popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

1970-01-01 09:00:00

PE Imphash

1aae8bf580c846f39c71c05898e57e88

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x0076fb28 0x0076fc00 6.11047190537
.rdata 0x00771000 0x0083bd38 0x0083be00 6.03287275284
.data 0x00fad000 0x000ec1ec 0x000b9e00 5.68814511906
.idata 0x0109a000 0x0000044c 0x00000600 4.03230057603
.reloc 0x0109b000 0x000638e4 0x00063a00 6.62926269868
.symtab 0x010ff000 0x00000004 0x00000200 0.0203931352361
.rsrc 0x01100000 0x0000e872 0x0000ea00 3.49264287499

Resources

Name Offset Size Language Sub-language File type
RT_ICON 0x0110d6a4 0x00000468 LANG_ENGLISH SUBLANG_ENGLISH_US GLS_BINARY_LSB_FIRST
RT_ICON 0x0110d6a4 0x00000468 LANG_ENGLISH SUBLANG_ENGLISH_US GLS_BINARY_LSB_FIRST
RT_ICON 0x0110d6a4 0x00000468 LANG_ENGLISH SUBLANG_ENGLISH_US GLS_BINARY_LSB_FIRST
RT_ICON 0x0110d6a4 0x00000468 LANG_ENGLISH SUBLANG_ENGLISH_US GLS_BINARY_LSB_FIRST
RT_ICON 0x0110d6a4 0x00000468 LANG_ENGLISH SUBLANG_ENGLISH_US GLS_BINARY_LSB_FIRST
RT_ICON 0x0110d6a4 0x00000468 LANG_ENGLISH SUBLANG_ENGLISH_US GLS_BINARY_LSB_FIRST
RT_ICON 0x0110d6a4 0x00000468 LANG_ENGLISH SUBLANG_ENGLISH_US GLS_BINARY_LSB_FIRST
RT_ICON 0x0110d6a4 0x00000468 LANG_ENGLISH SUBLANG_ENGLISH_US GLS_BINARY_LSB_FIRST
RT_ICON 0x0110d6a4 0x00000468 LANG_ENGLISH SUBLANG_ENGLISH_US GLS_BINARY_LSB_FIRST
RT_ICON 0x0110d6a4 0x00000468 LANG_ENGLISH SUBLANG_ENGLISH_US GLS_BINARY_LSB_FIRST
RT_ICON 0x0110d6a4 0x00000468 LANG_ENGLISH SUBLANG_ENGLISH_US GLS_BINARY_LSB_FIRST
RT_ICON 0x0110d6a4 0x00000468 LANG_ENGLISH SUBLANG_ENGLISH_US GLS_BINARY_LSB_FIRST
RT_ICON 0x0110d6a4 0x00000468 LANG_ENGLISH SUBLANG_ENGLISH_US GLS_BINARY_LSB_FIRST
RT_GROUP_ICON 0x0110db0c 0x000000bc LANG_ENGLISH SUBLANG_ENGLISH_US data
RT_VERSION 0x0110dbc8 0x00000584 LANG_ENGLISH SUBLANG_ENGLISH_US data
RT_MANIFEST 0x0110e14c 0x00000726 LANG_ENGLISH SUBLANG_ENGLISH_US XML 1.0 document, ASCII text, with CRLF line terminators

Imports

Library kernel32.dll:
0x13af760 WriteFile
0x13af764 WriteConsoleW
0x13af768 WerSetFlags
0x13af76c WerGetFlags
0x13af774 WaitForSingleObject
0x13af778 VirtualQuery
0x13af77c VirtualFree
0x13af780 VirtualAlloc
0x13af784 TlsAlloc
0x13af788 SwitchToThread
0x13af78c SuspendThread
0x13af790 SetWaitableTimer
0x13af79c SetEvent
0x13af7a0 SetErrorMode
0x13af7a4 SetConsoleCtrlHandler
0x13af7a8 ResumeThread
0x13af7b4 LoadLibraryW
0x13af7b8 LoadLibraryExW
0x13af7bc SetThreadContext
0x13af7c0 GetThreadContext
0x13af7c4 GetSystemInfo
0x13af7c8 GetSystemDirectoryA
0x13af7cc GetStdHandle
0x13af7d8 GetProcAddress
0x13af7dc GetErrorMode
0x13af7e4 GetCurrentThreadId
0x13af7e8 GetConsoleMode
0x13af7f0 ExitProcess
0x13af7f4 DuplicateHandle
0x13af7fc CreateThread
0x13af804 CreateEventA
0x13af808 CloseHandle
!This program cannot be run in DOS mode.
