popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2023-05-23 01:03:56

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x000148f0 0x00014a00 5.9847806607
.data 0x00016000 0x00001000 0x00001000 2.04231389208
.rdata 0x00017000 0x00000320 0x00000400 4.87060463338
.bss 0x00018000 0x00000020 0x00000000 0.0
.idata 0x00019000 0x00000014 0x00000200 0.0
.reloc 0x0001a000 0x0000009c 0x00000200 2.10149867871

!This program cannot be run in DOS mode.
`.data
.rdata
.idata
.reloc
[^_]A\
AWAVAUATL
[^_A\A]A^A_]
AVAUATUH
[^_]A\A]A^A_
@[^_]A\
8[A\A]A^
AUATWH
H[^_A\A]A^
8[^_A\
H[^_]A\A]A^A_
AVAUATE1
^_]A\A]A^
AWAVAUATUWVSH
T$0fA9
H[^_]A\A]A^A_
H[^_]A\A]A^A_
AWAVE1
AUATE1
X[^_]A\A]A^A_
[^_]A\A]A^
H[^_]A\A]A^A_
H[^_]A\A]A^A_
AWAVAUATWVSH
[^_A\A]A^A_]
AUATUWVSH
@[^_]A\A]A^
AWAVAUI
ATWVSH
[^_A\A]A^A_
AVAUATUWVSH
[^_]A\A]A^A_
AWAVAUATWVSH
[^_A\A]A^A_]
AWAVAUI
ATUWVSH
[^_]A\A]A^A_
AVAUATI
_A\A]A^
AVAUATI
x[^_]A\A]A^A_
`[^A\A]A^
[A\A]A^
AWAVAUATI
[^_]A\A]A^A_
AWAVAUI
8A\A]A^A_
AWAVAUI
ATUWVSH
L$hD9t$Xv-H
L$hD9|$XvyH
x[^_]A\A]A^A_
L$h9|$XvK
L$h9\$\v(
D$hD9l$\v
L$h9\$Xv!
[^_]A\A]A^A_
tID9#t
[_A\A]]
[_A\A]]
AWAVAUI
ATUWVSH
[^_]A\A]A^A_
AWAVAUI
ATUWVSH
X[^_]A\A]A^A_
AWAVAUI
ATWVSH
[^_A\A]A^A_]
[^_A\A]A^A_]
[^_A\A]A^A_]
[_A\A]
AWAVAUI
ATUWVSH
l$hA9}
T$h9t$dv
[^_]A\A]A^A_
[^_]A\A]A^A_
AUATSH
[A\A]A^
AUATUWVSH
X[^_]A\A]A^A_
AUATWVSH
[^_A\A]A^
AWAVAUATUWVH
[^_]A\A]A^A_
[^_]A\A]A^
AWAVAUATWVSH
HcD$lH
[^_A\A]A^A_]
([^_A\
AUATU1
H[^_]A\A]
AUATWL
[^_A\A]A^A_]
v4.0.303f
AWAVAUATUWVS1
[^_]A\A]A^A_
AWAVE1
[^_]A\A]A^A_
AVAUATA
L$09|$$v7H
[^_]A\A]A^
AVAUATWVSL
[^_A\A]A^
t HcA<
[^_A\A]
AWAVAUATI
[^_]A\A]A^A_
[^_]A\A]A^A_
AWAVAUI
[^_]A\A]A^A_
[^_]A\
AVAUATUH
[^_]A\A]A^A_
[^_]A\A]A^
AVAUATUWVSH
[^_]A\A]A^
C u?H9S
AUATWVH
[^_A\A]A^]
?f9L$*r
?f9\$*
[^_]A\A]A^
[A\A]A^
[^_]A\
AWAVAUE1
ATUWVSH
X[^_]A\A]A^A_
AWAVE1
AUATE1
[^_]A\A]A^A_
AWAVAUI
D$XtzL
[^_A\A]A^A_]
AWAVAUA
HHcy<H
H[^_]A\A]A^A_
AVAUATI
[^_]A\A]A^
AWAVAUATU1
T$pA9:
;D$`u|A
[^_]A\A]A^A_
@[^A\A]A^
AUATVS
[^A\A]A^A_
([^_]A\A]
[A\A]A^
([^_A\
[^_]A\A]A^
[^_]A\
H[^_]A\A]
@[^_]A\
[^_A\A]A^A_]
AWAVAUATUWVSH
H[^_]A\A]A^A_
AUATUD
[^_]A\A]A^A_
[^_A\A]A^
[^_]A\
AWAVAUE1
ATUWVH
H[^_]A\A]A^A_
P[^_]A\
BTD9J8u
Q8D9P8u
[^_]A\
ATUWVSH
?f9t$*v
[^_]A\
ATUWVSH
`[^_]A\
[^_A\A]A^A_]
AUATU1
8[^_]A\A]
