popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2024-10-16 17:45:23

PE Imphash

e16254f44ddd98c690f5ad4d0a981e4a

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x00021398 0x00021400 6.30479461053
.data 0x00023000 0x00000170 0x00000200 1.29731484099
.rdata 0x00024000 0x00010900 0x00010a00 7.26954475607
.eh_fram 0x00035000 0x00000004 0x00000200 0.0
.pdata 0x00036000 0x00000cd8 0x00000e00 4.88306147987
.xdata 0x00037000 0x00000dbc 0x00000e00 4.53920711867
.bss 0x00038000 0x00015e20 0x00000000 0.0
.idata 0x0004e000 0x00000900 0x00000a00 3.98834019281
.CRT 0x0004f000 0x00000068 0x00000200 0.364615003735
.tls 0x00050000 0x00000010 0x00000200 0.0
.reloc 0x00051000 0x00000158 0x00000200 3.8195581267

Imports

Library KERNEL32.dll:
0x14004e24c DeleteCriticalSection
0x14004e254 EnterCriticalSection
0x14004e25c FreeLibrary
0x14004e264 GetLastError
0x14004e26c GetModuleHandleA
0x14004e274 GetProcAddress
0x14004e27c GetStartupInfoA
0x14004e28c IsDBCSLeadByteEx
0x14004e294 LeaveCriticalSection
0x14004e29c LoadLibraryA
0x14004e2a4 MultiByteToWideChar
0x14004e2b4 Sleep
0x14004e2bc TlsGetValue
0x14004e2c4 VirtualAlloc
0x14004e2cc VirtualFree
0x14004e2d4 VirtualProtect
0x14004e2dc VirtualQuery
0x14004e2e4 WideCharToMultiByte
Library msvcrt.dll:
0x14004e2f4 __C_specific_handler
0x14004e2fc ___lc_codepage_func
0x14004e304 ___mb_cur_max_func
0x14004e30c __getmainargs
0x14004e314 __initenv
0x14004e31c __iob_func
0x14004e324 __lconv_init
0x14004e32c __set_app_type
0x14004e334 __setusermatherr
0x14004e33c _acmdln
0x14004e344 _amsg_exit
0x14004e34c _cexit
0x14004e354 _commode
0x14004e35c _errno
0x14004e364 _fileno
0x14004e36c _fmode
0x14004e374 _initterm
0x14004e37c _lock
0x14004e384 _onexit
0x14004e38c _setjmp
0x14004e394 _setmode
0x14004e39c _unlock
0x14004e3a4 abort
0x14004e3ac calloc
0x14004e3b4 exit
0x14004e3bc fflush
0x14004e3c4 fprintf
0x14004e3cc fputc
0x14004e3d4 free
0x14004e3dc fwrite
0x14004e3e4 localeconv
0x14004e3ec longjmp
0x14004e3f4 malloc
0x14004e3fc memchr
0x14004e404 memcpy
0x14004e40c memset
0x14004e414 signal
0x14004e41c strcmp
0x14004e424 strerror
0x14004e42c strlen
0x14004e434 strncmp
0x14004e43c strstr
0x14004e444 vfprintf
0x14004e44c wcslen
!This program cannot be run in DOS mode.
