popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2019-08-01 19:29:46

PE Imphash

5014d12ccdf1d5f304fcc7fa38207338

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x0002dfee 0x0002e000 7.30240714098
.data 0x0002f000 0x007e03d0 0x00008800 0.908968262034
.vafuni 0x00810000 0x00000272 0x00000400 0.0
.rolobe 0x00811000 0x00000017 0x00000200 0.0
.huho 0x00812000 0x00000006 0x00000200 0.0
.zokesu 0x00813000 0x000003c3 0x00000400 0.0
.rsrc 0x00814000 0x00029488 0x00029600 5.52425501083

Resources

Name Offset Size Language Sub-language File type
RT_CURSOR 0x0083bf18 0x000000b0 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_CURSOR 0x0083bf18 0x000000b0 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_CURSOR 0x0083bf18 0x000000b0 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_CURSOR 0x0083bf18 0x000000b0 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_CURSOR 0x0083bf18 0x000000b0 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_CURSOR 0x0083bf18 0x000000b0 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_CURSOR 0x0083bf18 0x000000b0 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x008379d8 0x00000468 LANG_GEORGIAN SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x008379d8 0x00000468 LANG_GEORGIAN SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x008379d8 0x00000468 LANG_GEORGIAN SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x008379d8 0x00000468 LANG_GEORGIAN SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x008379d8 0x00000468 LANG_GEORGIAN SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x008379d8 0x00000468 LANG_GEORGIAN SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x008379d8 0x00000468 LANG_GEORGIAN SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x008379d8 0x00000468 LANG_GEORGIAN SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x008379d8 0x00000468 LANG_GEORGIAN SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x008379d8 0x00000468 LANG_GEORGIAN SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x008379d8 0x00000468 LANG_GEORGIAN SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x008379d8 0x00000468 LANG_GEORGIAN SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x008379d8 0x00000468 LANG_GEORGIAN SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x008379d8 0x00000468 LANG_GEORGIAN SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x008379d8 0x00000468 LANG_GEORGIAN SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x008379d8 0x00000468 LANG_GEORGIAN SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x008379d8 0x00000468 LANG_GEORGIAN SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x008379d8 0x00000468 LANG_GEORGIAN SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x008379d8 0x00000468 LANG_GEORGIAN SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x008379d8 0x00000468 LANG_GEORGIAN SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x008379d8 0x00000468 LANG_GEORGIAN SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x008379d8 0x00000468 LANG_GEORGIAN SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x008379d8 0x00000468 LANG_GEORGIAN SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x008379d8 0x00000468 LANG_GEORGIAN SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x008379d8 0x00000468 LANG_GEORGIAN SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x008379d8 0x00000468 LANG_GEORGIAN SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x008379d8 0x00000468 LANG_GEORGIAN SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x008379d8 0x00000468 LANG_GEORGIAN SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x008379d8 0x00000468 LANG_GEORGIAN SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x008379d8 0x00000468 LANG_GEORGIAN SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x008379d8 0x00000468 LANG_GEORGIAN SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x008379d8 0x00000468 LANG_GEORGIAN SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x008379d8 0x00000468 LANG_GEORGIAN SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x008379d8 0x00000468 LANG_GEORGIAN SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x008379d8 0x00000468 LANG_GEORGIAN SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x008379d8 0x00000468 LANG_GEORGIAN SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x008379d8 0x00000468 LANG_GEORGIAN SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x008379d8 0x00000468 LANG_GEORGIAN SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x008379d8 0x00000468 LANG_GEORGIAN SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x008379d8 0x00000468 LANG_GEORGIAN SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x008379d8 0x00000468 LANG_GEORGIAN SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_ICON 0x008379d8 0x00000468 LANG_GEORGIAN SUBLANG_DEFAULT GLS_BINARY_LSB_FIRST
RT_STRING 0x0083d400 0x00000086 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_STRING 0x0083d400 0x00000086 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_STRING 0x0083d400 0x00000086 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_STRING 0x0083d400 0x00000086 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_STRING 0x0083d400 0x00000086 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_STRING 0x0083d400 0x00000086 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_GROUP_CURSOR 0x0083bfc8 0x00000022 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_GROUP_CURSOR 0x0083bfc8 0x00000022 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_GROUP_CURSOR 0x0083bfc8 0x00000022 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_GROUP_ICON 0x00837e40 0x00000076 LANG_GEORGIAN SUBLANG_DEFAULT data
RT_GROUP_ICON 0x00837e40 0x00000076 LANG_GEORGIAN SUBLANG_DEFAULT data
RT_GROUP_ICON 0x00837e40 0x00000076 LANG_GEORGIAN SUBLANG_DEFAULT data
RT_GROUP_ICON 0x00837e40 0x00000076 LANG_GEORGIAN SUBLANG_DEFAULT data
RT_GROUP_ICON 0x00837e40 0x00000076 LANG_GEORGIAN SUBLANG_DEFAULT data
RT_GROUP_ICON 0x00837e40 0x00000076 LANG_GEORGIAN SUBLANG_DEFAULT data
RT_VERSION 0x0083bff0 0x0000019c LANG_NEUTRAL SUBLANG_NEUTRAL data

Imports

Library KERNEL32.dll:
0x401018 SetEndOfFile
0x40101c FindResourceExW
0x401020 HeapAlloc
0x401028 GetCurrentProcess
0x40102c WaitForSingleObject
0x401030 SetEvent
0x401034 GetModuleHandleW
0x401038 GetConsoleTitleA
0x40103c WriteFile
0x401040 GlobalAlloc
0x401044 Sleep
0x401048 FreeConsole
0x40104c ReadProcessMemory
0x401050 GetFileAttributesA
0x401054 lstrcpynW
0x401058 GetCPInfo
0x40105c SetSystemPowerState
0x401060 ReadFile
0x401064 SetConsoleTitleA
0x401068 BuildCommDCBW
0x40106c ResetEvent
0x401070 LocalAlloc
0x401074 OpenEventA
0x40107c GetOEMCP
0x401080 GetModuleHandleA
0x401084 CreateMutexA
0x40108c VirtualProtect
0x401090 ReleaseMutex
0x401094 SetFileShortNameA
0x40109c DeleteFileA
0x4010a0 CommConfigDialogA
0x4010a8 CreateFileA
0x4010ac LocalReAlloc
0x4010b0 PulseEvent
0x4010cc GetLastError
0x4010d0 HeapFree
0x4010d4 TerminateProcess
0x4010e0 IsDebuggerPresent
0x4010e4 GetCommandLineA
0x4010e8 GetStartupInfoA
0x4010ec RtlUnwind
0x4010f0 RaiseException
0x4010f4 LCMapStringA
0x4010f8 WideCharToMultiByte
0x4010fc MultiByteToWideChar
0x401100 LCMapStringW
0x401104 HeapCreate
0x401108 VirtualFree
0x40110c VirtualAlloc
0x401110 HeapReAlloc
0x401114 GetProcAddress
0x401118 TlsGetValue
0x40111c TlsAlloc
0x401120 TlsSetValue
0x401124 TlsFree
0x401128 SetLastError
0x40112c GetCurrentThreadId
0x401130 ExitProcess
0x401134 GetStdHandle
0x401138 GetModuleFileNameA
0x40114c SetHandleCount
0x401150 GetFileType
0x401158 GetTickCount
0x40115c GetCurrentProcessId
0x401164 HeapSize
0x401168 GetACP
0x40116c IsValidCodePage
0x401170 GetUserDefaultLCID
0x401174 GetLocaleInfoA
0x401178 EnumSystemLocalesA
0x40117c IsValidLocale
0x401180 GetStringTypeA
0x401184 GetStringTypeW
0x401188 SetFilePointer
0x40118c GetConsoleCP
0x401190 GetConsoleMode
0x401198 LoadLibraryA
0x40119c GetLocaleInfoW
0x4011a0 SetStdHandle
0x4011a4 WriteConsoleA
0x4011a8 GetConsoleOutputCP
0x4011ac WriteConsoleW
0x4011b0 FlushFileBuffers
0x4011b4 CloseHandle
Library ADVAPI32.dll:
0x401004 BackupEventLogA
0x401008 AdjustTokenGroups
0x40100c MapGenericMask
!This program cannot be run in DOS mode.
