popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2084-09-26 17:26:17

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x00016054 0x00016200 5.91377283323
.rsrc 0x0001a000 0x00009506 0x00009600 4.7005426846
.reloc 0x00024000 0x0000000c 0x00000200 0.101910425663

Resources

Name Offset Size Language Sub-language File type
RT_ICON 0x0001a130 0x00008ea0 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_GROUP_ICON 0x00022fd0 0x00000014 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_VERSION 0x00022fe4 0x00000338 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_MANIFEST 0x0002331c 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
Y_c
Y_c
KDBM(6
v4.0.30319
#Strings
__StaticArrayInitTypeSize=100
__StaticArrayInitTypeSize=10
<>9__0_10
<MSValue1>b__0_10
<>p__10
get_MSValue10
set_MSValue10
MSObject10
__StaticArrayInitTypeSize=20
359A00EF6C789FD4C18644F56C5D3F97453FFF20
<>p__20
MSValue20
MSObject20
__StaticArrayInitTypeSize=30
<>o__30
__StaticArrayInitTypeSize=40
FB10FF1AD09FE8F5CA3A85B06BC96596AF83B350
77A9683FAF2EC9EC3DABC09D33C3BD04E8897D60
A8F9B62160DF085B926D5ED70E2B0F6C95A25280
__StaticArrayInitTypeSize=80
__StaticArrayInitTypeSize=90
F413CEA9BAA458730567FE47F57CC3C94DDF63C0
43D19ECA54F14B7003C07FDE6BEDFC77AAF229C0
<>9__0_0
<MSValue1>b__0_0
<DomainExists>b__0_0
<>c__DisplayClass0_0
<GetWindowsVersion>g__HKLM_GetString|11_0
<>9__1_0
<GetDefaultIPv4Address>b__1_0
<>9__2_0
<MSValue1>b__2_0
<>9__4_0
<MSValue3>b__4_0
<>9__8_0
<ListOfPrograms>b__8_0
<>c__DisplayClass8_0
<>9__9_0
<.ctor>b__9_0
<AvailableLanguages>b__9_0
<.cctor>b__0
<>o__0
<>p__0
718D1294A5C2D3F3D70E09F2F473155C4F567201
2FBDC611D3D91C142C969071EA8A7D3D10FF6301
MSValue01
<MSValue1>b__11
<>p__11
get_MSValue11
set_MSValue11
MSObject11
<>p__21
MSValue21
MSObject21
MSObject31
1406F8EBA9D03BF5ADFB7274C97779C2B8659F41
5228E4D31C49B8491CE9A64B37F69147CCED17E1
<>9__0_1
<DomainExists>b__0_1
<>9__1_1
<GetDefaultIPv4Address>b__1_1
<MSValue1>b__1
<.cctor>b__1
<>p__1
Func`1
Nullable`1
IEnumerable`1
IOrderedEnumerable`1
CallSite`1
ICollection`1
IEnumerator`1
IList`1
ChannelFactory`1
get_MSValue1
set_MSValue1
MSObject1
__StaticArrayInitTypeSize=102
2A19BFD7333718195216588A698752C517111B02
MSValue02
__StaticArrayInitTypeSize=12
<>9__0_12
<MSValue1>b__0_12
<>p__12
get_MSValue12
set_MSValue12
MSObject12
__StaticArrayInitTypeSize=22
<>p__22
MSValue22
__StaticArrayInitTypeSize=32
ConvertFromUtf32
Microsoft.Win32
MSObject32
ToUInt32
ToInt32
A937C899247696B6565665BE3BD09607F49A2042
__StaticArrayInitTypeSize=42
__StaticArrayInitTypeSize=152
CEAC0E26B1E73F8F5D9635FB7F74BD651446C162
__StaticArrayInitTypeSize=62
__StaticArrayInitTypeSize=72
C7CCD3C58E8BC09066D76092AA42A45C0E12AD72
__StaticArrayInitTypeSize=282
7117B2110D7E1A46869D793F53F0130B93C9C1C2
30CE3CD14266DBB3CFE4BDD09371E85ACD9A00D2
D67333042BFFC20116BF01BC556566EC76C6F7E2
EB7EF1973CDC295B7B08FE6D82B9ECDAD1106AF2
<>9__0_2
<MSValue1>b__0_2
<DomainExists>b__2
<>p__2
Func`2
KeyValuePair`2
Dictionary`2
get_MSValue2
set_MSValue2
<>p__13
get_MSValue13
set_MSValue13
MSObject13
<>p__23
MSValue23
MSObject23
