popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2022-06-11 08:18:26

PE Imphash

ee827750429cc6977e10fe712ee76a8f

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x0002bb6c 0x0002bc00 7.32777887005
.data 0x0002d000 0x00389270 0x00002600 2.78749793046
.rsrc 0x003b7000 0x000138f8 0x00013a00 3.90643339035

Resources

Name Offset Size Language Sub-language File type
RT_ICON 0x003c9a40 0x00000468 LANG_SAAMI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x003c9a40 0x00000468 LANG_SAAMI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x003c9a40 0x00000468 LANG_SAAMI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x003c9a40 0x00000468 LANG_SAAMI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x003c9a40 0x00000468 LANG_SAAMI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x003c9a40 0x00000468 LANG_SAAMI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x003c9a40 0x00000468 LANG_SAAMI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x003c9a40 0x00000468 LANG_SAAMI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x003c9a40 0x00000468 LANG_SAAMI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x003c9a40 0x00000468 LANG_SAAMI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x003c9a40 0x00000468 LANG_SAAMI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x003c9a40 0x00000468 LANG_SAAMI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x003c9a40 0x00000468 LANG_SAAMI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x003c9a40 0x00000468 LANG_SAAMI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x003c9a40 0x00000468 LANG_SAAMI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x003c9a40 0x00000468 LANG_SAAMI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x003c9a40 0x00000468 LANG_SAAMI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x003c9a40 0x00000468 LANG_SAAMI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x003c9a40 0x00000468 LANG_SAAMI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x003c9a40 0x00000468 LANG_SAAMI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x003c9a40 0x00000468 LANG_SAAMI SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_STRING 0x003ca828 0x000000cc LANG_SAAMI SUBLANG_DEFAULT data
RT_STRING 0x003ca828 0x000000cc LANG_SAAMI SUBLANG_DEFAULT data
RT_STRING 0x003ca828 0x000000cc LANG_SAAMI SUBLANG_DEFAULT data
RT_STRING 0x003ca828 0x000000cc LANG_SAAMI SUBLANG_DEFAULT data
RT_GROUP_ICON 0x003c9ea8 0x00000076 LANG_SAAMI SUBLANG_DEFAULT data
RT_GROUP_ICON 0x003c9ea8 0x00000076 LANG_SAAMI SUBLANG_DEFAULT data
RT_GROUP_ICON 0x003c9ea8 0x00000076 LANG_SAAMI SUBLANG_DEFAULT data
RT_GROUP_ICON 0x003c9ea8 0x00000076 LANG_SAAMI SUBLANG_DEFAULT data
RT_VERSION 0x003c9f20 0x00000250 LANG_NEUTRAL SUBLANG_NEUTRAL data

Imports

Library KERNEL32.dll:
0x401000 SetLocaleInfoA
0x401004 WriteConsoleInputW
0x401008 lstrlenA
0x40100c ReadConsoleA
0x401010 GetConsoleAliasA
0x401014 WaitNamedPipeA
0x401018 GetUserDefaultLCID
0x40101c WriteConsoleInputA
0x401020 AddConsoleAliasW
0x401028 OpenSemaphoreA
0x401030 GetModuleHandleW
0x401044 SetCommState
0x401048 CreateActCtxW
0x401050 GlobalFindAtomA
0x401054 LoadLibraryW
0x401058 SetCommConfig
0x40105c FatalAppExitW
0x401060 CopyFileW
0x401064 _hread
0x401068 CreateEventA
0x40106c GetExitCodeProcess
0x401074 GetFileAttributesW
0x401078 SetSystemPowerState
