Static | ZeroBOX

PE Compile Time

2022-03-26 03:53:27

PE Imphash

ca355b09021bdc6df9b31e9df58406c0

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x0000b17c 0x0000b200 6.02403904339
.data 0x0000d000 0x0009078c 0x00013200 7.85713446736
.ziditaw 0x0009e000 0x00000096 0x00000200 0.0
.rsrc 0x0009f000 0x0000e660 0x0000e800 4.48623223829

Resources

Name Offset Size Language Sub-language File type
AFX_DIALOG_LAYOUT 0x000ab658 0x00000002 LANG_NEUTRAL SUBLANG_NEUTRAL data
TEFUHAZIYUVOVONIDIMAWARULOBEKA 0x000aaf60 0x00000598 LANG_SAAMI SUBLANG_DEFAULT ASCII text, with very long lines, with no line terminators
RT_CURSOR 0x000ab880 0x000010a8 LANG_NEUTRAL SUBLANG_NEUTRAL dBase III DBT, version number 0, next free block index 40
RT_CURSOR 0x000ab880 0x000010a8 LANG_NEUTRAL SUBLANG_NEUTRAL dBase III DBT, version number 0, next free block index 40
RT_CURSOR 0x000ab880 0x000010a8 LANG_NEUTRAL SUBLANG_NEUTRAL dBase III DBT, version number 0, next free block index 40
RT_ICON 0x000aaa90 0x00000468 LANG_SAAMI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x000aaa90 0x00000468 LANG_SAAMI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x000aaa90 0x00000468 LANG_SAAMI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x000aaa90 0x00000468 LANG_SAAMI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x000aaa90 0x00000468 LANG_SAAMI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x000aaa90 0x00000468 LANG_SAAMI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x000aaa90 0x00000468 LANG_SAAMI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x000aaa90 0x00000468 LANG_SAAMI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x000aaa90 0x00000468 LANG_SAAMI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x000aaa90 0x00000468 LANG_SAAMI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x000aaa90 0x00000468 LANG_SAAMI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x000aaa90 0x00000468 LANG_SAAMI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_STRING 0x000ad5d0 0x00000090 LANG_SAAMI SUBLANG_DEFAULT data
RT_STRING 0x000ad5d0 0x00000090 LANG_SAAMI SUBLANG_DEFAULT data
RT_STRING 0x000ad5d0 0x00000090 LANG_SAAMI SUBLANG_DEFAULT data
RT_ACCELERATOR 0x000ab4f8 0x000000a8 LANG_SAAMI SUBLANG_DEFAULT data
RT_ACCELERATOR 0x000ab4f8 0x000000a8 LANG_SAAMI SUBLANG_DEFAULT data
RT_GROUP_CURSOR 0x000ac928 0x00000030 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_GROUP_ICON 0x000aaef8 0x00000068 LANG_SAAMI SUBLANG_DEFAULT data
RT_GROUP_ICON 0x000aaef8 0x00000068 LANG_SAAMI SUBLANG_DEFAULT data
RT_GROUP_ICON 0x000aaef8 0x00000068 LANG_SAAMI SUBLANG_DEFAULT data
RT_VERSION 0x000ac958 0x0000024c LANG_NEUTRAL SUBLANG_NEUTRAL data
None 0x000ab648 0x0000000a LANG_SAAMI SUBLANG_DEFAULT data
None 0x000ab648 0x0000000a LANG_SAAMI SUBLANG_DEFAULT data
None 0x000ab648 0x0000000a LANG_SAAMI SUBLANG_DEFAULT data
None 0x000ab648 0x0000000a LANG_SAAMI SUBLANG_DEFAULT data

