popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2023-06-11 15:18:29

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x00001664 0x00001800 5.08938566097
.rsrc 0x00004000 0x00000556 0x00000600 3.90349187596
.reloc 0x00006000 0x0000000c 0x00000200 0.0815394123432

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x00004090 0x000002cc LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_MANIFEST 0x0000436c 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x403654 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
v4.0.30319
#Strings
components
button1
button2
checkBox1
checkBox2
checkedListBox1
checkedListBox2
comboBox1
label1
label2
Dispose
InitializeComponent
Ghioewr
DataFo
Hsyjelq
GetDomain
op_Inequality
GetType
SuspendLayout
set_Location
set_Name
set_Size
set_TabIndex
set_Text
set_UseVisualStyleBackColor
set_AutoSize
set_FormattingEnabled
set_AutoScaleDimensions
set_AutoScaleMode
set_ClientSize
get_Controls
ResumeLayout
PerformLayout
get_DeclaringType
InvokeMember
GetMethods
set_SecurityProtocol
Create
GetResponse
GetResponseStream
CopyTo
ToArray
Nsojp.exe
disposing
<Module>
WindowsFormsApp37
Ehjioger
Gjwfcv
System.Windows.Forms
IContainer
System.ComponentModel
Button
CheckBox
CheckedListBox
ComboBox
AppDomain
System
Thread
System.Threading
Assembly
System.Reflection
IDisposable
Control
System.Drawing
ButtonBase
ListControl
ContainerControl
ControlCollection
MethodInfo
MemberInfo
Application
Object
ServicePointManager
System.Net
WebRequest
HttpWebRequest
WebResponse
MemoryStream
System.IO
Stream
CompilationRelaxationsAttribute
System.Runtime.CompilerServices
RuntimeCompatibilityAttribute
DebuggableAttribute
System.Diagnostics
AssemblyTitleAttribute
AssemblyDescriptionAttribute
AssemblyConfigurationAttribute
AssemblyCompanyAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyTrademarkAttribute
GuidAttribute
System.Runtime.InteropServices
AssemblyFileVersionAttribute
TargetFrameworkAttribute
System.Runtime.Versioning
ComVisibleAttribute
STAThreadAttribute
AutoScaleMode
BindingFlags
Binder
SecurityProtocolType
DebuggingModes
mscorlib
WrapNonExceptionThrows
$f2940dfe-c6f5-4372-b7a3-0f97d1bb7158
1.0.0.0
.NETFramework,Version=v4.0
FrameworkDisplayName
.NET Framework 4
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
Idshpwphdgk.Oqvakszyratwsrsqaz
button1
button2
checkBox1
checkBox2
checkedListBox1
checkedListBox2
comboBox1
label1
label2
Jlbmyhxixwayerdc
http://purecry.ydns.eu/pure/Ximhh.dat
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
FileVersion
1.0.0.0
InternalName
Nsojp.exe
LegalCopyright
LegalTrademarks
OriginalFilename
Nsojp.exe
ProductName
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0
Antivirus Signature
Bkav Clean
Lionic Clean
Elastic malicious (high confidence)
DrWeb Clean
MicroWorld-eScan Clean
ClamAV Clean
FireEye Clean
CAT-QuickHeal Clean
McAfee Artemis!479EF7815726
Cylance Clean
VIPRE Clean
Sangfor Trojan.Win32.Agent.V6jx
CrowdStrike win/malicious_confidence_90% (W)
BitDefender Clean
K7GW Clean
K7AntiVirus Clean
BitDefenderTheta Clean
VirIT Trojan.Win64.MSIL_Heur.A
Cyren Clean
Symantec ML.Attribute.HighConfidence
tehtris Clean
ESET-NOD32 Clean
APEX Clean
Paloalto Clean
Cynet Malicious (score: 100)
Kaspersky UDS:DangerousObject.Multi.Generic
Alibaba Clean
NANO-Antivirus Clean
SUPERAntiSpyware Clean
Rising Malware.Obfus/MSIL@AI.98 (RDM.MSIL2:L3DGxWB/Vi1SiaZniyxsVg)
Sophos Clean
F-Secure Heuristic.HEUR/AGEN.1308497
Baidu Clean
Zillya Clean
TrendMicro Clean
McAfee-GW-Edition BehavesLike.Win64.Infected.xt
Trapmine Clean
CMC Clean
Emsisoft Clean
SentinelOne Static AI - Malicious PE
GData Clean
Jiangmin Clean
Webroot Clean
Avira HEUR/AGEN.1308497
MAX Clean
Antiy-AVL Clean
Gridinsoft Clean
Xcitium Clean
Arcabit Clean
ViRobot Clean
ZoneAlarm UDS:DangerousObject.Multi.Generic
Microsoft Trojan:Win32/Wacatac.B!ml
Google Detected
AhnLab-V3 Clean
Acronis Clean
ALYac Clean
TACHYON Clean
DeepInstinct MALICIOUS
VBA32 Clean
Malwarebytes Clean
Panda Clean
Zoner Clean
TrendMicro-HouseCall Clean
Tencent Clean
Yandex Clean
Ikarus Trojan-Downloader.MSIL.Agent
MaxSecure Trojan.Malware.300983.susgen
Fortinet MSIL/Agent.OIB!tr
AVG RATX-gen [Trj]
Avast RATX-gen [Trj]
No IRMA results available.