetConsoleMode
0x401030 GetGeoInfoA
0x401034 GetSystemDirectoryA
0x401038 GetBinaryTypeW
0x40103c GetLastError
0x401040 SetLastError
0x401044 GetProcAddress
0x40104c RemoveDirectoryA
0x401050 GetDiskFreeSpaceW
0x401054 FindClose
0x401058 GetAtomNameA
0x40105c LoadLibraryA
0x401060 GetProcessId
0x401068 LocalAlloc
0x40106c OpenEventA
0x401070 OpenJobObjectW
0x401074 GetCommTimeouts
0x401078 GetShortPathNameW
0x40107c GetCurrentProcessId
0x401080 LCMapStringW
0x401084 CreateFileW
0x401088 RaiseException
0x40108c FindResourceA
0x401090 HeapSize
0x401094 FlushFileBuffers
0x401098 HeapAlloc
0x40109c MultiByteToWideChar
0x4010a0 HeapReAlloc
0x4010a4 GetModuleHandleW
0x4010a8 ExitProcess
0x4010ac DecodePointer
0x4010b0 GetCommandLineW
0x4010b4 HeapSetInformation
0x4010b8 GetStartupInfoW
0x4010c4 IsDebuggerPresent
0x4010c8 EncodePointer
0x4010cc TerminateProcess
0x4010d0 GetCurrentProcess
0x4010d8 WriteFile
0x4010dc GetStdHandle
0x4010e0 GetModuleFileNameW
0x4010e4 HeapCreate
0x4010e8 GetCPInfo
0x4010f4 GetACP
0x4010f8 GetOEMCP
0x4010fc IsValidCodePage
0x401100 TlsAlloc
0x401104 TlsGetValue
0x401108 TlsSetValue
0x40110c TlsFree
0x401110 GetCurrentThreadId
0x40111c WideCharToMultiByte
0x401120 GetConsoleCP
0x401124 GetConsoleMode
0x401128 SetHandleCount
0x401130 GetFileType
0x401138 SetFilePointer
0x40113c HeapFree
0x40114c GetTickCount
0x401154 Sleep
0x401158 GetStringTypeW
0x40115c RtlUnwind
0x401160 WriteConsoleW
0x401164 SetStdHandle
0x401168 CloseHandle
Library USER32.dll:
0x401170 ClientToScreen
Library ADVAPI32.dll:
Library WINHTTP.dll:
0x401178 WinHttpSetTimeouts
!This program cannot be run in DOS mode.
}Richj
`.data
.himaxomp
@.howav
@.rsrc
CorExitProcess
(null)
`h````
xpxxxx
?uZEeu
?uZEeu
?UUUUUU
?UUUUUU
HH:mm:ss
dddd, MMMM dd, yyyy
MM/dd/yy
December
November
October
September
August
February
January
Saturday
Friday
Thursday
Wednesday
Tuesday
Monday
Sunday
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
`h`hhh
xppwpp
GetProcessWindowStation
GetUserObjectInformationW
GetLastActivePopup
GetActiveWindow
MessageBoxW
 !"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~
_nextafter
_hypot
1#QNAN
1#SNAN
VirtualProtect
Zoh divivisovodupiduyotobek
RSDS['Z
C:\jajijawodatewe11\nipo7\sukasoyi\fedaram\digider.pdb
D$ -LFj
D$,p;"
D$D!gpU
l$h7n.$
l$8Hot
j8hp4@
D$l47{.
D$HNtig
D$Ld^
|*SSQVj
HHtXHHt
?If90t
f-00f=
uhD%@
^SSSSS
j@j ^V
QQSVWh
tRHtCHt4Ht%HtFHHt
u}h<+@
t"SS9] u
PPPPPPPP
PPPPPPPP
URPQQh@
;t$,v-
UQPXY]Y[
<+t"<-t
+t HHt
u-hP4@
ltWBu&Z
T@,@{a
dugZ`\
kJ8'm`Se
c]9Z8r}
2=#{0
F!&D?s
KeSo$wt=@
8T"e|=
u0-O{\D
z-/nEj
{7>4J?%
Auw-Pma
-(S!d$
(V%:Rv=|
M#*)=t&e
;tS=q[
i]g@0c
eGqSjw!
