Static | ZeroBOX

PE Compile Time

2022-02-27 06:33:13

PE Imphash

e3caadd564a0f376a947bee28dccac67

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x000133d9 0x00013400 6.59850579457
.rdata 0x00015000 0x00005161 0x00005200 5.31416491323
.data 0x0001b000 0x00004700 0x00002000 3.36986467463
.rsrc 0x00020000 0x000001b4 0x00000200 5.10112291787
.reloc 0x00021000 0x0000228a 0x00002400 4.75151121368

Resources

Name Offset Size Language Sub-language File type
RT_MANIFEST 0x00020058 0x0000015a LANG_ENGLISH SUBLANG_ENGLISH_US ASCII text, with CRLF line terminators

Imports

Library WS2_32.dll:
0x100152e8 getsockname
0x100152ec gethostname
0x100152f0 socket
0x100152f4 gethostbyname
0x100152f8 htons
0x100152fc connect
0x10015300 WSAIoctl
0x10015304 select
0x10015308 recv
0x1001530c WSACleanup
0x10015310 send
0x10015314 setsockopt
0x10015318 closesocket
0x1001531c WSAStartup
Library SHELL32.dll:
0x10015278 SHChangeNotify
0x1001527c ShellExecuteExA
0x10015280 ShellExecuteA
Library ADVAPI32.dll:
0x10015000 OpenSCManagerA
0x10015004 RegSetValueExA
0x10015008 DeleteService
0x1001500c OpenEventLogA
0x10015010 ClearEventLogA
0x10015014 CloseEventLog
0x10015020 DuplicateTokenEx
0x10015024 SetTokenInformation
0x10015028 CreateProcessAsUserA
0x1001502c SetServiceStatus
0x10015030 RegOpenKeyExA
0x10015034 StartServiceA
0x10015038 CreateServiceA
0x1001503c LockServiceDatabase
0x10015040 ChangeServiceConfig2A
0x10015044 UnlockServiceDatabase
0x10015048 OpenServiceA
0x1001504c AdjustTokenPrivileges
0x10015050 LookupPrivilegeValueA
0x10015054 OpenProcessToken
0x10015058 RegCloseKey
0x1001505c RegQueryValueExA
0x10015060 RegOpenKeyA
0x10015064 CloseServiceHandle
Library KERNEL32.dll:
0x10015074 GetFileType
0x10015078 GetStartupInfoW
0x10015080 GetEnvironmentStringsW
0x10015088 GetCurrentProcessId
0x10015090 HeapSize
0x10015094 GetStringTypeW
0x10015098 GetConsoleCP
0x1001509c GetConsoleMode
0x100150a0 SetStdHandle
0x100150a4 FlushFileBuffers
0x100150a8 WriteConsoleW
0x100150ac VirtualFree
0x100150b0 VirtualAlloc
0x100150b4 CreateEventA
0x100150b8 WaitForSingleObject
0x100150bc SetEvent
0x100150c0 InterlockedExchange
0x100150c4 CancelIo
0x100150c8 Sleep
0x100150cc CloseHandle
0x100150d0 ResetEvent
0x100150d4 GlobalUnlock
0x100150d8 GlobalLock
0x100150dc FindNextFileA
0x100150e0 FindFirstFileA
0x100150e4 GetCurrentProcess
0x100150e8 GetVersion
0x100150ec WriteFile
0x100150f0 DeviceIoControl
0x100150f4 CreateFileA
0x100150f8 SetLastError
0x100150fc LocalFree
0x10015100 GetLastError
0x10015104 GlobalAlloc
0x10015108 LocalAlloc
0x1001510c ReadFile
0x10015110 GetFileSize
0x10015114 GetSystemDirectoryA
0x10015118 DeleteFileA
