popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2024-08-31 00:21:07

PDB Path

AVP.pdb

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x0005d344 0x0005d400 7.83979648627
.rsrc 0x00060000 0x000005d4 0x00000600 4.15557530207
.reloc 0x00062000 0x0000000c 0x00000200 0.101910425663

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x000600a0 0x00000348 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_MANIFEST 0x000603e8 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
(\?@V~
@ #l>@
Z?_d
_b`*
(rF1^~8
O\S8
EPFFY
=Y YI4
eMXf {
c 7}Y?a}
EPFFY u
eMXf w=
#e i7e
Qe :7|;a
Qe :7|;a
Y)cf
Y WqvaX D
v4.0.30319
#Strings
AssemblyProductAttribute
System.Reflection
mscorlib
System
String
CompilationRelaxationsAttribute
System.Runtime.CompilerServices
TargetFrameworkAttribute
System.Runtime.Versioning
AssemblyTitleAttribute
AssemblyDescriptionAttribute
AssemblyConfigurationAttribute
AssemblyCompanyAttribute
Boolean
RuntimeCompatibilityAttribute
AssemblyCopyrightAttribute
AssemblyTrademarkAttribute
ComVisibleAttribute
System.Runtime.InteropServices
GuidAttribute
AssemblyFileVersionAttribute
DebuggableAttribute
System.Diagnostics
DebuggingModes
SuppressIldasmAttribute
400f2124-d55e-49c6-8811-b71985c5f5a0
AVP.exe
<Module>
OY9DxeL8uocB97A49f
Giq9MSr1wjv5xZ1eY0
Object
ContentJoiner
SDfrghrt
ojrCMWb9JtJZ2MvXCb
T9wgFI3VSvcKpullXW
bVG50YN0prDFw9PNae
MulticastDelegate
mMXk2s7DSDeKWs6vXL
rivateImplementationDetails>{D378D6AA-05EA-4B70-AD52-3B90596411FD}
__StaticArrayInitTypeSize=16
ValueType
__StaticArrayInitTypeSize=308224
__StaticArrayInitTypeSize=1196
<Module>{6667D822-D51B-4A74-B990-5BDA3C79755D}
KVXSGOYaqmOZf4KToy
sfOakNwaaJmVBgGr1W
G2FHSljXuCyHnDimok
SFVfprP2VpNrxnUqUM
OgSQ6sIM2VMaWF4qo8
qxJF4sBRFAYrHncJn8a
HgIsv1BVAyXQJwZtTCF
Attribute
KQZjD5BBwC6gUrmnr4G`1
eO8F2bBpFw3eOf1rIVi
QDRQPXBWFn0CMnOJmH9
uU8DjMBSB0uU213j1mM
eg2RgoBUeMGdvHmOjEU
Gn6xfeBhtiKG9d08WU4
uJgdavBn7xVqlfERo0P
e7973FBbTSIZiFeRI4Z
gmHs3fB3mg0pnFpkP0C
bo87wSB4k2AqAPbJUuY
RXiKPfBihbuCEVFIXEo
g00RBGBMxS1ZdD4u8D7
dPTIkwBKLZH3m1ypeUU
ABukIIB2NKNk92xqngN
fGH9v7Bdd7pjVYyo5Z2
F74xyjB7pKnrJ522aGx
DC4JyXBYAk8xNIOGGbB
LyKKmABkcTJVGGbNt8P
dniYBPBtxN0wLigx6q2
rivateImplementationDetails>{5FF12E4D-A11B-4420-B67E-D213E290D64E}
__StaticArrayInitTypeSize=18
__StaticArrayInitTypeSize=30
__StaticArrayInitTypeSize=32
__StaticArrayInitTypeSize=40
__StaticArrayInitTypeSize=64
__StaticArrayInitTypeSize=256
<Module>{33a4f7c5-44c8-43ea-9149-687128515eee}
f8DCC9208DDC7D1C
m8DCC9208DDC7D1C
TimeSpan
DateTime
get_Now
op_Subtraction
get_Days
Exception
.cctor
oMkDLuiAb
rsFvcFHga
RuntimeHelpers
InitializeArray
RuntimeFieldHandle
b6OnZQeSn
get_Chars
Console
get_Length
WriteLine
List`1
System.Collections.Generic
cNoXauUTq
IM9EmVPSe
IhI4jSJ2V
UInt32
VirtualProtectEx
kernel32.dll
wcritF4m1
IntPtr
GetProcAddress
DEkMqiFcI
