popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2024-08-03 22:07:58

PE Imphash

140094f13383e9ae168c4b35b6af3356

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x0004ffba 0x00050000 6.2552291781
.idata 0x00051000 0x000001fc 0x00000200 4.13702682311
.rsrc 0x00052000 0x00000318 0x00000400 4.63904618768

Resources

Name Offset Size Language Sub-language File type
RT_MANIFEST 0x00052058 0x000002bd LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, ASCII text, with CRLF line terminators

Imports

Library kernel32.dll:
0x4510a0 CreateThread
0x4510a4 ExitProcess
0x4510a8 GetComputerNameA
0x4510ac GetModuleFileNameA
0x4510b0 GetModuleHandleW
0x4510b4 GetProcAddress
0x4510b8 SetErrorMode
0x4510bc Sleep
0x4510c0 VirtualAllocExNuma
Library Shlwapi.dll:
0x45116c PathFindFileNameA
Library msvcrt.dll:
0x4511a4 malloc
0x4511a8 free
0x4511ac memset
0x4511b0 strcmp
0x4511b4 _strcmpi
0x4511b8 strcpy
!This program cannot be run in DOS mode.
`.idata
QYVQY^f
6V^QYf
QS[YQS[Yj
VS[^S[
X)WPX_
X4PXQY
VS[^SW_[
RZPQYX
RZVS[^
kernel32.dll
Shlwapi.dll
msvcrt.dll
CreateThread
ExitProcess
GetComputerNameA
GetModuleFileNameA
GetModuleHandleW
GetProcAddress
SetErrorMode
VirtualAllocExNuma
PathFindFileNameA
malloc
memset
strcmp
_strcmpi
strcpy
<?xml version="1.0" encoding="utf-8"?>
<assembly manifestVersion="1.0" xmlns="urn:schemas-microsoft-com:asm.v1">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app" />
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false" />
</requestedPrivileges>
</security>
</trustInfo>
<dependency>
<dependentAssembly>
<assemblyIdentity type="win32" name="Microsoft.Windows.Common-Controls" version="6.0.0.0" processorArchitecture="*" publicKeyToken="6595b64144ccf1df" language="*" />
</dependentAssembly>
</dependency>
</assembly>
Antivirus Signature
Bkav W32.AIDetectMalware
Lionic Trojan.Win32.Pucrpt.4!c
tehtris Clean
ClamAV Clean
CMC Clean
CAT-QuickHeal Clean
Skyhigh BehavesLike.Win32.Dropper.fh
ALYac Gen:Variant.ExNuma.1
Cylance Unsafe
Zillya Clean
Sangfor Hacktool.Win32.Kryptik.Vcv9
K7AntiVirus Trojan ( 0058ee541 )
Alibaba VirTool:Win32/Pucrpt.2e924ac1
K7GW Trojan ( 0058ee541 )
Cybereason malicious.ca446b
huorong VirTool/Obfuscator.aam
Baidu Clean
VirIT Clean
Paloalto generic.ml
Symantec ML.Attribute.HighConfidence
Elastic malicious (high confidence)
ESET-NOD32 a variant of Win32/Kryptik.HNPY
APEX Malicious
Avast Win32:TrojanX-gen [Trj]
Cynet Malicious (score: 100)
Kaspersky UDS:DangerousObject.Multi.Generic
BitDefender Gen:Variant.ExNuma.1
NANO-Antivirus Clean
ViRobot Trojan.Win.Z.Kryptik.329728.P
MicroWorld-eScan Gen:Variant.ExNuma.1
Tencent Trojan.Win32.Kryptik.zad
TACHYON Clean
Sophos Mal/Generic-S
F-Secure Trojan.TR/Crypt.ZPACK.Gen
DrWeb Clean
VIPRE Gen:Variant.ExNuma.1
TrendMicro Backdoor.Win32.ASYNCRAT.YXEHDZ
McAfeeD Real Protect-LS!59D3BC9CA446
Trapmine malicious.high.ml.score
FireEye Generic.mg.59d3bc9ca446bf4f
Emsisoft Gen:Variant.ExNuma.1 (B)
Ikarus Trojan.Win32.Krypt
GData Win32.Trojan.QuasarRAT.B
Jiangmin Clean
Webroot Clean
Varist W32/ExNuma.A.gen!Eldorado
Avira TR/Crypt.ZPACK.Gen
Antiy-AVL Trojan/Win32.Kryptik
Kingsoft malware.kb.a.1000
Gridinsoft Ransom.Win32.Bladabindi.sa
Xcitium Clean
Arcabit Trojan.ExNuma.1
SUPERAntiSpyware Clean
ZoneAlarm UDS:DangerousObject.Multi.Generic
Microsoft VirTool:Win32/Pucrpt.A!MTB
Google Detected
AhnLab-V3 Trojan/Win.Generic.R442079
Acronis suspicious
McAfee GenericRXRE-WR!59D3BC9CA446
MAX malware (ai score=82)
VBA32 BScope.TrojanSpy.Stealer
Malwarebytes Backdoor.AsyncRAT
Panda Trj/Genetic.gen
Zoner Clean
TrendMicro-HouseCall Backdoor.Win32.ASYNCRAT.YXEHDZ
Rising Backdoor.Crysan!8.10ECA (TFE:2:16hue2QNSkM)
Yandex Clean
SentinelOne Static AI - Malicious PE
MaxSecure Trojan.Malware.300983.susgen
Fortinet W32/Kryptik.HNPY!tr
BitDefenderTheta AI:Packer.D779790F1E
AVG Win32:TrojanX-gen [Trj]
DeepInstinct MALICIOUS
CrowdStrike win/malicious_confidence_100% (W)
alibabacloud Trojan:Win/Pucrpt.A9OKG
No IRMA results available.