EB14352FBADB40E2FA237D444A6575B918573C43
4E3D7F188A5F5102BEC5B820632BBAEC26839E63
8C550EA96A693C687FFAB21F3B1A5F835E23E3B3
06F9FDEBE7AEF3F08523BDDDE7FCB7F4A217E7B3
C39241F447680C35D3966F9446AAE6D462E04AD3
79E9B68FB6E1987DED749BCD71143BD8EB323CE3
03B768E2AC5869B9CA034B9E652831B707CF01F3
FCEAB39EEBEA9BEA6AC370A00D87E5EE20EC94F3
<MSValue1>b__3
<>p__3
Func`3
Action`3
get_MSValue3
set_MSValue3
MSObject3
4EF472E2E74116C7FD95C74AB422CCF80DB1C404
__StaticArrayInitTypeSize=14
<>p__14
get_MSValue14
set_MSValue14
MSObject14
__StaticArrayInitTypeSize=24
<>p__24
MSValue24
MSObject24
46884713B2F882E5304A1FF1B16370575A53E434
__StaticArrayInitTypeSize=34
__StaticArrayInitTypeSize=144
__StaticArrayInitTypeSize=44
__StaticArrayInitTypeSize=154
__StaticArrayInitTypeSize=54
93D9D319FF04F5E54F3A6431407A7B90388FDC54
__StaticArrayInitTypeSize=64
FromBase64
ToInt64
99086C63443EF4224B60D2ED08447C082E7A0484
1076B53156E190E9BCBE281016712F2D3F02D3B4
A9AF072C30067C0DA33825C18B32D4BC108F8FB4
<>9__0_4
<MSValue1>b__0_4
<>p__4
Func`4
get_MSValue4
set_MSValue4
MSObject4
EB2DB456E0D779E528D1474FA55AC99055A5E815
38F431A549411AEB32810068A4C83250B2D31E15
<>p__15
get_MSValue15
set_MSValue15
MSValue25
MSObject25
18F0ABD79BB9748C273B6B71EC557247FE69E735
0F22F3E179A01BF3E7C6F2DB896DF46AF05AA975
A898408AA9A30B686240D921FE0E3E3A01EE91A5
<MSValue1>b__5
<>p__5
Func`5
get_MSValue5
set_MSValue5
MSObject5
__StaticArrayInitTypeSize=16
<>p__16
get_MSValue16
set_MSValue16
MSObject16
410D551BF9DC1F0CF262E4DB1077795D56EEC026
__StaticArrayInitTypeSize=126
E0CEB3E46E857A70CFB575A05B01A64806A8D426
__StaticArrayInitTypeSize=26
MSValue26
MSObject26
__StaticArrayInitTypeSize=36
__StaticArrayInitTypeSize=56
__StaticArrayInitTypeSize=66
__StaticArrayInitTypeSize=6
E9557E998E9DE4887AC07FAEA81C6EE361F454A6
0B8AD13B4A08E425576A39E7C4F4E3FE8D695EB6
80E5A0A2B81DB2473AFBB3FDD6F479670B7B41C6
B22742426BC3C0E1E90A0517EAB768ADA3203FE6
<>9__0_6
<MSValue1>b__0_6
<>o__6
<>p__6
get_MSValue6
set_MSValue6
<>p__17
MSValue17
MSObject17
1857B9184099B0000DDB28F0D711C76DF0F09F27
MSObject27
21CE412F27687841FDD1D48EBF9B3869945AE047
18B532EF2959EF2ED8C549D712E3446FF49E4287
007A56C60CB686C542C5A63F4806094A4F9494B7
89C95FB6F8086AFCCD50B1B257669F2B17C047B7
FBF3D37B70082AB4983C39061C2620CA625A09C7
D82572C56BDDD62E320B8BDAF0397A0DF9DD5BF7
<MSValue1>b__7
<>p__7
get_MSValue7
set_MSValue7
MSObject7
423ACA01AC170A50869ECDEF572CD96995576718
__StaticArrayInitTypeSize=18
<>p__18
get_MSValue18
set_MSValue18
MSObject18
__StaticArrayInitTypeSize=28
MSObject28
__StaticArrayInitTypeSize=38
__StaticArrayInitTypeSize=48
1A79939AEFF161E557D02CB37CD9A811ABCAF458
__StaticArrayInitTypeSize=58
__StaticArrayInitTypeSize=78
1938FDF81D9EFE09E9786A7A7DDFFBD755961098
__StaticArrayInitTypeSize=98
DF08DD4DFFDB6C9048202CAE65882EF91ECE6BA8
9B88C78E81ADB9E7247AB37D1F5F3861810916D8
46F273EF641E07D271D91E0DC24A4392582671F8
get_UTF8
<>9__0_8
<MSValue1>b__0_8
<>p__8
get_MSValue8
set_MSValue8
MSObject8
BCEF86DAFC99BA02019A51909C079A7A31931909
153E75F849A7600EF686FE2EA540F085FCD77C19
<>p__19
MSValue19
MSObject19
MSObject29
20CB5B8963ECE3D796594F043D66C0E0BAD86669
