popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2023-06-02 21:32:08

PE Imphash

f759007e07f7aedda3ac166cfe9bb272

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x00001b80 0x00002000 5.02922074958
.data 0x00003000 0x00000334 0x00001000 0.0
.rsrc 0x00004000 0x000008d8 0x00001000 1.90780055329

Resources

Name Offset Size Language Sub-language File type
RT_ICON 0x00004398 0x00000128 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x00004398 0x00000128 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x00004398 0x00000128 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_GROUP_ICON 0x00004368 0x00000030 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_VERSION 0x00004150 0x00000218 LANG_ENGLISH SUBLANG_ENGLISH_US data

Imports

Library MSVBVM60.DLL:
0x401000 _CIcos
0x401004 _adj_fptan
0x401008 __vbaAryMove
0x40100c __vbaFreeVar
0x401010 __vbaLenBstr
0x401014 __vbaStrVarMove
0x401018 __vbaFreeVarList
0x40101c __vbaPut3
0x401020 _adj_fdiv_m64
0x401024 _adj_fprem1
0x401028 __vbaStrCat
0x401030 _adj_fdiv_m32
0x401034 __vbaAryDestruct
0x401038 __vbaOnError
0x40103c _adj_fdiv_m16i
0x401040 _adj_fdivr_m16i
0x401044 _CIsin
0x401048 __vbaChkstk
0x40104c None
0x401050 __vbaFileClose
0x401058 __vbaGet3
0x40105c __vbaAryConstruct2
0x401060 __vbaI2I4
0x401064 None
0x401068 _adj_fpatan
0x40106c __vbaUI1I2
0x401070 _CIsqrt
0x401074 __vbaExceptHandler
0x401078 _adj_fprem
0x40107c _adj_fdivr_m64
0x401080 __vbaFPException
0x401084 None
0x401088 _CIlog
0x40108c __vbaErrorOverflow
0x401090 __vbaFileOpen
0x401094 __vbaVar2Vec
0x401098 __vbaNew2
0x40109c None
0x4010a0 _adj_fdiv_m32i
0x4010a4 _adj_fdivr_m32i
0x4010a8 __vbaStrCopy
0x4010ac __vbaFreeStrList
0x4010b0 _adj_fdivr_m32
0x4010b4 _adj_fdiv_r
0x4010b8 None
0x4010bc None
0x4010c0 _CIatan
0x4010c4 __vbaStrMove
0x4010c8 _allmul
0x4010cc _CItan
0x4010d0 _CIexp
0x4010d4 __vbaFreeObj
0x4010d8 __vbaFreeStr
!This program cannot be run in DOS mode.
`.data
MSVBVM60.DLL
Project1
maikati
CrypterEngine
Project1
Module1
Module2
Project1
VBA6.DLL
__vbaFreeStr
__vbaPut3
__vbaFileClose
__vbaGet3
__vbaFreeObj
__vbaFreeStrList
__vbaHresultCheckObj
__vbaNew2
__vbaStrCat
__vbaFileOpen
__vbaFreeVar
__vbaStrVarMove
__vbaStrMove
__vbaErrorOverflow
__vbaAryDestruct
__vbaUI1I2
__vbaI2I4
__vbaGenerateBoundsError
__vbaFreeVarList
__vbaVar2Vec
__vbaAryMove
__vbaLenBstr
__vbaOnError
__vbaAryConstruct2
__vbaStrCopy
MSVBVM60.DLL
_CIcos
_adj_fptan
__vbaAryMove
__vbaFreeVar
__vbaLenBstr
__vbaStrVarMove
__vbaFreeVarList
__vbaPut3
_adj_fdiv_m64
_adj_fprem1
__vbaStrCat
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryDestruct
__vbaOnError
_adj_fdiv_m16i
_adj_fdivr_m16i
_CIsin
__vbaChkstk
__vbaFileClose
__vbaGenerateBoundsError
__vbaGet3
__vbaAryConstruct2
__vbaI2I4
_adj_fpatan
__vbaUI1I2
_CIsqrt
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaVar2Vec
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr
@*\AD:\JanaProtectorV4\rc4 encryptera\rc4 encryptera\CrypterEngine.vbp
\rc4ready.exe
SmotanWD
\encry.exe
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
040904B0
CompanyName
Microsoft
ProductName
CrypterEngine
FileVersion
ProductVersion
InternalName
maikati
OriginalFilename
maikati.exe
Antivirus Signature
Bkav W32.AIDetectMalware
Lionic Clean
Elastic malicious (high confidence)
MicroWorld-eScan Gen:Trojan.Heur.bm0@c1IkV8ni
CMC Clean
CAT-QuickHeal Clean
McAfee GenericRXAA-AA!DA9FF05785B6
Malwarebytes Clean
VIPRE Gen:Trojan.Heur.bm0@c1IkV8ni
Sangfor Clean
K7AntiVirus Clean
BitDefender Gen:Trojan.Heur.bm0@c1IkV8ni
K7GW Clean
Cybereason malicious.785b6d
Baidu Clean
VirIT Clean
Cyren W32/VBCrypt.A!Generic
Symantec Clean
tehtris Clean
ESET-NOD32 Clean
APEX Malicious
Paloalto Clean
ClamAV Clean
Kaspersky Clean
Alibaba Clean
NANO-Antivirus Clean
ViRobot Clean
Rising Clean
TACHYON Clean
Sophos Clean
F-Secure Trojan.TR/Dropper.Gen
DrWeb Clean
Zillya Clean
TrendMicro Clean
McAfee-GW-Edition Clean
Trapmine suspicious.low.ml.score
FireEye Generic.mg.da9ff05785b6d6ce
Emsisoft Gen:Trojan.Heur.bm0@c1IkV8ni (B)
Ikarus Clean
GData Gen:Trojan.Heur.bm0@c1IkV8ni
Jiangmin Clean
Webroot Clean
Google Detected
Avira TR/Dropper.Gen
Antiy-AVL Clean
Gridinsoft Clean
Xcitium Clean
Arcabit Trojan.Heur.E38F76
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft Trojan:Win32/Wacatac.B!ml
Cynet Malicious (score: 99)
AhnLab-V3 Clean
Acronis Clean
VBA32 Malware-Cryptor.VB.gen.2
ALYac Gen:Trojan.Heur.bm0@c1IkV8ni
MAX malware (ai score=86)
DeepInstinct MALICIOUS
Cylance unsafe
Panda Clean
Zoner Clean
TrendMicro-HouseCall Clean
Tencent Clean
Yandex Clean
SentinelOne Clean
MaxSecure Clean
Fortinet Clean
BitDefenderTheta AI:Packer.9F8ADCAE1C
AVG Win32:TrojanX-gen [Trj]
Avast Win32:TrojanX-gen [Trj]
CrowdStrike Clean
No IRMA results available.