Static | ZeroBOX

PE Compile Time

2022-07-25 13:02:49

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x0003445d 0x00034600 7.91615145906
.rsrc 0x00038000 0x0000e4ee 0x0000e600 3.42267388858
.reloc 0x00048000 0x0000000c 0x00000200 0.101910425663

Resources

Name Offset Size Language Sub-language File type
RT_ICON 0x00045599 0x00000468 LANG_SWAHILI SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x00045599 0x00000468 LANG_SWAHILI SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x00045599 0x00000468 LANG_SWAHILI SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x00045599 0x00000468 LANG_SWAHILI SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x00045599 0x00000468 LANG_SWAHILI SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x00045599 0x00000468 LANG_SWAHILI SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x00045599 0x00000468 LANG_SWAHILI SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x00045599 0x00000468 LANG_SWAHILI SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x00045599 0x00000468 LANG_SWAHILI SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x00045599 0x00000468 LANG_SWAHILI SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x00045599 0x00000468 LANG_SWAHILI SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x00045599 0x00000468 LANG_SWAHILI SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x00045599 0x00000468 LANG_SWAHILI SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_GROUP_ICON 0x00045a4f 0x000000bc LANG_SWAHILI SUBLANG_NEUTRAL data
RT_VERSION 0x00045b47 0x00000584 LANG_SWAHILI SUBLANG_NEUTRAL data
RT_MANIFEST 0x00046107 0x000003e7 LANG_SWAHILI SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain

!This program cannot be run in DOS mode.
`.rsrc
@.reloc
+B+G~:
++$+)+.
+*+++,t
+7+8+=
+-+.+/+0,
XJ4X(
XJPX(
XJTX(
:XF-:
,XJ,G
 XJ(XT
XJ(X(
+.+3+4+5}"
+1+2}#
+d,(+j,$
v4.0.30319
#Strings
kSmgkcejSc.exe
kSmgkcejSc
<Module>
mscorlib
Object
System
MulticastDelegate
ValueType
Attribute
GetString
SmartAssembly.Delegates
MemberRefsProxy
SmartAssembly.HouseOfCards
Strings
PoweredByAttribute
SmartAssembly.Attributes
value__
ModuleHandle
Dictionary`2
System.Collections.Generic
Console
WriteLine
ReadKey
ConsoleKeyInfo
Directory
System.IO
EnumerateFiles
IEnumerable`1
SearchOption
Delete
IEnumerator
System.Collections
MoveNext
IDisposable
Dispose
Process
System.Diagnostics
Stream
Exception
get_Message
ToString
Assembly
System.Reflection
get_Location
get_FullName
GetTempPath
String
Concat
GetTypeFromHandle
RuntimeTypeHandle
get_Assembly
ResourceManager
System.Resources
GetObject
Convert
FromBase64String
Encoding
System.Text
get_UTF8
GetBytes
HashAlgorithm
System.Security.Cryptography
ComputeHash
SymmetricAlgorithm
set_Key
set_Mode
CipherMode
set_Padding
PaddingMode
CreateDecryptor
ICryptoTransform
TransformFinalBlock
ToInt32
Marshal
System.Runtime.InteropServices
SizeOf
ToUInt32
IsNullOrEmpty
BitConverter
IntPtr
get_Size
op_Explicit
ToInt16
Buffer
BlockCopy
Thread
