popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2024-06-28 06:39:49

PE Imphash

9d5b9d61589b83a7f2c3d41f757e8ae0

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x00025837 0x00025a00 6.64233703861
.BsS 0x00027000 0x00000e4d 0x00001000 6.05730169964
.rdata 0x00028000 0x0000b266 0x0000b400 5.04171213392
.data 0x00034000 0x000512f4 0x00050200 7.99164143052
.reloc 0x00086000 0x00001f34 0x00002000 6.51488247261

Imports

Library GDI32.dll:
0x428000 Polyline
Library USER32.dll:
0x42815c OffsetRect
Library KERNEL32.dll:
0x428008 CreateFileW
0x42800c HeapSize
0x428010 GetProcessHeap
0x428014 SetStdHandle
0x428018 WaitForSingleObject
0x42801c CreateThread
0x428020 VirtualAlloc
0x428024 CloseHandle
0x42802c GetCurrentThreadId
0x428030 GetExitCodeThread
0x428034 WideCharToMultiByte
0x428038 MultiByteToWideChar
0x42803c GetStringTypeW
0x42805c EncodePointer
0x428060 DecodePointer
0x428064 LCMapStringEx
0x42806c GetModuleHandleW
0x428070 GetProcAddress
0x428074 GetCPInfo
0x42807c GetCurrentProcessId
0x428080 InitializeSListHead
0x428084 IsDebuggerPresent
0x428090 GetStartupInfoW
0x428094 GetCurrentProcess
0x428098 TerminateProcess
0x4280a0 RaiseException
0x4280a4 RtlUnwind
0x4280a8 GetLastError
0x4280ac SetLastError
0x4280b4 TlsAlloc
0x4280b8 TlsGetValue
0x4280bc TlsSetValue
0x4280c0 TlsFree
0x4280c4 FreeLibrary
0x4280c8 LoadLibraryExW
0x4280cc ExitThread
0x4280d4 GetModuleHandleExW
0x4280d8 GetStdHandle
0x4280dc WriteFile
0x4280e0 GetModuleFileNameW
0x4280e4 ExitProcess
0x4280e8 GetCommandLineA
0x4280ec GetCommandLineW
0x4280f0 HeapAlloc
0x4280f4 HeapFree
0x4280f8 GetFileType
0x4280fc CompareStringW
0x428100 LCMapStringW
0x428104 GetLocaleInfoW
0x428108 IsValidLocale
0x42810c GetUserDefaultLCID
0x428110 EnumSystemLocalesW
0x428114 FlushFileBuffers
0x428118 GetConsoleOutputCP
0x42811c GetConsoleMode
0x428120 ReadFile
0x428124 GetFileSizeEx
0x428128 SetFilePointerEx
0x42812c ReadConsoleW
0x428130 HeapReAlloc
0x428134 FindClose
0x428138 FindFirstFileExW
0x42813c FindNextFileW
0x428140 IsValidCodePage
0x428144 GetACP
0x428148 GetOEMCP
0x428154 WriteConsoleW

Exports

Ordinal Address Name
1 0x427d10 IUAhsiuchniuohAIU
!This program cannot be run in DOS mode.
`.rdata
@.data
.reloc
GD$PPQR
PSUVWj
|SUVWj
@SUVW3
D$PSUV
D$$SUV
GD$@PQR
\$`PRQ
D$$SPV
D$HjLP
t$\WPh
\$TUVW
D$$j@P
\$TUVW
D$$j@P
D$8UPV
tG9uCj
tC97u?j4
PPPPPWS
QQSVWd
URPQQh
UQPXY]Y[
<ItC<Lt3<Tt#<h
A<lt'<tt
V +V4+
tb9^4~]
PRRRRR
PPPPPPPP
f-00f=
f-00f=
ARPRQh
jYjf
PVVVVV
PVVVVV
uSSSSj
SWt@jU
_tqPVj@
M,j"^QRRRRR
Vj0XPW
r!SSPVQ
dr#SSjdVQ
M$j"^QRRRRR
j"[VWWWW
j$h0(C
_PVVVVV
j"_SVVVV
PVVVVV
^PSSSSS
j"^WSSSS
WVVVVV
PVSRSQV
PPPPPVW
PP9E u!PPSVP
PVVVVV
PWWWWW
D8(Ht'
D8(Ht5F
L:-^_[
f9:t!V
QQSVj8j@
NX9^`t1
;V\uYW
u2Vj@h(
9C`u99C\t4
u29K\t-
^PQQQQQ
E ^PQQQQ
CY<u
f-00f=
f-00f=
PPPPPPPP
D$DSUV
SUVWj,
D$ SUVW3
4s,l4th
,e4",sh
L$0_^][3
Unknown exception
bad array new length
string too long
iostream
iostream stream error
bad cast
bad locale name
ios_base::badbit set
ios_base::failbit set
ios_base::eofbit set
Own head
Zatlat
0000000006:1@0000000005:@
1111111
Success created.
