Static | ZeroBOX

PE Compile Time

2023-03-10 19:39:53

PE Imphash

73ec795c6c369c6ce2c3b4c3f6477daa

PEiD Signatures

MoleBox V2.3X -> MoleStudio.com

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
0\x00sp0 0x00001000 0x0016c000 0x00000000 0.0
1\x00sp1 0x0016d000 0x00085000 0x00084200 7.9956400557
2\x00sp2 0x001f2000 0x00000577 0x00000000 0.0
3\x00ext 0x001f3000 0x00011daf 0x0000b800 7.89766756374
4\x00data 0x00205000 0x00000da4 0x00000e00 4.57202940534
5\x00ata 0x00206000 0x00007198 0x00001c00 7.97791694947

Resources

Name Offset Size Language Sub-language File type
RT_CURSOR 0x00161f90 0x000000b4 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED empty
RT_CURSOR 0x00161f90 0x000000b4 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED empty
RT_BITMAP 0x0016820c 0x00000144 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED empty
RT_BITMAP 0x0016820c 0x00000144 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED empty
RT_BITMAP 0x0016820c 0x00000144 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED empty
RT_BITMAP 0x0016820c 0x00000144 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED empty
RT_BITMAP 0x0016820c 0x00000144 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED empty
RT_BITMAP 0x0016820c 0x00000144 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED empty
RT_ICON 0x0016dd34 0x00000128 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED GLS_BINARY_LSB_FIRST
RT_ICON 0x0016dd34 0x00000128 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED GLS_BINARY_LSB_FIRST
RT_DIALOG 0x001686f4 0x000000e2 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED empty
RT_DIALOG 0x001686f4 0x000000e2 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED empty
RT_DIALOG 0x001686f4 0x000000e2 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED empty
RT_STRING 0x001690d4 0x00000024 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED empty
RT_STRING 0x001690d4 0x00000024 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED empty
RT_STRING 0x001690d4 0x00000024 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED empty
RT_STRING 0x001690d4 0x00000024 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED empty
RT_STRING 0x001690d4 0x00000024 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED empty
RT_STRING 0x001690d4 0x00000024 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED empty
RT_STRING 0x001690d4 0x00000024 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED empty
RT_STRING 0x001690d4 0x00000024 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED empty
RT_STRING 0x001690d4 0x00000024 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED empty
RT_STRING 0x001690d4 0x00000024 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED empty
RT_STRING 0x001690d4 0x00000024 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED empty
RT_STRING 0x001690d4 0x00000024 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED empty
RT_GROUP_CURSOR 0x001690f8 0x00000022 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED empty
RT_GROUP_ICON 0x0016d610 0x00000022 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_VERSION 0x0016d634 0x00000418 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data

Imports

Library KERNEL32.dll:
0x605000 lstrcatA
0x605008 GetProcAddress
0x60500c LocalFree
0x605010 RaiseException
0x605014 LocalAlloc
0x605018 GetModuleHandleA
0x605024 DuplicateHandle
0x605028 GetShortPathNameA
0x60502c ResumeThread
0x605030 WriteProcessMemory
0x605038 GetStringTypeA
0x60503c LCMapStringW
0x605040 LCMapStringA
0x605044 RtlUnwind
0x605048 WideCharToMultiByte
0x60504c MultiByteToWideChar
0x605050 GetStringTypeW
Library USER32.dll:
0x605058 DefWindowProcA
0x60505c AdjustWindowRectEx

!This program cannot be run in DOS mode.
HrCg@b
HrCg@b
wwwwwwwwwwwwww
DDDDD@
KERNEL32.DLL
USER32.DLL
GDI32.DLL
COMDLG32.DLL
WINSPOOL.DRV
ADVAPI32.DLL
SHELL32.DLL
COMCTL32.DLL
OLEDLG.DLL
OLE32.DLL
OLEPRO32.DLL
OLEAUT32.DLL
LoadLibraryA
GetProcAddress
VirtualProtect
VirtualAlloc
VirtualFree
ExitProcess
RegisterClipboardFormatA
SetMapMode
GetOpenFileNameA
OpenPrinterA
RegCloseKey
SHGetMalloc
CoFreeUnusedLibraries
y<w:~s
U.X-.]_
$e:@3I
E6{<eR#
kO3o/
gV`wn8$J
.U3-8;
0pmc7i
_{A9ao
=B_R@gk/
``| S<
;TWFfy
8b;$x]
f$)'w
Mzq'O
%$1y0k
^m'!r 'I
F21im#
N'ZF/w1
-R=A'M
d/N[EY
:3Buip
98tE=f
*pu*nz
kYO}Vm
^GH%4h
=!J:@>
hrWk{E
VC@bfQ
fS\$)^N
Csd7]Q?