0x1001511c FreeLibrary
0x10015120 LoadLibraryA
0x10015124 GetSystemInfo
0x10015128 lstrlenA
0x1001512c lstrcpyA
0x10015130 lstrcatA
0x10015134 lstrcmpiA
0x10015138 LoadLibraryW
0x1001513c GetTickCount
0x10015140 GetDiskFreeSpaceExA
0x10015144 GetDriveTypeA
0x10015148 GlobalMemoryStatusEx
0x1001514c GetVersionExA
0x10015150 GetLocalTime
0x10015154 CreateDirectoryA
0x10015158 ReleaseMutex
0x1001515c CreateMutexA
0x10015160 MoveFileExA
0x10015164 MoveFileA
0x10015168 GetModuleFileNameA
0x1001516c SetFileAttributesA
0x10015170 CopyFileA
0x10015178 SetThreadPriority
0x1001517c GetCurrentThread
0x10015180 SetPriorityClass
0x10015188 GetShortPathNameA
0x1001518c DefineDosDeviceA
0x10015190 GetFileAttributesA
0x10015194 CreateFileW
0x10015198 GetCurrentThreadId
0x1001519c SetFilePointer
0x100151a0 CreateProcessA
0x100151a4 TerminateThread
0x100151a8 ResumeThread
0x100151ac VirtualProtect
0x100151b0 HeapFree
0x100151b4 GetProcessHeap
0x100151b8 HeapAlloc
0x100151bc SetHandleCount
0x100151c0 VirtualQuery
0x100151c4 MultiByteToWideChar
0x100151c8 LCMapStringW
0x100151cc WideCharToMultiByte
0x100151d0 IsValidCodePage
0x100151d4 GetOEMCP
0x100151d8 GetACP
0x100151dc GetCPInfo
0x100151e0 HeapDestroy
0x100151e4 HeapCreate
0x100151e8 GetModuleFileNameW
0x100151ec GetStdHandle
0x100151f0 TerminateProcess
0x100151f4 IsDebuggerPresent
0x10015200 EnterCriticalSection
0x10015204 LeaveCriticalSection
0x10015208 DeleteCriticalSection
0x10015210 InterlockedDecrement
0x10015214 InterlockedIncrement
0x10015218 TlsFree
0x1001521c TlsSetValue
0x10015220 TlsGetValue
0x10015224 TlsAlloc
0x10015228 GetProcAddress
0x1001522c ExitProcess
0x10015230 RtlUnwind
0x10015234 RaiseException
0x10015238 GetModuleHandleW
0x1001523c DecodePointer
0x10015240 HeapReAlloc
0x10015244 ExitThread
0x10015248 CreateThread
0x1001524c GetCommandLineA
0x10015250 EncodePointer
Library USER32.dll:
0x1001528c FindWindowA
0x10015290 GetClassNameA
0x10015294 GetWindow
0x10015298 GetKeyState
0x1001529c GetAsyncKeyState
0x100152a0 MessageBoxA
0x100152a4 GetWindowTextA
0x100152a8 GetInputState
0x100152ac PostThreadMessageA
0x100152b0 GetMessageA
0x100152b4 GetLastInputInfo
0x100152b8 wsprintfA
0x100152bc EmptyClipboard
0x100152c0 SetClipboardData
0x100152c4 ExitWindowsEx
0x100152c8 OpenClipboard
0x100152cc GetClipboardData
0x100152d0 CloseClipboard
0x100152d4 SendMessageA
0x100152d8 IsWindowVisible
0x100152dc EnumWindows
0x100152e0 GetForegroundWindow
Library SETUPAPI.dll:
0x1001525c SetupDiGetClassDevsA
0x10015260 SetupDiEnumDeviceInfo
Library IPHLPAPI.DLL:
0x1001506c GetIfTable

Exports

Ordinal Address Name
1 0x10004470 fuckyou
!This program cannot be run in DOS mode.
