Static | ZeroBOX

Name	Virtual Address	Virtual Size	Size of Raw Data	Entropy
.text	0x00001000	0x00017d46	0x00017e00	6.61353097254
.itext	0x00019000	0x00000569	0x00000600	3.03896147418
.rdata	0x0001a000	0x000004b2	0x00000600	3.65886621544
.data	0x0001b000	0x0000adc8	0x0000a000	7.98710140111
.pdata	0x00026000	0x00000c1b	0x00000e00	7.40889008185
.reloc	0x00027000	0x00000fcc	0x00001000	6.72853329511

Name

Virtual Address

Virtual Size

Size of Raw Data

Entropy

.text

0x00001000

0x00017d46

0x00017e00

6.61353097254

.itext

0x00019000

0x00000569

0x00000600

3.03896147418

.rdata

0x0001a000

0x000004b2

0x00000600

3.65886621544

.data

0x0001b000

0x0000adc8

0x0000a000

7.98710140111

.pdata

0x00026000

0x00000c1b

0x00000e00

7.40889008185

.reloc

0x00027000

0x00000fcc

0x00001000

6.72853329511

!This program cannot be run in DOS mode.

`.itext

`.rdata

@.data

.pdata

.reloc

X_^ZY[

=j&&LZ66lA??~

}{))R>

f""D~**T

V22dN::t

o%%Jr..\$

&&Lj66lZ??~A

99rKJJ

==zGdd

""Df**T~

;22dV::tN

$$Hl\\

C77nYmm

%%Jo..\r

>!KK

55j_WW

&Lj&6lZ6?~A?

~=zG=d

"Df"*T~*

2dV2:tN:

x%Jo%.\r.

t>!K

a5j_5W

ggV}++

Lj&&lZ66~A??

bS11*?

Xt,,4.

RRvM;;

MMfU33

PPxD<<%

Bc!! 0

~~zG==

Df""T~**;

dV22tN::

xxJo%%\r..8$

tt>!

pp|B>>q

aaj_55

UUPx((

cccc||||wwww{{{{

kkkkoooo

gggg++++

YYYYGGGG

&&&&6666????

nnnnZZZZ

RRRR;;;;

