popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2014-03-13 21:14:56

PDB Path

itircl.pdb

PE Imphash

380ae0a373c6ac6b63d2802c179548cd

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x00027470 0x00027600 6.30583192072
.rdata 0x00029000 0x000062b4 0x00006400 4.95656230742
.data 0x00030000 0x00001fa8 0x00001a00 4.09600842129
.pdata 0x00032000 0x00001944 0x00001a00 5.16283245496
.rsrc 0x00034000 0x00000408 0x00000600 2.48068630006
.reloc 0x00035000 0x00000a3c 0x00000c00 5.14992111055

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x00034060 0x000003a8 LANG_ENGLISH SUBLANG_ENGLISH_US data

Imports

Library msvcrt.dll:
0x15d52b5c0 memmove
0x15d52b5c8 _initterm
0x15d52b5d0 _amsg_exit
0x15d52b5d8 __CxxFrameHandler3
0x15d52b5e0 memcpy
0x15d52b5e8 memcmp
0x15d52b5f0 _XcptFilter
0x15d52b5f8 _callnewh
0x15d52b600 malloc
0x15d52b608 _vsnprintf
0x15d52b610 strncmp
0x15d52b618 free
0x15d52b620 _purecall
0x15d52b628 __C_specific_handler
0x15d52b630 ?terminate@@YAXXZ
0x15d52b638 memset
Library KERNEL32.dll:
0x15d52b388 DeleteFileA
0x15d52b390 UnmapViewOfFile
0x15d52b398 VirtualFree
0x15d52b3a0 GlobalSize
0x15d52b3a8 GetCurrentDirectoryA
0x15d52b3b0 GlobalAlloc
0x15d52b3b8 GlobalFree
0x15d52b3c0 GlobalLock
0x15d52b3c8 GlobalUnlock
0x15d52b3d0 EnterCriticalSection
0x15d52b3d8 LeaveCriticalSection
0x15d52b3e8 DeleteCriticalSection
0x15d52b3f0 GetModuleFileNameA
0x15d52b3f8 VirtualProtect
0x15d52b400 VirtualAlloc
0x15d52b408 LoadLibraryExA
0x15d52b410 GetModuleHandleA
0x15d52b418 MultiByteToWideChar
0x15d52b420 GetLastError
0x15d52b430 GetSystemInfo
0x15d52b438 HeapDestroy
0x15d52b440 WideCharToMultiByte
0x15d52b448 lstrcmpiA
0x15d52b450 VirtualQuery
0x15d52b458 GlobalReAlloc
0x15d52b460 CompareStringW
0x15d52b468 GetACP
0x15d52b470 CompareStringA
0x15d52b478 GetUserDefaultLCID
0x15d52b480 GetVersionExA
0x15d52b488 Sleep
0x15d52b490 RtlCaptureContext
0x15d52b498 RtlLookupFunctionEntry
0x15d52b4a0 RtlVirtualUnwind
0x15d52b4a8 UnhandledExceptionFilter
0x15d52b4b8 GetCurrentProcess
0x15d52b4c0 TerminateProcess
0x15d52b4c8 QueryPerformanceCounter
0x15d52b4d0 GetCurrentProcessId
0x15d52b4d8 GetCurrentThreadId
0x15d52b4e0 GetSystemTimeAsFileTime
0x15d52b4e8 GetTickCount
0x15d52b4f0 lstrlenA
0x15d52b4f8 GetFullPathNameA
0x15d52b500 LocalLock
0x15d52b508 LocalAlloc
0x15d52b510 LocalFree
0x15d52b518 LocalUnlock
0x15d52b520 GetProcAddress
0x15d52b528 GetTempFileNameA
0x15d52b530 GetTempPathA
0x15d52b538 OpenFile
0x15d52b540 SetFilePointer
0x15d52b548 OutputDebugStringA
0x15d52b550 WriteFile
0x15d52b558 ReadFile
0x15d52b560 MapViewOfFile
0x15d52b568 GlobalFlags
0x15d52b570 CreateFileA
0x15d52b578 CloseHandle
0x15d52b580 GlobalHandle
0x15d52b588 CreateFileMappingA
0x15d52b590 GetFileSize
Library USER32.dll:
0x15d52b5a0 CharUpperA
0x15d52b5a8 CharNextA
0x15d52b5b0 LoadStringA
Library ADVAPI32.dll:
0x15d52b358 RegCloseKey
0x15d52b360 RegCreateKeyExA
0x15d52b368 RegSetValueExA
0x15d52b370 RegEnumKeyExA
0x15d52b378 RegOpenKeyExA
Library ole32.dll:
0x15d52b648 ReadClassStm
0x15d52b650 WriteClassStm
0x15d52b658 CoTaskMemFree
0x15d52b660 StringFromCLSID
0x15d52b668 CoCreateInstance
0x15d52b670 CoGetClassObject

Exports

Ordinal Address Name
1 0x15d504100 DllCanUnloadNow
2 0x15d504120 DllGetClassObject
3 0x15d504140 DllRegisterServer
4 0x15d504200 DllUnregisterServer
No antivirus signatures available.
No IRMA results available.