Static | ZeroBOX

Name	Virtual Address	Virtual Size	Size of Raw Data	Entropy
.text	0x00001000	0x0000ee89	0x0000f000	6.60649979192
.rdata	0x00010000	0x0000cce2	0x0000ce00	5.35364887414
.data	0x0001d000	0x00001ad0	0x00000c00	2.3001786367
.reloc	0x0001f000	0x00001770	0x00001800	6.49121324079
.pdata	0x00021000	0x00025000	0x00024a00	7.99891315768
.rsrc	0x00046000	0x0002acd4	0x0002ae00	4.54349261587

Name	Offset	Size	Language	Sub-language	File type
RT_ICON	0x0006da04	0x0000324a	LANG_NEUTRAL	SUBLANG_NEUTRAL	PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
RT_ICON	0x0006da04	0x0000324a	LANG_NEUTRAL	SUBLANG_NEUTRAL	PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
RT_ICON	0x0006da04	0x0000324a	LANG_NEUTRAL	SUBLANG_NEUTRAL	PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
RT_ICON	0x0006da04	0x0000324a	LANG_NEUTRAL	SUBLANG_NEUTRAL	PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
RT_ICON	0x0006da04	0x0000324a	LANG_NEUTRAL	SUBLANG_NEUTRAL	PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
RT_ICON	0x0006da04	0x0000324a	LANG_NEUTRAL	SUBLANG_NEUTRAL	PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
RT_ICON	0x0006da04	0x0000324a	LANG_NEUTRAL	SUBLANG_NEUTRAL	PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
RT_ICON	0x0006da04	0x0000324a	LANG_NEUTRAL	SUBLANG_NEUTRAL	PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
RT_ICON	0x0006da04	0x0000324a	LANG_NEUTRAL	SUBLANG_NEUTRAL	PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
RT_GROUP_ICON	0x00070c50	0x00000084	LANG_NEUTRAL	SUBLANG_NEUTRAL	data

!This program cannot be run in DOS mode.

