popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2024-06-12 16:51:26

PE Imphash

6859c1fbd5011b39e2b3c5ccd6eda491

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
UPX0 0x00001000 0x00009000 0x00000000 0.0
UPX1 0x0000a000 0x00005000 0x00005000 7.89877446968
UPX2 0x0000f000 0x00001000 0x00000200 1.92287693271

Imports

Library KERNEL32.DLL:
0x1000f028 LoadLibraryA
0x1000f02c GetProcAddress
0x1000f030 VirtualProtect

Exports

Ordinal Address Name
1 0x10001000 _RunMain@0
!This program cannot be run in DOS mode.
I=Gl(M
cW@OE
GOvMlu3
O6 E?0:
GSr\}Qk>!
mW>8.n%,
cQ+^58
W,=Z0)R
Xb.{Vt
#|i?X0
zAA& yC
>&3s?Q
8==!=%
ee],%4
z1peKQ
iXqE2"N[
3M=)mo?
^\AR~4
=AwFRb
=Vhq(n
u@3eamp
n.-f9A
bcWZ<f
2m6Z!_
h)r)#t\
23~fkB
w*78ms
']4f'!
'1lXo.d
F:Jmr+3
g;-iC|
\G@xRnN"\
!d2=xN
y{=Jvr
[lsM}G
0/cXM
A]naKz
t$t#t$l
D$t#D$h
D$t+D$\
.)D$H)
s`)L$4
D$t+D$\
)D$H)
9l$\w_
XPTPSW
KERNEL32.DLL
GetProcAddress
LoadLibraryA
VirtualProtect
DLL.dll
_RunMain@0
GlobalSign nv-sa1
Root CA1
GlobalSign Root CA0
110413100000Z
280128120000Z0R1
GlobalSign nv-sa1(0&
GlobalSign Timestamping CA - G20
&https://www.globalsign.com/repository/03
"http://crl.globalsign.net/root.crl0
GlobalSign nv-sa1
Root CA1
GlobalSign Root CA0
091118100000Z
190318100000Z0L1 0
GlobalSign Root CA - R31
GlobalSign1
GlobalSign0
%http://www.globalsign.net/repository/03
"http://crl.globalsign.net/root.crl0O
3http://ocsp.globalsign.com/ExtendedSSLSHA256CACross0
y]e 5DZO
&&AMR
GlobalSign Root CA - R31
GlobalSign1
GlobalSign0
160615000000Z
240615000000Z0Z1
GlobalSign nv-sa100.
'GlobalSign CodeSigning CA - SHA256 - G30
<paX7
"http://ocsp2.globalsign.com/rootr306
%http://crl.globalsign.com/root-r3.crl0c
&https://www.globalsign.com/repository/0
JEe-MI
GlobalSign nv-sa1(0&
GlobalSign Timestamping CA - G20
160524000000Z
270624000000Z0`1
GMO GlobalSign Pte Ltd100.
'GlobalSign TSA for MS Authenticode - G20
1R(n]@r<
&https://www.globalsign.com/repository/0
1http://crl.globalsign.com/gs/gstimestampingg2.crl0T
8http://secure.globalsign.com/cacert/gstimestampingg2.crt0
GlobalSign nv-sa100.
'GlobalSign CodeSigning CA - SHA256 - G30
160902082658Z
180903082658Z0o1
New Taipei1
New Taipei1
Acer Incorporated1
Acer Incorporated0
<http://secure.globalsign.com/cacert/gscodesignsha2g3ocsp.crt08
,http://ocsp2.globalsign.com/gscodesignsha2g30V
&https://www.globalsign.com/repository/0
.http://crl.globalsign.com/gscodesignsha2g3.crl0
I[X{D!@&
Washington1
Redmond1
Microsoft Corporation1)0'
Microsoft Code Verification Root0
110415195508Z
210415200508Z0W1
GlobalSign nv-sa1
Root CA1
GlobalSign Root CA0
Dhttp://crl.microsoft.com/pki/crl/products/MicrosoftCodeVerifRoot.crl0
|_hdM6
GlobalSign nv-sa100.
'GlobalSign CodeSigning CA - SHA256 - G3
GlobalSign nv-sa1(0&
GlobalSign Timestamping CA - G2
180820104543Z0#
GlobalSign nv-sa1(0&
GlobalSign Timestamping CA - G2
Antivirus Signature
Bkav W32.AIDetectMalware
Lionic Trojan.Win32.ShellcodeRunner.4!c
tehtris Clean
ClamAV Clean
CMC Clean
CAT-QuickHeal Trojan.Agent
Skyhigh Artemis!Trojan
ALYac Gen:Variant.Midie.150472
Cylance Unsafe
Zillya Clean
Sangfor Clean
K7AntiVirus Trojan ( 005b71741 )
Alibaba Trojan:Win32/ShellcodeRunner.95b09d7a
K7GW Trojan ( 005b71741 )
Cybereason Clean
Baidu Clean
VirIT Clean
Symantec Trojan.Gen.MBT
Elastic malicious (moderate confidence)
ESET-NOD32 Win32/ShellcodeRunner.KP
APEX Malicious
Avast Win32:MalwareX-gen [Trj]
Cynet Malicious (score: 100)
Kaspersky Clean
BitDefender Gen:Variant.Midie.150472
NANO-Antivirus Trojan.Win32.Redcap.koswrj
ViRobot Clean
MicroWorld-eScan Gen:Variant.Midie.150472
Tencent Clean
Sophos Mal/Generic-S
F-Secure Trojan.TR/Redcap.rseke
DrWeb Clean
VIPRE Gen:Variant.Midie.150472
TrendMicro Clean
McAfeeD ti!7C4E83E6E933
Trapmine Clean
FireEye Gen:Variant.Midie.150472
Emsisoft Gen:Variant.Midie.150472 (B)
Paloalto generic.ml
GData Gen:Variant.Midie.150472
Jiangmin Clean
Webroot Clean
Varist Clean
Avira TR/Redcap.rseke
MAX malware (ai score=80)
Antiy-AVL Trojan/Win32.ShellcodeRunner
Kingsoft Win32.Troj.ShellcodeRun.KP
Gridinsoft Trojan.Win32.Gen.sa
Xcitium Clean
Arcabit Trojan.Midie.D24BC8
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft Trojan:Win32/Casdet!rfn
Google Detected
AhnLab-V3 Clean
Acronis Clean
McAfee Artemis!B3623C2FF1B7
TACHYON Clean
VBA32 Clean
Malwarebytes Clean
Panda Trj/Chgt.AD
Zoner Clean
TrendMicro-HouseCall TROJ_GEN.R002H09FO24
Rising Trojan.ShellcodeRunner!8.6166 (CLOUD)
Yandex Clean
Ikarus Trojan.Win32.Shellcoderunner
MaxSecure Clean
Fortinet Clean
BitDefenderTheta Gen:NN.ZedlaF.36808.bmQfa8SHlrm
AVG Win32:MalwareX-gen [Trj]
DeepInstinct MALICIOUS
CrowdStrike win/malicious_confidence_70% (W)
alibabacloud Trojan:Win/ShellcodeRunner.KX
No IRMA results available.