popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2012-10-02 14:04:04

PE Imphash

483f0c4259a9148c34961abbda6146c1

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x000143f8 0x00014400 6.48220416561
.itext 0x00016000 0x00000be8 0x00000c00 6.01515734876
.data 0x00017000 0x00000d9c 0x00000e00 2.66928866696
.bss 0x00018000 0x00005750 0x00000000 0.0
.idata 0x0001e000 0x00000f9e 0x00001000 4.9677831943
.tls 0x0001f000 0x00000008 0x00000000 0.0
.rdata 0x00020000 0x00000018 0x00000200 0.190488766435
.rsrc 0x00021000 0x00024060 0x00024200 3.41619717354

Resources

Name Offset Size Language Sub-language File type
RT_ICON 0x00039984 0x00001b12 LANG_ENGLISH SUBLANG_ENGLISH_US PNG image data, 256 x 256, 8-bit gray+alpha, non-interlaced
RT_ICON 0x00039984 0x00001b12 LANG_ENGLISH SUBLANG_ENGLISH_US PNG image data, 256 x 256, 8-bit gray+alpha, non-interlaced
RT_ICON 0x00039984 0x00001b12 LANG_ENGLISH SUBLANG_ENGLISH_US PNG image data, 256 x 256, 8-bit gray+alpha, non-interlaced
RT_ICON 0x00039984 0x00001b12 LANG_ENGLISH SUBLANG_ENGLISH_US PNG image data, 256 x 256, 8-bit gray+alpha, non-interlaced
RT_ICON 0x00039984 0x00001b12 LANG_ENGLISH SUBLANG_ENGLISH_US PNG image data, 256 x 256, 8-bit gray+alpha, non-interlaced
RT_ICON 0x00039984 0x00001b12 LANG_ENGLISH SUBLANG_ENGLISH_US PNG image data, 256 x 256, 8-bit gray+alpha, non-interlaced
RT_STRING 0x0003be84 0x00000294 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_STRING 0x0003be84 0x00000294 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_STRING 0x0003be84 0x00000294 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_STRING 0x0003be84 0x00000294 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_STRING 0x0003be84 0x00000294 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_STRING 0x0003be84 0x00000294 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_RCDATA 0x000445c0 0x0000002c LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_RCDATA 0x000445c0 0x0000002c LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_RCDATA 0x000445c0 0x0000002c LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_RCDATA 0x000445c0 0x0000002c LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_GROUP_ICON 0x000445ec 0x0000005a LANG_ENGLISH SUBLANG_ENGLISH_US data
RT_VERSION 0x00044648 0x000004b8 LANG_ENGLISH SUBLANG_ENGLISH_US COM executable for DOS
RT_MANIFEST 0x00044b00 0x00000560 LANG_ENGLISH SUBLANG_ENGLISH_US XML 1.0 document, ASCII text, with CRLF line terminators

