popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2102-12-20 14:51:01

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x00018d14 0x00018e00 4.87082805347
.rsrc 0x0001c000 0x000005b0 0x00000600 4.07697871516
.reloc 0x0001e000 0x0000000c 0x00000200 0.101910425663

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x0001c0a0 0x00000320 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_MANIFEST 0x0001c3c0 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
z@zUzUz
=J#J$J'J9J(J>JdJ/J2J/JJJ
oI(I-I I-ItIII
v4.0.30319
#Strings
winmsbt.exe
<Module>
CMSASSEMBLYDEPLOYMENTFLAGCREATEDESKTOPSHORTCUTToEventKeywords
MayCorruptInstancegetSize
mscorlib
DateTime
System
SetLastErrorIsThreadPoolThread
.cctor
getIsFamilyOrAssemblyStoreOperationSetDeploymentMetadata
AssemblyIsolationByUserSafeArrayRankMismatchException
GetAtDns
DecoderFallbackExceptionGetPropertyProps
WaitOrTimerCallbackGetPublicKeyToken
StreamWriterDeclaredMembers
TranslatesetNumberFormat
ArgRegSubKeyAbsentIsGenericMethodDefinition
Exception
IsObjectOutOfContextBufferedStream
BigMulStringValue
EmptyCAHolderUnsafeToStringArray
Assembly
System.Reflection
ResolveEventArgs
getContainerIDgetSignature
winmsbt.Properties.CLAIMSECURITYATTRIBUTEVOtherSymbol
Object
ReadAllTextWorldSid
AllAccessgetApplicationIdentity
GetCultureInfoShared
PermissionTokenFactoryEndRead
DateTimeOffsetITokenReader
MutexAccessRuleremoveAssemblyLoad
PrivateScopeUnmanagedFunctionPointerAttribute
ConcurrentExclusiveSchedulerPairtickNow
GetPrimaryAndSecondarySometimes
OnFinalReleasegetANSICodePage
EBCDICCodePageLegalBlockSizes
get_ID
set_ID
get_Title
set_Title
get_Caption
set_Caption
get_URL
set_URL
get_ImageURL
set_ImageURL
DispatchWrapperTypeIEnvoyInfo
cParamsParameter
MaxMethodImplValgetHandlerLength
ResourceManagerFoundResourceSetInCacheUnexpectedgetIgnorePersistedDecision
DSACspObjectSerializationMask
GacMediaPlay
mvalueDeserialize
getPrimaryIdentitySelectorCreateComInstanceFrom
LifetimeEntrygetFrameworkDisplayName
getPermissionStateAssemblyBuilderData
AddClassAttributeAddOvf
ParallelLoopStateDisableComObjectEagerCleanup
HasValueMaxValue
PRIExceptionInfoCallConvCdecl
setSecurityInfrastructureGetNamespace
CommandLineParametersCF
WINFILEATTRIBUTEDATAPropertiesToSet
Caption
ImageURL
CMSSECTIONIDCOMREDIRECTIONSECTIONLeftToRightEmbedding
ContinueParsingGetSources
IPersistFileLazyThreadSafetyMode
ProxyTypeNameHashtable
WebClient
System.Net
DebugOutThreadPoolBoundHandle
IDLDESCRemainder
EventSourceSettingsIsSignUnspecifiedByte
List`1
System.Collections.Generic
ExpandEnvironmentVariablesTasksSetActivityIds
getCulturegetReturnParameter
TypesAlwaysMemberAccess
WriteLineAsyncAbsentOriginScheme
ProgramFilesXEncodingName
Ldargconverter
SynchronizedServerContextSinkWriteArray
LogicalGetDataGetStore
LoadHintgetRenewOnCallTime
VARFLAGFUIDEFAULTSetPathList
ResourceTypeIdIntSizewMajorVerNum
IdentityAuthoritygetAsUnknown
ContractFailedEventArgsInheritanceFlags
SiteStringStrongNameKeyGen
System.Windows.Forms
PtrToStringAnsiComObject
NotifyIcon
PoprefpopiGregorianCalendarTypes
Random
GenerateDefinitionKeyClassType