System.Threading
GetProcessById
GetExtension
Intern
op_Equality
GetExecutingAssembly
EndsWith
GetManifestResourceStream
get_Length
ParameterInfo
.cctor
object
method
Invoke
nhsydfdf
hfhghf
BeginInvoke
IAsyncResult
AsyncCallback
callback
EndInvoke
result
hfghdh
sddfshdjfgjdgafp
sfhjfhjfhhssfgdb
fjfhgj
gdfjdfhdf
hsjfhf
jfdgdfh
jdfkfgs
gsdgjdf
jdfdfj
startupInfo
mfhgrSj
StrongNameSignatureVerificationEx
mscorwks.dll
CreateMemberRefsDelegates
typeID
CreateGetStringDelegate
ownerType
fsdhjfiufsd
UnverifiableCodeAttribute
System.Security
RuntimeCompatibilityAttribute
System.Runtime.CompilerServices
CompilationRelaxationsAttribute
AssemblyFileVersionAttribute
SuppressIldasmAttribute
CompilerGeneratedAttribute
AttributeUsageAttribute
AttributeTargets
kSmgkcejSc.resources
{83caeae9-bcfd-458a-9ea1-3ae51cddb635}
Double
Func`2
System.Core
Enumerable
System.Linq
GetEnumerator
IEnumerator`1
get_Current
IOException
ProcessStartInfo
TripleDESCryptoServiceProvider
MD5CryptoServiceProvider
Resize
System.Windows.Forms
Application
get_ExecutablePath
AssemblyBuilder
System.Reflection.Emit
DefineDynamicModule
ModuleBuilder
DefineType
TypeBuilder
TypeAttributes
GetMethod
MethodInfo
MethodBase
GetParameters
Select
ToArray
get_ReturnType
DefinePInvokeMethod
MethodBuilder
MethodAttributes
CallingConventions
CallingConvention
CharSet
GetMethodImplementationFlags
MethodImplAttributes
SetImplementationFlags
CreateType
Delegate
CreateDelegate
AppDomain
get_CurrentDomain
AssemblyName
DefineDynamicAssembly
AssemblyBuilderAccess
get_ParameterType
SecurityException
ResolveTypeHandle
MemberInfo
get_Name
get_Chars
ResolveMethodHandle
RuntimeMethodHandle
GetMethodFromHandle
get_IsStatic
FieldInfo
get_FieldType
DynamicMethod
GetILGenerator
ILGenerator
OpCodes
Ldarg_0
OpCode
Ldarg_1
Ldarg_2
Ldarg_3
Ldarg_S
Tailcall
Callvirt
SetValue
GetFields
BindingFlags
RuntimeHelpers
InitializeArray
RuntimeFieldHandle
GetModules
Module
get_ModuleHandle
get_Module
GetMethods
Ldc_I4
get_MetadataToken
TryGetValue
WrapNonExceptionThrows
6.9.0.114
"Powered by SmartAssembly 6.9.0.114
System.Security.Permissions.SecurityPermissionAttribute, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
SkipVerification
[Dh;_Mb
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
o<_t'J-8<
s M*A"G-~
,G$A+x
\5\?T5V1Z9\6e
~-@%N-C)y
q"O(>]7]
e6[,G$A+h
`#N)B!D.m
e6[<W4Q;h
`3^9R1T>m
e6[<W4Q;h
`3^9R1T>m
e6[<W4Q;h
`3^9R1T>m
e6[<W4Q;h
`3^9R1T>m
e6[<W4Q;h
`3^9R1T>m
e6[<W4Q;h
`3^9R1T>m
e6[<W4Q;h
g4Y.E&CW
I$C(K.D
tL!F-N
m?Rt>U%
SN&F$N
LVzQy@
}WyIaH
Vt5Vz4W
dFC!gB
a0kR<p
sO;P|1J'g
9b1\;Pl
C>qB$B)
k9Q3Y&z
Hh~A)D
t+S:jj
f66a6xX
m~v&v
UieWi}V6]
a6V=o,
k H#q)
(Uk{ H#q
=&E0dCsk
-J!sin
4_D/}[
[G.~!s;
Hh~YE0d%L
%WWi}R@+y
w,R9kN
X7Z1c+
!L'u;bi
2_6f<9
Uk{T9T
j!L'u]
"N%w 3
j:( 4/
K"r#!
Hh~Q:Q
s!~7{Ke
4/K"r#
OB"G-~
3v&K,G
#f6[<W
#Df5O[m
6YyY+E3
QY?T7R
ZpU0$y
B.D#H+
YM*A#GlX3
MC)J/E
5w%H/D
4}.D#H
kV<[0S'
p+A,K |
UR7]&r
~+H#4 8
Z>\7|*
83S4_<
~,O$w2
M&-N+@
Y"Q<[0S6\W3X
,U&K(M
Z9^4W2I
@E5V4Q
=%/m|l
aN$G"H
j)G%ACl
ivA'M!
