popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2022-10-31 12:35:34

PE Imphash

1552eebb89b3841e6a330c0c93657732

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x0001d4a4 0x0001d600 6.5050499411
.data 0x0001f000 0x00296490 0x0001b200 6.38350766055
.lis 0x002b6000 0x00000005 0x00000200 0.0
.rsrc 0x002b7000 0x00018b50 0x00018c00 3.9431755404

Resources

Name Offset Size Language Sub-language File type
RT_CURSOR 0x002cdea0 0x000008a8 LANG_NEUTRAL SUBLANG_NEUTRAL dBase III DBT, version number 0, next free block index 40, 1st item "\251\317"
RT_CURSOR 0x002cdea0 0x000008a8 LANG_NEUTRAL SUBLANG_NEUTRAL dBase III DBT, version number 0, next free block index 40, 1st item "\251\317"
RT_ICON 0x002cd7e0 0x00000468 LANG_TAMIL SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x002cd7e0 0x00000468 LANG_TAMIL SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x002cd7e0 0x00000468 LANG_TAMIL SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x002cd7e0 0x00000468 LANG_TAMIL SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x002cd7e0 0x00000468 LANG_TAMIL SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x002cd7e0 0x00000468 LANG_TAMIL SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x002cd7e0 0x00000468 LANG_TAMIL SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x002cd7e0 0x00000468 LANG_TAMIL SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x002cd7e0 0x00000468 LANG_TAMIL SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x002cd7e0 0x00000468 LANG_TAMIL SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x002cd7e0 0x00000468 LANG_TAMIL SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x002cd7e0 0x00000468 LANG_TAMIL SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x002cd7e0 0x00000468 LANG_TAMIL SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x002cd7e0 0x00000468 LANG_TAMIL SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x002cd7e0 0x00000468 LANG_TAMIL SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x002cd7e0 0x00000468 LANG_TAMIL SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x002cd7e0 0x00000468 LANG_TAMIL SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x002cd7e0 0x00000468 LANG_TAMIL SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x002cd7e0 0x00000468 LANG_TAMIL SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x002cd7e0 0x00000468 LANG_TAMIL SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x002cd7e0 0x00000468 LANG_TAMIL SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x002cd7e0 0x00000468 LANG_TAMIL SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x002cd7e0 0x00000468 LANG_TAMIL SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x002cd7e0 0x00000468 LANG_TAMIL SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x002cd7e0 0x00000468 LANG_TAMIL SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x002cd7e0 0x00000468 LANG_TAMIL SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x002cd7e0 0x00000468 LANG_TAMIL SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x002cd7e0 0x00000468 LANG_TAMIL SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x002cd7e0 0x00000468 LANG_TAMIL SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_STRING 0x002cf998 0x000001b6 LANG_TAMIL SUBLANG_DEFAULT data
