popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2067-12-25 02:54:19

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x00001d54 0x00001e00 5.8568904652
.rsrc 0x00004000 0x000005b6 0x00000600 4.08386761898
.reloc 0x00006000 0x0000000c 0x00000200 0.0815394123432

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x000040a0 0x0000032c LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_MANIFEST 0x000043cc 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
v4.0.30319
#Strings
NXEDKR0T2LN2LT79IM5Q8IBZ3LOQQN2V114AJLTPIN69QWJ8GUB4102EVPK8CJCPT1BUY6073QIULCIGBQJ5L74A80O3AUN9KRQZVZKK4DBKSH3TGE6V9HDV7AV7R67ICIK3WTVMG9AH6TS075X6X19DN41VDM38G2IK797XSUP9G6ZNR4AVJAVKIHQ119I3GCADLI3779NDMA6RFODILHZFH7BZSG6TLV3D5VCJBCXJXR8IK9VN69S8M46NGDO1C410G3VUM4HITPSZ92PTUTXMD51AYYC7Y6G20HCRNBAB1JP6MHONY5HTGOWLBU5X1KUXJZ8107GSSVU4Q4YRKYI2YXVLV1P2FNKRY1XWIWX1YYBV425H6OMCC19WEWG9SNNEKDFYGCIXBRD9VAR26I60AIP62BRVQYJLL6L0WGA3FYAVX9AEENDJQWECYI6FUXHNH2YZZ1FZHDULH4J2BNQCV95Y2ICOK5ISRXN5KLONINCMB2549DEGGF2I6A6QY1OM4C4TQNRZ8D4H6SW9NIOH1CML5E8KO8ZQ80S98LNWVOHDLULON7CQNHU2ZSXMOHLAONJGAWBC42WM4JAL2U7Q6ID1FZJPXBHOCHY7LFO06AVUVH8QSMT4J4EFJRAKNVO3VIKWUC9XGGU5WTG7137LRMEIDTX3EDNLW29M7L5PM6YCKIS0LDSTXDMIEBTBOGSC3JJ4T39P7S8UYB75A7RBU3XSP1I624AGOVJB8YHSDCVFE1TCDXARYQR9V0O1UDXDR1GC266MZ98SHSNYHG2E3TR7EJPHJP89PSXNVRKH1Y1ZS91DN0UOLTJ8KI8SRYCKB8CZ4AC05VNF1
KWC0J2IDLT14JDLZTZJP7KRC6HEXP784ZLY1TLTMS6R0A5I28JEJJ43AEA4CXUYOV6E8OTFIG67B31CB9LZF2YV4SXXTQRZ7HCFD0KOPD6DM72HN73DM5SW6LKP16W1YHA30V9KY7KC5UI7ZQJVXNNBZPJ1Q4WSRFOE79Q27SOOVQ0MCNZKWADL48EKMI44K1U0GD909RYF98QJZ7YCEL6QBDK85FPZYUE359F9N8LEM8L5R4VPT1Z85DZC3A53B8QP4XNZ1ZZFA1EC1ORAUAG74F81KDFMDSCOS6B4R6Y4BT8D9WKOT5JB1TUZYWOXTMCRZ0U5NXTXMM5LG52Y213HJBW9LMF4RAKZQQOIBPB6MVYPXJS34042T4IXEVTARYGLBG40RTXNZ65YMGLC4LA1GSFVI0EP6AOXOMORP1MKDRCW9UL7KRGGYPFTAIR1PHRYSHJA24XC9ZYYPTWYOGFO3I99G5QGJV559ND1KLFP4EH80RDQW3MIBC5KIK36NQ2N32ZBP4NDB0UZBAIZ19UQJX47S3TARICNL3E81BB1PJHLRFJHBDFN5MEG82TWLNV2YGNH5J7083AAPSPNUL8ODYS9Z8A9SPQBXOXK2BM1FOPBLE1PMFB9PHY9YNS7J8HTN8MA4EVS9GIYJQXVGUWMNQWQZXWOTOSHH5YN10VIUTAI8A0HZ60YM5F6L5KGSG8UYBRN2K3Q9O13QORZ7OYWX34L02B5POZOVPT7SNPODKZ8DMQ7NVJDSL65GFW9J7BVYNIA4UHT9JTND6INLDS4EW5JSY0M0PFGIEKZDQC2N0EI2S1K7JYFPHQBR8RG452TENF9WTJ5
