Static | ZeroBOX

PE Compile Time

2023-06-08 01:30:14

PE Imphash

3c7dab889b9ad02600da9a2c14f57c3e

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x0001aac0 0x0001b000 6.62579918447
.data 0x0001c000 0x00001408 0x00001000 0.0
.rsrc 0x0001e000 0x000008c4 0x00001000 1.87597577266

Resources

Name Offset Size Language Sub-language File type
RT_ICON 0x0001e384 0x00000128 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x0001e384 0x00000128 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x0001e384 0x00000128 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_GROUP_ICON 0x0001e354 0x00000030 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_VERSION 0x0001e150 0x00000204 LANG_ENGLISH SUBLANG_ENGLISH_US data

Imports

Library MSVBVM60.DLL:
0x401000 _CIcos
0x401004 _adj_fptan
0x401008 __vbaStrI4
0x40100c __vbaAryMove
0x401010 __vbaFreeVar
0x401014 __vbaLenBstr
0x401018 __vbaStrVarMove
0x40101c __vbaEnd
0x401020 __vbaFreeVarList
0x401024 _adj_fdiv_m64
0x401028 __vbaFreeObjList
0x40102c None
0x401030 _adj_fprem1
0x401034 __vbaStrCat
0x401038 __vbaSetSystemError
0x401040 _adj_fdiv_m32
0x401044 None
0x401048 __vbaAryVar
0x40104c __vbaVarTstLe
0x401050 __vbaAryDestruct
0x401054 __vbaOnError
0x401058 __vbaObjSet
0x40105c _adj_fdiv_m16i
0x401060 _adj_fdivr_m16i
0x401064 _CIsin
0x401068 None
0x40106c __vbaChkstk
0x401070 __vbaFileClose
0x401074 EVENT_SINK_AddRef
0x40107c __vbaGet3
0x401080 __vbaStrCmp
0x401084 __vbaAryConstruct2
0x401088 __vbaI2I4
0x40108c DllFunctionCall
0x401090 _adj_fpatan
0x401094 EVENT_SINK_Release
0x401098 __vbaUI1I2
0x40109c _CIsqrt
0x4010a0 __vbaVarAnd
0x4010a8 __vbaExceptHandler
0x4010ac None
0x4010b0 __vbaStrToUnicode
0x4010b4 _adj_fprem
0x4010b8 _adj_fdivr_m64
0x4010bc None
0x4010c0 __vbaFPException
0x4010c4 None
0x4010c8 __vbaStrVarVal
0x4010cc __vbaUbound
0x4010d0 __vbaVarCat
0x4010d4 None
0x4010d8 None
0x4010dc _CIlog
0x4010e0 __vbaErrorOverflow
0x4010e4 __vbaFileOpen
0x4010e8 __vbaNew2
0x4010ec __vbaVar2Vec
0x4010f0 __vbaInStr
0x4010f4 __vbaCyMulI2
0x4010f8 _adj_fdiv_m32i
0x4010fc _adj_fdivr_m32i
0x401100 __vbaStrCopy
0x401104 None
0x401108 __vbaFreeStrList
0x40110c _adj_fdivr_m32
0x401110 _adj_fdiv_r
0x401114 None
0x401118 __vbaVarCmpEq
0x40111c __vbaAryLock
0x401120 __vbaVarAdd
0x401124 __vbaVarDup
0x401128 __vbaStrToAnsi
0x40112c __vbaVarCopy
0x401130 None
0x401134 _CIatan
0x401138 __vbaUI1Str
0x40113c __vbaAryCopy
0x401140 None
0x401144 __vbaStrMove
0x401148 __vbaI4Cy
0x40114c __vbaStrVarCopy
0x401150 _allmul
0x401154 _CItan
0x401158 __vbaAryUnlock
0x40115c _CIexp
0x401160 __vbaFreeStr
0x401164 __vbaFreeObj