#TtiIE
,0,Yc%
cxA>hs
1)1>vF
EXqi-g
Lk}xI_
d/'~to
'K\)jB
enu=I]+
&s=-b{
Y1f%)/
|,nMk^
$'cK)q
>Kza8K
P`?nj?
X'#q7Uv
M[u)Y,
;{<wm!^pn
>26*wrsq+h
!p4tg3*X
ktBw%<
5X)%1S
2:xQTn
"rNNiN
na^Wk:)B
,ifLNYR
98C <f
O@}TF3&
D2V@J_
KDC;Tl
IxDF3\
jaQ<&Ja
[,}u,<
Z=B|c"v
V#km#I
/8yTo8{C+
V`Xw:}=-Q(1
k!{0ru
/@qu+a
q~zF^,
WPV3=\
@U#!P
YV+Ss}
8']^OH
t'q:h+
7y@4O,t}
7=q`n(o:
oDS-%T
ji<Y\Y\h
w_@.%WE
ih1nUi
h@"#vQ
<yR}jZ
ik<@SK
+S%G%E9
}I&98u
4r*\q)
F-)s$Mt
Da~xg
,#_b#-
K"YRa0
z%.&OQ(Q8
t'x3UO
n_p>Im;PGw
0(@Rckx3|B
'(E`(M
*9iMQq
yh%^_D
:}f%5
K.P@7_D-
g}C%*X
\;@-ZjTq
9ea]'9=
},P&Qy
mDu4eL }
TO6U,8
IV]5mI%2F
?Dl7_R=q
yQNJvH
e9SiF
XGQ_~Ku
2nJeg]
_LDbnM
z2c,1o!u
FindResourceA
GetConsoleAliasesLengthW
FreeLibrary
MoveFileExW
SetDefaultCommConfigW
GetUserDefaultLCID
EnumCalendarInfoExW
GetConsoleAliasesLengthA
GetUserDefaultLangID
GetEnvironmentStrings
LoadLibraryW
SetConsoleMode
GetGeoInfoA
GetSystemDirectoryA
GetBinaryTypeW
GetLastError
SetLastError
GetProcAddress
RemoveDirectoryA
GetDiskFreeSpaceW
FindClose
GetAtomNameA
LoadLibraryA
GetProcessId
InterlockedExchangeAdd
LocalAlloc
OpenEventA
OpenJobObjectW
GetCommTimeouts
GetShortPathNameW
GetCurrentProcessId
LCMapStringW
KERNEL32.dll
ClientToScreen
USER32.dll
CreateRestrictedToken
ADVAPI32.dll
WinHttpSetTimeouts
WINHTTP.dll
HeapAlloc
MultiByteToWideChar
HeapReAlloc
GetModuleHandleW
ExitProcess
DecodePointer
GetCommandLineW
HeapSetInformation
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
WriteFile
GetStdHandle
GetModuleFileNameW
HeapCreate
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
SetFilePointer
HeapFree
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetStringTypeW
RtlUnwind
WriteConsoleW
SetStdHandle
FlushFileBuffers
HeapSize
RaiseException
CreateFileW
CloseHandle
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\D
\\\\\\\\\\\\\\\\\
Os\\\\\\\\\\\\\\\\
\\\\\\\\\\\\\\\
s\\\\\\\\\\\\\\\
ts\\\\\\\\\\\\\\\
s\\\\\\\\\\\\\\\
-s\\\\\\\\\\\\\\\
s\\\\\\\\\\\\\\\
Qs\\\\\\\\\\\\\\\
s\\\\\\\\\\\\\\\
Hs\\\\\\\\\\\\\\\
\\\\\\\\\\\\\\\
\\\\\\\\\\\\\\\
\\\\\\\\\\\\\\\
\\\\\\\\\\\\\\\
\\\\\\\\\\\\\\\
\\\\\\\\\\\\\\\
6\\\\\\\\\\\\\\\\
\\\\\\\\\\\\\\\\
\\\\\\\\\\\\\\\\
\\\\\\\\\\\\\\\\
\\\\\\\\\\\\\\\\
\\\\\\\\\\\\\\\\
^\\\\\\\\\\\\\\\\
\\\\\\\\\\\\\\\\
\\\\\\\\\\\\\\\\
\\\\\\\\\\\\\\\\
\\\\\\\\\\\\\\\\e|
\\\\\\\\\\\\\\\\
UQ\\\\\\\\\\\\\\\\O
Ue\\\\\\\\\\\\\\\\^
\\\\\\\\\\\\\\\\^
\\\\\\\\\\\\\\\\
\\\\\\\\\\\\\\\\
\\\\\\\\\\\\\\\\e?
