popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2023-02-27 20:07:35

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x00000d90 0x00000e00 5.3162381061
.rsrc 0x00004000 0x00004bda 0x00004c00 2.82792115648
.reloc 0x0000a000 0x0000000c 0x00000200 0.0815394123432

Resources

Name Offset Size Language Sub-language File type
RT_ICON 0x000080c8 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000080c8 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000080c8 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x000080c8 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_GROUP_ICON 0x0000856c 0x0000003e LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_VERSION 0x000085e6 0x00000404 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_MANIFEST 0x00008a26 0x000001b4 LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with very long lines, with no line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
p+"+'+,
v4.0.30319
#Strings
Ibvjzcbeby.exe
Ibvjzcbeby
<Module>
mscorlib
Object
System
PoweredByAttribute
SmartAssembly.Attributes
Attribute
UnverifiableCodeAttribute
System.Security
CompilationRelaxationsAttribute
System.Runtime.CompilerServices
RuntimeCompatibilityAttribute
AssemblyTitleAttribute
System.Reflection
AssemblyDescriptionAttribute
AssemblyConfigurationAttribute
AssemblyCompanyAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyTrademarkAttribute
ComVisibleAttribute
System.Runtime.InteropServices
GuidAttribute
AssemblyFileVersionAttribute
TargetFrameworkAttribute
System.Runtime.Versioning
STAThreadAttribute
Thread
System.Threading
GetDomain
AppDomain
Assembly
System.Core
Enumerable
System.Linq
Reverse
IEnumerable`1
System.Collections.Generic
ToArray
System.Net.Http
HttpClient
GetByteArrayAsync
Task`1
System.Threading.Tasks
get_Result
Action
GetTypeFromHandle
RuntimeTypeHandle
GetType
Delegate
CreateDelegate
DynamicInvoke
WrapNonExceptionThrows
GM Scheduler Startup
Gammadyne Corporation
ACopyright (C) 2013 by Gammadyne Corporation - All Rights Reserved
$3ea576de-57f2-4c30-a314-c08faa8e2ba4
1.1.0.0
.NETFramework,Version=v4.6
FrameworkDisplayName
.NET Framework 4.6(
#Powered by SmartAssembly 8.1.2.4975
System.Security.Permissions.SecurityPermissionAttribute, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
SkipVerification
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="utf-8" standalone="yes"?><assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"><assemblyIdentity version="1.0.0.0" name="MyApplication.app" /><trustInfo xmlns="urn:schemas-microsoft-com:asm.v2"><security><requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3"><requestedExecutionLevel level="asInvoker" uiAccess="false" /></requestedPrivileges></security></trustInfo></assembly>
1{%9{%A{%I{%Q{%Y{%a{%i{
q{%y{%
=.#\.+\.3v.;|.C\.K
.Sv.[v.c
http://192.3.27.140/non/Dkhium.png
Qncryvmismdkqaay.Pwowhuajnhvsescywg
Cpwctloxsihefl
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
GM Scheduler Startup
CompanyName
Gammadyne Corporation
FileDescription
GM Scheduler Startup
FileVersion
1.1.0.0
InternalName
Ibvjzcbeby.exe
LegalCopyright
Copyright (C) 2013 by Gammadyne Corporation - All Rights Reserved
LegalTrademarks
OriginalFilename
Ibvjzcbeby.exe
ProductName
GM Scheduler Startup
ProductVersion
1.1.0.0
Assembly Version
1.1.0.0
Antivirus Signature
Bkav W32.AIDetectNet.01
Lionic Trojan.Win32.Seraph.4!c
Elastic malicious (high confidence)
MicroWorld-eScan Gen:Trojan.Mardom.MN.10
FireEye Gen:Trojan.Mardom.MN.10
CAT-QuickHeal Clean
ALYac Gen:Trojan.Mardom.MN.10
Malwarebytes Clean
Zillya Clean
Sangfor Trojan.Win32.Agent.A8xj
K7AntiVirus Trojan-Downloader ( 0059c9381 )
BitDefender Gen:Trojan.Mardom.MN.10
K7GW Trojan-Downloader ( 0059c9381 )
CrowdStrike win/malicious_confidence_60% (W)
Baidu Clean
VirIT Trojan.Win32.SmokeLdr.DOG
Cyren Clean
Symantec MSIL.Downloader!gen7
tehtris Clean
ESET-NOD32 a variant of MSIL/TrojanDownloader.Tiny.CEA
APEX Malicious
Paloalto generic.ml
ClamAV Clean
Kaspersky HEUR:Trojan-Downloader.MSIL.Seraph.gen
Alibaba Clean
NANO-Antivirus Clean
ViRobot Clean
Rising Malware.Obfus/MSIL@AI.96 (RDM.MSIL2:7nWFQs1DkAKaPoE3K09LNw)
Sophos Clean
F-Secure Clean
DrWeb Clean
VIPRE Gen:Trojan.Mardom.MN.10
TrendMicro Clean
McAfee-GW-Edition Artemis!Trojan
Trapmine Clean
CMC Clean
Emsisoft Gen:Trojan.Mardom.MN.10 (B)
SentinelOne Clean
GData Gen:Trojan.Mardom.MN.10
Jiangmin Clean
Webroot Clean
Google Clean
Avira Clean
MAX malware (ai score=80)
Antiy-AVL Clean
Gridinsoft Clean
Xcitium Clean
Arcabit Trojan.Mardom.MN.10
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft Trojan:Script/Phonzy.B!ml
Cynet Malicious (score: 100)
AhnLab-V3 Clean
Acronis Clean
McAfee Artemis!016D62539656
TACHYON Clean
VBA32 Downloader.MSIL.gen.rexp
Cylance unsafe
Panda Clean
Zoner Clean
TrendMicro-HouseCall Clean
Tencent Clean
Yandex Clean
Ikarus Clean
MaxSecure Clean
Fortinet Clean
BitDefenderTheta Gen:NN.ZemsilCO.36276.bm0@aWEkDqn
AVG Win32:CrypterX-gen [Trj]
Cybereason Clean
Avast Win32:CrypterX-gen [Trj]
No IRMA results available.