Imports

Library KERNEL32.dll:
0x401000 FindFirstFileW
0x401004 EnumCalendarInfoA
0x40100c _llseek
0x401014 GetCurrentProcess
0x401024 GetModuleHandleW
0x401028 EnumCalendarInfoExW
0x401030 EnumTimeFormatsA
0x401034 WriteFileGather
0x401038 EnumResourceTypesA
0x40103c ActivateActCtx
0x401040 LoadLibraryW
0x401044 ReadConsoleInputA
0x401048 GetConsoleAliasW
0x40104c GetFileAttributesW
0x401050 TerminateProcess
0x401054 IsDBCSLeadByte
0x401058 lstrcmpW
0x40105c GlobalUnlock
0x401060 RaiseException
0x401068 SetLastError
0x40106c GetProcAddress
0x401078 GlobalGetAtomNameA
0x40107c GlobalFree
0x401080 ResetEvent
0x401084 OpenWaitableTimerA
0x401088 LocalAlloc
0x40108c AddAtomW
0x401094 FindNextFileA
0x40109c GetCPInfoExA
0x4010a0 SetCalendarInfoA
0x4010a4 ReadConsoleInputW
0x4010a8 DeleteFileW
0x4010ac DeleteFileA
0x4010b0 GetLastError
0x4010b4 GetCommandLineA
0x4010b8 HeapSetInformation
0x4010bc GetStartupInfoW
0x4010c4 SetFilePointer
0x4010c8 SetHandleCount
0x4010cc GetStdHandle
0x4010d4 GetFileType
0x4010e4 IsDebuggerPresent
0x4010e8 EncodePointer
0x4010ec DecodePointer
0x4010f0 ExitProcess
0x4010f4 WriteFile
0x4010f8 GetModuleFileNameW
0x4010fc GetModuleFileNameA
0x401104 WideCharToMultiByte
0x40110c TlsAlloc
0x401110 TlsGetValue
0x401114 TlsSetValue
0x401118 TlsFree
0x401120 GetCurrentThreadId
0x401128 HeapCreate
0x401130 GetTickCount
0x401134 GetCurrentProcessId
0x40113c Sleep
0x401140 HeapFree
0x401144 SetStdHandle
0x401148 GetConsoleCP
0x40114c GetConsoleMode
0x401150 FlushFileBuffers
0x401154 RtlUnwind
0x401158 GetCPInfo
0x40115c GetACP
0x401160 GetOEMCP
0x401164 IsValidCodePage
0x401168 HeapAlloc
0x40116c HeapReAlloc
0x401170 WriteConsoleW
0x401174 MultiByteToWideChar
0x40117c LCMapStringW
0x401180 GetStringTypeW
0x401184 HeapSize
0x401188 CloseHandle
0x40118c CreateFileW
Library USER32.dll:
0x401194 LoadMenuA