CallWindowProcW
user32.dll
citKKwaBR
GetModuleHandleA
SN42dlBGE
Convert
ToByte
H0fd0Li1M
get_Message
Invoke
jAshucbzA
AixnzAnoqw
kxNBAZbaiAw
OIPAsjujiocboiuSA
BeginInvoke
IAsyncResult
AsyncCallback
callback
object
EndInvoke
result
ZAsacr
ASgtrjtu1
ADhb87ytjt
AiowuiduyXA2
uiAsyuhgcxuiIA
$$method0x6000014-1
$$method0x6000014-2
$$method0x6000016-1
$$method0x6000016-2
TW0QOl88b
Module
AH59ERtSou
typemdt
FieldInfo
MethodInfo
ResolveType
GetFields
MemberInfo
get_MetadataToken
ResolveMethod
MethodBase
Delegate
CreateDelegate
SetValue
GetTypeFromHandle
RuntimeTypeHandle
get_Assembly
Assembly
get_ManifestModule
QyUV2iSMOm
ejBVdKyc36
OTwVXIl262
AlqVY5H5C5
voAVPbXSoO
IlRVtGnNgX
PAwVfw5Fak
r9DVZLwvI1
SortedList
System.Collections
InUVCxj8T1
ERvVFwOWK3
BLqVOMTUv2
lMAVmmOMqt
HkkV1lXmkX
Hashtable
UeyVoUedrl
VqmVwV9TuL
zkeV5T4R3w
Ct4Va504I7
ybcVscmQkc
W1LVkXhtHy
nMjV01TF33
rMbVelOdDW
VxYVcCqfg2
kqeVELqHXP
RSACryptoServiceProvider
System.Security.Cryptography
foTV6UvyhD
SWKVyuXBIA
CEUVAPcJuU
PLnVGNPueo
Si0VM7ChCm
jl5VggCvMZ
s3oVzC7ATB
inxVQw1eDj
nslVjxmgWw
H75VquFFcr
BRCVIuwD3W
VhDVHplOXv
wYDV8KusU9
rtjVNTluN6
Dictionary`2
IuKVlfusIf
WJ0VK3bp7M
OGJV7F14Q3
set_UseMachineKeyStore
Tlc9NuHiyQ
Qc40qT5hP
UInt64
BitConverter
GetBytes
fQRsCoQud
UInt16
r4C6Yn7vv
TgCkOG297
nUdtAwd4j
TBPftHqHs
F3rZrTCbn
CU3CQ7HU5
Hy1aUtxr3
SymmetricAlgorithm
AesCryptoServiceProvider
System.Core
RijndaelManaged
Activator
CreateInstance
ObjectHandle
System.Runtime.Remoting
Unwrap
AoDeUxVjt
MD5CryptoServiceProvider
CryptoConfig
get_AllowOnlyFipsAlgorithms
EpQABdkqD
HashAlgorithm
ComputeHash
IQyFneNuY
Stream
System.IO
wqRqMHKK5
TransformBlock
c09gRHWbT
BinaryReader
get_BaseStream
set_Position
ReadUInt32
WqhO7hnn2
ParameterInfo
DynamicMethod
System.Reflection.Emit
ILGenerator
Monitor
System.Threading
GetManifestResourceStream
ReadBytes
MemoryStream
BindingFlags
get_Item
get_Module
GetGenericArguments
get_IsStatic
get_FieldType
GetParameters
get_DeclaringType
get_IsValueType
MakeByRefType
get_ParameterType
get_ReturnType
GetILGenerator
OpCode
OpCodes
Ldarg_0
Ldarg_1
Ldarg_2
Ldarg_3
Ldarg_S
Tailcall
Callvirt
iPS8tUKXQ
R0ym6UU5T
BEq10AIGk
xTJliepFZ
ICryptoTransform
CryptoStream
CryptoStreamMode
tNB5pugoC
StackFrame
GetMethod
op_Inequality
ToInt32
get_Count
Encoding
System.Text
get_Unicode
GetString
R66omqMI1
FromBase64String
H0dyttwQe
P43cNd5dp
DnWG7tIME
Marshal
IpezQvWLs
get_Location
Exists
GetName
AssemblyName
get_CodeBase
ToString
Replace
GetType
GetProperty
PropertyInfo
GetValue
FXUVRcy2Xm
LoadLibrary
kernel32
Wd4VViBRxs
k5rVBUJX8R
Concat
GetDelegateForFunctionPointer
kYHV9lhmlT
jEZVpC55h7
pJSVug5lY2
meBVWN9sb6
BlZVSrouGH
xTuFFuFOZ
op_Equality
j3bVUGOjqa
FileStream
FileMode
FileAccess
FileShare
IDisposable
Dispose
ItOVJ1cQx3
u3IVTg87YH
ToArray
sdsVhuidyF
set_Key
set_IV
CreateDecryptor
bKCVxUi6LQ