RT_STRING 0x002cf998 0x000001b6 LANG_TAMIL SUBLANG_DEFAULT data
RT_STRING 0x002cf998 0x000001b6 LANG_TAMIL SUBLANG_DEFAULT data
RT_STRING 0x002cf998 0x000001b6 LANG_TAMIL SUBLANG_DEFAULT data
RT_STRING 0x002cf998 0x000001b6 LANG_TAMIL SUBLANG_DEFAULT data
RT_ACCELERATOR 0x002cdcc0 0x00000098 LANG_TAMIL SUBLANG_DEFAULT data
RT_GROUP_CURSOR 0x002ce748 0x00000014 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_GROUP_CURSOR 0x002ce748 0x00000014 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_GROUP_ICON 0x002cdc48 0x00000076 LANG_TAMIL SUBLANG_DEFAULT data
RT_GROUP_ICON 0x002cdc48 0x00000076 LANG_TAMIL SUBLANG_DEFAULT data
RT_GROUP_ICON 0x002cdc48 0x00000076 LANG_TAMIL SUBLANG_DEFAULT data
RT_GROUP_ICON 0x002cdc48 0x00000076 LANG_TAMIL SUBLANG_DEFAULT data
RT_VERSION 0x002ce760 0x0000020c LANG_NEUTRAL SUBLANG_NEUTRAL data

Imports

Library KERNEL32.dll:
0x40100c GetProfileIntW
0x401010 LoadResource
0x401018 QueryDosDeviceA
0x401020 GetModuleHandleW
0x401024 EnumCalendarInfoExW
0x40102c EnumTimeFormatsA
0x401030 GetDriveTypeA
0x401040 WriteConsoleW
0x401044 lstrcatA
0x401048 CompareStringW
0x40104c GetVolumePathNameA
0x401050 EnumSystemLocalesA
0x401054 InterlockedExchange
0x401058 GlobalUnfix
0x40105c FindFirstFileA
0x401060 GetLastError
0x401064 GlobalFix
0x401068 GetProcAddress
0x40106c SetComputerNameA
0x401070 SearchPathA
0x401074 ResetEvent
0x401078 GetLocalTime
0x40107c LoadLibraryA
0x401080 WriteConsoleA
0x401088 LocalAlloc
0x40108c SetFileApisToANSI
0x401090 AddAtomA
0x401094 GetModuleFileNameA
0x401098 FindNextFileA
0x4010a0 EnumDateFormatsA
0x4010a4 GetModuleHandleA
0x4010ac GetShortPathNameW
0x4010b0 SetCalendarInfoA
0x4010b8 OpenSemaphoreW
0x4010bc TerminateJobObject
0x4010c8 DeleteFileA
0x4010d4 WideCharToMultiByte
0x4010dc MultiByteToWideChar
0x4010e0 EncodePointer
0x4010e4 DecodePointer
0x4010e8 Sleep
0x4010fc MoveFileA
0x401100 HeapFree
0x401104 HeapReAlloc
0x401108 GetCommandLineA
0x40110c HeapSetInformation
0x401110 GetStartupInfoW
0x401114 GetCPInfo
0x401118 RaiseException
0x40111c RtlUnwind
0x401120 HeapAlloc
0x401124 LCMapStringW
0x401128 GetACP
0x40112c GetOEMCP
0x401130 IsValidCodePage
0x401134 TlsAlloc
0x401138 TlsGetValue
0x40113c TlsSetValue
0x401140 TlsFree
0x401144 SetLastError
0x401148 GetCurrentThreadId
0x401154 IsDebuggerPresent
0x401158 TerminateProcess
0x40115c GetCurrentProcess
0x401164 HeapCreate
0x401168 SetHandleCount
0x40116c GetStdHandle
0x401174 GetFileType
0x401178 SetFilePointer
0x40117c CloseHandle
0x401180 ExitProcess
0x401184 WriteFile
0x401188 GetModuleFileNameW
0x401194 GetTickCount
0x401198 GetCurrentProcessId
0x40119c GetStringTypeW
0x4011a0 GetLocaleInfoW
0x4011a4 HeapSize
0x4011a8 GetUserDefaultLCID
0x4011ac GetLocaleInfoA
0x4011b0 IsValidLocale
0x4011b4 GetConsoleCP
0x4011b8 GetConsoleMode
0x4011bc SetStdHandle
0x4011c0 FlushFileBuffers
0x4011c4 LoadLibraryW
0x4011c8 CreateFileW
Library GDI32.dll:
0x401000 GetCharABCWidthsW
!This program cannot be run in DOS mode.
N\Rich
`.data
generic
iostream
system
iostream stream error
Unknown exception
bad allocation
Visual C++ CRT: Not enough memory to complete call to strerror.