`.data
.vafuni
.rolobe
@.huho
.zokesu
@.rsrc
bad allocation
string too long
invalid string position
Unknown exception
LC_TIME
LC_NUMERIC
LC_MONETARY
LC_CTYPE
LC_COLLATE
LC_ALL
 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
 !"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~
(null)
`h````
xpxxxx
EncodePointer
DecodePointer
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
CorExitProcess
runtime error
TLOSS error
SING error
DOMAIN error
An application has made an attempt to load the C runtime library incorrectly.
Please contact the application's support team for more information.
- Attempt to use MSIL code from this assembly during native code initialization
This indicates a bug in your application. It is most likely the result of calling an MSIL-compiled (/clr) function from a native constructor or from DllMain.
- not enough space for locale information
- Attempt to initialize the CRT more than once.
This indicates a bug in your application.
- CRT not initialized
- unable to initialize heap
- not enough space for lowio initialization
- not enough space for stdio initialization
- pure virtual function call
- not enough space for _onexit/atexit table
- unable to open console device
- unexpected heap error
- unexpected multithread lock error
- not enough space for thread data
This application has requested the Runtime to terminate it in an unusual way.
Please contact the application's support team for more information.
- not enough space for environment
- not enough space for arguments
- floating point support not loaded
Microsoft Visual C++ Runtime Library
<program name unknown>
Runtime Error!
Program:
bad exception
HH:mm:ss
dddd, MMMM dd, yyyy
MM/dd/yy
December
November
October
September
August
February
January
Saturday
Friday
Thursday
Wednesday
Tuesday
Monday
Sunday
united-states
united-kingdom
trinidad & tobago
south-korea
south-africa
south korea
south africa
slovak
puerto-rico
pr-china
pr china
new-zealand
hong-kong
holland
great britain
england
britain
america
swedish-finland
spanish-venezuela
spanish-uruguay
spanish-puerto rico
spanish-peru
spanish-paraguay
spanish-panama
spanish-nicaragua
spanish-modern
spanish-mexican
spanish-honduras
spanish-guatemala
spanish-el salvador
spanish-ecuador
spanish-dominican republic
spanish-costa rica
spanish-colombia
spanish-chile
spanish-bolivia
spanish-argentina
portuguese-brazilian
norwegian-nynorsk
norwegian-bokmal
norwegian
italian-swiss
irish-english
german-swiss
german-luxembourg
german-lichtenstein
german-austrian
french-swiss
french-luxembourg
french-canadian
french-belgian
english-usa
english-us
english-uk
english-trinidad y tobago
english-south africa
english-nz
english-jamaica
english-ire
english-caribbean
english-can