ZQOSXR96PPR1A0BYIHF868S7UEPN2YN93E00BT4RRJPPL2DWDLOLE6E07R8SCVE1BS75ALWYNYRWSCW1A2KRKB47992UVLO5FXN25IV2YZ8QPRH45HSJLWRAXA5BSCDBJVQ5Z362HS3UCOSR17YO3EUSGNF4MUKVV7H3BMFBK0C3367JSNJUNZIEB8YLXBPWIH9FGYQO2XDDC1ZKQ5M8LZH5ZC2CY4NJKQUV71C36420WFCKIO42ZQLSADQE6N07J32WGDMZ3SBQ7QJTAR3KAVT4ECV4K87TD4R2MPDFBE9HO4UT36DOTQ7XK8RDRSO4USMD9QHUOYI5WMPKRCAO4S9X73SO89YSZEW5RRUMZTA5HBB7SHWPSAACTZFF82VOAZFSZT2ASXYLSDP62U60NIAZEUL2LOO67
O2TENGA7VNQGWQSI5SS296UWB4ZU38WZCZ67B5T7OLXG2C11DHOHS6PSH7DTQQEW00D7UVGA9VNXJO48C8QWTPHGKN0E29Q8HAPB94GSAOI7S1J2CEQS9RDLS6WG4CI9EPQJ929I18VFGKXTE7BXT88Z6DTCHAX8GJ2DK93KFH0B58FIJDC7AUQFQ1M6J6A1LX87RTIED1SLI7387K3E8Z7V2XXSX7AIH80I9H0Z473ICF6S8N88D63V0ME460RG0JDKHV80UDKA6YTX0EUJ9CFLFERWD63EQXR2BWLNOIO9V2YB2RD1GHHYE2ECDMWXKFUJG1WD3G50XFZMQQ3V2B8IP3XIRIKCV0YPHP4B5989LQA8D2WWSB4JHM3NDNWU52F6QJEAW203C8682ZFZWYUU6PI5VQ7RNODTLDR3XV9ZKBGIP5UOI67HIVABAJOF4IPY5NXYHLBAY5J4J9Q05TJQQ5LZDQ3OH44BWSNBH6G657TMLF1B2YJL98H9C7V1SX34AII1VPS9MMVTM8O7Y1VSUTCXKO8KKPOHDZMD7APNFJ8WMYWETYC0BKJRFVQHQIZ78NPXVK9YLHNKUQKW141VNXG2P47MTI76UBX9I9SIYNO3786ZK4PVRDUKHWH
TCZAUOZIKUL6O4GNYSU10MTCXG0A0XT45G5AJ9D7UPTJP8S40HXDU2EGSWMOYYSWARBI9GDZPWGL3KXYX6JS9QJCCYSWXZI667I87K5UE8X8W3NI9X01O9WUH8GKYQBZNKO5BZ1MBZOB2LQIKJX98RR7KY09EU6X67UMPRHK6N0ZVV25R79O3C163RVN81HR20E41E32CNDU11LY64SHUR44GXT863LFGI64R7ENDHLQ9GFBF6RDJA6K6JXDV56IB7OS4QH80EENFN5ASR29MI5FMW8HJA1HKDPB1WHZZSME6TESOXVDC653CIGIS9Y0M6CC84I5KDJ351J2RP3WOYENHV9SQ8H04W19RCTUO039XC7L9N1CFCLY1Y5N50OL6T9I9JLO6JIY4F0FXXTCHFV1KCI2GGZXLRDDCZLZCMF63X4W70ZHHME18I76BTIZUUMNBWD8L3A49Z8XIV4QRRQ9MMF31PXTEPLJLQULW05NLK1JJKXPY1ICDMAZQJG6GQ0TNYL1BT30WDYCU6UR1H4MHJF9Q44NT9G4TI5U96OF7RPAY8FUZZE8WOLDTMLHZQGX63TLA9R53ZOZ3EKSYJY44HIF61BWUGQRK2D5P4TZIJF69WKOB3SP1M3YUNOJ84KWJ6OBBPD408VUCMGKRWV1YA088OKBPK1N9SWCHJNWZXY20JWHHE1LJS8IGQCWEBPQGIUUZDCHJ8BAM7HZ2D4LSQDQUO61H1RYIIVRYBSEBTCKQ76IJM3BHE80FDALGLASRN2ELZB1UZJ8N2AWSXS47QQEJ5MUBH70TU3DF16TKCQR4AMNDN3S3GUA6X4QNQZN2TO387R008T499JJS8QXNO7N93GR7QG4MDZLVTPG6D24WZB7NV7O9C9OWB3F092K2ZS6J8Y9TK