0x40107c TerminateProcess
0x401088 ReplaceFileA
0x40108c GetTempPathW
0x401090 EnumSystemLocalesA
0x401094 GetConsoleOutputCP
0x401098 VerifyVersionInfoW
0x40109c GetConsoleAliasesW
0x4010a0 GetStartupInfoA
0x4010a4 FindFirstFileA
0x4010a8 GetLastError
0x4010ac SetLastError
0x4010b0 GetProcAddress
0x4010b8 LoadLibraryA
0x4010bc LocalAlloc
0x4010c0 IsWow64Process
0x4010c8 RemoveDirectoryW
0x4010cc SetFileApisToANSI
0x4010d4 VirtualLock
0x4010d8 GlobalGetAtomNameW
0x4010e0 GetTapeParameters
0x4010e4 FoldStringA
0x4010e8 FindNextFileA
0x4010ec GetModuleHandleA
0x4010f0 FindNextFileW
0x4010f4 GetStringTypeW
0x4010fc CompareStringA
0x401104 GetShortPathNameW
0x401108 FindFirstVolumeA
0x401110 DeleteFileW
0x401118 ResetWriteWatch
0x401120 EnumSystemLocalesW
0x401128 WriteConsoleW
0x401134 EncodePointer
0x401138 DecodePointer
0x40113c Sleep
0x401150 WideCharToMultiByte
0x401154 HeapFree
0x401158 GetCommandLineW
0x40115c HeapSetInformation
0x401160 GetStartupInfoW
0x401164 RaiseException
0x401168 RtlUnwind
0x40116c HeapAlloc
0x401170 LCMapStringW
0x401174 MultiByteToWideChar
0x401178 GetCPInfo
0x401180 GetACP
0x401184 GetOEMCP
0x401188 IsValidCodePage
0x40118c TlsAlloc
0x401190 TlsGetValue
0x401194 TlsSetValue
0x401198 TlsFree
0x40119c GetCurrentThreadId
0x4011a8 IsDebuggerPresent
0x4011ac GetCurrentProcess
0x4011b0 HeapCreate
0x4011b4 SetHandleCount
0x4011b8 GetStdHandle
0x4011c0 GetFileType
0x4011c4 SetFilePointer
0x4011c8 CloseHandle
0x4011cc ExitProcess
0x4011d0 WriteFile
0x4011d4 GetModuleFileNameW
0x4011e4 GetTickCount
0x4011e8 GetCurrentProcessId
0x4011f0 GetLocaleInfoW
0x4011f4 HeapSize
0x4011f8 GetLocaleInfoA
0x4011fc IsValidLocale
0x401200 HeapReAlloc
0x401204 GetConsoleCP
0x401208 GetConsoleMode
0x40120c SetStdHandle
0x401210 FlushFileBuffers
0x401214 CreateFileW
Library USER32.dll:
0x40121c CharUpperA
!This program cannot be run in DOS mode.
`.data
generic
iostream
system
string too long
invalid string position
iostream stream error
Unknown exception
bad allocation
Visual C++ CRT: Not enough memory to complete call to strerror.
LC_TIME
LC_NUMERIC
LC_MONETARY
LC_CTYPE
LC_COLLATE
LC_ALL
 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
 !"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~
HH:mm:ss
dddd, MMMM dd, yyyy
MM/dd/yy
December
November
October
September
August
February
January
Saturday
Friday
Thursday
Wednesday
Tuesday
Monday
Sunday
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
CorExitProcess
bad exception
Illegal byte sequence
Directory not empty
Function not implemented
No locks available
Filename too long
Resource deadlock avoided
Result too large
Domain error
Broken pipe
Too many links
Read-only file system
Invalid seek
No space left on device
File too large
Inappropriate I/O control operation
Too many open files
Too many open files in system
Invalid argument
Is a directory
Not a directory
No such device
Improper link
File exists
Resource device
Unknown error
Bad address
Permission denied
Not enough space
Resource temporarily unavailable
No child processes
Bad file descriptor
Exec format error
Arg list too long
No such device or address
Input/output error
Interrupted function call
No such process
No such file or directory
Operation not permitted
No error
united-states
united-kingdom
trinidad & tobago
south-korea
south-africa
south korea
south africa
