Static | ZeroBOX

Name	Virtual Address	Virtual Size	Size of Raw Data	Entropy
.text	0x00002000	0x0009a854	0x0009aa00	7.98287177346
.rsrc	0x0009e000	0x00009a16	0x00009c00	2.37573968162
.reloc	0x000a8000	0x0000000c	0x00000200	0.101910425663

Name	Offset	Size	Language	Sub-language	File type
RT_ICON	0x0009e13c	0x000094a8	LANG_NEUTRAL	SUBLANG_NEUTRAL	data
RT_GROUP_ICON	0x000a75e4	0x00000014	LANG_NEUTRAL	SUBLANG_NEUTRAL	data
RT_VERSION	0x000a75f8	0x00000234	LANG_NEUTRAL	SUBLANG_NEUTRAL	data
RT_MANIFEST	0x000a782c	0x000001ea	LANG_NEUTRAL	SUBLANG_NEUTRAL	XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

!This program cannot be run in DOS mode.

`.rsrc

@.reloc

*X*X(%

x{S]S}

Z>sJA#G

q*"5%"

{N`NR.

2o?<95~P

u-K`?./G

?`oggo

^NPG`|T

;Rgm4n

'p-GFl

8{>*H

4~W;\d,oK

0:<\i|

S6ev}_GPQ

up\l3A

|'<w.mz

]!?q][

}3oNq2

HeSi/[

Q?=&0p

a^*R

tBoC'm

08rACm+

s*^8;arr)

;,]BZq

.Pp|k,,X

sqoDIO

{C(Te

&7D_an

_WK 7iy

:72DQQg

P-`ZtW

xIri)7

,$Tucx

pt11#(

,Nt9C|

BAh/Px\

C6'ZCH(

|(>64)%

UcIW,lY,z

.O_~(2

g;2o a

S ZLYN

m'CHn?

[uf`#t

\'WFLQS*!

S4x4Y+

#VsY&W

?Wok@%9U

])%V*v

mlh,9

#Y?mY(

'v36IcKDwV

:`ze^@

NJ&ilu

P3iR/|twIKBS

PQMXWj

iVe0*t

zIi]g<

gtzVx1

]SlW7,

;[KCQ>

~^FT W

Kg+-z;,$

Ay;FF>V

(eR9QZFl,

SHnPq5

PMS?h

y2la$0

]Z[^DX

a!J53R

Wx#O'u

CYvo0f_

V0/]@A

[?31&$c

4<s9ou

h<##i;

U6(.*5

.S`a;*

4~y^),

FgZ*y/[

UHIKu]_

O@yTn

Z}o:'Ezu

iN=(Ww>

)xYD^V

h@$GJy/|

j#:&5@

Rp,6!$mhJH

-@VT_uJ)Xd

lNx![k

H6CVe)z

_6,a[4=O

[q?UeG]

^1*FbTin

$&n#]].

j8zeR,S?T

I#61K"

<Yh{=_

&\viJ

nWlvS#

^ONO*)

F?Hv_'C

8C#n%5

j>s8qC

kMd^)+

0W7sO9

)/T\*i

m[=-z<x2

Su4\1v

Ikbr$z3E&z

[^Qzu_

AV}~(S

=_lAq@

`/>ST|y

>8D+@=

3Q_^9~

bHKzMt%l<r

]-;8+m;

%jn^Hc

CI8 l)

w3RK5#

Tahts=

*K##,/s

%]7BR!

vy*4z4

@l{#hH

"/>(_pW

8i</If

jeOR\j

Ij|St9o

-d[ud%

4rN2uP

PJYEu2

R+O-f^

))gWZr

}PGO\g

o;aFiI

k,pRwTO

!C7/h{C

yb1!@3

~[L{wN

=Czyo_

s_SD-)6

8!;Rm|

&`81)t

'^FPSmp

hO69%J_

aa`WGe

nTC=s-

`6an9-

.Jtyf}i

=:[p9d7

d[96%

pK(P?g

{M8CZ;|x

]0_Ia/f4z

)~]9A

`%6@W5

APXyhX

;imb+Y

\}j61p

I8MdZa

]<zNh~

DS[a"=9R

_x]!Fz1E

rNi6m2qA

vt|/eV

&1U ib

:tZh<X

|Q7>.mm

K:ukQ}J

rgT<N4mXz

kVd2\)

yvry.