`.rdata
@.data
.idata
.reloc
B.symtab
B.rsrc
Go build ID: "25EkdBizyvUB7Gu9h9KH/GmFil_AhU5sPRJALe2E4/zMqTXDPeOLUxDG5MkjTl/0yovQrJQtX9d2suWBCBy"
;cpu.u
H(9J(u|
H,8J,us
H-8J-uj
H49J4ub
H89J8uZ
H<8J<uQ
H=8J=uH
JD9HDu@
HH9JHu8
HL8JLu/
HM8JMu&
JT9HTu
HX9JXu
H\8J\u
H]8J]u
@ 2-by
@$2-by
@(2-by
@,2-by
@0te k
@4te k
@8te k
@<te k
D$49H(v6
D$<9D$
D$49D$
D$ 9D$
l$(9.u
|$09GDu
L$ 9A4t
L$(f9A
G 9E tJ
D$,+D$
D$89D$
L$H9A4v
\$49\$(u
L$$9A(s
\$09S4
L$ 9H<s
L$09A4v
T$(9J4s
T$<9B4v
L$ #D$$#L$(
UUUU%UUUU
T$ 9T$
D$09D$
uP9uTu
9T$,t-
D$49D$
D$<9D$
L$89L$<
t89A0t3
L$49L$
-9A$u(
Z 9X s&9B
v 9q w
D$$9D$
D$<9D$
D$<9D$
D$,9D$
L$X9A(t
l$$9)t"
L$D9L$
D$@9D$(u
D$<9D$
D$<9D$
|$D2u
D$H9D$
\$@9X
\$P9L$,}S
D$,9L$,
D$L9D$
D$(9D$
u"f9w"
D$L9D$
E$9G$t
D$L9D$
D$D9D$
D$D9D$
D$H9D$
D$H9D$
69t$Dt
69t$Dt
L$89H8
8GODEuaf
9noneu`1
9crasuH
9singu
9systu
T$,9B
t>;CPu?
|$$9;u
|$D9;u
|$ 9;u
|$ 9;u
H,9J,u
Q08P0u
9L$,u%
D$,9D$
D$L9D$
\$<9S(
D$,9D$
D$L9D$
\$<9S(
~"f9}"u
~ f9} u
F(9E(t
F(9E(ui
D$,9D$
D$$9D$
D$$9D$
D$(9D$
T$,9T$
|$(9;u
D$$9D$
D$89D$$
D$$9D$
|$$9;u
D$l9D$
:ChSTt
:MeSTu
:WITAuH
\$<9\$
T$$9D$
T$$9D$
D$09D$
:nullu
9D$$~t
:Locau$
:.zipuL
;tzdau\
?-070u
?-070u
?-07:u
?Januu
?Mondu
?Z070u
?Z070u
?Z07:u
?2006u-
92006t
D$89D$
D$89D$
|$H9;u
|$L9;u
|$D9;u
|$L9;u
|$D9;u
|$89;u
|$D9;u
|$@9;u
|$@9;u
|$D9;u
|$<9;u
|$49;u
|$@9;u
|$49;u
|$49;u
|$09;u
|$@9;u
|$@9;u
|$@9;u
|$@9;u
|$H9;u
|$49;u
|$H9;u
|$H9;u
|$@9;u
|$@9;u
|$89;u
|$(9;u
T$D9T$
9\$\~?
T$`~PG9
D$x9D$
D$x9D$
D$x9D$
D$P9D$
D$L9D$
D$l9D$
D$,9D$
D$H9D$
\$d9S(
D$,9D$
D$H9D$
\$d9S(
~"f9}"u
~ f9} u
E$9F$t
F(9E(t
E(9F(ui
D$,9D$
D$$9D$
D$$9D$
D$ func
D$@9D$
D$d9D$
T$L9B(
L$X9H(
D$X9D$
D$ 9D$
D$X9D$
D$x9D$
H 9J u
|$ 9;u
|$ 9;u
|$89;u
|$,9;u
|$(9;u
|$(9;u
|$$9;u
|$ 9;u
|$ 9;u
|$(9;u
|$09;u
|$$9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$(9;u
|$ 9;u
|$$9;u
|$ 9;u
|$ 9;u
|$(9;u
|$$9;u
|$(9;u
|$ 9;u
|$ 9;u
D$89D$
D$49D$
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
9fileu
gramtF
9tcp4t
9tcp6t
9udp4t
9udp6u
9udp4t
|$$9;u
|$$9;u
}zy uV
9\??\t;
HH9JHu
XL9ZLuy
XP8ZPup
|$ 9;u
|$ 9;u
|$(9;u
|$(9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$$9;u
|$$9;u
|$89;u
|$89;u
|$89;u
|$89;u
|$89;u
|$89;u
|$ 9;u
|$ 9;u
|$(9;u
|$(9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$(9;u
|$(9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$$9;u
|$$9;u
|$89;u
|$89;u
|$89;u
|$89;u
|$89;u
|$89;u
|$ 9;u
|$ 9;u
|$(9;u
|$(9;u
|$ 9;u
|$ 9;u
D$h9D$
t$$f9D$$
f9D$&r
L$ f9D$ w
f9D$"r
D$l9D$t|
L$(8L$
8n<Owh
8n<Ou
8n<OwY
D$h%#"
D$|9D$