wDiURH\
cZRx5=^r
M'[y]9
k(k17A7
tspCdW
[v|q X
3$fKa$
4i8Pe @
n|Brrm
1Adq(]
]ass;T
Ab`OO^>
gxM;hS
=2-J`D
\`#JMh[
/{\_}|
p.%<)05
:yw^Mh]
7-;M+wd]
bR4r&p
Ut1$&z
CFd<E`
@f!/3F(
*gV[eZC
lXrzF9
Ajz=%fx
fRQ~(K
~+-R~>Dl
kLk\-f
(Xn%^D@2/
FayU+H
^kxx\c`
/)p~/]
gN1?9s
:%Y1iS
>!>tC'
l]HqMy
1q*7?(
w?Bc3{
l{00ba
Yr=.a\_
[P[vd6/
[_fzYQ
Z}}G*@jRq
,KxKw)j
lq%IvD-}@w
;uqe$1
H\:`Tl
Qr:zZL
T6|Ay$Xg
)VL]'zV
:S]D?
I+twzZ
YS:a;S
x}/uL<{
v7pu8K
Um;\(R
O 0/~W
1K=uY8T7
32=1Gm:
>WQU>jLI
CTOH5V
RV0!Fi
%Q2M!j|
D3h'+9
>FAD{8
n>.S-v
7t/ymZ
;$s2|"o
n`U_BU
>F^\->
0t.4W
imkP0O
T#Bq2r
w=J6,U
oq-5>W
I@X8ro
"O|Skh~
c2`\/]>
^px v=
S|v`H/
xu@".K
_]$-(`
ykw'y7
vHTV%g.
aob6>d
Rn"Uq?
Q/J~?6AM
q009`,XX
8:{g,H
@A[x}x|ci
K;^=]M
5DVH`*/
L0cH3qK
-PzSHWH
f;6-dM
]UWz=0
:BGKrj
yJ^`57
)UEs@:_
UF?A(
pmSC>s
r,7sSGgX
U_>t,!
OCz3JX
5;:)]
ic<cxR+
+vA#`2
RnxY3N
Sg!@ru
ZzM{['v8m#
5upV$D;}
G0/~LJ
2pJ7df
%M? ]M
ta3A@'A
h@Q85
Yy|;tP
e;x7!9
<?%")1>
JMIik0
zkM6SU>
3G>d'd
)M_xV P
f581Ab
<sJLYK'
\f~\v
''n_@^7b
TNsk w
zt.'g6
qzI-FR
|NQPF$#
<dZ_ba
@P}9m;
)bcH~K_c
J{o-L_v/
N@"EG3T<c
Xj@^%}
r}uIK
>6l6Ce
dg_0 5Af<
se7]!@
e:[7/]o{
j,UzC]A
OMY:@.
wPv3wk
*_j\<6
QY_scA*
68+]};g
q7c*xDa
b>iS\+
@juw5jV
EtfY=_
du_Yc.M
g'-H`D
8fk<5"
fF9Q-d
8S<&$%WUPhs,
lNm.]z
x^zHRjj n
!|i":uH
sd{2|/?
/VC@O4
^Ho02*ZbF)>
T}(~ze
4i!kv
`lE!y+tY
3r7n!;
dy^B<\
u2p1q4
6|/\n`
{gORuj
Z[vJllN8
/df%2t_
18i>,B
h)T8|v
DJg!.l
6g%"Qw
{P/$7)
DeU)9r
[.:e5n
'W@Q~z
$"G639HJH!
/L)zd=
=Y9P$?)
3/=aG
-eL}2
)dfPV=
w5|Z9c
@^](58
jhj1NPF
a(8oAy
YGKd_x6%
Qv"e!
%_@!W7
mm14qY
]~*U_9
^?7"7r
@Pf[_x
LI)r)8
bKSI#!
Q6,UW[S
;)z%Nu
d$V:$m,
A~3gPK+
Y*3rM.