!This program cannot be run in DOS mode.
`.data
MSVBVM60.DLL
Project1
MDIForm1
MDIForm1
Created with GIMP
ICC_PROFILE
mntrRGB XYZ
.acspMSFT
&>M>=;
Hd"(j/V
BojXtKN
s#Zt*~
!0"134#%2&
3fI#tN
uDW:+]
Ampoz1
^K^Gx
lsc~9y5
Vcl`\B
2`fq%
"05Saq
6qT|%
NvqXm_v
<@S$-@
$nWq0J,
U8cIR<
Z$]8e:)f0
3nW+Z/k
7io(*Sx
[Kb`=kP
;e{9%3
Ks)a,>
024Qp
..l_Um
{9;*An
$F7)bt/1
UK"tYf
+!fg-
dzh.8+U
76T;,mE
dc`z6Y
kj>Z-q
;tuc[LpT
^s;K\Zq
-S5xl[
#4BRpr
]rXxy`
U8vL<+l
6d.lEr
*L;g\x
G}`.j>
{;4<~V
)>Dg]*4r
4[W:`*HO
xy\<o}
SHe{E=
Qkc},>
G"_kQNm
/X*g'l}
mD(6mz
5aDeE@
z?<]Lc
9E0a.e
i$j?<~
'CoJh8dfw~?
@-^I W
I1,BK_
!1AQaq
y0=plC
+D,Dw2Dn
f5*lQo&
7c5%5F
S4(fmU4*H
1tFj8v
tM&~R/8G
B<<;DT)
Ktbve*a
!1AQaq
:9;3X4
4d~</E
^Bl%4N
j\=%9&
U0T`,
FFFFFFFFF}
^^^^^_
sF^^^^^s
$ =aH>)
Fa9/S
zG4ddzFG
)/J|y
H|.CZqB
LXZ&|;
'dABrl
nrDZ:M
PC%8Rf-L3
v"L`qT
rQ2l>bq
"qHZpl
K:zgn}
ed:/Lg
EUm^}\
DeR%Vv
FnvVN\
a!2!jLr
MDIForm1
Project1
Project1
MDIForm1
Project1
Label3
C:\Program Files (x86)\Microsoft Visual Studio\VB98\VB6.OLB
Command1
Label4
Label5
Label6
Label1
Label2
winspool.drv
EnumPortsA
kernel32
lstrlenW
RtlMoveMemory
HeapAlloc
GetProcessHeap
HeapFree
CutString
LPSTRtoSTRING
getports
VBA6.DLL
__vbaStrI4
__vbaFreeObj
__vbaObjSet
__vbaAryDestruct
__vbaGenerateBoundsError
__vbaStrToUnicode
__vbaStrToAnsi
__vbaAryConstruct2
__vbaFreeStrList
__vbaHresultCheckObj
__vbaFreeVarList
__vbaSetSystemError
__vbaStrMove
__vbaErrorOverflow
__vbaFreeStr
__vbaStrCopy
__vbaFreeVar
__vbaStrVarMove
__vbaInStr
__vbaI2I4
__vbaStrVarCopy
__vbaVar2Vec
__vbaAryMove
__vbaLenBstr
__vbaUbound
__vbaStrCmp
__vbaUI1I2
__vbaVarCmpEq
__vbaVarAnd
__vbaVarAdd
__vbaVarTstLe
__vbaOnError
user32
CallWindowProcA
GetFileSizeEx
CreateFileW
CloseHandle
__vbaVarCopy
__vbaFreeObjList
__vbaVarCat
__vbaNew2
__vbaFileClose
__vbaGet3
__vbaI4Cy
__vbaFileOpen
__vbaAryUnlock
__vbaAryLock
__vbaAryVar
__vbaAryCopy
__vbaVarDup
__vbaStrVarVal
__vbaUI1Str
__vbaStrCat
__vbaCyMulI2
MDIForm
__vbaEnd
Command1
Get Ports
Fixedsys)
Label6
Reserved
MS Serif
Label5
Moniter Name
MS Serif
Label4
Port Type
MS Serif
Label3
Description
MS Serif
Label2
Port Name
MS Serif
Label1
Enum Ports
strName
lngPointer
ServerName
jPh$^A
jPh$^A
jXh$^A
MSVBVM60.DLL
_CIcos
_adj_fptan
__vbaStrI4
__vbaAryMove
__vbaFreeVar
__vbaLenBstr
__vbaStrVarMove
__vbaEnd
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryVar
__vbaVarTstLe
__vbaAryDestruct
__vbaOnError
__vbaObjSet
_adj_fdiv_m16i
_adj_fdivr_m16i
_CIsin
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