english-belize
english-aus
english-american
dutch-belgian
chinese-traditional
chinese-singapore
chinese-simplified
chinese-hongkong
chinese
canadian
belgian
australian
american-english
american english
american
Norwegian-Nynorsk
`h`hhh
xppwpp
_nextafter
_hypot
Complete Object Locator'
Class Hierarchy Descriptor'
Base Class Array'
Base Class Descriptor at (
Type Descriptor'
`local static thread guard'
`managed vector copy constructor iterator'
`vector vbase copy constructor iterator'
`vector copy constructor iterator'
`dynamic atexit destructor for '
`dynamic initializer for '
`eh vector vbase copy constructor iterator'
`eh vector copy constructor iterator'
`managed vector destructor iterator'
`managed vector constructor iterator'
`placement delete[] closure'
`placement delete closure'
`omni callsig'
delete[]
new[]
`local vftable constructor closure'
`local vftable'
`udt returning'
`copy constructor closure'
`eh vector vbase constructor iterator'
`eh vector destructor iterator'
`eh vector constructor iterator'
`virtual displacement map'
`vector vbase constructor iterator'
`vector destructor iterator'
`vector constructor iterator'
`scalar deleting destructor'
`default constructor closure'
`vector deleting destructor'
`vbase destructor'
`string'
`local static guard'
`typeof'
`vcall'
`vbtable'
`vftable'
operator
delete
__unaligned
__restrict
__ptr64
__clrcall
__fastcall
__thiscall
__stdcall
__pascal
__cdecl
__based(
GetProcessWindowStation
GetUserObjectInformationA
GetLastActivePopup
GetActiveWindow
MessageBoxA
USER32.DLL
SunMonTueWedThuFriSat
JanFebMarAprMayJunJulAugSepOctNovDec
GAIsProcessorFeaturePresent
KERNEL32
CONOUT$
1#QNAN
1#SNAN
bad allocation
kernel32.dll
kernel32.dll
VebtualProtect
VirtualProtect
%s %f %c
ios_base::badbit set
ios_base::failbit set
ios_base::eofbit set
bad cast
j0ht7@
0WWWWW
0WWWWW
QQSVWd
t"SS9]
HHtXHHt
>If90t
0SSSSS
tNIt?It0It
>=Yt1j
j@j ^V
HtHu4j
s[S;7|G;w
tR99u2
C PjPV
C$PjQV
C*PjTV
C+PjUV
C,PjVV
C-PjWV
C.PjRV
C/PjSV
0A@@Ju
0SSSSS
PPPPPPPP
0SSSSS
PPPPPPPP
t+WWVPV
^SSSSS
j"^SSSSS
URPQQh
;t$,v-
UQPXY]Y[
^SSSSS
^SSSSS
u,VVWV
t VV9u
_VVVVV
^WWWWW
0SSSSS
_VVVVV
<+t(<-t$:
+t HHt
\aUj.O
GPdL- bfk
Hl'^Zx
9wN_ 9
zO7q:
sQ;]`O}
hsoA=
7jx$k
dIt~?9
JJvjO;d
~RaTJTsc
lZ)pb8
)apI!nf^
5Hl`hh
.9h'm9{
!D<t.c1
1L$B#a
B<3}fo
c>1A:<P&
9n-1]|
pr8qh\
<kvg5:Y
v@q):!
(-{w|?
0w6J8L
R g!m9
PHqN,+v
3Uoe6O
fH09b+
!K_VSP
4tvA62zK
7ATd+h
5sVY/}
rz~Z`g8
80(8dWv`
2{J<d9
h8Mp8m
-SU[=
[){\ qw
LLV\
1#/Qov
ncDb`Oo
2<Mo"L
WoV8Yv
Is;Am8
t"I6KMN@
<=$=7<
k*`dv[t|
[`:F?H
i|cd1B
jdRyl4
'eaMi8w"
\CQ}]D
<Y.]<^'
{p"Pzai
MtjGh_X
5J#`'df
W`&TM%`,nq
7nZu.~9
Uf_lO.|&
~Ns@U!
Pe[P|5
W@P\e;
qFrF/r
w<P;T:
9lmo%b^
MjtyJ4R
@J\rAkJ
CtU!3vO
gj,Jzf
a"LF?<'
oihd@%4
[U>X?o
M*X'p5fK
Dftr3*K
:eg<qJd
EO0BG-
x&NYY8
O*hxN<?