`.rdata

@.data

.reloc

B.pdata

D$4SUV

D$4_WUP

D$4PUUj

QQSVWd

tH9] uC

u PWQR

URPQQh

;t$,v-

UQPXY]Y[

PPPPPPPP

t#VhtCA

PPPPPWS

PP9E u<PPVWP

tlj*Yf

SSVWh

f9:t!V

QQSVj8j@

PPPPPPPP

bad allocation

address family not supported

address in use

address not available

already connected

argument list too long

argument out of domain

bad address

bad file descriptor

bad message

broken pipe

connection aborted

connection already in progress

connection refused

connection reset

cross device link

destination address required

device or resource busy

directory not empty

executable format error

file exists

file too large

filename too long

function not supported

host unreachable

identifier removed

illegal byte sequence

inappropriate io control operation

interrupted

invalid argument

invalid seek

io error

is a directory

message size

network down

network reset

network unreachable

no buffer space

no child process

no link

no lock available

no message available

no message

no protocol option

no space on device

no stream resources

no such device or address

no such device

no such file or directory

no such process

not a directory

not a socket

not a stream

not connected

not enough memory

not supported

operation canceled

operation in progress

operation not permitted

operation not supported

operation would block

owner dead

permission denied

protocol error

protocol not supported

read only file system

resource deadlock would occur

resource unavailable try again

result out of range

state not recoverable

stream timeout

text file busy

timed out

too many files open in system

too many files open

too many links

too many symbolic link levels

value too large

wrong protocol type

FlsAlloc

FlsFree

FlsGetValue

FlsSetValue

InitializeCriticalSectionEx

InitOnceExecuteOnce

CreateEventExW

CreateSemaphoreW

CreateSemaphoreExW

CreateThreadpoolTimer

SetThreadpoolTimer

WaitForThreadpoolTimerCallbacks

CloseThreadpoolTimer

CreateThreadpoolWait

SetThreadpoolWait

CloseThreadpoolWait

FlushProcessWriteBuffers

FreeLibraryWhenCallbackReturns

GetCurrentProcessorNumber

CreateSymbolicLinkW

GetCurrentPackageId

GetTickCount64

GetFileInformationByHandleEx

SetFileInformationByHandle

GetSystemTimePreciseAsFileTime

InitializeConditionVariable

WakeConditionVariable

WakeAllConditionVariable

SleepConditionVariableCS

InitializeSRWLock

AcquireSRWLockExclusive

TryAcquireSRWLockExclusive

ReleaseSRWLockExclusive

SleepConditionVariableSRW

CreateThreadpoolWork

SubmitThreadpoolWork

CloseThreadpoolWork

CompareStringEx

GetLocaleInfoEx

LCMapStringEx

0123456789abcdefghijklmnopqrstuvwxyz

bad array new length

bad exception

__based(

__cdecl

__pascal

__stdcall

__thiscall

__fastcall

__vectorcall

__clrcall

__eabi

__swift_1

__swift_2

__ptr64

__restrict

__unaligned

restrict(

delete

operator

`vftable'

`vbtable'

`vcall'

`typeof'

`local static guard'

`string'

`vbase destructor'

`vector deleting destructor'

`default constructor closure'

`scalar deleting destructor'

`vector constructor iterator'

`vector destructor iterator'

`vector vbase constructor iterator'

`virtual displacement map'

`eh vector constructor iterator'

`eh vector destructor iterator'

`eh vector vbase constructor iterator'

`copy constructor closure'

`udt returning'

`local vftable'

`local vftable constructor closure'

new[]

delete[]

`omni callsig'

`placement delete closure'

`placement delete[] closure'

`managed vector constructor iterator'

`managed vector destructor iterator'

`eh vector copy constructor iterator'

`eh vector vbase copy constructor iterator'

`dynamic initializer for '

`dynamic atexit destructor for '

`vector copy constructor iterator'

`vector vbase copy constructor iterator'

`managed vector copy constructor iterator'

`local static thread guard'

operator ""

operator co_await

Type Descriptor'

Base Class Descriptor at (

Base Class Array'

Class Hierarchy Descriptor'

Complete Object Locator'

!"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~

!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~

CorExitProcess

Sunday

Monday

Tuesday

Wednesday

Thursday

Friday

Saturday

January

February

August

September

October

November

December

MM/dd/yy

dddd, MMMM dd, yyyy

HH:mm:ss

FlsAlloc

FlsFree

FlsGetValue

FlsSetValue

InitializeCriticalSectionEx

LCMapStringEx

LocaleNameToLCID

AppPolicyGetProcessTerminationMethod

_hypot

_nextafter

]vQ<)8

|)P!?Ua0

Eb2]A=

u?^p?o4

y1~?|"

