popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2102-10-22 15:32:40

PDB Path

C:\Users\jack\source\repos\ConsoleApp50\ConsoleApp50\obj\Release\ConsoleApp50.pdb

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x00000cc6 0x00000e00 5.09863345259
.rsrc 0x00004000 0x000005cc 0x00000600 4.11287824301

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x00004090 0x0000033c LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_MANIFEST 0x000043dc 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

!This program cannot be run in DOS mode.
`.rsrc
v4.0.30319
#Strings
ConsoleApp50
get_UTF8
ConsoleApp8
<Module>
SW_HIDE
DownloadData
GetRemoteData
mscorlib
start_music
VirtualAlloc
lpThreadId
CreateThread
get_Message
hHandle
Console
WriteLine
flAllocationType
GuidAttribute
DebuggableAttribute
ComVisibleAttribute
AssemblyTitleAttribute
AssemblyTrademarkAttribute
TargetFrameworkAttribute
AssemblyFileVersionAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
CompilationRelaxationsAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyCompanyAttribute
RuntimeCompatibilityAttribute
ToByte
ConsoleApp50.exe
dwStackSize
Encoding
System.Runtime.Versioning
GetString
hexString
Substring
get_Length
Marshal
kernel32.dll
user32.dll
Program
System
System.Reflection
Exception
lpStartAddr
lpParameter
IntPtr
System.Diagnostics
dwMilliseconds
System.Runtime.InteropServices
System.Runtime.CompilerServices
DebuggingModes
lpThreadAttributes
ConvertToBytes
dwCreationFlags
lpStartAddress
Concat
WaitForSingleObject
flProtect
System.Net
op_Explicit
WebClient
Convert
System.Text
GetConsoleWindow
ShowWindow
nCmdShow
WrapNonExceptionThrows
ConsoleApp50
Copyright
2024
$4dcd984d-295a-43b3-9a2d-22728973c91c
1.0.0.0
.NETFramework,Version=v4.7.2
FrameworkDisplayName
.NET Framework 4.7.2
C:\Users\jack\source\repos\ConsoleApp50\ConsoleApp50\obj\Release\ConsoleApp50.pdb
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
Error converting hex string to bytes:
http://156.245.12.57:8000/1222.txt
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
ConsoleApp50
FileVersion
1.0.0.0
InternalName
ConsoleApp50.exe
LegalCopyright
Copyright
2024
LegalTrademarks
OriginalFilename
ConsoleApp50.exe
ProductName
ConsoleApp50
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0
Antivirus Signature
Bkav W64.AIDetectMalware.CS
Lionic Trojan.Win32.Agent.Y!c
Elastic malicious (high confidence)
ClamAV Clean
CMC Clean
CAT-QuickHeal Clean
Skyhigh Artemis!Trojan
ALYac Clean
Cylance Clean
Zillya Clean
Sangfor Backdoor.Win32.Agent.Vuls
CrowdStrike win/malicious_confidence_90% (D)
Alibaba Clean
K7GW Clean
K7AntiVirus Clean
huorong Backdoor/Meterpreter.ak
Baidu Clean
VirIT Clean
Paloalto generic.ml
Symantec Clean
tehtris Clean
ESET-NOD32 a variant of Generik.THYAWK
APEX Malicious
Avast Win64:MalwareX-gen [Trj]
Cynet Malicious (score: 100)
Kaspersky HEUR:Backdoor.MSIL.Agent.gen
BitDefender Trojan.GenericKD.74327216
NANO-Antivirus Clean
ViRobot Clean
MicroWorld-eScan Trojan.GenericKD.74327216
Tencent Clean
Sophos Clean
F-Secure Clean
DrWeb Clean
VIPRE Clean
TrendMicro Clean
McAfeeD ti!1895CB39DA80
Trapmine Clean
CTX exe.trojan.artemis
Emsisoft Trojan.GenericKD.74327216 (B)
Ikarus Win32.Outbreak
FireEye Generic.mg.28b7505a051cf6a0
Jiangmin Clean
Webroot Clean
Varist W64/Rozena.CM.gen!Eldorado
Avira Clean
Fortinet PossibleThreat
Antiy-AVL Clean
Kingsoft MSIL.Backdoor.Agent.gen
Gridinsoft Clean
Xcitium Clean
Arcabit Clean
SUPERAntiSpyware Clean
ZoneAlarm HEUR:Backdoor.MSIL.Agent.gen
Microsoft Program:Win32/Wacapew.C!ml
Google Detected
AhnLab-V3 Clean
Acronis Clean
McAfee Artemis!28B7505A051C
TACHYON Clean
VBA32 Clean
Malwarebytes Generic.Malware/Suspicious
Panda Clean
Zoner Clean
TrendMicro-HouseCall Clean
Rising Clean
Yandex Clean
SentinelOne Static AI - Malicious PE
MaxSecure Trojan.Malware.300983.susgen
GData Trojan.GenericKD.74327216
AVG Win64:MalwareX-gen [Trj]
DeepInstinct MALICIOUS
alibabacloud Clean
No IRMA results available.