A48F9755433668687B502ED0BE8E20749E93DD69
AEFBED6D889D2E77C72741A3791529DC0B82B3B9
2B9522D4F7398AB5DB789596FE5DB90589B031E9
<MSValue1>b__9
<>p__9
get_MSValue9
set_MSValue9
MSObject9
<Module>
<PrivateImplementationDetails>
8743F6DD6877BBC815E9F16BEC59057DD1A89B0A
96D6CB223DCF17F7C9F93C825239BDAA3634674A
FCC2208C0B5E1FB1A6721663BA0162BEBEE2925A
58561CFFD029995C45C924D809F2F90BC915826A
A3EFD00EA085079EE7F97407F8EFF07E3990696A
4C1117B01D5C4E103EE817F889EC547C63B47B7A
A9139732ED4CF84F8CE948DCB134114E4F24598A
BEDDFAEB0360B1694AB8CD2A69986414790A1D9A
4CDA4454A3C36A7EBDCF8FE8B804B379A31D33CA
EBD075615CBE4A710F9410FFECEAF6110A01922B
9D9AF3AE11A58D55EB8A6AEC8F03F7AD01E8994B
5BB3788A197C26B8310159EC9A81635814ABB05B
8E78C62A6DC1B42E2F07790AC1B1A9B3C152695B
0410277C15CAD5E63A25F491DAEEF493B897678B
81E046FA1D93B661CC948A4DD1E01F20D6192E9B
28F794B091ED92F57BFC80EA32B18AF3A8183ADB
7FD227EEE2F38A50CFD286D228B794575C0025FB
4369729D8B79D0C651E00137A3B22A1A24DEBB4C
4878AE9A03D51720A6DCAC153101030D6CD72ABC
5F2F91D44A21E42A979E24B620CF42F2CB8687EC
System.Drawing.Drawing2D
FD4C77C0C4405C6A46E5C3CE53E0AE6BAEE7746D
6353B688B99A3543932AA127DAA0E48FBC646BBD
B5B4FA236B87DBCD8055443F05776B10DDEFA5CD
37C63BC36AB86F6E03BF66D89C58967C947086ED
6B733ECEA8567A4759F1B7C2892C1026CBCB61FD
6F66485AF823BAE1F185740DA7F4F595701CD22E
E3E8284EDCB98A1085E693F9525A3AC3D705B82E
571B1023DF3ABFB94C92465B365B1814FEBFAB3E
459812D18B50C8E5F96831EFD700F962F692D29E
71E427369E07185AE0407E3FAB1A16ED62BD159E
95098CDF929872F9B67E58070D088F8238F7CABE
639CC351DB45D241453A2429EEB54BB324A867EE
CE18B047107AA23D1AA9B2ED32D316148E02655F
4B05CEBD7D70F1607D474CAE176FEAEB7439795F
A9E1E8A8C6AF787CA28CAD4C3808E215CE59D16F
60FE6DA739E682E43E7D469626129D8F4AE3856F
8C49F78A06E711CF0E21134D0B091985336CC37F
501BADE98ACDE8BF4A0424FD9A4354615FF08C7F
3DB6DAD76E13B54DC03AF1C6092C40388E57FBBF
get_ASCII
BCRYPT_INIT_AUTH_MODE_INFO_VERSION
get_JSON
FromJSON
ToJSON
BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO
BCRYPT_OAEP_PADDING_INFO
BCRYPT_PSS_PADDING_INFO
System.IO
BCRYPT_KEY_LENGTHS_STRUCT
value__
cbData
ProtectedData
bEncryptedData
cbAuthData
pbAuthData
mscorlib
DecryptBlob
System.Collections.Generic
SystemMetric
metric
RcHdrFd
get_SessionId
set_MaxBytesPerRead
GetDecoded
BytesToStringConverted
<MSValue10>k__BackingField
<MSValue11>k__BackingField
<MSValue1>k__BackingField
<MSValue12>k__BackingField
<MSValue2>k__BackingField
<MSValue13>k__BackingField
<MSValue3>k__BackingField
<MSValue14>k__BackingField
<MSValue4>k__BackingField
<MSValue15>k__BackingField
<MSValue5>k__BackingField
<MSValue16>k__BackingField
<MSValue6>k__BackingField
<MSValue7>k__BackingField
<MSValue18>k__BackingField
<MSValue8>k__BackingField
<MSValue9>k__BackingField
<irrpre>k__BackingField
i>k__BackingField
<Main>k__BackingField
<Settings>k__BackingField
<Result>k__BackingField
<First>k__BackingField
ReadToEnd
CreateBind
method
NetworkInterface
Replace
IsNullOrWhiteSpace
cbNonce
pbNonce
source
set_Mode
FileMode
set_SmoothingMode
chainingMode
X509CertificateValidationMode
set_CertificateValidationMode