"I*N$w
u#@+(]
uf4Y>U
`3v4S0U
7TO!F-N
]:D'B@'O$w
ms~9N+A
hy&9\6
`r!E!L
LCF:_5
P:R2$|
IF-N+AL
F!"g7D&C
Y3 +4P
h?R5^=pu
01S:&M
0s!L C@
XS&>S4
y(C&E
a2_8kQ
!,)I"A$f9
v(wXo8
_{!3}}0
4z#FQ=
#H/D'B
){"#B)J
Yw#N)B9F
S\=X2&
lK+M'
awTf3P;
?X3PM/
8(hSXI#A
y,<<^;
b0S},A&M
Na6\<T_
]&5U?]
|+X/H#
7>^<Ww
p;0(B!
e;J*P;i"
+~E7<n
/bYM/E
q&M+A"_
bW/D'B
t%3^=V
G<Z:`"
c{D,L(
~2yGH_ho6
z*J9#*L'
>z1n!s
%|OXo>
pV+A#G.
b@d.eH
^mM?=;
aQ=Z1Rv<g
0V|=P/
`O&F$?
0M]\/qE
Ln<m}S3
g~WX=W
j'QZ&z
6dvOI
H3K(XA
g=KW1h
T-=Hd|
n>^6%..)
k9[1=*&%
}^[-tT
]lG,=Xa
>S5_=Im
`.I0\@"z
4e8V2Js
:"K"B(3
;[0S63
v'B(Hb
?R5v4-F
YT8T8u
op%G-8
b;n`!C'
OX3\/H\
6I"q4~
aJCE/M
4k 96Z=
r}$B)'
IF#B'M
"L D({
bK8T>m
bIt/E'
.WUH:Q
`?T4`<
jX<X~~5b
K4];QJsC
~/M'$aY@#F
_M.]6e}
I:^6f#
#+Z=V5Ps
P;P3V<
+Z1T7R
|4Z>mu$N
*L$H$%
:iST3X
z)e5R9
O#\MG"H
u*[_;Rv
^I*K!r
@EM>]8
VUMI/E
SH$C(K
k\+H-_
wc,A&M
F%fDN)B
/C$O$A
gwI96k~
gj%3U?
.7[8X2a
x3Q6S0
,?/L&u
i}Z'A+
l?'\$v
T~}B"A$fuN&v
j|]^6S9
hv-C%O
C@J^4g
z%N!F-
FS7]?'{
C K0i?T7
gL_:R2
YRiL"F
J5S:j!
I6`4ZUJ`
Tz#G-O
A&D/}
S{8X@,O
M>h[2b~Q
2X4XU
=TK`O+B
;ilO$w
%L(|)K_<Y
p5s\?Z
TL!E.M(
8W4M't/8
7|0Lr
jA"aiF!J
u7fT?lt~E(N%
UHq(L(
<w@}.M
,_9[?m
HCX^3T
2V>^.D
C\/A1G
Bi:O$w
}*9X2a
0{2(C
QF$A+%
olS7T1
7|G}{(E
1N!BD!F
t3Zx*u
y*fH_#y
L"ay
i"%R?X
D$P4QSbm
J,J!"Y8
{^8S0U
h2Q:i=
3xnu&K
;X=TG#
;K,G$2
?W0[8$
#Xgz*J
,:{!K)
fx~QA'M
GB(I+O
ak8[0`B
hB58^5
lb3_9O
"`7Z2b
?U7SQT
bY@+y2
tgVdWP
wZ/|t
F}GK(&P
OGCoS5
XI"F%@
,g$<R6
}=1h(cP
"hm,GS
"WFB_\
5W3Z!7
iE/|#
`D'B(+`
c4W<ow
nvD D0
z/L'qL
SPpD/}
~;U>]3Y
-f>Y2a
R!ke$v
cSa+H#
.Eh;>D
D?Du'E
J)Z`V2Z
xt/Fu'E
^5V3qx
@"G-(c
B'D! .]
c .%B)
h<RM %@*
-4k^ E/
0o 7R8
wH,?@P
b5VU%D#H
:bI!rx(I
G*M&E8
5~E7]?
X5W3Y"
?m&O&v
{)E"I*O=
w,yG,L
]H H+N
2`3P;=z
$7AtW#
%H)L&%
?V:R2O~
M2Z:V
F)C!]1%|P~
*YSE0d
(Kh:W0[
~,[H$x
GD Z1c/U
AyX#!C
"_%>8C
r"b{v'K-
*/W7r*
O"C>+<
Nq?'#l
VFl"P'
IWMg/2
l"6Ib$
8)vE(2
zN5X?T7
F=a3_9WJ
N$J<q,t
t&LG'q
ZW9"0tV
$f5V=n
oB)J!r
tPS0U?l
XQ3WzA"I
He@4"S
<+)<;Qs
:6SliE
M\"I^SOf
|wN|&v
d@n!#=
tG5~4M
>2}oyX
xu1CZ<
 91|x
a{sd;B
")#S%F
1A15tBT
(Ms:5P
<,J'E7
]cjt=U
(;qE5rO
7=ipc,
\:lm%wa,!