RegistergetCustomAttributeEncodedArgument
OEMCodePageGetOneYearLocalFromUtc
RemUngetIsBitOperatingSystem
CurrentStateSafeCertContextHandle
grfLocksSupportedEventRegistrationTokenTable
EventArgs
sender
getInputEncodingGlobalAssemblyCache
IWellKnownStringEqualityComparerGetParamCustData
CustomQueryInterfaceModeRootScope
getVolumeLabelMapAssembly
getTargetSchedulergetDescriptionData
getAllowOnlyFipsAlgorithmsCleanupWorkListElement
EventHandler
PermissionSetEnumeratorWriteLine
ShortInlineIAddTask
System.Drawing
YearDefaultDeleteOnClose
IsSystemMonikerBindableVectorToListAdapter
SecuritySafeCriticalAttributegetExists
RootDirectoryIsField
FailedsetKey
Process
System.Diagnostics
StandardNameGetFault
ProcessModule
NumberTokenChangePermissions
getMaxDegreeOfParallelismGetConsoleFallbackUICulture
IObjectReferencegetIsStatic
GetHostEvidenceStartDTD
getVisualizerTypeNameXKeyStorageFlags
DirectoryInfo
System.IO
StringInfoLongPathHelper
ObjectManagerResourceTableMappingEntryFieldId
DependentOSMetadataBuildNumberDontKnow
ShrUnReport
RegistryKey
Microsoft.Win32
InlineBrTargetGetEnvoySink
RegistryKeySectionDigitValues
SerializedCertResolveString
getScheduledExclusiveGetThisPtr
CacheCoherencyGuidCONSOLECURSORINFO
DeploymentIdTryAdd
getIsReEntrantAmd
getClaimsgetEBCDICCodePage
AllowParenthesesArgsIsArray
ThreadStaticAttributeIRunningObjectTable
NativeBuffergetAllData
ContextAttributesGetReferencedAssemblies
FindAllGetDoubleArray
ObjRefSurrogateDefinitionToTextBuffer
SingleTaskSchedulerAwaitTaskContinuation
ExecutionContextSwitcherasyncWaiter
CheckAssertionEnableCount
DefinitionAppIdApplicationgetApplicationTrustManager
InsertLineBreaksIMPALWAYSFLOW
DebuggingModesTXTS
AddSystemAclWaitDelegate
DayOfYearUnsafeDeserializeMethodResponse
ThreadStart
System.Threading
setAllFilesSyncStack
LibraryWorkingSet
ResourceHelperISOCurrencySymbol
Thread
SetLastErrorHexBinary
ThreadAbortexceptionQ
getExternalProcessMgmtAppendText
GetRequestStreamAccessAllowedCallback
MakeDataTypeTOKENUSER
getCurrentStateVARFLAGFREPLACEABLE
LeavegetCount
winmsbt.Properties.IntPtrArrayTypeInfoClone
VarEnumGetPropertySigHelper
getAsBstrKoreanCalendar
EnhancedKeyGetMachineStoreForAssembly
getTypeInformationGetThisPtr
GetItemgetUnmanagedCode
getSchedulerIsValidText
getCanTransformMultipleBlocksSetObserved
RolegetDefinedTypes
InvalidTimeZoneExceptionIsUpper
SelectNewObjectppString
EqualssetDisallowBindingRedirects
CreationTimeAnsiBStr
LockMemorysetDateSeparator
OpenTextUserNameSpace
RemotingConfigurationSafeHandle
AppDomainInitializerInfoInvocationList
PrivateScopeSoapName
PARAMFLAGFOPTIterableToEnumerableAdapter
IsInitializedKerbProxyLogon
getApplicationNameDemandedResources
MaximumAgeUnitsetExclude
GenericMethodGetFuncCustData
TryPopRangeAddResourceFile
WinRTClassActivatorgetDynamicDirectory
GetSwitchTokenOrigin
UninstallOtherscNamedArgs
VARFLAGFUIDEFAULTWriteThrough
WorldAuthorityRightArrow
WriteEventErrorCodeInheritanceDemand
getSpinCountDeclaredOnly
StreamWriterBufferedDataLostTicksPerMillisecond
ReadBooleanSyncIList
Resources
winmsbt.Properties
IconFileSetTarget
ResourceManager
System.Resources
