popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2023-03-09 02:09:39

PE Imphash

fa6a51aa074ad4e3400bdfef727dda51

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x0004c010 0x0004c200 6.34616131049
.rodata 0x0004e000 0x000035d0 0x00003600 5.09193471808
.data 0x00052000 0x00022d90 0x0000e400 2.32778024421
.tls 0x00075000 0x000005d0 0x00000600 0.0
.pdata 0x00076000 0x000039fc 0x00003a00 5.64639558706
.xdata 0x0007a000 0x00005f70 0x00006000 4.90810726326
.idata 0x00080000 0x00000c22 0x00000e00 3.77560881676
.edata 0x00081000 0x00000065 0x00000200 1.15334830764
.rsrc 0x00082000 0x0003c664 0x0003c800 7.2352094109
.reloc 0x000bf000 0x0000118c 0x00001200 5.80419672235

Resources

Name Offset Size Language Sub-language File type
OI 0x000ad20c 0x00000a2c LANG_ENGLISH SUBLANG_ENGLISH_US data
OI 0x000ad20c 0x00000a2c LANG_ENGLISH SUBLANG_ENGLISH_US data
RT_ICON 0x000adc38 0x00010828 LANG_NEUTRAL SUBLANG_DEFAULT dBase III DBT, version number 0, next free block index 40
RT_RCDATA 0x000be470 0x00000002 LANG_ENGLISH SUBLANG_ENGLISH_US data
RT_RCDATA 0x000be470 0x00000002 LANG_ENGLISH SUBLANG_ENGLISH_US data
RT_GROUP_ICON 0x000be474 0x00000014 LANG_NEUTRAL SUBLANG_DEFAULT data
RT_VERSION 0x000be488 0x000001dc LANG_ENGLISH SUBLANG_ENGLISH_US data

Imports

Library KERNEL32:
0x4802c8 CloseHandle
0x4802d0 CreateDirectoryA
0x4802d8 CreateFileA
0x4802e0 CreateFileW
0x4802f0 DeleteFileA
0x480300 ExitProcess
0x480310 GetACP
0x480318 GetCPInfo
0x480320 GetCurrentProcessId
0x480328 GetCurrentThreadId
0x480330 GetDateFormatA
0x480340 GetFileAttributesA
0x480348 GetFileAttributesW
0x480350 GetFileSize
0x480358 GetFileType
0x480360 GetLastError
0x480368 GetLocalTime
0x480370 GetLocaleInfoA
0x480378 GetModuleFileNameA
0x480380 GetModuleHandleA
0x480388 GetOEMCP
0x480390 GetProcAddress
0x480398 GetProcessHeap
0x4803a0 GetStartupInfoA
0x4803a8 GetStdHandle
0x4803b0 GetStringTypeA
0x4803b8 GetStringTypeW
0x4803c8 GetSystemInfo
0x4803d0 GetTickCount
0x4803e0 GetUserDefaultLCID
0x4803e8 GetVersion
0x4803f0 GetVersionExA
0x4803f8 HeapAlloc
0x480400 HeapFree
0x480418 IsDBCSLeadByteEx
0x480420 IsDebuggerPresent
0x480428 IsValidLocale
0x480430 LCMapStringA
0x480440 LoadLibraryA
0x480450 MultiByteToWideChar
0x480458 RaiseException
0x480460 ReadFile
0x480468 RemoveDirectoryA
0x480478 RtlCaptureContext
0x480488 SetEndOfFile
0x480490 SetFilePointer
0x480498 SetFileTime
0x4804a0 SetHandleCount
0x4804a8 SetLastError
0x4804b0 SetThreadLocale
0x4804b8 Sleep
0x4804c0 SleepEx
0x4804d0 TlsAlloc
0x4804d8 TlsFree
0x4804e0 TlsGetValue
0x4804e8 TlsSetValue
0x4804f0 VirtualAlloc
0x4804f8 VirtualFree
0x480500 VirtualQuery
0x480508 WideCharToMultiByte
0x480510 WriteFile
0x480518 RtlRestoreContext
0x480520 RtlUnwindEx
Library USER32:
0x480550 EnumThreadWindows
0x480558 MessageBoxA
0x480560 wsprintfA
Library Ntdll:
0x4805a8 LdrAccessResource
0x4805b0 LdrFindResource_U
0x4805c0 NtQueueApcThread
0x4805c8 NtTestAlert

Exports

Ordinal Address Name
1 0x401930 DllRegisterServer
2 0x474a50 __CPPdebugHook
No antivirus signatures available.
No IRMA results available.