D$08D$
L$08L$
D$49D$
D$$9D$
D$(9D$
|$(9;u
|$(9;u
:ignou
:paniu
&[AuB
D$d9D$
D$d9D$
D$d9D$
D$d9D$
D$d9D$
D$d9D$
D$d9D$
D$|9D$x
D$X9D$
D$D9D$$}
:-infu
D$ 9D$
D$$9D$
D$,9D$
|$@9;u
|$T9;u
|$$9;u
D$d9D$
HH9HDu
HP9HTu
H\9H`u
=protu!f
Y=prot
\$89\$,
t$(9\$$
D$X9D$,
l$HM9l$,
|$(9l$$
D$L9\$H~
D$D9\$@
|$49D$0~
D$XH9D$0
H8Ju
H 8J u
|$ 9;u
\$$9K }
D$(9D$
D$89D$
8falsu
,9xpu%
P$9S$uG
|$ 9;u
|$$9;u
|$ 9;u
|$(9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$,9;u
zigzuZ
zigzuU
ag64uL
:grouu%
:packu*f
:protuGf
D$|9D$
|$ 9;u
|$ 9;u
f9HLt#
D$$9D$
L$ 9L$
T$|95XBE
D$t9D$
D$l9D$
D$\9D$
D$|9D$
D$D9D$
D$ 9D$
ZL9XLuy
XT9ZTuq
|$ 9;u
|$ 9;u
|$09;u
|$(9;u
|$(9;u
|$ 9;u
|$ 9;u
|$$9;u
|$(9;u
|$(9;u
|$(9;u
|$(9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$49;u
|$89;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
L$ 9L$
](9],uv
j09k0t
j89k8t
j(9k(u=
j,9k,u5
D$$9D$
T$P9h,
tI9W8u
D$`9xL
kD9jP}Z
;@typu
D$ 9D$
D$D9D$
8Emptu
8Emptu
:@typu
8@typu
8valuuY
D$`9D$
D$H9D$
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$t9;u
|$t9;u
|$|9;u
|$|9;u
|$|9;u
|$|9;u
|$\9;u
|$\9;u
|$h9;u
|$h9;u
|$t9;u
|$t9;u
|$|9;u
|$|9;u
|$|9;u
|$|9;u
|$\9;u
|$\9;u
|$h9;u
|$t9;u
|$t9;u
|$|9;u
|$|9;u
|$|9;u
|$|9;u
|$\9;u
|$\9;u
|$h9;u
|$89;u
|$89;u
|$t9;u
|$t9;u
|$|9;u
|$|9;u
|$|9;u
|$|9;u
|$\9;u
|$\9;u
|$h9;u
|$h9;u
|$t9;u
|$t9;u
|$|9;u
|$|9;u
|$|9;u
|$|9;u
|$\9;u
|$\9;u
|$h9;u
|$h9;u
|$\9;u
|$\9;u
|$h9;u
|$h9;u
|$t9;u
|$t9;u
|$|9;u
|$|9;u
|$|9;u
|$|9;u
|$\9;u
|$\9;u
|$h9;u
|$t9;u
|$t9;u
|$|9;u
|$|9;u
|$|9;u
|$|9;u
|$\9;u
|$\9;u
|$h9;u
|$\9;u
|$\9;u
|$h9;u
|$89;u
|$89;u
|$t9;u
|$t9;u
|$|9;u
|$|9;u
|$|9;u
|$|9;u
|$\9;u
|$\9;u
|$h9;u
|$t9;u
|$t9;u
|$|9;u
|$|9;u
|$|9;u
|$|9;u
|$\9;u
|$\9;u
|$h9;u
|$t9;u
|$t9;u
|$|9;u
|$|9;u
|$|9;u
|$|9;u
|$\9;u
|$\9;u
|$h9;u
|$89;u
|$89;u
|$89;u
|$89;u
|$ 9;u
|$89;u
|$89;u
|$89;u
|$89;u
|$$9;u
|$$9;u
|$$9;u
|$$9;u
\$@+\$H
0C9\$X~=@9
9nullu
D$p9D$
D$p9D$
D$$8D$
|$ 9;u
|$ 9;u
|$$9;u
|$$9;u
D$D9D$
D$D9D$
D$<8D$
D$=8D$
D$>8D$
D$?8D$
D$88D$
D$98D$
D$:8D$
L$@9A t0
D$,9D$
D$ 9D$
D$,9D$
D$<9D$
8boolty
8int8ty
8int1u
8int3u
8int6u
8uintty
8uintu
8uintu
8uintu
8uintu
8uintu
8floau
8floau
8striu
8boolty
8int8ty
8int1u
8int3u
8int6u
8uintty
8uintu
8uintu
8uintu
8uintu
8uintu
8floau
8floau
8striu
\ufff
|$<9;u
|$ 9;u
|$$9;u
|$(9;u
|$(9;u
|$$9;u
|$$9;u
|$49;u
|$49;u
|$ 9;u
|$ 9;u
|$$9;u
|$$9;u
|$ 9;u
|$ 9;u
D$(9D$
D$(9D$
D$D9D$
D$(+D$
L$H9A |
3T$ 1L$
3T$,1L$(
3T$41L$0
|$,9;u
|$ 9;u
L$L9L$
L$T9L$
L$t9L$
D$0k1^
D$D:T^8
D$<kM=
D$ 9)jx
D$<'>f,
D$P5<p
D$T=,4
D$\kP?
