Static | ZeroBOX

PE Compile Time

2023-03-14 03:12:26

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x00015054 0x00015200 7.43089297343
.rsrc 0x00018000 0x000004ee 0x00000600 3.7579301176
.reloc 0x0001a000 0x0000000c 0x00000200 0.101910425663

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x000180a0 0x00000264 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_MANIFEST 0x00018304 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain

!This program cannot be run in DOS mode.
`.rsrc
@.reloc
*X*X(I
}8S1&V7
?\k&9\
}n=sq7
zWVw/}
)k~I\?
\o`o-#
LK/APH
M:<U?W
G^_Wsb,
S"}GXmhh
mMW4nr
eN9<[v6
a8A7):
dSk80]1
_c48J)
q=)%{\u+>
}%mQ/
1?`m_x
hj\o;eG
-&)S\@
&Wp9tYO
=Hj0p@8
3F~OWd
Jt$],U
~/lBuy
_B0VbG
T$57Upd|+
`*^Q4)
.,fHl"
R_W`nu
Lm@xUR
`PDPl8r
e()],+;
T(LN^u
BmwQg'
3k}g0u
&1fzV"
n*vRE|
MN,Z4Y
+6?$MR
P5%[!$
?QrI}7
m2zk1s8_
$tfNr3
\N4G.&
0>k8VX
6m|?$Aq
9w`QRb
-b='>]`
N7K_[T\
4r-a\(
#kNG~dj
l4P;il"n
eF~ojo
g5*T%IG
:z$+LU
}P"|w;F
smd,|.]
-VJF4B
K\lK0]0
_(LO26
$Sd^R`?
|NeZ6j
(7"iWO
9<EkDnO
.#hOh*
85~$MO?F
8!Xm4
!1dPp!
7q">%;*
#hx$|D
<wQ"x)
S'1ZpG
g?eD2N
R)~z+;%
IWo2i4U}?
D |BBk
|kF.^lB
RdYC^A
3;12*38
\"A7cQd
8CN1'3
1oKD>L
/<9r>=
|U-G${
bTH.x`
#Cm`gZL
^8E{Y+`vS
VV#2^?
0Btm/J
g"N% c
gcr\58K
RTi9nu
a[[ZDT
v4.0.30319
#Strings
Reserved1
ToUInt32
ToInt32
Reserved2
ToInt16
get_UTF8
PROCESS_SET_QUOTA
WRITE_DAC
PROCESS_CREATE_THREAD
PROCESS_VM_READ
STANDARD_RIGHTS_REQUIRED
PROCESS_DUP_HANDLE
PROCESS_SUSPEND_RESUME
PROCESS_TERMINATE
DELETE
PROCESS_VM_WRITE
SYNCHRONIZE
READ_CONTROL
PROCESS_QUERY_LIMITED_INFORMATION
PROCESS_SET_INFORMATION
PROCESS_QUERY_INFORMATION
PROCESS_VM_OPERATION
System.IO
ITE_OWNER
PROCESS_ALL_ACCESS
PROCESS_CREATE_PROCESS
set_IV
value__
mscorlib
ThreadId
ProcessId
GetProcessById
ResumeThread
RijndaelManaged
GenericAce
CommonAce
InsertAce
set_Mode
FileMode
CryptoStreamMode
CipherMode
IDisposable
ThreadHandle
RuntimeFieldHandle
RuntimeTypeHandle
GetTypeFromHandle
ProcessHandle
IsInRole
WindowsBuiltInRole
Console
get_MainModule
ProcessModule
set_WindowStyle
ProcessWindowStyle
get_Name
get_FileName
set_FileName
get_FullName
WriteLine
Combine
WellKnownSidType
ValueType
Dispose
Create
Delete
CompilerGeneratedAttribute
UnverifiableCodeAttribute
CompilationRelaxationsAttribute
RuntimeCompatibilityAttribute
SuppressUnmanagedCodeSecurityAttribute
set_UseShellExecute
get_Size
get_BlockSize
set_BlockSize
get_KeySize
set_KeySize
SizeOf
System.Threading
Encoding
FromBase64String
GetString
get_ExecutablePath
GetFolderPath
get_Length
get_BinaryLength
Marshal
System.Security.Principal
WindowsPrincipal
RawAcl
get_DiscretionaryAcl
System.ComponentModel
advapi32.dll
kernel32.dll
ntdll.dll
System.Security.AccessControl
GetManifestResourceStream
FileStream
CryptoStream
MemoryStream
System
SymmetricAlgorithm
GetBinaryForm
ICryptoTransform
NxOIatNPWn
Application
NtUnmapViewOfSection
System.Reflection
Win32Exception
FileInfo
FileSystemInfo
get_StartInfo
set_StartInfo
ProcessStartInfo
DirectoryInfo
Desktop
SpecialFolder
Buffer
AceQualifier
SecurityIdentifier
BitConverter
set_RedirectStandardError
StdError
.cctor
GenericSecurityDescriptor
RawSecurityDescriptor
CreateDecryptor
IntPtr
System.Diagnostics
System.Runtime.InteropServices
System.Runtime.CompilerServices
GetProcesses
Rfc2898DeriveBytes
ReadAllBytes
GetBytes
AceFlags
System.Windows.Forms
RuntimeHelpers
FileAccess
CreateProcess
set_Arguments
get_Exists
Concat
Object
Environment
GetCurrent
Convert
StdInput
