popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2024-07-21 02:21:09

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x00487e24 0x00488000 4.01965992934
.rsrc 0x0048a000 0x00000586 0x00000600 4.005218286

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x0048a0a0 0x000002fc LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_MANIFEST 0x0048a39c 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

!This program cannot be run in DOS mode.
`.rsrc
<jX(=
jX jX(=
jX$jX(=
YZjX(=
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADPT
E86AFB23006AFB230018926C9CF4AC5DE8F51FB883CCB1F927B7709473F9627ACBBC81A53F76E914AF0000000084B1E4B489D366D756633EC1A30EE036C3592105C5D85E2D638195E13D53F8A2AB7D16EED923DCF18851FAA86CFB4BB6E1A270650E12D980F01E71B848418473B6F45228C60BEBE19AD378C7BF1E43DA0DDE7535125C28F2B3404344907D58CBFF02B1D5EEAFFD178020D7E6EDB931ECAC2AB50254E94B92ED4E0F4B6F399758BBA11BB6293E84D49B0CD85FAD75148CA7D18504C624B7FD2EB8F4FD4A6D6B487D8321A4F18F7B49DA50BE6C50D9CCBB88E8B7F4F22CDE78FC7D00156DB4DB2EEBB346E1699427E4FCFB94CDCD648EA4A12A631B2EC72CD63A6DF93BF3243E8FF6425AA1ABF8C6805C9DAB39240DA7CBED3D2B7FC3B7F0DB8A3F5DFC8F248AF7014B7D8F552F7B2D8AB68F5CD50603F6359A37EDC0BDBCED25EBA042D62188B16AC12DFD0B5CBCDA0ED93BF67E52FA0C8A259275A23098A6066AFBF5D80B95A71575F14C4A67EF266B84E9116B53EA563C51E3AB28AE37C261083685C8D83C4CA5E6E610C2C329BD77B5D21BD568D8145BE6CC5EB26F6B1AD1310B77D81D6B304ED178D283F35A14A255DAB1D34847B544E4B371D21BB8A89D56A58D405BDF846C90C32B0D977343853C53E4ACA73510C9FECBD66BE18BB5437B9AEAA133C3F2F7CE7A7CF0959F69B7D67FDF8A35919A35A4D3
v4.0.30319
#Strings
<>9__0_0
<Main>b__0_0
List`1
UInt32
ReadInt32
ToInt64
ReadInt16
<Module>
get_ASCII
Fnzyma
Gpsmrxa
mscorlib
Hkvnnmb
Rdizlgyzxb
Cnifyb
System.Collections.Generic
Thread
set_IsBackground
method
Replace
DynamicInvoke
EndInvoke
BeginInvoke
IDisposable
RuntimeTypeHandle
GetTypeFromHandle
ProcessModule
set_WindowStyle
ProcessWindowStyle
get_FileName
set_FileName
commitType
get_Culture
set_Culture
ReadOnlyCollectionBase
Dispose
MulticastDelegate
EditorBrowsableState
SetApartmentState
CompilerGeneratedAttribute
GuidAttribute
GeneratedCodeAttribute
DebuggerNonUserCodeAttribute
DebuggableAttribute
EditorBrowsableAttribute
ComVisibleAttribute
AssemblyTitleAttribute
AssemblyTrademarkAttribute
TargetFrameworkAttribute
AssemblyFileVersionAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
UnmanagedFunctionPointerAttribute
CompilationRelaxationsAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyCompanyAttribute
RuntimeCompatibilityAttribute
set_UseShellExecute
ToByte
File.exe
Khdslianyvf
System.Threading
Encoding
System.Runtime.Versioning
GetString
Substring
Xmjsyeysdjh
get_Length
EndsWith
Nrahslvci
Arzrszoi
Tackdbchri
PtrToStringAnsi
Lmuczznqgj
Zrgnrzcqj
AsyncCallback
callback
Marshal
System.ComponentModel
Vdttggl
Hhdtkxam
Ktmdxwswtdm
Ywoggkem
System
Shievjm
Boolean
Ewllidujbn
Uwwxbzxdmkn
System.Globalization
System.Reflection
ProcessModuleCollection
Function
CallingConvention
MissingMethodException
InvalidOperationException
StringComparison
Evrlhyzvrn
CultureInfo
ProcessStartInfo