?x+s7

?5Od%

?|I7Z#

>,'1D=

?g)([|X>=

~U`?K

:h"?bC

@H#?43

Ax#?uN}*

r7Yr7=

F0$?3=1

H`$?h|

&?~YK|

sU0&?W

<8bunz8

?#%X.y

F||<##

<@En[vP

?5Wg4p

%S#[k=

"B <1=

?.pdata

b5P9XuvwHD2KyByy

Unknown exception

Kernel32.dll

d1VBYVhCUFRUc1pbRFVNQQ==

Z0JcQVVgR1pTVUZGfVVYWkJJ

c0JQVERVZUdfU1BGQ3E=

YlVUUWBCWlZVQ0Z4VV1aR0k=

ZllHQUVRWXRcXFpWdUg=

ZllHQUVRWXNCVVA=

c1xaRlV4VFtUXFA=

ZllHQUVRWWVCX0FQU0RwTQ==

ZllHQUVRWXNCVVBwSA==

cVRfQENEYVpbVVtlQllDXFxVUlBD

d1VBYV9bUFt5XlNaQl1UQVlfWw==

YlVGQF1VYV1CVVRR

ZllHQUVRWXRcXFpW

Z1FcQXZfR2ZZXlJZVX9XX1VTQQ==

Y1VBYVhCUFRUc1pbRFVNQQ==

d1VBeF9UQFlVdlxZVX5UWFVx

GetCurrentProcess

string too long

.text$di

.text$mn

.text$x

.text$yd

.idata$5

.00cfg

.CRT$XCA

.CRT$XCAA

.CRT$XCC

.CRT$XCL

.CRT$XCU

.CRT$XCZ

.CRT$XIA

.CRT$XIAA

.CRT$XIAC

.CRT$XIC

.CRT$XIZ

.CRT$XPA

.CRT$XPX

.CRT$XPXA

.CRT$XPZ

.CRT$XTA

.CRT$XTZ

.rdata

.rdata$r

.rdata$zzzdbg

.rtc$IAA

.rtc$IZZ

.rtc$TAA

.rtc$TZZ

.xdata$x

.idata$2

.idata$3

.idata$4

.idata$6

.data$r

GetLastError

LoadLibraryA

GetProcAddress

GetModuleHandleW

WideCharToMultiByte

EnterCriticalSection

LeaveCriticalSection

DeleteCriticalSection

SetLastError

InitializeCriticalSectionAndSpinCount

TlsAlloc

TlsGetValue

TlsSetValue

TlsFree

GetSystemTimeAsFileTime

EncodePointer

DecodePointer

MultiByteToWideChar

LCMapStringW

GetStringTypeW

GetCPInfo

QueryPerformanceCounter

GetCurrentProcessId

GetCurrentThreadId

InitializeSListHead

IsDebuggerPresent

UnhandledExceptionFilter

SetUnhandledExceptionFilter

GetStartupInfoW

IsProcessorFeaturePresent

GetCurrentProcess

TerminateProcess

KERNEL32.dll

RaiseException

RtlUnwind

FreeLibrary

LoadLibraryExW

GetStdHandle

WriteFile

GetModuleFileNameW

ExitProcess

GetModuleHandleExW

SetFilePointerEx

GetFileType

HeapAlloc

FlushFileBuffers

GetConsoleCP

GetConsoleMode

HeapFree

CloseHandle

HeapReAlloc

FindClose

FindFirstFileExW

FindNextFileW

IsValidCodePage

GetACP

GetOEMCP

GetCommandLineA

GetCommandLineW

GetEnvironmentStringsW

FreeEnvironmentStringsW

SetStdHandle

GetProcessHeap

CreateFileW

HeapSize

WriteConsoleW

abcdefghijklmnopqrstuvwxyz

ABCDEFGHIJKLMNOPQRSTUVWXYZ

abcdefghijklmnopqrstuvwxyz

ABCDEFGHIJKLMNOPQRSTUVWXYZ

.?AVbad_alloc@std@@

.?AVlength_error@std@@

.?AVtype_info@@

.?AVbad_array_new_length@std@@

.?AVbad_exception@std@@

.?AVlogic_error@std@@

.?AVexception@std@@

00)0;0\0k0w0}0

1'1H1W1c1i1n1

242C2O2U2Z2m2w2

2 3/3;3A3F3Y3c3u3

4'4-424E4O4a4

5'515C5d5s5

6*6K6Z6f6l6q6

777F7R7X7]7p7z7

8(848@8L8V8

:3:Y:j:5;

;)<3<X<

>!>/>9>F>g>

>(?N?q?

7+797G7c7{7

818e8{8

9!9'9,92989>9C9I9O9U9Z9`9f9l9q9w9}9

:$:):/:5:;:@:F:L:R:W:]:c:i:n:t:z:

;!;&;,;2;8;=;C;I;O;T;Z;`;f;k;q;w;};

<#<)</<5<:<H<N<a<q<

>/>4>A>{>

1+2D2k2|3

4>4d4m4s4Q5q5{5

6Z6c6h6{6

607H7N7b7

7Z8c8k8

9(979@9K9R9r9x9~9

:-:=:F:

:%;L;w;

1;2@2D2H2L2

0)0=0Y0c0m0{0

9G9_9e9

= >%>e>q>

060Q0_0k0w0

0.1Z1_1d1

232=2I2N2S2t2

3&4C4O4z4h5r5

6M6p6w6

9h:p:w:

;(;B;Q;_;k;w;

<(<3<I<]<p<

=5=b=i=t=

2,2H2V2b2u2|2

2(32373=3

8!838<8

879D9S9h9r9

;];c;w;

=-=E=`=k=

1M1d1o1w1

7717>7W7p7

888a8v8

91:C:w:

;V;\;y;

;&;0;G;L;Q;a;f;k;

;"<P<Y<

=2=<=L=Q=V=q=

?(?4?B?c?j?

1!5)6:6'828B8{8

:t=z=,>1>c>k>

? ?+?3?Q?]?s?|?