set_RedirectStandardOutput
StdOutput
System.Text
Wow64GetThreadContext
Wow64SetThreadContext
set_CreateNoWindow
VirtualAllocEx
InitializeArray
ToArray
set_Key
System.Security.Cryptography
GetExecutingAssembly
BlockCopy
ReadProcessMemory
WriteProcessMemory
op_Equality
System.Security
GetKernelObjectSecurity
SetKernelObjectSecurity
WindowsIdentity
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
B&B&=
System.Security.Permissions.SecurityPermissionAttribute, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
SkipVerification
WrapNonExceptionThrows
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
TnhPSWF0TlBXbg==
dmhyTTM4QXo1Zw==
QzpcV2luZG93c1xNaWNyb3NvZnQuTkVUXEZyYW1ld29ya1x2NC4wLjMwMzE5XFJlZ0FzbS5leGU=
UmVtb3ZlIC1JdGVtUHJvcGVydHkgLVBhdGggJ0hLQ1U6XFNPRlRXQVJFXE1pY3Jvc29mdFxXaW5kb3dzXEN1cnJlbnRWZXJzaW9uXFJ1bicgLU5hbWUgJw==
JztOZXctSXRlbVByb3BlcnR5IC1QYXRoICdIS0NVOlxTT0ZUV0FSRVxNaWNyb3NvZnRcV2luZG93c1xDdXJyZW50VmVyc2lvblxSdW4nIC1OYW1lICc=
JyAtVmFsdWUgJyI=
IicgLVByb3BlcnR5VHlwZSAnU3RyaW5nJw==
cG93ZXJzaGVsbC5leGU=
L0Mgc2NodGFza3MgL2NyZWF0ZSAvdG4gXA==
IC90ciAi
IiAvc3QgMDA6MDAgL2R1IDk5OTk6NTkgL3NjIG9uY2UgL3JpIDYwIC9ybCBISUdIRVNUIC9m
IiAvc3QgMDA6MDAgL2R1IDk5OTk6NTkgL3NjIG9uY2UgL3JpIDYwIC9m
U2VjdXJpdHlIZWxhdGguZXhl
U2VjdXJpdHlIZWxhdGg=
I2NtZA==
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
Cronos-Crypter
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
FileDescription
FileVersion
0.0.0.0
InternalName
SecurityHelath.exe
LegalCopyright
OriginalFilename
SecurityHelath.exe
ProductVersion
0.0.0.0
Assembly Version
0.0.0.0
Antivirus Signature
Bkav W32.AIDetectNet.01
Lionic Trojan.Win32.Generic.4!c
Elastic malicious (high confidence)
MicroWorld-eScan IL:Trojan.MSILZilla.17516
FireEye Generic.mg.1cf38074d1eec7ff
CAT-QuickHeal Clean
ALYac IL:Trojan.MSILZilla.17516
Malwarebytes Trojan.Injector
VIPRE IL:Trojan.MSILZilla.17516
Sangfor Trojan.Win32.Save.a
K7AntiVirus Clean
BitDefender IL:Trojan.MSILZilla.17516
K7GW Clean
CrowdStrike win/malicious_confidence_100% (W)
BitDefenderTheta Gen:NN.ZemsilF.36344.fm0@aWr0Qmn
VirIT Clean
Cyren W32/Azorult.D.gen!Eldorado
Symantec Backdoor.ASync!gm
tehtris Clean
ESET-NOD32 a variant of MSIL/Injector.FCD
APEX Malicious
Paloalto generic.ml
ClamAV Clean
Kaspersky HEUR:Trojan.Win32.Generic
Alibaba VirTool:MSIL/ResInject.667d0210
NANO-Antivirus Clean
SUPERAntiSpyware Clean
Rising Malware.Obfus/MSIL@AI.100 (RDM.MSIL2:8VMHtFpO7hQzURUQawEjjA)
TACHYON Clean
Emsisoft IL:Trojan.MSILZilla.17516 (B)
Baidu Clean
F-Secure Clean
DrWeb Trojan.InjectNET.14
Zillya Clean
TrendMicro Clean
McAfee-GW-Edition BehavesLike.Win32.Generic.mc
Trapmine malicious.high.ml.score
CMC Clean
Sophos MSIL/Obfus-Z
Ikarus Trojan.MSIL.Injector
GData IL:Trojan.MSILZilla.17516
Jiangmin Clean
Webroot Clean
Google Detected
Avira TR/Dropper.Gen
Antiy-AVL Clean
Gridinsoft Clean
Xcitium Clean
Arcabit IL:Trojan.MSILZilla.D446C
ViRobot Clean
ZoneAlarm Clean
Microsoft VirTool:MSIL/ResInject!MTB
Cynet Malicious (score: 100)
AhnLab-V3 Trojan/Win32.RL_Generic.C3984313
Acronis suspicious
McAfee GenericRXUV-LN!1CF38074D1EE
MAX malware (ai score=84)
VBA32 Clean
Cylance unsafe
Panda Trj/GdSda.A
Zoner Clean
TrendMicro-HouseCall TROJ_GEN.R002C0DCF23
Tencent Win32.Trojan.Generic.Edhl
Yandex Clean
SentinelOne Static AI - Malicious PE
MaxSecure Trojan.Malware.300983.susgen
Fortinet MSIL/Injector.FCD!tr
AVG Win32:InjectorX-gen [Trj]
Avast Win32:InjectorX-gen [Trj]
No IRMA results available.