Rich~C
`.rdata
@.data
@.reloc
<>\u/V
VVVRVP
u4WWWWh
SVWhDd
SVWhDd
QQSVWd
uTVWh2
PPPPPPPP
VC20XC00U
t=MOC
HtHu4j
t*=RCC
;7|G;p
tR99u2
^SSSSS
t"SS9] u
;t$,v-
UQPXY]Y[
HHtXHHt
?If90t
j@j ^V
URPQQh
<+t"<-t
+t HHt
PPPPPPPP
bad buffer
bad Allocate
\Tencent\Users\*.*
SeShutdownPrivilege
{4D36E972-E325-11CE-BFC1-08002BE10318}
SysFreeString
Oleaut32.dll
CoCreateInstance
CoUninitialize
CoInitialize
Ole32.dll
Default
GetCurrentProcess
IsWow64Process
kernel32.dll
Process32Next
Process32First
CreateToolhelp32Snapshot
BaiduSdSvc.exe
ServUDaemon.exe
DUB.exe
1433.exe
pfw.exe
MPMon.exe
FYFireWall.exe
kpfwtray.exe
rfwmain.exe
Outpost Firewall
outpost.exe
Comodo
cpf.exe
Kaspersky
avp.exee
ZoneAlarm
vsmon.exe
F-Prot AntiVirus
F-PROT.exe
Avira Antivir
avgaurd.exe
Mcafee
Dr.web
spidernt.exe
AVG Anti-Virus
avg.exe
Symantec Norton
ccapp.exe
AVK.exe
ananwidget.exe
AST.exe
adam.exe
GG.exe
TrojanHunter.exe
KSWebShield.exe
beikesan.exe
parmor.exe
safedog.exe
FortiTray.exe
remupd.exe
vsserv.exe
F-Secure
fsavgui.exe
Sophos
SavProgress.exe
mssecess.exe
QUICK HEAL
QUHLPSVC.EXE
ccSetMgr.exe
avgwdsvc.exe
V3Svc.exe
patray.exe
AYAgent.aye
Miner.exe
QQPCRTP.exe
ksafe.exe
rtvscan.exe
ashDisp.exe
Avira(
avcenter.exe
TMBMSRV.exe
knsdtray.exe
kxetray.exe
egui.exe
RavMonD.exe
KvMonXP.exe
avp.exe
f-secure.exe
QQ.exe
Norton
ccSvcHst.exe
SBAMSvc.exe
Microsoft Security Essentials
MsMpEng.exe
BKavService.exe
SpywareTerminator
SpywareTerminatorShield.exe
nProtect
nspupsvc.exe
PSafeSysTray.exe
Immunet
iptray.exe
ArcaVir
ArcaTasksService.exe
VIRUSfighter
AVWatchService.exe
Shield Antivirus
CKSoftShiedAntivirus4.exe
UnThreat
UnThreat.exe
K7TSecurity.exe
CMCTrayIcon.exe
F-PROT
F-PROT.EXE
Coranti2012
CorantiControlCenter32.exe
Mongoosa
MongoosaGUI.exe
vba32lder.exe
The Cleaner
cleaner8.exe
Lavasoft
ad-watch.exe
a-squared
a2guard.exe
360sd.exe
360tray.exe
Mcshield.exe
RtlGetNtVersionNumbers
HARDWARE\DESCRIPTION\System\CentralProcessor\0
%s:%d:%s
%s\%d.bak
Description
SYSTEM\CurrentControlSet\Services\
Kernel32.dll
WTSGetActiveConsoleSessionId
WinSta0\Default
CreateEnvironmentBlock
userenv.dll
%s Win7
> nul
/c del
COMSPEC
KERNEL32.dll
[Pause Break]
[Shift]
[CLEAR]
[BACKSPACE]
[DELETE]
[INSERT]
[Num Lock]
[Down]
[Right]
[Left]
[PageDown]
[Delete]
[PageUp]
[Home]
[Insert]
[Scroll Lock]
[Print Screen]
[CTRL]
[Enter]
:]%d-%d-%d %d:%d:%d
<Enter>
<BackSpace>
SOFTWARE\Microsoft\Windows\CurrentVersion\Run
C:\Program Files\Common Files\scvhost.exe
CTXOPConntion_Class
CloseProxy
System
Security
Application
%s\shell\open\command
Applications\iexplore.exe\shell\open\command
InternetCloseHandle
InternetReadFile
InternetOpenUrlA
MSIE 6.0
InternetOpenA
wininet.dll
SYSTEM\Clore
/c del
IsBadReadPtr
GetCurrentThreadId
CloseDesktop
SetThreadDesktop
GetUserObjectInformationA
GetThreadDesktop