set_InterpolationMode
set_TransferMode
set_PixelOffsetMode
SecurityMode
SelectSingleNode
XmlNode
xmlNode
get_Unicode
get_BigEndianUnicode
FromImage
set_Message
get_CurrentInputLanguage
AddRange
EndInvoke
BeginInvoke
ReadContextTable
IEnumerable
IDisposable
ToDouble
RuntimeFieldHandle
RuntimeTypeHandle
GetTypeFromHandle
Rectangle
ReadFile
profile
Console
FileScannerRule
hModule
get_Name
procName
fieldName
tableName
GetTempFileName
fileName
get_EnglishName
get_FullName
ItemName
get_UserDomainName
get_UserName
ChromeGetName
GetProcessesByName
get_DisplayName
filename
DateTime
get_CreationTime
ReadLine
AppendLine
get_NewLine
Combine
LocalMachine
DataProtectionScope
dataProtectionScope
OperationContextScope
pszBlobType
ChangeType
ValueType
MessageCredentialType
set_ClientCredentialType
ExpressionType
GetType
get_PropertyType
FileShare
Compare
System.Core
get_irrpre
get_Culture
get_InvariantCulture
GetImageBase
WebResponse
GetResponse
Dispose
Reverse
get_ServiceCertificate
Create
MulticastDelegate
Delete
CallSite
DynamicAttribute
CompilerGeneratedAttribute
UnverifiableCodeAttribute
DebuggableAttribute
ComVisibleAttribute
AssemblyTitleAttribute
TargetFrameworkAttribute
ExtensionAttribute
AssemblyFileVersionAttribute
AssemblyDescriptionAttribute
DataMemberAttribute
EnumMemberAttribute
CompilationRelaxationsAttribute
DataContractAttribute
ServiceContractAttribute
OperationContractAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
ConfusedByAttribute
ParamArrayAttribute
AssemblyCompanyAttribute
RuntimeCompatibilityAttribute
ToByte
pszAlgMSValue
get_Value
GatherValue
get_HasValue
GetValue
SetValue
ReadContextValue
Remove
Spadroons.exe
get_Size
cbSize
_pageSize
set_MaxReceivedMessageSize
ChangeSize
_sqlDataTypeSize
MaxAuthTagSize
set_MaxBufferPoolSize
newSize
GetVirtualDisplaySize
Serialize
Deserialize
Resize
SizeOf
get_ItemOf
IndexOf
authTag
get_Png
NetTcpBinding
_dbEncoding
GetEncoding
get_CurrentEncoding
System.Drawing.Imaging
System.Runtime.Versioning
Mapping
ToString
GetString
GetHexString
Substring
System.Drawing
ConvertToULong
scannerArg
Search
GetMd5Hash
ComputeHash
dbPath
profilePath
GetFolderPath
rootPath
get_Width
VirtualScreenWidth
get_Length
dwMinLength
set_MaxJsonLength
set_MaxStringContentLength
get_RowLength
dwMaxLength
set_MaxArrayLength
StartsWith
set_MaxDepth
get_Au
AsyncCallback
callback
IsLoopback
PreCheck
AllocHGlobal
FreeHGlobal
get_Local
Marshal
X509CertificateRecipientClientCredential
cbLabel
pbLabel
System.ServiceModel
CreateChannel
IContextChannel
maxLevel
kernel32.dll
user32.dll
System.Xml
MSObjectReaderSql
FileStream
GetResponseStream
MemoryStream
Program
get_Item
get_Is64BitOperatingSystem
phAlgorithm
HashAlgorithm
Random
RootNum
rowNum
op_LessThan
TimeSpan
CopyFromScreen
get_PrimaryScreen
get_Main
set_Main
get_FileVersion
dwInfoVersion
GetWindowsVersion
get_Authentication
X509ServiceCertificateAuthentication
get_Location
System.Net.NetworkInformation
UnicastIPAddressInformation
GatewayIPAddressInformation
UnaryOperation
BinaryOperation
pszImplementation
System.Globalization
System.Runtime.Serialization