T=8:%Td
&qn6XE
FPUL6
!?/l\l
W1D7Hi
z8#_5m0R
km%BS1X
[u4[K("
zK45kb
DT`k1
B%.u^4
M2mHLl
_W]riu
o79K4-
/]/Wt}
=3j4}f
{.<w1q
z;z4ksWo
Mp[SV
B;3CF
d&IS9/
vC9OB8\
Fct,#\
US85SN
"|CA"-
~d?XEvE
ds,Fs!
{6x2H].
1<'1b^
#0,"fi
{P^yyc
yOI$Tp
C,sTLBc
p]zr_V
xHdTnf
kwDV-l
w#(vbk
8@j6zP
(Nf{\~
*!VF]H
)`NP.fM
<k"!BJ
{#8J3}
QKIeOf#
3v%W7mf
jS2vK_W
tz,x+}
/;:yA=5
puJUz$
r(4^j.>
~=;G)|
:SBr+-
&|ICr /
.=G]Y:Q)
MW.5mFHb
[cJe",
ZCjsW8
939b-$
=[B2XlDl
_6)Zyrl@
/?bX%_O&fg!
[#\,h)
6$q$Q1
\}:}q
&NjRlO
pN0Dh)
da[;*I
pOw}4]P
NF#M4kQ
EeBPKE
8{$w8+
YUHd>z
tnCE=?
ZW.!9k
HY"r.o
gT?;70
=QG:8id4
_"oPL=
yJ#pL_
49p+6ux
/alyB;
1T 806Zi
ph-~l9
3T+|}g#
LQI]Mf
e*q]%D
?,{!(Cc
P>+i1M~
eN#Oty
>Fhkz>bL
;p;cR&
dEH|,S
bd[q-(
r[ |kE3
IP%G_N6e9
/|v5;l8
A8|4so
x%#/d2|
=l5km*
'#7]9oT
q91o&`l
vK{QDj
C,VmD"w
&nWJ2A<
0",6bH=
rT[S7
V:M,~m
&[go}r
jt-40y
=sX"PG
"f-[[`
1OV@8u
C9?VUk
?`%'8Y
-oIh2X
C:aO-
0fGAf(z
x71KW3
@?jD>
K%*|[S
_3lTJ/
t@~6#P/U
ldWMjR
3>|DT-
lGUW5C
PY[oWt
}]!p{T
P P7X
Y[jcTH
>/!G>T+
/+^[wx
4bR2S?ck
U::!]%
CL\m9eZ
1~xx$|6
P&>Lnb
]eQC\N
k: hE3
~[B*_@
oFN0g)
lE 6.z
+(KA2v>\
N".#tGT
I;F-'z~
v6En+"
Qde7>6
ELx;=U
v0+=%;
9yxde"
-W04/w
s*pH{+
Rv!C!,
o]!uRk
f&Nx2CU
z+:Va_b}P7
J4{[wd;P
5.%W0}
,8Q-e;
z=OxJ
SHYM<>
:Ef16:m
DV8f*O
l'L'gb
[Sa&{'
-S)#<g_=
uR?('prq
{4#m7m8
zpZtEvw
ZF>hpF
\}]EJH
#7C</.
hTZJ99^
!r?RuL
K7evjjS
-q XiW
,XH\~m
=Osn?6
_T3Pc\
$c`8/!
nJXWzP
?325ps&u
PRxQq
dw^&o6
{N<<.SZ
3s5M!G
>7CZL{
L~ AKW
=,} 6-
GW*?=Huy
-a@xEhb
C@H~{7
yj*S^k
vMC5vO
kSZtAe>D
iEm$)
/>>IOq
q^^-%>k
uc9fI2
'$DPmQJ
S]X^sv
XU8/RYU
F0P>K5
6K,9^%)*g
H\v#^$7
p@=5t2
!>d2D[
~MqlMBxX
:NY cM
I]nLx'
lV8] u
"icN&%#
?E|%1D[
Ahg@9!'
ZQ5}Z<e(
.*("kk
/jP5MQ
p+^Xhc
mcx}sH::
p0<Xsz
xz<4m.UH
dp:zG(a
(cE}t`l;
vH-C:`
&*_:*fFx
(63I|W
F)h2y)
;31.%N
;fMvw(nIa
cYQ~r8(
8V_$F,)
f.[R?
L9*9q)!
"T#4,[
Dp'3G}e
{{m[9!