D$T=,4
D$\kP?
D$T=,4
D$\kP?
D$T=,4
D$\kP?
D$T=,4
D$\kP?
L$T9L$
A$1y 1
|$(9;u
|$$9;u
|$$9;u
|$ 9;u
|$(9;u
|$$9;u
|$$9;u
|$ 9;u
|$(9;u
|$$9;u
|$$9;u
|$ 9;u
D$89D$
|$ 9;u
|$ 9;u
|$49;u
|$ 9;u
|$(9;u
|$$9;u
|$ 9;u
|$ 9;u
|$49;u
|$ 9;u
|$(9;u
|$$9;u
|$ 9;u
|$ 9;u
|$49;u
|$ 9;u
|$(9;u
|$$9;u
|$ 9;u
|$ 9;u
|$49;u
|$ 9;u
|$(9;u
|$$9;u
|$$9;u
|$49;u
|$ 9;u
|$(9;u
|$ 9;u
|$ 9;u
@$g&3g
@(l>+
D$p9D$
D$l9D$
8optiu
8explu=
icitu4
8numeu
8utf8u
8privuLf
D$h9D$
|$ 9;u
|$ 9;u
|$ 9;u
D$$8D$
D$$8D$
L$,+L$
D$49D$
D$49D$
8P-25ub
|$ 9;u
|$ 9;u
|$$9;u
|$$9;u
|$ 9;u
|$ 9;u
|$$9;u
|$$9;u
D$ ffff
D$$ffff
D$(ffff
D$,ffff
D$0ffff
D$4ffff
D$8ffff
L$H+A`
|$$9;u
\$X3D$43L$8
3T$<3\$@
D$<3D$T
L$@3L$X
|$ 9;u
|$$9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$$9;u
|$$9;u
|$D9;u
|$D9;u
|$,9;u
|$09;u
|$09;u
|$09;u
|$09;u
|$09;u
|$09;u
|$X9;u
|$<9;u
|$@9;u
|$@9;u
|$@9;u
|$49;u
|$49;u
|$H9;u
|$L9;u
|$L9;u
|$H9;u
|$H9;u
|$P9;u
|$<9;u
|$<9;u
|$L9;u
|$P9;u
|$09;u
|$H9;u
|$H9;u
|$<9;u
8L$0uB
planuT
windu'f
;bindua
9fileu
;fileua
9bindu
8solau.f
>fileu
8fileu&
>fileu
>succu
>notfu
:retuu
tcp4tt
tcp6tk
udp4t]
udp6tT
unixtK
unixug
gramt2
9dialuM
unixtQ
gramt1
D$49D$
D$P9D$
:CNAMuw
9CNAMu%
}zy u~
:tcp4t
}zy u(
}zy u"
|$<9;u
\$(9\$
L$x9L$Dt
}zy u`
}zy uc
:tcp4t!