System.Web.Script.Serialization
System.Reflection
InputLanguageCollection
MatchCollection
UnicastIPAddressInformationCollection
GatewayIPAddressInformationCollection
ManagementObjectCollection
connection
SearchOption
searchOption
CryptographicException
InvalidOperationException
System.ServiceModel.Description
StringComparison
CompareTo
FileInfo
fileInfo
TimeZoneInfo
CultureInfo
pPaddingInfo
FileSystemInfo
FileVersionInfo
GetVersionInfo
CSharpArgumentInfo
DirectoryInfo
PropertyInfo
IsLocalIp
Bitmap
MessageSecurityOverTcp
Microsoft.CSharp
System.Linq
InvokeMember
GetMember
GetSerialNumber
MessageHeader
CreateHeader
AddressHeader
XmlReader
StreamReader
XmlTextReader
MD5CryptoServiceProvider
OpenAlgorithmProvider
IFormatProvider
provider
StringBuilder
dataFolder
SpecialFolder
Microsoft.CSharp.RuntimeBinder
CallSiteBinder
Buffer
ManagementObjectSearcher
FileCopier
Handler
IPv4Helper
SystemInfoHelper
CryptoHelper
ToUpper
CurrentUser
GetDelegateForFunctionPointer
adapter
BitConverter
ToLower
JavaScriptSerializer
IEnumerator
ManagementObjectEnumerator
GetEnumerator
.cctor
connector
InvokeConstructor
DeviceMonitor
IntPtr
base64str
set_ReaderQuotas
XmlDictionaryReaderQuotas
Graphics
GetSystemMetrics
System.Diagnostics
Fields
get_Bounds
GetGraphicCards
GetAllNetworkInterfaces
System.Runtime.InteropServices
System.Runtime.CompilerServices
DebuggingModes
get_ChildNodes
AvailableLanguages
get_InstalledInputLanguages
Matches
EnumerateDirectories
GetDirectories
_masterTableEntries
_tableEntries
GetIPProperties
IPInterfaceProperties
GetProperties
ExpandEnvironmentVariables
EnumerateFiles
GetFiles
profiles
GetSubKeyNames
expires
ListOfProcesses
get_UnicastAddresses
get_GatewayAddresses
StripQuotes
FromMinutes
_fileBytes
ReadAllBytes
ConvertToBytes
GetBytes
GetLogicalDrives
CSharpArgumentInfoFlags
CSharpBinderFlags
dwFlags
configs
get_Settings
OnGetSettings
settings
CallArgs
EventArgs
browserPaths
AddMonths
get_Ticks
get_Credentials
ClientCredentials
System.ServiceModel.Channels
ListOfPrograms
System.Windows.Forms
domains
Contains
System.Web.Extensions
System.Linq.Expressions
System.Text.RegularExpressions
System.Collections
StringSplitOptions
Spadroons
searchPatterns
patterns
get_Chars
get_OutgoingMessageHeaders
scanners
RuntimeHelpers
GetBrowsers
GetProcessors
FileAccess
success
GetCurrentProcess
GetDefaultIPv4Address
IPAddress
get_Address
GetProcAddress
EndpointAddress
address
System.Net.Sockets
Arguments
Supports
get_Exists
DomainExists
get_OperationalStatus
AddDays
arrays
Concat
AppendFormat
ImageFormat
ManagementBaseObject
hObject
ManagementObject
cbKeyObject
pbKeyObject
object
Select
Unprotect
System.Net
Target
GetOffset
offset
get_Height
VirtualScreenHeight
set_RecursionLimit
cbSalt
GetValueOrDefault
get_Result
pcbResult
IAsyncResult
result
System.Management
XmlElement
get_DocumentElement
dwIncrement
SqlStatement
Environment
XmlDocument
NetworkInterfaceComponent
get_Current
Content
IRemoteEndpoint
get_Count
set_MaxNameTableCharCount
MSObjectRoot
StringDecrypt
TrimStart
Convert
WebRequest
XmlNodeList
ToList
get_First
set_First
set_Timeout