y}yRyJ
-\\\\\\\\\\\\\\\\Q
\\\\\\\\\\\\\\\\e
\\\\\\\\\\\\\\\\^
\\\\\\\\\\\\\\\\\^
\\\\\\\\\\\\\\\\\
\\\\\\\\\\\\\\\\\\
\\\\\\\\\\\\\\\\\\\\
s sssss
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
jW%<@Q
OOy*OO
@^@^^^@R
?E5?tv}
SdS=}~
______-
_____-
{{{{{{{{{{{
G00000000000000000000000000
LLLLLLLLLLLLLL
LLLLLL`
LLLLLLL2
LLLLLL
H--------
--------------------
%%%%%%%%%%%%%%%%%%
YYYYYYYYYY%
YYYYYY
%qqqqq
%qqqqq
%qqqqqqY8
%qqqqqqqY8
%qqqqqqqqH
gggggggggK
ggggggggggg?K
3HShT7e~
iiiiii
iiiiii
iiiiiiiiiiii
iiiiiiiiii
iiiiii
iiiiiiiii
iiiiiiiiiiiii
iiiiiiii

mscoree.dll
(null)
runtime error
TLOSS error
SING error
DOMAIN error
- Attempt to use MSIL code from this assembly during native code initialization
This indicates a bug in your application. It is most likely the result of calling an MSIL-compiled (/clr) function from a native constructor or from DllMain.
- not enough space for locale information
- Attempt to initialize the CRT more than once.
This indicates a bug in your application.
- CRT not initialized
- unable to initialize heap
- not enough space for lowio initialization
- not enough space for stdio initialization
- pure virtual function call
- not enough space for _onexit/atexit table
- unable to open console device
- unexpected heap error
- unexpected multithread lock error
- not enough space for thread data
- abort() has been called
- not enough space for environment
- not enough space for arguments
- floating point support not loaded
@Microsoft Visual C++ Runtime Library
<program name unknown>
Runtime Error!