:tcp6t
:udp4t
:tcp4t
:udp4t
9tcp4t
9udp4t
9udp6uo
9dialt
9tcp4t
9udp4t
9udp6uN
9tcp4t
9tcp6t
9udp4t
9udp6uZ
8tcp4t
8udp4t
9acceu:f
unixt]
unixur
gramtA
unixtK
unixuT
gramt2
unixtK
unixuT
gramt2
}zy ue
9udp4t
}zy ue
8listu8f
X!8Z!uz
X"8Z"uq
|$ 9;u
|$$9;u
|$(9;u
|$89;u
|$89;u
|$ 9;u
|$$9;u
|$$9;u
|$$9;u
|$ 9;u
|$ 9;u
|$$9;u
|$$9;u
|$$9;u
|$ 9;u
|$ 9;u
|$$9;u
|$$9;u
|$$9;u
|$ 9;u
|$ 9;u
|$$9;u
|$$9;u
|$$9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$$9;u
|$$9;u
|$(9;u
|$(9;u
|$$9;u
|$$9;u
|$$9;u
|$$9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$$9;u
|$$9;u
|$(9;u
|$(9;u
|$$9;u
|$$9;u
|$$9;u
|$$9;u
|$ 9;u
|$ 9;u
|$49;u
|$L9;u
|$89;u
|$P9;u
|$09;u
|$09;u
|$09;u
|$H9;u
|$09;u
|$H9;u
|$$9;u
|$<9;u
|$49;u
L$ 9A t
D$(9D$
L$ 9A<t
D$(9D$
|$ 9;u
L$H+AP
D$8vT2
L$H+AT
<$3|$43|$ 3|$
3|$83|$$3|$
3|$<3|$(3|$
3<$3|$,3|$
3|$03|$
3|$43|$
3|$83|$
3|$<3|$$
|$ 3|$
3<$3|$(
|$$3|$
|$(3|$
|$,3|$ 3|$
|$03|$$3|$
|$43|$(3|$
|$83|$,3|$
|$<3|$03|$
<$3|$43|$ 3|$
3|$83|$$3|$
3|$<3|$(3|$
3<$3|$,3|$
3|$03|$
3|$43|$
3|$83|$
3|$<3|$$
|$ 3|$
3<$3|$(
|$$3|$
|$(3|$
|$,3|$ 3|$
|$03|$$3|$
|$43|$(3|$
|$83|$,3|$
|$<3|$03|$
<$3|$43|$ 3|$
3|$83|$$3|$
3|$<3|$(3|$
3<$3|$,3|$
3|$03|$
3|$43|$
3|$83|$
3|$<3|$$
|$ 3|$
3<$3|$(
|$$3|$
|$(3|$
|$,3|$ 3|$
|$03|$$3|$
|$43|$(3|$
|$83|$,3|$
|$<3|$03|$
<$3|$43|$ 3|$
3|$83|$$3|$
3|$<3|$(3|$
3<$3|$,3|$
3|$03|$
3|$43|$
3|$83|$
3|$<3|$$
|$ 3|$
3<$3|$(
|$$3|$
|$(3|$
|$,3|$ 3|$
|$03|$$3|$
|$43|$(3|$
|$83|$,3|$
|$<3|$03|$
k49h(u6
x(9~(t
D$d9D$
|$ 9;u
|$ 9;u
:cpu.u
3ph3hl
PL3P$3Xp3Pt3
3XP3Xx3
3PT3P|3
3HX3x\
HL3H$1
3pP3px3
3PT3P|3
3H`3xd3
HL3H$3xp3Ht1
3hP3hx3
3pT3p|3
3ph3Hl1
3hP3hx3
3XT3X|3
8DOWNu
8DOWNu
L$L9AP
D$,vT2
|$89;u
|$x9;u
|$(9;u
|$(9;u
9us-au
sciit,
9utf-u
8distu
|$ 9;u
|$ 9;u
|$(9;u
|$(9;u
|$ 9;u
|$ 9;u
|$ 9;u
\$#8\$N
D$P9D$`
D$@9D$$u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
:httpu
:httpuN
8domau=f
8httpu%
9noneu5
9striu
;CONNuIf
HTTPu*
;POSTt%
;PATCuN
8chunu
8chunu
9chunu
9chunu
:CONNu
:HEADt\
:DELEu
:SEARuYf
:OPTIuBf
:PROPu%
;chunu
8POSTt%
8PATCu
9idenu>
tityu5
8HEADu
9Traiu}f
9CONNuwf
;HEADut
:HEADt
HEADu$
K 9H t
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$$9;u
|$ 9;u
|$ 9;u
|$09;u
D$P9D$
9trueu
9falsu
L$L9-XyF
\$D9C<
9TRUEt
9Truet
9trueuH1
9FALSu
9Falsu
9falsu
|$P9w$uR
9w$~D
8XMLNu9f
9XMLNu[f