user32.dll
OpenDesktopA
OpenInputDesktop
GetLastError
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken
ADVAPI32.dll
RegCloseKey
RegEnumKeyExA
RegEnumValueA
RegOpenKeyExA
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegSetValueExA
RegCreateKeyExA
bad allocation
CorExitProcess
Unknown exception
bad exception
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
HH:mm:ss
dddd, MMMM dd, yyyy
MM/dd/yy
December
November
October
September
August
February
January
Saturday
Friday
Thursday
Wednesday
Tuesday
Monday
Sunday
(null)
`h````
xpxxxx
UTF-16LE
UNICODE
Complete Object Locator'
Class Hierarchy Descriptor'
Base Class Array'
Base Class Descriptor at (
Type Descriptor'
`local static thread guard'
`managed vector copy constructor iterator'
`vector vbase copy constructor iterator'
`vector copy constructor iterator'
`dynamic atexit destructor for '
`dynamic initializer for '
`eh vector vbase copy constructor iterator'
`eh vector copy constructor iterator'
`managed vector destructor iterator'
`managed vector constructor iterator'
`placement delete[] closure'
`placement delete closure'
`omni callsig'
delete[]
new[]
`local vftable constructor closure'
`local vftable'
`udt returning'
`copy constructor closure'
`eh vector vbase constructor iterator'
`eh vector destructor iterator'
`eh vector constructor iterator'
`virtual displacement map'
`vector vbase constructor iterator'
`vector destructor iterator'
`vector constructor iterator'
`scalar deleting destructor'
`default constructor closure'
`vector deleting destructor'
`vbase destructor'
`string'
`local static guard'
`typeof'
`vcall'
`vbtable'
`vftable'
operator
delete
__unaligned
__restrict
__ptr64
__eabi
__clrcall
__fastcall
__thiscall
__stdcall
__pascal
__cdecl
__based(
GetProcessWindowStation
GetUserObjectInformationW
GetLastActivePopup
GetActiveWindow
MessageBoxW
 !"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~
 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
`h`hhh
xppwpp
1#QNAN
1#SNAN
WSAIoctl
WS2_32.dll
SHGetSpecialFolderPathA
SHChangeNotify
ShellExecuteExA
ShellExecuteA
SHELL32.dll
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegQueryValueExA
RegOpenKeyA
CloseServiceHandle
RegSetValueExA
StartServiceA
OpenServiceA
UnlockServiceDatabase
ChangeServiceConfig2A
LockServiceDatabase
CreateServiceA
OpenSCManagerA
RegOpenKeyExA
SetServiceStatus
CreateProcessAsUserA
SetTokenInformation
DuplicateTokenEx
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
CloseEventLog
ClearEventLogA
OpenEventLogA
DeleteService
ADVAPI32.dll
VirtualFree
VirtualAlloc
CreateEventA
WaitForSingleObject
SetEvent
InterlockedExchange
CancelIo
CloseHandle
ResetEvent
GlobalUnlock
GlobalLock
FindNextFileA
FindFirstFileA
GetCurrentProcess
GetVersion
WriteFile
DeviceIoControl