B5OVLsiytb
Dw8VrLs5Dv
TXrVDiZ1Y3
JaqVvo71Aj
tu0VnwuJCC
QnFVbOhf1N
PQ5V3Rx12J
IvpV4qLfFW
DEYViP6b4l
ovmdhW9JeyW9iDt3O2f
DlkeQr9TQsJVPySJ9tq
JwkXMf9hKCGt2PSC89V
g6FJP69xonxjg6OUexM
lHp5ph9LMQtC9NeoVQC
e9QD3Z9r3cUXRWgyimC
Reverse
QThj0N9DhND0CZOuJMc
hqqhVy9vFBDx1El8BF8
GetPublicKeyToken
LjEfDs9n0j87JxNAgK5
DJ1xKO9bRerjJCCckZX
CipherMode
set_Mode
k25s3m933RDKr2JTvtl
NPr2XW94kgA2GSEOcER
CgJrDD9iZjDwTnAhcO0
kPuXdO9MIloae3Xcsq5
FlushFinalBlock
ccmKx99KPxSdnrd0Uik
mH3LBh92TIrTf8Uk3Rl
tb3wnH9d4VugXxFXTNi
get_EntryPoint
Ny6bSr9XaqKNHCQXxrT
CZi4Je9SYdkey9ZcBAw
aSEpYh9UaAe4ov2W8Wl
T7XXNvB9cFZG2fVvAa1
MVOBuPkLmx
CreateEncryptor
ToBase64String
classthis
nativeEntry
nativeSizeOfCode
v4ABJdfcCC
j1tBTLmShf
X5PBvRjMR2
nW4lBacjpc
h8PBxKEVsS
JJmBLoT0IU
LjBBrvoIM8
ReadInt32
pRuBDYdtik
hModule
lpName
lpType
lpAddress
dwSize
flAllocationType
flProtect
hProcess
lpBaseAddress
buffer
lpNumberOfBytesWritten
flNewProtect
lpflOldProtect
dwDesiredAccess
bInheritHandle
dwProcessId
value__
WWCBXVpcs0
p0497dtbT6
X2VBIPAYUq
NKDB0v5vga
fryBsfXy46
hB7B6OHXs5
Tg7BQ7vC3T
DeflateStream
System.IO.Compression
CompressionMode
A62Bj4bh2W
GetManifestResourceNames
AddRange
IEnumerable`1
BWKBPYAhb1
ResolveEventArgs
get_Name
AppDomain
get_CurrentDomain
ResolveEventHandler
add_ResourceResolve
kLjw4iIsCLsZtxc4lksN0j
qv9ulMB5MTlHRB1AH5n
axHvCQBoO2BMfivcpR5
CJvdrWBycxBREYmecB9
XZ61KLBcBZelQiMrd7t
zoAhCIBGUv8vLcSTcpa
AtxncPBztVTJaFRA2DT
qO51Jk9Ra95GgF2gD9K
tilyEu9VJZfliGkXcEm
CopyTo
UqSKyQ9BARZdtiLfPLG
AtcWmS99XuZbNlsMSjl
XS0AYO9pNmCvn44YmhK
oMBJfF9u37h1tN6XFPE
u9PiAt9WGlRV2HShg22
LmWxRCB1kH75EY2AApS
vhmwtZBlWHuxY7m3EQ3
TdqBfclL5s
IsLittleEndian
fx3BZP2iD5
IqjBCZ23tS
W2DBarIVN9
SdYBeb08wP
QdsBA5kqTW
F8ABF5j1g6
s8LBqtF1ns
ogQBgmQXHC
NFvBO0pQAT
0E448EF5E5E60630BDDB19388CB6378436E3C65D03DD66DA7C6EBFF563BD857A
4BED3ADC52D4904075F6BBF279EC4ACEDE079533B95E229A29809542EA324A7B
62E6F13B53D67FDD780E20D89A6E8EE503B197AC16AC3F1D2571C147FDD324C9
7F535673D836D3D77A97DB03EB3D71EA780F44372F5AEBECEBEDD696AAEB8378
97E613E5A3A47DEC76B7E50D47644B35EA4322F00D594D80D2F1C1F3644F8A4A
C356AFF1A01C2B0DA472E584C8E3C8F875B9A24280435D42836A77B19F5A8C18
C61B1941CF756EB7551F7C661743802362728B785ADC22E860D269713DFB01A6
D5B7247C497788CF0031CEB06E3DF77A45FEF59F1E49633DC7159816D64759B5
m_922a974dacb04f6f90a0de8015e966c4
m_6efce2718b804644b9d6a52647f63540
m_4aa9d4729c1f422985f07249b30df319
m_5e168bba14d34014a6dffec550c4904b
m_ebabd5c4d68f41dd87d61d92f12ebcd3
m_bb136c0ce5d64c6992a122817646412a
m_39dabb3206614047823df3bd1580ea53
m_ec99e01554c74dd099cb74d804fdcda5
m_efb47ef155da4be684d552381514271a
m_9b179f63972347afbb498c903489efbe
m_b00acd50ad4742e999b84db80ade4fd8
m_ab448cb94c49417bb3b257472d0785dd
m_a929a00a43804a21829e7fe1f85986ab
m_a0011488ba9347af89c3aba081cb5f4e
m_2b6936c7bbac4a2691bf434ecea1360e
m_3be0997bdc944729b8dfc92eb0fb2da3
