popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2101-05-31 22:25:15

PDB Path

Family.Cache.pdb

PE Imphash

5c91ca46803767598306d8004367b675

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x000173db 0x00017400 6.07378382636
.rdata 0x00019000 0x0000d38e 0x0000d400 4.85263706346
.data 0x00027000 0x00000de8 0x00000600 3.36719466957
.pdata 0x00028000 0x00001608 0x00001800 4.87827900748
.rsrc 0x0002a000 0x00000408 0x00000600 2.47270574008
.reloc 0x0002b000 0x00000d34 0x00000e00 5.36717526704

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x0002a060 0x000003a8 LANG_ENGLISH SUBLANG_ENGLISH_US data

Imports

Library api-ms-win-crt-runtime-l1-1-0.dll:
0x18001dbc8 _initterm
0x18001dbd0 _initterm_e
Library api-ms-win-crt-private-l1-1-0.dll:
0x18001dae8 _o__purecall
0x18001daf8 _o__seh_filter_dll
0x18001db00 _o_free
0x18001db08 _o_iswspace
0x18001db10 _o_malloc
0x18001db18 _o_realloc
0x18001db20 _o_terminate
0x18001db28 __C_specific_handler
0x18001db30 __CxxFrameHandler3
0x18001db38 _CxxThrowException
0x18001db40 _o__crt_atexit
0x18001db48 _o__execute_onexit_table
0x18001db50 _o__errno
0x18001db58 memmove
0x18001db60 _o__cexit
0x18001db68 _o__callnewh
0x18001db98 _o___std_exception_copy
0x18001dba0 __std_terminate
0x18001dba8 __CxxFrameHandler4
0x18001dbb0 memcmp
0x18001dbb8 memcpy
Library api-ms-win-crt-string-l1-1-0.dll:
0x18001dbe0 memset
Library ntdll.dll:
0x18001dc28 RtlVirtualUnwind
0x18001dc30 RtlCaptureContext
0x18001dc38 RtlLookupFunctionEntry
Library api-ms-win-core-synch-l1-1-0.dll:
0x18001d958 WaitForSingleObjectEx
0x18001d960 ReleaseMutex
0x18001d968 CreateSemaphoreExW
0x18001d970 AcquireSRWLockExclusive
0x18001d978 AcquireSRWLockShared
0x18001d980 WaitForSingleObject
0x18001d988 InitializeSRWLock
0x18001d990 OpenSemaphoreW
0x18001d998 ReleaseSRWLockShared
0x18001d9a0 CreateMutexExW
0x18001d9a8 ReleaseSRWLockExclusive
0x18001d9b0 ReleaseSemaphore
Library api-ms-win-core-synch-l1-2-0.dll:
0x18001d9c0 InitOnceExecuteOnce
0x18001d9c8 InitOnceComplete
0x18001d9d0 InitOnceBeginInitialize
Library api-ms-win-core-winrt-string-l1-1-0.dll:
0x18001da30 HSTRING_UserMarshal64
0x18001da38 HSTRING_UserFree
0x18001da40 HSTRING_UserSize64
0x18001da48 HSTRING_UserFree64
0x18001da50 HSTRING_UserMarshal
0x18001da58 HSTRING_UserUnmarshal
0x18001da60 WindowsDuplicateString
0x18001da68 WindowsDeleteString
0x18001da70 WindowsCreateString
0x18001da80 WindowsIsStringEmpty
0x18001da90 HSTRING_UserSize
0x18001da98 HSTRING_UserUnmarshal64
Library api-ms-win-core-com-l1-1-0.dll:
0x18001d848 CoCreateInstance
0x18001d858 CoGetCallContext
0x18001d860 CoIncrementMTAUsage
0x18001d868 CoTaskMemAlloc
Library api-ms-win-core-registry-l1-1-0.dll:
0x18001d918 RegOpenKeyExW
0x18001d920 RegDeleteTreeW
0x18001d928 RegCreateKeyExW