!This program cannot be run in DOS mode.
`.data
.ziditaw
(null)
`h````
xpxxxx
CorExitProcess
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
HH:mm:ss
dddd, MMMM dd, yyyy
MM/dd/yy
December
November
October
September
August
February
January
Saturday
Friday
Thursday
Wednesday
Tuesday
Monday
Sunday
`h`hhh
xppwpp
GetProcessWindowStation
GetUserObjectInformationW
GetLastActivePopup
GetActiveWindow
MessageBoxW
 !"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~
 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
gejufokeb
tihicifixone
%s %d %f
bunatubohaxufenozugoxij
j@j ^V
HHtXHHt
?If90t
^SSSSS
URPQQh
;t$,v-
UQPXY]Y[
t"SS9] u
PPPPPPPP
PPPPPPPP
D$tfkp
T$$SUV
u5hT*@
FindFirstFileW
EnumCalendarInfoA
GetConsoleAliasExesA
_llseek
BuildCommDCBAndTimeoutsA
GetCurrentProcess
WritePrivateProfileSectionA
SetDefaultCommConfigW
InterlockedCompareExchange
GetModuleHandleW
EnumCalendarInfoExW
GetWindowsDirectoryA
EnumTimeFormatsA
WriteFileGather
EnumResourceTypesA
ActivateActCtx
LoadLibraryW
ReadConsoleInputA
GetConsoleAliasW
GetFileAttributesW
TerminateProcess
IsDBCSLeadByte
lstrcmpW
GlobalUnlock
RaiseException
SetCurrentDirectoryA
SetLastError
GetProcAddress
GetFirmwareEnvironmentVariableW
EnterCriticalSection
GlobalGetAtomNameA
GlobalFree
ResetEvent
OpenWaitableTimerA
LocalAlloc
AddAtomW
WaitForMultipleObjects
FindNextFileA
FindFirstVolumeMountPointA
GetCPInfoExA
SetCalendarInfoA
ReadConsoleInputW
DeleteFileW
DeleteFileA
KERNEL32.dll
LoadMenuA
USER32.dll
GetLastError
GetCommandLineA
HeapSetInformation
GetStartupInfoW
LeaveCriticalSection
SetFilePointer
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
ExitProcess
WriteFile
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapFree
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
HeapReAlloc
WriteConsoleW
MultiByteToWideChar
IsProcessorFeaturePresent
LCMapStringW
GetStringTypeW
HeapSize
CloseHandle
CreateFileW
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
DoM`|~>
qj3Mm~
UuyhU9D
V}9[V)@@
yWE'a
w<h&!o4
23?_B;
?%Gu8"g9P
(60&,(
t*fweUk
j7Wk*_o:V
^><E7
HV:UFP
'\w qf
&2=e|&
2_H(U5
Zsk/A{
|x$61`
x44ev%%
0>v5Ca
K$.@;4
.z$llm
&&Mk|2
wdHL),
/xdR5,!t
}+"kf/
@gzv.$
?9;bLIa
GI6W'B
=bq!KN
#I<w]1
"#Q/q[
1M0B`kq
RABHsv
kiM'DSi
c4%jb3
^3X{<
~\J~h[
V\Ce%V
yfMk*V
8mA|0>
<X%LQ8A
%lhj{#J
Vd`[J
/w9D\I
JW^HqV
y+g.@d
}"$YF%
iV"kts
XtLU <6
K,-*!Ng
gJAF)I
;=O)3}
#3K,44bx4
-8`h{m
H%TQ*B1
f!H)W@
`wF$&r
)'hv]E
6@zJKOPL
[Wv8Bs
} !\v[~
XuVvJx
A6UtuF
]9oQBc
4ayJ>_
SJe$u4
t-1B4.
na*qTVpg
ayS!AK)
iDM/H@V
%hgE8w
^jMTV_g?
ERS)0
+ Wj>
UOO'$Xl
q7fJVh
I^yD]3
\`9.~W
yQ6:_I
iDl3}
Wgr?X)
*7b"F5
fW&(oI
bTX\k\
#>Y;?m|m
'7q0.*
Ro= lU
kM6s6h
[$ixOk
hIrL*k;
])U{A?d
*D[`,@J
\nP`}g
ghy7X`
wcA>f}
=JUjB*
56_ wp!y[42
C:e;wGD<*
Mj(_38
.}&DG
=4=M~`;
d.'+I@e
]lu$`%
gSOP5T
YZF,h!{
]U.Md/b
=2&c`A
?xCQ'h;
)4~%|^
-ex}^X
d60HD
BLko]0~0
Ih$QHL
~k)*Gk_
j2:_mj
^B0K[x
n!_STR
{e pY
.)\~Cfm7
\HspB
t0SQ^{
q^T|"}Nup
HWGMG]
wim7.v'
}}Y #ni
?F1A=t
=qHH'd
C (AMRZ
'{XJ!&
u^ojq7^
jZJIc*22WU
2Q1s:(Wl
7f7-Xe
Ex; m>V
JbtNb>
QB]}@{
phX<WO
RxL9iu
!F`w8\
Un%9$~r1sbA
uUq@$
QP0e~+g
D85nwc
?CyyK)Q+U
fGRAA0+
\#h?qc
(Q8+50
6IaCJ7
BBBBBiiiiiiiiiiViVVV
llllllllllllllllllll
llllllllllllllllllll
;;dSSa
$D=n8c
|~}~}{
~|}~{~
y{{|{z
{}z~~{
|~z|~{~
~~}z{|
z}~{~y
}~|{}~|
{{}{||
|~~{||~
|~{~{~
|}~}{y~
|}}{~~{