:charu
:inneu|
rxmlus
:XMLNu f
8XMLNu
;xmlnu
:xmlnu
9xmlnu
9utf-t
9UTF-u
|$ 9;u
D$p9D$
D$@9D$
D$H9D$
D$$9D$
D$`9D$
D$D9D$
D$49D$
8TRUEt
8Truet
8trueuA1
8FALSu
8Falsu
8falsu
9TRUEt
9Truet
9trueuA1
9FALSu
9Falsu
9falsu
|$ 9;u
|$(9;u
|$$9;u
|$$9;u
:BEGIu
:COMMu
9ROLLu
BACKtp
8hostt
8krbsu
8sslku
8sslcu
8dbnau
PGGEuyf
PGPOuyf
9utf8t+
8ISO,u
9unixuQ
D$@9D$
8FATAu
8FATAu4
8disau*f
8trueu*
;postu
grest4
\$D9\$4
\$D9\$4
\$D9\$4
,C#n49
\$P9_,
l$T9i$
T$t92sp
B 9Z4s
q,9.vD
B49B0u
B,9B(u
B,9B(u
B,9B(u
|$$9rU
H49H,~
h49h,t
l$@9.u
|$X9;t
l$\9*t
|$\9;u
|$h9;t
|$ 9;u
K 9H uP
K$9H$uH
|$09;u
|$09;u
X09Z0uV
X49Z4uN
X89Z8uF
9nulluA
|$ 9;u
|$ 9;u
|$$9;u
|$$9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$H9;u
:infotV
:debuuP
:errouM
D$ 3D$(
L$,3L$$
D$XvT2
;charu_f
:unixu)
;TRUEt
;Truet
;trueuD
;FALSu
;Falsu
;falsu
9TRUEt
9Truet
9trueuR
9FALSu
9Falsu
9falsu
9TRUEt
9Truet
9trueuR
9FALSu
9Falsu
9falsu
9TRUEt
9Truet
9trueuR
9FALSu
9Falsu
9falsu
9TRUEt
9Truet
9trueuR
9FALSu
9Falsu
9falsu
9TRUEt
9Truet
9trueuR
9FALSu
9Falsu
9falsu
9TRUEt
9Truet
9trueuR
9FALSu
9Falsu
9falsu
9TRUEt
9Truet
9trueuR
9FALSu
9Falsu
9falsu
9TRUEt
9Truet
9trueuR
9FALSu
9Falsu
9falsu
9TRUEt
9Truet
9trueuR
9FALSu
9Falsu
9falsu
9TRUEt
9Truet
9trueuR
9FALSu
9Falsu
9falsu
9TRUEt
9Truet
9trueuR
9FALSu
9Falsu
9falsu
9TRUEt
9Truet
9trueuR
9FALSu
9Falsu
9falsu
X 9Z uq
?9|$0u
:defau'f
D$D9H,~(
D$ 9H,
D$09D$
:<=tJf
:>=tFf
C9XH~-
8windu\f
8fullt
8a+trf
:winduSf
F9qH~$
D$,+D$
9\$huF
L$|um9
D$09D$
D$ 9D$
D$89D$
\$LrVf
X$9Z$uy
X(9Z(uq
|$89;u
|$(9;u
|$$9;u
8httpu>
|$(9;u
D$,9D$
|$ 9;u
|$(9;u
|$ 9;u
|$ 9;u
|$$9;u
|$ 9;u
|$ 9;u
3E$1M
3M,1E(
3M41E0
3M<1E8
:cpu.u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
3ph3hl
PL3P$3Xp3Pt3
3XP3Xx3
3PT3P|3
3HX3x\
HL3H$1
3pP3px3
3PT3P|3
3H`3xd3
HL3H$3xp3Ht1
3hP3hx3
3pT3p|3
3ph3Hl1
3hP3hx3
3XT3X|3
|$ 9;u
|$ 9;u
|$(9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$$9;u
D$,9D$
|$ 9;u
|$D9;u
|$ 9;u
|$ 9;u
|$H9;u
|$ 9;u
|$X9;u
D$09D$
9defauKf
9rfc7uKf
9striu*f
D$h9D$
|$(9;u
9defauBf
9rfc7u?f
9striubf
H 9J u
H$9J$uK
H(9J(uC
H,9J,u;
H 9J u
H 9J u1
H$9J$u)
H(9J(t
|$$9;u
|$(9;u
|$ 9;u
|$L9;u
|$ 9;u
|$ 9;u
|$$9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
8ISO8u
8iso8u4f
9ISO8u
9iso8u4f
8nanoue
8striu+f
8fullu#
8fullu#
D$ 8D$D
:INFOt
:WARNt!
