popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2024-06-04 06:54:40

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x00000c5c 0x00000e00 4.99976925247
.rsrc 0x00004000 0x000005f6 0x00000600 4.16860756559
.reloc 0x00006000 0x0000000c 0x00000200 0.0815394123432

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x00004090 0x0000036c LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_MANIFEST 0x0000440c 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402c54 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
v4.0.30319
#Strings
Auto Parts Invoice
GetAssembly
Fkewgf
GetByteArrayAsync
get_Result
get_ASCII
get_Item
GetString
Substring
ToByte
get_Length
ToArray
get_Count
GetTypes
ToList
GetEnumerator
get_Current
InvokeMember
MoveNext
Dispose
Auto Parts Invoice.exe
assembly
<Module>
Program
Kqnwauhxe
List`1
System.Collections.Generic
HttpClient
System.Net.Http
Task`1
System.Threading.Tasks
Encoding
System.Text
Convert
System
Assembly
System.Reflection
Object
Enumerable
System.Linq
Enumerator
IDisposable
CompilationRelaxationsAttribute
System.Runtime.CompilerServices
RuntimeCompatibilityAttribute
DebuggableAttribute
System.Diagnostics
AssemblyTitleAttribute
AssemblyDescriptionAttribute
AssemblyConfigurationAttribute
AssemblyCompanyAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyTrademarkAttribute
GuidAttribute
System.Runtime.InteropServices
AssemblyFileVersionAttribute
TargetFrameworkAttribute
System.Runtime.Versioning
ComVisibleAttribute
String
IEnumerable`1
BindingFlags
Binder
DebuggingModes
mscorlib
System.Core
WrapNonExceptionThrows
Auto Parts Invoice
Auto Parts Invoice
Copyright
2015
$67bdf55d-01c4-4d60-966f-d0d9c73d1663
1.0.0.0
.NETFramework,Version=v4.6
FrameworkDisplayName
.NET Framework 4.6
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
https://theloftibiza.com/wp-includes/Eofmqlm.vdf
DisableStruct
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
Auto Parts Invoice
FileVersion
1.0.0.0
InternalName
Auto Parts Invoice.exe
LegalCopyright
Copyright
2015
LegalTrademarks
OriginalFilename
Auto Parts Invoice.exe
ProductName
Auto Parts Invoice
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0
Antivirus Signature
Bkav W32.Common.E1564D06
Lionic Trojan.Win32.Blocker.V!c
Elastic malicious (high confidence)
ClamAV Clean
CMC Clean
CAT-QuickHeal Clean
Skyhigh Artemis!Trojan
McAfee Artemis!6293F7A0A604
Cylance Unsafe
Zillya Clean
Sangfor Downloader.Msil.Agent.Vz7m
K7AntiVirus Clean
Alibaba Clean
K7GW Clean
Cybereason Clean
Baidu Clean
VirIT Trojan.Win32.MSIL_Heur.A
Paloalto generic.ml
Symantec MSIL.Downloader!gen7
tehtris Clean
ESET-NOD32 a variant of MSIL/TrojanDownloader.Agent.QUK
APEX Malicious
Avast Win32:PWSX-gen [Trj]
Cynet Clean
Kaspersky HEUR:Trojan-Ransom.MSIL.Blocker.gen
BitDefender Trojan.GenericKD.73003278
NANO-Antivirus Clean
ViRobot Clean
MicroWorld-eScan Trojan.GenericKD.73003278
TACHYON Clean
Sophos Mal/Generic-S
F-Secure Clean
DrWeb Clean
VIPRE Trojan.GenericKD.73003278
TrendMicro Trojan.MSIL.FRS.VSNW04F24
McAfeeD ti!DA109106B97B
Trapmine Clean
FireEye Trojan.GenericKD.73003278
Emsisoft Trojan.GenericKD.73003278 (B)
SentinelOne Static AI - Suspicious PE
GData Trojan.GenericKD.73003278
Jiangmin Clean
Webroot W32.Trojan.GenKD
Varist W32/ABRisk.SFUL-7962
Avira Clean
Antiy-AVL Trojan[Ransom]/MSIL.Blocker
Kingsoft MSIL.Trojan-Ransom.Blocker.gen
Gridinsoft Clean
Xcitium Clean
Arcabit Trojan.Generic.D459F10E
SUPERAntiSpyware Clean
ZoneAlarm HEUR:Trojan-Ransom.MSIL.Blocker.gen
Microsoft Trojan:Win32/Leonem
Google Detected
AhnLab-V3 Malware/Win.Generic.C5630007
Acronis Clean
BitDefenderTheta Gen:NN.ZemsilF.36806.am0@autp2yc
MAX malware (ai score=80)
VBA32 Clean
Malwarebytes Trojan.Downloader.MSIL
Panda Trj/Chgt.AD
Zoner Clean
TrendMicro-HouseCall Trojan.MSIL.FRS.VSNW04F24
Tencent Clean
Yandex Clean
Ikarus Trojan-Downloader.MSIL.Agent
MaxSecure Clean
Fortinet MSIL/Agent_AGen.BJG!tr.dldr
AVG Win32:PWSX-gen [Trj]
DeepInstinct MALICIOUS
alibabacloud Ransomware:MSIL/Leonem.Gen
No IRMA results available.