__vbaGenerateBoundsError
__vbaGet3
__vbaStrCmp
__vbaAryConstruct2
__vbaI2I4
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
__vbaUI1I2
_CIsqrt
__vbaVarAnd
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
__vbaFPException
__vbaStrVarVal
__vbaUbound
__vbaVarCat
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaNew2
__vbaVar2Vec
__vbaInStr
__vbaCyMulI2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
__vbaVarCmpEq
__vbaAryLock
__vbaVarAdd
__vbaVarDup
__vbaStrToAnsi
__vbaVarCopy
_CIatan
__vbaUI1Str
__vbaAryCopy
__vbaStrMove
__vbaI4Cy
__vbaStrVarCopy
_allmul
_CItan
__vbaAryUnlock
_CIexp
__vbaFreeStr
__vbaFreeObj
fiatpunto
Q"[wQs
|sM\84
JN!?#}
~}Ebg
\9R@cUm
fb@;8
.%<#(VMZwt
]x#0!`
!2eMwA
mM#aFy
55e%fSk
/T_WA;
oH8Ua
$DN"yoy
V|qo8R
(0Lp*8
i4\M9-fJ6(
kbp)G4;
k:iB~w
z\NTo\
"/NsAe
Mi`*U
SjS63Y
1)_5B'
TP5w<Y@m
J,:Jgh
e+^smG
&C_Gl-
7@m%Cr
fA:S.:
5}(^L
"yF'`,
z1:0N2
pg3y'H
.8EJ$<
9~![!.
s"YEUB
)D6PqZ&tI
u9Ng:y
bHI\zO
>j S/D
JiY]&
Y$Z;2x
u,wBX7
1Xw)+3
ejt8/(
qw7CV>
}iBDh(
z&gC8SG
z`C-~Ta
B(Kqsg
`f_Y)&
czw{/0v-
id|)11
+ii0c>QhO~K
bD1Cr5V
(u,6x4
~VFFLi
@rc#8&
%.8!<$
634/PO
bbCBiF
v0f\w!
6=`%'v
' Kr9b:
w T%V[ZE?
4;w.w4
W9.g8W
ZP)dA<
K4BW1q
]y8N3(
1{=-a6
h?FHwq)c
:25EKf9
:E -a/
%fiatpuntofiatpuntoFileNamefiatpuntoRegKey
GIMP built-in sRG
Public Domain
A*\AC:\Users\ivan_\Downloads\pyrokid4u2-enum-ports-lpt-com-etc__1-43685-master\pyrokid4u2-enum-ports-lpt-com-etc__1-43685-master\enum ports\Project1.vbp
C:\Program Files\Avast Software\Avast\snxhk.dll
C:\Program Files\AVG\Antivirus\snxhk.dll
fiatpunto
shkoda
C:\Program Files (x86)\Windows Media Player\wmpshare.exe
WinDir
\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
-arguments
558BEC8B4D088BC180390074064080380075FA2BC15DC20400558BEC56578B7D0833F657E8D7FFFFFF8BC885C974200FBE07C1E60403F08BC625000000F0740BC1E81833F081E6FFFFFF0F474975E05F8BC65E5DC20400558BEC51515356578B7D0833F68B473C8B44387803C78B50208B581C03D78B482403DF8B401803CF8955FC894DF889450885C074198B04B203C750E882FFFFFF3B450C74148B55FC463B750872E733C05F5E5B8BE55DC208008B45F80FB704708B048303C7EBE9558BEC8B4D0833D28BC1663911740883C00266391075F82BC183E0FE5DC20400558BEC5356578B7D0885FF74578B5D0C85DB745057E8C6FFFFFF538BF0E8BEFFFFFF3BF0753E2BDFC74508610000000FB70F8BD1
