popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

1970-01-01 09:00:00

PE Imphash

cd8364932f1dd33abd2e1510015f9238

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x00001278 0x00001400 5.11976155253
.data 0x00003000 0x00000a00 0x00000a00 4.32923180958
.pdata 0x00004000 0x0000003c 0x00000200 0.523381499035

Imports

Library msvcrt.dll:
0x4037cc atoi
0x4037d4 strlen
0x4037dc malloc
0x4037e4 sscanf
0x4037ec clock
0x4037f4 printf
0x4037fc memset
0x403804 strcpy
0x40380c strcat
0x403814 memmove
0x40381c __set_app_type
0x403824 _controlfp
0x40382c __argc
0x403834 __argv
0x40383c _environ
0x403844 __getmainargs
0x40384c exit
Library kernel32.dll:
0x40385c Sleep
0x403864 VirtualAlloc
!This program cannot be run in DOS mode.
`.data
.pdata
9580202c485fbbc503ef04f00add3666236a47647ca8d0bd0c020168bc2208000193c1b182f9e1a190aa381ab9194
a9bf00d0d3109845a92c4fb05962bad1447293c21472ff612018f50050506e95
44772588044340240445e47443404644db58bb0dc7d0e44c331
c3687666673543a4730a3845a98f0bb0452cf440f420870033028021cb
b00b9d8c46c0110071cd1081112158a1097851b3
c39c3e83ffc95e7449b19ebdbed1e754c2299d08751005800048012f532562848080434064d54506f745085
5c44241408c180b4c8bfe6500666367374451c3bce3fc6da7493cc4058b01e9042b4033c0120c082b041611808180
8a997000911992eff008065c331cc25cfe0dc4b9362f56bfcc38a0521588d72605fee00338946801445d543443
844ddcf4d405246682c40c44885350e04f0c8e7f40ff183546726236448f28f5a5223a71
b2466354df4055b8c6503381
2b8c11c28801055148ec1dec6113111892ba0901fd049a99517faa5011070792e496e2e4fb742d87ad
37b37400043193680e784680ac54781e0a730845e
5564035945b4d5f0084ff208e522e0664772264545645aca56444
14c7ea6e65c6a07b00a54f8855223158f011855838c099b8939f967d0911ab84fa0
919faff4fe042031f3af0d0ef40529dc82bb89c5e1bb0a9cd9b50083a98b803ee544bcc407c4544
ed448585f6ef44eb45548d604b8fb8002ab7fa5b4633752
5462508623e661aa210ca1daf176a0454d4405c3341887192120b681
81404a8afe9f2158979d05000a8f15f1f69d2dba3545d3b475b30f4003a963dfb59144457222a
1a8915773020f4814305d07848c37210444f68ddbdbc873c45607
4f49c0f6eaeb9e077264325634004
d4c0dc3dbb1c021a6dec5bbb88bd4de33a00b2a8dd0b40841150cb1a8f5951afb19b1283a
055f2df0fe34edaec2eef9000e0daec73a3212d267e29fc90e4699198af858106e05544
4e6065f3ccd448558f74433f039ec38c004d450f0f
c9d1a8cc2636433273
500d17bf7b4571dcc223901
8fc44e41f077338802ba9126
870fb918b918
1bf4688a71df59093036fd2180f1bba92f2d5035e6b4e3d8
dad9629c41965660f338af100712210ff71c0684c0e814dc8005804441405345a04cd50c8639f3504ef788f989a462
6222322409eaf733d1b485582835c2
4d3004f9eccff008008d111188191d184101929011969006f286880e619008270eaa7e3
170809e1f5593384c8bcc7e
c715a2fded65800896935df00043c70444d5e4c70f6488c089ce96233321d9216c78ce40888f0
msvcrt.dll
strlen
malloc
sscanf
printf
memset
strcpy
strcat
memmove
__set_app_type
_controlfp
__argc
__argv
_environ
__getmainargs
kernel32.dll
VirtualAlloc
Antivirus Signature
Bkav W64.AIDetectMalware
Lionic Trojan.Win32.Meterpreter.4!c
Elastic malicious (high confidence)
ClamAV Clean
CMC Clean
CAT-QuickHeal Clean
Skyhigh Artemis!Trojan
ALYac Gen:Variant.Midie.147917
Cylance unsafe
Zillya Clean
Sangfor Trojan.Win64.Meterpreter.Vdci
K7AntiVirus Trojan ( 005b073f1 )
Alibaba Trojan:Win64/Shlem.8fbd4ef5
K7GW Trojan ( 005b073f1 )
Baidu Clean
VirIT Clean
Paloalto generic.ml
Symantec ML.Attribute.HighConfidence
tehtris Clean
ESET-NOD32 a variant of Win64/ShellcodeRunner.SG
APEX Clean
Avast Win64:MalwareX-gen [Trj]
Cynet Malicious (score: 100)
Kaspersky Trojan.Win64.Shlem.nef
BitDefender Gen:Variant.Midie.147917
NANO-Antivirus Clean
ViRobot Clean
MicroWorld-eScan Gen:Variant.Midie.147917
Tencent Trojan.Win32.Cobaltstrike.16001131
TACHYON Clean
Sophos Mal/Generic-S
F-Secure Trojan.TR/AD.MeterpreterSC.jdntv
DrWeb Clean
VIPRE Gen:Variant.Midie.147917
TrendMicro Backdoor.Win64.COBEACON.YXEEPZ
Trapmine Clean
FireEye Gen:Variant.Midie.147917
Emsisoft Gen:Variant.Midie.147917 (B)
SentinelOne Clean
GData Gen:Variant.Midie.147917
Jiangmin Clean
Webroot Clean
Varist W64/ABRisk.XUJJ-1492
Avira TR/AD.MeterpreterSC.jdntv
Antiy-AVL Trojan/Win64.ShellcodeRunner
Kingsoft Win32.Troj.Unknown.a
Gridinsoft Clean
Xcitium Clean
Arcabit Trojan.Midie.D241CD
SUPERAntiSpyware Clean
ZoneAlarm Trojan.Win64.Shlem.nef
Microsoft Trojan:Win64/Meterpreter.E
Google Detected
AhnLab-V3 Malware/Win.Generic.C5562030
Acronis Clean
McAfee Artemis!DA982330A3E8
MAX malware (ai score=80)
VBA32 Downloader.Win64.Tiny
Malwarebytes Trojan.ShellCode.Runner
Panda Trj/CI.A
Zoner Clean
TrendMicro-HouseCall Backdoor.Win64.COBEACON.YXEEPZ
Rising Trojan.Meterpreter!8.E532 (TFE:5:QuzYaJOyUdF)
Yandex Clean
Ikarus Trojan.Win64.Shellcoderunner
MaxSecure Clean
Fortinet Clean
BitDefenderTheta Clean
AVG Win64:MalwareX-gen [Trj]
DeepInstinct MALICIOUS
alibabacloud Trojan:Win/ShellcodeRunner.SU
No IRMA results available.