Static | ZeroBOX

PE Compile Time

2039-03-20 11:14:07

PDB Path

C:\Users\Matvey\Desktop\OutExe\NFT.pdb

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x000027f4 0x00002800 5.95772190946
.rsrc 0x00006000 0x00010e9a 0x00011000 2.92596221778
.reloc 0x00018000 0x0000000c 0x00000200 0.0815394123432

Resources

Name Offset Size Language Sub-language File type
RT_ICON 0x00006154 0x00010828 LANG_NEUTRAL SUBLANG_NEUTRAL dBase IV DBT, blocks size 0, block length 2048, next free block index 40, next free block 0, next used block 0
RT_GROUP_ICON 0x0001697c 0x00000014 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_VERSION 0x00016990 0x00000320 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_MANIFEST 0x00016cb0 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain

!This program cannot be run in DOS mode.
`.rsrc
@.reloc
Xa `DN -
E_(/
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
43dPq/
*C-;1nNC'
R3'$O
U{c9AjF$5&E
D=4-25*B)6+Y7$LET'GLIBGOVMP>;^%]CJU*#V+JHWQRO_ralzd
~ihu~bq
Q:D?yG?
[8jYtx
]4/+q<"
T{*.d}b3x
Q.@K|{gR}sC
nbD'}ej":
v4.0.30319
#Strings
IEnumerable`1
ToInt32
5A0CBE91-7F5A-43C2-B700-5F9A1AEB3CE3
get_UTF8
System.IO
value__
mscorlib
System.Collections.Generic
Thread
Append
Replace
InputLanguage
IDisposable
RuntimeFieldHandle
RuntimeTypeHandle
GetTypeFromHandle
Single
DownloadFile
Console
get_TwoLetterISOLanguageName
get_MachineName
get_UserName
WriteLine
Combine
ValueType
get_Culture
ReadOnlyCollectionBase
Dispose
Reverse
EditorBrowsableState
SetThreadExecutionState
CompilerGeneratedAttribute
GuidAttribute
GeneratedCodeAttribute
DebuggerNonUserCodeAttribute
DebuggableAttribute
EditorBrowsableAttribute
ComVisibleAttribute
AssemblyTitleAttribute
AssemblyTrademarkAttribute
TargetFrameworkAttribute
AssemblyFileVersionAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
CompilationRelaxationsAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyCompanyAttribute
RuntimeCompatibilityAttribute
GetPropertyValue
System.Threading
Encoding
System.Runtime.Versioning
ToString
GetString
GetTempPath
get_Length
System.ComponentModel
kernel32.dll
System
System.Globalization
System.Reflection
InputLanguageCollection
ManagementObjectCollection
CultureInfo
ToChar
StringBuilder
ResourceManager
ManagementObjectSearcher
System.CodeDom.Compiler
ToUpper
IsUpper
ToLower
IEnumerator
ManagementObjectEnumerator
GetEnumerator
.cctor
System.Diagnostics
System.Runtime.InteropServices
System.Runtime.CompilerServices
System.Resources
Miner.Properties.Resources.resources
DebuggingModes
get_InstalledInputLanguages
System.Windows.Forms
Contains
System.Text.RegularExpressions
System.Collections
RegexOptions
get_Chars
RuntimeHelpers
Process
Exists
Concat
Format
ManagementBaseObject
Collect
System.Net
WebClient
System.Management
Environment
get_Current
Convert
MoveNext
System.Text
InitializeArray
ToCharArray
get_Assembly
op_Equality
<PrivateImplementationDetails>{6D5112B9-EABB-4CCC-8623-AFC5F35F842E}
3System.Resources.Tools.StronglyTypedResourceBuilder
17.0.0.0
WrapNonExceptionThrows
Sys32Reg
Copyright
Microsoft 2022
$be5fe815-2a53-43c3-a5d1-14c1df8ad156
1.0.0.1
.NETFramework,Version=v4.7.2
FrameworkDisplayName
.NET Framework 4.7.2
RSDS]J
C:\Users\Matvey\Desktop\OutExe\NFT.pdb
_CorExeMain
mscoree.dll
`PPb6..!
fTVp<223
W5K}4 0?
W3Jx?%4D
W4Lu?#5H
T1G|e=X
P/Ff^7P
Q1Gg>&4I-
%)G(>RW5M}[6O
X3L|R2Hf=#5G3
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
WIFI_SIGNAL_10779(
iQUQ8Q
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
Sys32Reg
FileVersion
1.0.0.1
InternalName
Miner.exe
LegalCopyright
Copyright
Microsoft 2022
LegalTrademarks
OriginalFilename
Miner.exe
ProductName
Sys32Reg
ProductVersion
1.0.0.1
Assembly Version
1.0.0.1
Antivirus Signature
Bkav W32.AIDetectNet.01
Lionic Clean
tehtris Clean
MicroWorld-eScan Clean
CMC Clean
CAT-QuickHeal Trojan.YakbeexMSIL.ZZ4
ALYac Clean
Malwarebytes RiskWare.BitCoinMiner
Zillya Clean
Sangfor Trojan.Win32.Agent.V56s
CrowdStrike win/malicious_confidence_100% (D)
BitDefender Clean
K7GW Clean
K7AntiVirus Clean
Baidu Clean
VirIT Clean
Cyren Clean
Symantec ML.Attribute.HighConfidence
Elastic malicious (high confidence)
ESET-NOD32 a variant of MSIL/Agent.VVP
APEX Malicious
Paloalto Clean
ClamAV Clean
Kaspersky UDS:Trojan.Win32.GenericML.xnet
Alibaba Trojan:MSIL/ATRAPS.9ac209c8
NANO-Antivirus Clean
SUPERAntiSpyware Clean
Tencent Clean
TACHYON Clean
Emsisoft Clean
F-Secure Clean
DrWeb Clean
VIPRE Clean
TrendMicro Clean
McAfee-GW-Edition Artemis
Trapmine Clean
FireEye Generic.mg.49aa025262bc86dc
Sophos Clean
Ikarus Clean
Jiangmin Clean
Webroot Clean
Google Clean
Avira TR/ATRAPS.Gen
Antiy-AVL Clean
Microsoft Clean
Gridinsoft Clean
Xcitium Clean
Arcabit Clean
ViRobot Clean
ZoneAlarm Clean
GData Win32.Trojan-Downloader.Generic.HYJND1
Cynet Malicious (score: 99)
AhnLab-V3 Clean
Acronis suspicious
McAfee Artemis!49AA025262BC
MAX Clean
VBA32 Clean
Cylance Clean
Panda Clean
Zoner Clean
TrendMicro-HouseCall TROJ_GEN.R002H0AC823
Rising Trojan.Agent!8.B1E (CLOUD)
Yandex Clean
SentinelOne Clean
MaxSecure Clean
Fortinet Clean
BitDefenderTheta Gen:NN.ZemsilF.36308.@p3@amOdhdl
AVG DropperX-gen [Drp]
Avast DropperX-gen [Drp]
No IRMA results available.