popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2023-10-27 05:03:00

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x001915f4 0x00191600 3.38700266393
.rsrc 0x00194000 0x00000570 0x00000600 3.9443396455
.reloc 0x00196000 0x0000000c 0x00000200 0.101910425663

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x001940a0 0x000002e4 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_MANIFEST 0x00194384 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
e (#~rX
?ae +N
Uoa}q
e (#~rX *}T
e (#~rX
Uoa}n
m2)a}o
?ae +N
bB0a}}
bB0a}F
Pa qXT
v4.0.30319
#Strings
cleanupdate
cleanupdate.exe
<Module>
Writer
cleanupdate.Connections
Object
System
mscorlib
<>c__DisplayClass1_0
<>c__DisplayClass2_0
<Fetfg>d__2
ValueType
<Gopjreg>d__1
<Main>d__0
Resources
Jfilq.Properties
<Module>{fff779cd-8cfb-4db7-8907-a499004fc07b}
f8DBD677B5408258
Boolean
m8DBD677B540A96A
.cctor
MoveRecord
InvokeRecord
PrintWriter
System.Threading.Tasks
AsyncTaskMethodBuilder
System.Runtime.CompilerServices
get_Task
LoginWriter
Task`1
AsyncTaskMethodBuilder`1
Create
ConcatWriter
<Main>
TaskAwaiter
GetResult
GetAwaiter
SearchRecord
CreateRecord
DefineRecord
advisor
product
Func`2
RunRecord
ManageWriter
get_FullName
String
PopRecord
op_Equality
StopRecord
ListRecord
InsertRecord
RunWriter
WriteRecord
InitRecord
CheckRecord
specification
OrderRecord
FindWriter
Action
DisableRecord
RuntimeTypeHandle
GetTypeFromHandle
ExcludeRecord
Delegate
CreateDelegate
PatchRecord
DynamicInvoke
VisitRecord
ReflectRecord
<>1__state
<>t__builder
<>7__wrap1
<>7__wrap2
<>u__1
RemoveRecord
MoveNext
IAsyncStateMachine
Exception
Assembly
System.Reflection
SetResult
Concat
System.IO
GetTempPath
AwaitUnsafeOnCompleted
get_IsCompleted
IntPtr
Enumerable
System.Linq
System.Core
IEnumerable`1
System.Collections.Generic
FirstOrDefault
GetRandomFileName
SetException
SetStateMachine
stateMachine
AssetRecord
Directory
Exists
TestRecord
CreateDirectory
DirectoryInfo
AwakeRecord
GetFiles
ViewRecord
PrintRecord
CreateText
StreamWriter
ReadRecord
TextWriter
Dispose
CollectRecord
get_Length
SelectRecord
CustomizeRecord
GetTypes
FillRecord
ChangeRecord
RestartRecord
CalcRecord
<>8__1
LogoutRecord
SetupRecord
CompareRecord
RegisterRecord
TaskAwaiter`1
<>u__2
InterruptRecord
System.Drawing
Bitmap
List`1
MemoryStream
ManageRecord
FromStream
Stream
CalculateRecord
GetPixel
MapRecord
get_Width
ConnectRecord
ToArray
IncludeRecord
IDisposable
PrepareRecord
ConcatRecord
StartRecord
Application
System.Windows.Forms
PostRecord
ResolveRecord
m_Class
ResourceManager
System.Resources
CultureInfo
