Static | ZeroBOX

Name	Virtual Address	Virtual Size	Size of Raw Data	Entropy
.text	0x00002000	0x00001174	0x00001200	5.49376068282
.rsrc	0x00004000	0x000005f6	0x00000600	4.21305378655
.reloc	0x00006000	0x0000000c	0x00000200	0.0815394123432

Name

Virtual Address

Virtual Size

Size of Raw Data

Entropy

.text

0x00002000

0x00001174

0x00001200

5.49376068282

.rsrc

0x00004000

0x000005f6

0x00000600

4.21305378655

.reloc

0x00006000

0x0000000c

0x00000200

0.0815394123432

Name	Offset	Size	Language	Sub-language	File type
RT_VERSION	0x000040a0	0x0000036c	LANG_NEUTRAL	SUBLANG_NEUTRAL	data
RT_MANIFEST	0x0000440c	0x000001ea	LANG_NEUTRAL	SUBLANG_NEUTRAL	XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Name

Offset

Size

Language

Sub-language

File type

RT_VERSION

0x000040a0

0x0000036c

LANG_NEUTRAL

SUBLANG_NEUTRAL

data

RT_MANIFEST

0x0000440c

0x000001ea

LANG_NEUTRAL

SUBLANG_NEUTRAL

XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

!This program cannot be run in DOS mode.

`.rsrc

@.reloc

v4.0.30319

#Strings

<GetDownload>d__0

<>u__1

Task`1

AsyncTaskMethodBuilder`1

TaskAwaiter`1

<buffer>5__2

<http>5__3

System.IO

CheckX-Cracked-VIP

mscorlib

Mklqdkmac

GetByteArrayAsync

GetDownload

AwaitUnsafeOnCompleted

get_IsCompleted

CryptoStreamMode

IDisposable

IAsyncStateMachine

SetStateMachine

stateMachine

ValueType

Dispose

Create

<>1__state

CompilerGeneratedAttribute

GuidAttribute

DebuggableAttribute

ComVisibleAttribute

AssemblyTitleAttribute

AsyncStateMachineAttribute

AssemblyTrademarkAttribute

TargetFrameworkAttribute

DebuggerHiddenAttribute

AssemblyFileVersionAttribute

AssemblyConfigurationAttribute

AssemblyDescriptionAttribute

CompilationRelaxationsAttribute

AssemblyProductAttribute

AssemblyCopyrightAttribute

AssemblyCompanyAttribute

RuntimeCompatibilityAttribute

CheckX-Cracked-VIP.exe

System.Runtime.Versioning

FromBase64String

Qqlgbqkozrj

get_Task

CryptoStream

MemoryStream

System

SymmetricAlgorithm

ICryptoTransform

Qycsdlvjln

System.Reflection

SetException

Shhundo

System.Net.Http

Cuhwsufq

InvokeMember

TripleDESCryptoServiceProvider

<>t__builder

Binder

GetAwaiter

CreateDecryptor

Tbigxr

System.Diagnostics

System.Runtime.InteropServices

System.Runtime.CompilerServices

DebuggingModes

GetTypes

BindingFlags

System.Threading.Tasks

Qrneus

Object

get_Result

GetResult

SetResult

HttpClient

Convert

MoveNext

Vfxrtacsu

ToArray

System.Security.Cryptography

Assembly

g~-FLK

WrapNonExceptionThrows

CheckX-Cracked-VIP

2017

$adb175dc-9025-4260-8d5f-8cd44070168b

1.0.0.0

.NETFramework,Version=v4.6

FrameworkDisplayName

.NET Framework 4.6

jQycsdlvjln.A1+<GetDownload>d__0, CheckX-Cracked-VIP, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null