Ltvcvp
Tdpibxp
Ocycazveebq
get_GetBuffer
get_ResourceManager
System.CodeDom.Compiler
GetDelegateForFunctionPointer
ToLower
Jkcrfjr
Alhttolr
IEnumerator
GetEnumerator
.cctor
IntPtr
Luatcyr
System.Diagnostics
System.Runtime.InteropServices
System.Runtime.CompilerServices
System.Resources
Ewllidujbn.Properties.Resources.resources
DebuggingModes
Ewllidujbn.Properties
get_Modules
Equals
System.Collections
GetCurrentProcess
get_BaseAddress
address
Cqzdhxpsss
set_Arguments
Glxjzulbus
GetObject
object
Collect
Protect
protect
Acoixwspft
op_Explicit
WaitForExit
IAsyncResult
result
get_Current
get_Giynalgcdqt
ThreadStart
Convert
Macavhbst
MoveNext
System.Text
Uqxkgmnu
Hitabv
Svjsyamv
Strdofclnv
Dbkzpxnw
set_CreateNoWindow
Yujjmcnex
Gjjntvxgtx
ToArray
Rzaqhvaijy
get_Assembly
op_Equality
Hfmpmlooiz
WrapNonExceptionThrows
Copyright
2021
$e3886eb1-5f2e-4b58-ae62-de8004fc1a3b
1.0.0.0
.NETFramework,Version=v4.6
FrameworkDisplayName
.NET Framework 4.6
3System.Resources.Tools.StronglyTypedResourceBuilder
16.0.0.0
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
Giynalgcdqt
/c timeout 21 & exit
kernel32.dll
V.i.r.t.u.a.l.A.l.l.o.c
V.i.r.t.u.a.l.P.r.o.t.e.c.t
Ewllidujbn.Properties.Resources
Giynalgcdqt
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
FileVersion
1.0.0.0
InternalName
File.exe
LegalCopyright
Copyright
2021
LegalTrademarks
OriginalFilename
File.exe
ProductName
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0
Antivirus Signature
Bkav W64.AIDetectMalware.CS
Lionic Clean
tehtris Clean
ClamAV Clean
CMC Clean
CAT-QuickHeal Clean
Skyhigh Artemis!Trojan
ALYac Clean
Cylance Unsafe
Zillya Clean
Sangfor Suspicious.Win32.Save.a
K7AntiVirus Clean
Alibaba Trojan:MSIL/Generic.b22a515c
K7GW Clean
Cybereason Clean
Baidu Clean
VirIT Clean
Paloalto generic.ml
Symantec ML.Attribute.HighConfidence
Elastic malicious (high confidence)
ESET-NOD32 a variant of MSIL/TrojanDownloader.Agent.QZJ
APEX Malicious
Avast Win64:SpywareX-gen [Trj]
Cynet Malicious (score: 100)
Kaspersky HEUR:Trojan.MSIL.Shellcode.gen
BitDefender Clean
NANO-Antivirus Clean
ViRobot Clean
MicroWorld-eScan Clean
Tencent Clean
TACHYON Clean
Sophos Generic ML PUA (PUA)
F-Secure Clean
DrWeb Clean
VIPRE Clean
TrendMicro Clean
McAfeeD ti!D2DEAFA45A9D
Trapmine Clean
FireEye Generic.mg.e299e50bda0214f3
Emsisoft Clean
SentinelOne Static AI - Suspicious PE
GData Win32.Malware.Donut.0ZOODD
Jiangmin Clean
Webroot W32.Malware.Gen
Varist Clean
Avira Clean
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Adware.Win64.OutBrowse.vl!n
Xcitium Clean
Arcabit Clean
SUPERAntiSpyware Clean
ZoneAlarm HEUR:Trojan.MSIL.Shellcode.gen
Microsoft Clean
Google Clean
AhnLab-V3 Clean
Acronis Clean
McAfee Artemis!E299E50BDA02
MAX Clean
VBA32 Clean
Malwarebytes Clean
Panda Clean
Zoner Clean
TrendMicro-HouseCall Clean
Rising Clean
Yandex Clean
Ikarus Clean
MaxSecure Trojan.Malware.300983.susgen
Fortinet MSIL/Agent.QZJ!tr.dldr
BitDefenderTheta Clean
AVG Win64:SpywareX-gen [Trj]
DeepInstinct MALICIOUS
CrowdStrike win/malicious_confidence_100% (W)
alibabacloud Trojan[downloader]:MSIL/Agent.QOU
No IRMA results available.