0FB7343B8BC6663B4D08720681C2E0FF0000663B7508720505E0FF0000663BD0750E6685C9740583C702EBCF33C0EB0333C0405F5E5B5DC20800558BEC64A13000000056578B400C8B780C8BF7FF7508FF7630E874FFFFFF85C0740A8B363BF775EB33C0EB038B46185F5E5DC20400558BEC81EC24040000837D08005356570F84DC050000837D10000F84D20500006A6B586A65596A7266894588586A6E5E6A6C5F6A336689458C586A3266894594586A2E5A6A646689459633C066894D8A66894D9059668945A06A7458668945A633C0668945B68D45A4506689758E66897D926689559866894D9A66897D9C66897D9E668975A466894DA866897DAA66897DAC668955AE66894DB066897DB266897DB4E8
24FFFFFF8BF88D458850E819FFFFFF8BD8C78528FFFFFF793A3C078D45C4C7852CFFFFFF794A8A0B8985ECFEFFFF8D45D88985F0FEFFFF8D45B88985F4FEFFFF8D45848985F8FEFFFF8D45DC8985FCFEFFFF8D8574FFFFFF898500FFFFFF8D45D0C78530FFFFFFEE38830CC78534FFFFFF5764E101C78538FFFFFF18E4CA08C7853CFFFFFFE3CAD803C78540FFFFFF99B04806C78544FFFFFF93BA9403C78548FFFFFFE4C7B904C7854CFFFFFFE487B804C78550FFFFFFA92DD701C78554FFFFFF05D13D0BC78558FFFFFF4427230FC7855CFFFFFFE86F180DC78560FFFFFFB57DAE09898504FFFFFF8D8570FFFFFF898508FFFFFF8D458089850CFFFFFF8D8578FFFFFF898510FFFFFF8D857CFFFFFF8985
14FFFFFF8D45C0898518FFFFFF8D856CFFFFFF89851CFFFFFF8D45BC898520FFFFFF8D45E0898524FFFFFF33C08BF0FFB4B528FFFFFF83FE028BC70F4FC350E8DDFCFFFF8B8CB5ECFEFFFF890185C00F84E80300004683FE0F7CD433C040898564FFFFFF8D45E46A1050FF55D86A448D85A8FEFFFF50FF55D868CC0200008D85DCFBFFFFC785A8FEFFFF4400000050FF55D88B4D1033D2C785DCFBFFFF070001008BFA8B713C03F10FB746148955FC8955CC8945C83996A000000074163996A4000000740EF6461601750833DB43895DF8EB058BDA8955F833C08955D46639110F94C03D4D5A00000F844F03000033C039160F94C03D504500000F843D03000033C0663956040F94C03D4C0100000F842903
00008D45E4508D85A8FEFFFF5052526A04525252FF750CFF7508FF558485C00F84C50200008D85DCFBFFFF50FF75E8FF558085C00F84B002000033C0506A048D45CC508B8580FCFFFF83C00850FF75E4FF957CFFFFFF85C00F848C0200008B45CC3B4634750F50FF75E4FF55B885C00F85750200006A406800300000FF765033C050FF9574FFFFFF8BF885FF0F84580200006A406800300000FF7650FF7634FF75E4FF55DC8945FC85C0754185DB7518FF7634FF75E4FF55B86A406800300000FF7650FF7634EB146A406800300000FF765033C0C745D40100000050FF75E4FF55DC8945FC85C00F84FD010000FF7654FF751057FF55C433C933C0894DF4663B4606732E8B5DC883C32C03DEFF73FC8B0303
4510508B43F803C750FF55C48B4DF48D5B280FB7460641894DF43BC87CDC33C98B5F3C8B45FC03DF837DD4008943340F8481000000837DF800747B8B93A000000003D7894DF8398BA400000076688B420483E808894DF4A9FEFFFFFF76410FB74C4A086685C974248B463481E1FF0F0000030A2904398B45F40FB74C42088B433481E1FF0F0000030A0104398B42048B4DF483E80841D1E8894DF43BC872BF8B4DF8034A040352043B8BA40000006A00894DF859729833DB53FF765057FF75FCFF75E4FF55D085C00F840C0100008D8568FFFFFF506A02FF7654FF75FCFF75E4FF55BC85C00F84EF00000033C0895DF8663B4606736F8B5DC883C33C03DE8B03A900000020741985C079046A40EB17250000