_CorExeMain

mscoree.dll

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>

</requestedPrivileges>

</security>

</trustInfo>

</assembly>

N.#W.+|.3

http://87.120.127.223/panel/uploads/Afocvkc.dat

4gVNVhOOothvqc7HvzpSSA==

JyVp/inuEgQ=

xsrDOVFPJ

VS_VERSION_INFO

VarFileInfo

Translation

StringFileInfo

000004b0

Comments

CompanyName

FileDescription

CheckX-Cracked-VIP

FileVersion

1.0.0.0

InternalName

CheckX-Cracked-VIP.exe

LegalCopyright

2017

LegalTrademarks

OriginalFilename

CheckX-Cracked-VIP.exe

ProductName

CheckX-Cracked-VIP

ProductVersion

1.0.0.0

Assembly Version

1.0.0.0

Antivirus	Signature
Bkav	W32.AIDetectMalware.CS
Lionic	Trojan.Win32.Vimditator.4!c
Elastic	malicious (high confidence)
ClamAV	Clean
CTX	exe.trojan.msil
CAT-QuickHeal	Clean
Skyhigh	Artemis!Trojan
ALYac	Clean
Cylance	Unsafe
Sangfor	Downloader.Msil.Agent.Vt59
CrowdStrike	win/malicious_confidence_70% (D)
BitDefender	Trojan.GenericKD.74316056
K7GW	Trojan-Downloader ( 0059c9381 )
K7AntiVirus	Trojan-Downloader ( 0059c9381 )
huorong	HEUR:TrojanDownloader/MSIL.Agent.x
Baidu	Clean
VirIT	Trojan.Win32.MSIL_Heur.A
Symantec	ML.Attribute.HighConfidence
tehtris	Clean
ESET-NOD32	a variant of MSIL/TrojanDownloader.Agent.RIP
APEX	Malicious
Paloalto	generic.ml
Cynet	Clean
Kaspersky	UDS:DangerousObject.Multi.Generic
Alibaba	Clean
NANO-Antivirus	Clean
ViRobot	Clean
MicroWorld-eScan	Trojan.GenericKD.74316056
Tencent	Clean
Sophos	Mal/Generic-S
F-Secure	Trojan.TR/Dldr.Agent.zevgl
DrWeb	Clean
VIPRE	Clean
TrendMicro	Clean
McAfeeD	Real Protect-LS!3A1085797CA3
Trapmine	Clean
CMC	Clean
Emsisoft	Trojan.GenericKD.74316056 (B)
Ikarus	Clean
FireEye	Trojan.GenericKD.74316056
Jiangmin	Clean
Webroot	Clean
Varist	W32/ABTrojan.LPDI-3697
Avira	TR/Dldr.Agent.zevgl
Fortinet	MSIL/Generik.BZNYUMT!tr
Antiy-AVL	Trojan/MSIL.Vimditator
Kingsoft	malware.kb.c.956
Gridinsoft	Ransom.Win32.Wacatac.sa
Xcitium	Clean
Arcabit	Trojan.Generic.D46DF918
SUPERAntiSpyware	Clean
ZoneAlarm	UDS:DangerousObject.Multi.Generic
Microsoft	Trojan:Win32/Wacatac.B!ml
Google	Clean
AhnLab-V3	Clean
Acronis	Clean
VBA32	Downloader.MSIL.PureCrypter.Heur
TACHYON	Clean
Malwarebytes	Trojan.Downloader.MSIL.Generic
Panda	Trj/Chgt.AD
Zoner	Clean
TrendMicro-HouseCall	Clean
Rising	Malware.Obfus/MSIL@AI.86 (RDM.MSIL2:PBwvll/qJ34vTEFAwS0fPQ)
Yandex	Clean
SentinelOne	Static AI - Malicious PE
MaxSecure	Clean
GData	Trojan.GenericKD.74316056
DeepInstinct	MALICIOUS
alibabacloud	Trojan[downloader]:MSIL/Wacatac.B9nj

Antivirus

Signature

Bkav

W32.AIDetectMalware.CS

Lionic

Trojan.Win32.Vimditator.4!c

Elastic

malicious (high confidence)

ClamAV

Clean

CTX

exe.trojan.msil

CAT-QuickHeal

Clean

Skyhigh

Artemis!Trojan

ALYac

Clean

Cylance

Unsafe

Sangfor

Downloader.Msil.Agent.Vt59

CrowdStrike

win/malicious_confidence_70% (D)

BitDefender

Trojan.GenericKD.74316056

K7GW

Trojan-Downloader ( 0059c9381 )

K7AntiVirus

Trojan-Downloader ( 0059c9381 )

huorong

HEUR:TrojanDownloader/MSIL.Agent.x

Baidu

Clean

VirIT

Trojan.Win32.MSIL_Heur.A

Symantec

ML.Attribute.HighConfidence

tehtris

Clean

ESET-NOD32

a variant of MSIL/TrojanDownloader.Agent.RIP

APEX

Malicious

Paloalto

generic.ml

Cynet

Clean

Kaspersky

UDS:DangerousObject.Multi.Generic

Alibaba

Clean

NANO-Antivirus

Clean

ViRobot

Clean

MicroWorld-eScan

Trojan.GenericKD.74316056

Tencent

Clean

Sophos

Mal/Generic-S

F-Secure

Trojan.TR/Dldr.Agent.zevgl

DrWeb

Clean

VIPRE

Clean

TrendMicro

Clean

McAfeeD

Real Protect-LS!3A1085797CA3

Trapmine

Clean

CMC

Clean

Emsisoft

Trojan.GenericKD.74316056 (B)

Ikarus

Clean

FireEye

Trojan.GenericKD.74316056

Jiangmin

Clean

Webroot

Clean

Varist

W32/ABTrojan.LPDI-3697

Avira

TR/Dldr.Agent.zevgl

Fortinet

MSIL/Generik.BZNYUMT!tr

Antiy-AVL

Trojan/MSIL.Vimditator

Kingsoft

malware.kb.c.956

Gridinsoft

Ransom.Win32.Wacatac.sa

Xcitium

Clean

Arcabit

Trojan.Generic.D46DF918

SUPERAntiSpyware

Clean

ZoneAlarm

UDS:DangerousObject.Multi.Generic

Microsoft

Trojan:Win32/Wacatac.B!ml

Google

Clean

AhnLab-V3

Clean

Acronis

Clean

VBA32

Downloader.MSIL.PureCrypter.Heur

TACHYON

Clean

Malwarebytes

Trojan.Downloader.MSIL.Generic

Panda

Trj/Chgt.AD

Zoner

Clean

TrendMicro-HouseCall

Clean

Rising

Malware.Obfus/MSIL@AI.86 (RDM.MSIL2:PBwvll/qJ34vTEFAwS0fPQ)

Yandex

Clean

SentinelOne

Static AI - Malicious PE

MaxSecure

Clean

GData

Trojan.GenericKD.74316056

DeepInstinct

MALICIOUS

alibabacloud

Trojan[downloader]:MSIL/Wacatac.B9nj

Static Analysis

PE Compile Time

PE Imphash

Sections

Resources

Imports