System.Globalization
UpdateRecord
get_ResourceManager
get_Assembly
get_Culture
set_Culture
get_Elobpx
GetRecord
VerifyRecord
FindRecord
SetRecord
RateRecord
GetObject
Culture
Elobpx
m_3de10be7c9c74a33bbc5850b9b67090f
m_7373d32b7de241869ea0f1a1620ccb56
m_d59a3c1eff1842ceb744ff5d4fbd9c4a
m_26121a8960fc45e58a23b2bcd5c2dfe0
m_b7926d1f9b5f4be5bccde02e149ba471
m_34a1ea6e919f4b52baf48de97c367062
m_260f8a280dbf4b20940b6b3551b80d6b
m_05398d8892864d9b8c2e49e93d7153da
m_7280b3b271294a54ae141434ce51e1b6
m_e2cad4fbca1948c4b2c44270f33d38c5
m_5fd47dd20dd344fcbfc985a99dc030e4
m_db99a308d304439b9214c5526a42fb1b
m_c4471094995446e4aa770876c63b73c6
m_94ab428701e7487f8a0db97379e8428d
m_4a8673a3717941fe93e371203f285979
m_d685e22043b844e197f33e2b7dfdb971
m_e6e63643392a40ff9c2010e37f51bc63
m_1bb9919c6f6e4cfa9968f0c41ccb69bc
m_adedbf393fbd4c84bf10f7c9580cfa99
m_6bd07da295e34035963824adef39d5f1
m_ae6f6b65018841be9a95923b567d51ee
m_ca18cddd13d14e3ba981d80f7a976b7c
m_573ec51507734ef9aaf72ddc61cdab62
m_a61673ef38dd4ff4a938a90600412a48
m_4fe490e3b360446e97457a403d1e1033
m_6952db15cb814203a40e001177767c34
m_75de6866a4184151838739836cbd4f20
m_f8790793171c49d187cbf3ce715af705
m_556dbc8dac404f22aa0bf118cb63823e
m_5f5ebbb9eb7b4d068ca15b5838c9ed84
m_afad6d5807164346bcbab1c5b41f3db0
m_a8829d995136470c99ba1c50e846e7b3
m_49044e155a0741e6a2597b9534b09e90
m_26d419bce31c48299a2048a8c72aefaf
m_03f0fed23a4e48e6bee7da2bc6becf62
m_fb0a0e9bf6c244b785e3df502685e429
m_285c77f2b3b348018f55addfec53eae3
m_409889500ded437fba24431e0117bc97
m_ee66d08e0cf1432a971d51446f333043
m_f6ca12e1a804489bbc781ab4a5c027ef
m_332d83d803af431ca1e4e43120cbab3c
m_f074dcb4b8c24188864b2faa193f9754
m_434dc507f64249f985e0331630271cb6
m_03ed5335407b461eb092319fb614b2e3
m_b90488ffd9e74fb9b8d61c3be02b2169
m_a809d9e10c634d48bdba410c541101dc
m_7ee8140a287a4f84a87f2839b78e4b2b
m_51877951cff849f1b1c9aa7d70fd8ba6
m_f9871feb7e0c4eae95debc5f64b08642
m_5fa33edec53144deac95e0c8da27a262
m_82dde86bc9d84e6a9ce004fa0abf1b82
m_1f52d7aa9ef94d7b8eeff846e1ddb497
m_9284f8d3506d4f1da60a6c0fee32678f
m_65722f3bf6104c01b6c60f8ff1ed9ded
m_c4ad17e0e1d44361aaf5f25fac004462
m_1336d5b91d90466fb129480813682671
m_ed9346c7bdf24869861e9909f6640ec7
m_70b561dcc729482fa68d46d4c9b08123
m_31f2d7beebab4863a3810245bb602196
m_8cc74b8d0bbb419f95af4632142e425a
m_b5d353a572c14f3b873f12a2d67a39ff
m_0c86fae822e845dfb08c5653d45fa94a
m_74d65047d3bd402ab7bb520561830470
m_212db31a1f364cc09b424b1dbfc0232b
m_e22e5197bcba454ca1a8c5928b188bb8
m_f74ab9c1fe91488b8a1d7974f88c74ae
m_9a5a244a876c4a1da98906c7597522d0
m_0f0573ce58414a56b7ad3830f474ed45