m_1f1e93eb972e4fc5be2dda30333fb804
m_6427872e096c4543bcc20339bc5e766b
m_de3e467a5c65479eb28d63f4efe9a472
m_23338a528964434e91f36f13b4f060a0
m_0390f66871ad4c4e844d679ac7431202
m_aededdee62564660b2ad24b6bd7a8890
m_0fe0d50381804bf9b1f92dba5134d70a
m_ddac3f842b454fda94c149bfb47137ac
m_a09265d408c54d62a80d3bca1d7a1e16
m_e8e2168bd85944c49212999364870461
m_d472095ef6404876a581e1164a17fe6d
m_cd790b5680ff4e1a97d0d4231a5fc081
m_451961a5ded74aa6b2e84274bf79e5d2
m_d76d695ff2dc46b58fad1749b94a63d5
m_3680fc63aa884616bddb776adb8e0f62
m_e9b40d4a95af42b28cd693bbd8781da8
m_2e4001bae58f49fd985b5a2e239637a9
m_f23fece31c144e109da5bd90646eda5e
m_f1e59eddcf754f43b291ed0617544903
m_ad7c6c46b16f4b07b006d683310e7690
m_4d86b9b5ca05443480fe2f6425669e42
m_6118f67f55784350a08e0b415377a24b
m_fa1fcde2ad934848b444b22c9901d75a
m_4b2288bc1be8481c99b5033e6f5ec3c8
m_ecfcb8f9ea7f430c900bd35497b9e076
m_4c1d05d1abc1433abe28b448aecf15e7
m_92a46ae35fdd41dcb8c9fc1c91f51550
m_02b28af8c9cc414eac3e2d3ecf911919
m_2726ae64d0f84f539354a1c73ac95903
m_0d00f96a241e4239bd81145ab55e1ce2
m_54617acd087444248c105b4a2da25336
m_1baaab961326470a84cdccc240321493
m_8b8dfeefa90847e585b3233ad3ce011f
m_021e56a3f54848b3b192eef05d1b6db4
m_79265538148f4c87926b2edb9dee0e43
m_db5c9e736e014820992afa37c7c20f19
m_1dc23e9f4b5d414199863d3fca7c7092
m_5760150bed1d4eb4a29911b37b4ccf01
m_daf770543db749bfb396cfaa3d0921af
m_fad4f7602bca4dc68b36859b5f1c3dbc
m_065ef3d01afb40a48cd0552facf0e270
m_bfcbeac1807f4deab2eb25e49576d61b
m_8b2aca3c02584e0881d41f0dd966c4a8
m_25f58fa9744644e2bef31589a14e516b
m_e02f52408d984593a8e37a76da69e07d
m_b2a1151fb3f849abbd134e5da11a64b3
m_41bf30576e2a4a23b3a73d1a7e9f011a
m_703df8bd7f9a415e92db2889ab6931a1
m_79a7f0433e1c4cd49433d3c5b15a540d
m_cebc5d634a9441d091fd62c903963730
m_97a82ce433274c4bae6f8cee32407b88
m_0e52d83951294018a3bc6cad3aabeaaf
m_1c4c48c81c404c8bbbbda420581da5e7
m_92514217de5c4f42a56fe612ede9c709
m_0f656915af6647da8cdaef9b22a9697a
m_60e6a0e7d63b447c93cfed1f2289a573
m_5735faf6c0de4e2cba438b4993d7d418
m_9bae1cd633304af5aaf92da4fca5c3ce
m_ad0ff589c72e4634ab4aff336dbe751f
m_0daf87c546b94cd886c37fefd210468b
m_12a8489db283406fa4e447c335208a82
m_5a31da8424294e56a8b32b608322a897
m_c9cddce10fd24040aa55e89fe70cda58
m_2737ac9e58ae4780af3d74cd7aa9413c
m_39f9a3059f884377995a13325b889139
m_874e1d0d88d145ee9aaaec1476c58426
m_385d8ba15ddf42cda08eed9d0861f84c
m_03ca22ee6e7344c0b49d2175ce7609a5
m_9e852bc292834202a4aeef16135ade2e
m_4b61c5614d2a40968e75d1b7f8eb4b8c
m_805041defd8d4bf7964591f24e192589
m_4a7ce7572ac24935a629a99ef9ca87b7
m_acb230a4b0c74ce995aa5de443edfb5d
m_6316ad6474c74fd5ba1364f4892988ac
m_87280d582d554202a6157048bd55b02c
m_64ae93dbbed84e56a2dd81785f1b4c4a
m_8a563d1ccc744c22811611a907d711b6
m_4db14675cce143e9865303291b680f24
m_b5674272c89a468182585673ea331c8e
m_db4f01324dc047c99b7c502f7894da64