LC_TIME
LC_NUMERIC
LC_MONETARY
LC_CTYPE
LC_COLLATE
LC_ALL
 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
bad exception
 !"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~
HH:mm:ss
dddd, MMMM dd, yyyy
MM/dd/yy
December
November
October
September
August
February
January
Saturday
Friday
Thursday
Wednesday
Tuesday
Monday
Sunday
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
(null)
`h````
xpxxxx
CorExitProcess
Illegal byte sequence
Directory not empty
Function not implemented
No locks available
Filename too long
Resource deadlock avoided
Result too large
Domain error
Broken pipe
Too many links
Read-only file system
Invalid seek
No space left on device
File too large
Inappropriate I/O control operation
Too many open files
Too many open files in system
Invalid argument
Is a directory
Not a directory
No such device
Improper link
File exists
Resource device
Unknown error
Bad address
Permission denied
Not enough space
Resource temporarily unavailable
No child processes
Bad file descriptor
Exec format error
Arg list too long
No such device or address
Input/output error
Interrupted function call
No such process
No such file or directory
Operation not permitted
No error
united-states
united-kingdom
trinidad & tobago
south-korea
south-africa
south korea
south africa
slovak
puerto-rico
pr-china
pr china
new-zealand
hong-kong
holland
great britain
england
britain
america
swedish-finland
spanish-venezuela
spanish-uruguay
spanish-puerto rico
spanish-peru
spanish-paraguay
spanish-panama
spanish-nicaragua
spanish-modern
spanish-mexican
spanish-honduras
spanish-guatemala
spanish-el salvador
spanish-ecuador
spanish-dominican republic
spanish-costa rica
spanish-colombia
spanish-chile
spanish-bolivia
spanish-argentina
portuguese-brazilian
norwegian-nynorsk
norwegian-bokmal
norwegian
italian-swiss
irish-english
german-swiss
german-luxembourg
german-lichtenstein
german-austrian
french-swiss
french-luxembourg
french-canadian
french-belgian
english-usa
english-us
english-uk
english-trinidad y tobago
english-south africa
english-nz
english-jamaica
english-ire
english-caribbean
english-can
english-belize
english-aus
english-american
dutch-belgian
chinese-traditional
chinese-singapore
chinese-simplified
chinese-hongkong
chinese
canadian
belgian
australian
american-english
american english
american
Norwegian-Nynorsk
`h`hhh
xppwpp
Complete Object Locator'
Class Hierarchy Descriptor'
Base Class Array'
Base Class Descriptor at (
Type Descriptor'
`local static thread guard'
`managed vector copy constructor iterator'
`vector vbase copy constructor iterator'
`vector copy constructor iterator'
`dynamic atexit destructor for '
`dynamic initializer for '
`eh vector vbase copy constructor iterator'
`eh vector copy constructor iterator'
`managed vector destructor iterator'
`managed vector constructor iterator'
`placement delete[] closure'
`placement delete closure'
`omni callsig'
delete[]
new[]
`local vftable constructor closure'
`local vftable'
`udt returning'
`copy constructor closure'
`eh vector vbase constructor iterator'
`eh vector destructor iterator'
`eh vector constructor iterator'
`virtual displacement map'
`vector vbase constructor iterator'
`vector destructor iterator'
`vector constructor iterator'
`scalar deleting destructor'
`default constructor closure'
`vector deleting destructor'
`vbase destructor'
`string'