Success destroyed.
SELECT * FROM Customers
invalid string position
vector too long
bad allocation
device or resource busy
invalid argument
no such process
not enough memory
operation not permitted
resource deadlock would occur
resource unavailable try again
generic
success
address family not supported
address in use
address not available
already connected
argument list too long
argument out of domain
bad address
bad file descriptor
bad message
broken pipe
connection aborted
connection already in progress
connection refused
connection reset
cross device link
destination address required
directory not empty
executable format error
file exists
file too large
filename too long
function not supported
host unreachable
identifier removed
illegal byte sequence
inappropriate io control operation
interrupted
invalid seek
io error
is a directory
message size
network down
network reset
network unreachable
no buffer space
no child process
no link
no lock available
no message available
no message
no protocol option
no space on device
no stream resources
no such device or address
no such device
no such file or directory
not a directory
not a socket
not a stream
not connected
not supported
operation canceled
operation in progress
operation not supported
operation would block
owner dead
permission denied
protocol error
protocol not supported
read only file system
result out of range
state not recoverable
stream timeout
text file busy
timed out
too many files open in system
too many files open
too many links
too many symbolic link levels
value too large
wrong protocol type
unknown error
GetCurrentPackageId
GetSystemTimePreciseAsFileTime
GetTempPath2W
0123456789abcdefghijklmnopqrstuvwxyz
0123456789abcdefghijklmnopqrstuvwxyz
bad exception
__based(
__cdecl
__pascal
__stdcall
__thiscall
__fastcall
__vectorcall
__clrcall
__eabi
__swift_1
__swift_2
__swift_3
__ptr64
__restrict
__unaligned
restrict(
delete
operator
`vftable'
`vbtable'
`vcall'
`typeof'
`local static guard'
`string'
`vbase destructor'
`vector deleting destructor'
`default constructor closure'
`scalar deleting destructor'
`vector constructor iterator'
`vector destructor iterator'
`vector vbase constructor iterator'
`virtual displacement map'
`eh vector constructor iterator'
`eh vector destructor iterator'
`eh vector vbase constructor iterator'
`copy constructor closure'
`udt returning'
`local vftable'
`local vftable constructor closure'
new[]
delete[]
`omni callsig'
`placement delete closure'
`placement delete[] closure'
`managed vector constructor iterator'
`managed vector destructor iterator'
`eh vector copy constructor iterator'
`eh vector vbase copy constructor iterator'
`dynamic initializer for '
`dynamic atexit destructor for '
`vector copy constructor iterator'
`vector vbase copy constructor iterator'
`managed vector copy constructor iterator'
`local static thread guard'
operator ""
operator co_await
operator<=>
Type Descriptor'
Base Class Descriptor at (
Base Class Array'
Class Hierarchy Descriptor'
Complete Object Locator'
`anonymous namespace'
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