{{|~{z
{|{{|z|
{z~}z~
}~|~|{
~~}}~|
}~|~|y
z{{|yz
||~|~z
||}zyzz
]]]]]]]]]]]]]]]]]Iy
%%%%%%%%%%%%%%%%%]
{{{{{{{{
{"{"{"{""{"{"{"{"
""""""
""""""""
tyr9"888888888888888888888"9ryt
ty>9"8
Y89>yt
YYYYYYYYYYYYYY<YYY<YY<Y<Y<Y<Y8
8<<<<<<<<<<<<<<<<<<
<<<<<<<<<<
Xyyyyh
>356`"
hyyyyX
#tzFyyyyh
hyyyyFzt#
zy0iiiii0yz
zh0iii0hz
zh0i0hz
----------------------------------------------------
-----------
-----------
-------Z
-----------Z
-----------~
w------------+
------------
zzzzzzz
------------wz
-------------
~-----------
---------
gQQQAQQAQAQAh
-------
-------
---------------
------------------
--------------------
--------------------
----------------------
----------------------
-------------------------------------------------------------
Buseviruwi sal lalozuyexugike yixivab xawi. Nuzuyu wito hakivivexicen romexunosotiz. Nigohilunetik gaj. Gufetegoseyuwu coye rocisobar. Newalafazolipuk jedo hoco keridop fezegozadap. Wivikagevoyoye nek tuyaragohi. Gocegud wizatabadebisoz. Cukorizemewu rijuvekilej diloyi hifahay. Pimujojumox ditigi. Dadew huvapoyipov hatun. Kowedibofesu mey yupewepatux. Zuni pafexaw fajipogilikexe cewujosecifipum. Hedagabe. Gub bodewayelehocop tudan. Gevecoguwe ceweyavozefa wunatefenon nayozulavip. Ralisib. Sumipulapimix fozunuk. Tozirac zedogihapajed yuhip cotun. Cecokek cogagiwiceducim keyona gefudure lezolucacu. Locelimozit ratunom. Buhefovixelida key begogimamolocu. Zotacuraganal yezoga solizifibahec xamajuhikolujon minumagage. Lubudelo kaduwe. Fepifav lorenuvodahi locaxofipajuvu tuwasupon. Wapoge. Tokafabitudin pubekipexuf bufacujoc yoweka cutafamisexuku. Cebebu muzipovepufa. Kebayenivozole gagacotesase baculokozafuk xesebonofokacuk tofidanatus. Tixaguyomefivaz forudocawada hedocipudi xevanapikezose. Vujam vexec tuxadapoy
(null)
mscoree.dll
runtime error
TLOSS error
SING error
DOMAIN error
- Attempt to use MSIL code from this assembly during native code initialization
This indicates a bug in your application. It is most likely the result of calling an MSIL-compiled (/clr) function from a native constructor or from DllMain.
- not enough space for locale information
- Attempt to initialize the CRT more than once.
This indicates a bug in your application.
- CRT not initialized
- unable to initialize heap
- not enough space for lowio initialization
- not enough space for stdio initialization
- pure virtual function call
- not enough space for _onexit/atexit table
- unable to open console device
- unexpected heap error
- unexpected multithread lock error
- not enough space for thread data
- abort() has been called
- not enough space for environment
- not enough space for arguments
- floating point support not loaded
@Microsoft Visual C++ Runtime Library
<program name unknown>
Runtime Error!
Program:
KERNEL32.DLL
HH:mm:ss
dddd, MMMM dd, yyyy
MM/dd/yy
December
November
October
September
August
February
January
Saturday
Friday
Thursday
Wednesday
Tuesday
Monday
Sunday
WUSER32.DLL
((((( H
h(((( H
H
CONOUT$
pejizeziyu
cemutitirugofoteb jatoy
TEFUHAZIYUVOVONIDIMAWARULOBEKA
AFX_DIALOG_LAYOUT
VS_VERSION_INFO
StringFileInfo
046805E6
CompanyName
Serious
FileDescriptions
WorldWrappering
FilesVersion
4.1.61.50
InternalName
FavorCoursel.exe
LegalTrademark1
Glob fantastic
ProductName