m_b5534e8efc2f40929f94f1961b0f8eae
m_71dae60e300440788153a0e865f42725
m_d5f02c184c584338a4ba7555d0780dae
m_a4ce68bb62d54a1a8003e9ce59263d78
m_5ea713f514524a82a5698146d489252d
m_34d3fce0f07549c58a33cd215c343cc0
m_38159defca914902b748ae87b9c16f07
m_0123d27d7e3e4e4f9fec3ed5a6bdd25b
m_e857d47fe0c345e0a5cca7d6dab9e233
m_4d82a320fae3446c94c55673883d692e
m_04d29a85efa049719f6304e99c8a84e9
m_df27b47ea64b406c88641c28b5d150d7
m_bf91b8fb57f6411eb6c36014a0c33d88
m_1e737b8fe75b4e93808ca124e2b430c8
m_856105c35a554d319fa7c8980ae14cd9
m_42eb38e32ca741ffb15540f5f4fc4432
m_38ca0ae57c0749fbb9bb266e8e007b71
m_d5459974464041db917729a859af5393
m_cb784e2a0c064d7bafbb7e52ee6548f4
m_3c4b075fd629426fa8d1498bab0e677d
m_13a3b5684cf04080b3a2c605a8aa7dd8
m_102b85718551480695b36781417a0f43
m_93594c2565974fcea2ceffd7df89e7fc
m_3516f5cefbac46c39325266c127b740b
m_d482e6a438ad48ec9a2215a622fb822e
m_602283132ce5422c9f8e583f0c4ba408
m_9b215370ebe84ab48f80fecc9049f08f
m_25d225c0b27146aaa35e21e638bc2614
m_70ce197747904b0bb50757683a3c6568
m_94ebcabd30fd40c1b15faafe27a21eb6
m_c8735a1b490047feb1017adbf1958f80
m_8b982cf9ef0a4163913856e871194fe4
m_10ff765d35b24183a629037a89a50129
s44e007d632434130ad702d6c516896a6
UnmanagedFunctionPointerAttribute
CallingConvention
CompilerGeneratedAttribute
CharSet
FlagsAttribute
NZ1jNM96yuWBZpvL1F.LGMwbGpN0HEbRGvld7
aoGY35VHU7eZ2iIA25.f4vjmUBVU0Ac1iXusJ
Beknights Recommittal Bashings
.NETFramework,Version=v4.7.2
FrameworkDisplayName
Sincerely
Bollix Vivisecting
Production unsolder
WrapNonExceptionThrows
Copyright 2024
$375c5eff-0650-4301-85ef-382cfefa9adf
1.0.0.0
OgSQ6sIM2VMaWF4qo8.SFVfprP2VpNrxnUqUM+HgIsv1BVAyXQJwZtTCF+KQZjD5BBwC6gUrmnr4G`1[[System.Object, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]][]
SUsSystem.Runtime.InteropServices.CharSet, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
CharSet
18'?l\
$0V@dny
F8^6+}}<
+,:,aN!
K;!:9A.
OVd2LUTT
Dko.5}C*>T
xSldt{!
/l~"%4
56l.G>n
!@Pg4RM
J:t+PN
_sxn>E
OCMK@B
q3(_ef
Niy#8e
(@6y1>
's8Ugv
%BZH_i
]A>R-d
&4z?=q
%<<rw47em
LmAh1^
y\LEUn
n<9X<O
8%wZ5v
J+}Q^(v
i)dm$O
g9Xfw"
Ouk[9@G
#)Kg:/\
E[dGZ
`a*YkL
eRx(t
"7QLeq
F-v_$k
$8P2hlP
t`0^|P+
1e'%C4#
I.b&]U
dead=MvEN/`(
N<96[_
d%u<_~L
4JV^$l
}B^oRnO(
K'!vMlXw=
Ouug7.
;[cCEf
b+6J>j
fRM_<I&4gX
>,#:7
mm"IZ`V
? Q-1q
0@$xE
&k(aQr
VKfCAp
[gl~vl
&0Efev
ON<7f%b
"_W&q.3
1%ogO[2i
Tv[A?abP
8sx:SA
o,=Y=SU
wMY}<w
?2+Cae
xi@TEl
d5a!8/
wYkl$aN0!2
fZ<N6`
LWX*{D
(_+_g|?
Cl;"s_y
deuplMS
4i.'Z*
7mzrRY~
7FV/,y
[dpJ[j
>~WJ-qn;
x,ZM+H
r5)rB(
di$.si
b@79`j
R&E%BfH
bB&$\i
0r2b@wq
KbGW95
78!JEW(
ounlg?
i64M4|
*m%!
|~rW 7+)
{<\Qh(
LFFb"Z
yYk&-3
6;?(9$
e~~W&2
P kFBq
;x.q\9p
)vVC"F
t#UVDK
"2""_4
&j~>t+
92CqS*b
[M+vh(ch
AwO)(2
C^:HQF0
}+'uU_qZ
81!x|eK}C#
UQ](hT
?SpQ{>
4-**+lm
QVGVN'5TP
F@G6c.f
=vzgP`
o()0khe
I0Y+!h
tRQXp}u
;+;$,/g0y
{6B(@h
*>f1rW:
^mssh6
||<*<Q
7;so/JY
t{7-/L.