InitializeCriticalSectionEx
(null)
UUUUUU
?UUUUUU
UUUUUU
?UUUUUU
 !"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~
[aOni*{
~ $s%r
@b;zO]
v2!L.2
CorExitProcess
 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
Sunday
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
January
February
August
September
October
November
December
MM/dd/yy
dddd, MMMM dd, yyyy
HH:mm:ss
_hypot
_nextafter
NAN(SNAN)
nan(snan)
NAN(IND)
nan(ind)
AreFileApisANSI
CompareStringEx
EnumSystemLocalesEx
GetDateFormatEx
GetLocaleInfoEx
GetTimeFormatEx
GetUserDefaultLocaleName
IsValidLocaleName
LCMapStringEx
LCIDToLocaleName
LocaleNameToLCID
RoInitialize
RoUninitialize
AppPolicyGetProcessTerminationMethod
AppPolicyGetThreadInitializationType
?uZEeu
?uZEeu
1#QNAN
1#SNAN
UUUUUU
?UUUUUU
UUUUUU
?UUUUUU
?5Wg4p
%S#[k=
"B <1=
.text$di
.text$mn
.text$x
.text$yd
.BsS$x
.idata$5
.00cfg
.CRT$XCA
.CRT$XCAA
.CRT$XCC
.CRT$XCL
.CRT$XCZ
.CRT$XIA
.CRT$XIAA
.CRT$XIAC
.CRT$XIC
.CRT$XIZ
.CRT$XPA
.CRT$XPX
.CRT$XPXA
.CRT$XPZ
.CRT$XTA
.CRT$XTZ
.rdata
.rdata$r
.rdata$sxdata
.rdata$voltmd
.rdata$zzzdbg
.rtc$IAA
.rtc$IZZ
.rtc$TAA
.rtc$TZZ
.xdata$x
.edata
.idata$2
.idata$3
.idata$4
.idata$6
.data$r
.data$rs
output.exe
IUAhsiuchniuohAIU
Polyline
GDI32.dll
OffsetRect
USER32.dll
WaitForSingleObject
CreateThread
VirtualAlloc
CloseHandle
WaitForSingleObjectEx
GetCurrentThreadId
GetExitCodeThread
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
QueryPerformanceCounter
ReleaseSRWLockExclusive
WakeAllConditionVariable
EncodePointer
DecodePointer
LCMapStringEx
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
GetCPInfo
IsProcessorFeaturePresent
GetCurrentProcessId
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetCurrentProcess
TerminateProcess
KERNEL32.dll
RaiseException
RtlUnwind
GetLastError
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
GetStdHandle
WriteFile
GetModuleFileNameW
ExitProcess
GetCommandLineA
GetCommandLineW
HeapAlloc
HeapFree
GetFileType
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
ReadFile
GetFileSizeEx
SetFilePointerEx
ReadConsoleW
HeapReAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle
GetProcessHeap
HeapSize
CreateFileW
WriteConsoleW
)(+dhd
m0oiK-*
K}*myn
gG*X=a,
-.xVOJ
3cZ*juP
[Z)YxM"
B4*StpC
"CU]~k
slb&6wT
d^9dN6
s;&X}A
CrsgN^t
mm&IM!" pQ
)9VAaJ
K:!VjZ2E
P4TAX+
6Fl)MDK
JvjI:,
+:Y!dB
o!`P$4
(F([.7-
2cfiC\c?
f:vh3P'
`Bk7Fu|
0tN^/9
W&"#a+
"/He(t
N&CP5I
O[[tK.
e#$*/v
d/Yf\e"|0
*pSya:h
XPe-.I
O<~VPY
%hV;(-
E'M"f=
X8$2ky
:""Nl
fYY.s`
4glp&B'BU
M`G.q&m
FjW2V~
->?D&>
<&:++Q
9O"C2/
dDF-d*
HNrbo_B
bMW-e+
h_%:Qiv
-?`Z~M
O#3tLt
d?099N]qI]
OyvsU}
""?FRE
J,~w\
.(Vqm|)F
??Vj<>>
R"]86Y
EW,_,#
|6n@?
YFEVS)
9!LlWW
j4MpZv
_Z >d^
oq?ty
H_o5|8Y;if#/
LQoXSu
8>RA+|U
)hig;EG
by1`}&
N8Kf6L
KD=pAP
t7HLBAP
=r+H?c%X}
#:He}v
mJ^|@^
5W$rF2j`
$cC$?a6
%:=+q
6_qybk
.QG-UL
7S#+3Y
~<(9Y5
O1px 3Aj}~8
zM8-1V
i%UM2^
"6]:e6
TX?m?4G
|qqjMU
LJca=]k
Fs"cry
Nei,XW
2:D%!
6";Wrl
oB)`.3
,{V|W,
;eoN0,X
efo7]O
YN28<kp
P`;ga#
':REZn
br;z vE8
_"E(:by
9g/hXU
l>#:;<
qt0X9pp
P~;1\u
Gzs5ed~
]X*0)4G
bgSq:s
rr-B7h
+UAHN7
w- UwN
fg$$$
T]bI{c
~yT4%n%
f i5_<
y84Q<}
T/xY,O
dOF!Zo
/Z"@{
t^|Km8
u[JZ@<a
Uc`@|{
;:fP'Tl
8V30 .