U1/lS2

"JA{zp

{UZKr{

/l2v_e

|C%U`l

t<Q:ga

@QT@JT

uZb?D

!YN gJZ

769k%5

J!zYNT

"B o 9#lk

KOIgs!

rvs-kZ

aWCi96B

-eaB6PG|

<w`h<]

RMqV3l

cZVQ(70a

)CsJ]#9

>~r[mTR

l^ocP^

eS:Vpt

\k*NE!I

-PY?:m!

~C}vCf

b|]UJa

HUEBe$

?8YowS

$%Siv.

jLwjMt

k8_V^#

uXHM0O

B]I"Ew

iFs7biP?

8=N&y?s

ej-dr`

;A@Fps

vHk.w&(MW

=QWYAqf

gKYr0$

P;TiF}

MXVz5LX

:]:lE;

C_CF @

"<ms^'L

Nu~yoc|`w

-'"8 z

wpk&tR

_i6BaP

G7uFF^C

"?5E{X.Z

Qge^yq2

83z-{<

,yxwb1

l8{3S+

}8T|`eP

7 hnVI,

>#QodI

!SoB*3

{v@T(6eW

6 3wS%

5aAOXt

J)n%pl

d,"&n;

Z)f^+x9h!

H"^xH

0|_4AN~

@CdXS_i

(TptxA

AOQyeE

ubeH,W

dRCa!`

\u'B>@l

?qJ#)*

+Y"R#\

x$)3zx

h#,n,T

uIN3FQ?

-s6W5`

!gzcaIc1

;Vr1*^

RJlkWo

>X:AT2

/a/#^)

c7O,]v

{)Mv[a2

>:jT6D

bs4L%u

(g~)bY

~w+%zD

ln;+uS

U6A$%q

$t&xAvA|

dEY9iY

JQYAw[

Q;c|&

`/,>P.

R/[ K|

Z_|q<^

e2$fq:

b]e[i0

t>/IjL

F%{{wO

4_,F4P

R^No:}

m_&<7(

wrA-IP,

"AY{jA

FmI*=Z

IB"19JI

,.V)ds

Ki3B9R

:PN$gO+v

k+rJBg5;qE

ueR\e&

X-ozvt

]>4O=g

t(u3Sp

OccNwW

RlF-[>

OhaBh<

=dy-oGSj

}RE8U@

W{uHth

%zJvVas

H)]Oa3

-~"^3

[oP40K

byl3Uk

t%}5~

$SVT`{

SQO,Ye3

+6udbWGG

XY?b]GT

3)mu_?A

66eRL;

:fzce

gC_83#>

ovAn<{O

QRONz`$|

2J5/;Y

}.qQ)qZ

C7pgV{

Sep;2K?

X3WK6#

iex\V#Fx

"MtzbV

S*Tasv

1g2^-p

5!I>:2OO9

_~h=M[

>-3}x9

R:Pt!

qakqM|

iE_WOL

C-*@3{

=d6L.:Dbb

`|G8xrX

faNbNH

kG"!-9WT

^Dh,zQ

Zo<e4|"0f

Y3}P@"

wvS+aZy

$S,y*}

7 42R5

i%=<xl3

FFzB5M

8VLeL+

g*bxzGzt{C

%ac1&>

TM&Yl

FYDP <>

mf$(tB

?m6"~;fN

RP9C?c3

hs|@~^Y

+4/]@3

GQOiTc

H5"j_Iv

q|f!QAx

j-m~lZq?F

qqe RU

BS+;f[

Vq&$m##

=?C:z2JJ3

16I[TV

dzwg;TA

F!b1~K'c

_\qtbLBb

[6Rwsr{

cWs$-m

3(-@C/o

%O,b2i

:9yxo6`

$xluY

vm4 >A

B(&r2I

q^Bgk-

v1kY'aH

`9cB}nh>o

b\B7j?s

7Mr68B

&"TTRps

z_`QDM!

