popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

1970-01-01 09:00:00

PE Imphash

4f2f006e2ecf7172ad368f8289dc96c1

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x008f55e8 0x008f5600 6.08602760319
.rdata 0x008f7000 0x009662cc 0x00966400 6.20081526059
.data 0x0125e000 0x000db100 0x00079a00 5.72359329301
.idata 0x0133a000 0x0000045e 0x00000600 4.07548803227
.reloc 0x0133b000 0x0006b4e2 0x0006b600 6.67140572078
.symtab 0x013a7000 0x00000004 0x00000200 0.0203931352361
.rsrc 0x013a8000 0x00001091 0x00001200 4.73234096903

Resources

Name Offset Size Language Sub-language File type
RT_ICON 0x013a8130 0x000008a8 LANG_ENGLISH SUBLANG_ENGLISH_US dBase IV DBT of @.DBF, block length 1024, next free block index 40, next free block 16776176, next used block 10526884
RT_GROUP_ICON 0x013a89d8 0x00000014 LANG_ENGLISH SUBLANG_ENGLISH_US data
RT_VERSION 0x013a89ec 0x00000278 LANG_RUSSIAN SUBLANG_RUSSIAN data
RT_MANIFEST 0x013a8c64 0x0000042d LANG_ENGLISH SUBLANG_ENGLISH_US XML 1.0 document, ASCII text, with very long lines, with no line terminators

Imports

Library kernel32.dll:
0x165fda0 WriteFile
0x165fda4 WriteConsoleW
0x165fda8 WerSetFlags
0x165fdac WerGetFlags
0x165fdb4 WaitForSingleObject
0x165fdb8 VirtualQuery
0x165fdbc VirtualFree
0x165fdc0 VirtualAlloc
0x165fdc4 TlsAlloc
0x165fdc8 SwitchToThread
0x165fdcc SuspendThread
0x165fdd0 SetWaitableTimer
0x165fddc SetEvent
0x165fde0 SetErrorMode
0x165fde4 SetConsoleCtrlHandler
0x165fde8 ResumeThread
0x165fdf4 LoadLibraryW
0x165fdf8 LoadLibraryExW
0x165fdfc SetThreadContext
0x165fe00 GetThreadContext
0x165fe04 GetSystemInfo
0x165fe08 GetSystemDirectoryA
0x165fe0c GetStdHandle
0x165fe18 GetProcAddress
0x165fe1c GetErrorMode
0x165fe24 GetCurrentThreadId
0x165fe28 GetConsoleMode
0x165fe30 ExitProcess
0x165fe34 DuplicateHandle
0x165fe3c CreateThread
0x165fe44 CreateFileA
0x165fe48 CreateEventA
0x165fe4c CloseHandle
!This program cannot be run in DOS mode.
`.rdata
@.data
.idata
.reloc
B.symtab
B.rsrc
Go build ID: "tLY7UR7zKPvYub9dWdvc/JU-AYcJimnlQFyBAf7OD/GGQcrTcHqxAXwezfwqxT/JFLV3jQkKGWPYTpnPNwA"
;cpu.u
H(9J(u|
H,8J,us
H-8J-uj
H49J4ub
H89J8uZ
H<8J<uQ
H=8J=uH
JD9HDu@
HH9JHu8
HL8JLu/
HM8JMu&
JT9HTu
HX9JXu
H\8J\u
H]8J]u
@ 2-by
@$2-by
@(2-by
@,2-by
@0te k
@4te k
@8te k
@<te k
D$49H(v6
D$<9D$
D$49D$
D$ 9D$
69t$Dt
69t$Dt
l$(9.u
|$09GDu
L$ 9A4t
G 9E tJ
D$,+D$
D$89D$
L$H9A4v
\$49\$(u
L$$9A(s
\$(9S4
L$ 9H<s
L$09A4v
T$(9J4s
T$<9B4v
L$,#D$0#L$4
UUUU%UUUU
T$ 9T$
D$09D$
uP9uTu
9T$,t-
D$49D$
D$<9D$
L$89L$<
t19A0t,
19A u,
Z 9X s&9B
v 9q w
D$$9D$
D$<9D$
D$<9D$
T$,9B
D$,9D$
L$D9L$
D$@9D$(u
D$<9D$
D$<9D$
|$D2u
D$H9D$
8runtu
D$L9D$
D$(9D$
u"f9w"
D$L9D$
E$9G$t
D$L9D$
D$D9D$
D$D9D$
D$H9D$
D$H9D$
L$89H8
9noneu`1
9crasuH
9singu
9systu
t>;CPu?