jeNT-G
-M2;O]I
Ro@vq
oHe1Su
`Yh0n,S
O&RT]~y
S$"sZA
O&F{sI/
Q[NmP*
C<`9:`C
INx*h-W
Y$BG,Es
:}|g-Y
Hh*{Pb
_ myGjo.:
mASO3F
tUt?'k
lojB-g
k]yVh[fTd
OktRK
0#r_~s
Jw*dh4ze
!;~!V9
s8\ndv@
K1CJKF
[5v!/)
zNJ3z>
VI*?%g
j[{HsG
MC+6$Y
o~EA26g
;.]77;
Dk6Qx*
UM[9Or
1]pld7;
"4O?4&Wi
cp~v]J
=q84LTvZs~E
[QL;J
J./J;`
JmGwUH
k6)(7`
P>;{l+
AFOY+bI
!2 @P=
agFvU^
yVd6/*
h;o>&hw%]
b8cjO
cV<)]=2
-QT]=,+
7WSutY
Jza5\x
I]w)i=
MT*a1@
=q`6wF
}+Hl'E
E2j"O@G
t@R%}R
?),dB*
0|TOq$
2y%t:U
f7<GNcj
&nVdeD
l*1X-#
#<\A8_9SL
HfQ+f=
cGLnN=
YK0W{e
`(NIfdJ
qlI7rJ
}(GO}(7
E=x"yv
<$JmX0
OXg<f)N
rLD0Ja
N\%UaPZ
1{+)7l
2A){;Uq
n[>d*;
kO:VH?
fGL9?^
'Lut"G
@/.U#~
bA\(v@
.hx:ed
egi0/DTe0^
cPch;;7
Ct3 E8
}|F^5{j'
vA;Aj(6
dqx)[
mO;Gfl
?k{s5
.r?G!a
N>126HQ
EsdB6i
BUEhU!c{
Z%w(Q!4/
WaRa=+
g1ZmA
?Sghl/
z?|QO)
|z##e$
p@q.[fmN2h
8"OT(D
_;Zgj7
EYf3 1
e"(\.#_
:yEIC0
/zaE<U
8cI4]ks+
?F%Mx_
]>tVA{
L8K%FS
8-@=T?
H \{y^
p$|xf{
-l,@]q?
RL[w|b
gPuVUAd
UfI'W\
QG(BTh
+,GSsIN
'8ZigR
Oj'@;E
:F?x#Z"
lTqIvK
^v}5SS
|4 %M9
P"/(c}
Qg]SLo
^Ky9GD
aZdvD:w
,Mzw]o
Z"akqf
mpW8YW
SkIO&q_
fE.[H1
:L:N|%
1q*'vD
7Wi(BVW,
IiA"Uh
N0C,Td
'{xNf$G/E>
Gf0JnRu
^Ba`||
=G8KUp4
RLEG-l
0NQs byp
RbHoxR
YNZEkK
~.d(Tx
j_qr:~Z
\`y_y|
q_.1E<
x?!2Bt
ve)+|-
h!l.3b
:R6qjI
*l=lyC
F8n{Mc;
W43(uZi
(CMCvw
8\PP~TW
<j)E[k
BhHvk-
l({c\!s
;=#TCN
YeY;f6
3MQZ.BY
#mlE9?
gD'D&~
b173J?
T@1>pYz
pFT-!g
HV;uFW
H^`_||
"]v+bM)v
4ybZ6kqx|
l8DHa,
AU}Cw!(
q`7)\8\
j-)!Ss
|yi/C2"
,n07A(
;[5qIab
[BxKjF
~lTavyn
@[cV?1V
kXr7@b
+}HS-;
`n(0Fk
Z*q3UA
p[(SfS
ErU2aP{
{/v2iX
RGqn3i
I0'Nk@
2aQ D
IU#Ic,
5L$_3H
!LBx.6
'{*dn>Pj8&
&&hz`5
>Rh.Zd
iJ;q%TBs
7u&xY"Z
CLm(JL@
?YF]c2S
)lWP$!
L>&CfK
xGEeK)
uo*x_r
sc-+I}
ex=Z2C
cbm{WZ
~-eTyK
0Eo&"G
f5}519Cs
1K_6i-
CXH1Pbu
s/D-!2
pzcz>:
%D.|x
_+fY\p
y/c$QP
4]ytW.
mk =D9
/Kq)Ig
@tk!t<
-3rvo#
*l@%#i
Tq`rNj
m~~@~%
]8pi(G
kiV9Osx
U:!I,$
x$O=%
OVo#Bb
HdgU$4
?HP!aE
DK@Mqy
m3]#L}#
,%'71
]pyG2H
74}?R[
j_4|QB
(A7p@Y
9 y#p~<
kY NK>iKN
=k4Nb>vX
|cv,>t
PURnNY
BL#h1E
u59qR0
}H} z0.