SpecTuning
VarFileInfo
Translation
?Hifu tuzahefezoda wopocisuyo merik welu guwuyoyafabinol peledohjMoboniya nukebesesamorem mazakiyifo facowujucizo kezagilecufuyu wulixozo yatu wajijixavuvop zegujeforoxaraBRixodopas zenuyegeyuk howudowayowuwi geloreyo hipoxi lofeyuk peber
Hur tomeyeci pucifivubecawinLexebelov hatetevolakic romuyewuyupos wubujosakosapu nulowumovamaj yututefemehod rab notibuzof naloravidus vil
bCinifuduwatilo xanesone nivate fuwubon vamemaxof xudawuvucaru dijamohesaway rurepuguxadelo batuxuv6Dikixawasokac badiwakuyayi zalohop keripuciyacazub jetNZopafiwu futojuvo zoxuliwu fogoyehu doholajumad mijayayof regimidi xotufojazurcYenivuxurudajer noyeba hohirucegomaz dag dukinisu cukobugop xibaxikorad yajisesijo huso mewohapubif
Sasigokuxojorib fagewujovebar
Sexotigazovoge
Wisidelezotuvoy tupon
Tuba goxi damozafivudedef.Kowicemahe laviyej jutoxagayaza yagaxup bowuzu+Wokoyug rajozesehu comocifo kalun gesi hidoLZerafet ritunomom bekixububakut nilosicugocazaf komovexiwepi pejabowir juwekKNohudedawure rijanuvakuwijes sukuhisebifuwo fuwidago sikicuwemades witaciti'Gixomagi duyeyalex rox rafofe fatixalogNugovozid cuda zubu mekoxovegon
Yexis nezuyi watusihomitogu
Minufaf bem cadagawayay9Rudixi zuk yofitakix rewuwaz luwabeheheju muzuwixatatilaw
7Zibuded bamohulajuliwa vikosufavuful sun xuz yokigecaga
,Mota misezufi tavu lelajebati fucixoxufehezi
Jidebiyonamu
Antivirus Signature
Bkav W32.AIDetectNet.01
Lionic Trojan.Win32.Generic.4!c
tehtris Clean
MicroWorld-eScan Gen:Variant.Zusy.454327
ClamAV Clean
FireEye Generic.mg.55aca393f1147b8a
CAT-QuickHeal Clean
McAfee Artemis!55ACA393F114
Malwarebytes Trojan.MalPack.GS
VIPRE Gen:Variant.Mikey.145680
Sangfor Trojan.Win32.Save.a
K7AntiVirus Clean
BitDefender Gen:Variant.Zusy.454327
K7GW Clean
CrowdStrike win/malicious_confidence_100% (W)
Arcabit Trojan.Mikey.D23910
BitDefenderTheta Clean
VirIT Clean
Cyren W32/Kryptik.JGG.gen!Eldorado
Symantec ML.Attribute.HighConfidence
Elastic malicious (high confidence)
ESET-NOD32 a variant of Win32/Kryptik.HTCI
APEX Malicious
Paloalto generic.ml
Cynet Malicious (score: 100)
Kaspersky HEUR:Trojan-Spy.Win32.Stealer.gen
Alibaba Ransom:Win32/RansomX.6e7ed31e
NANO-Antivirus Clean
ViRobot Clean
Rising Trojan.Generic@AI.100 (RDML:h9Ave0dHMvdkvrt0oYrc1A)
Emsisoft Gen:Variant.Zusy.454327 (B)
Baidu Clean
F-Secure Clean
DrWeb Clean
Zillya Clean
TrendMicro TROJ_GEN.R002C0DCL23
McAfee-GW-Edition BehavesLike.Win32.Lockbit.ch
Trapmine malicious.high.ml.score
CMC Clean
Sophos ML/PE-A
Ikarus Trojan.Win32.Crypt
Jiangmin Clean
Webroot Clean
Avira Clean
MAX malware (ai score=87)
Antiy-AVL Trojan[Backdoor]/Win32.Convagent
Gridinsoft Clean
Xcitium Clean
Microsoft Trojan:Win32/RedLineStealer.E!MTB
SUPERAntiSpyware Clean
ZoneAlarm HEUR:Trojan-Spy.Win32.Stealer.gen
GData Gen:Variant.Zusy.454327
Google Detected
AhnLab-V3 Malware/Win.Generic.R564864
Acronis Clean
ALYac Gen:Variant.Mikey.145680
TACHYON Clean
VBA32 Malware-Cryptor.Azorult.gen
Cylance unsafe
Panda Trj/Genetic.gen
Zoner Clean
TrendMicro-HouseCall Clean
Tencent Clean
Yandex Clean
SentinelOne Static AI - Suspicious PE
MaxSecure Trojan.Malware.300983.susgen
Fortinet W32/GenKryptik.GHWB!tr
AVG Win32:PWSX-gen [Trj]
Avast Win32:PWSX-gen [Trj]
No IRMA results available.