4!uLf{
&"#)9$K
l7]2|1
<sJW}`
US^(sT
b\1)S{c
7?4Fhq
[!nx+h
J!p`KJ
q1t-sI
q]9C+J
D[5(AE
u4lQ`CYU6
WxEnG)
eO|ZcAK<
8kt9"g
.KVwLY
c=S#O
:[h+q_MA
h,zY~
XAcx27-D
&Rg?ii
}cS;TM
O"rD~#\
PulseEvent
CreateFileA
TryEnterCriticalSection
CommConfigDialogA
GetCPInfo
SetEndOfFile
FindResourceExW
HeapAlloc
FindActCtxSectionGuid
GetCurrentProcess
WaitForSingleObject
SetEvent
GetModuleHandleW
GetConsoleTitleA
WriteFile
GlobalAlloc
FreeConsole
ReadProcessMemory
GetFileAttributesA
lstrcpynW
LocalReAlloc
SetSystemPowerState
ReadFile
SetConsoleTitleA
BuildCommDCBW
ResetEvent
LocalAlloc
OpenEventA
WaitForMultipleObjects
GetOEMCP
GetModuleHandleA
CreateMutexA
GetPrivateProfileSectionA
VirtualProtect
ReleaseMutex
SetFileShortNameA
FindActCtxSectionStringW
DeleteFileA
KERNEL32.dll
MapGenericMask
AdjustTokenGroups
BackupEventLogA
AreAnyAccessesGranted
AdjustTokenPrivileges
ADVAPI32.dll
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
HeapFree
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetStartupInfoA
RtlUnwind
RaiseException
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapSize
GetACP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
SetFilePointer
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
CloseHandle
.?AV_Locimp@locale@std@@
.?AVlogic_error@std@@
.?AVlength_error@std@@
.?AVout_of_range@std@@
Copyright (c) 1992-2004 by P.J. Plauger, licensed by Dinkumware, Ltd. ALL RIGHTS RESERVED.
.?AVtype_info@@
.?AVbad_exception@std@@
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
.?AV?$ctype@D@std@@
.?AUctype_base@std@@
.?AVfacet@locale@std@@
.?AV?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@
.?AV?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@
.?AV?$basic_iostream@DU?$char_traits@D@std@@@std@@
.?AV?$basic_ostream@DU?$char_traits@D@std@@@std@@
.?AV?$basic_istream@DU?$char_traits@D@std@@@std@@
.?AV?$basic_streambuf@DU?$char_traits@D@std@@@std@@
.?AV?$basic_ios@DU?$char_traits@D@std@@@std@@
.?AV?$_Iosb@H@std@@
.?AVios_base@std@@
.?AVruntime_error@std@@
.?AVexception@std@@
.?AVfailure@ios_base@std@@
.?AVbad_cast@std@@
.?AVbad_alloc@std@@
jj$j"$$jj
oFoI\,
FDDF`{4
q{y!jih
plo7chg
=5;(hbd
.9=)}vy
~zz|z^
O9"_|y
K8am=(
*$ @B27Qmlp8*
rnn;#34N>mbUlqnnl9
pp{:#:cdddmhedgnl7
eWx<7QlmTfoldhhs<*
WSeQQmhmeVSmqpsY6
SSddedodpt}tw
aVepWnar
dmkafnt]9(-
odmfka<'
umdm>7C
A.4lf@
u|D#23;FdHs7
Iw^:qK{
'46na+-
4IJpw_j
*>Kbye^
5+Sm`e
=:_a-){
HNb4#$
qDEpv*'
S_WM,
U^t~n^(&<.