Kbtt$k
:=v#}!A
6"=PP)
_^a0v?b
jQWEq%Hs)x7}
~+XQARU
Yg6iQY
7MG30Z
}m%!Z}
dHkd<'
Ei_h}l
BI2S:
q7XQc6
@RhYaC
~B:).?"
,]Q:].
AWY'^G
;,5edM
1hT}(D
c-)CiK
$;[f[,
tkF<GBxx
"YMdG,I
zt;,B+(
k'a ,2
.d%8Z
^KzzcX
hivD}P
L0Y+nMu^
Wv;'/T.S`x
(KzLZNY
d a)q@
$Q0#fM59
E*iP5!
>ru2)HG
-nb?[w
)8,ur=8
2-.1hlE
[<~7#xS
E!\ym:sr
-i)9(\I
.7f\d
2w>KlPc
D]ImiW
M[vc(p
nYOZa)oW3
XE:Iu<
et$%Skj
l0`#o>
xp%CtL(
oGAhWa
rp52\W
wQTq@~
%W``KT
X_A6#@_))
W?>~t@j-
"HXVGP:gh|e
lfXRg|
eq4}V^
P(Q|3n
s RH^n
v$|)FY
'eR/_^
&/9{F2
`Q;&X/
"\zE_u
?S6.!B
:v=e7lw
#$)(Y(
A@H;GM
ScC`Jl
@2RKm{q
q4"tj)
dY0K0k
FdeT25i4
bG_9YK
^~EJwz
:QM;?30
i9jlr.
&,V[ia
jj|Q9Z
b[25="w
&6q7+A
t|g5\Q8:
Jvq^\J
a/O=ob
ncI(q8
N6)I8s
]3#jv?VI3 D
GU.3^]
("_@yI
kVmcj~
^d&F0y,D
^Q[8EI
3}5U7m
<eEa9<K+k
flL_q6
|JD"3qb
*[&g\'
LKx1x&
E/BuV<T
14@6RC
_50cj8
ew-=:E
Z1x0j(eL
F)pGa;b3
3XSSn2
~`e$;c
<.lbo%
c*~!N!
+@ s e
},Wd}V\
lO#c|h7u
O\e^{'a
Sv$))\
)8r4Vf
ZAf#^0&
Te4MWn
=,=ToY*
YBl0!Q
1.}6BT
OT_s2^p
%a\3C`
Q5AVF?
"C1ekM
5o?OuU2
-'ulG
vLZ*t4
uvudG:
XUNX5y.
9.ici<
H9DEDr|
#@g%m!
Afp+T:
L]c22_5
w`6ANrj9
H8fuQcR
VK0ePb
`#zb|"
FK,Av[
!;U`[%
M^J)}b
+e#K RE
ztrU^Q
:\>X*<
)PhS^=
#pUY
\pyu*VA
u8QPn/
=__(@`C
-aDMA
>^;zXg
D5iAbO
?pg[g_
qHxX$7&
3Mw7Ls
5T;dRl
&])EsI
PiHrq+
Krh+*q
2{M|,kU7j`
ydUM(lR
_L]|n@
d"L q~g
TUG5H^
g1zQQ$
V-g/r/
,8WMpV
z&K2b
9r}N-O
gpCnuJuOI
M}F4Yl
xh~M_&8
t ~[5V
T!1_my
;\:[Ol
9}O6-u
g8KfO*
%`J&=M*
l1I]T0
WK~sig
=N2w9p
tC8H1ld?>
x|dkgQ
IuAW-!
PE,:S4
NZ}J7P
}CLDLG
Rap@\`
4~L4~F
v8%n'
y+t(,A|
^//UxXOK
??VLY0
P{\z9\
S@|H6s}3
.fUeLpQ^;
[Byb,7
+sXEyD
^Nf NK_
,\@AVlZ
4I5s"u
qD.jA*/w
P6u'Ov
>1wi~U
W1-p6H
#TvNhf
CL_Jt`
jA7aa\
ex]$X&5Y
G(^mooZ'
#3.KhC
V*cUXi
8J'PhL
)mD~k1DV
2sAXd3 u
2~Lxi
+F}'d]
`D;itr
U|r08S
Sy }#Q
eL!`8e
^}T{>I
!X5aFS@>
vOnu]1
=PVlg
Txo6o
Z|,oZ%D
~Q\oi`
OV8^TSIqv
voV2pny
7hdXd]
(!)1KTt
NGZ"wM\o
E52z_R
B>\mfg
F9r\krY
ahf45@
~3>lle
[5EB0w6
(7:vm!
