Static | ZeroBOX

PE Compile Time

2022-11-14 16:51:19

PDB Path

BDZBXBSHSH.pdb

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x0000dc44 0x0000de00 5.95479276778
.rsrc 0x00010000 0x00001bfa 0x00001c00 5.50584123933
.reloc 0x00012000 0x0000000c 0x00000200 0.0815394123432

Resources

Name Offset Size Language Sub-language File type
RT_ICON 0x00011258 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x00011258 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_GROUP_ICON 0x000116c0 0x00000022 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_VERSION 0x000116e4 0x0000032c LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_MANIFEST 0x00011a10 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain

!This program cannot be run in DOS mode.
`.rsrc
@.reloc
5X|vZ
niCa8W
w[B;a%
9oZ <&
_Q$E8
<77\%+
~v%&8g
S`%&8H
5qNa8m
=y]Z `<[pa
PPwLZ
nZ q`8
Z Y[t9a8
x~!a8r
D`%&8G
OfZa8|
(!pDZa80
_bj/
_bY*
Qa%&8Z
aH%&8z
(rRg%&
r#}MZ
?jbZa8_
>LZ 0
Z_bX
g[-i+
Z ZzoUa+
Y_cX*
+* 7zf
86&~%&8
] 6o+&a%
3{% %&+
:$aW%&
HZ lWRwa+
e$IyZa8\
9*Z ]:
tZ (Dnma80
)%9Z B
ZL)Z X
1dZa8L
rR]GZ s
eZWI%&8
|Z 8+^pa8<
x*+cZ F
kp\S8
htYa84
=Z ;PWoa8G
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
ruw'PU
taxMw/
v4.0.30319
#Strings
BDZBXBSHSH$
BDZBXBSHSH%
5=7'a:<^CeAsym'CL+74')sm%
UInt32
ToInt32
ToInt64
get_UTF8
<Module>
|RakO`QMCu>ww~z!LS"n=%TiD
BDZBXBSHSH
System.IO
set_IV
mscorlib
lpEnumFunc
GetCurrentProcessId
get_CurrentThread
thread
get_IsAttached
Synchronized
ReadToEnd
set_IsBackground
set_Method
GetMethod
distance
CreateInstance
CompressionMode
get_Unicode
EndInvoke
BeginInvoke
ToDouble
RuntimeFieldHandle
RuntimeTypeHandle
CloseHandle
GetTypeFromHandle
ProcessHandle
ToSingle
get_FullName
GetClassName
ValueType
SecurityProtocolType
GetType
GetElementType
Compare
MethodBase
ApplicationSettingsBase
WebResponse
GetResponse
Reverse
Create
MulticastDelegate
EditorBrowsableState
posState
STAThreadAttribute
CompilerGeneratedAttribute
GuidAttribute
GeneratedCodeAttribute
DebuggerNonUserCodeAttribute
DebuggableAttribute
EditorBrowsableAttribute
ComVisibleAttribute
AssemblyTitleAttribute
AssemblyTrademarkAttribute
TargetFrameworkAttribute
SuppressIldasmAttribute
AssemblyFileVersionAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
CompilationRelaxationsAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
ConfusedByAttribute
AssemblyCompanyAttribute
RuntimeCompatibilityAttribute
ReadByte
matchByte
prevByte
get_IsAlive
BDZBXBSHSH.exe
get_InputBlockSize
get_OutputBlockSize
inSize
outSize
windowSize
dictionarySize
IndexOf
System.Threading
Encoding
IsLogging
System.Runtime.Versioning
FromBase64String
ToString
GetString
lpOutputString
Substring
get_Length
ProcessInformationLength
ReturnLength
AsyncCallback
callback
TransformFinalBlock
TransformBlock
System.ComponentModel
kernel32.dll
user32.dll
set_SecurityProtocol
GetManifestResourceStream
GetResponseStream
DeflateStream
inStream
outStream
MemoryStream
stream
lParam
System
SymmetricAlgorithm
ICryptoTransform
Boolean
IsLittleEndian
System.IO.Compression
ProcessInformation
System.Configuration
System.Globalization
System.Reflection
get_Position
set_Position
Exception
Intern
MethodInfo
CultureInfo
InvokeMember
StreamReader
TextReader
DESCryptoServiceProvider
StringBuilder
Binder
rangeDecoder
Buffer
get_ResourceManager
ServicePointManager
Debugger
System.CodeDom.Compiler
BitConverter
SetLastError
.cctor
Monitor
CreateDecryptor
IntPtr
System.Diagnostics
System.Runtime.InteropServices
System.Runtime.CompilerServices
System.Resources
|RakO`QMCu>ww~z!LS"n=%TiD.resources
DebuggingModes
BDZBXBSHSH.Properties
properties
NumberStyles
numPosStates
GetBytes
BindingFlags
Settings
Equals
Models
NumBitLevels
numBitLevels
get_Chars
RuntimeHelpers
ProcessInformationClass
hProcess
OpenProcess
GetProcAddress
numTotalBits
numPosBits
numPrevBits
Format
Object
object
System.Net
Default
IAsyncResult
result
Environment
pbDebuggerPresent
ParameterizedThreadStart
Convert
debugPort
FailFast
HttpWebRequest
System.Text
startIndex
InitializeArray
ToArray
set_Key
System.Security.Cryptography
get_Assembly
GetCallingAssembly