SYGJ:EVRQ
.CVhttsyw~sroKAX
wtna:JMabou
}q_/4PU]
YS135_v
C1Mg5n
lH><>CH78O;N
vV@9H`uu}}~
a<7fy|
|oatnoiM(
i_N1/2/3//14|
SVHFQ>]
u_K=<5<1/LM/f|:
53<7d_`Vfe_95C
tfJ^5@?;7ELgwue>45
YV}wn><;Uk
HA<Eo}n71?!%
kB8rtV[
*RYlljhR
ANJ!1Cp
>.ISZS/78>
p5NM`bWVb][R1p>JU>
q/O6qsrxsvrI.L
\@Dtx J^8
ga6"-N^GPN
.]WcVMQ7
[5.MI?!*q) #f>
;?$4NUSWSO-2"
$7`ZPT7GXKO,
w7_J61r}
wDBDH1Gtn
/Ogfij9<
xbRPh;q
Io=8%(*,>
B0Sk|l+Kw`[Q
U~^{X6L]HF
pC5:)'MtZ
-#&324$1
)sEuvl
(tD@GHy
*8?<BFCj
61;AIn&
5=:>r-
/%0972
$"#3+'
:AC>7
/8GEIJF3
whl;zzgVu|w
mpwOsvz
h|z~ulg
{pl?v=
{{qUqsw
,tyv}u
A Se?;
0LtUC}
~)1^jKB
.d_0 }
1eeee1
aWzQQQ
=b'hhh
bbbheeqqqqq`
>qzzzQ
WWWWWWWWWWWWWWWWWWWWW
'a>WWWWWWWWWWWWWWWWW1
'b'''''
bbbb''
____LLL____
dddkdd
kkkkkkkd
zzzzQz
zzzzzz
f------------------
-63ppppppppppppp---3
p----p---6p-
-ap----p---6p---6pa-f
-ap----p----p----pa-
-appppppppppppppppa-f
6-p---
-6p----p-
-6p----p----p----p6-
-6pppppppppppppppp6-f
-6p----p----p---
p----p----p---6p6-f
p----p----p----p
apppppppppppppp
666666a6aaaa
IIIIIIIIIIIIII
I|WWWWWWW||||I
6?6??6??????aa?66
$qqqqqqqqqqq
INNNNNNNNNNI
N>>;;;>>>N
NNNNNNNNNN
qqqqqqqqqqqqqq
`````}}}}}}}}}``````}NNNNNNNNN}`````}
}`````}
}`````}
}`````}
}`````}
}`````}
}`````}
}`````}
}`````}
+++++++N}`````}N+ggggg+
}`````}
+N}`````}N+++++++N}`````}NNNNNNNNN}``````}}}}}}}}}``
kllTmjj
kljfhmk
jkheknk
nijTmlg
STRoyzz
QQQqpvs
ijjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjji
5...2<
SOFF?0.
]YSQFF?0.
94bc][SSGF?0.
.8be`[VQOF?0.
.8be`]YSOF?0.
.8bec]YSQG?0.
.8bgc][SQO?0.
.8bge`[VQO?0.
.8bge`]YSQ?0.
.8bgec]YSQ?1.
kkkkkkkkk$""""""!""""
.8bggc][VQC1.
.8bgge]]VSC1.
~~~{{{wwuurroo-+**&
.8bgge`]VSD1.
~~|{{wwwuurroo-**&&
.8bggg`]YSL0.
~~|{{{wwurrpo--+**&
.8bgggc][SN0.
~~~{{{wwwuurooo-**&&
.8bggge`[VN6.
~~~{{{{wuurrpo--**&&
.8bggge`[VP0.
~|~{w{wuuuroo--**&&
.8bgggec][L..
.8bggggcX4.
.8bgggb8.
.8bgb8.
_XSJC5
5Mp^[SJ;5
5Brg[VSC5
5Msf_VS;5
5Brl^[SF5
5MsldXU;5
Bsnf_UF
*)))$#""
1Msng^X;2
~~zz-,,
2Bsrgd\G2
~~|zz-,&
2Mson^_@
~|zyy,&
2Brrng_H0
ww**)))$#""
2MsonlL0
SSSSSSSSSSSSSSSSSS
SyyyyyyxyxxxxxxxxxxS
SyyyxxxxtxtxtttsstxS
SyyyxxxxxxttvtvtttxS
SyyyyxxxxtxxvxtvttxS
SzyyyytnxxvxvvvvvtxS
Szzyyyn
%0sxvxtvtxS
Szzzyyy
pp9)txvvxtxS
Szzzzzy,rl72%txvxvxS
Szzzzzy1:G?83%txvxxS
Szzzzzzx&HKA84%txvxS
Szzzzzzzx&HNC=3%txyS
Szzzzzzzzw%HPC?3%tyS
Seeeeeeccc_&HRG@4%^
HRJ@6"
jihhf][YX!