`local static guard'
`typeof'
`vcall'
`vbtable'
`vftable'
operator
delete
__unaligned
__restrict
__ptr64
__eabi
__clrcall
__fastcall
__thiscall
__stdcall
__pascal
__cdecl
__based(
GetProcessWindowStation
GetUserObjectInformationW
GetLastActivePopup
GetActiveWindow
MessageBoxW
bad locale name
ios_base::badbit set
ios_base::failbit set
ios_base::eofbit set
zujuhixedu
guhitazi
xipapigujawasuvataj
yejurigamowocobifirugukumarahiz
pukikasubakuvizixijoloyo
dunuzamimusax
%s %d %f
zalavegolenos
sigur zaxozufa xupemeyuzusuxayiwutoyihefoso
fahosilutubinoyosaxepucusajanila hofiholevawafowasujig jepapocimocexobijup socegikavumipatoxilazorikeju kadereritezarix
folavovizapohabowemi
xulipur
tanomuxihijiporifulera
invalid string position
vector<T> too long
string too long
bad cast
1#QNAN
1#SNAN
D$(x?@
T$0UVRP
9t$Pr9
D$ 9t$4s
L$ j@Q
L$ j@Q
T$$j@R
T$$j@R
T$hjlR
D$hPQRV
T$hjlR
D$hPQRV
DVPQRh|B@
\$L9D$D
9t$Dr
D$09t$`r
<+t'<-t#<0u
T$hWQR
L$0VPQ
tv9urVj
t}9uyj
PPPPPPPP
QQSVWd
.t|PVj@
t=MOC
HtHu4j
t*=RCC
;7|G;p
tR99u2
t"SS9] u
F\=x+@
HHtXHHt
?If90t
j@j ^V
^SSSSS
F Pj*S
F$Pj+Sj
F(Pj,S
F,Pj-S
F0Pj.S
F4Pj/S
F8PjDS
F<PjES
F@PjFS
FDPjGS
FHPjHS
FLPjIS
FPPjJS
FTPjKS
FXPjLS
F\PjMS
F`PjNS
FdPjOS
FhPj8S
FlPj9S
FpPj:S
FtPj;S
FxPj<S
F|Pj=S
C PjPV
C$PjQV
C*PjTV
C+PjUV
C,PjVV
C-PjWV
C.PjRV
C/PjSV
CHPjPV
CLPjQV
tKh87@
t:h47@
Wj@h`4@
u h<7@
PPPPPPPP
HHtYHHt
URPQQh tA
u}h0?@
t VV9u
;t$,v-
UQPXY]Y[
D$0xC@
D$H4C@
D$H4C@
<+t"<-t
+t HHt
u-hLD@
GetVolumeNameForVolumeMountPointA
GlobalFix
ConvertThreadToFiber
GetProfileIntW
LoadResource
InterlockedDecrement
QueryDosDeviceA
GetProcessPriorityBoost
GetModuleHandleW
EnumCalendarInfoExW
GetSystemTimeAsFileTime
EnumTimeFormatsA
GetDriveTypeA
GetPrivateProfileIntA
GetVolumeInformationA
GetConsoleAliasExesLengthW
WriteConsoleW
lstrcatA
CompareStringW
GetVolumePathNameA
EnumSystemLocalesA
InterlockedExchange
GlobalUnfix
FindFirstFileA
GetLastError
GetCurrentDirectoryW
GetProcAddress
SetComputerNameA
SearchPathA
ResetEvent
GetLocalTime
LoadLibraryA
WriteConsoleA
InterlockedExchangeAdd
LocalAlloc
SetFileApisToANSI
AddAtomA
GetModuleFileNameA
FindNextFileA
FindFirstVolumeMountPointA
EnumDateFormatsA
GetModuleHandleA
FreeEnvironmentStringsW
GetShortPathNameW
SetCalendarInfoA
SetThreadAffinityMask
OpenSemaphoreW
TerminateJobObject
FileTimeToLocalFileTime
MoveFileWithProgressW
DeleteFileA
KERNEL32.dll
GetCharABCWidthsW
GDI32.dll
WideCharToMultiByte
InterlockedIncrement
MultiByteToWideChar
EncodePointer
DecodePointer
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
MoveFileA
HeapFree
HeapReAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
GetCPInfo
RaiseException
RtlUnwind
HeapAlloc
LCMapStringW
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
HeapCreate
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
SetFilePointer
CloseHandle
ExitProcess
WriteFile
GetModuleFileNameW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetStringTypeW
GetLocaleInfoW
HeapSize
GetUserDefaultLCID
GetLocaleInfoA
IsValidLocale
GetConsoleCP
GetConsoleMode
SetStdHandle
FlushFileBuffers
LoadLibraryW
CreateFileW
.?AVerror_category@std@@
.?AV_Generic_error_category@std@@
.?AV_Iostream_error_category@std@@
.?AV_System_error_category@std@@
.?AV_Locimp@locale@std@@
.?AVlogic_error@std@@
.?AVlength_error@std@@
.?AVout_of_range@std@@
Copyright (c) 1992-2004 by P.J. Plauger, licensed by Dinkumware, Ltd. ALL RIGHTS RESERVED.