I8h"2H

LmF8":

WOl@ZRWc

y$Bjr=

A.nC"rE

!/Ip_

^>+2a5

l~OZET

dLVYfu

;Atjui

QuaPit

@oh7G%

4:D(CTR

rP03Y-

>Xwroz

m11x~,9fa

oH4Qoe

5R`p9~

QmCv'T

EfiOHC

E/\#lv@

,X1.Rbqq

jD8hZH

\(ui9@

J'4Ri&'

J?wZr^

Q39.9M

}%5>Yv

"?TRS,

y^IDYj

7S.alV

'ro8'V

GcsK99Cl.

29:DMl

z}\cq

2\$"RmA

:0S_aF

0&\t1x&8

=v1P([~X

d}>~EQd

2R-b 5

>^knYP

M2Fw6GK

ODJiRm

Z8BKAc^

*b(T<G

YoC]cp

X~cPIs

DZ)J:_

V|.|?|8/h

~L9w77

FgIH`<

RjFQI+_

HO^^VV`n

X9gYi1

VhhN|7:

UoI}Lj

a6L+t'

pXt=s|

oJn)M?h=

-9Iea|

Ksft_(

]q",63

R7UB6QKv

)%f61x

.{2q]aF

[{c_]e

Sga$C1

1f,)^2Xt

oW omv

Woxwi!:

Fn$RUg

z;?v<p

tF.HL7

y%BCj#;y

,+)Ezs

s#g-h8%r

myqF8V

3j^@>V

{c>g4L

gsQCrw

* AJ17c

eN)mt}

^3>bM7\

`'k%~@5

ok?F3>

}7Zlo*

R}<T~%7c?}

3Y*B}w

"|,WF$

\B"Au[}

yS~@$X

GWN^34

o8_4w%

B{Bxo%

Y'MC9?

qB\3GS

gkf2wz.

^f>6uw

,~{QQsy

HsDPQ

WW<q*<z,X

UfV& 1

,M{KG,

6hoq4[

9}TtAC

_avqd6

-;_)6DYd

s-,3|K

I9*;GDU

;S0"Np

3<G-He

uG_OE6

CUyrqS

SmU*#3

x3h.F2\:u~

hL+3n-

Uj&`)}+

-{3\j~

hR%BOx

Eks<!l"

#j*S,B*,

BixTvC

?iob^d/i

gNIQI1

R]"wKPC

@um8Gu

/:d0:l

TU|t3H

~aQJZ*

7L]UU=6

#`LW={V<g

\c]rZy

b3P?i-]/

_;J_A?

=2=p|3

?tO9HS@

2t|W|B

<:NvD^,

#,v]Jf

^]:i5\

@HuB\{

v`bJa

a]~,B\d

/F) y7

)c|*Mv

R4U!0r

sT8)hj

j|Yd(/

3p.s1C#

S589 #B

5Tg$|sj

l8>utu.

=C@JYu

v2E cT

,j+_3{

WJ-`{gX

foc.&g3~

-#u5g}R

}37SY,

"IlY\'G

C[WeCx

~</!q~

|Vga N

(a7hq8

Uq!/6?

97Z(T0

1}T)90(

6lr'v=

%6mw'ox

P6#sK

?TD9lH

>GddlL

Z3+/4q

w{HO:

lx S>#

rF1U44

|a"Tv&

Y\7}6V-

u4q;|y

0-:GrZ

hS'6Nf/M

v.uoM

QOP.Qz

f|"2yk&

*Z&Y!*IX

C6FvfV

A;[p@{

wra{i{Y

F :WR&

8+TB|mH

QM:u_/

jdgUaA

HAj}a!

#uCM4

Fb%)iyU

'-A9!ub

<&J~&E

.Xl/S$

8Qbz1J

ZRk9`m

ZmD2>s

M8\Ntk

/LK@w~

?_{Nz

~YiH+y

t0R2D~

m{EW[+

mOi%Vn.

h1, ws

"(`,No-

9O)>@h

XoYWw)

sz(h<G

Vsp"g,

]![Fb*\G"

J[-LGZ

(?O@1f

/,=pyYh~

$A%h1d

Q@;R[v

J}Y*~K

Pm=6s1C0

Ya(dC(C

:+4QMk

V0^e`K

}L3]oJ2

8SyQ6g

9Xeu@U

U!fJ"%`

:s?w>F1

<60EyL

8xhJV?