343X3a3l3

=k>l?|?

01>1T1r1}1

1G2L2Q2V2h2)323

;4<S<v<

0I0U0g0

1(111L1y1

4O4'5A5}5

6)6?6z6

6)7;7M7_7q7

8"848F8X8j8+:x:P;

5-6<6H6W6j6

7!7*737^7

0$000O0U0b0

0$1H1S1`1r1

1W2l2u2~293A3I3Q3Y3w3

>&>0>:>D>N>X>b>l>v>

1 1$1(1,1014181<1@1D1H1L1P1T1X1\1`1d1h1l1p1t1x1|1

2 2$2(2<2@2D2H2L2P2d2l2t2|2

3$3,343<3D3L3T3\3d3l3t3|3

4$4,444<4D4L4T4\4d4l4t4|4

2$2,242<2D2L2T2\2d2l2t2|2

3$3,343<3D3L3T3\3d3l3t3|3

4$4,444<4D4L4T4\4d4l4t4|4

5$5,545<5D5L5T5\5d5l5t5|5

6$6,646<6D6L6T6\6d6l6t6|6

7$7,747<7D7L7T7\7d7l7t7|7

8$8,848<8D8L8T8\8d8l8t8|8

9 9(90989@9H9P9X9`9h9p9x9

: :(:0:8:@:H:P:X:`:h:p:x:

; ;(;0;8;@;H;P;X;`;h;p;x;

< <(<0<8<@<H<P<X<`<h<p<x<

= =(=0=8=@=H=P=X=`=h=p=x=

> >(>0>8>@>H>P>X>`>h>p>x>

? ?(?0?8?@?H?P?X?`?h?p?x?

P2T2X2\2`2|2

4 4$4(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|4

5 5$5(5,5054585<5@5

4 4$4(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|4

5 5$5(5,5054585<5@5D5H5L5P5T5X5\5`5d5h5

?$?,?4?<?D?L?T?\?d?l?t?|?

1P2T2X2\2

3$3,343<3D3L3T3\3d3l3t3|3

4$4,444<4D4L4T4\4d4l4t4|4

5$5,545<5D5L5T5\5d5l5t5|5

6$6,646<6D6L6T6\6d6l6t6|6

7$7,747<7D7L7T7\7d7l7t7|7

8$8,848<8D8L8T8\8d8l8t8|8

9$9,949<9D9L9T9\9d9l9t9|9

4 4(40484@4H4P4X4`4h4p4x4

5 5(50585@5H5P5X5`5h5p5x5

6 6(60686@6H6P6X6`6h6p6x6

7 7(70787@7H7P7X7`7h7p7x7

8 8(80888@8H8P8X8`8h8p8x8

9 9(90989@9H9P9X9`9h9p9x9

: :(:0:8:@:H:P:X:`:h:p:x:

<(<,<0<8<P<`<d<t<x<|<

= =8=H=L=\=`=d=l=

@1H1P1T1\1p1x1

2$2<2@2`2h2l2

3$3(30383@3D3L3`3

4 4@4`4

5 5@5`5

6 6@6`6

X1\1`1d1h1l1p1t1x1|1

2(282H2`2l2p2t2

20444p9

eq<EQT

7OE8ZR

^iM4"F

n_<k:`\

*jY#Ci

^*:E>?

5xWG%y

}hM[($#R

>,:p2.q

`<ke_P

G[%VqW

|o9+X+

B&/;u0

iOsdgIF

!9Ag;Vh

P~<o|E3

ykMT0J

k8p \cu

\.kH;y[

#M4PBD,

9$oUo#G!

@@1i;6N

{X0JX(Ss

BKHz):h*

wXqN,<C

<NV@pq

}o|ID`

~s2$YJ

<,;q=>

d`v}<z

$nI~;>

+3s\OJ

9fr.e

=@o:d;{k

,Hv6qH

"^uO<qZ

.*SLY?

