Static | ZeroBOX

Name	Virtual Address	Virtual Size	Size of Raw Data	Entropy
UPX0	0x00001000	0x00011000	0x00000000	0.0
UPX1	0x00012000	0x00011000	0x00010400	7.6537205141
.rsrc	0x00023000	0x00001000	0x00000c00	3.54681275438

Name

Virtual Address

Virtual Size

Size of Raw Data

Entropy

UPX0

0x00001000

0x00011000

0x00000000

0.0

UPX1

0x00012000

0x00011000

0x00010400

7.6537205141

.rsrc

0x00023000

0x00001000

0x00000c00

3.54681275438

Name	Offset	Size	Language	Sub-language	File type
RT_ICON	0x000234f8	0x00000128	LANG_ENGLISH	SUBLANG_ENGLISH_US	GLS_BINARY_LSB_FIRST
RT_ICON	0x000234f8	0x00000128	LANG_ENGLISH	SUBLANG_ENGLISH_US	GLS_BINARY_LSB_FIRST
RT_DIALOG	0x00020908	0x000000b8	LANG_ENGLISH	SUBLANG_ENGLISH_US	data
RT_STRING	0x00020a78	0x00000034	LANG_ENGLISH	SUBLANG_ENGLISH_US	data
RT_STRING	0x00020a78	0x00000034	LANG_ENGLISH	SUBLANG_ENGLISH_US	data
RT_STRING	0x00020a78	0x00000034	LANG_ENGLISH	SUBLANG_ENGLISH_US	data
RT_GROUP_ICON	0x00023624	0x00000022	LANG_ENGLISH	SUBLANG_ENGLISH_US	data
RT_VERSION	0x0002364c	0x000002bc	LANG_ENGLISH	SUBLANG_ENGLISH_US	data

Name

Offset

Size

Language

Sub-language

File type

RT_ICON

0x000234f8

0x00000128

LANG_ENGLISH

SUBLANG_ENGLISH_US

GLS_BINARY_LSB_FIRST

RT_ICON

0x000234f8

0x00000128

LANG_ENGLISH

SUBLANG_ENGLISH_US

GLS_BINARY_LSB_FIRST

RT_DIALOG

0x00020908

0x000000b8

LANG_ENGLISH

SUBLANG_ENGLISH_US

data

RT_STRING

0x00020a78

0x00000034

LANG_ENGLISH

SUBLANG_ENGLISH_US

data

RT_STRING

0x00020a78

0x00000034

LANG_ENGLISH

SUBLANG_ENGLISH_US

data

RT_STRING

0x00020a78

0x00000034

LANG_ENGLISH

SUBLANG_ENGLISH_US

data

RT_GROUP_ICON

0x00023624

0x00000022

LANG_ENGLISH

SUBLANG_ENGLISH_US

data

RT_VERSION

0x0002364c

0x000002bc

LANG_ENGLISH

SUBLANG_ENGLISH_US

data

!This program cannot be run in DOS mode.

hx:[84

~x#| )

xox$13

W5YY<_^

R$0z2zt$

GGCCf;

`>Y~_^[]

8@@AAJu

BBFF[f

0@@BBIn

{IlUHR

t'<\t<nt

xm\/u

)#k@@u

/u"8j\Zf;

*F@&@{

wOt%Ht

F8sF<"

OShXY9;

FFFNNNNFFFF

W9^`t\8^=

F<;FDr

<;F<uW

.,^dhh;

n`9ntWv

;GoJSU

F ZV0u

E{8HTt

t\IItEIt2

`GM_9.