Imports

Library oleaut32.dll:
0x41e350 SysFreeString
0x41e354 SysReAllocStringLen
0x41e358 SysAllocStringLen
Library advapi32.dll:
0x41e360 RegQueryValueExW
0x41e364 RegOpenKeyExW
0x41e368 RegCloseKey
Library user32.dll:
0x41e370 GetKeyboardType
0x41e374 LoadStringW
0x41e378 MessageBoxA
0x41e37c CharNextW
Library kernel32.dll:
0x41e384 GetACP
0x41e388 Sleep
0x41e38c VirtualFree
0x41e390 VirtualAlloc
0x41e394 GetSystemInfo
0x41e398 GetTickCount
0x41e3a0 GetVersion
0x41e3a4 GetCurrentThreadId
0x41e3a8 VirtualQuery
0x41e3ac WideCharToMultiByte
0x41e3b0 MultiByteToWideChar
0x41e3b4 lstrlenW
0x41e3b8 lstrcpynW
0x41e3bc LoadLibraryExW
0x41e3c0 GetThreadLocale
0x41e3c4 GetStartupInfoA
0x41e3c8 GetProcAddress
0x41e3cc GetModuleHandleW
0x41e3d0 GetModuleFileNameW
0x41e3d4 GetLocaleInfoW
0x41e3d8 GetCommandLineW
0x41e3dc FreeLibrary
0x41e3e0 FindFirstFileW
0x41e3e4 FindClose
0x41e3e8 ExitProcess
0x41e3ec WriteFile
0x41e3f4 RtlUnwind
0x41e3f8 RaiseException
0x41e3fc GetStdHandle
0x41e400 CloseHandle
Library kernel32.dll:
0x41e408 TlsSetValue
0x41e40c TlsGetValue
0x41e410 LocalAlloc
0x41e414 GetModuleHandleW
Library user32.dll:
0x41e41c CreateWindowExW
0x41e420 TranslateMessage
0x41e424 SetWindowLongW
0x41e428 PeekMessageW
0x41e430 MessageBoxW
0x41e434 LoadStringW
0x41e438 GetSystemMetrics
0x41e43c ExitWindowsEx
0x41e440 DispatchMessageW
0x41e444 DestroyWindow
0x41e448 CharUpperBuffW
0x41e44c CallWindowProcW
Library kernel32.dll:
0x41e454 WriteFile
0x41e458 WideCharToMultiByte
0x41e45c WaitForSingleObject
0x41e460 VirtualQuery
0x41e464 VirtualProtect
0x41e468 VirtualFree
0x41e46c VirtualAlloc
0x41e470 SizeofResource
0x41e474 SignalObjectAndWait
0x41e478 SetLastError
0x41e47c SetFilePointer
0x41e480 SetEvent
0x41e484 SetErrorMode
0x41e488 SetEndOfFile
0x41e48c ResetEvent
0x41e490 RemoveDirectoryW
0x41e494 ReadFile
0x41e498 MultiByteToWideChar
0x41e49c LockResource
0x41e4a0 LoadResource
0x41e4a4 LoadLibraryW
0x41e4b4 GetVersionExW
0x41e4bc GetThreadLocale
0x41e4c0 GetSystemInfo
0x41e4c4 GetStdHandle
0x41e4c8 GetProcAddress
0x41e4cc GetModuleHandleW
0x41e4d0 GetModuleFileNameW
0x41e4d4 GetLocaleInfoW
0x41e4d8 GetLocalTime
0x41e4dc GetLastError
0x41e4e0 GetFullPathNameW
0x41e4e4 GetFileSize
0x41e4e8 GetFileAttributesW
0x41e4ec GetExitCodeProcess
0x41e4f4 GetDiskFreeSpaceW
0x41e4f8 GetDateFormatW
0x41e4fc GetCurrentProcess
0x41e500 GetCommandLineW
0x41e504 GetCPInfo
0x41e508 InterlockedExchange
0x41e510 FreeLibrary
0x41e514 FormatMessageW
0x41e518 FindResourceW
0x41e51c EnumCalendarInfoW
0x41e524 DeleteFileW
0x41e52c CreateProcessW
0x41e530 CreateFileW
0x41e534 CreateEventW
0x41e538 CreateDirectoryW
0x41e53c CompareStringW
0x41e540 CloseHandle
Library advapi32.dll:
0x41e548 RegQueryValueExW
0x41e54c RegOpenKeyExW
0x41e550 RegCloseKey
0x41e554 OpenProcessToken
Library comctl32.dll:
0x41e560 InitCommonControls
Library kernel32.dll:
0x41e568 Sleep
Library advapi32.dll:
Library oleaut32.dll:
0x41e578 SafeArrayPtrOfIndex
0x41e57c SafeArrayGetUBound
0x41e580 SafeArrayGetLBound
0x41e584 SafeArrayCreate
0x41e588 VariantChangeType
0x41e58c VariantCopy
0x41e590 VariantClear
0x41e594 VariantInit
No antivirus signatures available.
No IRMA results available.