JT1QHu
+unpwL1B
@0hU_1
g%M\Kxt
,),qz|
&f}O6Ya4
9`t*1*
Uc`7b%
f'n@ Xs
Wiv?XK
%^u< Js!
z:Oe6M
Iy(29)
j[zv1`
Ai)l{U
8]q!|V
H6bf_5
R\'#S o
8gS:gH+4%N
T3gM~d
;28^sz
{A;mxU
}'O:MS
:HGj]
=#77nb
r@d2g
]g#^|Kf.
F$lkBn
I1:f}W
SW*V3}
;L4<N=A
L5UWS9E
=;6<?F
UB6~/B
YCq`/y;
,yP'2U
B@v_(K'BG)&S^6
7:G#SD&Z
BW'XgT|
c*,iP,
/z)/g!4
dQQ<%"B
O!4<|c
@Xvvv]
lkd$VU#^
vbHLUN
4I*%r-
M5;7-Q
\.azrs
1kb:h
*woxJ;
}0c(8u
YPrktQ
XGJ 7#
YCa/5t
5H+*aXp
?KBo;O-Py
M4][xf
k?B}}>8a
j{eBm
_Q6Gjg
-)? G@m
'&:q[Y
!:MCdUa
!k j;+
APD@#5
fHk/ot
\\9uE\=-
i> pON
PCz0G`
uDfGG8
J,:Z$?{
,*)^!i
%/y\p[
<|dH&z_
:'g-V<
lJ[3GC
3]s9-D<
&4%4ua:
i,C~s2
_Y[[m8
O?7eHt
^NnQfV
wi;9^q
!mB:m3
+L?K/QK
0GNlk^
T,x<FE
6;ZIb
<au3%0
1z;YUb
fDx!b2
S^3C)vj
$!/\<-
{tle{t
%imvXbU0
F`y@DM
RnA15s
eT]LcL
*,y_t`
.q $]Gi
}WK&Y`
<,wlH7%
<Uu@Z5
%qJrSK
GbeMXAr
3h,_uP
}RN;x~Xu
.E\{Kk>
-u/{;W
]mcAx$
%1LS<5
z\d<9?
&n]Ndu
o9lFcI:
BwP`mH,
LF/:EV{
LDtp0m g
Fn:j#;
+3MG7!
i^yfpe
LrwQy=
5lV{XD
Wy.Kv{cz
lZs*|`r^
I`Z3_Z|
A/EYxW11
Wb6`4(
@h"/:t
Yh2Mui
j3usD8N%
g6O]6c
:& k`z
o}wXYEA
W.pb;4>U
eU\*hb
l~Mt|l4a]&
`AcrN)Q*
\*r{&{
YRe?L\
D'BM>jv
q^:@6{
ql&(Y\
$]1!B5
sB9ZU}N
be\ ^*N1
{zzEFP
h"AX`#
eZ_c66
_>:JV.
U7}XdO
;x7D3z
6[(OkD
Dr:qMu
qYo`wh
i2BYQ?
b#H>co
8{[t>w
r0ar-rU
Lh|hF"
fz\0#R
,a!:Ff=
L@7bII
*c (dp
n4u3-m
i;IqDr
z@A'Bi
lL /%l
>7mZ(6
0kwWJ8+
o)lw]mG
<+aia~C
j& q%}+
4{ZTb[)
ng_#tc
)@!cIY
!gU/k?
Uyw3}J
8!Wx:?
|^0@4?9
yun7mO
\8wZTn
:aad0=
UuQ(Tt`
`PLpk:
B&nHwz1q6
^UD=rk
1))+XMV
}E8m|1
~ZqKe
TH=sGe
c<7OXT
It!WFX
z62|<+
7qd^{,H
7_!$Ex
XHecm4
8=8tgY
.cmJd\
rB#9@4
t4_"N#pKs
qvE5Z,
uvz5OX
uPeMK.e7
%t%cqj
?P 5Nz
:j;HNkf
B[m.rE
IPVP5.wl
K+OZj1
@yHNH'<fdH
cQXz{
qF<K'%
_%\%d3
w?e=v"
l\KJ.#
!9o!;
L64?"C
H:@xnQ
b#[6AuG
un'(1I
`IAB?x
u{dz=!_
Lsk&3,
Su%%t>#\~*:
?j(1^%
ZQOyMI
AFB;tvk
>wgSa
^Zy^7*
p7IAH~
#Ad6|B
q5u Dc}f
[i#e9W81
v:w-s;
2ty`8U
!$g j"c
x(3kJ"
9,4`Gf
K8H@0'
yr?OEq|
fkM{J"
L0l{q?y
$</I~A
fY?(B+}W9
6n8i^!
