popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2023-06-06 22:13:21

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x000040d8 0x00004200 5.94445243256
.rsrc 0x00008000 0x0000091c 0x00000a00 4.33217809504

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x000083f4 0x0000033c LANG_ENGLISH SUBLANG_ENGLISH_US data
RT_VERSION 0x000083f4 0x0000033c LANG_ENGLISH SUBLANG_ENGLISH_US data
RT_MANIFEST 0x00008730 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

!This program cannot be run in DOS mode.
`.rsrc
d2s%
v4.0.30319
#Strings
<.cctor>b__1_0
<.cctor>b__4_0
<>o__0
<>p__0
<.cctor>b__4_1
<>p__1
IEnumerable`1
CallSite`1
ICollection`1
IEnumerator`1
List`1
ToInt32
<>p__2
Func`2
Dictionary`2
<>p__3
Func`3
Action`3
<>p__4
get_UTF8
<Module>
System.Web
mscorlib
System.Collections.Generic
Microsoft.VisualBasic
VirtualAlloc
Synchronized
GetUpperBound
windowService
get_Instance
defaultInstance
set_Mode
set_AutoScaleMode
PaddingMode
CipherMode
HtmlDecode
get_DarkOrange
Invoke
Enumerable
IDisposable
RuntimeTypeHandle
GetTypeFromHandle
set_Name
CommandLine
get_NewLine
Combine
set_Multiline
ChangeType
ExpressionType
System.Core
get_Culture
set_Culture
resourceCulture
get_InvariantCulture
get_CurrentCulture
Capture
ButtonBase
ApplicationSettingsBase
TextBoxBase
objectToVisualise
Dispose
X509Certificate
Create
Delegate
DebuggerBrowsableState
EditorBrowsableState
CallSite
DynamicAttribute
STAThreadAttribute
CompilerGeneratedAttribute
GeneratedCodeAttribute
DebuggerNonUserCodeAttribute
DebuggerBrowsableAttribute
EditorBrowsableAttribute
ExtensionAttribute
DebuggerVisualizerAttribute
ToByte
get_Value
TryGetValue
set_Size
set_ClientSize
ISupportInitialize
set_Padding
NewLateBinding
Encoding
FromBase64String
DownloadString
ToString
GetString
disposing
System.Drawing
CommonDialog
ColorDialog
ShowDialog
RemoteCertificateValidationCallback
get_ServerCertificateValidationCallback
set_ServerCertificateValidationCallback
add_Click
TransformFinalBlock
System.ComponentModel
LateCall
kernel32.dll
ContainerControl
get_Item
System
SymmetricAlgorithm
Random
ICryptoTransform
resourceMan
Boolean
X509Chain
Application
set_Location
UnaryOperation
System.Configuration
System.Globalization
System.Reflection
ControlCollection
GroupCollection
KeyCollection
op_Addition
ArgumentException
WEX.TestExecution
Button
CultureInfo
CSharpArgumentInfo
set_TabStop
Microsoft.CSharp
System.Linq
InvokeMember
GetMember
IFormatProvider
objectProvider
sender
Microsoft.CSharp.RuntimeBinder
CallSiteBinder
get_ResourceManager
ServicePointManager
Debugger
EventHandler
System.CodeDom.Compiler
IContainer
ToPointer
set_Anchor
get_Color
get_BackColor
set_BackColor
set_UseVisualStyleBackColor
IEnumerator
GetEnumerator
.cctor
CreateDecryptor
IntPtr
get_Colour
set_Colour
System.Diagnostics
Microsoft.VisualBasic.CompilerServices
System.Runtime.CompilerServices
System.Resources
VisualiserDemo.Properties.Resources.resources
VisualiserDemo.
.resources
VisualiserDemo.
.resources
EnableVisualStyles
AnchorStyles
System.Security.Cryptography.X509Certificates
CSharpArgumentInfoFlags
CSharpBinderFlags
Settings
_namedArgs
_unnamedArgs
EventArgs
get_Controls
System.Windows.Forms
Contains
set_AutoScaleDimensions
System.Linq.Expressions
System.Text.RegularExpressions
System.Collections
get_Groups
SslPolicyErrors
sslPolicyErrors
get_Success
GetProcAddress
NamedArguments
UnnamedArguments
get_Keys
Concat
Object
Select
VirtualProtect
LateGet
System.Net