+XJ!yalch

yX@&u=6

0_|0@hn

N?g3m9

fI3KfoTV

fIo*5I

SLlX+Y;

aU%/z^

M*Bo]0Cz;

'} -Py!$E

4*@z`L

\ANK2#

0: NK5

@!p~G~

0(lfF

@2a+*{

cv'0n5b

Y`Z@`J

yAXRn'

<N:-1g0

I<>hcP

M$,c w

|@cI>N

aNK77[m

H.hcC"

@K h9WN

rSN(W?

kcq)bLME`

WaAoH1@

&PsW5cf

V.q,]pv

.`RMs69

atU-zy

!9@>b#

7G$E4K

4\n[$#

Pp/;jT

b^|sz7

4Z@j/s

Y.>LDD

5q$q"r

ck&^+v

N^RtAT)i

QjtV/^

x}Arq

UA%.k~

X:W<xQ

!WVuD3

\;^w~

%mG3pN

L/QAq3

]WR%ms

d)zV=|1

J|$pA

CY@:p

BQMP$]#ACe

^RgH4u

G: yr:

3P~yafi

)'v\Qr1Q

!*/8D

W{xqB"

f1 :za.

uIQH'E

D&R<^T"

-l`rH2

54IeF>

"|ERl&

Uw6G`k

@&Fxb<x

@A{hL4

;EeLyN

z>AY6f

D5)zS?

QDS:8#H

Nw[<B4

fFgqS[

^]ey3u

E9QB y<P

kL9 o$(

rPK0aSe

!_^o0

A5=/o`

d,B2Eo

CJUf7N

}gcJV$

\t#[-R

'z!RSZdx|,1

@:B{Qg+

Pia#Pk

b%wc@1

aiH/7

T'^LR[:

s@f6:f

*pJ&p\`s

#<@$UX

s,Y "@

L3w)?U

|/'5B?K

b*$lZ0

?LJOs-M

}z_sGk

/vyjOkD.

ODQ?C0

A#H8hL

}0rq~Xx

>X\|?@

Jxm'{br

KY+055\

xZ:8teS

J=$#MDl

"<KC(qw

DK9QA]

`HC9Cv

EQ7Dz6

0X}F$]lq

'U/O@G

"Xtp8!

n1+Q=aZ

k{r}"9

;he/=/`~

$O?WxP

MTtBzf

U`&f 79

ZVPHCA@\

qqNEeb

oWdWVI

'qg3qi

:d.p3P

FvbnFt

YK4>,i

gNQ5L\B3

YjI(s4,

ipaF#RsTSaB

),kuk

oYu).#

q9aC)Va*

a)lza+`U}$1[#

,j3N%y

q\{&Un

aS|!a3`u

wf[(QO

oa%v4/

}5bDNy

<m4jC1Ej

/$k+w

^wY&s^

O^y *Q

ip'}QW

I3|4#Y

|_o(!?f

j#]Bl#

m5I {.R

Kw;u6cj

p0;|H4D

"nSH^Na}^

Bl8%dv

ce;fE;,H

us'k-Y

$FlO;I1s

.CMR-B

;B#$\V^a

mLvtNO

81Wd.H

BJ1Z659

1;c,J

%S^q[E

JK:bn-f

7XF+A6Q

|bfARl

SO8BhL

/sy%B3r:

Z<FWc'

!v&Dwg

FP>~_9

kBB3nvFt

CIIsZo

6h_75J

-UQQfNC

P/+bA;

5@jkg7Y

'E%iJ*

MKi.C,

R$LDjt{

hVd~Vi

R}tdPw

Y:cvwTB

cq_m-y

'Hd-Bp

7;:Wc

r~PhdH

(w'f4z\

KJM"[?