Efh5JK
{yk\O[~
s2fCN)
Wai6Ma
~{Z`qB
d/Ft8`
v5]+U`
ED8m
1(e [fG
^0XYIg
]`(vsJ
t_W3\pm
Yt2H@+
7TX[1j^
lt3(HL
K4]?GHV>i
bQ?Nk!
TJ)KBj
oD.+5R
XbZuLY
$i)*|I
lT|3\F
X2|zN3"D
|eH4D+
.s=v o
Z`y9p5#
l!E?n=(gV
0n"|$F
5%m-lc
Zi!f[;QN
bi^Q{~
eEqV!Y
rH38HQ
8?4D6<p8y
r4*)WO
}OE,g
f0B!#d
txw |R5
?Vl0qwz
4:UJk0
@X.4x~
p 3<{[s
EV*=DD
P#9u%@
jd#8Cv
_[kj(o
ZS*tx%-T*
zYjEXv+
QhvmLQ:
o)>Rwh
a5t+`:
/kdwHX
M7S"u
[18!E,
6vO\oj
I&C?3=
>m.?C0Y&E
,9sg]9
nPA!=K
}{hKd:
?7='0.o
O00OY8
VQcRi?
pt l&fP0
Sk=m)o
r=E97a
|T&5M!
j#$LQ2
M<L6"O
.kr)rUzN
6J1Fe,
k8 [CE(BDFVm
h[ 1s'
rSw+_'
)aPdCLV
Psa!2r
fB.7$x
3@sxyk
cz/,hO
DZ[G\p
yi(YrR
b123BWM
c1 XX
4<<X06
S1M$he
ifL3z0jpT
UNl&D7
#({o^I
7K9rc(;ZW!
3mPe/@D
mk/Kb3
dN=VAx
|[}k)Q^
mF[Jn;v\
GdS%2=
A~5v|
%|.IK@i
V|u7 S=Q
3V#2]T
RZ[@Z?
,jPa(K
]qtnH+
]=)::LY
5DDMT$
aLyVJ4
~:F^dr
0nQ~n
5BNrALi\
=~66g+
|/@gm:
SN$BX@
N|5u,8,a-
F~LMh)b
TP6%\+(!Wp
d6ZT,
}/abb_
"vysZ,
KQW4 *
Kyfu)
.{;ka;C
6WD)k4ms
YXTN-m
YFIF#G
9'&8yA
MOogLK
1P}$nCq
0)Ix)pf~[
6LsmUT
H]lsKZ
0]znc
yE*Nsw
({t.J$
SY=uS/
PiZ>.U
RXD2,oSd|tI
lpQ:l'
Fcwt Z
]_S_t3
q'W-`|
S=8a#7q|
D>q6El
0@'ar=
>}vPL-r
x2|qLk
}GP~E!#a
CKOO\>
yXU|[Qn=Kh
aq|y?;
cPjyf`
y8Zm?6#
M(Q{";
5].hfn
_cx]k>
>svgu$
BkuvBu*
EQAmf7*c
}cU{%v
;MQzi@
~Apz+t/
qh0Q \
yH&LYc7
\[*M?'
8KvyC6
3kyoHN
@)r=,R9
Kg# jv
E+@8e|
H9qX#t
_|4W:}H:bk
[d# #y
unRb"HV
> uAfz:u
3K+":"%
32^fQ?^
0c1i,E
vmF\p?