|$$9;u
|$D9;u
|$ 9;u
|$ 9;u
H,9J,u
Q08P0u
H$9J$u
9L$,u%
D$,9D$
D$P9D$
\$<9S(
D$,9D$
D$P9D$
\$<9S(
~"f9}"u
~ f9} u
F(9E(t
F(9E(ui
D$,9D$
D$$9D$
D$$9D$
|$(9;u
D$89D$$
D$$9D$
|$$9;u
?-070u
?-070u
?-07:u
?Januu
?Mondu
?Z070u
?Z070u
?Z07:u
?2006u-
92006t
:ChSTt
:MeSTu
:WITAuH
\$<9\$
T$$9D$
T$$9D$
D$09D$
:nullu
9D$$~t
:Locau$
:.zipuL
;tzdau\
D$89D$
D$89D$
|$\9;u
|$`9;u
|$D9;u
|$L9;u
|$D9;u
|$89;u
|$D9;u
|$@9;u
|$@9;u
|$D9;u
|$<9;u
|$49;u
|$@9;u
|$49;u
|$49;u
|$09;u
|$@9;u
|$@9;u
|$@9;u
|$@9;u
|$\9;u
|$49;u
|$H9;u
|$\9;u
|$@9;u
|$@9;u
|$89;u
|$(9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
9TRUEt
9Truet
9trueui
9FALSu
9Falsu
9falsu#
T$@9T$
9\$\~?
T$`~PG9
D$X9D$
D$L9D$
D$l9D$
D$,9D$
D$L9D$
\$h9S(
D$,9D$
D$L9D$
\$h9S(
~"f9}"u
~ f9} u
E$9F$t
F(9E(t
E(9F(ui
D$,9D$
D$$9D$
D$$9D$
D$x9D$
D$ func
T$L9B(
L$T9H(
D$T9D$
D$ 9D$
D$X9D$
H 9J u
|$ 9;u
|$ 9;u
|$89;u
|$(9;u
|$(9;u
|$$9;u
|$ 9;u
|$ 9;u
|$(9;u
|$09;u
|$$9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$(9;u
|$ 9;u
|$$9;u
|$ 9;u
|$ 9;u
|$(9;u
|$$9;u
|$(9;u
|$ 9;u
|$ 9;u
|$,9;u
D$89D$
D$49D$
9fileu
gramtF
9tcp4t
9tcp6t
9udp4t
9udp6u
9udp4t
|$$9;u
|$$9;u
}zy uV
HH9JHu
XL9ZLuy
XP8ZPup
|$ 9;u
|$ 9;u
|$(9;u
|$(9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$$9;u
|$$9;u
|$89;u
|$89;u
|$89;u
|$89;u
|$89;u
|$89;u
|$ 9;u
|$ 9;u
|$(9;u
|$(9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$(9;u
|$(9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$$9;u
|$$9;u
|$89;u
|$89;u
|$89;u
|$89;u
|$89;u
|$89;u
|$ 9;u
|$ 9;u
|$(9;u
|$(9;u
|$ 9;u
|$ 9;u
D$d9D$
t$$f9D$$
f9D$&r
L$ f9D$ w
f9D$"r
D$p9D$x|
L$(8L$
8n<OwA
D$|9D$
D$08D$
L$08L$
D$(9D$
T$,9T$
\$@+\$H
0C9\$X~=@9
9nullu
D$p9D$
D$p9D$
D$$8D$
|$ 9;u
|$ 9;u
|$$9;u
|$$9;u
D$(9D$
D$(9D$
D$D9D$
D$(+D$
L$H9A |
3T$ 1L$
3T$,1L$(
3T$41L$0
L$H+AT
<$3|$43|$ 3|$
3|$83|$$3|$
3|$<3|$(3|$
3<$3|$,3|$
3|$03|$
3|$43|$
3|$83|$
3|$<3|$$