YGgQc3P
fZB(^{
}Ztbx/^W
o5~T(O^C
xB~\t1%
}UNRJ%;
_@`or+
G~@aT*:6x,Z=
:d1+x:=:*7
DL)+rN
GCfefh
d1OltS
j:xnylTbQ
FJ9Y{)
_a 'SP
nFZ10aL
(o;h=w
UzYHneF
]&h|T4
[8#&f2
cW23b0
rYiS3vl
.n1)YW
VByl1w
76a@I8
7?AS(n:
4ZL5JE
*wG~^JF
KvcE`A_& Zg
oaWR=W
5 MHIs
E@YPQA1a@w8
S%"/pu
5Xf_r00
4{C<&oD
YX^4Yu
uaL!K'K/
%_jz9gW`)T
Yr)Ze@J
@dO6:#>
J4, /od
<4v[C$
8czj0\
k7!Vy<
|1 tuVd
M:pZ`.
8bbaCP/
>!yS7M
:YyiJ\
"$d'Ao1i^
ChLC~d
# TeJ+
j0)[^*F
#5y^&W
O8{xqO
a`4,29
uY<1wF
c\it|<m
(bGVTT
9GL6/[MJ
-]`oY{lc
fQ-W67Xg
h_3o2iM
[/$A.~
G<rZi;
e=Cj]r
:9M@sHJ
*LzlB@
Lx,E)!
u+]K1w
Il,/>\
l}Ob[(+
Oj&Ta
;E31!F
+=a_m8
B3W`Uy
7\E(z
7Z]o@FT
TbqUyR
nE#LXZ
G7a8qti@M
)?DE}*TC
g7U{-@
OwjPM9
Y!}%7=^
r]tBYV[J
{WygVJ
<f=F{(
>C,2\r
4vwdO)
y%y99f
p1L+MyV
n77n7*
'FhV[d
4cUt{f
bYs5m4
s'TV*Gys
nc{d4zrG%7j
J[(iS
#"B_m;
z}>fh?
i?tMIV
'U>aU8
kX<ZUB
/\uBy
=|MNE?
kS45R4J
7S95l?
%H<=8+
/.S!v>
11JxCw?
W0,<#+y:
j4pH0A
8{F4L.@a
p|@wrU
KaRKrrM
y..mdk|
mDp3([Z
W10{^l
oz1~WPQm
+frO>kw
h]:F].
j~-'e0.H
-u/UBGS
K6kN<_
v1*UhJ
"|e8bo
?,5U_ki7Z
_Q%VSl
5Rfhn M
AVP.pdb
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
DigiCert Inc1
www.digicert.com1!0
DigiCert Trusted Root G40
210429000000Z
360428235959Z0i1
DigiCert, Inc.1A0?
8DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA10
[K]taM?
SA|X=G
http://ocsp.digicert.com0A
5http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C
2http://crl3.digicert.com/DigiCertTrustedRootG4.crl0
jj@0HK4
DigiCert, Inc.1A0?
8DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA10
230113000000Z
260116235959Z0
California1
Santa Clara1
NVIDIA Corporation1
NVIDIA Corporation0
Aoi0Ka
Mhttp://crl3.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0S
Mhttp://crl4.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0>
http://www.digicert.com/CPS0
http://ocsp.digicert.com0\
Phttp://cacerts.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crt0
DigiCert, Inc.1A0?
8DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1
joS&;J
20231102033749Z0
Ontario1
Ottawa1
Entrust, Inc.1+0)
"Entrust Timestamp Authority - TSA1
Entrust.net1@0>
7www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)1%0#
(c) 1999 Entrust.net Limited1301
*Entrust.net Certification Authority (2048)0
991224175051Z
290724141512Z0
Entrust.net1@0>
7www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)1%0#
(c) 1999 Entrust.net Limited1301
*Entrust.net Certification Authority (2048)0
Entrust.net1@0>
7www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)1%0#
(c) 1999 Entrust.net Limited1301
*Entrust.net Certification Authority (2048)0
150722190254Z
290622193254Z0
Entrust, Inc.1(0&
See www.entrust.net/legal-terms1907
0(c) 2015 Entrust, Inc. - for authorized use only1&0$
Entrust Timestamping CA - TS10
T=A^C_(F
http://www.entrust.net/rpa03
http://ocsp.entrust.net02
!http://crl.entrust.net/2048ca.crl0
Entrust, Inc.1(0&
See www.entrust.net/legal-terms1907
0(c) 2015 Entrust, Inc. - for authorized use only1&0$
Entrust Timestamping CA - TS10
221004172103Z
290101000000Z0u1
Ontario1
Ottawa1
Entrust, Inc.1+0)
"Entrust Timestamp Authority - TSA10
_Xg>gX
http://ocsp.entrust.net03
'http://aia.entrust.net/ts1-chain256.cer01
http://crl.entrust.net/ts1ca.crl0
https://www.entrust.net/rpa0
Entrust, Inc.1(0&
See www.entrust.net/legal-terms1907
0(c) 2015 Entrust, Inc. - for authorized use only1&0$
Entrust Timestamping CA - TS1
231102033749Z0)
Entrust, Inc.1(0&