]@;]VM
)Gv[JOn
@[++:O .=
7\%g{fu|
E7wl_o
!l$<be'
[q5op)/
Bs"3KJ
DVXpQ3
KMAQPL
N2ZE\@
R.;yA_
,`7)R;
Zqwa#&Dk
1Hg K)
|so-/U
^l)EI1
ed+tm^
vsht]z
e7P=#
kj<A{\
t.;t$$t(
VC20XC00U
D$$aXX
'HEREISBOOTCODE'
.rdata
20050518
N?M(J1
(qNEE)NDr
qWv>qV
Hh?lc
CiQK$>b
Ac&F94Nl
HCiGK&
-2af5
I rz9D
|!wVd:<
=x(TUR
6U;dRX#y$
Z)a5{zk
)],d5(
PQKI{6Z:
}gtf2St
<eMw\q\K}<#
q-oCs
6 )($F
1~g?/N"
5WW]%:
:UfBhi
oet>ug_4{
r3DM".[
z2fN)~g
X2WLSR
kb<&]2
EgG{yH;n_j
EHSQ]<
a.p~U+z
fCC,)^
,p}^_T|
!:p3(z1
D}JYv}m
Pm4jfP
A\;oCq
D%|H|\G
T kH[3
nBxg9z-l6
iE-PY/
Z'R]DUj
?=~[fe
+<=Y+.$
RKVC{E
K.oIa5
|&Xi8t
-JL7e%
:pQS0p
.>8??&
?O@!;M
zd*P~k
B7 ^O*UcN
5Q]e,=
Z;y[uk
o oI E6
J^xT{W1
KS.DBM
Y]h+"B
(@zNZ.C
zeu@Ir
I!lymb
P6'2cFE3
$:@[i]V(
sHA~|c
DQcu0.J
]LEmZw
fANSO0Wi
o](t46
(s'6
hX+z7]C
kernel32.dll
gdi32.dll
user32.dll
ole32.dll
advapi32.dll
oleaut32.dll
SetUnhandledExceptionFilter
CreateFileA
CreateFileW
ReadFile
CloseHandle
SetFilePointer
GetFileSize
ExitProcess
CreateFileMappingA
CreateFileMappingW
LoadLibraryA
LoadLibraryW
LoadLibraryExA
LoadLibraryExW
FreeLibrary
GetProcAddress
LoadImageA
MapViewOfFile
UnmapViewOfFile
GetFileAttributesA
GetFileAttributesW
GetFileAttributesExW
GetModuleHandleA
GetModuleHandleW
GetModuleFileNameA
GetModuleFileNameW
GetLongPathNameA
GetLongPathNameW
SearchPathW
SearchPathA
AddFontResourceA
RemoveFontResourceA
FindFirstFileA
FindFirstFileW
FindClose
FindNextFileA
FindNextFileW
FindFirstFileExW
_lopen
OpenFile
_lread
_llseek
_lclose
CoCreateInstance
CoCreateInstanceEx
CoGetClassObject
GetPrivateProfileStringA
GetPrivateProfileIntA
GetPrivateProfileSectionNamesA
GetPrivateProfileSectionA
GetFileInformationByHandle
LockFile
LockFileEx
UnlockFile
UnlockFileEx
GetRecordInfoFromGuids
GetRecordInfoFromTypeInfo
LoadRegTypeLib
LoadTypeLib
lstrcatA
InitializeCriticalSection
GetProcAddress
LocalFree
RaiseException
LocalAlloc
GetModuleHandleA
LeaveCriticalSection
EnterCriticalSection
DuplicateHandle
GetShortPathNameA
ResumeThread
WriteProcessMemory
GetPrivateProfileSectionA
KERNEL32.dll
DefWindowProcA
AdjustWindowRectEx
USER32.dll
RtlUnwind
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
&Vw0*2
;.i6rN
}sup!
fMaA+E
H 0s.yz
;6`3T6
Osl:YS
V(i""^P,
L}yd-&
C.}p?b
>EEX^
/3l>-Q5"
dC%lT;
FY9Tyd
Z"x=g6
`g2^w,
$/$zr*pZ
CLEgd#3
IKb\')
tm ;-]
{j(\(-
AG+7#&
l78X!"
G-S;}qBq
B$)&s2
!a>=+7>
M8\JMh
m?h$:qH
9<@(lr
O-_f>h
"42ed'
{S<=Hp
SC#2 9
<trzX>%j
tR>=|-p]
@on%78ye
XBk0ib
;dyz=Q[0
Q,2p!Z
{d;zJo
/,DO,lH
W?#9(P*6j
y:@7&M
$s"\^'$o1w
/bE[ g
ABF)U8
Khh(&B
>Gu%Zx
5JhcG
)* >TZ5
#yQ(Z^0k
G JGG0\
FKn+\K
c]Ov#,
Oec'uLV
|lqTGX
Ry2F{h
r'6{'3Z
nV?Nzp
-2*R"y
.hU$B!
nA-ck.x
WyM~/B
C,/Wt.