P`.data
.rdata
`@.eh_fram
.pdata
0@.xdata
0@.bss
.idata
.reloc
UAUATSH
([A\A]]
P H;Q }
r H9q u
A M9A u"L
A L9@ u#H
r I9p
AUATWVSH
[^_A\A]
[^_A\A]
AVAUATUWVSH
[^_]A\A]A^
ATWVSH
([^_A\
ATUWVSH
[^_]A\
AVAUATUWVSH
[^_]A\A]A^
AVAUATUWVSH
[^_]A\A]A^
J H9H tGH
J H9H
AVAUATUWVSH
[^_]A\A]A^
b@H;z(
AUATSH
[A\A]
[A\A]
[A\A]
AUATUWVSH
([^_]A\A]
AUATUWVSH
([^_]A\A]
ATWVSH
([^_A\
ATUWVSH
[^_]A\
[^_]A\
[^_]A\
AUATUWVSH
([^_]A\A]
([^_]A\A]
([^_]A\A]
ATUWVSH
[^_]A\
ATUWVSH
[^_]A\
[^_]A\
AVAUATUWVSH
[^_]A\A]A^
AVAUATUWVSH
0[^_]A\A]A^
ATUWVSH
@[^_]A\
@[^_]A\
AUATSH
AWAVAUATUWVSH
excepti
Error: uH
nhandledH
[^_]A\A]A^A_
D$ H9D$0
[[reraisH
ed from:
ATWVSH
AUATSH
AUATSH
0[A\A]
AWAVAUATUWVSH
H[^_]A\A]A^A_
Parsed iI
nteger oL
utside oI
f valid L
@0rangf
ATWVSH
([^_A\
([^_A\
ATWVSH
([^_A\
ATUWVSH
P[^_]A\
AUATUWVSH
H[^_]A\A]
AUATUWVSI
UUUUUUUUH
33333333M!
K8[^_]A\A]
AWAVAUATUWVSH
t$HH#t$8H1
L3\$8I1
|$XH#|$hH1
T$(L#L$pH#\$0L
H#t$XH#L$`L1
H#l$pM
H#|$PI1
I3W(H3D$(I
I3o8M3GHI3G@M
H3\$PH3\$(I1
H3L$hH1
H3\$(I1
T$PH3L$XH1
L3T$XL3T$`L1
L3D$8H3l$0L1
L3|$hH
H3L$0H
L#l$`M!
t$8H#t$@L
H3T$8H3T$@M
H#t$PI!
d$(H3\$pH1
L#D$XL1
D$hH3D$pL1
H3\$(I1
H3w`H1
H3oxH1
[^_]A\A]A^A_
AWAVAUATWVSH
tQL9#~LJ
@[^_A\A]A^A_
@[^_A\A]A^A_
t of bouH
index ou
containH
nds, theH
er is emH
not in H
0 ..fD
not in
not in
indefD
0 ..fD
AUATUWVSH
([^_]A\A]
([^_]A\A]
AUATVSH
convert f
([^A\A]
convert H9
convert H
convert
convert
AUATUWVSH
VT_ARRAY
8[^_]A\A]
VT_BYREF
VT_VECTO
VT_RESER
VT_ARRAYH
8[^_]A\A]
8[^_]A\A]
VT_ARRAYH
AWAVAUATUWVSH
[^_]A\A]A^A_
uncatcheH
d exceptH
hander:H
ion insiH
de eventH
AVAUATUWVSH
@[^_]A\A]A^
AUATSH
[A\A]
AWAVAUATUWVSH
o invokeH
unable tH
specifiH
ed membeH
AUATSH
AWAVAUATUWVSH
8[^_]A\A]A^A_
AUATUWSH
[_]A\A]
AUATUWVSH
([^_]A\A]
([^_]A\A]
ATWVSH
8[^_A\
gfffffffD
integer:H
invalid H
AVAUATUWVS
[^_]A\A]A^A_
AVAUATUWVSH
[^_]A\A]A^
AUATUWVSH
([^_]A\A]
ATUWVSH
[^_]A\
[^_]A\
AWAVAUATUWVSH
[^_]A\A]A^A_
D$(HcF
LcD$ M
AWAVAUATUWVSH
\$0L#\$(H!
H3\$(H1
d$HL#d$XH1
L#T$ L3T$XH1
H#T$hL1
|$hL3L$ H#
H3|$ L#\$HM1
H#D$PH1
T$pH3T$XL!
L#T$ H1
L3\$ L
L#t$`I1
H#L$8H3
d$@L3L$8H1
H3t$8I1
H#D$PH1
T$pH3T$(H
""""""""L!
DDDDDDDDI!