TaskStatusMapToDictionaryAdapter
CultureInfo
System.Globalization
IsSignUnspecifiedByteCurrentSize
getIIDGuidMiddayAtPersianObservationSite
getASCIIKeySizes
PushrefgetIsStopped
get_ResourceManager
get_Culture
set_Culture
get_windows
SerializeGetTypeInfoOfGuid
RemainingsetSurrogateSelector
CodePageEncodingCMSSECTIONIDSTRINGSECTION
RunningContinuationsetUIContext
RuntimeTypeHandle
IsLeapMonthgetCurrentState
GetCachedSoapAttributeArgumentImplementIComparable
ClearPrivatePathConfigEvents
NoMangleVarpush
RFCPatternAtCData
TokenPrimaryStrongNameCompareAssemblies
InstallAnsiBStr
CMSSECTIONENTRYIDMETADATAgetCanTransformMultipleBlocks
DataMisalignedExceptionsetIdentityObject
Culture
windows
SecurityDocumentElementIsMarshalByRef
ValueType
CodeAccessSecurityEnginegetVisualizerTypeName
DecoderFallbackBufferDynamicPartitionerForIEnumerable
GetElementIThreadPoolWorkItem
GetFilesReference
RuntimeReflectionExtensionsResponseXmlNamespace
SetMethodBodyCreatorGroupSid
PowerUsersetVolumeLabel
ClassTypeICustomFactory
setCalendarWeekRuleSystemOperator
LUIDBindToMethod
DiscretionaryAclTrySetResult
CategoryTimeSpanStandardStyles
MSILCLAIMVALUESATTRIBUTEV
exceptionQCopyFile
DateTimeFinalReleaseComObject
InvalidCultureNameConstructorOnTypeBuilderInstantiation
DSUNKNOWN
GREGORIANXLITFRENCHEncryptionAlgorithm
SystemThreadingTasksTaskSchedulerDebugViewgetAsUnknown
HaveSecondHexadecimal
AddHostEvidenceVersionResult
RuntimeConstructorInfoBuiltinSystemOperatorsSid
ZeroFreeGlobalAllocUnicodeGetElement
DirectoryStringResourceEnumerator
CMSASSEMBLYREFERENCEFLAGPREREQUISITELockRecursionException
ReadUIntDeploymentMetadataMinimumRequiredVersion
RegistryKeyFixedSize
GetPublicKeyTokenAddRule
tbuildergetWasUsed
SetSetMethodFindEnumerableElementType
CanReadProtectedResources
IsCaseInsensitiveSMALLRECT
setUseSaltgetEventTagSection
getISOCurrencySymbolgetKeys
SoapMessageSurrogateAuto
StandardDateEventSource
SerObjectInfoCacheAlgorithmClass
VoidTaskResultCCCDECL
CharArraygetSelfAffectingProcessMgmt
getIsMetricFirstFourDayWeek
getCopyrightGetUrlsForObject
VTUINTNotation
setApplicationIdentityCORINFOEHCLAUSE
getMvidValueCOMServerHostFile
QuerylpvarValue
TrimEndgetDefaultRequestSet
LongDatePatternContextAttribute
IGetProxyTargetFailedAssemblyInfo
HGenitive
DefaultValueSponsorInfo
SetOwnerEtwSession
IFileEntryFileTime
SortedListLoadDriver
DependentOSMetadataEntryFieldIdISafeSerializationData
FromXmlStringgetSuiteName
GetRuntimeResourceStringPARAMFLAGFHASCUSTDATA
ProgressCorrelationHint
GetXmlTypeForInteropTypeTYPEFLAGFCONTROL
AsUnknownRemove
MethodInfoRevision
getIsClosedCalendarData
ManagedThreadIdSignHash
WorkingSetMarshalNativeToManaged
getTypeLibraryMemberListType
FinalizationHelperContainerInherit
ISecurityElementFactorywCode
xpZGmxOmlombee+riSF3eDbQI+Q
winmsbt
CompilationRelaxationsAttribute
System.Runtime.CompilerServices
RuntimeCompatibilityAttribute
DebuggableAttribute
DebuggingModes
AssemblyTitleAttribute
AssemblyDescriptionAttribute
AssemblyConfigurationAttribute
AssemblyCompanyAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyTrademarkAttribute
ComVisibleAttribute
