Static | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
09.22 04:09
2.exe
09.21 02:09
random.exe
09.21 02:09
sdhsfd.exe
09.21 02:09
66edb89bc4073_crypted....
09.21 02:09
66ed33772bbe7_vdfhsjf1...
09.21 02:09
game.exe
09.21 02:09
66ebb3bf78bd6_Send.exe...
09.21 02:09
66ed33717e4c1_vfdshfda...
09.21 02:09
random.exe
09.21 02:09
66ed336eac985_vdfhssfd...

Latest News
09.22 12:09
[PASCON 2024-리뷰] 굿모닝아이...
09.22 12:09
[PASCON 2024-강연] 박나룡 소...
09.22 12:09
2024-09-19 - File down...
09.22 11:09
The Surprising Effects...
09.22 10:09
두리코스 댕기머리, 중국인 300만 명이...
09.22 09:09
Announcing SecTemplate...
09.22 08:09
When Raw Network Socke...
09.22 08:09
Biden Administration t...
09.22 08:09
IT Sicherheitsnews tae...
09.22 07:09
September 22, 2024

Static | ZeroBOX

PE Compile Time

2022-04-01 04:25:34

PE Imphash

57d6e7112c8e716cfe2eb0ff9f36763c

Sections

Name	Virtual Address	Virtual Size	Size of Raw Data	Entropy
.text	0x00001000	0x00000295	0x00000400	3.84034019821
.rdata	0x00002000	0x00000298	0x00000400	3.20681398243
.data	0x00003000	0x00001229	0x00001400	1.30636244737
.reloc	0x00005000	0x00000038	0x00000200	0.838023236011

Imports

Library KERNEL32.dll:

• 0x10002000 CloseHandle

• 0x10002004 ReleaseSemaphore

• 0x10002008 WaitForSingleObject

• 0x1000200c CreateEventA

• 0x10002010 OpenEventA

• 0x10002014 ExitThread

• 0x10002018 ResumeThread

• 0x1000201c CreateProcessA

• 0x10002020 GetThreadContext

• 0x10002024 SetThreadContext

• 0x10002028 VirtualAllocEx

• 0x1000202c WriteProcessMemory

• 0x10002030 CreateSemaphoreA

!This program cannot be run in DOS mode.

`.rdata

@.data

.reloc

.text$mn

.idata$5

.rdata

.rdata$voltmd

.rdata$zzzdbg

.idata$2

.idata$3

.idata$4

.idata$6

CloseHandle

ReleaseSemaphore

WaitForSingleObject

CreateEventA

OpenEventA

ExitThread

ResumeThread

CreateProcessA

GetThreadContext

SetThreadContext

VirtualAllocEx

WriteProcessMemory

CreateSemaphoreA

KERNEL32.dll

D$$[[aYZQ

hwiniThLw&

Mozilla/5.0 (Macintosh; Intel Mac OS X 12_2_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.2 Safari/605.1.15

/r0YP8_HZj6Xh9eD0h471LAg3P8LpTQjBwuoVU2_qOmLbrRhD7dzVzwh4X1zqWkGpdfKoeGcDyWqM5Vj7W_USDDh

SSSWSVh

_SSSSVh-

89.197.154.116

Local\sG0IAOAuYzZ39zmw1sFf

Local\8UhbsUKMBV2N6quwUh5W

rundll32.exe

1"1<1F1P1Z1b1

2&292@2N2

Antivirus	Signature
Bkav	W32.AIDetectMalware
Lionic	Clean
tehtris	Clean
ClamAV	Clean
CMC	Clean
CAT-QuickHeal	Trojan.GenericRI.S28877354
Skyhigh	BehavesLike.Win32.Generic.xz
McAfee	Trojan-FTFU!D5F8785AEDCA
Cylance	Unsafe
Zillya	Trojan.Inject.Win32.318161
Sangfor	Suspicious.Win32.Save.a
K7AntiVirus	Trojan ( 005aac371 )
Alibaba	Clean
K7GW	Trojan ( 005aac371 )
Cybereason	Clean
Baidu	Clean
VirIT	Clean
Paloalto	Clean
Symantec	ML.Attribute.HighConfidence
Elastic	Windows.Trojan.Metasploit
ESET-NOD32	a variant of Win32/Inject.NJV
APEX	Malicious
Avast	Win32:MsfShell-C [Trj]
Cynet	Malicious (score: 100)
Kaspersky	HEUR:Trojan.Win32.Generic
BitDefender	Generic.ShellCode.Marte.3.C129BEF3
NANO-Antivirus	Trojan.Win32.Inject4.jozwdf
ViRobot	Clean
MicroWorld-eScan	Generic.ShellCode.Marte.3.C129BEF3
Tencent	Clean
TACHYON	Trojan/W32.Invader.8704
Sophos	ATK/FatRat-J
F-Secure	Trojan:W32/Payload.A
DrWeb	Trojan.Inject4.30337
VIPRE	Generic.ShellCode.Marte.3.C129BEF3
TrendMicro	TROJ_SWRORT.SMDSA
McAfeeD	ti!F83BEE2E9D7C
Trapmine	malicious.high.ml.score
FireEye	Generic.mg.d5f8785aedca631c
Emsisoft	Generic.ShellCode.Marte.3.C129BEF3 (B)
SentinelOne	Static AI - Malicious PE
GData	Win32.Trojan.PSE.M9A40B
Jiangmin	Trojan.Generic.hherp
Webroot	W32.Trojan.Gen
Varist	W32/Trojan.IIF.gen!Eldorado
Avira	TR/Hijacker.Gen
Antiy-AVL	Trojan/Win32.Invader
Kingsoft	Clean
Gridinsoft	Clean
Xcitium	Clean
Arcabit	Generic.ShellCode.Marte.3.C129BEF3
SUPERAntiSpyware	Clean
ZoneAlarm	HEUR:Trojan.Win32.Generic
Microsoft	Trojan:Win32/Meterpreter.RPZ!MTB
Google	Detected
AhnLab-V3	Trojan/Win.Generic.R439046
Acronis	Clean
BitDefenderTheta	Gen:NN.ZedlaF.36808.aq4@aS5O3Di
MAX	malware (ai score=87)
VBA32	BScope.Trojan.Invader
Malwarebytes	Generic.Malware.AI.DDS
Panda	Trj/Genetic.gen
Zoner	Clean
TrendMicro-HouseCall	TROJ_SWRORT.SMDSA
Rising	Backdoor.CobaltStrike!1.DEDE (RDMK:cmRtazqdEd61r1DVnUxSEel0s0TY)
Yandex	Trojan.Agent!qMd20PDGUj4
Ikarus	Trojan.Win32.Inject
MaxSecure	Trojan.Malware.7164915.susgen
Fortinet	W32/Inject.NJV!tr
AVG	Win32:MsfShell-C [Trj]
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_100% (D)
alibabacloud	Trojan:Win/Rozena.3319d6a6

No IRMA results available.