slovak
puerto-rico
pr-china
pr china
new-zealand
hong-kong
holland
great britain
england
britain
america
swedish-finland
spanish-venezuela
spanish-uruguay
spanish-puerto rico
spanish-peru
spanish-paraguay
spanish-panama
spanish-nicaragua
spanish-modern
spanish-mexican
spanish-honduras
spanish-guatemala
spanish-el salvador
spanish-ecuador
spanish-dominican republic
spanish-costa rica
spanish-colombia
spanish-chile
spanish-bolivia
spanish-argentina
portuguese-brazilian
norwegian-nynorsk
norwegian-bokmal
norwegian
italian-swiss
irish-english
german-swiss
german-luxembourg
german-lichtenstein
german-austrian
french-swiss
french-luxembourg
french-canadian
french-belgian
english-usa
english-us
english-uk
english-trinidad y tobago
english-south africa
english-nz
english-jamaica
english-ire
english-caribbean
english-can
english-belize
english-aus
english-american
dutch-belgian
chinese-traditional
chinese-singapore
chinese-simplified
chinese-hongkong
chinese
canadian
belgian
australian
american-english
american english
american
Norwegian-Nynorsk
Complete Object Locator'
Class Hierarchy Descriptor'
Base Class Array'
Base Class Descriptor at (
Type Descriptor'
`local static thread guard'
`managed vector copy constructor iterator'
`vector vbase copy constructor iterator'
`vector copy constructor iterator'
`dynamic atexit destructor for '
`dynamic initializer for '
`eh vector vbase copy constructor iterator'
`eh vector copy constructor iterator'
`managed vector destructor iterator'
`managed vector constructor iterator'
`placement delete[] closure'
`placement delete closure'
`omni callsig'
delete[]
new[]
`local vftable constructor closure'
`local vftable'
`udt returning'
`copy constructor closure'
`eh vector vbase constructor iterator'
`eh vector destructor iterator'
`eh vector constructor iterator'
`virtual displacement map'
`vector vbase constructor iterator'
`vector destructor iterator'
`vector constructor iterator'
`scalar deleting destructor'
`default constructor closure'
`vector deleting destructor'
`vbase destructor'
`string'
`local static guard'
`typeof'
`vcall'
`vbtable'
`vftable'
operator
delete
__unaligned
__restrict
__ptr64
__eabi
__clrcall
__fastcall
__thiscall
__stdcall
__pascal
__cdecl
__based(
GetProcessWindowStation
GetUserObjectInformationW
GetLastActivePopup
GetActiveWindow
MessageBoxW
_nextafter
_hypot
1#QNAN
1#SNAN
bad locale name
ios_base::badbit set
ios_base::failbit set
ios_base::eofbit set
tozazit
kugoziba hezahamowepored moxekokatil logeyanafagekejeme
hebezaromopisekope
Xez foyope
beciy fidaxamu
denenuvuxukupobasuvemay holuhaf yifudamozi
wahoturogapogi koriharetuk
ahovigeraf fegadoroheri
yegelizetaf giduzovokac
duliravohajuronevekohohunigaxem jugihaxejesuvosoginefoco diwokahoramitek pecejir zoruwo
yajewagomodotekepoxu
bad cast
F@9n8u
QQSVWd
.t|PVj@
t"SS9] u
j@j ^V
uTVWh7
^SSSSS
QQSVWh
t=MOC
HtHu4j
t*=RCC
;7|G;p
tR99u2
F Pj*S
F$Pj+Sj
F(Pj,S
F,Pj-S
F0Pj.S
F4Pj/S
F8PjDS
F<PjES
F@PjFS
FDPjGS
FHPjHS
FLPjIS
FPPjJS
FTPjKS
FXPjLS
F\PjMS
F`PjNS
FdPjOS
FhPj8S
FlPj9S
FpPj:S
FtPj;S
FxPj<S
F|Pj=S
C PjPV
C$PjQV
C*PjTV
C+PjUV
C,PjVV
C-PjWV
C.PjRV
C/PjSV
CHPjPV
CLPjQV
PPPPPPPP
Wj@h(5@
PPPPPPPP
URPQQh
tRHtCHt4Ht%HtFHHt
t VV9u
;t$,v-
UQPXY]Y[
<+t"<-t
+t HHt
bM>gy=
_xnG~
+},kKJ
F)Yt{J
-/<iN!J
gJ@3mX[
d@#'%'o
x.L/x@
!>xfDc
lbvlYsCb
T"E!\
a=G5G95R
9Z}+C<6
CJff/ZE[
dY@*0H
-{y?.)