.?AVtype_info@@
.?AVbad_exception@std@@
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
.?AV?$numpunct@D@std@@
.?AV?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@
.?AV?$ctype@D@std@@
.?AUctype_base@std@@
.?AVfacet@locale@std@@
.?AV?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@
.?AV?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@
.?AV?$basic_iostream@DU?$char_traits@D@std@@@std@@
.?AV?$basic_ostream@DU?$char_traits@D@std@@@std@@
.?AV?$basic_istream@DU?$char_traits@D@std@@@std@@
.?AV?$basic_streambuf@DU?$char_traits@D@std@@@std@@
.?AV?$basic_ios@DU?$char_traits@D@std@@@std@@
.?AV?$_Iosb@H@std@@
.?AVios_base@std@@
.?AVruntime_error@std@@
.?AVexception@std@@
.?AVfailure@ios_base@std@@
.?AVsystem_error@std@@
Xo~EZ
%Ys">Qv
*>M'Ep
]h!qpn
V!On=3
=~OG>D
eT{'R]
U&J:E1
$RC9/P
gA{bgkL
_7h(;SG
+Y:f@%
9H[[b-e
}SbB+F
?ncA$\
2 |Nq~
[k9@?)
sY@B=Y
%yCtqN
?lFls7[5
FcRE%,
-6_pAA
z~}Hrr
3D%]Bl^
~q$&qN[
2q7*kG(
}\EGk>
&4Q@JHy
m/yp\]
PrLY[BU
)HVPIaa
m>T|>2i
I]HWuY
hpd%BG
]($S\2
skiL93B
Ue9*ih
6nK.D]
~OMg u
m`kD0#Lv
$R'35=2
`yd,e?kTx
RS:r5eB
JkAk>m
G$0G&(
XsXEjh
m/!XiK
!z5wC3
aG/Ld+]
X)h_D6
>9sNMdY
'`RN2f
%H3hN_C
9GF@vL#fOK
>:*5\X?
AvV-o?
'?#\2
PHLV^+
-'/]_S
*)KZ_a:
dMws$L
QTld],
C1Gwx^E
`qo'@~T
F%Hf_e
u; ToAE
;orhkSb
;<cgr
!^TIB:"o
7)"T]u9g
J0\@B]f
/RSV8@
}u6<bI
\,]!o.-e
jJisD
!XQl;L^
urg{2"
@12P1)
ObB&=Qa
dRr'./z7
^)ZYpD
o!h^l<*
\sNpyH}
,`HwATl
<z;LNy
*i){`H
9j~C5}=
*c;vye
gUSQnbQ|
]N|ksm
~'jt*,
`r\FS|
s1WAM'!O
NjIxHL7x
&\e$&M7
-``8`
J~pb(dn
0<o9LA|{@DD!-
=,o3';\
G_gD,|
L~%(dVW
j?Iu?%o
./ZAXi
!X'3).
~Bs/j^K
Ctw8[F
'Kr,36L
q31:Ct
[$-ur<
E\M{Zy
1U^aR4
%Z_[8\
m,ixm+
,&Zx4Q
D]O8N#s
M2.9?y
g"ft+t
Et2@0\!