`8HE9C
SG}|'*
sa8}8j
yF7YP;9
N60Xux
r8;[p3
}jNi0#{
7vD!qMU7
Q^*3"V
v-,nU*F2{
1_=oM:`2b;d_
?6QR!`
Xn~[Nv
tb01vH
*L6!SC6
i%BWpW
lbu)1P
70yNo(N
+]dsoq
Vk|&#y
Sem+oHu
6J=?V
QX*8G
>Q*-!v
C<~:>y
DFe^^sW
Wt:t'=
f|!9%J
Cs!d6[V
@q}D|+
@hcBNT
fO%+\yt+
+;U**bX
fJ^Gz'
5>6W0E
B,Ci++E=
n_c'%#
q<ZJT,
P:<N_D
]We9!s
=f=W^?
0t\UJ5?
YLUqYe
K}x37br
eB`ekR"
d0xuU!
*ks?7\
?u!W/&
%Qgs`}
DMB,S$
_Ap!>@
3RufMo
p<%eZW
fBY;UE
|y8W>Z
,R.Kn gD"
5#'H3L>Pc
j4V:Jl
g)x'"t.
4c$VHo
6ApMs4
Ci Ej2
*M!cvt
>r;o^m)
I=nW)9.
h*+wR_}
O,#"}~
EL3|}+y
epjBQ2
37mi3i
wLCZsPH
Ec;3xR
VdCk< +9
cPg%33l
&?kL#ve
,*N"A=
p02JvN
2E hb-
Y<E:kE;MH
Gnj+aX
2D[*%6
7+]A,cv
DVo[qf
UZsbJ.
]V&"+x
GV[RAt
4U/T=9
hDm7_EC
_'b=-@q
qj'9tR
}F |tp
c^N2'v
$!gX&_u
Vt',\6
gj4kY#
mu4,&ls
Vecg(5/
S%CKiz
IGEAb=) 1
9` `,'[
UWzT+7
`>0+_P
U_#]Zn
+wG?/[5L
-JNj \
U>m6?xD
k<m]j
H[|&mMGoAq
H8;mjN~
pLQ-76
DK'FTK
W7Xi'h$
%Ii~fK
A1hu'x
]Dzw{Z
[j*K0fBb$d
L\w<6xUp
l~x3{U
zK(.rn
(xQu0x
FQH+20
.dLlI}d
# cgsA
/:a:(
QD/=p9
{O8]&E
`w;\wi
IvGVm9
ZGO/2y
z(GTY3
NrvAGm
/M08#/
%@i6\h{
~kVqLZ
:;YXm;
L(vFHPl
]'!sDkL
$iY;`
WR5wl!
jjYl?|
HB ! "t
~:#y(<}
+nEI=a6
=#vd`P
n,!je%
<gL5IN
QK*6;F
@a]O`T
^R?8QJ
avt<79
@ B5=27
xP|H&{
~~|H&{
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
.?AVexception@std@@
.?AVbad_array_new_length@std@@
.?AVbad_alloc@std@@
.?AVruntime_error@std@@
.?AVsystem_error@std@@
.?AV_System_error@std@@
.?AVbad_cast@std@@
.?AVfailure@ios_base@std@@
.?AVlogic_error@std@@
.?AVlength_error@std@@
.?AVout_of_range@std@@
.?AVbad_exception@std@@
.?AVerror_category@std@@
.?AV_Iostream_error_category2@std@@
.?AV_Facet_base@std@@
.?AVfacet@locale@std@@
.?AU_Crt_new_delete@std@@
.?AUctype_base@std@@
.?AV?$ctype@D@std@@
.?AV?$ctype@_W@std@@
.?AV?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@
.?AV?$numpunct@D@std@@
.?AV_Generic_error_category@std@@
.?AV_Locimp@locale@std@@
.?AVios_base@std@@
.?AV?$_Iosb@H@std@@
.?AV?$basic_ios@DU?$char_traits@D@std@@@std@@
.?AV?$basic_streambuf@DU?$char_traits@D@std@@@std@@
.?AV?$basic_istream@DU?$char_traits@D@std@@@std@@
.?AV?$basic_filebuf@DU?$char_traits@D@std@@@std@@
.?AVcodecvt_base@std@@
.?AV?$codecvt@DDU_Mbstatet@@@std@@
.?AV?$basic_ostream@DU?$char_traits@D@std@@@std@@
.?AV?$basic_ios@_WU?$char_traits@_W@std@@@std@@
.?AV?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@
.?AV?$basic_ostream@_WU?$char_traits@_W@std@@@std@@
.?AV?$basic_filebuf@_WU?$char_traits@_W@std@@@std@@
.?AV?$codecvt@_WDU_Mbstatet@@@std@@
.?AVtype_info@@
0#03080B0X0l0p0z0
11)151?1I1Y1^1h1~1
464H4M6
4<4B4V4]4c4h4w4
6)6.6F6M6S6X6g6
<'<L<f<|<
>A?T?k?