m_bea213d6cd7342c1968a365f5ff11057
m_a629e5e467ba4f6cb9393bdd91404858
m_8fb80a5c5728418d8015e2f4dba7f973
m_142f84547d5840e09cd3bd09be919242
m_b02ec43332c546f19ae5b574ac19c510
m_bdd71045c42c4e32a56e66ae12e361c7
m_b16de296701943c298a16acaa163c611
m_84f34233bdd44f40970d3ad3763e2cad
m_fccf7e279e44429196786440dde57c24
m_be2d127c22944fee99aef500e32b34e8
m_df76d4cb295b457ba13d8c91b321bca8
m_532e53d005a347c09ee16c12ad4dc4a1
m_ef14f73fcdeb435db32245aae4684162
m_cfba7b9370114a76bff29f09db923d59
m_e367fa90310d49c09c425db230541fb5
m_ed78523709b146ce8c70080d6aa81113
m_41470f9d5ab14801bd523e9ef2c207d2
m_0d1f546191564912ab84dbdf00dfe0ed
m_ef96277d8e90478fb457b793a8a0e2cb
m_708ff29865564a32a8ec8a596578be9b
m_928921cae5044ceb94997c7e04ff5e37
m_26754725ddf84b9d94dd6f8da2e5558a
m_aa9cec8992854494a52864e317c32835
m_32e5184928824be0b43cedd36e1eba0d
m_bd37339fd58f48ff9b05b09a0a10ceb7
m_943260e7d1934579a072a7e3acb6e071
m_56d9feb6489e4f4bb769e91f9241e277
m_6d0d14654b114470bac3addc8594cbc7
m_b6b129586a7b4596adf286dfefff4a2a
m_0e5d95c364ac43b78b30bbd6a4edd1d1
m_730bda5cd5cc44b7a44533e8420c0e9e
m_1e96ffd6c65744f1981ddaeee6e48c94
m_de80ada044e840e28d8123e605f27912
m_4ece8eae0ab24bc49585088fc8e0ff8a
m_5bef579e29044cb181f4ee94dcdf9c4f
m_6fe3b95ebcda40fe877dcdd8e72c74e4
m_6c0c0b847dfd4c648f3b755cdfc1408f
m_3e1aad24bb7d41c59a64b2d32cacff83
m_a5cc1ab27e59442eb165a7b08c26c59d
m_91d282c13f4545b0a2112a68a524d866
m_5bdc21dbe51a4c8c933c3c42ebee5235
m_a6cbeef8d11a48529b88330bcb8eee82
m_f0d12a0249d542f18b060f72730b7e03
m_4f106b4b48c4452d900c329d272f11d9
m_f0e1ef9b537946e6bd7caa46769020be
m_6ddc536c65f34ac69ceae7e2fb1b8d49
m_528fa946230a46dd96d0a817713e2ed5
m_d104df7b062c4cbcbd074afc12536920
m_a5d1b0c778e24146bdbc43693104745f
m_724e18b18e7a4d6cab263f624a65d5f6
m_8f4cf5c651514dbeb26612f776d793a5
m_1e2c0b79825f4d2292dd2fa213c8d8bf
m_e0bddca52e70442384a91414608b7431
m_c9cc2ff61285457496f0a1e9bc392774
m_21b4896bda1342a6b93246d869a060b6
m_fd70a8ac9b29457da5b052dfd9009d53
m_46ca7cbbdb6f45a7a397a4cbed0b2240
m_047ccc9a497846acb4c50161e30114b5
m_d271e77ea8754905b95558106bdcd203
m_79147d0eecd048739c8b5f0997275458
m_af28b4fbcb3d4ffeaeea10b6e026e708
SortRecord
tb734528f6220419d94b8edfbdaa9b3ff
PublishRecord
CancelRecord
LoginRecord
CompilationRelaxationsAttribute
RuntimeCompatibilityAttribute
DebuggableAttribute
System.Diagnostics
DebuggingModes
AssemblyTitleAttribute
AssemblyDescriptionAttribute
AssemblyConfigurationAttribute
AssemblyCompanyAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyTrademarkAttribute
GuidAttribute
System.Runtime.InteropServices