\$8uzH
AVAUATUWVSH
x[^_]A\A]A^A_
X[^_A\
AUATE1
D$8H9D$h
H9D$xu
[^_A\A]A^A_]
AWAVAUATWVSH
[^_A\A]A^A_]
[^_]A\
H[^A\A]
AWAVAUATUWVSH
[^_]A\A]A^A_
ATWVSH
([^_A\
AWAVAUATU1
[^_]A\A]A^A_
C:\Windows\System32\Werfault.exe
C:\Windows\SysWOW64\Werfault.exe
157.245.47.66
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36
Content-type: text/plain
X-Havoc: true
X-Havoc-Agent: Demon
/funny_cat.gif
/index.php
/test.txt
/helloworld.js
Antivirus Signature
Bkav W32.Common.A5AE1530
Lionic Trojan.Win32.Havoc.4!c
tehtris Clean
DrWeb Clean
MicroWorld-eScan Trojan.GenericKD.68260049
ClamAV Clean
FireEye Trojan.GenericKD.68260049
CAT-QuickHeal Clean
McAfee RDN/Generic BackDoor
Cylance unsafe
VIPRE Trojan.GenericKD.68260049
Sangfor Backdoor.Win64.Havoc.Vndr
K7AntiVirus Trojan ( 005a69471 )
BitDefender Trojan.GenericKD.68260049
K7GW Trojan ( 005a69471 )
Cybereason malicious.0cff22
BitDefenderTheta Clean
VirIT Clean
Cyren W64/ABRisk.HXJN-5827
Symantec ML.Attribute.HighConfidence
Elastic malicious (high confidence)
ESET-NOD32 a variant of Win64/Havoc.D
APEX Malicious
Paloalto Clean
Cynet Malicious (score: 100)
Kaspersky Backdoor.Win64.Havoc.aex
Alibaba Backdoor:Win64/Havoc.9598b1c7
NANO-Antivirus Clean
SUPERAntiSpyware Clean
Rising Backdoor.Havoc!8.970A (TFE:3:5kYgA61wTIM)
Emsisoft Trojan.GenericKD.68260049 (B)
F-Secure Clean
Baidu Clean
Zillya Clean
TrendMicro TROJ_GEN.R023C0XFE23
McAfee-GW-Edition BehavesLike.Win64.Backdoor.mm
Trapmine Clean
CMC Clean
Sophos Mal/Generic-S
Ikarus Trojan.Win64.Havoc
GData Trojan.GenericKD.68260049
Jiangmin Clean
Webroot Clean
Avira Clean
MAX malware (ai score=88)
Antiy-AVL Trojan/Win64.Havoc
Gridinsoft Clean
Xcitium Clean
Arcabit Trojan.Generic.D41190D1
ViRobot Clean
ZoneAlarm Backdoor.Win64.Havoc.aex
Microsoft Trojan:Win32/Wacatac.B!ml
Google Detected
AhnLab-V3 Clean
Acronis Clean
VBA32 Clean
TACHYON Clean
DeepInstinct MALICIOUS
Malwarebytes Malware.AI.1694180533
Panda Trj/Chgt.AD
Zoner Clean
TrendMicro-HouseCall TROJ_GEN.R023C0XFE23
Tencent Malware.Win32.Gencirc.13d08e11
Yandex Clean
SentinelOne Clean
MaxSecure Trojan.Malware.209914176.susgen
Fortinet W64/Havoc.D!tr
AVG Win64:Evo-gen [Trj]
Avast Win64:Evo-gen [Trj]
CrowdStrike win/malicious_confidence_100% (W)
No IRMA results available.