Static | ZeroBOX

Name	Virtual Address	Virtual Size	Size of Raw Data	Entropy
.text	0x00001000	0x0000559e	0x00006000	6.04115015507
.rdata	0x00007000	0x00001dd0	0x00002000	4.36702879689
.data	0x00009000	0x000031e4	0x00001000	1.45925598107
.rsrc	0x0000d000	0x00000010	0x00001000	0.0
.reloc	0x0000e000	0x00000caa	0x00001000	4.70646734054

Name

Virtual Address

Virtual Size

Size of Raw Data

Entropy

.text

0x00001000

0x0000559e

0x00006000

6.04115015507

.rdata

0x00007000

0x00001dd0

0x00002000

4.36702879689

.data

0x00009000

0x000031e4

0x00001000

1.45925598107

.rsrc

0x0000d000

0x00000010

0x00001000

0.0

.reloc

0x0000e000

0x00000caa

0x00001000

4.70646734054

Ordinal	Address	Name
1	0x100031b0	SetDllPathA
2	0x100027e0	SetDllPathW

Ordinal

Address

Name

0x100031b0

SetDllPathA

0x100027e0

SetDllPathW

!This program cannot be run in DOS mode.

RichG"

`.rdata

@.data

@.reloc

T$,RPVj

UWVPQR

D$fQhT

L$$SUVW

T$HSUV

t$(;\$

\$ Qj@j@W

u<9T$ r6

SUVWt2

T$,PWR

0123456789abcdef

MFC42u.DLL

__CxxFrameHandler

_wcsicmp

wcslen

wcscpy

wcscat

fclose

_wfopen

memmove

__dllonexit

_onexit

MSVCRT.dll

_initterm

malloc

_adjust_fdiv

??1type_info@@UAE@XZ

LoadLibraryW

GetModuleFileNameW

FreeLibrary

GetProcAddress

GetCurrentProcess

GetModuleHandleA

InitializeCriticalSection

GetCurrentThread

LeaveCriticalSection

EnterCriticalSection

GetModuleHandleW

MultiByteToWideChar

LocalFree

LocalAlloc

KERNEL32.dll

?_Xlen@std@@YAXXZ

?_Xran@std@@YAXXZ

MSVCP60.dll

_except_handler3

strchr

sprintf

VirtualQuery

InterlockedCompareExchange

GetCurrentThreadId

ResumeThread

FlushInstructionCache

GetThreadContext

SetThreadContext

GetLastError

SuspendThread

VirtualAlloc

SetLastError

GetSystemDirectoryA

VirtualFree

CloseHandle

WriteFile

CreateFileA

USER32.dll

FakeReg.dll

SetDllPathA

SetDllPathW

ZwQueryKey

ZwClose

ZwQueryValueKey

ZwOpenKeyEx

ntdll.dll

ZwOpenKey

kernel32

IsWow64Process

.?AVCNoTrackObject@@

.?AVAFX_MODULE_STATE@@

.?AV_AFX_DLL_MODULE_STATE@@

.?AVtype_info@@

ZwProtectVirtualMemory

\\.\%c%c%d

102t2z2

3!303=3B3L3W3\3h3m3y3~3

8L8o839X9e9

93:X:e:

:3;I;a;x;

=@=U=s=

= >5>S>b>

?1?@?l?

0D0Y0y0

1#2*2Y2d2

3%4,4\4

6C6k6y6~6

6'7A7P7]7b7l7w7|7

868=8H8|8

9!9)9/949;9X9f9

=U>^>b>h>l>v>z>

)030O0d0

42585>5D5J5P5V5\5b5h5n5t5z5

6"6(6.646:6@6F6L6[6k6z6

748@8J8

9 9%909=9G9\9h9n9

9V:\:b:

<3<9<J<

<c=k=q=

030>0O0X0h0p0

1!1R1m2+393b3

4!4=4`4h4y4

7$9;9@9

;%;:;L;];h;r;|;

=$=W=]=|=

0X1\1`1d1h1l1p1t1x1|1

2B3b3h3n3t3z3

505W5i5

2 2$2(2,2024282<2@2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|2

3$3(34383T4\4d4l4t4|4

5$5,545<5D5L5T5\5d5l5t5|5

6$6,646<6D6L6T6\6d6l6t6|6

7$7,747<7D7L7T7\7d7l7t7|7

8$8,848<8D8L8T8\8d8l8t8|8

9$9,949<9D9L9T9\9d9l9t9|9

:$:,:4:<:D:L:T:\:d:l:t:|:

;$;,;4;<;D;L;T;\;d;l;t;|;

<$<,<4<<<D<L<\<d<l<t<|<

=$=,=4=<=D=L=T=\=d=l=t=|=

>$>,>4><>D>L>T>\>d>l>t>|>

?$?,?4?<?D?L?T?\?d?l?t?|?