`ThZ.?4
]tBXSP
MKaoy1K
VS_VERSION_INFO
StringFileInfo
080404b0
Comments
CompanyName
(Future Studio)
FileDescription
FileVersion
1, 0, 0, 1
InternalName
FileSplt
LegalCopyright
(C) 2001
(Future Studio)
LegalTrademarks
OriginalFilename
FileSplt.EXE
PrivateBuild
ProductName
ProductVersion
1, 0, 0, 1
SpecialBuild
VarFileInfo
Translation
VS_VERSION_INFO
StringFileInfo
080404b0
Comments
CompanyName
(Future Studio)
FileDescription
FileVersion
1, 0, 0, 1
InternalName
FileSplt
LegalCopyright
(C) 2001
(Future Studio)
LegalTrademarks
OriginalFilename
FileSplt.EXE
PrivateBuild
ProductName
ProductVersion
1, 0, 0, 1
SpecialBuild
VarFileInfo
Translation
Antivirus Signature
Bkav Clean
Lionic Trojan.Win32.Magania.tsiP
tehtris Generic.Malware
DrWeb BackDoor.Farfli.131
MicroWorld-eScan DeepScan:Generic.KillMBR.A.BE7A7792
ClamAV Clean
FireEye Generic.mg.ba82f3818c68b163
CAT-QuickHeal Trojan.Magania
McAfee GenericRXAA-FA!BA82F3818C68
Malwarebytes Backdoor.GhostRat
VIPRE DeepScan:Generic.KillMBR.A.BE7A7792
Sangfor Backdoor.Win32.Farfli.Vcac
K7AntiVirus Trojan ( 005a17661 )
BitDefender DeepScan:Generic.KillMBR.A.BE7A7792
K7GW Trojan ( 005a17661 )
CrowdStrike win/malicious_confidence_100% (W)
BitDefenderTheta Gen:NN.ZexaF.36344.MyxaayOIvgib
VirIT Trojan.Win32.Genus.ODZ
Cyren W32/S-68bad4f1!Eldorado
Symantec ML.Attribute.HighConfidence
Elastic malicious (high confidence)
ESET-NOD32 a variant of Generik.MQDTQKY
APEX Malicious
Paloalto generic.ml
Cynet Malicious (score: 100)
Kaspersky UDS:DangerousObject.Multi.Generic
Alibaba Backdoor:Win32/Farfli.af61bd1e
NANO-Antivirus Clean
ViRobot Trojan.Win.Z.Farfli.636025
Rising Backdoor.Gh0st!1.DF86 (CLOUD)
Emsisoft DeepScan:Generic.KillMBR.A.BE7A7792 (B)
F-Secure Trojan.TR/Crypt.XPACK.Gen2
Baidu Clean
Zillya Clean
TrendMicro TROJ_GEN.R002C0DCN23
McAfee-GW-Edition BehavesLike.Win32.Generic.jc
Trapmine malicious.high.ml.score
CMC Clean
Sophos Troj/Farfli-DW
Ikarus Trojan.Crypt
GData DeepScan:Generic.KillMBR.A.BE7A7792
Jiangmin Clean
Webroot Clean
Avira TR/Crypt.XPACK.Gen2
MAX malware (ai score=86)
Antiy-AVL Clean
Gridinsoft Trojan.Win32.Gen.bot
Xcitium Backdoor.Win32.Popwin.~IQ@ogvrk
Arcabit DeepScan:Generic.KillMBR.A.BE7A7792
SUPERAntiSpyware Clean
ZoneAlarm UDS:DangerousObject.Multi.Generic
Microsoft Backdoor:Win32/Farfli.AX
Google Detected
AhnLab-V3 Backdoor/Win.Farfli.C5393627
Acronis Clean
VBA32 BScope.Backdoor.Farfli
ALYac DeepScan:Generic.KillMBR.A.BE7A7792
TACHYON Clean
Cylance unsafe
Panda Trj/Genetic.gen
Zoner Clean
TrendMicro-HouseCall TROJ_GEN.R002C0DCN23
Tencent Malware.Win32.Gencirc.1187ee35
Yandex Trojan.Agent!U253A3evZFk
SentinelOne Static AI - Suspicious PE
MaxSecure Trojan.Malware.300983.susgen
Fortinet PossibleThreat.PALLAS.H
AVG Win32:Malware-gen
Avast Win32:Malware-gen
No IRMA results available.