:infou
:DEBUu
:FATAu
:debuu
:errouh
:fatau
:paniuB
:DPANu
:dpanu
9INFOt
9WARNt%
9infou
9DEBUu
9FATAu
9debuu
9erroup
9fatau
9paniuB
9DPANu
9dpanu
|$,9;u
|$D9;u
|$D9;u
|$D9;u
|$T9;u
|$t9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$$9;u
|$$9;u
|$$9;u
|$$9;u
|$l9;u
|$ 9;u
|$h9;u
|$l9;u
|$ 9;u
|$ 9;u
|$(9;u
={8k^wv=M
DmwP=W
wv=g]X
9stdeuXf
9stdoulf
H89J8t
|$\9;u
|$\9;u
|$`9;u
|$\9;u
|$`9;u
|$X9;u
|$\9;u
|$`9;u
|$X9;u
|$`9;u
|$X9;u
|$X9;u
|$`9;u
|$X9;u
|$X9;u
|$`9;u
|$X9;u
|$X9;u
|$`9;u
|$X9;u
|$X9;u
|$`9;u
|$X9;u
|$\9;u
|$`9;u
|$X9;u
|$X9;u
|$`9;u
|$X9;u
|$\9;u
|$`9;u
|$X9;u
|$X9;u
|$`9;u
|$X9;u
|$X9;u
|$`9;u
|$X9;u
|$X9;u
|$`9;u
|$X9;u
|$\9;u
|$`9;u
|$X9;u
|$X9;u
|$`9;u
|$X9;u
|$X9;u
|$`9;u
|$X9;u
|$\9;u
|$`9;u
|$X9;u
|$`9;u
|$X9;u
|$`9;u
|$X9;u
|$X9;u
|$`9;u
|$\9;u
|$\9;u
|$ 9;u
|$\9;u
|$ 9;u
|$ 9;u
|$<9;u
|$ 9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
|$`9;u
:\msyu
:\cygu
:fromt
8mastu
:jsonu[
:colou?
:nocou
;stdeu
|$(9;u
|$T9;u
|$T9;u
|$T9;u
D$D9D$
D$T9D$
9L$8t\
:TRUEt
:Truet
:trueuH1
:FALSu
:Falsu
:falsu
fixeu%f
zigzuO
ag64uF
>packu
>protu
>oneou
>stdtu!f
D$\9D$
D$X9D$
D$X9D$
D$T9D$
:byteu
fixeu#f
fixeu#f
:byteu
fixeu#f
;packu
;protu
:stdtu f
D$,9D$
D$$9D$
D$,9D$
D$,9D$
D$$9D$
D$$9D$
D$(9D$
D$(9D$
D$$9D$
D$$9D$
D$(9D$
D$(9D$
D$$9D$
D$$9D$
D$(9D$
D$(9D$
D$$9D$
D$$9D$
D$(9D$
D$(9D$
D$$9D$
D$$9D$
D$,9D$
D$,9D$
D$$9D$
D$$9D$
D$,9D$
D$,9D$
D$$9D$
D$$9D$
D$(9D$
D$(9D$
D$$9D$
D$$9D$
D$,9D$
D$,9D$
D$$9D$
D$$9D$
D$$9D$
D$$9D$
D$$9D$
D$$9D$
D$$9D$
D$(9D$
D$$9D$
D$(9D$
D$,9D$
D$$9D$
:byteu
fixeu#f
:byteu
fixeu#f
;protu
;stdtu.f
8grouu
D$T9D$
:grouu
D$@9D$8
Hl9Jlu:
Z 9X uy
Z(9X(uq
|$<9;u
9TRUEt
9Truet
9trueuP1
9FALSu
9Falsu
9falsu
|$$9;u
|$T9;u
|$\9;u
D$0+D$
D$0+D$
L$H9L$
|$$9;u
k89k<u
u<+u89u0t
C$9C(u
|$49;u
|$49;u
|$49;u
|$49;u
|$$9;u
|$$9;u
|$ 9;u
D$|9D$
D$P9D$
|$@9;u
|$H9;u
|$$9;u
GCTLt!