System.IO
VIOOX19WH7T29LDR94PX3F22EZPTRWSH20VILRPOLGNMWAF6EA1WMR0QQWJ8MQEUPMAIZ4GRPALW1PFDTTOR564KAF2ZIRC5C37KA6GJ4JHMFEYAQGO2BXYSRZITCRJ77QU7R5DWNFXWYSF6Q1ICCK4OFO3KYWGMAJOYU1TVC1P5AC48UMDKIG4XWF2CB2808KVPEQLZIX9L58ODU40LT6E3O1BO8QTK2Y7ZQO4DANCUHT1Y1ZSHCWGCF2AMO712EYSGAYWFAWLG3TW59NXJ7MIGR4TYORYDWJQSAVXCCMGPLAIVGFMBJS42QMYGE81T7IUTDD4O0UGVF24RW8SJEX3DPYBX7R7DVWSCQYSCK8KZLJWYRHTGQSOJPQEPBGRIWCATJ1A7PP8FMD2FBMFZ71XCIIXAUCADRCCJJDP0GW0BTI6LY8NYA1L5O7KBEANNO5YKBS687PTKAWT9LMMVZMCZ0G4L2OVGJNWYUWJFCO0VIA42OLZ1X1YC28U4YUGT3MBX94PZDGSKVRR0MB7QY4SRYU6VCORRIH159G2U69YRJOQKR3SWXZ594T8P83XYZBBO0W1FINUYFBIKDVEI553SM1APHNVCMA2HMCU4CNNKFG33KYLNZO24HTB9VL751RMFJA8AAJFSRTMF7HETBIN7H7A2AVI0PSTY3XTKZLMPJJMYG6BOHN3TEO8L9F9PBOC99YMKX43057Y7VMWET
I3E6O62V8PBXHTX75XJK4KRPP8W244S7LLQNCMTGCYW7C170YI93U7T8LZQQKA1E7DM6DJ5SEDHFXUMYB5DV5ZNN1SCM6D6B7S98OAXONQZQZOK0M1OO7FII08EUHSWAHGHFUNKAIYHO97YNIL9EYSE1J1IP6CH54YJTGEF9ROFI84I2K1M5SRMYBQ53E4EFRMTLXEHDGAXKM63PSPFE0MMNLURZJM4WJ90VK6FFTIZR3CLFWPKZZ9PE9GACWR43GAANFHFWK9VSX5UJJMD3BF7KUWWD6DTCN5L2B89OKYO0O7REW03KOB1BD03TVCZGQTE1T1IKNYSN0G5WESRGJIXMDKZLFP3I8HK53ZU5ST6ZSNK64GOCUT6H52YJC6E75KOS6A3P7WX0M83Z92Q8B0XPKD9ABL3VO94H92A4M9F85G4688JJQF6EX9H3A2NW3CMNEV0H1VWBVYUEICCDCTEICZU9UG3TVSF23R2MHBR4T4T8PCV70KUJ7EKPB0XU2CQCT1L0K05ABKYIFVURV63K855YHNKQO6CROQOX14XAPTIXQCJPGF95IFEY6WT6PPWEHG3ZH701J35OWHIEE5KI7GIIM01EK0V96EPJITIIOHWPKZBY
mscorlib
get_Unicode
get_BigEndianUnicode
GetEnvironmentVariable
Delete
GuidAttribute
DebuggableAttribute
ComVisibleAttribute
AssemblyTitleAttribute
AssemblyTrademarkAttribute
TargetFrameworkAttribute
SuppressIldasmAttribute
AssemblyFileVersionAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
CompilationRelaxationsAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyCompanyAttribute
RuntimeCompatibilityAttribute
TempCleaner.exe
Encoding
System.Runtime.Versioning
FromBase64String
GetString
System
System.Reflection
SearchOption
Exception
TempCleaner