[^_]A\A]A^A_
AUATUWVSH
H[^_]A\A]
AVWVSH
AWAVAUATUWVSH
McT$<O
l$HHcL$@HcS
[^_]A\A]A^A_
AUATUWVSH
([^_]A\A]
H H9J u
L9Q u$H
AUATUWVSH
([^_]A\A]
ATWVSH
([^_A\
([^_A\
AWAVAUATUWVSH
[^_]A\A]A^A_
AVAUATUWVSH
0[^_]A\A]A^
AUATUWVSH
([^_]A\A]
AWAVAUATUWVSH
invalid H
format sH
tring, cH
annot paH
@0rse:
h[^_]A\A]A^A_
AUATSH
AUATUWVSH
[^_]A\A]
unable tH
o get ruH
ntime of
AWAVAUATUWVSH
[^_]A\A]A^A_
AWAVAUATUWVSH
LcL$`H
[^_]A\A]A^A_
=CCG u
} ouH
} ot0H
UAUATWVSH
[^_A\A]]
EL;E`|
E(H;E u
E(H;E u%H
9El~)H
E(H;E t
H;E s?H
H;E s]
AWAVAUATUWVSH
)d$ fA
)d$0fI
)d$PfA
)T$`fA
)T$pfH
[^_]A\A]A^A_
libgcc_s_dw2-1.dll
__register_frame_info
__deregister_frame_info
[GC] cannot register thread local variable; too many thread local variables
[GC] cannot register global variable; too many global variables
could not load:
(bad format; library may be wrong architecture)
could not import:
out of memory
virtualFree failing!
ReraiseDefect
fatal.nim
sysFatal
OverflowDefect
ValueError
integerOutOfRangeError
parseutils.nim
SIGINT: Interrupted by Ctrl-C.
SIGSEGV: Illegal storage access. (Attempt to read from nil?)
SIGABRT: Abnormal termination.
SIGFPE: Arithmetic error.
unknown signal
SIGILL: Illegal operation.
IndexDefect
os.nim
paramStr
inet_ntop
VariantConversionError
com.nim
newVariant
CLRError
clr.nim
clrError
toVariant
LdrLoadDll
RtlInitUnicodeString
GetCurrentProcessId
VirtualProtect
OpenProcess
GetProcessHeap
GetProcAddress
RtlAddVectoredExceptionHandler
GetModuleHandleA
GetThreadContext
SetThreadContext
CloseHandle
OpenThread
GetCurrentThreadId
WaitForSingleObject
MultiByteToWideChar
GetTickCount
CreateFileA
GetFileSize
RtlAllocateHeap
ReadFile
GetComputerNameExA
GlobalMemoryStatusEx
GetDiskFreeSpaceExA
strutils.nim
parseInt
counter
Field2
Field1
Field0
hresult
cipher
NtFlushInstructionCache4
treadHandle3
remoteProcID2
tProcess1
:state
zonedTimeFromAdjTimeImpl
zonedTimeFromTimeImpl
hIntel
coresCount
queryIdleProcessorCycleTime
queryUnbiasedInterruptTime
queryProcessCycleTime
bCryptGenRandom
decVal
RecordDestroy
RecordCreateCopy
RecordCreate
IsMatchingType
GetFieldNames
PutFieldNoCopy
PutField
GetFieldNoCopy
GetField
GetTypeInfo
GetSize
GetName
GetGuid
RecordCopy
RecordClear
RecordInit
lpVtbl
pRecInfo