CreateFileA
SetLastError
LocalFree
GetLastError
GlobalAlloc
LocalAlloc
ReadFile
GetFileSize
GetSystemDirectoryA
DeleteFileA
FreeLibrary
GetProcAddress
LoadLibraryA
GetSystemInfo
lstrlenA
lstrcpyA
lstrcatA
lstrcmpiA
LoadLibraryW
GetTickCount
GetDiskFreeSpaceExA
GetDriveTypeA
GlobalMemoryStatusEx
GetVersionExA
GetLocalTime
CreateDirectoryA
ReleaseMutex
CreateMutexA
MoveFileExA
MoveFileA
GetModuleFileNameA
SetFileAttributesA
CopyFileA
ExpandEnvironmentStringsA
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetEnvironmentVariableA
GetShortPathNameA
DefineDosDeviceA
GetFileAttributesA
ExitProcess
GetCurrentThreadId
SetFilePointer
CreateProcessA
TerminateThread
ResumeThread
VirtualProtect
HeapFree
GetProcessHeap
HeapAlloc
KERNEL32.dll
CloseClipboard
GetClipboardData
OpenClipboard
ExitWindowsEx
SetClipboardData
EmptyClipboard
wsprintfA
GetLastInputInfo
GetMessageA
PostThreadMessageA
GetInputState
GetWindowTextA
GetForegroundWindow
GetAsyncKeyState
GetKeyState
GetWindow
GetClassNameA
FindWindowA
MessageBoxA
SendMessageA
IsWindowVisible
EnumWindows
USER32.dll
SetupDiDestroyDeviceInfoList
SetupDiCallClassInstaller
SetupDiSetClassInstallParamsA
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SETUPAPI.dll
GetIfTable
IPHLPAPI.DLL
RtlUnwind
RaiseException
GetModuleHandleW
DecodePointer
HeapReAlloc
ExitThread
CreateThread
GetCommandLineA
EncodePointer
IsProcessorFeaturePresent
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetStdHandle
GetModuleFileNameW
HeapCreate
HeapDestroy
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
WideCharToMultiByte
LCMapStringW
MultiByteToWideChar
VirtualQuery
SetHandleCount
GetFileType
GetStartupInfoW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapSize
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetStdHandle
FlushFileBuffers
WriteConsoleW
CreateFileW
Xy.dll
fuckyou
.?AVCBuffer@@
.?AVCClientSocket@@
.?AVCChatManager@@
.?AVCManager@@
.?AVCKeyboardManager@@
ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/
www.jinjin.com
216.83.59.17
Default
Rsowwi ukgcocae
SSDKSRV Discovery Service
Booth
%ProgramFiles%\
Terms.exe
FUCK YOU
.?AVbad_alloc@std@@
.?AVexception@std@@
.?AVCKernelManager@@
.?AVtype_info@@
.?AVbad_exception@std@@
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
<security>
<requestedPrivileges>
<requestedExecutionLevel level="asInvoker" uiAccess="false"></requestedExecutionLevel>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>PAPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPAD
3-364Y4
5*545>5
566T6m6
8D:O:Y:d:
>.>7>@>F>L>U>^>
?Z?`?h?q?{?
1 1&191@1I1Q1u1
5)5E5d5
6Z6`6r6
6)70787?7G7R7]7i7}7
9<9G9Q9[9e9o9y9
:#:-:7:A:K:U:_:i:s:}:
;';1;;;E;O;Y;c;m;};
<'<1<;<E<O<Y<c<m<w<
=!=+=5=?=I=S=]=g=q={=
>%>/>9>I>S>]>g>q>{>
?%?,?3?:?A?H?O?T?i?p?w?~?