9D$<s29
9D$<s29
D$$+D$`
D$$+D$x
T$$9T$
f=2Pw2f=f
f=(Qu;
DanStWE9
X 9Z uG
H8JuB
H 8J u9
H!8J!u0
H"8J"u'
H#8J#u
H$8J$u
H%8J%u
|$,9;u
8.exeu
D$8D$
EFlags
Layout
String
format
offset
extend
lookup
Before
Format
IsZero
Minute
Second
addSec
locabs
setLoc
recent
bisect
GetIds
Number
fields
Fields
BitLen
DivMod
Uint64
Values
stream
delete
signal
Errorf
Select
Server
Unlock
unique
Offset
Fatalf
zoneV6
*[]int
maxLen
writer
reader
frames
Delete
Length
Remove
Unwrap
ReadAt
pwrite
Signal
handle
status
rusage
Exited
exited
NewGCM
NewCTR
cipher
refill
update
Int31n
Int63n
Uint32
int31n
closed
Output
Panicf
Prefix
Printf
Writer
output
prefix
Family
ZoneId
Thread
Handle
HEvent
Linger
Target
Weight
SecNum
Relocs
closer
Uint16
finder
oldnew
HasTLS
HasIAT
HasCLR
Logger
Header
logger
Digest
errors
unpack
shared
noCopy
victim
misses
doSlow
*error
*uint8
*int16
*int32
*int64
unsafe
opaque
nfiles
ptrbit
gcdata
etypes
rodata
gofunc
funcID
pcfile
signed
goexit
insert
remove
noscan
npages
nelems
divMul
inList
isFree
layout
chunks
allocN
adjust
siftUp
unlock
verify
astate
isChan
period
modify
trace1
qcount
ticket
parent
tryGet
mcache
pcache
palloc
timers
cycles
lenPos
varint
thread
divmod
procid
vdsoSP
vdsoPC
_panic
_defer
labels
counts
inHeap
ensure
scalar
fileID
active
argLen
parked
header
bucket
isDone
nextPC
retPop
abiMap
result
string
Common
GetGte
GetLte
GetLen
GetUri
GetAny
GetMap
GetUrl
GetRef
GetAsc
Append
Parent
ByName
Syntax
ByPath
IsWeak
Oneofs
IsList
MapKey
Source
Lookup
mustBe
CanInt
CanSet
Method
SetCap
SetInt
SetLen
Slice3
CanSeq
NumOut
common
stkOff
append
addArg
method
byName
maxWid
accept
doScan
notEOF
okVerb
fmtSbx
sharpV
intbuf
domain
client
Reader
Writer
Buffer
setErr
Struct
Buffer
quoted
encode
endTop
object
opcode
Decode
Encode
values
Status
Quoted
Domain
MaxAge
Secure
Cancel
Cookie
server
scheme
sawEOF
cancel
finish
Accept
Reason
Closer
length
Locker
Driver
driver
curIdx
hitEOF
rawbuf
Commit
addDep
execDC
pingDC
tagged
Scheme
Opaque
SetErr
Result
SetBit
Dialer
search
config
random
Schema
Enable
Detail
GetRow
source
andNot
bitLen
isPow2
setBit
sticky
Antivirus Signature
Bkav W32.AIDetectMalware
Lionic Trojan.Win32.WinGo.4!c
Elastic malicious (high confidence)
ClamAV Clean
CMC Clean
CAT-QuickHeal Clean
Skyhigh Artemis
ALYac Clean
Cylance Clean
Zillya Clean
Sangfor Trojan.Win32.Agent.Vw0j
CrowdStrike Clean
Alibaba Clean
K7GW Clean
K7AntiVirus Clean
huorong Trojan/Injector.bxj
Baidu Clean
Paloalto generic.ml
Symantec ML.Attribute.HighConfidence
tehtris Clean
ESET-NOD32 a variant of WinGo/TrojanDropper.Agent.EK
APEX Clean
Avast Win32:Evo-gen [Trj]
Cynet Clean
Kaspersky UDS:Trojan-PSW.Win32.Lumma.dbp
BitDefender Clean
NANO-Antivirus Clean
ViRobot Clean
MicroWorld-eScan Clean
Tencent Clean
Sophos Troj/Inject-JQY
F-Secure Trojan.TR/Redcap.uquob
DrWeb Clean
VIPRE Clean
TrendMicro TrojanSpy.Win32.LUMMASTEALER.YXEJPZ
McAfeeD ti!92694FDB2BC3
Trapmine suspicious.low.ml.score
CTX exe.trojan.wingo
Emsisoft Clean
Ikarus Trojan-Dropper.WinGo.Agent
FireEye Clean
Jiangmin Clean
Webroot Clean
Varist W32/ABRisk.XJNR-8840
Avira TR/Redcap.uquob
Fortinet W32/Agent.EK!tr
Antiy-AVL GrayWare/Win32.Puwaders
Kingsoft Clean
Gridinsoft Clean
Xcitium Clean
Arcabit Clean
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft Trojan:Win32/Wacatac.B!ml
Google Detected
AhnLab-V3 Infostealer/Win.LummaC2.C5661468
Acronis Clean
McAfee Artemis!8B938C2FC147
TACHYON Clean
VBA32 Clean
Malwarebytes PUP.Optional.OneSafePCCleaner
Panda Clean
Zoner Clean
TrendMicro-HouseCall TrojanSpy.Win32.LUMMASTEALER.YXEJPZ
Rising Clean
Yandex Clean
SentinelOne Static AI - Suspicious PE
MaxSecure Clean
GData Clean
AVG Win32:Evo-gen [Trj]
DeepInstinct MALICIOUS
alibabacloud Trojan[dropper]:Multi/Puwaders.C9nj
No IRMA results available.