pvRecord
struct1
puintVal
pintVal
pullVal
pulVal
puiVal
union2
signscale
union1
wReserved
pdecVal
uintVal
intVal
ullVal
pvarVal
pparray
ppdispVal
ppunkVal
pbstrVal
pcyVal
pscode
pboolVal
pdblVal
pfltVal
pllVal
lLbound
cElements
rgsabound
pvData
cLocks
cbElements
fFeatures
parray
Invoke
GetIDsOfNames
GetTypeInfoCount
pdispVal
Release
AddRef
QueryInterface
punkVal
bstrVal
boolVal
dblVal
fltVal
wReserved3
wReserved2
wReserved1
filename
procname
parent
SetConsoleOutputCP
SetConsoleCP
IsEqualGUID
WideCharToMultiByte
SysStringLen
lstrlenW
GetCurrentThread
HeapCreate
HeapAlloc
LoadLibraryA
InitializeProcThreadAttributeList
UpdateProcThreadAttribute
CreateProcessW
GetCurrentProcess
ResumeThread
GetForegroundWindow
GetWindowThreadProcessId
GetCommandLineW
GetModuleFileNameW
DispGetIDsOfNames
SysFreeString
CoInitialize
VariantClear
VariantCopy
SysAllocString
SafeArrayCreate
SafeArrayPutElement
CLRCreateInstance
CreateToolhelp32Snapshot
Thread32First
Thread32Next
RtlGetVersion
GetFileAttributesW
@System.Drawing.dll
@System.dll
@kernel32
@kernel32
@ole32
@ole32
@oleaut32
@oleaut32
@kernel32
@kernel32
@kernel32
@kernel32
@user32
@user32
@kernel32
@kernel32
@ole32
@ole32
@oleaut32
@oleaut32
@mscoree
@mscoree
@kernel32
@kernel32
@kernel32.dll
@G>^RROI\Mr;V_ahbksqCpp]
zvVKMXIE
hE@GQ|mOEVK9%.<n
+&!(+?8l:-,
3./,?(+<#3/*+431!%%$*$%+;(8#+%'+
J@EDRBNA@SKTUYDCCD_C\@PAKMEEFLOOnt
{qi`xjjacxkmhogxlzyx~fs
:46<$"<"3 4-$-6/:6+6 "&8*5 2':4
IL^NXTITUQEINI
@kernel32.dll
tjson}mikof{inwetbehflfb
oCNWUDQMGYPEMWABI[LGVK_IMG]ZILFFI:*91 ?.>;)1:7=99:'03?6##<,*87+?$
@ntdll.dll
@{xcuah|ork|xalktka~ab`^DIL^EMKSEDURBCTZIHEXV[@IEPZNRUH
@DW^DMGC@Q]JHVNM[HHoyjuykdmrr}t`hgrgon|`riphonbmlpw
>)68%<*02<4";0/0;=$*=)
!8,!/++"';"?,%<?)/0.!$!&=,&+9- 5ZJJKEEUV]PXJFXYXWLDXRQINEGDCMBVXxkecuca|hiyy
)Dv_Bd
op1>B3
~5NCD>
*$clc
2tL>[N
wo^=[H
qj^;nS
LEY"Cpa,
{\$&PpN
XG$}7g?
(00?#A
NyF'1R
:-mP;E
a)1*>3
i])gXZ
YvH opi&vh<,X
/<-iKv
@|mP)A
ZB_?.D
'U\xah
'mOjT1
~$kxqg
K2^\I=)
eH}RCg
^TS7v?
EFz1?G
hqdqZ8
[UK1\
Co4z@
A?T8uG
YjQ %/
KSh4my
ED:Yoe]u
-oAE7;
k[?6'4C
8jBQO<
'0HIh%
NP;(]d]
Vn2{rm
Suh9'E
0@[2kYy
BMG`Uu}
FC.qIz
:0k+K/
yXN-=B
\^KL`O
FcC7dl8
n:u5w;P
a~1q)S
maSUX;|[
=2G#xm
b]]\C3
&d|Ill
a3Q8Kl
\K4YZ<_
?`%(E/N
zbTi9k
tRErmj7B.