;wp7#zo
(LG2=:
[4V>8\o
.?AVbad_cast@std@@
.?AVbad_alloc@std@@
GGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
GGGGGGGGG
GGGGGGGG
GGGGGGG
GGGGGG
fffffff
pppppppp
**************]p
p*0YYY
{{0000
{{0000
GGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
===============================================================================%
%%=======`%qt|ssssssI
======%|
=====%|s%s
|t||||
====`ts
ststts
I\%%s`
IIIIIs
====;s
Iqqqqqq
====;I99
%%%%%%%%%\
====;I
***********
|====;I\
|====`6\
|====;q
|====;I
|====;q
;;`=========================
NNNNNNN
NNNNNNNNN
l"\LNN
A\2p<ll`
lC\LNNNNA
lCULNNNNN
;\JTl`
lllllK`lCU
NNNNNN
NNNNNNNN
U2Q22222\
NNNNNNNNN
NNNNNNNNNNNNNN
NNNNNNNNNNNNN
NNNNNNNN
lllllH
hhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhh
hhhhhhhhhhhhhhhhhhhhhhhhhhhhhhh
hhhhhhhhhhhhhhhi
hhhhhhhhhhhhhh
hhhhhhhhhhhhhh
hhhhhhhhhhhhh
hhhhhhhhhhhhh
Khhhhhhhhhhh{,
hhhhhhhhhhhh
hhhhhhhhhh
hhhhhhhhhhh
hhhhhhhhhG
H{_hhhhhhhhh
hhhhhhhhh
hhhhhh
hhhhhhh
_hhhhhhh
hhhhhhh
-hhhhhh
Uhhhhhhhh
hhhhhhhhhh
hhhhhhhhhhhhhhhr
hhhhhhhhhhhhhhhhhhhh
hhhhhhhhhhhhhhhhhhhhhhhK^
_hhhhhhhhhhhhhhhhhhhhhhhhK8
hhhhhhhhhhhhhhhhhhhhhhhhhKk8b
hhhhhhhhhhhhhhhhhhhhhhhhhhhK
$hhhhhhhhhhhhhhhhhhhhhhhhhhhh
hhhhhhhhhhhhhhhhhhhhhhhhhhhhh
hhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhh
#################################################################=######W
#######=w#####W
######=
4k####M
j0=####k
########WM
w##########W
k###########W
#############W
######################
}|||~|~}
}z}~~|
}{{||~{
|}||{{
}|~{{{}y}
}y~}{{
|~z}{z
}|{}|z
99999999
l49\\\\\\\\\\\\\
\\\\\94l
+++++++++++++\$l
l$\++_+_+_+_+_+
,,,,,,,,,
VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
VVVVVVVVVVV
VVVVVVVVVVV+
VVVVVVV)
VVVVVVVVVVV)
VVVVVVVVVVV
VVVVVVVVVVVV
+VVVVVVVVVVVV
VVVVVVVVVVVV
eeeeeeee
VVVVVVVVVVVVVd
iiiiiiii
VVVVVVVVVVVd
66666lll
VVVVVVVVVd
VVVVVVVd
ggggggggggggi]
VVVVVd
VVVVVVV
55554d
DVVVVVVVVVVVVVVV
gdVVVVVVVVVVVVVVVVVVog
VVVVVVVVVVVVVVVVVVVV`
gdVVVVVVVVVVVVVVVVVVVV#
`VVVVVVVVVVVVVVVVVVVVVV
dVVVVVVVVVVVVVVVVVVVVVV
VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
UU3UUU
GGGGGG
============================================================================================================================================================================================================
Z_===============_
_=============_
============_
===========_
_pppppppppppp
==========_
pppppppp
=========_
---~-;p
========_
=======_
~--~-~|
=======
;-~~~-
=======
--;~;~
=======
;-;~~~
=======ZI
PPPP~~
;-;~~;|
=======
~-;~;~
=======
;-;;;;
=======
=======
___________;_;_;;;;
=======
P_________;_;;;
=======
P_____;_____
=======
=======
YYYYYYYYYYYYYYYYYYYYYYY
=======
=======
=======
=======
FFFFFFFF
=======
$MMMMM
Z=======
=======
=======
Z=======
=======
=======
a$$$$$
Z=======
$
=======
$$$$$$$
=======
$$$$$$$$
Z=======
$$$$$$$
=======
=======
=======_
Y999dddddddddd
_========_
Z_====================================================================================================================================================================================================
aaaaaaaaaaaaaaaa
mmmmmmPPP
ZZZdddddZ
d88BBBB
########*#***F4
333333333
{{{{{{{{
9_88::{
((((( H
h(((( H
H
HH:mm:ss
dddd, MMMM dd, yyyy
MM/dd/yy
December
November
October
September
August
February
January
Saturday
Friday
Thursday
Wednesday
Tuesday
Monday
Sunday
nKERNEL32.DLL
(null)
mscoree.dll
runtime error
TLOSS error
SING error
DOMAIN error
- Attempt to use MSIL code from this assembly during native code initialization
This indicates a bug in your application. It is most likely the result of calling an MSIL-compiled (/clr) function from a native constructor or from DllMain.