0D0M0g0
3$353K3R3\3l3r3
3-4[4g4n4z4
4,5A5N5\5i5
8#8*868L8
9$9Z9t9y9
:>:K:U:
;3;D;V;[;
<%=1=:=G=
=A>K>V>`>
0#0*040E0K0U0_0d0p0t0x0|0
1&1+10191T1
22+262O2^2c2j2v2
4,474>4P4}4
4!5;5P5W5]5k5
8!8N8]8b8
9)9W9`9e9o9
: :%:j:p:
;2;@;J;P;V;w;
<<<d<q<
0(1.1Y1t1
5>5E5L5X5]5g5t5
;9;?;E;g;
<+<:<O<s<
$0.040=0h0
191R1X1e1r1x1
2&2D2_2
555M5k5
5)6[6o6
6;7d7h7l7p7t7x7|7
8(939F9\9b9
>$>+>u>
0U1i1p1|1
2"2(2]2c2i2p2x2
4'424:4B4
6 6$6v6{6
7b7i7s7
84888<8@8D8H8L8w8
9V9[9a9e9k9o9u9y9
;9;_;};
= =$=(=,=0=4=8=<=
2%2+2?2a2
2P3V3_3f3
4#4(4:4D4I4e4o4
5'5M5T5n5u5
71777F7
8 8[8c8x8
9*:\:t:{:
; ;j;p;t;x;|;
4"4,4N4
4+5_5e5k5
1(1.171=1R1X1c1o1u1}1
4,424>4D4T4Z4`4o4}4
5 5&5+5:5P5V5^5c5k5p5x5}5
6M6X6^6
7/8<8B8
9%9/9A9X9f9l9
;!;);p;u;
;;<D<J<
=7>>>K>Q>
00=0Q0W0
2(3@3J3e3m3s3
5"6_6v6
718>8H8V8_8i8
<$<)<8<_<
>M?g?x?
90:D:L:Z:h:o:
<:=A=M>
:A:K:c:
<8=>=X=g=t=
>">H>{>
>!?'?Q?
0.0F0d0
1!161V1{1
2f4o4{4
5-5<5t5~5
7F8L8h8
89,989@9H9T9}9
1%101<1A1Q1V1\1b1x1
12*202@2E2V2^2d2n2t2~2
34365=5C5f5
::1:C:U:{:
;/;A;S;y=
7 748R8
9":O:Z:
:;);x;
;P<V<`<
0W1]1k1
;L>P>T>X>\>`>d>h>l>p>t>x>
<J=Y?f?t?
d0j0w0
034383<3H3L3`3d3
6@6D6H6L6,?4?<?D?L?T?\?d?l?t?|?
; ;$;(;,;0;4;8;<;@;D;H;L;P;T;X;\;`;d;h;l;p;t;x;|;
6 686H6L6\6`6d6l6
7(7,70787P7T7l7|7
8,8<8@8P8T8d8h8l8t8
8$949X9d9l9
:8:@:H:P:T:\:p:x:
;(;4;<;X;h;x;
<$<(<H<h<p<t<
=,=0=L=P=X=`=h=l=t=
>8>X>x>
?8?X?d?
040D0T0p0
0,7H7h7l7p7t7x7|7
8 8$8(8,8084888<8@8D8H8L8P8T8X8\8`8d8h8l8p8t8x8|8
9 9$9(9,9094989<9@9D9H9L9P9T9X9\9`9d9h9l9p9t9x9|9
: :$:(:,:0:4:8:<:@:D:H:L:P:T:X:\:`:d:h:l:p:t:x:|:
5 5$5(5,5054585<5@5D5H5L5P5`5d5h5l5p5t5x5|5
: :$:(:,:0:4:8:<:@:D:H:P:
jjjjjj
jjjjjj
jjjjjj
jjjjjj
FriendlyName
ntdll.dll
mscoree.dll
KERNEL32.DLL
runtime error
TLOSS error
SING error
DOMAIN error
- Attempt to use MSIL code from this assembly during native code initialization
This indicates a bug in your application. It is most likely the result of calling an MSIL-compiled (/clr) function from a native constructor or from DllMain.
- not enough space for locale information
- Attempt to initialize the CRT more than once.
This indicates a bug in your application.
- CRT not initialized
- unable to initialize heap
- not enough space for lowio initialization
- not enough space for stdio initialization
- pure virtual function call
- not enough space for _onexit/atexit table
- unable to open console device
- unexpected heap error
- unexpected multithread lock error
- not enough space for thread data
- abort() has been called
- not enough space for environment
- not enough space for arguments
- floating point support not loaded
Microsoft Visual C++ Runtime Library
<program name unknown>
Runtime Error!