8m5uMj

0yKJt4

^-dR>;'

% ;s-(Zm

jN%4L!

rv=~t&u1

ZBD_@P

Ij?eGOS

k>m#:`

M9v8"^4I

A^s2yo

l'1#Pr&

>.gB1

PHZSW2

lj0`3^P

Zl{ z\

$B=4rZ

'6(vUN\

ToNsQh5

+#l1|; w`

c;MYt`

@.LRW;

o%kQ|X

<t$S7J

||u+Tw'

^$_~sBbPg(

nA6Cjx%6

(Iao$8L

@(^8ws

*:yJ.Z

0A~GV3{

~.|-I(

UdS*?L

Bu`#$w

`-3A"|

/X#Ar_D

!N}f),

F>Cbda

kG;$0<sa*

i^>1cS

=rrjp<

Rj'/k7

/<An5u

9`!AAG

{Q4;Oz

>@{bGrs

AO7&s0

^u-';Y

L/ubnj

eDM[(HO

+6(+yl

qT~^Mkr

kXx,(;

r&q9I1

uw9P,o

??xQ2"

b*&%7d

{"CV&He}

&| 8Z`

@T1cGNoA{

ujhl}sY

+f?`_^

u]u:]H6@

sy/!KH

qpqo<h

FD*Pk:

eP!`gH

Hh`0*

~orBd^>i

"A)h{w

_0.}MS@

vuE:ds

RB\%9)

vFG89_D

Rfm]o\

4?jfFg

5\l#<(%E

@ck=;B

$/*J4nX

~~X\%W

iu;9hdZ"l

=H{$KY

L-SHHh"

hmCmxM

p(FL:@

riZ{U(%Q

Pp]SJ22

N/3oj

I;8a){uHA

FT#)ng

5}ut

:l:S`@.

Uv-ZHK

Bd;jhVp1

@ i4E.

Q_'Dwl

cj1!(]#

J 'Pm\

K4#/NEc

N;%9T`

N fNo8

rKaV{X=

-t(TP-

RyVXBT\

#2?&KWZ

mGb1Pr7

jG59LY

F*F:La

?EEyAlYq[!dd

"B/(Dy)

rwLs1h

["f No

.weu:(

=74n=T>

Z33 =;E

|>tQjW

qWr;lx

Sni;MFW'

Xi337)

EO[hsm$qH

gZD>Qd

2fdW90

N~FadC

6ZMg_,

;%?<1]

Knls{j

xDsp75

66-gy*'@Cm

uAks^g$

utYbSV.

zTj!cq

IwGVDI`

DZz>=O_

*rAo3"

z(p8@y

15nX2V

]V5!W'h

u$Kt_$

fVv&33,*

*:C)UL

aqPh1D]

]R(|u`-D

)M?9BhA

pX&Vl&

^Zn].pt

e<5cKr

#;c?])M

1e<8.m

]3rCS3

Of \(T_

+_T(V"!M

gIq4DZP]

`kc7UU

qF" H#

LrXiWO

AeW_)9

Nmy3u6

}$;q5k8

AK3[:#

_bXH|M

H604Qi

hvfWj=

8i]QVA

IB!/A%A#

~"W)ej

SQg-i>

yGvk]g

\v#%mv

Ytx!lV

|-"t9d&I(

GB7"*M

5-P(M{

"1gT>2

gC^\_N

1M{>Z~

uFgpPA

qN}b,

3c,]aAd

;ICqpCF

7[Z1@:

?,0H%L

)dQ}{v

F~2yI}

tydCI?

S?t.dS

^LGK&"

,SD5d\

4'SPBjb4

Il?9T(-

5|d&tl|

cl#Z8c

<N(sx

wHv:pK

jvIaWq

l&5cM6

;Hc(=

*zMK#/

w9.3={

Pv7*6a[C

bMP^FT

*N4 ]3

~0gM?!Mt

m9y%ID

Rnq\5b

~B-Vtv

hyR6BcT

X\r%&

b_.i{e

{+(a=k

>mtW5<W

~2Ip.gDn

rFM{qihw

333M222]111\000\///\...\,,,\+++\)))\'''\&&&]&&&M///

999e666

,,,e888

===x999

000x;;;

HHH&III&III&HHH&HHH&HHH&HHH&GGG&GGG&GGG&GGG&GGG&GGG&FFF&EEE&DDD&DDD&DDD&DDD&CCC&CCC&CCC&CCC&BBB&AAA&AAA&AAA&???&===&===&===&===&===

???B'''

222B---

EEE'DDD

999':::