System.Runtime.InteropServices
GuidAttribute
AssemblyFileVersionAttribute
TargetFrameworkAttribute
System.Runtime.Versioning
CompilerGeneratedAttribute
STAThreadAttribute
GeneratedCodeAttribute
System.CodeDom.Compiler
DebuggerNonUserCodeAttribute
EditorBrowsableAttribute
System.ComponentModel
EditorBrowsableState
winmsbt.Properties.Resources.resources
b99eb717-69e4-42df-833d-d85fb14eb10f
String
MinValue
get_Ticks
Environment
FailFast
IntPtr
AppDomain
get_CurrentDomain
ResolveEventHandler
add_AssemblyResolve
get_Name
StringBuilder
System.Text
Append
ToString
Compare
GetTypeFromHandle
IsInstanceOfType
DownloadString
set_Visible
set_Text
add_BalloonTipClicked
set_Icon
Control
set_CheckForIllegalCrossThreadCalls
GetEnvironmentVariable
Concat
GetCurrentProcess
get_MainModule
get_FileName
ToLower
Contains
Directory
CreateDirectory
Registry
CurrentUser
OpenSubKey
SetValue
get_Count
get_Item
set_BalloonTipTitle
set_BalloonTipText
ShowBalloonTip
Application
EnableVisualStyles
SetCompatibleTextRenderingDefault
get_Assembly
GetObject
WrapNonExceptionThrows
Microsoft Windows
winmsbt
Copyright
2024
$89357b57-ed92-46ac-b887-a22ef370f453
1.0.0.0
.NETFramework,Version=v4.0
FrameworkDisplayName
.NET Framework 4
3System.Resources.Tools.StronglyTypedResourceBuilder
16.0.0.0
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
(/9?DN
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
Microsoft Windows
FileVersion
1.0.0.0
InternalName
winmsbt.exe
LegalCopyright
Copyright
2024
LegalTrademarks
OriginalFilename
winmsbt.exe
ProductName
winmsbt
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0
Antivirus Signature
Bkav W32.AIDetectMalware.CS
Lionic Clean
tehtris Generic.Malware
ClamAV Clean
CMC Clean
CAT-QuickHeal Clean
ALYac Clean
Cylance Unsafe
Zillya Clean
Sangfor Clean
K7AntiVirus Clean
Alibaba Clean
K7GW Clean
Cybereason Clean
huorong Clean
Baidu Clean
VirIT Clean
Paloalto Clean
Symantec ML.Attribute.HighConfidence
Elastic malicious (high confidence)
ESET-NOD32 Clean
APEX Malicious
Avast Clean
Cynet Clean
Kaspersky Clean
BitDefender Clean
NANO-Antivirus Clean
ViRobot Clean
MicroWorld-eScan Clean
Tencent Clean
TACHYON Clean
Sophos Clean
F-Secure Trojan.TR/Crypt.XDR.Gen
DrWeb Clean
VIPRE Clean
TrendMicro Clean
McAfeeD Real Protect-LS!771B8E84BA4F
Trapmine malicious.moderate.ml.score
FireEye Generic.mg.771b8e84ba4f0215
Emsisoft Clean
Ikarus Trojan.MSIL.Crypt
GData Clean
Jiangmin Clean
Webroot W32.Malware.Gen
Varist Clean
Avira TR/Crypt.XDR.Gen
Antiy-AVL Clean
Kingsoft malware.kb.c.661
Gridinsoft Clean
Xcitium Clean
Arcabit Clean
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft Trojan:Win32/Phonzy.C!ml
Google Detected
AhnLab-V3 Clean
Acronis Clean
McAfee Clean
MAX Clean
VBA32 Clean
Malwarebytes Clean
Panda Clean
Zoner Clean
TrendMicro-HouseCall Clean
Rising Clean
Yandex Clean
SentinelOne Static AI - Malicious PE
MaxSecure Trojan.Malware.300983.susgen
Fortinet Clean
BitDefenderTheta Gen:NN.ZemsilF.36812.gm0@a8ucGDp
AVG Clean
DeepInstinct MALICIOUS
CrowdStrike win/malicious_confidence_90% (D)
alibabacloud Clean
No IRMA results available.