- not enough space for locale information
- Attempt to initialize the CRT more than once.
This indicates a bug in your application.
- CRT not initialized
- unable to initialize heap
- not enough space for lowio initialization
- not enough space for stdio initialization
- pure virtual function call
- not enough space for _onexit/atexit table
- unable to open console device
- unexpected heap error
- unexpected multithread lock error
- not enough space for thread data
- abort() has been called
- not enough space for environment
- not enough space for arguments
- floating point support not loaded
@Microsoft Visual C++ Runtime Library
<program name unknown>
Runtime Error!
Program:
WUSER32.DLL
CONOUT$
mimucoxikimolunocuweliwiv
fetibanecuzafup kizedihuwewiyegojosu vopic
xcakiriyivazehucu
dalofesideloraxedetexuzawi
fukomayizisuganijupeg
jjjjjj
/ P6pL
,/KPip
/-P?pR
VS_VERSION_INFO
StringFileInfo
029805B1
CompanyName
Factorial
LegalCopyrights
Challenger bizon inc.
LegalTrademarks2
odjfngizdf
ProductName
ProductVersion
14.37.47.74
VarFileInfo
Translation
WSihisapesafixu wef sucikekoju ruhunociyu wawejoweweji tib hayosozase goc fipixotitosepuMGoheteyar mihi vevajonuw pata wifujod tojece senigidamof hox cixebilidet noku
Dovoyaz fiwey bukugip dotiLYowulo rixe watewacesasotu facopatibonejem docebumuyoji kiwamuvulahul ditiraDCeravacupikem gaxofovotun nufebociguhit hipusebisiruwo fubocununahosbYarosubexer nazacewuvuz modipi rufa mineve jihut fadizicekahehij gidajuzecomulik yabapovipivu nakuUDugoguna jazipidohem fovecivesepex kazov kezojanuva pesopetakel ziteruhu vosohemizive+Pum jenidafivaxobi corebaxef xiribejubezijuiVofajas humodosuvoliwi yirinubovuwufuw jajakapujalajo rozohiro teyo juz sicisufizi sepoleza binelupelanokXicoxusuzi tejupewapoyi rutosek
(Govo vadubupaluroju weciva gubejul hesid'Royuyicitoko cano delayopemuh conimarirEDobedo fowuyorodasazex mebara xovi gunitebat buyo canozutowey panojid
Wodume kozugdFohasuzawinayud vesakayodaka yijiyene dubujo wifajotanipo benozesadofeya gorol wapimev vuzujocogahor$Gudodaposafe vabubav tifuhafekazihecLYir yic kexuket pezotuyilubisim gunukono jexalovi firuzazofix johuwudocibaca@Panabo nekohu vep mosatiy fenufux xayoyemisulo fesapicul fuvuyux
/Zecizumen fub newibibap huxibuxosevu guxinijami
KNucuhowedef nuxuwotikehi zivivujusicaju dubakuhipiwey mec yibokasorisi powo
fHixubic caxofiyu poveg vuzuwetoxuvun fobocoz nokotinig riberamekulayam femukozomeve gov derajawukedeco