EEECEEEbFFFeFFFeFFFeFFFeFFFeFFFeFFFeFFFeFFFeEEEeEEEeEEEeEEEeEEEeEEEeEEEeDDDeCCCeCCCeCCCeBBBeBBBeBBBeBBBeBBBeAAAeAAAeAAAeAAAe@@@e@@@e@@@e>>>e>>>e>>>e>>>e===e;;;e;;;e;;;e;;;e;;;e;;;b:::B999

AAAU+++

444U+++

DDD.DDD

888.;;;

EEEUEEE

999U888

<<<*$$$

111*###

DDD-CCC

999-888

DDDBEEE

777B%%%

DDD-EEE

888-&&&

BBB*CCC.DDD.DDD.DDD.DDD.DDD.DDD.DDD.DDD.DDD.DDD.DDD.DDD.DDD.DDD.CCC.CCC.CCC.CCC.CCC.CCC.CCC.CCC.CCC.CCC.BBB.AAA.AAA.AAA.AAA.@@@.@@@.@@@.@@@.@@@.@@@.@@@.???.>>>.>>>.>>>.>>>.>>>.>>>.>>>.>>>.>>>.>>>.>>>.===.===.===.===.===.===.:::.999.999.999.999.999.999.999.999.;;;*999

DDDY===

888Y111

DDDNDDD

888M;;;

DDDcDDD

777b222

DDDNDDD

888M222

DDDYDDD

777X777

sss"!d

0DEQ$EQ

6uszs7

rJ)$IB0

`|>dYF0

'''8>>

RW`J)2

-,..brr

2666ppp

sssXXX

y,,,`ee

+++X__

fff0::

677qtt

]lmmamm

f)[^YI0

B!LOOcjj

Y=s9e.

VWWqrr

mlooc~~

%sG~}}

&''1??

LMMabb

b1s/cww

[,//cuu

QLNNbvv

5VVVL7

ONNppp

;;;XYYA.

-xm0;-

w}}}eUUmi

ekernel32.dll

zh-CHS

az-AZ-Latn

uz-UZ-Latn

kok-IN

syr-SY

div-MV

quz-BO

sr-SP-Latn

az-AZ-Cyrl

uz-UZ-Cyrl

quz-EC

sr-SP-Cyrl

quz-PE

smj-NO

bs-BA-Latn

smj-SE

sr-BA-Latn

sma-NO

sr-BA-Cyrl

sma-SE

sms-FI

smn-FI

zh-CHT

az-az-cyrl

az-az-latn

bs-ba-latn

div-mv

kok-in

quz-bo

quz-ec

quz-pe

sma-no

sma-se

smj-no

smj-se

smn-fi

sms-fi

sr-ba-cyrl

sr-ba-latn

sr-sp-cyrl

sr-sp-latn

syr-sy

uz-uz-cyrl

uz-uz-latn

zh-chs

zh-cht

Aapi-ms-win-core-fibers-l1-1-1

api-ms-win-core-synch-l1-2-0

kernel32

api-ms-

ext-ms-

((((( H

mscoree.dll

Sunday

Monday

Tuesday

Wednesday

Thursday

Friday

Saturday

January

February

August

September

October

November

December

MM/dd/yy

dddd, MMMM dd, yyyy

HH:mm:ss

Aapi-ms-win-core-datetime-l1-1-1

api-ms-win-core-fibers-l1-1-1

api-ms-win-core-file-l1-2-2

api-ms-win-core-localization-l1-2-1

api-ms-win-core-localization-obsolete-l1-2-0

api-ms-win-core-processthreads-l1-1-2

api-ms-win-core-string-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-sysinfo-l1-2-1