2!2&2F2z2
5"6s6{6
7>7d819x9
::7:=:R:q:
:,;L;l;
=->E>X>m>}>
>-?>?E?M?c?
1'1B1M1
4J6n6x7
828O8p8
9?9L9d9
:7;T;a;z;
:7:C:_:v:';<;A;
<#<L<[<
=&=3=K=
o1U2e3
;[;p;~;
<1<A<G<N<U<{<
?0?6?f?t?
1(1-121S1X1e1
434:4@4R4\4
516;6D6
6:7D7M7V7k7t7
7H8W8`8m8
9&9/959H9
:-:7:X:
;/;4;G;a;~;
<"<(</<6<=<D<K<R<Y<a<i<q<}<
="=(=.=5=<=C=J=Q=X=_=g=o=w=
55$5(5,505
l1p1t1x1|1
3313>3`3
4,4:4@4[4
5'585D5
>4>:>a>
3!3:4A4j4
5,5W5a5
6"6,686=6B6]6g6s6x6}6
9::S:]:i:
1=2O2V2
2"383A3
838:8E8S8Z8`8{8
;8<P<.=/>
T1^1h1
3+3N3c3y3
;A;k;#>
9I;b;u;
<Z<i<r<
<-=6="?,?E?O?
0G1b1y1
4"444=4
5)5i5o5
<(=U=^=l=
#0.0m0
0B1M1U1`1f1q1w1
1 292>2W2h2m2
767=7\7
818F8V8c8
9)989Y9
3<4B4n4t4
656?6f6p6
9,989=9B9R9W9\9l9q9v9
:":':,:<:A:F:n:
;-;6;n;
==)=9=>=C=^=m=x=}=
>(>L>^>t>y>~>
2)242Z2e2w2
3$3J3U3g3u3
44p4u4z4
5%6`7r7Z8G:
?(?^?{?
0)1k1'2@2k2~2
2,3m3|3
6/6D7X7
7$8B8V8v8
=6>d>`?l?v?
1F4,5 6G6_6
8J9Q9X9_9y9
: :E:m:
<#===O=
>(>>>n>
2$2,2=2K2R2
676?6h6o6
8+8=8O8a8s8
<`>g>o>w>
7B7Y7y7
667_7t7
8 9*9~9
;9;q;@<t>
3A3H3O3r3
1.141I1n1
6%656F6
7.747I7n7
7:8P8`8
7D7h7s7
;c<i<n<u<
1A2M2a2m2y2
3/3?3K3Z3m4
545H5S5
6T6c6o6~6
6?7H7Q7Z7
4$4D4d4
7!7>7[7x7
4T5X5\5`5d5h5l5p5t5x5|5
<0<:<x<
=6=H=\=a=
d1p1t1x1|1
2$2(2,2024282d2h2l2p2t2x2
3 3$3(3,3034383<3@3D3H3L3P3T3X3\3`3d3h3l3p3t3x3|3
3\4`4d4h4l4p4t4x4|4
5 5$5(5,5054585<5@5D5H5L5
6 6$6(6,6
9$9,949<9D9L9T9\9d9l9t9|9
:$:,:4:<:D:L:T:\:d:l:t:|:
;$;,;4;<;D;L;
1 1$1(1,1014181<1@1D1H1L1P1T1X1\1`1d1h1l1p1t1x1|1
2 2$2(2,2024282<2@2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|2
5 5(50585@5H5P5X5`5h5p5x5
6 6(60686@6H6P6X6`6h6p6x6
7 7(70787@7H7P7X7`7h7p7x7
8 8(80888@8H8P8X8`8h8
8 8$8(8,8084888<8@8D8H8L8P8T8X8\8`8d8h8l8p8t8x8|8
9 9$9(9,9094989<9@9D9H9L9P9T9X9\9`9d9h9l9p9t9x9|9
=$=,=4=<=D=L=T=\=d=l=t=|=
>H?L?P?T?X?\?`?d?h?l?p?t?x?|?
=(>4>@>L>X>d>p>|>
?$?0?<?H?T?`?l?x?