set_SendTimeout
set_CloseTimeout
set_ReceiveTimeout
set_OpenTimeout
timeout
cbInput
pbInput
cbOutput
pbOutput
FileExt
StringExt
UserExt
MoveNext
System.Text
ReadAllText
cipherText
get_InnerText
chiperText
ReadFileAsText
cbMacContext
pbMacContext
ReadMasterOfContext
OperationContext
get_Now
GetIndex
startIndex
rowIndex
endMSValuex
startMSValuex
OrderBy
oldArray
InitializeArray
ToArray
FromBase64CharArray
ToCharArray
get_Key
OpenSubKey
chromeKey
stringKey
bMasterKey
hImportKey
RegistryKey
System.Security.Cryptography
GetExecutingAssembly
get_AddressFamily
SelectMany
BlockCopy
entropy
LoadLibrary
CollectMemory
ChannelFactory
get_Directory
baseDirectory
CreateDirectory
get_SystemDirectory
profilesDirectory
Registry
op_Equality
op_Inequality
System.ServiceModel.Security
System.Security
set_Security
NetTcpSecurity
CreateDnsIdentity
EndpointIdentity
IsNullOrEmpty
GetProperty
pszProperty
Confuser.Core 1.6.0+447341964f
System.Security.Permissions.SecurityPermissionAttribute, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
SkipVerification
WrapNonExceptionThrows
Recycle Bio Lab Tool
Tools for control bio tech
BioTech
BioTech Corp. 2022
.NETFramework,Version=v4.0
FrameworkDisplayName
.NET Framework 4*
MSObject8T
Namespace
ApiLayer
MSValue1
MSValue2*
MSObject9T
Namespace
ApiLayer
MSValue3
MSValue4
MSValue5
MSValue6+
MSObject10T
Namespace
ApiLayer
MSValue7+
MSObject11T
Namespace
ApiLayer+
MSObject12T
Namespace
ApiLayer+
MSObject14T
Namespace
ApiLayer+
MSObject16T
Namespace
ApiLayer+
MSObject17T
Namespace
ApiLayer+
MSObject18T
Namespace
ApiLayer
MSValue8
MSValue9
MSValue10
MSValue11
MSValue12
MSValue13
MSValue14
MSValue15*
MSObject1T
Namespace
ApiLayer
MSValue16
MSValue18*
MSObject3T
Namespace
ApiLayer*
MSObject4T
Namespace
ApiLayer
ContractTUwSystem.ServiceModel.SessionMode, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
SessionMode
MSObject5T
Namespace
ApiLayer*
MSObject7T
Namespace
ApiLayer<
_CorExeMain
mscoree.dll
0hD'%[=y!T:
,mC5#a;
3\&)Aj3
@^03]D4J]H3
q]+._F
#K!.%M$
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
autofillAuthTagLength
ProfilesVPEntity12N
BCrbMasterKeyyptImbMasterKeyportKbMasterKeyey
BCruintyptCloseAlgorituinthmProvuintiderAppData\Local\
PoUnknownrt
CookAmmoies
ExtFunctionension CookiFunctiones
[^\u0020-\u007F]BCrhKeyyptDeshKeytroyKhKeyeyUNKNOWN
Local State
ProcessId
cooMicrosoftkies.sqliMicrosoftte1*.1l1d1b
Profile_%appdata%\
logins
HoInnerst
{0}\FileZilla\recentservers.xml
ChainingModeGCM
\tdata
MB or
[AString-ZaString-z\d]{2String4}\.[String\w-]{String6}\.[\wString-]{2String7}
WReflectioneb DaReflectiontaprofiles\Windows\
TotEngSubsal oEngSubsf REngSubsAM
user.config
{0}\FileZilla\sitemanager.xml
cookies.sqlite
\Program Files (x86)\
config
0123468800
displayName
bcrFileStream.IOypt.dFileStream.IOllNametdata
ChainingModeSELECT * FROM
Extension
KeyDataBlob
\Program Data\
PaKillssAFileSystemntivFileSystemirusPrFileSystemoduFileSystemct|AntiFileSystemSpyWFileSystemareProFileSystemduct|FireFileSystemwallProdFileSystemuct
*ssfn*
DisplayVersion
%localappdata%\
LocalPrefs.json