System.Diagnostics
System.Runtime.InteropServices
System.Runtime.CompilerServices
DebuggingModes
GetFiles
Object
Environment
Convert
System.Text
Directory
WrapNonExceptionThrows
TempCleaner
Copyright
2023
$fe150791-e8e9-418c-95df-e884d6610e46
1.0.0.0
.NETFramework,Version=v4.0
FrameworkDisplayName
.NET Framework 4
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
,.#Q.+_.3p.;p.Cp.K_.Sv.[p.cp.k
AFYAQQBCAEYAQQBFADAAQQBVAEEAQQA9
AEsAZwBBAD0=
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
TempCleaner
FileVersion
1.0.0.0
InternalName
TempCleaner.exe
LegalCopyright
Copyright
2023
LegalTrademarks
OriginalFilename
TempCleaner.exe
ProductName
TempCleaner
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0
Antivirus Signature
Bkav Clean
Lionic Clean
Elastic malicious (moderate confidence)
DrWeb Clean
MicroWorld-eScan Clean
FireEye Generic.mg.0e85f5058fa30907
CAT-QuickHeal Clean
Skyhigh Clean
ALYac Clean
Cylance unsafe
VIPRE Clean
Sangfor Clean
CrowdStrike win/malicious_confidence_100% (W)
BitDefender Clean
K7GW Clean
K7AntiVirus Clean
BitDefenderTheta Gen:NN.ZemsilCO.36738.am0@amK9PBh
VirIT Clean
Symantec Clean
tehtris Clean
ESET-NOD32 Clean
APEX Malicious
Paloalto Clean
Cynet Malicious (score: 100)
Kaspersky Clean
Alibaba Clean
NANO-Antivirus Clean
ViRobot Clean
Avast Clean
Rising Malware.Obfus/MSIL@AI.82 (RDM.MSIL2:Uvo0h++HzDxsveFpw78VEg)
Sophos Clean
F-Secure Clean
Baidu Clean
Zillya Clean
Trapmine Clean
CMC Clean
Emsisoft Clean
Ikarus Trojan.Dropper
Jiangmin Clean
Webroot Trojan.Dropper.Gen
Google Detected
Avira Clean
MAX Clean
Antiy-AVL Clean
Kingsoft malware.kb.c.991
Gridinsoft Clean
Xcitium Clean
Arcabit Clean
SUPERAntiSpyware Clean
ZoneAlarm Clean
GData Clean
Varist Clean
AhnLab-V3 Clean
Acronis Clean
McAfee Clean
TACHYON Clean
VBA32 Clean
Malwarebytes Clean
Panda Clean
Zoner Clean
TrendMicro-HouseCall Clean
Tencent Clean
Yandex Clean
SentinelOne Static AI - Malicious PE
MaxSecure Clean
Fortinet Clean
AVG Clean
Cybereason malicious.00461d
DeepInstinct MALICIOUS
No IRMA results available.