'Redesabewurac zud cirufecihes fuxafoloxYFajej jipujixaxo cununaw gawomite vociyowayebo sibume jigaxukalotaf ragum welutevomi meraNFomerorepiheyo kowaso bajokisobak fahukolanunono rodanocaf bulu tidufifudofewo
4Semakiviwemimo zufi meh sime kahoxofapucab medijapam
Yipesopinasow xorud difop
Putiheyinetefom tavotobixek/Yuvumowicik jazuribosoditef davehiwepuzodav hag
`Hocubojaco sag xolavifufuz tekatisuwa yuwicum vizuwe xefagugulesijek buruzajacusa nobewimarilusaMMawusot bozulaban hiseyigic selah vunabehahifa cicirimitef nisenomuxibelu yabuReminuremicot geretegedaxu hunabakib roka roveyanimexa wicexajasowafol tuxusofo yojopuhonicaj yadeceh silovunivecuxuy
9Pofejegu fohivevom ciwudo minidafo gexizevo powejim wohov
Xecopek lege
Lolog hoyexucina lujabemexusughZunut yuyoweje waxo sucelamuluyixu zefutiyewidi kifehahezag dodudoyu teracodolit gowegasocibe befusuwoga
Antivirus Signature
Bkav W32.AIDetectMalware
Lionic Trojan.Win32.Stealerc.4!c
Elastic malicious (high confidence)
DrWeb Trojan.Packed2.45320
MicroWorld-eScan Gen:Variant.Zusy.470560
FireEye Generic.mg.aa8062b0fe51ad7d
CAT-QuickHeal Clean
ALYac Clean
Malwarebytes Trojan.MalPack.GS
VIPRE Clean
Sangfor Trojan.Win32.Save.a
K7AntiVirus Clean
BitDefender Gen:Variant.Zusy.470560
K7GW Clean
Cybereason Clean
BitDefenderTheta Clean
Cyren W32/Ransom.RQ.gen!Eldorado
Symantec ML.Attribute.HighConfidence
tehtris Clean
ESET-NOD32 a variant of Win32/Kryptik.HTQQ
APEX Malicious
Paloalto Clean
ClamAV Clean
Alibaba Clean
NANO-Antivirus Clean
ViRobot Clean
Rising Trojan.Generic@AI.100 (RDML:0kf1OCkW17PxjAMMaotVAQ)
F-Secure Clean
Baidu Clean
Zillya Clean
TrendMicro Clean
Trapmine malicious.high.ml.score
CMC Clean
Sophos Troj/Krypt-XU
Ikarus Trojan.Win32
Jiangmin Clean
Webroot W32.Trojan.Gen
Avira Clean
MAX malware (ai score=89)
Antiy-AVL Trojan/Win32.Zenpak
Gridinsoft Ransom.Win32.STOP.dg!n
Xcitium Clean
Arcabit Trojan.Zusy.D72E20
SUPERAntiSpyware Clean
ZoneAlarm HEUR:Trojan-PSW.Win32.Stealerc.gen
GData Gen:Variant.Zusy.470560
Cynet Malicious (score: 100)
AhnLab-V3 Clean
Acronis Clean
VBA32 Clean
TACHYON Clean
DeepInstinct MALICIOUS
Cylance unsafe
Panda Trj/Genetic.gen
Zoner Clean
TrendMicro-HouseCall Clean
Tencent Clean
Yandex Clean
SentinelOne Static AI - Suspicious PE
MaxSecure Clean
Fortinet W32/Kryptik.HTQQ!tr
AVG Win32:CrypterX-gen [Trj]
Avast Win32:CrypterX-gen [Trj]
CrowdStrike win/malicious_confidence_100% (W)
No IRMA results available.