!bj~=}

U%~T9]

cT(d;u

E('uA0

EIHWXW

'lj. K

v[9^0u

ME0P|S

eP|_PE

ob8_@t-j7e

C;^xrOY

82=AD,kHh

~j2L&W$

;7uk>?u

t$aQpX

DEwA9

C,d69E

;>VU\e

DtoZ]J;

tzOtpOt%Ot

taOOt3

@2w\;D$

#4Oc1

\0i,+h

f&.s6h

;}/;]+]d

GQo@

T$ )&v

tm<xO 07L

,<o`&j

S/l%',

':`?4 A*

u=9l$0

Di<^~+

#T$,#D$(

et_^[%

D$ )Ft

$-$,QR

m$Dle&H

$0tttq4

|$(+L$4+

l$ FG0L

*+-`)B

u<9F0u

$_9F 0

9NLtp;

?(~yY,

P(Y8Y#

eSx-{I

6({gp4{

7d(9@hy~

tqoO&G

rror #

FindNextStreamW

#kernel32

.dl@:$DAT

out of

memor.

LZMA` -

p&S'o

GenuineIntelAuthenticAMDC

aurHauls

[UXTHEME

USERENV

TUPAPI

APPHELP

PROPSYS

RYPTBASE

OLEACC

CLBCAT_F

DefetDllDirectorie`

S8/L'`

@vP/8'{

oH'p/x03

O8'O@>3

?7X/Wa

,!@Install@!UTF-8!

'?AVCNewException@S=

'WInArchiv{

e]N7z@N

UnsupportedFeatur8

Wtype_in

$+wM_U

GetStartupInfoA

InitialM

calSec

ResetEvent

Create

lstrlen

i_alFree

AllocF

WaitForMultipleObjss

ByHandl

ndOf.f?

Pointer\S

Attributes

aModuC

Curr+Th dId0w

cTickCouA]!

Process"empPath_

,sn`nB

move3f

cwage1LoH

bNam4adLibraryExD

Version_

xComm_Lin

W_controlD|

__7_app_

__p__fmod=

adjust_fdiv'70

getmainarg)_acmd

_XcptJ+

m/te@@YAXXZ;"

{ler3Abeg5

memcpy-Cxx

ShellExec

zWindowLon

(CharUppe

Show4%

.rsrc8

XPTPSW

33333330

{{{{{{{3

{{{{{{{33

{{{{{{{330

3333333

33333333

wwwwwwwwwww

DDDDDD@

DDDDDDGpw

DDDDDDDDDDD

wwwwwwwwwww

KERNEL32.DLL

MSVCRT.dll

OLEAUT32.dll

SHELL32.dll

USER32.dll

LoadLibraryA

GetProcAddress

VirtualProtect

VirtualAlloc

VirtualFree

ExitProcess

ShellExecuteExW

SetTimer

;!@Install@!UTF-8!

ExecuteFile="a.bat"

Title="a"

ExtractTitle="Extracting a"

ExtractDialogText="a"

GUIFlags="1+4+8+32"

;!@InstallEnd@!