IDwE6 $
q$8=SZ
ADa-kA7}
6zt0f~"
Hh#6ut
Bv[RptR
HJ]kf.
Qd$bPq
. hm>CSV
&D%ixnm
168Vwv
vl$20?4
TMK*k!
85d^k>Bd
?N"rd_
gTZL)
lw$P^^
iv9lWs
39tkSl
JA_mNEe
E+\Cp3
nA-U!d
gcz*4h|T
LjY^ 8
wz,L[}
{y)F!@
fufe0m
g'KH8px
D+4d+'
y*Rf2e
tWgK-1
1-dS2Hl
\L5.,P
Q?-">r
CPWjR0W
]D|Mly
8S^UeO
EOOFloc
}O?<bw
J)y37h
Tz^t Q
4+J'=B
Bry^3G
]6I9Sr
)JS4p@
0e zN<
+h v(6
?K{d549a
@yRi&s
-fLu[a
>^Q:%5
&MBbgW
2^fcW~
rn`Rp'a
8cEAlX
gQ^n@Y
9 A= {
C.y&:e
r["L\w
A;i}`p
)mJkL(
^MouH?8
o:y$s:w"
+z-+'^
V4?Q$?U&
^x!hW^
jw@`b.
LN<XM3
JI7[eW
6f8$?Z
>#nC48
(xaZB5
NAgw6dw
L>VQyu
(Y~4id=
b1/59
L>Pg8X
vbn'%p
%4w*6`C
m@OHsV@
em]I^BI
1rYZ!d
"[C^w
U00-4t
P'n"2=N
?.f#vj
;gX~Wo@
Lus$Wl
|g8E"HXvk
/T|w%}e
K$N)iTz
dxWU}a
G`1ueb
e\(~(^
?@Y9Ou
wY+sg_
X0 Rg#=S
7jKBd(
*]rMSV
*~q`\Ih
RLe3l{(
4y%6p
6*Z2qj0
E^S+Z^
;HCtJ(u8<G
Iu{PN%
~kP0]b
5'^A('
jhj"e#5K
uJH%(\
ne<$#x5yA
C8.Vv4
LT934JYwYs>(
B9V.)[=~
xW6DsG
@,jll.
xR:8|J
%#q8W3
Vm9sdW1lIG9mIEJveDEgOiB7MH0=
Vm9sdW1lIG9mIEJveDIgOiB7MH0=
L2hvbWUvamFuaGJvZG5hci8=
LmNoaHN2
Lmh0eHQ=
LnBoZGY=
ezB9IGZpbGVzIGZvdW5kLg==
QzpcVGhlbXA=
QzpcTmV3aFRlbXA=4ZmRzZmZmZmhoaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGRmZnNkZg==
ZnNkaGZoZmRmIGY=
a1NtZ2tjZWpTYw==
YWRzc3Nzc3Nzc3Nzc2E=,SFJ5OEt1SFRxYzlSeGlSWEh6NDVNTWVmdG9hd3R4ck0=,SFJ5OEt1SFRxYy8vTlJ3dE5jWVcyc2VmdG9hd3R4ck0=
RHluYW1pY0RsbEludm9rZVR5cGU=
bGNPbGFES1pnV0U9
bml1aGl1
IA== MUtQVmp5NnZzbndKRUtnL1Z3Qno4dz09,Wmh1cHlmc1JOdUM4K1hzS1pKc3d1VkhXN0tYRW02RSs=,bmVxRlc0NkxEeHRIVlRVd1IyWkdaOGVmdG9hd3R4ck0=,eVowbUpPdGR1VkI0dUdSRkRRblZQcmVPMks5Mm01QnE= YSthWU9DRnhpU0RDKzgvZFdhb2t4dz09,QUdWT1hMWUlCcUN6TldCRWllWXpBRTFTMitCY2ovSDg=,bWhCZk05Uy9qNzI4K1hzS1pKc3d1VkhXN0tYRW02RSs=,UjgxZTRpUlBvanhIVlRVd1IyWkdaOGVmdG9hd3R4ck0= ZTdZSDZwSGtIZ1AySFdhNG1ROHBQQT09 dHZMRnQyOGdCU1FKRUtnL1Z3Qno4dz09,NkUzVzFkdktHazB0cHljRlkrajhDcHlNSU0zaE9YR3k=
MjYyYjE2OWZiZTJmYTRkZg==$QXNzZW1ibHkgaGFzIGJlZW4gdGFtcGVyZWQ=5d
_CorExeMain
mscoree.dll
wwwwwwwwwwwwwwwwwwwwp
"x4h$g
5(A#i@
siFaKE/Q
'&&vLOO;
*>33sq
Qx]/kXk?
