Static | ZeroBOX

PE Compile Time

2023-03-14 03:11:28

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x00015054 0x00015200 7.43215714869
.rsrc 0x00018000 0x000004d6 0x00000600 3.73798099854
.reloc 0x0001a000 0x0000000c 0x00000200 0.101910425663

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x000180a0 0x0000024c LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_MANIFEST 0x000182ec 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain

!This program cannot be run in DOS mode.
`.rsrc
@.reloc
*X*X(I
cP$xil?;
S?]0MFvn
o]fA\0
W+':$L(
VWx2o!\
NSH}2kdOj2
\#B*dz
|";L88j
~ii%+*
sUF^(|q
{_':v[r
'hPexw
gKcy]w,xX
VN]p:6
fpd-P'.
XUSphS
tvJ6}<1
c!>Q)4
8CH?v
_f=K#SaLW
a$g sZ?
xf5|>=`
|,Ylt3
lZ2PIU
l_B1)]j
.ty0Cd@
Zrm<E?
!s/@cj2v
$D.^q$
1k/eH}[#
CYCKvy
~?^u&C
:K!7F8
]Gx:Y,li1uo-*1
hnM|_B
TKY~mQ
Y=?UA$
41qnhN
8x1D>b
|ka#:
Hut{n^
zx-*|3h
'6oViF
'|rXF#
R-4dKt
g&T_V#X
O+8;!zukN~7b
M]_Q5A
)MMe:Jl
ih'{D2
RI_"%Rvx
pAp9g{
}]08wF
k|QDb(F
BLPAW0F
42$=C]
72(>-[
o=OEQD
XVYZ[D1G
D GwA*Ez6
qfz2}f
5.n:&j
Gq(tl4'D
6m@JD
[`spFu]A
rHVa{u
=y-~3X
}n~qeAd
,D31<b
nhL=1k
]LiGF]#
LmsORL
iE=Arp
t*>glc
hF.$Q\p
N:f/<d
jiYJj}
aFc8]6
`N(*>s`
)Uc8%m
~kf5<J
]~Jw~T
F3@l[
Al*0v;#O
9s-zy:
!lY`j2G
Kt[S<+@
Cxa|N #
<Ks7YQ
[jBSJB
v4.0.30319
#Strings
Reserved1
ToUInt32
ToInt32
Reserved2
ToInt16
get_UTF8
PROCESS_SET_QUOTA
WRITE_DAC
PROCESS_CREATE_THREAD
PROCESS_VM_READ
STANDARD_RIGHTS_REQUIRED
PROCESS_DUP_HANDLE
PROCESS_SUSPEND_RESUME
PROCESS_TERMINATE
DELETE
PROCESS_VM_WRITE
SYNCHRONIZE
READ_CONTROL
PROCESS_QUERY_LIMITED_INFORMATION
PROCESS_SET_INFORMATION
PROCESS_QUERY_INFORMATION
PROCESS_VM_OPERATION
System.IO
ITE_OWNER
PROCESS_ALL_ACCESS
PROCESS_CREATE_PROCESS
set_IV
value__
mscorlib
ThreadId
ProcessId
GetProcessById
ResumeThread
RijndaelManaged
GenericAce
CommonAce
InsertAce
set_Mode
FileMode
CryptoStreamMode
CipherMode
IDisposable
ThreadHandle
RuntimeFieldHandle
RuntimeTypeHandle
GetTypeFromHandle
ProcessHandle
IsInRole
WindowsBuiltInRole
Console
get_MainModule
ProcessModule
set_WindowStyle
ProcessWindowStyle
get_Name
get_FileName
set_FileName
get_FullName
WriteLine
Combine
WellKnownSidType
ValueType
Dispose
Create
Delete
CompilerGeneratedAttribute
UnverifiableCodeAttribute
CompilationRelaxationsAttribute
RuntimeCompatibilityAttribute
SuppressUnmanagedCodeSecurityAttribute
set_UseShellExecute
get_Size
get_BlockSize
set_BlockSize
get_KeySize
set_KeySize
SizeOf
System.Threading
Encoding
FromBase64String
GetString
get_ExecutablePath
GetFolderPath
get_Length
get_BinaryLength
Marshal
System.Security.Principal
WindowsPrincipal
RawAcl
get_DiscretionaryAcl
System.ComponentModel
advapi32.dll
kernel32.dll
ntdll.dll
System.Security.AccessControl
GetManifestResourceStream
FileStream
CryptoStream
MemoryStream
System
SymmetricAlgorithm
GetBinaryForm
ICryptoTransform
Application
NtUnmapViewOfSection
System.Reflection
Win32Exception
FileInfo
FileSystemInfo
get_StartInfo
set_StartInfo
ProcessStartInfo
DirectoryInfo
Desktop
SpecialFolder
Buffer
AceQualifier
SecurityIdentifier
BitConverter
set_RedirectStandardError
StdError
.cctor
GenericSecurityDescriptor
RawSecurityDescriptor
CreateDecryptor
IntPtr
System.Diagnostics
System.Runtime.InteropServices
System.Runtime.CompilerServices
GetProcesses
Rfc2898DeriveBytes
ReadAllBytes
GetBytes
AceFlags
System.Windows.Forms
RuntimeHelpers
FileAccess
CreateProcess
set_Arguments
get_Exists
Concat
Object
Environment
GetCurrent
Convert
StdInput
set_RedirectStandardOutput