=q8+Vx$
rottK\
[<rc)3
f3HfF\
wkrs,P=ac
:%A/TPV
:9'5sh
P#TZ^-
c3'CJK
< PgK1
+Eh2Dyj
;9]y}%
PM!|I7
;V7pT[
5&o1+j
V&o1+j
]q7pT[
V/<_Ft
AR]*n
0hoGM^ej
qz5m;/
U\jgZ^!E
u\\+x3
IV1dP/n#
}1QHZ)
\Alb%SiRp
1f).%T
tC/Q*f
qyR[;]
4>iM^b
B"(]*e
P8Tc;Q
^=Cj#`
ana>P[
CAWF6e
zw4inf
*&v =G
ug69p0
'MMz^Yk
`kbV1B
c1S^`X
-B$cQWJ
EL=q:x
a(&laX8_S
CK$]5|p
]IgdFs
3oll}j
&Om~L[kdH
g I[+30
-,D82*v-
+;~FEq
?t()[o
iP;$#X
mt.tWm
K<90aQN
jH<Kjx
SGeYEx
aC3'&;
Bnv=sS
,*U%~h?
{"HxgX
vwwn5s
Z!-w~\
&kmF&U
ey.3DP
R,Z'V7=7
p$=4*'
4;01jHB
C>~D&Q
Ro='P[%G
M@8{wO
Yu Ogp
KCs%FZ
~ EMN,a
T%$m8P
/^`5v
4^0^jRi
H~)>Lo
{6uH:qIC!
=h_-Ds
z74V'J
PnkS(}}
N%:`fx
'OjHD"Q
nR/e#n}
Qu z0ur~>
9$4+S
"H6SD
(2jfUw
bj]uv
BL^`kj.a
pQ}(+K
o@.gd-+
\#$jN~
TUFur$
?aM1y]
V]=d^L
R4{pV.
OGT9iH
e ;ns!
M3\^[*
.6c-L(
r[~n>{|
?)mK>C
T$4RQQQ
D$8PVVV
L$<QVVV
D$`<C@
u$hdA@
L$HQRR
SetLocaleInfoA
WriteConsoleInputW
lstrlenA
ReadConsoleA
GetConsoleAliasA
WaitNamedPipeA
GetUserDefaultLCID
WriteConsoleInputA
AddConsoleAliasW
FlushConsoleInputBuffer
OpenSemaphoreA
MoveFileWithProgressA
GetModuleHandleW
FindNextVolumeMountPointA
ConvertFiberToThread
GetCompressedFileSizeW
GetConsoleAliasExesW
SetCommState
CreateActCtxW
GetEnvironmentStrings
GlobalFindAtomA
LoadLibraryW
SetCommConfig
FatalAppExitW
CopyFileW
_hread
CreateEventA
GetExitCodeProcess
EnumSystemCodePagesA
GetFileAttributesW
SetSystemPowerState
TerminateProcess
GetTimeZoneInformation
FindNextVolumeMountPointW
ReplaceFileA
GetTempPathW
EnumSystemLocalesA
GetConsoleOutputCP
VerifyVersionInfoW
GetConsoleAliasesW
GetStartupInfoA
FindFirstFileA
GetLastError
SetLastError
GetProcAddress
GetPrivateProfileStringA
LoadLibraryA
LocalAlloc
IsWow64Process
SetConsoleCtrlHandler
RemoveDirectoryW
SetFileApisToANSI
WriteProfileSectionW
VirtualLock
GlobalGetAtomNameW
GetCurrentConsoleFont
GetTapeParameters
FoldStringA
FindNextFileA
GetModuleHandleA
FindNextFileW
GetStringTypeW
GetCurrentDirectoryA
CompareStringA
QueryPerformanceFrequency
GetShortPathNameW
FindFirstVolumeA
GetWindowsDirectoryW
DeleteFileW
MoveFileWithProgressW
ResetWriteWatch
ReadConsoleOutputCharacterW
EnumSystemLocalesW
ExpandEnvironmentStringsW
KERNEL32.dll
CharUpperA
USER32.dll
InterlockedIncrement
InterlockedDecrement
EncodePointer
DecodePointer
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