z4f>t%
(F>}UWi
vHl\r:[
H`O\)xi<
HiQl;j
koB4=S
)6QmdRT
@csdhcuohidqz
@Ws2_32.dll
@[O[RKBLEUBGAJQHVZ
@G[IRN_MEUBHJCQGH
@{ti{pnqeubbhlhutmlfesaN
@OEYCY]TO_D@[XNE_I
@D]G\WLCHSUOF_M@Y]D
@unable to get type of object
@variant is not an object
@variant is nil
@GetType
@RuntimeHelper
@CompiledAssembly
@Microsoft.CSharp.CSharpCodeProvider
@ using System;using System.Drawing;using System.Runtime.InteropServices;abstract class RuntimeHelper{public static IntPtr wrapIntPtr(Int64 i){return Marshal.GetIUnknownForObject((IntPtr)i);}
public static IntPtr wrapIntPtr(Int32 i){return Marshal.GetIUnknownForObject((IntPtr)i);}
public static IntPtr wrapAny(Object o){return Marshal.GetIUnknownForObject(o);}
public static T Cast<T>(Object o){return(T)o;}
public static IntPtr wrapAny(Object o,Type t){try{if(t==o.GetType()){return wrapAny(o);}
else if(t.IsEnum){return wrapAny(Enum.ToObject(t,o));}
else if(t==typeof(Color)){int i=(int)Convert.ChangeType(o,typeof(int));return wrapAny(Color.FromArgb(i&0xff,(i>>8)&0xff,(i>>16)&0xff));}
else{try{return wrapAny(Convert.ChangeType(o,t));}
catch(System.InvalidCastException){return wrapAny(typeof(RuntimeHelper).GetMethod("Cast").MakeGenericMethod(t).Invoke(null,new object[]{o}));}}}
catch{return IntPtr.Zero;}}
public static IntPtr wrapAny(Object o,String type){try{return wrapAny(o,Type.GetType(type,true,true));}
catch{return IntPtr.Zero;}}}
@variant is not a type object
@unable to convert to object
@wrapAny
@openarray
@0123456789ABCDEF
@VT_BSTR_BLOB
@VT_CLSID
@VT_CF
@VT_BLOB_OBJECT
@VT_STORED_OBJECT
@VT_STREAMED_OBJECT
@VT_STORAGE
@VT_STREAM
@VT_BLOB
@VT_FILETIME
@VT_UINT_PTR
@VT_INT_PTR
@VT_RECORD
@VT_LPWSTR
@VT_LPSTR
@VT_USERDEFINED
@VT_CARRAY
@VT_SAFEARRAY
@VT_PTR
@VT_HRESULT
@VT_VOID
@VT_UINT
@VT_INT
@VT_UI8
@VT_I8
@VT_UI4
@VT_UI2
@VT_UI1
@VT_I1
@VT_DECIMAL
@VT_UNKNOWN
@VT_VARIANT
@VT_BOOL
@VT_ERROR
@VT_DISPATCH
@VT_BSTR
@VT_DATE
@VT_CY
@VT_R8
@VT_R4
@VT_I4
@VT_I2
@VT_NULL
@VT_EMPTY
@VT_ILLEGAL
@no exception to reraise
@over- or underflow
00010203040506070809101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899
ValueError
strformat.nim
parseStandardFormatSpecifier
IOError
io.nim
raiseEIO
virtualFree failing!
VariantConversionError
com.nim
toVariant
@Assembly
@unable to get default domain
@unable to start CorRuntimeHost
@unable to get interface of CorRuntimeHost
@unable to start CLRRuntimeHost
@unable to get interface of CLRRuntimeHost
@specified runtime is not loadable
@unable to find a installed CLR
@unable to enumerate installed runtimes
@unable to create metahost instance
*" b.&$
hR`JSUNoHURTSEROIHeGENC
@GOJCB
bX{^EXIzE^XYM@aIAC^U
JME@IH
:'<-+<
!:<=)$
-%':1h.':h< -h ''#h.)!$-,rh
@Invoke