OpHandlerenVPHandlerN ConHandlernect%DSK_23%Opera GXcookies
//settinString.Removeg[@name=\PasswString.Removeord\]/valuString.RemoveeROOT\SecurityCenter
UsReaderROOT\SecurityCenter2Web DataSteamPath
Extension Cookies
CommandLine
SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
Cookies
LogSearchin DaSearchta
TotalVisibleMemorySize
Software\Valve\SteamLogin Data
ID: BCpszPropertyryptGepszPropertytPropepszPropertyrty
BCrstring.EmptyyptOpestring.EmptynAlgorithmProvistring.Emptyder
NetworkMicrosoft Primitive Providerv11
NumberOfCores
\Program Files\
Opera GX Stable
ObjectLengthnameBCEncodingryptSEncodingetPrEncodingoperEncodingty
Profile_Unknown
, Name: AppData\Roaming\ //settString.Replaceing[@name=\UString.Replacesername\]/vaString.ReplacelueLocal Extension SettingsOpeInfora GInfoX StabInfole
moz_cookies
User Data
windows-1251, CommandLine:
DisplayName
NordVpn.exe*MyGToMyGkens.tMyGxt
BCrUnmanagedTypeyptDecrUnmanagedTypeypt
NoGetDirectoriesrd
*.vstring.Replacedf
BC#D$E'F6GGHJJMKR
$#%#'&(&)&*&+&,&-&103265QPRPSPTPUPVPWPXPYPZP[P\P]P^P_P`PaPbPcPdPePfPgPhPiPjPkPlPmPnPoPpPqPrPsPtPuPvP
Search
Reflection
Function
Roaming
UNKNOWN
cFileStreamredFileStreamit_cFileStreamardFileStreams
FileStream
ToString
os_crypt
encrypted_key
Network\
Unknown
Microsoft
GetDirectories
MSObject12
EnumerateDirectories
String.Replace
String.Remove
net.tcp://
localhost
f511a51230fb90d33f6b635d2873478c
Authorization
BDksWSsYKBY5IH1cIzpTCy4EEwQ=
KwArGgYlUBQQJAcCDFsiTw==
Immigrants
MSValue3
EnumerateFiles
ExpandEnvironmentVariables
MSValue2
MSValue1
FullName
Replace
Directory
*wallet*
\TeEnvironmentlegraEnvironmentm DEnvironmentesktoEnvironmentp\tdEnvironmentata
Environment
\Discord\Local Storage\leveldb
*.loSystem.Collections.Genericg
System.Collections.Generic
String
string.Replace
%USERPFile.WriteROFILE%\AppFile.WriteData\RoamiFile.Writeng
File.Write
Handler
%USERPserviceInterface.ExtensionROFILE%\ApserviceInterface.ExtensionpData\LocaserviceInterface.Extensionl
serviceInterface.Extension
ProldCharotonVoldCharPN
oldChar
nSystem.CollectionspvoSystem.Collections*
System.Collections
EngSubs
ElevatedDiagnostics\Reports
AddRange
UNIQUE
FileStream.IO
string.Empty
UnmanagedType
pszProperty
Encoding
bMasterKey
https://api.ip.sb/ip
0.0.0.0
SELSystem.Windows.FormsECT * FRSystem.Windows.FormsOM WinSystem.Windows.Forms32_ProcSystem.Windows.Formsessor
System.Windows.Forms
roSystem.Linqot\CISystem.LinqMV2
System.Linq
SELSystem.LinqECT * FRSystem.LinqOM WinSystem.Linq32_VideoCoSystem.Linqntroller
AdapterRAM
SOFTWARE\WOW6432Node\Clients\StartMenuInternet
SOFTWARE\Clients\StartMenuInternet
shell\open\command
Unknown Version
SELESystem.ManagementCT * FRSystem.ManagementOM WiSystem.Managementn32_DisSystem.ManagementkDrivSystem.Managemente
System.Management
SerialNumber
SELSystem.Text.RegularExpressionsECT * FRSystem.Text.RegularExpressionsOM Win32_PSystem.Text.RegularExpressionsrocess WSystem.Text.RegularExpressionshere SessSystem.Text.RegularExpressionsionId='
System.Text.RegularExpressions
FileSystem
SSystem.ELECT * FRSystem.OM WiSystem.n32_ProcSystem.ess WherSystem.e SessiSystem.onId='
System.