WideCharToMultiByte
HeapFree
GetCommandLineW
HeapSetInformation
GetStartupInfoW
RaiseException
RtlUnwind
HeapAlloc
LCMapStringW
MultiByteToWideChar
GetCPInfo
IsProcessorFeaturePresent
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThreadId
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentProcess
HeapCreate
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
SetFilePointer
CloseHandle
ExitProcess
WriteFile
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetLocaleInfoW
HeapSize
GetLocaleInfoA
IsValidLocale
HeapReAlloc
GetConsoleCP
GetConsoleMode
SetStdHandle
FlushFileBuffers
WriteConsoleW
CreateFileW
.?AVerror_category@std@@
.?AV_Generic_error_category@std@@
.?AV_Iostream_error_category@std@@
.?AV_System_error_category@std@@
.?AV_Locimp@locale@std@@
.?AVlogic_error@std@@
.?AVlength_error@std@@
.?AVout_of_range@std@@
Copyright (c) 1992-2004 by P.J. Plauger, licensed by Dinkumware, Ltd. ALL RIGHTS RESERVED.
.?AVtype_info@@
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
.?AVbad_exception@std@@
.?AV?$ctype@D@std@@
.?AUctype_base@std@@
.?AVfacet@locale@std@@
.?AV?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@
.?AV?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@
.?AV?$basic_istream@DU?$char_traits@D@std@@@std@@
.?AV?$basic_streambuf@DU?$char_traits@D@std@@@std@@
.?AV?$basic_ios@DU?$char_traits@D@std@@@std@@
.?AV?$_Iosb@H@std@@
.?AVios_base@std@@
.?AVruntime_error@std@@
.?AVexception@std@@
.?AVfailure@ios_base@std@@
.?AVsystem_error@std@@
.?AVbad_cast@std@@
.?AVbad_alloc@std@@
PPPPPPPPPPPPPP
PPPPPPPPPPPPP
PPPPPPPPPPPPPP
PPPPPPPPPPPPP
PPPPPPPPPPPPPP
PPPPPPPPPPPPPP
PPPPPPPPPPP
PPPPPPP
EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEp
EEEEEEEEE~
EEEEEEEEE
aEEEEEEEEE
EEEEEEEEE
EEEEEEEEEo
EEEEEEEEE~
EEEEEEEEE
]vvvvq
aEEEEEEEEE
aEEEEEEEEE
EEEEEEEEE
EEEEEEEEE~
EEEEEEEEz
EEEEEEEEEh
EEEEEEEEE
EEEEEEEEE
EEEEEEEEn
EEEEEEEEE
EEEEEEEEE%
EEEEEEEEz
7:EEEEEEEE
EEEEEEEE
EEEEEEEnvx
EEEEEE
OEEEEE
*EEEEEz
aFBEEE
rEEEEEEz
~EEEEE'NP'EEEEEEEp~
a6a%ZEEEEEEE
EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE
}}{~|~{z
{}}||{
{z~}|}
z}|{{||
||~|z{y
~~{}|||
|}z~~}
|||{~|
}}}~|}
}{|~}|
~~{|~}
{{|}~z
{}~}|{{
~|||}~
}||}{}}
|~}{}{
}|~z~{
|||||~}|}z~
}|z{{~
~~}{|~}{~zy
}}kYYA-
-qFFFFF
YYYYYaG
6FFFFF
TTT4F6
{{{{.f!
{{{{{{
{{{{{{{.