AssemblyFileVersionAttribute
TargetFrameworkAttribute
System.Runtime.Versioning
ComVisibleAttribute
AsyncStateMachineAttribute
GeneratedCodeAttribute
System.CodeDom.Compiler
DebuggerNonUserCodeAttribute
CompilerGeneratedAttribute
EditorBrowsableAttribute
System.ComponentModel
EditorBrowsableState
DebuggerHiddenAttribute
Jfilq.Properties.Resources.resources
WrapNonExceptionThrows
$e66bd01e-dd9c-4723-b823-cd6d73531397
1.0.0.0
.NETFramework,Version=v4.5
FrameworkDisplayName
.NET Framework 4.5
)cleanupdate.Connections.Writer+<Main>d__0
,cleanupdate.Connections.Writer+<Gopjreg>d__1
*cleanupdate.Connections.Writer+<Fetfg>d__2
3System.Resources.Tools.StronglyTypedResourceBuilder
16.0.0.0
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
Trkjxzqnk.Qfgyroyc
Sawsnq
Jfilq.Properties.Resources
Elobpx
Elobpx
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
FileVersion
1.0.0.0
InternalName
cleanupdate.exe
LegalCopyright
LegalTrademarks
OriginalFilename
cleanupdate.exe
ProductName
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0
Antivirus Signature
Bkav Clean
Lionic Clean
Elastic malicious (high confidence)
DrWeb Clean
MicroWorld-eScan Clean
CMC Clean
CAT-QuickHeal Clean
Skyhigh BehavesLike.Win32.Generic.tz
ALYac Clean
Malwarebytes Trojan.MCrypt.MSIL.Generic
Zillya Clean
Sangfor Trojan.Win32.Agent.V0j0
K7AntiVirus Clean
Alibaba Clean
K7GW Clean
Cybereason Clean
BitDefenderTheta Gen:NN.ZemsilF.36792.Kn0@aqkQKLg
VirIT Clean
Symantec Clean
tehtris Generic.Malware
ESET-NOD32 Clean
APEX Malicious
Paloalto Clean
ClamAV Clean
Kaspersky UDS:DangerousObject.Multi.Generic
BitDefender Clean
NANO-Antivirus Clean
SUPERAntiSpyware Clean
Avast MalwareX-gen [Trj]
Tencent Clean
Emsisoft Clean
F-Secure Clean
Baidu Clean
VIPRE Clean
TrendMicro Clean
Trapmine Clean
FireEye Generic.mg.c9aa05e75a369370
Sophos Mal/Generic-S
SentinelOne Static AI - Malicious PE
MAX Clean
Jiangmin Clean
Webroot Clean
Google Detected
Avira Clean
Varist Clean
Antiy-AVL Clean
Kingsoft Clean
Microsoft Trojan:Win32/Sabsik.FL.B!ml
Gridinsoft Trojan.Win32.Amadey.bot
Xcitium Clean
Arcabit Clean
ViRobot Clean
ZoneAlarm UDS:DangerousObject.Multi.Generic
GData Clean
Cynet Malicious (score: 100)
AhnLab-V3 Clean
Acronis Clean
McAfee Artemis!C9AA05E75A36
TACHYON Clean
VBA32 Clean
Cylance Clean
Panda Clean
Zoner Clean
TrendMicro-HouseCall Clean
Rising Clean
Yandex Clean
Ikarus Trojan.MSIL.Inject
MaxSecure Trojan.Malware.300983.susgen
Fortinet Clean
AVG MalwareX-gen [Trj]
DeepInstinct MALICIOUS
CrowdStrike win/malicious_confidence_100% (W)
No IRMA results available.