@EntryPoint
@se{lsxrcappplakui{aedtztdtmwvwiiuxs`xt{rfxrgvqxgelhpolkegizuthlfpxrxjdlirhnjauvs{utirdththsckeux{w{whparcvcnolfudumu{tqjjazonssfak`djkvcujsomhjz{zjgzjf{`{wzvijzzgxczejgeizjgitssajnh`njguj{{xfvpudfvzzpjxadxhfnnkjzedieunz{z{zmzuhdagusohmgqh
@ZMVBIOJ^KIEVDD\YDVEFW[AH_CHCKO\J[]YJ_TH_OBYLTBX@EHXCBD_ZZ^GI_^DGAJZK[MAA^AZ\ZG[FB]]H@BMLJZDB]\TEO[]YDCMZAZZHVLE\\XKFB]@\[VGIYVV\WE\WZEH\FLJXAEIBW[^KABEJ_HA]HJW
@ +*%0-.3)2,".--!0 )7#2/0///<!(!2&< =0 5''5</, ' (0>0!*#3,65*>''#&>12!< '/<",43#"%%7!.5-5-4/--'116+ %5"&!3#!!%.%=+<&67037 -&)=0<=0'<6)%7-/>3,473& &/+))"/.566!/.<%07,2-5'!%*)!06.'67-""-56"-!!>#64, <.30!=.47,(0#"3>*#3>1+>1(= #0=0/3%*>4%&)'>)10."0'.35(#+)='5-())3/1(('%#-%0&.> 3#,%3/+3%')1.#2<&!4)6#=!#/%.'44%--,'7&2-->%2 "5)-#>7%-/&<40>&,04>=!-2 5 15=*&41=%<5!/36(<-=0*%462
@JPOVLWVQPDU@I\MQVKAE\HIOVBJG\_GOK^^U_N@P_WLJCOBAQITAIBPCKPLUMSHSEU\L\_\JHJU_QJIKHBOS^ME^VDRTMKGESHEDLNKQMCE@AKAQ@TOSCNQBVT\CHJRR@LHIKPEI@Q^K^VSVP\ND\OGOJ^CQLRGKSBKVGE@^ANIHERHJ^DGH\SHR_D_PJMW
ZA^AVI
[^_A\A]A^]
\$0AVAYM
amsi.dll
cyvera.dA
cyvrtrapH
ntnativeH
api.dll
EpMPThe.H
EpMPApi.H
HipHandlH
ers64.dl
MfeAmsiPH
rovider.H
LogLib.dARAZM
McVarianH
tExport.H
ATPAmsiGH
uard.dllH
mfehida.H
mfehctheM
mfehcinjf
GDAMSIx6H
GDAMSIx8H
fsamsi64
spapi64.
TmUmEvt6H
tmmon64.H
TMAMSIPrH
ovider64M
WRusr.dlH
bdhkm64.H
atcuf64.H
mbae.dllH
awshook.fD
ashShellH
antimalw
are_provH
ider.dllM
ScriptCoH
ctiuser.H
cbamsi.dH
PowerreaH
son.dll
PowerBufH
crsi.dllH
crcem.dlH
InProcesH
sClient
SentinelH
ams.dll
D$[umpp
SophosAmH
siProvidH
hmpalertH
symamsi.H
ccVrTrstH
ccLib.dlH
IPSEng32
cpICC.dlM
A_AZH1
AVA^AUA]
T$aAWY
T$aAWY
ARAZV^
_]A\A]
+-:'!
(-/0'++)/<*<$&"*)1#&'"2 2"$%=--FHNYNL\JHY@C]G^[QIXLBOLFKHY@\ITCdlwg`|uui~}ee|x|gzsmiglc}kdji~}v
0&0%55-6=$<&#- >2;+85$*,=-8*""8 RNUXMLNU^OICFG]KPGZMDGKL[YIE_JBMjnpvdkvj
dcrezahfdzvtnt}~cpdhc`|
@cannot write string to file
@variant is not a type
@LoadWithPartialName
@LoadFrom
@CreateInstance
@CompileAssemblyFromSource
@IncludeDebugInformation
@CompilerOptions
@GenerateExecutable
@GenerateInMemory
@OutputAssembly
@System.CodeDom.Compiler.CompilerParameters
@System
@]fayYg`jay
@oM\eGL]DMnADMfIEM
@AIUBQEQKDA
ifn*ac|k rcl`kkhm{y
@==4%2!5!// ))+//-(CHXB@CV^IFCOZDZFXNPSRQOGDRDCF@DBigyzt`cvx}l
Argument domain error (DOMAIN)
Argument singularity (SIGN)
Overflow range error (OVERFLOW)
Partial loss of significance (PLOSS)
Total loss of significance (TLOSS)
The result is too small to be represented (UNDERFLOW)
Unknown error
_matherr(): %s in %s(%g, %g) (retval=%g)
Mingw-w64 runtime failure:
Address %p has no image-section
VirtualQuery failed for %d bytes at address %p
VirtualProtect failed with code 0x%x
Unknown pseudo relocation protocol version %d.