0$0,040<0D0L0T0\0d0l0t0|0

1$1,141<1D1L1T1\1d1l1t1|1

2$2,242<2D2L2T2\2d2l2t2|2

3$3,343<3D3L3T3\3d3l3t3|3

4$4,444<4D4L4T4`4x4

5 505L5T5`5|5

646<6H6d6l6x6

787L7X7t7

Apartment

\Registry\Machine\Software\Classes

ntdll.dll

ProgID

InprocServer32

CurVer

\Wow6432Node

xyxyoorljfoleuwrljfoulerfksdor

\CLSID\

\TypeLib\

1.0\0\win32

ThreadingModel

Apartment

Antivirus	Signature
Bkav	W32.AIDetectMalware
Lionic	Clean
Elastic	Clean
ClamAV	Clean
CMC	Clean
CAT-QuickHeal	Clean
Skyhigh	Clean
ALYac	Clean
Cylance	Clean
Zillya	Clean
Sangfor	Clean
CrowdStrike	Clean
Alibaba	Clean
K7GW	Riskware ( 0053bba91 )
K7AntiVirus	Riskware ( 0053bba91 )
huorong	Clean
Baidu	Clean
VirIT	Clean
Paloalto	Clean
Symantec	Clean
tehtris	Clean
ESET-NOD32	Clean
APEX	Clean
Avast	Clean
Cynet	Malicious (score: 100)
Kaspersky	Clean
BitDefender	Clean
NANO-Antivirus	Clean
ViRobot	Clean
MicroWorld-eScan	Clean
Tencent	Clean
Sophos	Clean
F-Secure	Clean
DrWeb	Clean
VIPRE	Clean
TrendMicro	Clean
McAfeeD	Clean
Trapmine	Clean
CTX	Clean
Emsisoft	Clean
Ikarus	Win32.Outbreak
FireEye	Clean
Jiangmin	RiskTool.IMEStartup.bdf
Webroot	Clean
Varist	Clean
Avira	Clean
Fortinet	Clean
Antiy-AVL	Trojan/Win32.Agent
Kingsoft	Clean
Gridinsoft	Clean
Xcitium	Clean
Arcabit	Clean
SUPERAntiSpyware	Clean
ZoneAlarm	Clean
Microsoft	Clean
Google	Detected
AhnLab-V3	Clean
Acronis	Clean
McAfee	Artemis!BAB4D119880E
TACHYON	Clean
VBA32	Trojan.Packed
Malwarebytes	Generic.Malware.AI.DDS
Panda	Trj/Genetic.gen
Zoner	Clean
TrendMicro-HouseCall	Clean
Rising	Clean
Yandex	Trojan.GenAsa!YEwep1xVQ94
SentinelOne	Clean
MaxSecure	Clean
GData	Clean
AVG	Clean
DeepInstinct	MALICIOUS
alibabacloud	Clean

Antivirus

Signature

Bkav

W32.AIDetectMalware

Lionic

Clean

Elastic

Clean

ClamAV

Clean

CMC

Clean

CAT-QuickHeal

Clean

Skyhigh

Clean

ALYac

Clean

Cylance

Clean

Zillya

Clean

Sangfor

Clean

CrowdStrike

Clean

Alibaba

Clean

K7GW

Riskware ( 0053bba91 )

K7AntiVirus

Riskware ( 0053bba91 )

huorong

Clean

Baidu

Clean

VirIT

Clean

Paloalto

Clean

Symantec

Clean

tehtris

Clean

ESET-NOD32

Clean

APEX

Clean

Avast

Clean

Cynet

Malicious (score: 100)

Kaspersky

Clean

BitDefender

Clean

NANO-Antivirus

Clean

ViRobot

Clean

MicroWorld-eScan

Clean

Tencent

Clean

Sophos

Clean

F-Secure

Clean

DrWeb

Clean

VIPRE

Clean

TrendMicro

Clean

McAfeeD

Clean

Trapmine

Clean

CTX

Clean

Emsisoft

Clean

Ikarus

Win32.Outbreak

FireEye

Clean

Jiangmin

RiskTool.IMEStartup.bdf

Webroot

Clean

Varist

Clean

Avira

Clean

Fortinet

Clean

Antiy-AVL

Trojan/Win32.Agent

Kingsoft

Clean

Gridinsoft

Clean

Xcitium

Clean

Arcabit

Clean

SUPERAntiSpyware

Clean

ZoneAlarm

Clean

Microsoft

Clean

Google

Detected

AhnLab-V3

Clean

Acronis

Clean

McAfee

Artemis!BAB4D119880E

TACHYON

Clean

VBA32

Trojan.Packed

Malwarebytes

Generic.Malware.AI.DDS

Panda

Trj/Genetic.gen

Zoner

Clean

TrendMicro-HouseCall

Clean

Rising

Clean

Yandex

Trojan.GenAsa!YEwep1xVQ94

SentinelOne

Clean

MaxSecure

Clean

GData

Clean

AVG

Clean

DeepInstinct

MALICIOUS

alibabacloud

Clean

Static Analysis

PE Compile Time

PE Imphash

PEiD Signatures

Sections

Imports

Exports