popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2023-03-08 04:09:54

PE Imphash

c73bbc818ceb2fafea2b25df17dec187

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x0004c4c8 0x0004c600 6.3482222984
.rodata 0x0004e000 0x00003600 0x00003600 5.09617814286
.data 0x00052000 0x00022de0 0x0000e400 2.34830948337
.tls 0x00075000 0x000005d0 0x00000600 0.0
.pdata 0x00076000 0x00003a38 0x00003c00 5.52691064975
.xdata 0x0007a000 0x00005fd0 0x00006000 4.90614931747
.idata 0x00080000 0x00000b38 0x00000c00 3.95922683387
.edata 0x00081000 0x00000069 0x00000200 1.21342970588
.rsrc 0x00082000 0x0002be00 0x0002be00 7.85934169437
.reloc 0x000ae000 0x000011b4 0x00001200 5.81393966242

Resources

Name Offset Size Language Sub-language File type
VNRKGF 0x00082bb0 0x0002b000 LANG_ENGLISH SUBLANG_ENGLISH_US data
VNRKGF 0x00082bb0 0x0002b000 LANG_ENGLISH SUBLANG_ENGLISH_US data
RT_RCDATA 0x000adbc0 0x00000002 LANG_ENGLISH SUBLANG_ENGLISH_US data
RT_RCDATA 0x000adbc0 0x00000002 LANG_ENGLISH SUBLANG_ENGLISH_US data
RT_VERSION 0x000adbc4 0x000001f4 LANG_ENGLISH SUBLANG_ENGLISH_US data

Imports

Library KERNEL32:
0x4802bc CloseHandle
0x4802c4 CreateDirectoryA
0x4802cc CreateFileA
0x4802d4 CreateFileW
0x4802e4 DeleteFileA
0x4802f4 ExitProcess
0x480304 GetACP
0x48030c GetCPInfo
0x480314 GetCurrentProcessId
0x48031c GetCurrentThreadId
0x480324 GetDateFormatA
0x480334 GetFileAttributesA
0x48033c GetFileAttributesW
0x480344 GetFileSize
0x48034c GetFileType
0x480354 GetLastError
0x48035c GetLocalTime
0x480364 GetLocaleInfoA
0x48036c GetModuleFileNameA
0x480374 GetModuleHandleA
0x48037c GetOEMCP
0x480384 GetProcAddress
0x48038c GetProcessHeap
0x480394 GetStartupInfoA
0x48039c GetStdHandle
0x4803a4 GetStringTypeA
0x4803ac GetStringTypeW
0x4803bc GetSystemInfo
0x4803c4 GetTickCount
0x4803d4 GetUserDefaultLCID
0x4803dc GetVersion
0x4803e4 GetVersionExA
0x4803ec HeapAlloc
0x4803f4 HeapFree
0x48040c IsDBCSLeadByteEx
0x480414 IsDebuggerPresent
0x48041c IsValidLocale
0x480424 LCMapStringA
0x480434 LoadLibraryA
0x48043c LoadLibraryW
0x48044c MultiByteToWideChar
0x480454 RaiseException
0x48045c ReadFile
0x480464 RemoveDirectoryA
0x480474 RtlCaptureContext
0x480484 SetEndOfFile
0x48048c SetFilePointer
0x480494 SetFileTime
0x48049c SetHandleCount
0x4804a4 SetLastError
0x4804ac SetThreadLocale
0x4804b4 Sleep
0x4804bc SleepEx
0x4804cc TlsAlloc
0x4804d4 TlsFree
0x4804dc TlsGetValue
0x4804e4 TlsSetValue
0x4804ec VirtualAlloc
0x4804f4 VirtualFree
0x4804fc VirtualQuery
0x480504 WideCharToMultiByte
0x48050c WriteFile
0x480514 RtlRestoreContext
0x48051c RtlUnwindEx
Library USER32:
0x48054c EnumThreadWindows
0x480554 MessageBoxA
0x48055c wsprintfA

Exports

Ordinal Address Name
1 0x401da0 DllRegisterServer
2 0x474aa0 __CPPdebugHook
No antivirus signatures available.
No IRMA results available.