Unknown pseudo relocation bit size %d.
(null)
Infinity
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
GCC: (MinGW-W64 x86_64-posix-seh, built by Brecht Sanders) 11.1.0
DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetLastError
GetModuleHandleA
GetProcAddress
GetStartupInfoA
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
SetUnhandledExceptionFilter
TlsGetValue
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WideCharToMultiByte
__C_specific_handler
___lc_codepage_func
___mb_cur_max_func
__getmainargs
__initenv
__iob_func
__lconv_init
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_cexit
_commode
_errno
_fileno
_fmode
_initterm
_onexit
_setjmp
_setmode
_unlock
calloc
fflush
fprintf
fwrite
localeconv
longjmp
malloc
memchr
memcpy
memset
signal
strcmp
strerror
strlen
strncmp
strstr
vfprintf
wcslen
KERNEL32.dll
msvcrt.dll
(null)
Antivirus Signature
Bkav W64.AIDetectMalware
Lionic Trojan.Win32.Dacic.4!c
Elastic malicious (moderate confidence)
ClamAV Clean
CMC Clean
CAT-QuickHeal Clean
Skyhigh Clean
ALYac Generic.Dacic.2394.94E59E68
Cylance Clean
Zillya Clean
Sangfor Trojan.Win64.Agent.Vq2c
CrowdStrike win/malicious_confidence_70% (D)
Alibaba Clean
K7GW Clean
K7AntiVirus Clean
huorong Clean
Baidu Clean
VirIT Clean
Paloalto generic.ml
Symantec ML.Attribute.HighConfidence
tehtris Clean
ESET-NOD32 a variant of Win64/Agent.DUU
APEX Malicious
Avast Win64:MalwareX-gen [Trj]
Cynet Malicious (score: 100)
Kaspersky Clean
BitDefender Generic.Dacic.2394.94E59E68
NANO-Antivirus Clean
ViRobot Clean
MicroWorld-eScan Generic.Dacic.2394.94E59E68
Tencent Win32.Trojan.Agen.Dwnw
Sophos Generic Reputation PUA (PUA)
F-Secure Heuristic.HEUR/AGEN.1372838
DrWeb Clean
VIPRE Generic.Dacic.2394.94E59E68
TrendMicro Clean
McAfeeD ti!EC6C410D323D
Trapmine Clean
CTX exe.trojan.agen
Emsisoft Generic.Dacic.2394.94E59E68 (B)
Ikarus Win32.Outbreak
FireEye Generic.mg.e68e0c467ecfbb9f
Jiangmin Clean
Webroot Clean
Varist W64/ABTrojan.AVEP-8037
Avira HEUR/AGEN.1372838
Fortinet W64/Agent.DUU!tr
Antiy-AVL Trojan/Win64.Kryptik
Kingsoft Clean
Gridinsoft Trojan.Win64.Agent.sa
Xcitium Clean
Arcabit Generic.Dacic.2394.94E59E68
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft Program:Win32/Wacapew.C!ml
Google Detected
AhnLab-V3 Trojan/Win.CobaltStrike.C5492405
Acronis Clean
McAfee Artemis!E68E0C467ECF
TACHYON Clean
VBA32 Clean
Malwarebytes Crypt.Trojan.MSIL.DDS
Panda Trj/Chgt.AD
Zoner Clean
TrendMicro-HouseCall TROJ_GEN.R002H09JQ24
Rising Trojan.Kryptik!8.8 (TFE:5:hzKgty1bItV)
Yandex Clean
SentinelOne Static AI - Suspicious PE
MaxSecure Clean
GData Generic.Dacic.2394.94E59E68
AVG Win64:MalwareX-gen [Trj]
DeepInstinct MALICIOUS
alibabacloud Trojan:Win/Injector.DYD
No IRMA results available.