Program:
HH:mm:ss
dddd, MMMM dd, yyyy
MM/dd/yy
December
November
October
September
August
February
January
Saturday
Friday
Thursday
Wednesday
Tuesday
Monday
Sunday
n(null)
WUSER32.DLL
((((( H
h(((( H
H
CONOUT$
Antivirus Signature
Bkav W32.AIDetectMalware
Lionic Clean
Elastic malicious (high confidence)
MicroWorld-eScan Generic.Malware.LcPfoPk!134.207C2B57
ClamAV Win.Dropper.Gh0stRAT-7696262-0
CMC Clean
CAT-QuickHeal Clean
ALYac Generic.Malware.LcPfoPk!134.207C2B57
Malwarebytes Backdoor.Farfli
VIPRE Generic.Malware.LcPfoPk!134.207C2B57
Sangfor Suspicious.Win32.Save.ins
CrowdStrike win/malicious_confidence_100% (D)
BitDefender Generic.Malware.LcPfoPk!134.207C2B57
K7GW Trojan ( 00569b3c1 )
K7AntiVirus Trojan ( 00569b3c1 )
BitDefenderTheta Gen:NN.ZedlaF.36196.hu4@aGIbXmdi
VirIT Clean
Cyren W32/Farfli.GW.gen!Eldorado
Symantec ML.Attribute.HighConfidence
tehtris Clean
ESET-NOD32 a variant of Win32/Farfli.DAV
APEX Malicious
Paloalto generic.ml
Cynet Malicious (score: 100)
Kaspersky Backdoor.Win32.Zegost.mttqq
Alibaba Backdoor:Win32/Farfli.d8f496a4
NANO-Antivirus Trojan.Win32.Zegost.jowlpx
ViRobot Clean
Rising Backdoor.Agent!1.9E1E (CLASSIC)
Ad-Aware Generic.Malware.LcPfoPk!134.207C2B57
Sophos Mal/Generic-S
Baidu Win32.Backdoor.Farfli.b
F-Secure Backdoor.BDS/Zegost.klzeimd
DrWeb BackDoor.Farfli.171
Zillya Trojan.Farfli.Win32.40952
TrendMicro TROJ_GEN.R002C0DEI23
McAfee-GW-Edition BehavesLike.Win32.Ransomware.ch
Trapmine Clean
FireEye Generic.mg.71c46a859f0729eb
Emsisoft Generic.Malware.LcPfoPk!134.207C2B57 (B)
Ikarus Trojan.Win32.Farfli
GData Generic.Malware.LcPfoPk!134.207C2B57
Jiangmin Backdoor.Zegost.atw
Webroot Clean
Avira BDS/Zegost.klzeimd
MAX malware (ai score=88)
Antiy-AVL Trojan/Win32.Farfli
Gridinsoft Clean
Xcitium Clean
Arcabit Generic.Malware.LcPfoPk!134.207C2B57
SUPERAntiSpyware Clean
Microsoft Trojan:Win32/Farfli.BN!MTB
Google Detected
AhnLab-V3 Trojan/Win32.Magania.R66525
Acronis Clean
McAfee GenericRXRX-EK!71C46A859F07
TACHYON Clean
DeepInstinct MALICIOUS
VBA32 Backdoor.Zegost
Cylance Clean
Panda Trj/Genetic.gen
Zoner Clean
TrendMicro-HouseCall TROJ_GEN.R002C0DEI23
Tencent Backdoor.Win32.Zegost.ha
Yandex Clean
SentinelOne Static AI - Malicious PE
MaxSecure Trojan.Malware.8337874.susgen
Fortinet W32/Farfli.CUY!tr
AVG Win32:Farfli-BH [Trj]
Avast Win32:Farfli-BH [Trj]
No IRMA results available.