popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2023-04-28 03:13:14

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x00131080 0x00131200 5.85953051984
.rsrc 0x00134000 0x00000566 0x00000600 3.98378253282
.reloc 0x00136000 0x0000000c 0x00000200 0.0980041756627

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x0013405c 0x000002e4 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_MANIFEST 0x0013437c 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
+N+R+V.:
-2+U,.
Z+#+({
+$X )UU
Z+"+'{
+ +%u#
+!+&+++0
+3&*($
v4.0.30319
#Strings
TG-Source-2.exe
TG-Source-2
<Module>
<>f__AnonymousType0`2
mscorlib
Object
System
<Index>j__TPar
<Object>j__TPar
<>c__0`1
Mcbldoc
WindowsFormsApp49
PoweredByAttribute
SmartAssembly.Attributes
Attribute
<>9__0_0
Func`3
<>9__0_1
Func`2
<>9__0_2
ResourceManager
System.Resources
CultureInfo
System.Globalization
IEnumerable`1
System.Collections.Generic
.cctor
Culture
Mtjwogdbssjgd
Equals
GetHashCode
ToString
System.Core
ExtensionAttribute
System.Runtime.CompilerServices
CompilationRelaxationsAttribute
RuntimeCompatibilityAttribute
DebuggableAttribute
System.Diagnostics
DebuggingModes
AssemblyTitleAttribute
System.Reflection
AssemblyDescriptionAttribute
AssemblyConfigurationAttribute
AssemblyCompanyAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyTrademarkAttribute
GuidAttribute
System.Runtime.InteropServices
AssemblyFileVersionAttribute
TargetFrameworkAttribute
System.Runtime.Versioning
ComVisibleAttribute
CompilerGeneratedAttribute
GeneratedCodeAttribute
System.CodeDom.Compiler
DebuggerNonUserCodeAttribute
DebuggerBrowsableAttribute
DebuggerBrowsableState
DebuggerHiddenAttribute
EditorBrowsableAttribute
System.ComponentModel
EditorBrowsableState
.resources
EqualityComparer`1
get_Default
String
Format
IFormatProvider
Assembly
GetTypeFromHandle
RuntimeTypeHandle
Replace
GetMethod
MethodInfo
MethodBase
Invoke
Enumerable
System.Linq
Select
OrderByDescending
IOrderedEnumerable`1
get_Assembly
GetObject
Action
List`1
IEnumerator
System.Collections
MoveNext
IEnumerator`1
get_Current
IDisposable
Dispose
ToArray
GetEnumerator
Thread
System.Threading
GetDomain
AppDomain
Delegate
CreateDelegate
GetInvocationList
get_Method
Convert
FromBase64String
Encoding
System.Text
get_ASCII
GetString
WrapNonExceptionThrows
$c119d343-226b-4064-ab63-2cdeb1d9b142
1.0.0.0
.NETFramework,Version=v4.0
FrameworkDisplayName
.NET Framework 4
#Powered by SmartAssembly 8.1.2.4975
3System.Resources.Tools.StronglyTypedResourceBuilder
16.0.0.0
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADPf)
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+IAAAADAAOQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAALgAwAC4AMAAuADEAAABuAG8AaQBzAHIAZQBWACAAeQBsAGIAbQBlAHMAcwBBAAEACAA4AAAAMAAuADAALgAw
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
YdrOdrT
{{ Index = {0}, Object = {1} }}
GetExp ortedT ypes
Mtjwogdbssjgd
Gnxlooymdvujeynpkxvvhic
Mtjwogdbssjgd
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
FileVersion
1.0.0.0
InternalName
TG-Source-2.exe
LegalCopyright
LegalTrademarks
OriginalFilename
TG-Source-2.exe
ProductName
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0
Antivirus Signature
Bkav W32.AIDetectMalware.CS
Lionic Trojan.Win32.Injuke.16!c
tehtris Clean
ClamAV Win.Packer.DotNetRev-10003973-0
CMC Clean
CAT-QuickHeal Clean
Skyhigh BehavesLike.Win32.Generic.tm
ALYac Clean
Cylance Unsafe
Zillya Trojan.Injuke.Win32.29347
Sangfor Suspicious.Win32.Save.a
K7AntiVirus Trojan-Downloader ( 005a49cb1 )
Alibaba Trojan:MSIL/Injuke.964d21ba
K7GW Trojan-Downloader ( 005a49cb1 )
Cybereason malicious.5c45cd
Baidu Clean
VirIT Trojan.Win32.GenusT.DVJZ
Paloalto generic.ml
Symantec ML.Attribute.HighConfidence
Elastic malicious (high confidence)
ESET-NOD32 a variant of MSIL/GenKryptik.GJRU
APEX Malicious
Avast Win32:PWSX-gen [Trj]
Cynet Clean
Kaspersky HEUR:Trojan.MSIL.Injuke.gen
BitDefender Gen:Heur.MSIL.Krypt.11
NANO-Antivirus Trojan.Win32.Injuke.jwnvsq
ViRobot Clean
MicroWorld-eScan Gen:Heur.MSIL.Krypt.11
Tencent Malware.Win32.Gencirc.13b7ab95
TACHYON Clean
Sophos Mal/Generic-S
F-Secure Trojan.TR/Dropper.Gen2
DrWeb Trojan.Inject4.30942
VIPRE Gen:Heur.MSIL.Krypt.11
TrendMicro TROJ_GEN.R002C0DGD24
McAfeeD Real Protect-LS!6CDD7805C45C
Trapmine Clean
FireEye Generic.mg.6cdd7805c45cd8fe
Emsisoft Gen:Heur.MSIL.Krypt.11 (B)
SentinelOne Static AI - Malicious PE
GData Gen:Heur.MSIL.Krypt.11
Jiangmin Clean
Webroot W32.Rogue.Gen
Varist W32/ABTrojan.MCQS-8923
Avira TR/Dropper.Gen2
Antiy-AVL Trojan/MSIL.Injuke
Kingsoft malware.kb.c.1000
Gridinsoft Clean
Xcitium Clean
Arcabit Trojan.MSIL.Krypt.11
SUPERAntiSpyware Clean
ZoneAlarm HEUR:Trojan.MSIL.Injuke.gen
Microsoft Trojan:MSIL/LokiBot.SPC!MTB
Google Detected
AhnLab-V3 Malware/Win.Generic.C5419901
Acronis Clean
McAfee Artemis!6CDD7805C45C
MAX malware (ai score=86)
VBA32 Clean
Malwarebytes Generic.Crypt.Trojan.DDS
Panda Trj/GdSda.A
Zoner Clean
TrendMicro-HouseCall TROJ_GEN.R002C0DGD24
Rising Malware.Obfus/MSIL@AI.100 (RDM.MSIL2:A29s+RxKVbt7JPbFJGSMNA)
Yandex Trojan.Injuke!piML4pIv+cg
Ikarus Trojan-Spy.Keylogger.Snake
MaxSecure Trojan.Malware.74181957.susgen
Fortinet MSIL/Agent.ARN!tr.dldr
BitDefenderTheta Gen:NN.ZemsilF.36808.mn0@a0qetii
AVG Win32:PWSX-gen [Trj]
DeepInstinct MALICIOUS
CrowdStrike win/malicious_confidence_100% (D)
alibabacloud Trojan[dropper]:MSIL/LokiBot.SPC!MTB
No IRMA results available.