See www.entrust.net/legal-terms1907
0(c) 2015 Entrust, Inc. - for authorized use only1&0$
Entrust Timestamping CA - TS1
9.!9<19.99.A9.I9.Q9.a9
i9.q9.y9
! " $#%#&#'#(#)#*#
@MiJBqpe`whauLRw_eNMUWu\WVuS^FSUUHtgONhRzxlPdPoBrztGtf]dRLngw]GZcRLlRegQxwNXfdsFbr\^LL\ifPTCZ@V]pRgQDBkLScIwXDxhThE
System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
System.Security.Cryptography.AesCryptoServiceProvider
System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
o9OPw6hTKpbbRjFHus.q34SdcxBXrJTdHvlPh
{11111-22222-10009-11112}
aoGY35VHU7eZ2iIA25.f4vjmUBVU0Ac1iXusJ
{11111-22222-50001-00000}
GetDelegateForFunctionPointer
file:///
Location
ResourceA
Virtual
Write
Process
Memory
Protect
Process
Close
Handle
kernel
32.dll
{11111-22222-20001-00001}
{11111-22222-20001-00002}
{11111-22222-30001-00001}
{11111-22222-30001-00002}
{11111-22222-40001-00001}
{11111-22222-40001-00002}
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
Bollix Vivisecting
CompanyName
Production unsolder
FileDescription
Sincerely
FileVersion
1.0.0.0
InternalName
VQP.exe
LegalCopyright
Copyright 2024
OriginalFilename
VQP.exe
ProductName
Beknights Recommittal Bashings
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0
Antivirus Signature
Bkav W32.AIDetectMalware.CS
Lionic Trojan.Win32.LummaStealer.i!c
Elastic malicious (high confidence)
ClamAV Win.Packed.Stealerc-10035486-0
CMC Clean
CAT-QuickHeal Trojan.Lummastealer
Skyhigh Artemis!Trojan
ALYac Trojan.GenericKD.73973176
Cylance Unsafe
Zillya Trojan.Stealerc.Win32.35526
Sangfor Spyware.Msil.Lummastealer.Vmd3
CrowdStrike win/malicious_confidence_90% (D)
Alibaba Clean
K7GW Spyware ( 005b69541 )
K7AntiVirus Spyware ( 005b69541 )
huorong Trojan/MSIL.Agent.li
Baidu Clean
VirIT Clean
Paloalto generic.ml
Symantec ML.Attribute.HighConfidence
tehtris Clean
ESET-NOD32 Win32/Spy.LummaStealer.B
APEX Malicious
Avast Win32:MalwareX-gen [Trj]
Cynet Clean
Kaspersky HEUR:Trojan-PSW.MSIL.Stealerc.gen
BitDefender Trojan.GenericKD.73973176
NANO-Antivirus Clean
ViRobot Trojan.Win.Z.Agent.394280
MicroWorld-eScan Trojan.GenericKD.73973176
Tencent Malware.Win32.Gencirc.1418ae53
Sophos Troj/MSILIn-BFQ
F-Secure Trojan.TR/AD.Nekark.htpal
DrWeb Trojan.Inject5.8200
VIPRE Trojan.GenericKD.73973176
TrendMicro TrojanSpy.Win32.LUMMASTEALER.YXEH5Z
McAfeeD ti!AC25764B7761
Trapmine Clean
CTX exe.trojan.msil
Emsisoft Trojan.GenericKD.73973176 (B)
Ikarus Trojan.MSIL.Agent
FireEye Generic.mg.9d43cace837db350
Jiangmin Trojan.PSW.MSIL.evpc
Webroot Clean
Varist W32/MSIL_Kryptik.LMK.gen!Eldorado
Avira TR/AD.Nekark.htpal
Fortinet Malicious_Behavior.SB
Antiy-AVL Trojan/MSIL.Stelpak
Kingsoft MSIL.Trojan-PSW.Stealerc.gen
Gridinsoft Trojan.Win32.Packed.dd!ni
Xcitium Clean
Arcabit Trojan.Generic.D468BDB8
SUPERAntiSpyware Clean
ZoneAlarm HEUR:Trojan-PSW.MSIL.Stealerc.gen
Microsoft Trojan:MSIL/RedlineStealer.AMAI!MTB
Google Detected
AhnLab-V3 Malware/Win.Generic.C5664310
Acronis Clean
McAfee Artemis!9D43CACE837D
TACHYON Clean
VBA32 Clean
Malwarebytes Trojan.Crypt
Panda Trj/Chgt.AD
Zoner Clean
TrendMicro-HouseCall TrojanSpy.Win32.LUMMASTEALER.YXEH5Z
Rising Malware.Obfus/MSIL@AI.83 (RDM.MSIL2:9qnrGXJ6tc1oF7VvxuF3ZQ)
Yandex Clean
SentinelOne Static AI - Malicious PE
MaxSecure Clean
GData Trojan.GenericKD.73973176
AVG Win32:MalwareX-gen [Trj]
DeepInstinct MALICIOUS
alibabacloud Trojan:Win/LummaStealer.B
No IRMA results available.