}}5{{{.=
MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMM
5MMMMMMMMMMM
MMMMMMMMMM
}MMMMMMMMMM
MMMMMMMMM
MMMMMMMMM
MMMMMMMM
MMMMMMM
MMMMMM
MMMMMM
MMMMMM
MMMMMM
mMMMMM}
MMMMMMM
MMMMMMMMMM
mMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMM
9MMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
||||||-
|||||||
|||||-
b||||||
||||-#
||||||||-
||||||||||-#
|||||||||||-
|||||||||||||-
||||||||||||||||||||||
~~~~~~
55555555555555555555555555
B5o,,,,,,,,,,,,,,,,,,,,,o
,,,,,,,,,,,,
,,,,,,,,,
U55U55U55U55U55U55U555
BBBBBBBBBBB
BBBBBBBBB
D}}}}}}}}}}}}}}}}}}}}}}}}}}}
GGGGGGGG
wwwwwwww
yGGGGGGGG
GGGGGGGGG
GGGGGGGGG
GGGGGGGG
444444
!}}}}}}}}}}}}}}}}}}}}}}}}}}}!555
ggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggXXXXXXXXXXXXXXXX
^X:gggggggggXX
Xgggggggg
XgggggggX
XggggggX
XgggggX
XgggggX
gggggX
gggggX
Xggggg
gggggX
I:::::::-
XgggggX
99999999
gggggX
,,,,,,,,,,,,,,
XgggggX
gggggX
XgggggX
gggggX
gggggX
gggggX
gggggX
XgggggX
gggggX
2222(,
XgggggX
XgggggX
llll(B9
XgggggX
XX:gggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFI
IIFFFFFFFI
HRRRRRR
FFFFFFIH,RII
OOOOOH
FFFFFIHR
,gFFFFI
vgFFFF
******
,J11111111
gHFFFF
gHFFFF
VOFFFF
~~~(:::::KK~hl
IFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
qqqqqqqqqq
((((( H
h(((( H
H
HH:mm:ss
dddd, MMMM dd, yyyy
MM/dd/yy
December
November
October
September
August
February
January
Saturday
Friday
Thursday
Wednesday
Tuesday
Monday
Sunday
nKERNEL32.DLL
mscoree.dll
runtime error
TLOSS error
SING error
DOMAIN error
- Attempt to use MSIL code from this assembly during native code initialization
This indicates a bug in your application. It is most likely the result of calling an MSIL-compiled (/clr) function from a native constructor or from DllMain.
- not enough space for locale information
- Attempt to initialize the CRT more than once.
This indicates a bug in your application.
- CRT not initialized
- unable to initialize heap
- not enough space for lowio initialization
- not enough space for stdio initialization
- pure virtual function call
- not enough space for _onexit/atexit table
- unable to open console device
- unexpected heap error
- unexpected multithread lock error
- not enough space for thread data
- abort() has been called
- not enough space for environment
- not enough space for arguments
- floating point support not loaded
@Microsoft Visual C++ Runtime Library
<program name unknown>
Runtime Error!