#HRNC6"
jjihhf][YX!
#HRNG;)
"HRNL-
************
///-----*-*-
///-/--*-*--
////------*-
00000/
0000000
(''%"
iiiiii
iiiiii
iiiiiiiiiiii
iiiiiiiiii
iiiiii
iiiiiiiii
iiiiiiiiiiiii
iiiiiiii

((((( H
h(((( H
H
(null)
KERNEL32.DLL
mscoree.dll
kernel32.dll
@jjjjj
@jjjjj
@jjjjjj
@jjjjjjj
/ P6pL
,/KPip
/-P?pR
/ P6pL
,/KPip
/-P?pR
VS_VERSION_INFO
StringFileInform
080404b1
FileVersion
1.2.58
InternalName
snagbos.exe
Copyright
Copyrighd (C) 2020, humk
VarFileInfo
TranslationUsi
"Xadusakevec hevobabizevuge bakozel
Gakowile zokegafaLSuwisufoyuric tudawu gahekimeviyema penejijer nokiwaha cimameka mesokuluviru&Dalacohohuzac dekuwero kohamuyotaginaz
;Xefe lusaweviyo cutigisusubanux fesewijalonunoz wuxahoginuxIVunale yeyusur xuyem sijet ponehum wasopija vokitukod pel wilokisi nikeka
Yufe fomefukiwivay#Zewalezajakanoy pekuhoperudel wuyal!Nutigovivede somukopahuyaha picuy(Tacocoxezux kovusozomorop popimecoyu sij2Ripe loxica yotucene cebiheposovidej vehejacibehog
Pijena
bMabiyul rahede gozofeyaworaj zejit wafisepuweho budige vuxabegem xutefubixecu nibafarubufetiz xusitDanoxuser puvipenekalovuh folovemija yurije zakecekemolusa xomelucenoreb wuduzoti fusitu caxiyujekozepo faneganepuli
8Jerod nux vunet sehabarofofum ricocuwew tafe takoladogor
Gonebanozuze coporicit
Focidihasotu fobudYVoricox yomawazucebi jolosuco zujuh ruhaliv rovopavoxinofo gugepuc cigam xibipet puduvafaRZofadukazel titicifaxomapor kivanif nacadalahisocu majijulu vufezafon vemuwukocokiFMuwikot vuhigo zako vin huhofohafupexoz kixu joyipup ruwapokag lupasuydYimikebuwifozax linimuwibonu raweralikonosa civo dopilogodiguw sitozodoyade loyafifuloz sodacucoluke`Kuyejonagogok yakiwoc jahekipadinos pad vojar xuyer tupexu sulecabasic wokusoditilib vibegupisokWZudoninud yipicima tugulubid rekewowariyoj siromexumule becuriwukudibu fogi revabo xore6Visetoyuzifagaw sucisonoga gapivowifabej bupivukub puveTadupugemip pabumetiza mojagicizi raca vutiretamohirok sam potapemateman vezejimepisi notufujinemowosHSukininiwozov heyusobud cewomanu javotud sazifobipe rejakajubug pimalufo
"Pexidipufut hizifow feludicuduxipo!Cozix bid bojuyigeb nupevey yifodJRifuhiluzav vayojoce bufo bokubic sojecuyiheji taxavehawenut koluzi ramori
OTizebetovag yejonolagob fofezaz pufoliles ret cunufesemavigu suv cegacogo rujuk
&Catakaparo fidapatoxa suhoketuwo fahirPWifosa fihuyuyi xudexesotuhibij yigi zugarasuluja dejetal napezumowomeba cacewuzVCed zezufucoxuleyu nonamuge hitazam mozixibay tizo wadovizimo cegu reginahiburav mitemJVetifuvobuyoga gozavuronobiley duyeliyatihu badupabiba liwicaneduhomi rago