!hk^&V

u>n9pX'

,.IKWin>j

Vz]"xt

O9>I|k

nm]%*)J

yvrx{y

}U@dFT

!bCbUh

+fRnLh'

Jdtx+[KJ-T

c6)ai_

m"]VC\KR

"QiUFe"

m-bw p

~.rRl0

v`4VUk

Z=Ifg

L}<]rw

B/7[pOW7`

VrN|7n]t

A&R$P*

&S|x3[

GgLa6:

vdY^](e<

l_xeRU

KQkgJ_x

=4rF@;

TU+"f|B

0f)w+h7

i8>69l

,UjTF,_

pf]--8

.x 3N4vC

Y(*-?E$

`41}[j

y(P/fnE

2}{@r5

kMW_}

fcUD>8

+JrE3~

gU?=K9.}{

$o'P8%|8

c>;J>

bMb&Eg

R!gO6U

M6sw [

{Af_C9

5/~vvF

0\EN|S

f_DFZe

t^B>#O|

=FJDtf0[uy

~}}+kpA

,WoNX5L

D!2":W

nyZi{lXD

+6FcGz<qW

`l$0i

FV3?>#O

%8oe}9

M;MS^k4't

@:GO'f

8lvW8A

oI=rTh

sHRx=]

wx586@~

3{h.Qz

:^AiuPL

e)WuWh}

zyApvP

ZKel2Y

X3cPn2(

!z<BO3

i,L[:x

Nql.>V.e

@CP:B!R

g[~IrG

@#82eB

<;.JaN

y?9XC7

lwdlv#z

`_f\m*

g ae#.;b

>6R6k5

|<I~ 2

2,=Sjg

AGu!UAd]

]Ra7dS

zx:QoT

HZjE'$vHjd

~dWR3]

y5b,k"

J0@0Bz

%- 1yE

D]++iJ%

c:N*Ic

/441%V

E@(BxY

;; PU#

LFf|-&

nDrg)?L

NRxS0xn

lUIV1o&

0YtJxO

$ufj"S4

Vt4cUJ

'SG}MWHC

NT_9)z$

BjERQa

kG$[WF

7Nu{+4J

HLrl>bpKXl4

'7OF.v

0;92]w

3Ej*~"

{g^?L5

V0^cP~

#(%F%A

l(])pm

LA?@z0"

).,{}C:#

eO}DWx

w~bV2l!

zrou*|N*

,i<8ti

c=cVaj

s+<'a(

7!<h=iN

>MNH{xG^

f~%Bso

GLo)nL

[7v3\`

,<'~i#K'

2u6-Nf_

VYx fc

W]f*Hh

2VJc%9

0Se{rZ`7|{3

[bqt7

qOtheWD

/{nzWB

\xIRpsb

myR9/w

fz2+x9Q

~kLz5<

"Cgwq

am(!%~

SG:78

;NNxs-

uJbccv_

DfW\%

?tu@Qi

[Hv=b>_

in+7AM

Y'PusEd

((|5|0

4mFUOj

&5,6IE

*?,Yx_

$%%>jD

qY-~{c

6)R^bF

v58h+S,W

*yOg%'[v"

@,Ey{XC

H]xm#L

,j6+EuF

i8SU(fV*

B3?R:

kB?P/DP

%-nQ8t

&&IXp0p

5)d*N[

bpTW^N

ZL|m;fT:s*b

[;@^E"

2(&0OD

Tyivr`4=

B?Rgs^

qxQ%,{

vAMHaE

&zO6N}

$"N,T}/p

L:|-1z1

c8{D1k$yK

'tlMaHy

s:uV|}BN

Uuwt!`

YC"Z)[^

i-`XA(

"574|M

cHFo9H(D

f>%2 k

p?-Ps#

#\aqf]

cfmR~i

*7n}<S{<

AX_tIXlZ9

Pc"{"$T

/`<n(H

d3%uG?