VS_VERSION_INFO

StringFileInfo

040904b0

CompanyName

Igor Pavlov

FileDescription

7z Setup SFX

FileVersion

InternalName

7zS.sfx

LegalCopyright

OriginalFilename

7zS.sfx.exe

ProductName

ProductVersion

VarFileInfo

Translation

Antivirus	Signature
Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Generic.4!c
Elastic	Clean
ClamAV	Win.Trojan.Generic-9885924-0
CMC	Clean
CAT-QuickHeal	Clean
Skyhigh	Clean
ALYac	Clean
Cylance	Unsafe
Zillya	Clean
Sangfor	Clean
CrowdStrike	Clean
Alibaba	Clean
K7GW	Clean
K7AntiVirus	Clean
Baidu	Clean
VirIT	Trojan.Win32.Dnldr30.XGE
Paloalto	Clean
Symantec	ML.Attribute.HighConfidence
tehtris	Clean
ESET-NOD32	Clean
APEX	Malicious
Avast	Clean
Cynet	Clean
Kaspersky	UDS:DangerousObject.Multi.Generic
BitDefender	Clean
NANO-Antivirus	Clean
ViRobot	Clean
MicroWorld-eScan	Clean
Tencent	Clean
Sophos	Clean
F-Secure	Clean
DrWeb	Clean
VIPRE	Clean
TrendMicro	Clean
McAfeeD	ti!26B4AB7DEB13
Trapmine	suspicious.low.ml.score
CTX	exe.trojan.generic
Emsisoft	Clean
huorong	Clean
FireEye	Generic.mg.1b7ee505711d9f7f
Jiangmin	Clean
Webroot	Clean
Varist	Clean
Avira	Clean
Fortinet	Clean
Antiy-AVL	Clean
Kingsoft	malware.kb.b.785
Gridinsoft	Trojan.Win32.Agent.vb!s2
Xcitium	Clean
Arcabit	Clean
SUPERAntiSpyware	Clean
ZoneAlarm	UDS:DangerousObject.Multi.Generic
Microsoft	Trojan:Win32/Wacatac.B!ml
Google	Detected
AhnLab-V3	Malware/Win32.RL_Generic.R281345
Acronis	Clean
McAfee	Artemis!1B7EE505711D
TACHYON	Clean
VBA32	Clean
Malwarebytes	Generic.Malware/Suspicious
Panda	Trj/Chgt.AD
Zoner	Clean
TrendMicro-HouseCall	Clean
Rising	Clean
Yandex	Clean
Ikarus	Clean
MaxSecure	Trojan.Malware.300983.susgen
GData	Clean
AVG	Clean
DeepInstinct	MALICIOUS
alibabacloud	Clean

Antivirus

Signature

Bkav

W32.AIDetectMalware

Lionic

Trojan.Win32.Generic.4!c

Elastic

Clean

ClamAV

Win.Trojan.Generic-9885924-0

CMC

Clean

CAT-QuickHeal

Clean

Skyhigh

Clean

ALYac

Clean

Cylance

Unsafe

Zillya

Clean

Sangfor

Clean

CrowdStrike

Clean

Alibaba

Clean

K7GW

Clean

K7AntiVirus

Clean

Baidu

Clean

VirIT

Trojan.Win32.Dnldr30.XGE

Paloalto

Clean

Symantec

ML.Attribute.HighConfidence

tehtris

Clean

ESET-NOD32

Clean

APEX

Malicious

Avast

Clean

Cynet

Clean

Kaspersky

UDS:DangerousObject.Multi.Generic

BitDefender

Clean

NANO-Antivirus

Clean

ViRobot

Clean

MicroWorld-eScan

Clean

Tencent

Clean

Sophos

Clean

F-Secure

Clean

DrWeb

Clean

VIPRE

Clean

TrendMicro

Clean

McAfeeD

ti!26B4AB7DEB13

Trapmine

suspicious.low.ml.score

CTX

exe.trojan.generic

Emsisoft

Clean

huorong

Clean

FireEye

Generic.mg.1b7ee505711d9f7f

Jiangmin

Clean

Webroot

Clean

Varist

Clean

Avira

Clean

Fortinet

Clean

Antiy-AVL

Clean

Kingsoft

malware.kb.b.785

Gridinsoft

Trojan.Win32.Agent.vb!s2

Xcitium

Clean

Arcabit

Clean

SUPERAntiSpyware

Clean

ZoneAlarm

UDS:DangerousObject.Multi.Generic

Microsoft

Trojan:Win32/Wacatac.B!ml

Google

Detected

AhnLab-V3

Malware/Win32.RL_Generic.R281345

Acronis

Clean

McAfee

Artemis!1B7EE505711D

TACHYON

Clean

VBA32

Clean

Malwarebytes

Generic.Malware/Suspicious

Panda

Trj/Chgt.AD

Zoner

Clean

TrendMicro-HouseCall

Clean

Rising

Clean

Yandex

Clean

Ikarus

Clean

MaxSecure

Trojan.Malware.300983.susgen

GData

Clean

AVG

Clean

DeepInstinct

MALICIOUS

alibabacloud

Clean

Static Analysis

PE Compile Time

PE Imphash

PEiD Signatures

Sections

Resources

Imports