Program:
WUSER32.DLL
pCONOUT$
hatanelevuxaludufijuxex mafigamirizadup
Pep kavahifam givaselu wutogox
xeriwuvetiyihoked
@jjjjjj
VS_VERSION_INFO
StringFileInfo
037185B1
FileDescriptions
Anybodies
InternalName
Hurracane.exe
LegalCopyrights
Tulip feaver
LegalTrademark1
Gurufas
OriginalFilename
Buskepas.exe
ProductVersion
76.47.92.68
VarFileInfo
Translation
Yunepowuhori nibehadixodof
Pejetonafacoyo cizav
$Sicoresuzeg motomanihumigiv bejewomaMMoxavimigorus lokoxoraci gayo jafufunaporohum xozoyubosu deca fuzuwo mematiyeXLaroxezusiwaco cuhozatuhewisaf kocawavosok zajokifur fowux mokir karabehicad yitidokaxon!Sezabefohagi zarudetufap kuzogavuLXovevepejugipa vonabose tokodagekeban masaxas setuvadunidigoh dukalinohurigo
Lam rigihi fogoxiju
5Kuxirawuci mom lir locosumopomid fomayi rifakamusohij
)Semipebulozusaj punohipof nun kazowenekivGVanabijar zej kicivomu liwimux fagejurusofo mivusorazufa torimici porab
SFeyide cigosekez pahuseb sununu fasocohetife kocekadivogu nowidizexo vopohuweyuvapi
3Mikufoxa voni kuki haca berijeco puwosituhid lebame
Cenumufimevaj cem futofesixoz
6Yecurixawocet ziyosifew pav dakov sezowuyofokoy wohume
Xakihifumete rotewiv
Yahawesi vuhesexo
Xod roz
RikSLozowuwi xikonopudo kobe topituvayomagod fefuri vonubezovew vifatojot sugifice pure
Antivirus Signature
Bkav W32.AIDetectMalware
Lionic Trojan.Win32.Generic.4!c
tehtris Clean
MicroWorld-eScan Trojan.GenericKDZ.103964
FireEye Generic.mg.1ec8db165fd00337
CAT-QuickHeal Clean
Skyhigh BehavesLike.Win32.Lockbit.dh
McAfee Artemis!1EC8DB165FD0
Cylance unsafe
Zillya Clean
Sangfor Trojan.Win32.Save.a
K7AntiVirus Trojan ( 005ad85e1 )
Alibaba Trojan:Win32/Stealc.80422abc
K7GW Trojan ( 005ad85e1 )
CrowdStrike win/malicious_confidence_100% (W)
BitDefenderTheta Clean
VirIT Clean
Symantec ML.Attribute.HighConfidence
Elastic malicious (high confidence)
ESET-NOD32 a variant of Win32/Kryptik.HVDO
Cynet Malicious (score: 100)
APEX Malicious
Paloalto Clean
ClamAV Clean
Kaspersky HEUR:Trojan.Win32.Agent.gen
BitDefender Trojan.GenericKDZ.103964
NANO-Antivirus Clean
SUPERAntiSpyware Clean
Avast Win32:BootkitX-gen [Rtk]
Tencent Trojan.Win32.Obfuscated.gen
TACHYON Clean
Emsisoft Trojan.GenericKDZ.103964 (B)
Baidu Clean
F-Secure Trojan.TR/AD.SmokeLoader.dzpvp
DrWeb Clean
VIPRE Trojan.GenericKDZ.103964
TrendMicro TROJ_GEN.R002C0XK323
Trapmine malicious.high.ml.score
CMC Clean
Sophos Troj/Krypt-VK
Ikarus Trojan-Ransom.StopCrypt
Jiangmin Clean
Webroot Clean
Varist W32/Kryptik.KZU.gen!Eldorado
Avira TR/AD.SmokeLoader.dzpvp
Antiy-AVL Trojan/Win32.Kryptik
Kingsoft malware.kb.a.997
Microsoft Trojan:Win32/Stealc.RPX!MTB
Gridinsoft Ransom.Win32.Wacatac.sa
Xcitium Clean
Arcabit Trojan.Generic.D1961C
ViRobot Clean
ZoneAlarm HEUR:Trojan.Win32.Agent.gen
GData Win32.Trojan.PSE.6XRZ0Y
Google Detected
AhnLab-V3 Trojan/Win.Stealc.R620629
Acronis suspicious
VBA32 Clean
ALYac Trojan.GenericKDZ.103964
MAX malware (ai score=87)
Malwarebytes Trojan.MalPack.GS
Panda Trj/Genetic.gen
Zoner Clean
TrendMicro-HouseCall TROJ_GEN.R002C0XK323
Rising Trojan.Generic@AI.99 (RDML:RoWWV7bXtMn5/8n9LulBvg)
Yandex Clean
SentinelOne Static AI - Suspicious PE
MaxSecure Trojan.Malware.300983.susgen
Fortinet W32/Kryptik.HVDO!tr
AVG Win32:BootkitX-gen [Rtk]
Cybereason malicious.138e88
DeepInstinct MALICIOUS
No IRMA results available.