[[[[jjjj

9999JJJJLLLLXXXX

CCCCMMMM3333

PPPP<<<<

~~~~====dddd]]]]

ssss````

""""****

2222::::

$$$$\\\\

7777mmmm

llllVVVV

eeeezzzz

xxxx%%%%....

ttttKKKK

pppp>>>>

ffffHHHH

aaaa5555WWWW

UUUU((((

BBBBhhhhAAAA

='9-6d

_jbF~T

11#?*0

,4$8_@

t\lHBW

QPeA~S

>4$8,@

p\lHtW

+HpXhE

T[$:.6

00006666

CCCCDDDD

TTTT{{{{

####====

ffff((((

vvvv[[[[

IIIImmmm

%%%%rrrr

]]]]eeee

llllppppHHHHPPPP

FFFFWWWW

kkkk::::

AAAAOOOOgggg

tttt""""

nnnnGGGG

VVVV>>>>KKKK

yyyy

YYYY''''

____````QQQQ

;;;;MMMM

ccccUUUU!!!!

WVhta@

WVh4b@

WVh`b@

WVh$c@

WVhTc@

WVhhc@

WVhxc@

G Ph QB

*nt'=l

~/t =8^

SQRVWj

SQRVW3

_^ZY[]

SQRVW3

9D$$ua

L$ 9L$8}>

9|$0r4

T$PWSR

9|$0r4

D$PWSP

D$LEH;

+L$HRQW

+D$H[_]^

.text$mn

.itext

.idata$5

.rdata

.rdata$zzzdbg

.idata$2

.idata$3

.idata$4

.idata$6

BitBlt

CreateDIBitmap

CreateFontW

CreateSolidBrush

GetDeviceCaps

GetPixel

GetTextColor

SelectObject

SelectPalette

SetPixel

gdi32.dll

CreateDialogParamW

CreateWindowExW

DefWindowProcW

GetDlgItem

IsDlgButtonChecked

LoadImageW

LoadMenuW

USER32.dll

FreeLibrary

GetCommandLineA

GetCommandLineW

GetFileAttributesW

GetLastError

GetLocaleInfoW

GetModuleHandleA

GetProcAddress

KERNEL32.dll

~x:wt8

I:3(jp

lSP/t9.#

XOPb8#

NGLT-y-v

pWr/`6

fz-0I+

GSJ^=F

yp@PB6

yh@HB1

A*eDzl-Z

2k8gD

IG?s$_

>=;7yt

$gx:3A

1)VJiH`+

HYSS`H

u(*aU%

=9(>L_

!{ZAH

LB~K;

2HghJq

m+V807y

r,<uCw

T*WHFb

>SC<K)4

4t\~:N

8rTR2}

6gR3AT

{t7wgm

|8q&6!A

]ycBj5

*nB8a@

l?7tLy#7

Eq-1<@

t<d[}u!

Qb!.s7w

)3*z{-u

{r%ph$U

ssKZ-X

y&@<Bq

b}m\21

L G(!.W

Zq|Hv|

-^8Nf^="

t353m_A

0%|7.&0

7$7B$b

ewB;d;}p

w)Q<u-

+Y~29s{

yr@@B4

;f2RxU%

`\qR:Hh

!K#Epb

^A~f8%z

IBh9e&)*

yb@ZB$

o.Dt[H

<^UNe+

r}RK$$

RgRxK^

{dI6E>Vy

V!~2;l

!g1s.y9

iPfOV|,

\tF:530

a/q3of

`K:lq;

',5_>\

DJcx,,

IR2'k5

H_[\}i)

O5X^<J@x

c0aZ1h?

?%U$38O

6:s8&K<s+

r')v p$7X

.qXd0x

Loyn?P00

~=["(o

|zCpkeUz*

Io[cf<@

Ygph*x

HC"X\1

Te!Jd4

%}~D:(

"0Bb>8DD

=;>B>I>P>t>

?`?g?n?u?

0O0V0]0d0

1F1M1T1[1y1

243;3B3I3

3*41484?4y4

45&5-545

6U6\6c6j6

;;);/;A;G;Q;

;@<R<X<b<h<z<

=.=S=`=

4!4&42474C4H4T4Y4e4j4v4{4

8C8_8~8

;";,;6;@;N<

<5=^=h=4>

0/050>0b0h0q0

1!12181B1H1m1s1|1

1f2m2z2

34(4Q4g4

5)5H5U5|5

6!6.6Z6

7-7;7L7X7h7

<%=<=N=`=x=

?3?<?F?S?j?

1T2d2{2

3%4=4W4u4

9!9M9]9r9

:f;u;~;

="=+=4=Z=

=&>K>d>

1*1<1T1i1r1

5)525A5X5

556W6v6

849C9R9l9

:):/:8:P:[:f:q:w:}:

=>=D=I=P=\=b=

141=1O1Z1g1p1

2=2s2}2

3'3P3Y3k3v3

4'404M4

:*;T;^;

<3=F=O=`=i=

0-161?1n1

2T2^2t2

3!3*3D3

4C4K4w4

535V5|5

7L7T7Z7s7{7

8%8+888V8b8i8r8y8

: ;/;?;h;{;

<G<`<k<y<

=?=T=b=p=

111F1O1]1k1t1

2+242=2i2{2

3$3i3|3

425C5f5~5

6)6A6c6

7%777f7

:9:K:q:U;

='=5=C=Q=_=

1 121Y1i1

2$282E2N2c2

3L3U3j3

768l8t8

:8:>:D:R:r:x:~:

;&;=;O;a;y;

<!<*<s<

>&>,>y>

:0X0l0

11t1y1