0 0,080D0P0\0h0t0
1(181D1P1\1h1t1
2(242@2$<,<4<<<D<L<T<\<d<l<t<|<
=$=,=4=<=D=L=T=\=d=l=t=|=
>$>,>4><>D>L>T>\>d>l>t>|>
?$?,?4?<?D?L?T?\?d?l?t?|?
0$0,040<0D0L0T0\0d0l0t0|0
1$1,141<1D1L1T1\1d1l1t1|1
2$2,242<2D2L2T2\2d2l2t2|2
3$3,343<3@=H=P=X=`=h=p=x=
> >(>0>8>@>H>P>X>`>h>p>x>
? ?(?0?8?@?H?P?X?`?h?p?x?
0 0(00080@0H0P0X0`0h0p0x0
1 1(10181@1H1P1X1`1h1p1x1
2 2(20282@2H2P2X2`2h2p2x2
3 3(30383@3H3P3X3`3h3p3x3
4 4(40484@4H4P4X4
*0.02060
: :$:4:8:<:@:H:`:p:t:
;0;@;D;T;X;\;`;d;l;
<,<0<@<D<L<d<t<x<|<
=0=@=D=T=X=\=`=d=h=p=
> >8>H>L>\>`>d>h>l>t>
?,?<?@?P?T?X?\?d?|?
0(0,0<0@0D0H0L0T0l0|0
1,1014181@1X1h1l1|1
2,202H2X2\2l2p2t2|2
3,3<3@3P3T3X3\3`3h3
4(4,4<4@4D4H4L4T4l4p4
5,5<5@5P5T5\5t5
;,;P;\;d;
<,<4<X<d<l<
=<=`=l=t=
>$><>P>X>`>h>l>p>x>
? ?4?<?D?L?P?T?X?\?d?x?
0(00080@0D0L0X0x0
1D1P1p1|1
2(242T2`2
3 3(3,3<3`3l3t3
44484X4x4
585X5x5
6 6(646d6h6
7(7H7h7
8(8H8h8
9(9H9h9
3(383P3\3`3d3
3X6\6`6d6
< <@<`<|<
= =D=p=
kernel32.dll
Bapi-ms-win-core-fibers-l1-1-1
api-ms-win-core-synch-l1-2-0
kernel32
api-ms-
(null)
((((( H
((((( H
(
mscoree.dll
ALC_ALL
LC_COLLATE
LC_CTYPE
LC_MONETARY
LC_NUMERIC
LC_TIME
Sunday
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
January
February
August
September
October
November
December
MM/dd/yy
dddd, MMMM dd, yyyy
HH:mm:ss
Bapi-ms-win-core-datetime-l1-1-1
api-ms-win-core-file-l1-2-2
api-ms-win-core-localization-l1-2-1
api-ms-win-core-localization-obsolete-l1-2-0
api-ms-win-core-processthreads-l1-1-2
api-ms-win-core-string-l1-1-0
api-ms-win-core-sysinfo-l1-2-1
api-ms-win-core-winrt-l1-1-0
api-ms-win-core-xstate-l2-1-0
api-ms-win-rtcore-ntuser-window-l1-1-0
api-ms-win-security-systemfunctions-l1-1-0
ext-ms-win-ntuser-dialogbox-l1-1-0
ext-ms-win-ntuser-windowstation-l1-1-0
advapi32
api-ms-win-appmodel-runtime-l1-1-2
user32
api-ms-win-core-fibers-l1-1-0
ext-ms-
Bja-JP
american
american english
american-english
australian
belgian
canadian
chinese
chinese-hongkong
chinese-simplified
chinese-singapore
chinese-traditional
dutch-belgian
english-american
english-aus
english-belize
english-can
english-caribbean
english-ire
english-jamaica
english-nz
english-south africa
english-trinidad y tobago
english-uk
english-us
english-usa
french-belgian
french-canadian
french-luxembourg
french-swiss
german-austrian
german-lichtenstein
german-luxembourg
german-swiss
irish-english
italian-swiss
norwegian
norwegian-bokmal
norwegian-nynorsk
portuguese-brazilian
spanish-argentina
spanish-bolivia
spanish-chile
spanish-colombia
spanish-costa rica
spanish-dominican republic
spanish-ecuador
spanish-el salvador
spanish-guatemala
spanish-honduras
spanish-mexican
spanish-modern
spanish-nicaragua
spanish-panama
spanish-paraguay
spanish-peru
spanish-puerto rico
spanish-uruguay
spanish-venezuela
swedish-finland
america
britain
england