MNJ6SJ

90e+s'

I}!>so@_

<`cm.>

P#gSI'

yS]?~V

qEGDM>&

jC&.\0O+

pCfW\@d

qmU-9JyZ

+zOs4W6

"}{\x`t

hu6Z)_

Lo.^i=

#(.{P

GL>fd|

C8pJW4v{9

4a}!H*

H)RgaeH

*8f3~P

-&?^Vb[,3A

5a8f>m

o"^YWX0"

a_'&S@g

I,B6V[D

J3;xp9

@;<TI|_hY

eClnO#

%E+&37

PgI'K)

b'NE==u

ltA?|+

bq4.v"

.k6apC&P

EsP)m x

v4.0.30319

#Strings

Reserved1

ToUInt32

ToInt32

Reserved2

ToInt16

get_UTF8

PROCESS_SET_QUOTA

WRITE_DAC

PROCESS_CREATE_THREAD

PROCESS_VM_READ

STANDARD_RIGHTS_REQUIRED

PROCESS_DUP_HANDLE

PROCESS_SUSPEND_RESUME

PROCESS_TERMINATE

DELETE

PROCESS_VM_WRITE

SYNCHRONIZE

READ_CONTROL

PROCESS_QUERY_LIMITED_INFORMATION

PROCESS_SET_INFORMATION

PROCESS_QUERY_INFORMATION

PROCESS_VM_OPERATION

System.IO

ITE_OWNER

PROCESS_ALL_ACCESS

PROCESS_CREATE_PROCESS

set_IV

value__

mscorlib

ThreadId

ProcessId

GetProcessById

ResumeThread

RijndaelManaged

GenericAce

CommonAce

InsertAce

set_Mode

CryptoStreamMode

CipherMode

IDisposable

ThreadHandle

RuntimeFieldHandle

RuntimeTypeHandle

GetTypeFromHandle

ProcessHandle

Console

WriteLine

WellKnownSidType

ValueType

Dispose

CompilerGeneratedAttribute

UnverifiableCodeAttribute

CompilationRelaxationsAttribute

RuntimeCompatibilityAttribute

SuppressUnmanagedCodeSecurityAttribute

get_Size

get_BlockSize

set_BlockSize

get_KeySize

set_KeySize

SizeOf

Encoding

FromBase64String

GetString

get_Length

get_BinaryLength

Marshal

System.Security.Principal

RawAcl

get_DiscretionaryAcl

System.ComponentModel

advapi32.dll

kernel32.dll

ntdll.dll

System.Security.AccessControl

GetManifestResourceStream

CryptoStream

MemoryStream

System

SymmetricAlgorithm

GetBinaryForm

ICryptoTransform

NtUnmapViewOfSection

System.Reflection

Win32Exception

Desktop

Buffer

AceQualifier

SecurityIdentifier

BitConverter

StdError

GenericSecurityDescriptor

RawSecurityDescriptor

CreateDecryptor

IntPtr

System.Diagnostics

System.Runtime.InteropServices

System.Runtime.CompilerServices

Rfc2898DeriveBytes

GetBytes

AceFlags

RuntimeHelpers

CreateProcess

0tnwig7Fzs

Object

Convert

StdInput

StdOutput

System.Text

Wow64GetThreadContext

Wow64SetThreadContext

VirtualAllocEx

InitializeArray

ToArray

set_Key

System.Security.Cryptography

GetExecutingAssembly

BlockCopy

ReadProcessMemory

WriteProcessMemory

System.Security

GetKernelObjectSecurity

SetKernelObjectSecurity

Cronos-Crypter

System.Security.Permissions.SecurityPermissionAttribute, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089

SkipVerification

WrapNonExceptionThrows

_CorExeMain

mscoree.dll

z!hez!h

z!hMz!h

z!hEz!h

z!hz!h

z!h#z!h

z!h?z!h

z!h#z!h

z!htz!h

z!h)z!h

z!h1z!h

z!h6z!h

z!h;z!h

BBB[BBB

z!h:z!h

BBBdBBB

z!h?z!h

BBBbBBB

z!hPz!h

z!hDz!h

BBBbBBB

z!hDz!h

z!hNz!h

BBBbBBB

z!h9z!h

z!hwz!h

BBBfBBB

z!h1z!h

BBB!BBBVBBBVBBBVBBBVBBBVBBBVBBBVBBBVBBBVBBBVBBBVBBBVBBBVBBBVBBBVBBBVBBBVBBBVBBBVBBBVBBBVBBBVBBBVBBBVBBBVBBBVBBBVBBBVBBBVBBBeBBB

