popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2024-06-05 06:57:50

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x000011d8 0x00001200 5.45355251384
.rsrc 0x00004000 0x00000586 0x00000600 4.00147547386
.reloc 0x00006000 0x0000000c 0x00000200 0.0815394123432

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x00004090 0x000002fc LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_MANIFEST 0x0000439c 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x4031d0 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
v4.0.30319
#Strings
<>9__0_0
<>1__state
<>t__builder
<>u__1
get_GetStream
get_GetBuffers
<Main>
.cctor
<Main>b__0_0
MoveNext
SetStateMachine
Create
get_Task
set_KeySize
FromBase64String
set_Key
set_IV
get_Key
get_IV
CreateDecryptor
CopyTo
Dispose
ToArray
GetTypes
InvokeMember
GetByteArrayAsync
get_Result
GetAwaiter
GetResult
get_IsCompleted
AwaitUnsafeOnCompleted
SetException
SetResult
Feed.exe
stateMachine
GetStream
GetBuffers
<Module>
Program
Eshzxy
<Main>d__0
System.Threading.Tasks
AsyncTaskMethodBuilder
System.Runtime.CompilerServices
MemoryStream
System.IO
System.Security.Cryptography
SymmetricAlgorithm
Convert
System
ICryptoTransform
CryptoStream
Stream
IDisposable
Assembly
System.Reflection
Object
HttpClient
System.Net.Http
Task`1
TaskAwaiter
Action
ValueType
IAsyncStateMachine
Exception
AsyncStateMachineAttribute
CompilationRelaxationsAttribute
RuntimeCompatibilityAttribute
DebuggableAttribute
System.Diagnostics
AssemblyTitleAttribute
AssemblyDescriptionAttribute
AssemblyConfigurationAttribute
AssemblyCompanyAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyTrademarkAttribute
GuidAttribute
System.Runtime.InteropServices
AssemblyFileVersionAttribute
TargetFrameworkAttribute
System.Runtime.Versioning
ComVisibleAttribute
CompilerGeneratedAttribute
DebuggerHiddenAttribute
CryptoStreamMode
BindingFlags
Binder
DebuggingModes
mscorlib
Eshzxy.Program+<Main>d__0
WrapNonExceptionThrows
Copyright
2018
$5abe5414-cc55-4784-8d88-3a7520495a9e
1.0.0.0
.NETFramework,Version=v4.6
FrameworkDisplayName
.NET Framework 4.6
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
Fy6wG/ExvYWWQG0OL84mP0mqeb1/dFEwAkZnr4wAjMk=
3ZwzDkZ2iXAbYaEW9n5dUQ==
CalculateInterceptor
https://www1.militarydefensenow.com/Stay/Vdopcuygit.vdf
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
FileVersion
1.0.0.0
InternalName
Feed.exe
LegalCopyright
Copyright
2018
LegalTrademarks
OriginalFilename
Feed.exe
ProductName
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0
Antivirus Signature
Bkav W32.AIDetectMalware.CS
Lionic Trojan.Win32.Blocker.V!c
Elastic malicious (high confidence)
ClamAV Clean
CMC Clean
CAT-QuickHeal Clean
Skyhigh Artemis!Trojan
McAfee Artemis!E0354350B177
Cylance Unsafe
Zillya Trojan.Blocker.Win32.166019
Sangfor Downloader.Msil.Blocker.Vi0r
K7AntiVirus Trojan-Downloader ( 005b40de1 )
Alibaba Ransom:MSIL/Blocker.134704be
K7GW Trojan-Downloader ( 005b40de1 )
Cybereason Clean
Baidu Clean
Symantec ML.Attribute.HighConfidence
tehtris Clean
ESET-NOD32 a variant of MSIL/TrojanDownloader.Agent.QOL
APEX Malicious
Avast Win32:DropperX-gen [Drp]
Cynet Clean
Kaspersky HEUR:Trojan-Ransom.MSIL.Blocker.gen
BitDefender Trojan.GenericKD.73028396
NANO-Antivirus Clean
ViRobot Clean
MicroWorld-eScan Trojan.GenericKD.73028396
Tencent Malware.Win32.Gencirc.10bffd39
Sophos Mal/Generic-S
F-Secure Trojan.TR/Dldr.Agent.gprfd
DrWeb Clean
VIPRE Trojan.GenericKD.73028396
TrendMicro Clean
McAfeeD Real Protect-LS!E0354350B177
Trapmine Clean
FireEye Trojan.GenericKD.73028396
Emsisoft Trojan.GenericKD.73028396 (B)
Paloalto generic.ml
GData Win32.Trojan.Agent.9CGW8Q
Jiangmin Clean
Webroot W32.Malware.Gen
Varist W32/ABRisk.FRCT-5681
Avira TR/Dldr.Agent.gprfd
MAX malware (ai score=82)
Antiy-AVL Trojan/Win32.Wacatac
Kingsoft MSIL.Trojan-Ransom.Blocker.gen
Gridinsoft Clean
Xcitium Clean
Arcabit Trojan.Generic.D45A532C
SUPERAntiSpyware Clean
ZoneAlarm HEUR:Trojan-Ransom.MSIL.Blocker.gen
Microsoft Trojan:MSIL/PureLog.RDG!MTB
Google Detected
AhnLab-V3 Dropper/Win.DropperX-gen.C5630376
Acronis Clean
ALYac Trojan.GenericKD.73028396
TACHYON Clean
VBA32 TScope.Trojan.MSIL
Malwarebytes Trojan.Downloader.MSIL
Panda Trj/Chgt.AD
Zoner Clean
TrendMicro-HouseCall Clean
Rising Malware.Obfus/MSIL@AI.88 (RDM.MSIL2:udsDB7Xt8XFpqGsFC3fotg)
Yandex Clean
Ikarus Trojan-Downloader.MSIL.Agent
MaxSecure Trojan.Malware.73689294.susgen
Fortinet MSIL/Agent.PVH!tr
BitDefenderTheta Gen:NN.ZemsilF.36806.am0@amBOBtj
AVG Win32:DropperX-gen [Drp]
DeepInstinct MALICIOUS
alibabacloud Ransomware:MSIL/Blocker.gyf
No IRMA results available.