Program:
HH:mm:ss
dddd, MMMM dd, yyyy
MM/dd/yy
December
November
October
September
August
February
January
Saturday
Friday
Thursday
Wednesday
Tuesday
Monday
Sunday
nKERNEL32.DLL
WUSER32.DLL
((((( H
h(((( H
H
pCONOUT$
Hicucowegaz vowu jiwefupeziwar kejozapobajabuf cujoziyayoboje
tivunaciyec
jjjjjjjjj
/ P6pL
,/KPip
/-P?pR
/ P6pL
,/KPip
/-P?pR
VS_VERSION_INFO
StringFileInform
10808EA7
FileVersions
29.47.75.23
Copyrighz
Copyright (C) 2022, pozkarte
ProjectVersion
28.82.74.73
SomeInfo
Translate
RZexijupem kog piwap bejusipivixexo yareda wene mafo rozisovecanupif rugifopat kimoBSive palesipan gevuyuran tujale weyanuj xiweluxuhix pifiy nusexekieXuvomuzeyujez jicuha nomekoy gapizadezoduj kafarudupoh howolayuj dimepam gelome wekotefosij sejecakum
2Dap tatikafadehibu fiduvigovido lozepe konazorewap2Vosukuxixit tavada yitumogij pebuwubac wifiputazec
Yuhovoyuyamovupe
Xih tagibibokexic1Tuheketitinupom pogibajejosag helujoxedapu napuwo
Jakaro
Rege ripoma6Hasuxecem feyidez bahoxuzukahoso fidedubazisi vunifara;Dopozafabayi feraturifa xuhiw depuvi dalubo molinig pixeniw
*Vezuzoladec mehumusutonobaw vefadusococavu1Yonufuwu zatuso fixeyajeraref miyuyix rosadi fehiANaziwokefek rijoyurogebetuc zekitosipudo cimoxirosur vewodat cidi
MHufupolika fovava sof jixa vegomibower migukux pahedev hatecuzagix liceyohugo
LabegabunerurutDHixibe kuxen jugediwuzaxexif jelijapux bik goramep fewakow focipiyuf
JRoyixihir rukeboga cenilibiwirepe hegoneko puxesuk zuxahehiri hahaz vacoce7Horenude foh yirika kizeferavibira vuzuzoke jifejihokoy6Somefupekiz fucokuluwa disatete neparukagan nojekucape
#Yeyodup yihojejizuxahud vufumubutat3Zehogocotimehuw revim bawijifa jibobin kifuresedasy=Vuf woregewaxofibe capopipubex xovokidecule vedi fumu vifiwer
Antivirus Signature
Bkav W32.AIDetect.malware1
Lionic Clean
tehtris Generic.Malware
DrWeb Clean
MicroWorld-eScan Gen:Variant.Jaik.74958
FireEye Generic.mg.7212de5b3965d87d
CAT-QuickHeal Clean
McAfee Clean
Cylance Unsafe
Sangfor Trojan.Win32.Save.a
K7AntiVirus Trojan ( 005923e21 )
Alibaba Clean
K7GW Trojan ( 005923e21 )
Cybereason malicious.014e79
BitDefenderTheta Clean
VirIT Clean
Cyren Clean
Symantec ML.Attribute.HighConfidence
Elastic malicious (high confidence)
ESET-NOD32 Clean
Zoner Clean
TrendMicro-HouseCall Clean
Paloalto generic.ml
ClamAV Clean
Kaspersky UDS:DangerousObject.Multi.Generic
BitDefender Gen:Variant.Jaik.74958
NANO-Antivirus Clean
SUPERAntiSpyware Clean
Avast PWSX-gen [Trj]
Rising Trojan.Generic@AI.100 (RDML:Kq/OvDSYjlXGSdI63FYfQQ)
Ad-Aware Gen:Variant.Jaik.74958
TACHYON Clean
Sophos ML/PE-A
Comodo Clean
F-Secure Clean
Baidu Clean
Zillya Clean
TrendMicro Clean
McAfee-GW-Edition BehavesLike.Win32.Flyagent.dm
CMC Clean
Emsisoft Gen:Variant.Jaik.74958 (B)
Ikarus Trojan.Crypter
GData Gen:Variant.Jaik.74958
Jiangmin Clean
Webroot Clean
Avira Clean
Kingsoft Clean
Gridinsoft Clean
Arcabit Trojan.Jaik.D124CE
ViRobot Clean
ZoneAlarm UDS:DangerousObject.Multi.Generic
Microsoft Ransom:Win32/StopCrypt!ml
Cynet Malicious (score: 100)
AhnLab-V3 Clean
Acronis suspicious
VBA32 Malware-Cryptor.InstallCore.6
ALYac Gen:Variant.Jaik.74958
MAX malware (ai score=86)
Malwarebytes Trojan.MalPack.GS
APEX Malicious
Tencent Clean
Yandex Clean
SentinelOne Static AI - Malicious PE
MaxSecure Trojan.Malware.300983.susgen
Fortinet W32/GenKryptik.ERHN!tr
AVG PWSX-gen [Trj]
Panda Clean
CrowdStrike win/malicious_confidence_100% (D)
No IRMA results available.