StdOutput
System.Text
Wow64GetThreadContext
Wow64SetThreadContext
yBF7vxrUmw
set_CreateNoWindow
VirtualAllocEx
InitializeArray
ToArray
set_Key
System.Security.Cryptography
GetExecutingAssembly
BlockCopy
ReadProcessMemory
WriteProcessMemory
op_Equality
System.Security
GetKernelObjectSecurity
SetKernelObjectSecurity
WindowsIdentity
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
System.Security.Permissions.SecurityPermissionAttribute, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
SkipVerification
WrapNonExceptionThrows
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
eUJGN3Z4clVtdw==
ckdYNHFudFhxVQ==
QzpcV2luZG93c1xNaWNyb3NvZnQuTkVUXEZyYW1ld29ya1x2NC4wLjMwMzE5XFJlZ0FzbS5leGU=
UmVtb3ZlIC1JdGVtUHJvcGVydHkgLVBhdGggJ0hLQ1U6XFNPRlRXQVJFXE1pY3Jvc29mdFxXaW5kb3dzXEN1cnJlbnRWZXJzaW9uXFJ1bicgLU5hbWUgJw==
JztOZXctSXRlbVByb3BlcnR5IC1QYXRoICdIS0NVOlxTT0ZUV0FSRVxNaWNyb3NvZnRcV2luZG93c1xDdXJyZW50VmVyc2lvblxSdW4nIC1OYW1lICc=
JyAtVmFsdWUgJyI=
IicgLVByb3BlcnR5VHlwZSAnU3RyaW5nJw==
cG93ZXJzaGVsbC5leGU=
L0Mgc2NodGFza3MgL2NyZWF0ZSAvdG4gXA==
IC90ciAi
IiAvc3QgMDA6MDAgL2R1IDk5OTk6NTkgL3NjIG9uY2UgL3JpIDYwIC9ybCBISUdIRVNUIC9m
IiAvc3QgMDA6MDAgL2R1IDk5OTk6NTkgL3NjIG9uY2UgL3JpIDYwIC9m
RUJTTUVESUEuZXhl
RUJTTUVESUE=
I2NtZA==
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
FileDescription
FileVersion
0.0.0.0
InternalName
EBSMEDIA.exe
LegalCopyright
OriginalFilename
EBSMEDIA.exe
ProductVersion
0.0.0.0
Assembly Version
0.0.0.0
Antivirus Signature
Bkav W32.AIDetectNet.01
Lionic Trojan.Win32.Generic.4!c
tehtris Clean
DrWeb Trojan.InjectNET.14
MicroWorld-eScan IL:Trojan.MSILZilla.17516
FireEye Generic.mg.97bf48e51ff002f6
CAT-QuickHeal Trojan.Msilzilla
McAfee Artemis!97BF48E51FF0
Malwarebytes Trojan.Injector
VIPRE IL:Trojan.MSILZilla.17516
Sangfor Trojan.Win32.Save.a
K7AntiVirus Clean
BitDefender IL:Trojan.MSILZilla.17516
K7GW Clean
CrowdStrike win/malicious_confidence_100% (W)
BitDefenderTheta Gen:NN.ZemsilF.36344.fm0@a4!eQBc
VirIT Clean
Cyren W32/Azorult.D.gen!Eldorado
Symantec Backdoor.ASync!gm
Elastic malicious (high confidence)
ESET-NOD32 a variant of MSIL/Injector.FCD
APEX Malicious
Paloalto generic.ml
ClamAV Clean
Kaspersky HEUR:Trojan.Win32.Generic
Alibaba VirTool:MSIL/ResInject.7e200bab
NANO-Antivirus Clean
ViRobot Trojan.Win.Z.Injector.89088.B
Rising Malware.Obfus/MSIL@AI.100 (RDM.MSIL2:TS2hxan2VhQgcDQGnS3WNQ)
Sophos MSIL/Obfus-Z
F-Secure Trojan.TR/Dropper.Gen
Baidu Clean
Zillya Clean
TrendMicro TROJ_GEN.R002C0DCF23
McAfee-GW-Edition BehavesLike.Win32.Generic.mc
Trapmine malicious.high.ml.score
CMC Clean
Emsisoft IL:Trojan.MSILZilla.17516 (B)
SentinelOne Static AI - Malicious PE
GData IL:Trojan.MSILZilla.17516
Jiangmin Clean
Webroot Clean
Google Detected
Avira TR/Dropper.Gen
MAX malware (ai score=84)
Antiy-AVL Trojan/MSIL.Injector
Gridinsoft Ransom.Win32.AzorUlt.sa
Xcitium Clean
Arcabit IL:Trojan.MSILZilla.D446C
SUPERAntiSpyware Clean
ZoneAlarm HEUR:Trojan.Win32.Generic
Microsoft VirTool:MSIL/ResInject!MTB
Cynet Malicious (score: 100)
AhnLab-V3 Trojan/Win32.RL_Generic.C3984313
Acronis suspicious
VBA32 Clean
ALYac IL:Trojan.MSILZilla.17516
TACHYON Clean
Cylance unsafe
Panda Clean
Zoner Clean
TrendMicro-HouseCall TROJ_GEN.R002C0DCF23
Tencent Win32.Trojan.Generic.Qqil
Yandex Clean
Ikarus Trojan.MSIL.Injector
MaxSecure Trojan.Malware.300983.susgen
Fortinet MSIL/Injector.FCD!tr
AVG Win32:InjectorX-gen [Trj]
Avast Win32:InjectorX-gen [Trj]
No IRMA results available.