GetExecutingAssembly
BlockCopy
LoadLibrary
get_Capacity
set_Capacity
op_Inequality
Confuser.Core 1.6.0+447341964f
BDZBXBSHSH
Copyright
2022
1.0.0.0
.NETFramework,Version=v4.5.1
FrameworkDisplayName
.NET Framework 4.5.1)
$5a518b38-8194-44a6-8d14-0e0286dcb62b
WrapNonExceptionThrows
3System.Resources.Tools.StronglyTypedResourceBuilder
4.0.0.0
KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator
11.0.0.0
BDZBXBSHSH.pdb
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
New Jersey1
Jersey City1
The USERTRUST Network1.0,
%USERTrust RSA Certification Authority0
190502000000Z
380118235959Z0}1
Greater Manchester1
Salford1
Sectigo Limited1%0#
Sectigo RSA Time Stamping CA0
?http://crl.usertrust.com/USERTrustRSACertificationAuthority.crl0v
3http://crt.usertrust.com/USERTrustRSAAddTrustCA.crt0%
http://ocsp.usertrust.com0
rRj;B7|
[C]e=P
Greater Manchester1
Salford1
Sectigo Limited1%0#
Sectigo RSA Time Stamping CA0
220511000000Z
330810235959Z0j1
Manchester1
Sectigo Limited1,0*
#Sectigo RSA Time Stamping Signer #30
/l}.aQ
https://sectigo.com/CPS0
3http://crl.sectigo.com/SectigoRSATimeStampingCA.crl0t
3http://crt.sectigo.com/SectigoRSATimeStampingCA.crt0#
http://ocsp.sectigo.com0
DigiCert, Inc.1A0?
8DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA10
210812000000Z
230810235959Z0
Private Organization1
91320192MA1YED3N921
#Aicho Software Technology Co., LTD.1,0*
#Aicho Software Technology Co., LTD.0
-91320192MA1YED3N920
Mhttp://crl3.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0S
Mhttp://crl4.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0=
http://www.digicert.com/CPS0
http://ocsp.digicert.com0\
Phttp://cacerts.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crt0
Ed5Zs*
w3hdQ{
DigiCert, Inc.1A0?
8DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1
fS`A4^
Greater Manchester1
Salford1
Sectigo Limited1%0#
Sectigo RSA Time Stamping CA
220803135605Z0?
&GRAPHICRATING-KOLORIA-FILE-PDF-ACROBAT
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
BDZBXBSHSH
FileVersion
1.0.0.0
InternalName
BDZBXBSHSH.exe
LegalCopyright
Copyright
2022
LegalTrademarks
OriginalFilename
BDZBXBSHSH.exe
ProductName
BDZBXBSHSH
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0
Antivirus Signature
Bkav W32.AIDetectNet.01
Lionic Clean
Elastic malicious (high confidence)
MicroWorld-eScan Trojan.GenericKD.63639466
ClamAV Win.Dropper.LokiBot-9969312-0
FireEye Generic.mg.00c98ac064c26325
CAT-QuickHeal Clean
ALYac Clean
Cylance Unsafe
VIPRE Trojan.GenericKD.63639466
Sangfor Downloader.Msil.Agent.Vx9i
K7AntiVirus Trojan ( 005944cf1 )
BitDefender Trojan.GenericKD.63639466
K7GW Trojan ( 005944cf1 )
Cybereason Clean
Baidu Clean
VirIT Clean
Cyren W32/MSIL_Agent.DSJ.gen!Eldorado
Symantec ML.Attribute.HighConfidence
tehtris Clean
ESET-NOD32 a variant of MSIL/TrojanDownloader.Agent.NZW
APEX Clean
Paloalto Clean
Cynet Malicious (score: 99)
Kaspersky HEUR:Trojan-Spy.MSIL.Noon.gen
Alibaba Trojan:MSIL/Generic.cafd7435
NANO-Antivirus Clean
ViRobot Clean
Rising Spyware.Noon!8.E7C9 (CLOUD)
Ad-Aware Trojan.GenericKD.63639466
Emsisoft Trojan.GenericKD.63639466 (B)
Comodo Clean
F-Secure Clean
DrWeb Trojan.DownLoaderNET.447
Zillya Clean
TrendMicro Clean
McAfee-GW-Edition Artemis!Trojan
Trapmine Clean
CMC Clean
Sophos Mal/Generic-S
SentinelOne Static AI - Suspicious PE
GData Trojan.GenericKD.63639466
Jiangmin Clean
Webroot Clean
Avira HEUR/AGEN.1252470
MAX malware (ai score=99)
Antiy-AVL Trojan[Spy]/MSIL.Noon
Kingsoft Win32.Troj.Undef.(kcloud)
Gridinsoft Ransom.Win32.Sabsik.sa
Arcabit Trojan.Generic.D3CB0FAA
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft Trojan:Win32/Wacatac.B!ml
Google Detected
AhnLab-V3 Trojan/Win.Sabsik.C5306309
Acronis Clean
McAfee Artemis!00C98AC064C2
TACHYON Clean
VBA32 Clean
Malwarebytes Trojan.Crypt.MSIL.Generic
Panda Clean
Zoner Clean
TrendMicro-HouseCall TROJ_GEN.R002H0CKE22
Tencent Msil.Trojan-Downloader.Ader.Qsmw
Yandex Clean
Ikarus Win32.Outbreak
MaxSecure Clean
Fortinet MSIL/Agent.MNN!tr.dldr
BitDefenderTheta Gen:NN.ZemsilF.34796.em1@ae9429m
AVG Win32:DropperX-gen [Drp]
Avast Win32:DropperX-gen [Drp]
No IRMA results available.