0040F7D81BC083E01083C010EB1585C079056A0458EB0CA9000000406A00580F95C0408D8D68FFFFFF5150FF73E48B43E80345FC50FF75E4FF55BC85C074128B4DF883C3280FB7460641894DF83BC8729B33DB68008000005357FF55C085C07467536A048D45FC508B8580FCFFFF83C00850FF75E4FF55D085C0744C8B46280345FC89858CFCFFFF8D85DCFBFFFF50FF75E8FF9578FFFFFF85C0742CFF75E8FF956CFFFFFF85C0741F837DE4007406FF75E4FF55E0837DE8007406FF75E8FF55E08B45ECEB4333DB837DE400741053FF75E4FF9570FFFFFFFF75E4FF55E0837DE8007406FF75E8FF55E085FF740A68008000005357FF55C08B8564FFFFFF83F8050F8620FCFFFF33C05F5E5B8BE55DC20C00
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
040904B0
CompanyName
unemployed
ProductName
Project1
FileVersion
ProductVersion
InternalName
OriginalFilename
C1.exe
Antivirus Signature
Bkav W32.AIDetectMalware
Lionic Clean
tehtris Generic.Malware
MicroWorld-eScan Gen:Variant.Lazy.350119
ClamAV Clean
CMC Clean
CAT-QuickHeal Clean
McAfee Clean
Malwarebytes Malware.AI.3281245526
VIPRE Gen:Variant.Lazy.350119
Sangfor Clean
K7AntiVirus Clean
BitDefender Gen:Variant.Lazy.350119
K7GW Clean
CrowdStrike win/malicious_confidence_100% (W)
Baidu Clean
VirIT Clean
Cyren W32/VB.AAB.gen!Eldorado
Symantec ML.Attribute.HighConfidence
Elastic malicious (high confidence)
ESET-NOD32 a variant of Win32/Injector.ETAN
APEX Malicious
Paloalto Clean
Cynet Malicious (score: 99)
Kaspersky VHO:Trojan.Win32.Convagent.gen
Alibaba Clean
NANO-Antivirus Clean
ViRobot Clean
Rising Trojan.Injector!8.C4 (TFE:5:laA8U8WSKKO)
TACHYON Clean
Sophos Mal/Trickbot-E
F-Secure Trojan.TR/Dropper.Gen
DrWeb Trojan.Inject4.58267
Zillya Clean
TrendMicro Clean
McAfee-GW-Edition Clean
Trapmine malicious.moderate.ml.score
FireEye Generic.mg.8dfcd4af0d57b297
Emsisoft Gen:Variant.Lazy.350119 (B)
Ikarus Clean
GData Gen:Variant.Lazy.350119
Jiangmin Clean
Webroot Clean
Avira TR/Dropper.Gen
Antiy-AVL Clean
Gridinsoft Clean
Xcitium Clean
Arcabit Trojan.Lazy.D557A7
SUPERAntiSpyware Clean
ZoneAlarm VHO:Trojan.Win32.Convagent.gen
Microsoft Trojan:Win32/Wacatac.B!ml
Google Detected
AhnLab-V3 Clean
Acronis suspicious
VBA32 Clean
ALYac Gen:Variant.Lazy.350119
MAX malware (ai score=80)
DeepInstinct MALICIOUS
Cylance unsafe
Panda Clean
Zoner Clean
TrendMicro-HouseCall Clean
Tencent Clean
Yandex Clean
SentinelOne Static AI - Malicious PE
MaxSecure Trojan.Malware.300983.susgen
Fortinet W32/Injector.DBRX!tr
BitDefenderTheta Gen:NN.ZevbaF.36250.km3@a8t8ppci
AVG Clean
Cybereason malicious.585ead
Avast Clean
No IRMA results available.