2"2'282>2H2M2^2d2i2n2}2

8L8^8D;e;

;J<f<z<

<2=<=h=F>^>

?*?M?u?

0 020N0T0f0x0

0.1<1Z1g1

1!262r2

334?4E4X4_4f4l4|4

4D5N5w5

7&8;8a8

;";5;c;

>#>>>y>

W0a0k0

1,161_1h1

2+262;2M2

4,5D5c5

828A8V8k8z8

9/989G9R9X9]9o9z9

;);4;^;

<9<C<m<

<"=0=;=@=R=

?-?A?k?

0%101]1

414M4k4~4

526:6H6P6s6~6

7A7R7\7l7r7w7

8)9]9n9x9

:R;Z;n;};

<'<0<H<R<j<

>5>d>n>

?#?)?2???E?K?Q?e?l?

6:7]7g7

;\<i<v<

>'>B>[>e>|>

1!1:1K1d1j1p1x1~1

5$5)5A5M5S5n5

5#6;6H6U6\6b6r6

:m: ;A;W;

<@=I=a=k=

233F3i3

4,4?5I5q5

=;>F>g>

1)131D1

3+3W3o364

7*878R8{8

=L>i>y>

>6?G?T?

1b2n2|2

:P:h:u:

<,=<=Q=

?.?3?g?

00&0,050@0F0L0R0b0i0o0}0

1$1=1_1

2!2/292H2O2U2i2r2x2

2+3:3H3R3a3h3n3w3

6"6K6^6

747\8b8h8n8t8z8

=$=*=0=6=<=B=

((((( H

Antivirus	Signature
Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Lockbit.tsvY
tehtris	Clean
ClamAV	Win.Ransomware.BlackMatter-9970818-0
CMC	Clean
CAT-QuickHeal	Ransom.Lockbit.S28885638
Skyhigh	BehavesLike.Win32.BlackMatter.cc
ALYac	Trojan.Ransom.LockBit
Cylance	Unsafe
Zillya	Trojan.Filecoder.Win32.26935
Sangfor	Ransom.Win32.Save.LockBit30
K7AntiVirus	Trojan ( 0059b9cd1 )
Alibaba	Ransom:Win32/Lockbit.0e23968a
K7GW	Trojan ( 0059b9cd1 )
Cybereason	malicious.a6d45a
Baidu	Clean
VirIT	Trojan.Win32.GenusT.DYMV
Paloalto	generic.ml
Symantec	Ransom.Lockbit!g6
Elastic	Windows.Ransomware.Lockbit
ESET-NOD32	a variant of Win32/Filecoder.BlackMatter.M
APEX	Malicious
Avast	Win32:RansomX-gen [Ransom]
Cynet	Malicious (score: 100)
Kaspersky	UDS:Trojan-Ransom.Win32.Generic
BitDefender	Trojan.GenericKDZ.107474
NANO-Antivirus	Trojan.Win32.Encoder.jtarpu
ViRobot	Trojan.Win32.LockBit.157184.A
MicroWorld-eScan	Trojan.GenericKDZ.107474
Tencent	Trojan-Ransom.Win32.Crypmodng.gz
TACHYON	Ransom/W32.Agent.150528.B
Sophos	Mal/EncPk-HM
F-Secure	Backdoor.BDS/ZeroAccess.Gen7
DrWeb	Trojan.Encoder.31074
VIPRE	Trojan.GenericKDZ.107474
TrendMicro	Ransom.Win32.LOCKBIT.SMYXCJN
McAfeeD	Real Protect-LS!1B8977FA6D45
Trapmine	malicious.moderate.ml.score
FireEye	Generic.mg.1b8977fa6d45aa48
Emsisoft	Trojan.GenericKDZ.107474 (B)
SentinelOne	Static AI - Malicious PE
GData	Trojan.GenericKDZ.107474
Jiangmin	Trojan.Generic.hmvpt
Webroot	W32.Ransom.Lockbit
Varist	W32/Trojan.DPTH-0027
Avira	BDS/ZeroAccess.Gen7
Antiy-AVL	Trojan[Ransom]/Win32.LockBit.ha
Kingsoft	malware.kb.a.1000
Gridinsoft	Ransom.Win32.AI.oa!s1
Xcitium	Clean
Arcabit	Trojan.Generic.D1A3D2
SUPERAntiSpyware	Clean
ZoneAlarm	UDS:Trojan-Ransom.Win32.Generic
Microsoft	Ransom:Win32/Lockbit.HA!MTB
Google	Detected
AhnLab-V3	Ransomware/Win.LockBit.R521581
Acronis	suspicious
McAfee	BlackMatter!1B8977FA6D45
MAX	malware (ai score=82)
VBA32	Trojan.Encoder
Malwarebytes	Generic.Malware.AI.DDS
Panda	Trj/Genetic.gen
Zoner	Clean
TrendMicro-HouseCall	Clean
Rising	Ransom.LockBit!1.DFDC (CLASSIC)
Yandex	Trojan.Filecoder!HjuVfCjCfHY
Ikarus	Trojan-Ransom.LockBit
