popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2023-01-30 20:20:19

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x00002954 0x00002a00 5.40694598641
.rsrc 0x00006000 0x000004f0 0x00000600 3.740862509
.reloc 0x00008000 0x0000000c 0x00000200 0.0815394123432

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x000060a0 0x0000025c LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_MANIFEST 0x00006300 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
v4.0.30319
#Strings
<Module>
DP_Decrypter.exe
MainForm
DP_Decrypter
Program
System.Windows.Forms
mscorlib
System
Object
DecryptionKey
NewFile
System.Threading
Thread
Threads
locker
System.Collections.Generic
Queue`1
List`1
directories
vector
CryptedExtension
allFiles
EventArgs
MainForm_Load
oneFileBtn_Click
allFilesBtn_Click
DecryptAllFiles
GetCryptedPart
System.Security.Cryptography
RSACryptoServiceProvider
DecryptFile
ShareDrives
GetDrives
GetFiles
StartThreads
Handler
SendInfo
checkBtn_Click
System.ComponentModel
IContainer
components
Dispose
InitializeComponent
panel1
Button
allFilesBtn
oneFileBtn
filenameLbl
nowLbl
checkBtn
TextBox
sender
fileName
Drives
disposing
System.Runtime.CompilerServices
CompilationRelaxationsAttribute
RuntimeCompatibilityAttribute
<>c__DisplayClass1
<>4__this
<NewFile>b__0
Control
set_Text
MethodInvoker
Delegate
Invoke
OpenFileDialog
String
Concat
FileDialog
set_Filter
CommonDialog
DialogResult
ShowDialog
AsymmetricAlgorithm
FromXmlString
get_FileName
ToString
MessageBox
Exception
System.IO
FileInfo
get_Length
Convert
ToInt32
FileStream
OpenRead
Stream
SeekOrigin
IDisposable
System.Text
Encoding
get_Default
GetString
System.Text.RegularExpressions
RegexOptions
GroupCollection
get_Groups
get_Item
Capture
get_Value
OpenWrite
SetLength
FromBase64String
Enumerator
GetEnumerator
get_Current
Decrypt
IEnumerable`1
AddRange
MoveNext
ToArray
FileMode
FileAccess
Replace
Delete
Console
WriteLine
DriveInfo
get_Name
Contains
IndexOf
RemoveAt
Environment
SpecialFolder
GetFolderPath
Directory
SearchOption
GetDirectories
op_Equality
op_Inequality
ThreadStart
set_IsBackground
Monitor
Dequeue
GetFileName
IsNullOrEmpty
get_Count
System.Drawing
get_Green
set_ForeColor
System.Net
WebRequest
Create
HttpWebRequest
get_ASCII
GetBytes
set_Method
set_ContentType
set_ContentLength
GetRequestStream
WebResponse
GetResponse
HttpWebResponse
GetResponseStream
StreamReader
TextReader
ReadToEnd
get_Text
get_Chars
Substring
set_Enabled
SuspendLayout
BorderStyle
set_BorderStyle
ControlCollection
get_Controls
set_Location
set_Name
set_Size
set_TabIndex
set_AutoSize
get_Red
Cursors
Cursor
get_Hand
set_Cursor
ButtonBase
set_UseVisualStyleBackColor
EventHandler
add_Click
TextBoxBase
set_Multiline
ContainerControl
set_AutoScaleDimensions
AutoScaleMode
set_AutoScaleMode
set_ClientSize
add_Load
ResumeLayout
PerformLayout
CompilerGeneratedAttribute
STAThreadAttribute
Application
EnableVisualStyles
SetCompatibleTextRenderingDefault
WrapNonExceptionThrows
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
yKJaEXz+
.honkai
Encrypted file|*
Scanning...
Access error: The key for decrypting a single file.
<CRYPTED>(.*)</CRYPTED>
<CRYPTED></CRYPTED>
(.*)\[id-(.*)\.honkai
started
// Done //
All files are decrypted.
http://upload.paradisenewgenshinimpact.top:2095/api/Decrypted.php
vector=
&decryption_info=
application/x-www-form-urlencoded
RSAKeyValue
Successful. Key for decrytion 1 file.
Successful.
panel1
filenameLbl
nowLbl
allFilesBtn
Decrypt all PC
oneFileBtn
Choose 1 file and decrypt it
checkBtn
Check sytax of key
MainForm
DP Decrypter
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
FileDescription
FileVersion
0.0.0.0
InternalName
DP_Decrypter.exe
LegalCopyright
OriginalFilename
DP_Decrypter.exe
ProductVersion
0.0.0.0
Assembly Version
0.0.0.0
Antivirus Signature
Bkav W32.AIDetectMalware.CS
Lionic Clean
tehtris Clean
ClamAV Clean
CMC Clean
CAT-QuickHeal Clean
Skyhigh Clean
ALYac Clean
Cylance Unsafe
Zillya Clean
Sangfor Clean
K7AntiVirus Clean
Alibaba Clean
K7GW Clean
Cybereason Clean
huorong Clean
Baidu Clean
VirIT Clean
Paloalto Clean
Symantec Clean
Elastic malicious (moderate confidence)
ESET-NOD32 Clean
APEX Malicious
Avast Clean
Cynet Clean
Kaspersky Clean
BitDefender Clean
NANO-Antivirus Clean
ViRobot Clean
MicroWorld-eScan Clean
Tencent Clean
TACHYON Clean
Sophos Clean
F-Secure Clean
DrWeb Clean
VIPRE Clean
TrendMicro Clean
McAfeeD ti!5A7EC27A0871
Trapmine malicious.moderate.ml.score
FireEye Clean
Emsisoft Clean
Ikarus Clean
GData Clean
Jiangmin Clean
Webroot Clean
Varist Clean
Avira Clean
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Clean
Xcitium Clean
Arcabit Clean
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft Clean
Google Clean
AhnLab-V3 Clean
Acronis Clean
McAfee Clean
MAX Clean
VBA32 Clean
Malwarebytes Clean
Panda Clean
Zoner Clean
TrendMicro-HouseCall Clean
Rising Clean
Yandex Clean
SentinelOne Static AI - Malicious PE
MaxSecure Trojan.Malware.300983.susgen
Fortinet Clean
BitDefenderTheta Gen:NN.ZemsilF.36810.am0@aCkNfQk
AVG Clean
DeepInstinct MALICIOUS
CrowdStrike win/malicious_confidence_70% (W)
alibabacloud Clean
No IRMA results available.