|$ 3|$
3<$3|$(
|$$3|$
|$(3|$
|$,3|$ 3|$
|$03|$$3|$
|$43|$(3|$
|$83|$,3|$
|$<3|$03|$
<$3|$43|$ 3|$
3|$83|$$3|$
3|$<3|$(3|$
3<$3|$,3|$
3|$03|$
3|$43|$
3|$83|$
3|$<3|$$
|$ 3|$
3<$3|$(
|$$3|$
|$(3|$
|$,3|$ 3|$
|$03|$$3|$
|$43|$(3|$
|$83|$,3|$
|$<3|$03|$
<$3|$43|$ 3|$
3|$83|$$3|$
3|$<3|$(3|$
3<$3|$,3|$
3|$03|$
3|$43|$
3|$83|$
3|$<3|$$
|$ 3|$
3<$3|$(
|$$3|$
|$(3|$
|$,3|$ 3|$
|$03|$$3|$
|$43|$(3|$
|$83|$,3|$
|$<3|$03|$
<$3|$43|$ 3|$
3|$83|$$3|$
3|$<3|$(3|$
3<$3|$,3|$
3|$03|$
3|$43|$
3|$83|$
3|$<3|$$
|$ 3|$
3<$3|$(
|$$3|$
|$(3|$
|$,3|$ 3|$
|$03|$$3|$
|$43|$(3|$
|$83|$,3|$
|$<3|$03|$
L$H+A`
@$g&3g
@(l>+
|$ 9;u
D$p9D$
D$l9D$
8optiu
8explu=
icitu4
8numeu
8utf8u
8privuLf
D$h9D$
|$ 9;u
|$ 9;u
|$ 9;u
L$L9L$
L$T9L$
L$t9L$
D$0k1^
D$D:T^8
D$<kM=
D$ 9)jx
D$<'>f,
D$P5<p
D$T=,4
D$\kP?
D$T=,4
D$\kP?
D$T=,4
D$\kP?
D$T=,4
D$\kP?
D$T=,4
D$\kP?
L$T9L$
A$1y 1
|$(9;u
|$$9;u
|$$9;u
|$ 9;u
|$(9;u
|$$9;u
|$$9;u
|$ 9;u
|$(9;u
|$$9;u
|$$9;u
|$ 9;u
|$ 9;u
D$89D$
|$ 9;u
|$ 9;u
|$49;u
|$ 9;u
|$(9;u
|$$9;u
|$ 9;u
|$ 9;u
|$49;u
|$ 9;u
|$(9;u
|$$9;u
|$ 9;u
|$ 9;u
|$49;u
|$ 9;u
|$(9;u
|$$9;u
|$ 9;u
|$ 9;u
|$49;u
|$ 9;u
|$(9;u
|$$9;u
|$$9;u
|$49;u
|$ 9;u
|$(9;u
|$ 9;u
|$ 9;u
D$$8D$
D$$8D$
D$$9D$
D$$9D$
8P-25ub
|$ 9;u
|$ 9;u
|$$9;u
|$$9;u
D$ ffff
D$$ffff
D$(ffff
D$,ffff
D$0ffff
D$4ffff
D$8ffff
8leaku
|$D9;u
|$L9;u
|$09;u
|$89;u
|$D9;u
|$,9;u
|$09;u
|$09;u
|$09;u
|$09;u
|$09;u
|$09;u
|$X9;u
|$<9;u
|$@9;u
|$T9;u
|$T9;u
|$49;u
|$49;u
|$\9;u
|$L9;u
|$L9;u
|$H9;u
|$H9;u
|$P9;u
|$<9;u
|$<9;u
|$L9;u
|$P9;u
|$09;u
|$H9;u
|$H9;u
|$<9;u
|$89;u
|$89;u
|$89;u
|$89;u
|$ 9;u
|$89;u
|$89;u
|$89;u
|$89;u
8L$0uB
planuT
windu'f
;bindua
9fileu
;fileua
9bindu
8solau.f
>fileu
8fileu&
>fileu
>succu
>notfu
:retuu
tcp4tt
tcp6tk
udp4t]
udp6tT
unixtK
unixug
gramt2
9dialuM
unixtQ
gramt1
D$49D$
D$P9D$
:CNAMum
9CNAMu%
:tcp4t
}zy u(
}zy u"
|$<9;u
\$(9\$
L$x9L$Dt
}zy u`
}zy uc
:tcp4t!