Lag xiyuwapokapunol`Podu suhexih huhabumonez jebohanon jamovikiri kawujire pulekafi nijalavojosuxu tafolemoveb nuvij
"Rokaxec hezadunaxat vibowocigasihoWBadererewa xaveseyuvuyo xasihovip nocezuteki zigozehiri xizocilef sogirob wikijotuvahak
Zewi/Miraze gojagucazoto jarucebegoceguc lelifetadow
Antivirus Signature
Bkav W32.AIDetectMalware
Lionic Hacktool.Win32.Shellcode.3!c
Elastic malicious (high confidence)
ClamAV Win.Dropper.Glupteba-9770987-0
CMC Clean
CAT-QuickHeal Ransom.Stop.P5
Skyhigh BehavesLike.Win32.Corrupt.fh
ALYac Trojan.GenericKDZ.70316
Cylance Unsafe
Zillya Trojan.Kryptik.Win32.2844128
Sangfor Trojan.Win32.Save.a
CrowdStrike win/malicious_confidence_100% (W)
Alibaba Trojan:Win32/Azorult.943db140
K7GW Trojan ( 0056fa4e1 )
K7AntiVirus Trojan ( 0056fa4e1 )
huorong Clean
Baidu Clean
VirIT Clean
Paloalto generic.ml
Symantec ML.Attribute.HighConfidence
tehtris Generic.Malware
ESET-NOD32 a variant of Win32/Kryptik.HGJC
APEX Malicious
Avast Win32:TrojanX-gen [Trj]
Cynet Malicious (score: 100)
Kaspersky HEUR:Exploit.Win32.Shellcode.gen
BitDefender Trojan.GenericKDZ.70316
NANO-Antivirus Trojan.Win32.AntiAV.hynjhz
ViRobot Clean
MicroWorld-eScan Trojan.GenericKDZ.70316
Tencent Win32.Trojan.Antiav.Timw
Sophos Mal/Generic-S
F-Secure Heuristic.HEUR/AGEN.1311789
DrWeb Trojan.DownLoader34.49967
VIPRE Trojan.GenericKDZ.70316
TrendMicro Clean
McAfeeD Real Protect-LS!FA3F3956695F
Trapmine suspicious.low.ml.score
CTX exe.trojan.antiav
Emsisoft Trojan.GenericKDZ.70316 (B)
Ikarus Trojan-Spy.MSIL.Agent
FireEye Generic.mg.fa3f3956695fa1ff
Jiangmin NetTool.TorTool.gv
Webroot W32.Adware.Gen
Varist W32/Kryptik.CAM.gen!Eldorado
Avira HEUR/AGEN.1311789
Fortinet W32/Kryptik.HGGP!tr
Antiy-AVL Trojan/Win32.AntiAV
Kingsoft malware.kb.a.1000
Gridinsoft Trojan.Heur!.02014021
Xcitium Clean
Arcabit Trojan.Generic.D112AC
SUPERAntiSpyware Clean
ZoneAlarm HEUR:Exploit.Win32.Shellcode.gen
Microsoft Trojan:Win32/Azorult.SK!MSR
Google Detected
AhnLab-V3 Trojan/Win32.MalPe.R352088
Acronis Clean
McAfee Lockbit-GCZ!FA3F3956695F
TACHYON Clean
VBA32 Exploit.Shellcode
Malwarebytes Trojan.MalPack.GS
Panda Trj/GdSda.A
Zoner Clean
TrendMicro-HouseCall Clean
Rising Trojan.Kryptik!1.CC8E (CLASSIC)
Yandex Trojan.AntiAV!MEBDccn6UDQ
SentinelOne Static AI - Malicious PE
MaxSecure Clean
GData Trojan.GenericKDZ.70316
AVG Win32:TrojanX-gen [Trj]
DeepInstinct MALICIOUS
alibabacloud RansomWare:Win/Stop
No IRMA results available.