api-ms-win-core-winrt-l1-1-0

api-ms-win-core-xstate-l2-1-0

api-ms-win-rtcore-ntuser-window-l1-1-0

api-ms-win-security-systemfunctions-l1-1-0

ext-ms-win-ntuser-dialogbox-l1-1-0

ext-ms-win-ntuser-windowstation-l1-1-0

advapi32

kernel32

api-ms-win-appmodel-runtime-l1-1-2

user32

api-ms-

ext-ms-

Aja-JP

zh-CHS

az-AZ-Latn

uz-UZ-Latn

kok-IN

syr-SY

div-MV

quz-BO

sr-SP-Latn

az-AZ-Cyrl

uz-UZ-Cyrl

quz-EC

sr-SP-Cyrl

quz-PE

smj-NO

bs-BA-Latn

smj-SE

sr-BA-Latn

sma-NO

sr-BA-Cyrl

sma-SE

sms-FI

smn-FI

zh-CHT

az-az-cyrl

az-az-latn

bs-ba-latn

div-mv

kok-in

quz-bo

quz-ec

quz-pe

sma-no

sma-se

smj-no

smj-se

smn-fi

sms-fi

sr-ba-cyrl

sr-ba-latn

sr-sp-cyrl

sr-sp-latn

syr-sy

uz-uz-cyrl

uz-uz-latn

zh-chs

zh-cht

CONOUT$

APPLE-TOUCH-ICON

Antivirus	Signature
Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Lockbit.1q!c
tehtris	Clean
ClamAV	Clean
CMC	Clean
CAT-QuickHeal	Trojan.Generic
Skyhigh	BehavesLike.Win32.Generic.gh
ALYac	Gen:Variant.Razy.458328
Cylance	Unsafe
Zillya	Clean
Sangfor	Ransom.Win32.Lockbit.Vwda
K7AntiVirus	Trojan ( 005b92891 )
Alibaba	Ransom:Win32/Lockbit.beca14c5
K7GW	Trojan ( 005b92891 )
Cybereason	malicious.aaeae3
Baidu	Clean
VirIT	Clean
Paloalto	generic.ml
Symantec	Ransom.Blackmatter!gm1
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Kryptik_AGen.DNQ
APEX	Malicious
Avast	Win32:MalwareX-gen [Trj]
Cynet	Malicious (score: 99)
Kaspersky	HEUR:Trojan.Win32.Generic
BitDefender	Gen:Variant.Razy.458328
NANO-Antivirus	Clean
ViRobot	Clean
MicroWorld-eScan	Gen:Variant.Razy.458328
Tencent	Win32.Trojan.Generic.Pzfl
TACHYON	Clean
Sophos	Mal/Inject-CEE
F-Secure	Trojan.TR/AVI.Lockbit.canmb
DrWeb	Clean
VIPRE	Gen:Variant.Razy.458328
TrendMicro	Ransom_Lockbit.R002C0DHA24
McAfeeD	ti!05F9891BB4CA
Trapmine	Clean
FireEye	Generic.mg.95d8ef6aaeae33da
Emsisoft	Gen:Variant.Razy.458328 (B)
huorong	HVM:Trojan/Injector.gen!A
GData	Gen:Variant.Razy.458328
Jiangmin	Clean
Webroot	Clean
Varist	W32/ABRisk.NKFI-2106
Avira	TR/AVI.Lockbit.canmb
Antiy-AVL	Trojan[Ransom]/Win32.LockBit
Kingsoft	Win32.Trojan.Generic.a
Gridinsoft	Trojan.Win32.Kryptik.sa
Xcitium	Clean
Arcabit	Trojan.Razy.D6FE58
SUPERAntiSpyware	Clean
ZoneAlarm	HEUR:Trojan.Win32.Generic
Microsoft	Ransom:Win32/Lockbit.HA!MTB
Google	Detected
AhnLab-V3	Trojan/Win.Injection.C5657684
Acronis	Clean
McAfee	Artemis!95D8EF6AAEAE
MAX	malware (ai score=84)
VBA32	BScope.Trojan.Inject
Malwarebytes	Malware.AI.3737376821
Panda	Trj/Genetic.gen
Zoner	Clean
TrendMicro-HouseCall	Ransom_Lockbit.R002C0DHA24
Rising	Trojan.Kryptik@AI.90 (RDML:Yjj4FgJW1YhDtI3uWnkt0w)
Yandex	Clean
Ikarus	Trojan.Win32.Agent
MaxSecure	Clean
Fortinet	W32/Kryptik_AGen.DNQ!tr
BitDefenderTheta	Gen:NN.ZexaF.36810.ByW@a4R@!qf
AVG	Win32:MalwareX-gen [Trj]
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_100% (W)
alibabacloud	Trojan:Win/Lockbit.HM8PHU

Static Analysis

PE Compile Time

PE Imphash

Sections

Resources

Imports