MaxSecure	Trojan.Malware.10307848.susgen
Fortinet	W32/Conwise.RCE!tr
BitDefenderTheta	AI:Packer.403141C21E
AVG	Win32:RansomX-gen [Ransom]
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_100% (W)
alibabacloud	RansomWare:Win/Lockbit.x1glab

Antivirus

Signature

Bkav

W32.AIDetectMalware

Lionic

Trojan.Win32.Lockbit.tsvY

tehtris

Clean

ClamAV

Win.Ransomware.BlackMatter-9970818-0

CMC

Clean

CAT-QuickHeal

Ransom.Lockbit.S28885638

Skyhigh

BehavesLike.Win32.BlackMatter.cc

ALYac

Trojan.Ransom.LockBit

Cylance

Unsafe

Zillya

Trojan.Filecoder.Win32.26935

Sangfor

Ransom.Win32.Save.LockBit30

K7AntiVirus

Trojan ( 0059b9cd1 )

Alibaba

Ransom:Win32/Lockbit.0e23968a

K7GW

Trojan ( 0059b9cd1 )

Cybereason

malicious.a6d45a

Baidu

Clean

VirIT

Trojan.Win32.GenusT.DYMV

Paloalto

generic.ml

Symantec

Ransom.Lockbit!g6

Elastic

Windows.Ransomware.Lockbit

ESET-NOD32

a variant of Win32/Filecoder.BlackMatter.M

APEX

Malicious

Avast

Win32:RansomX-gen [Ransom]

Cynet

Malicious (score: 100)

Kaspersky

UDS:Trojan-Ransom.Win32.Generic

BitDefender

Trojan.GenericKDZ.107474

NANO-Antivirus

Trojan.Win32.Encoder.jtarpu

ViRobot

Trojan.Win32.LockBit.157184.A

MicroWorld-eScan

Trojan.GenericKDZ.107474

Tencent

Trojan-Ransom.Win32.Crypmodng.gz

TACHYON

Ransom/W32.Agent.150528.B

Sophos

Mal/EncPk-HM

F-Secure

Backdoor.BDS/ZeroAccess.Gen7

DrWeb

Trojan.Encoder.31074

VIPRE

Trojan.GenericKDZ.107474

TrendMicro

Ransom.Win32.LOCKBIT.SMYXCJN

McAfeeD

Real Protect-LS!1B8977FA6D45

Trapmine

malicious.moderate.ml.score

FireEye

Generic.mg.1b8977fa6d45aa48

Emsisoft

Trojan.GenericKDZ.107474 (B)

SentinelOne

Static AI - Malicious PE

GData

Trojan.GenericKDZ.107474

Jiangmin

Trojan.Generic.hmvpt

Webroot

W32.Ransom.Lockbit

Varist

W32/Trojan.DPTH-0027

Avira

BDS/ZeroAccess.Gen7

Antiy-AVL

Trojan[Ransom]/Win32.LockBit.ha

Kingsoft

malware.kb.a.1000

Gridinsoft

Ransom.Win32.AI.oa!s1

Xcitium

Clean

Arcabit

Trojan.Generic.D1A3D2

SUPERAntiSpyware

Clean

ZoneAlarm

UDS:Trojan-Ransom.Win32.Generic

Microsoft

Ransom:Win32/Lockbit.HA!MTB

Google

Detected

AhnLab-V3

Ransomware/Win.LockBit.R521581

Acronis

suspicious

McAfee

BlackMatter!1B8977FA6D45

MAX

malware (ai score=82)

VBA32

Trojan.Encoder

Malwarebytes

Generic.Malware.AI.DDS

Panda

Trj/Genetic.gen

Zoner

Clean

TrendMicro-HouseCall

Clean

Rising

Ransom.LockBit!1.DFDC (CLASSIC)

Yandex

Trojan.Filecoder!HjuVfCjCfHY

Ikarus

Trojan-Ransom.LockBit

MaxSecure

Trojan.Malware.10307848.susgen

Fortinet

W32/Conwise.RCE!tr

BitDefenderTheta

AI:Packer.403141C21E

AVG

Win32:RansomX-gen [Ransom]

DeepInstinct

MALICIOUS

CrowdStrike

win/malicious_confidence_100% (W)

alibabacloud

RansomWare:Win/Lockbit.x1glab

Static Analysis

PE Compile Time

PE Imphash

Sections

Imports