:tcp6t
:udp4t
:tcp4t
:udp4t
9tcp4t
9udp4t
9udp6uo
8listu8f
9dialt
9tcp4t
9udp4t
9udp6uN
9tcp4t
9tcp6t
9udp4t
9udp6uZ
8tcp4t
8udp4t
9acceu:f
unixt]
unixur
gramtA
unixtK
unixuT
gramt2
unixtK
unixuT
gramt2
}zy ue
9udp4t
}zy ue
|$ 9;u
|$$9;u
|$(9;u
|$89;u
|$89;u
|$ 9;u
|$$9;u
|$$9;u
|$$9;u
|$ 9;u
|$ 9;u
|$$9;u
|$$9;u
|$$9;u
|$ 9;u
|$ 9;u
|$$9;u
|$$9;u
|$$9;u
|$ 9;u
|$ 9;u
|$$9;u
|$$9;u
|$$9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$$9;u
|$$9;u
|$$9;u
|$$9;u
|$$9;u
|$$9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$$9;u
|$$9;u
|$$9;u
|$$9;u
|$$9;u
|$$9;u
|$ 9;u
|$ 9;u
|$49;u
|$L9;u
|$89;u
|$P9;u
|$09;u
|$09;u
|$09;u
|$H9;u
|$09;u
|$H9;u
|$$9;u
|$<9;u
|$49;u
D$(9D$
L$ 9A t
D$(9D$
L$ 9A<t
|$ 9;u
L$H+AP
D$8vT2
k49h(u9
x(9~(t
D$d9D$
|$ 9;u
L$T9L$
A$1y 1
D$ ffff
D$$ffff
D$(ffff
D$,ffff
D$0ffff
D$4ffff
D$8ffff
8TRUEt
8Truet
8trueu>1
8FALSu
8Falsu
8falsu
9TRUEt
9Truet
9trueu>1
9FALSu
9Falsu
9falsu
|$ 9;u
|$(9;u
|$$9;u
|$$9;u
\$$9K }
D$(9D$
D$89D$
8falsu
D),9Gpu
P$9S$uG
|$ 9;u
|$$9;u
|$ 9;u
|$(9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$,9;u
|$ 9;u
8DOWNu
8DOWNu
f9Q6u~
L$L9AP
D$,vT2
|$89;u
|$x9;u
|$(9;u
D$ 3D$(
L$,3L$$
D$XvT2
;charuef
:unixu)
9TRUEt
9Truet
9trueuD
9FALSu
9Falsu
9falsu
9TRUEt
9Truet
9trueuR
9FALSu
9Falsu
9falsu
9TRUEt
9Truet
9trueuR
9FALSu
9Falsu
9falsu
9TRUEt
9Truet
9trueuR
9FALSu
9Falsu
9falsu
9TRUEt
9Truet
9trueuR
9FALSu
9Falsu
9falsu
9TRUEt
9Truet
9trueuR
9FALSu
9Falsu
9falsu
9TRUEt
9Truet
9trueuR
9FALSu
9Falsu
9falsu
9TRUEt
9Truet
9trueuR
9FALSu
9Falsu
9falsu
9TRUEt
9Truet
9trueuR
9FALSu
9Falsu
9falsu
9TRUEt
9Truet
9trueuR
9FALSu
9Falsu
9falsu
9TRUEt
9Truet
9trueuR
9FALSu
9Falsu
9falsu
9TRUEt
9Truet
9trueuR
9FALSu
9Falsu
9falsu
9TRUEt
9Truet
9trueuR
9FALSu
9Falsu
9falsu
9us-au