0x18001d930 RegGetValueW
0x18001d938 RegEnumKeyExW
0x18001d940 RegCloseKey
0x18001d948 RegSetValueExW
Library api-ms-win-security-capability-l1-1-0.dll:
0x18001dbf0 CapabilityCheck
Library ADVAPI32.dll:
0x18001d668 EventSetInformation
0x18001d670 DuplicateTokenEx
0x18001d678 RegCreateKeyTransactedW
0x18001d680 EventActivityIdControl
0x18001d688 EventWriteTransfer
0x18001d690 EventUnregister
0x18001d698 OpenProcessToken
0x18001d6a0 EventRegister
Library KERNEL32.dll:
0x18001d6b8 GetCurrentThreadId
0x18001d6c0 HeapFree
0x18001d6c8 MultiByteToWideChar
0x18001d6d0 InterlockedFlushSList
0x18001d6d8 FormatMessageW
0x18001d6e0 RaiseException
0x18001d6e8 InitializeSListHead
0x18001d6f0 GetSystemTimeAsFileTime
0x18001d6f8 QueryPerformanceCounter
0x18001d708 TerminateProcess
0x18001d710 GetCurrentProcess
0x18001d720 UnhandledExceptionFilter
0x18001d728 EncodePointer
0x18001d730 GetCurrentProcessId
0x18001d738 OutputDebugStringW
0x18001d748 GetModuleHandleExW
0x18001d750 GetModuleFileNameA
0x18001d758 DebugBreak
0x18001d760 GetProcAddress
0x18001d768 GetModuleHandleW
0x18001d770 CloseHandle
0x18001d778 SetLastError
0x18001d780 GetLastError
0x18001d788 IsDebuggerPresent
0x18001d790 GetProcessHeap
0x18001d798 HeapAlloc
0x18001d7a0 DecodePointer
Library ktmw32.dll:
0x18001dc00 CommitTransaction
0x18001dc08 CreateTransaction
Library api-ms-win-core-winrt-error-l1-1-0.dll:
0x18001d9e0 RoOriginateError
0x18001d9e8 RoOriginateErrorW
0x18001d9f0 SetRestrictedErrorInfo
0x18001d9f8 RoTransformError
0x18001da00 GetRestrictedErrorInfo
Library RPCRT4.dll:
0x18001d7d8 NdrDllGetClassObject
0x18001d7e0 NdrDllCanUnloadNow
0x18001d7e8 CStdStubBuffer_Invoke
0x18001d7f8 IUnknown_AddRef_Proxy
0x18001d808 NdrOleFree
0x18001d810 CStdStubBuffer_AddRef
0x18001d818 IUnknown_Release_Proxy
0x18001d820 NdrOleAllocate
0x18001d830 NdrStubCall3
Library api-ms-win-core-com-midlproxystub-l1-1-0.dll:
0x18001d878 ObjectStublessClient7
0x18001d888 ObjectStublessClient15
0x18001d898 ObjectStublessClient11
0x18001d8a0 ObjectStublessClient14
0x18001d8a8 ObjectStublessClient12
0x18001d8b0 CStdStubBuffer2_Connect
0x18001d8c0 ObjectStublessClient13
0x18001d8d0 ObjectStublessClient6
0x18001d8d8 ObjectStublessClient8
0x18001d8e0 ObjectStublessClient9
0x18001d8e8 ObjectStublessClient17
0x18001d8f0 ObjectStublessClient10
0x18001d908 ObjectStublessClient16
Library msvcp_win.dll:
Library api-ms-win-core-winrt-l1-1-0.dll:
0x18001da20 RoGetActivationFactory
Library OLEAUT32.dll:
0x18001d7b0 SysFreeString
0x18001d7b8 SysStringLen
Library api-ms-win-core-winrt-error-l1-1-1.dll:

Exports

Ordinal Address Name
1 0x180005590 DllCanUnloadNow
2 0x1800052a0 DllGetActivationFactory
3 0x180005460 DllGetClassObject
No antivirus signatures available.
No IRMA results available.