Target
EndInit
BeginInit
get_Default
SetCompatibleTextRenderingDefault
DialogResult
WebClient
Environment
get_Current
Convert
TE.ManagedHost
SuspendLayout
ResumeLayout
PerformLayout
MoveNext
System.Text
get_Text
set_Text
set_TabIndex
PictureBox
TextBox
ToArray
get_IntArray
set_IntArray
set_Key
System.Security.Cryptography
get_Assembly
LoadLibrary
op_Equality
HttpUtility
System.Net.Security
#VisualiserDemo.DemoObjectVisualiser
Description
Jonesy's amazing visualiser
3System.Resources.Tools.StronglyTypedResourceBuilder
17.0.0.0
KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator
17.5.0.0
7System.Security.Permissions.SecurityPermissionAttribute
SkipVerification
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>PAPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADD
arrayContents
colourBox
saveButton
GetObject
ShowDialog
IsObjectReplaceable
ReplaceObject
5iLpjEX6qq8dkFFcbbdS2MTUOXSrKMk/DFrDMoiv+/o=
doStuffButton
Do Stuff
gbVEloX3kL40gsn1iJ2dHK8rG8SGkjQmlZzuoYVLLlY=
7rBynSvEvzXVhcU1y14lnA==
b8NPVvhrgYUk6enCbRiE3Q==
6VNu7vGb1L751CHS5ZrvLg==
05axjHywKHJYRXqWJ5VngQ==
X4pkIslacS9O52apl37oKQ==
csLgXBUVVw82To3qxOSeTw==
EuT/e90bmGhMILj/FHjrpA==
o2vjyq4Ing0DPdQHWvT1XQ==
Oyoxoqapok ibazehu ut atenahul itidi.
Esutokatib ipubo ojil ozohesidu axowif ubocifi ovaxud idowohono esizi.
VisualiserDemo.Properties.Resources
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
CompanyName
FileDescription
Imiyexiho equwar asoy etafik edexih okit.
FileVersion
7.8.2.9
InternalName
edexagaja
LegalCopyright
2023 obusu.
OriginalFilename
osapuluq
ProductName
ProductVersion
7.8.2.9
Comments
Useperer ipalu eleroyujek inunuwequ omumosubo.
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
040904b0
CompanyName
FileDescription
Imiyexiho equwar asoy etafik edexih okit.
FileVersion
7.8.2.9
InternalName
edexagaja
LegalCopyright
2023 obusu.
OriginalFilename
osapuluq
ProductName
ProductVersion
7.8.2.9
Comments
Useperer ipalu eleroyujek inunuwequ omumosubo.
Antivirus Signature
Bkav Clean
Lionic Clean
Elastic malicious (high confidence)
DrWeb Clean
MicroWorld-eScan Clean
FireEye Clean
CAT-QuickHeal Clean
ALYac Clean
Malwarebytes Clean
VIPRE Clean
Sangfor Suspicious.Win32.Save.a
K7AntiVirus Clean
BitDefender Clean
K7GW Clean
Cybereason Clean
BitDefenderTheta Clean
VirIT Clean
Cyren Clean
Symantec ML.Attribute.HighConfidence
tehtris Clean
ESET-NOD32 Clean
APEX Clean
Paloalto Clean
ClamAV Clean
Kaspersky UDS:DangerousObject.Multi.Generic
Alibaba Clean
NANO-Antivirus Clean
ViRobot Clean
Rising Malware.Obfus/MSIL@AI.80 (RDM.MSIL2:DzCtPpfPkZWczWGHelMIOA)
Sophos Mal/Generic-S
F-Secure Clean
Baidu Clean
Zillya Clean
TrendMicro Clean
McAfee-GW-Edition Artemis!Trojan
Trapmine Clean
CMC Clean
Emsisoft Clean
Ikarus Clean
GData Clean
Jiangmin Clean
Webroot W32.Trojan.Gen
Google Clean
Avira Clean
MAX Clean
Antiy-AVL Clean
Gridinsoft Clean
Xcitium Clean
Arcabit Clean
SUPERAntiSpyware Clean
ZoneAlarm UDS:DangerousObject.Multi.Generic
Microsoft Trojan:Win32/Sabsik.FL.B!ml
Cynet Clean
AhnLab-V3 Malware/Win.Generic.C5433912
Acronis suspicious
McAfee Artemis!D39050A4B6EF
TACHYON Clean
DeepInstinct MALICIOUS
VBA32 Clean
Cylance Clean
Panda Clean
Zoner Clean
TrendMicro-HouseCall TROJ_GEN.F0D1C00F623
Tencent Clean
Yandex Clean
SentinelOne Static AI - Suspicious PE
MaxSecure Clean
Fortinet W32/Malicious_Behavior.SBX
AVG PWSX-gen [Trj]
Avast PWSX-gen [Trj]
CrowdStrike win/malicious_confidence_100% (W)
No IRMA results available.