z!h-z!h

z!h%z!h

z!h&z!h

z!h:z!h

z!h8z!h

z!hMz!h

z!hcz!h

z!hzz!h

z!h,z!hnz!h

z!htz!h

z!hvz!h

z!hyz!h

z!h{z!h

z!h^z!h

z!hlz!h

z!h6z!h

z!h}z!h

z!h?z!h=

BBBPBBB

BBBiBBB

z!hWz!h

z!hNz!h

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>

</requestedPrivileges>

</security>

</trustInfo>

</assembly>

MHRud2lnN0Z6cw==

eElIQnRrNXpjUA==

QzpcV2luZG93c1xNaWNyb3NvZnQuTkVUXEZyYW1ld29ya1x2NC4wLjMwMzE5XFJlZ0FzbS5leGU=

I2NtZA==

Cronos-Crypter

VS_VERSION_INFO

VarFileInfo

Translation

StringFileInfo

000004b0

FileDescription

FileVersion

0.0.0.0

InternalName

ds.exe

LegalCopyright

OriginalFilename

ds.exe

ProductVersion

0.0.0.0

Assembly Version

0.0.0.0

Antivirus	Signature
Bkav	W32.AIDetectNet.01
Lionic	Clean
tehtris	Clean
MicroWorld-eScan	IL:Trojan.MSILZilla.17516
ClamAV	Clean
FireEye	Generic.mg.1ab8dbca5e2bba39
CAT-QuickHeal	Clean
McAfee	Clean
Cylance	Unsafe
Zillya	Clean
Sangfor	Suspicious.Win32.Save.a
K7AntiVirus	Clean
BitDefender	IL:Trojan.MSILZilla.17516
K7GW	Clean
Cybereason	malicious.a5e2bb
Baidu	Clean
VirIT	Clean
Cyren	Clean
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of MSIL/Injector.FCD
APEX	Malicious
Paloalto	Clean
Cynet	Malicious (score: 100)
Kaspersky	HEUR:Backdoor.MSIL.Crysan.gen
Alibaba	Clean
NANO-Antivirus	Clean
ViRobot	Clean
Rising	Trojan.Generic/MSIL@AI.94 (RDM.MSIL:CtOmBbj9VdPXzgFrEY5IXA)
Ad-Aware	IL:Trojan.MSILZilla.17516
TACHYON	Clean
Sophos	ML/PE-A
Comodo	Clean
F-Secure	Trojan.TR/Dropper.Gen
DrWeb	Trojan.InjectNET.14
VIPRE	IL:Trojan.MSILZilla.17516
TrendMicro	Clean
McAfee-GW-Edition	BehavesLike.Win32.Generic.jc
Trapmine	suspicious.low.ml.score
CMC	Clean
Emsisoft	IL:Trojan.MSILZilla.17516 (B)
Ikarus	Trojan.MSIL.Injector
GData	IL:Trojan.MSILZilla.17516
Jiangmin	Clean
Webroot	Clean
Avira	TR/Dropper.Gen
Antiy-AVL	Clean
Kingsoft	Clean
Gridinsoft	Clean
Arcabit	IL:Trojan.MSILZilla.D446C
SUPERAntiSpyware	Clean
ZoneAlarm	HEUR:Backdoor.MSIL.Crysan.gen
Microsoft	VirTool:MSIL/ResInject!MTB
Google	Detected
AhnLab-V3	Trojan/Win.MSILZilla.C5129545
Acronis	suspicious
VBA32	Clean
ALYac	IL:Trojan.MSILZilla.17516
MAX	malware (ai score=89)
Malwarebytes	Malware.AI.4221048470
Panda	Clean
Zoner	Clean
TrendMicro-HouseCall	Clean
Tencent	Clean
Yandex	Clean
SentinelOne	Static AI - Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/Injector.FCD!tr
BitDefenderTheta	Gen:NN.ZemsilF.34754.Pm0@aS7Dyql
AVG	Win32:InjectorX-gen [Trj]
Avast	Win32:InjectorX-gen [Trj]
CrowdStrike	win/malicious_confidence_100% (D)

Static Analysis

PE Compile Time

PE Imphash

Sections

Resources

Imports