q/k[ko
^/GB@U
T*}pzz
""""""""""""""""""""""""""""""""
rqp]777
777?666
666z@=7
987H777
xn^D777
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"><dependency><dependentAssembly><assemblyIdentity type="win32" name="Microsoft.Windows.Common-Controls" version="6.0.0.0" processorArchitecture="x86" publicKeyToken="6595b64144ccf1df" language="*"></assemblyIdentity></dependentAssembly></dependency><trustInfo xmlns="urn:schemas-microsoft-com:asm.v3"><security><requestedPrivileges><requestedExecutionLevel level="asInvoker" uiAccess="false"></requestedExecutionLevel></requestedPrivileges></security></trustInfo><compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1"><application><supportedOS Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}"></supportedOS><supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"></supportedOS><supportedOS Id="{4a2f28e3-53b9-4441-ba9c-d69d4a4a6e38}"></supportedOS><supportedOS Id="{1f676c76-80e1-4239-95bb-83d0f6d0da78}"></supportedOS></application></compatibility></assembly>
{83caeae9-bcfd-458a-9ea1-3ae51cddb635}
kSmgkcejSc
MAINICON
VS_VERSION_INFO
StringFileInfo
000004b0
Comments
This installation was built with Inno Setup.
CompanyName
Max Programming LLC
FileDescription
eMail Verifier Setup
FileVersion
LegalCopyright
OriginalFileName
ProductName
eMail Verifier
ProductVersion
VarFileInfo
Translation
Antivirus Signature
Bkav W32.AIDetectNet.01
Lionic Clean
Elastic malicious (high confidence)
MicroWorld-eScan Gen:Variant.Lazy.185023
CMC Clean
CAT-QuickHeal Clean
McAfee Clean
Cylance Unsafe
VIPRE Gen:Variant.Lazy.185023
Sangfor Suspicious.Win32.Save.a
K7AntiVirus Clean
BitDefender Gen:Variant.Lazy.185023
K7GW Clean
Cybereason malicious.1f683f
Baidu Clean
VirIT Clean
Cyren Clean
Symantec Clean
tehtris Clean
ESET-NOD32 Clean
APEX Malicious
Paloalto Clean
ClamAV Clean
Kaspersky HEUR:Trojan-Spy.MSIL.Noon.gen
Alibaba Clean
NANO-Antivirus Clean
ViRobot Clean
Rising Clean
Ad-Aware Gen:Variant.Lazy.185023
TACHYON Clean
Sophos ML/PE-A + Mal/MSIL-VD
Comodo Clean
F-Secure Clean
DrWeb Clean
Zillya Clean
TrendMicro Clean
McAfee-GW-Edition Clean
Trapmine malicious.moderate.ml.score
FireEye Generic.mg.e5767b09860131a8
Emsisoft Gen:Variant.Lazy.185023 (B)
Ikarus Clean
GData Win32.Trojan-Stealer.FormBook.70MISP
Jiangmin Clean
Webroot Clean
Avira Clean
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Clean
Arcabit Trojan.Lazy.D2D2BF
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft Trojan:Win32/Wacatac.B!ml
Cynet Malicious (score: 100)
AhnLab-V3 Trojan/Win.Generic.C5212878
Acronis suspicious
BitDefenderTheta Gen:NN.ZemsilF.34806.qm0@aCEKoJpG
ALYac Gen:Variant.Lazy.185023
MAX malware (ai score=86)
VBA32 Clean
Malwarebytes Spyware.AgentTesla
Panda Clean
Zoner Clean
TrendMicro-HouseCall Clean
Tencent Clean
Yandex Clean
SentinelOne Static AI - Malicious PE
MaxSecure Trojan.Malware.300983.susgen
Fortinet Clean
AVG Win32:PWSX-gen [Trj]
Avast Win32:PWSX-gen [Trj]
CrowdStrike win/malicious_confidence_70% (D)
No IRMA results available.