great britain
holland
hong-kong
new-zealand
pr china
pr-china
puerto-rico
slovak
south africa
south korea
south-africa
south-korea
trinidad & tobago
united-kingdom
united-states
zh-CHS
az-AZ-Latn
uz-UZ-Latn
kok-IN
syr-SY
div-MV
quz-BO
sr-SP-Latn
az-AZ-Cyrl
uz-UZ-Cyrl
quz-EC
sr-SP-Cyrl
quz-PE
smj-NO
bs-BA-Latn
smj-SE
sr-BA-Latn
sma-NO
sr-BA-Cyrl
sma-SE
sms-FI
smn-FI
zh-CHT
az-az-cyrl
az-az-latn
bs-ba-latn
div-mv
kok-in
quz-bo
quz-ec
quz-pe
sma-no
sma-se
smj-no
smj-se
smn-fi
sms-fi
sr-ba-cyrl
sr-ba-latn
sr-sp-cyrl
sr-sp-latn
syr-sy
uz-uz-cyrl
uz-uz-latn
zh-chs
zh-cht
CONOUT$
Antivirus Signature
Bkav W32.AIDetectMalware
Lionic Trojan.Win32.Locky.15!c
tehtris Clean
ClamAV Win.Keylogger.Lazy-10031941-0
CMC Clean
CAT-QuickHeal Trojanpws.Msil
Skyhigh BehavesLike.Win32.Generic.hc
ALYac Gen:Variant.Ser.Zusy.5124
Cylance Unsafe
Zillya Clean
Sangfor Trojan.Win32.Save.a
K7AntiVirus Trojan ( 005b74571 )
Alibaba Trojan:Win32/Kryptik.8c4e9b80
K7GW Trojan ( 005b74571 )
Cybereason Clean
Baidu Clean
VirIT Clean
Paloalto generic.ml
Symantec ML.Attribute.HighConfidence
Elastic malicious (high confidence)
ESET-NOD32 a variant of Win32/Kryptik.HXDB
APEX Malicious
Avast Win32:PWSX-gen [Trj]
Cynet Malicious (score: 100)
Kaspersky HEUR:Trojan-PSW.Win32.Reline.gen
BitDefender Gen:Variant.Ser.Zusy.5124
NANO-Antivirus Trojan.Win32.Packed2.kpclrj
ViRobot Clean
MicroWorld-eScan Gen:Variant.Ser.Zusy.5124
Tencent Win32.Trojan-QQPass.QQRob.Fkjl
TACHYON Clean
Sophos Mal/Krypt-E
F-Secure Trojan.TR/Crypt.Agent.ahopx
DrWeb Trojan.Packed2.47116
VIPRE Gen:Variant.Ser.Zusy.5124
TrendMicro Mal_Locky-1
McAfeeD Real Protect-LS!EFB9F7B4E670
Trapmine malicious.high.ml.score
FireEye Generic.mg.efb9f7b4e6703ad5
Emsisoft Gen:Variant.Ser.Zusy.5124 (B)
SentinelOne Static AI - Malicious PE
GData Gen:Variant.Ser.Zusy.5124
Jiangmin Clean
Webroot W32.Trojan.Agent.Gen
Varist W32/Kryptik.MJE.gen!Eldorado
Avira TR/Crypt.Agent.ahopx
Antiy-AVL Trojan[PSW]/MSIL.Convagent
Kingsoft Clean
Gridinsoft Trojan.Win32.Kryptik.sa
Xcitium Clean
Arcabit Trojan.Ser.Zusy.D1404
SUPERAntiSpyware Clean
ZoneAlarm HEUR:Trojan-PSW.Win32.Reline.gen
Microsoft Trojan:Win32/RedLine.MAZ!MTB
Google Detected
AhnLab-V3 Trojan/Win.Locky.R656787
Acronis Clean
McAfee Artemis!EFB9F7B4E670
MAX malware (ai score=88)
VBA32 BScope.TrojanPSW.MSIL.Convagent
Malwarebytes Trojan.Crypt
Panda Trj/GdSda.A
Zoner Clean
TrendMicro-HouseCall Mal_Locky-1
Rising Stealer.Convagent!8.1326D (TFE:5:niRPZnl53BP)
Yandex Clean
Ikarus Trojan.Win32.Crypt
MaxSecure Trojan.Malware.107509306.susgen
Fortinet W32/Kryptik.HXDB!tr
BitDefenderTheta AI:Packer.91929B8821
AVG Win32:PWSX-gen [Trj]
DeepInstinct MALICIOUS
CrowdStrike win/malicious_confidence_100% (D)
alibabacloud Trojan:Win/Kryptik.HD#J
No IRMA results available.