ExecutablePath
Concat0 MConcatb oConcatr Concat0
Concat
SELEMemoryCT * FMemoryROM WiMemoryn32_OperMemoryatingSMemoryystem
Memory
{0}{1}{2}
SOFTWARE\Microsoft\Windows NT\CurrentVersion
ProductName
CSDVersion
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
Tools for control bio tech
CompanyName
BioTech
FileDescription
Recycle Bio Lab Tool
FileVersion
InternalName
Spadroons.exe
LegalCopyright
BioTech Corp. 2022
OriginalFilename
Spadroons.exe
ProductName
ProductVersion
Assembly Version
32.23.2.0
Antivirus Signature
Bkav W32.AIDetectMalware
Lionic Trojan.Win32.Stealer.12!c
tehtris Generic.Malware
DrWeb Trojan.PWS.Stealer.35843
MicroWorld-eScan Trojan.GenericKDZ.98448
ClamAV Win.Trojan.Redline-9938775-1
FireEye Generic.mg.5d38aede0d5846ef
CAT-QuickHeal Trojan.MsilFC.S28986149
ALYac Trojan.GenericKDZ.98448
Malwarebytes RedlineStealer.Spyware.Stealer.DDS
VIPRE Trojan.GenericKDZ.98448
Sangfor Suspicious.Win32.Save.a
K7AntiVirus Trojan ( 700000121 )
BitDefender Trojan.GenericKDZ.98448
K7GW Trojan ( 700000121 )
Cybereason Clean
BitDefenderTheta Gen:NN.ZemsilF.36250.hm0@aaCysDd
VirIT Trojan.Win32.GenusT.DMQF
Cyren W32/MSIL_Agent.FHJ.gen!Eldorado
Symantec ML.Attribute.HighConfidence
Elastic malicious (high confidence)
ESET-NOD32 a variant of MSIL/Spy.RedLine.A
APEX Malicious
Paloalto Clean
Cynet Malicious (score: 99)
Kaspersky HEUR:Trojan-Spy.MSIL.Stealer.gen
Alibaba TrojanSpy:MSIL/Stealer.872ba875
NANO-Antivirus Clean
ViRobot Trojan.Win.Z.Agent.130048.DS
Tencent Malware.Win32.Gencirc.13d01c36
TACHYON Clean
Emsisoft Trojan.GenericKDZ.98448 (B)
F-Secure Heuristic.HEUR/AGEN.1351453
Baidu Clean
Zillya Clean
TrendMicro Trojan.Win32.AMADEY.YXDFLZ
McAfee-GW-Edition BehavesLike.Win32.Generic.cm
Trapmine suspicious.low.ml.score
CMC Clean
Sophos Mal/Reline-B
Ikarus Trojan.MSIL.Spy
Jiangmin Clean
Webroot Clean
Avira HEUR/AGEN.1351453
Antiy-AVL Trojan[Spy]/MSIL.RedLine
Gridinsoft Malware.Win32.RedLine.bot
Xcitium Clean
Arcabit Trojan.Generic.D18090
SUPERAntiSpyware Clean
ZoneAlarm HEUR:Trojan-Spy.MSIL.Stealer.gen
GData MSIL.Trojan.PSE.107IM90
Google Detected
AhnLab-V3 Trojan/Win.JB.R572463
Acronis suspicious
McAfee GenericRXVR-UJ!5D38AEDE0D58
MAX malware (ai score=89)
DeepInstinct MALICIOUS
VBA32 Trojan.MSIL.InfoStealer.gen.U
Cylance unsafe
Zoner Clean
TrendMicro-HouseCall Trojan.Win32.AMADEY.YXDFLZ
Rising Stealer.Agent!1.E5F0 (CLASSIC)
Yandex Clean
SentinelOne Static AI - Suspicious PE
MaxSecure Trojan.Malware.300983.susgen
Fortinet MSIL/RedLine.A!tr.spy
Panda Trj/GdSda.A
CrowdStrike win/malicious_confidence_100% (W)
No IRMA results available.