sciit,
9utf-u
8distu
|$ 9;u
|$ 9;u
|$(9;u
|$(9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
f9HLt#
\$#8\$N
D$P9D$`
D$@9D$$u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
:httpu
:httpuN
domau=f
httpu%
9noneu5
9striu
9CONNu
D$09D$
>HEADu
;disju
9disju
8disju
>HEADu
;CONNuIf
;POSTt%
;PATCuN
8chunu
8chunu
9chunu
9chunu
:CONNu
:HEADt\
:DELEu
:SEARuYf
:OPTIuBf
:PROPu%
;chunu
8POSTt%
8PATCu
9idenu>
tityu5
8HEADu
9Traiu}f
K 9H t
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$$9;u
|$ 9;u
|$ 9;u
|$09;u
L$ 9L$
](9],uv
j09k0t
j89k8t
j(9k(u=
j,9k,u5
T$P9h,
tI9W8u
D$`9xL
kD9jP}Z
\$D9C<
9TRUEt
9Truet
9trueuH1
9FALSu
9Falsu
9falsu
|$P9w$uR
9w$~D
8XMLNu9f
9XMLNu[f
:charu
:inneu|
rxmlus
:XMLNu f
8XMLNu
;xmlnu
:xmlnu
9xmlnu
9utf-t
9UTF-u
|$ 9;u
|$t9;u
|$t9;u
|$|9;u
|$|9;u
|$|9;u
|$|9;u
|$\9;u
|$\9;u
|$h9;u
|$h9;u
|$t9;u
|$t9;u
|$|9;u
|$|9;u
|$|9;u
|$|9;u
|$\9;u
|$\9;u
|$h9;u
|$t9;u
|$t9;u
|$|9;u
|$|9;u
|$|9;u
|$|9;u
|$\9;u
|$\9;u
|$h9;u
|$89;u
|$89;u
|$t9;u
|$t9;u
|$|9;u
|$|9;u
|$|9;u
|$|9;u
|$\9;u
|$\9;u
|$h9;u
|$h9;u
|$t9;u
|$t9;u
|$|9;u
|$|9;u
|$|9;u
|$|9;u
|$\9;u
|$\9;u
|$h9;u
|$h9;u
|$\9;u
|$\9;u
|$h9;u
|$h9;u
|$t9;u
|$t9;u
|$|9;u
|$|9;u
|$|9;u
|$|9;u
|$\9;u
|$\9;u
|$h9;u
|$t9;u
|$t9;u
|$|9;u
|$|9;u
|$|9;u
|$|9;u
|$\9;u
|$\9;u
|$h9;u
|$\9;u
|$\9;u
|$h9;u
|$89;u
|$89;u
|$t9;u
|$t9;u
|$|9;u
|$|9;u
|$|9;u
|$|9;u
|$\9;u
|$\9;u
|$h9;u
|$t9;u
|$t9;u
|$|9;u
|$|9;u
|$|9;u
|$|9;u
|$\9;u
|$\9;u
|$h9;u
|$t9;u
|$t9;u
|$|9;u
|$|9;u
|$|9;u
|$|9;u
|$\9;u
|$\9;u
|$h9;u
|$$9;u
|$$9;u
|$$9;u
|$$9;u
D$D9D$
D$D9D$
D$<8D$
D$=8D$
D$>8D$
D$?8D$
D$88D$
D$98D$
D$:8D$
L$@9A t0
D$,9D$
D$ 9D$
D$,9D$
D$<9D$
8boolty
8int8ty
8int1u
8int3u
8int6u
8uintty
8uintu
8uintu
8uintu
8uintu
8uintu
8floau
8floau
8striu
8boolty
8int8ty
8int1u
8int3u
8int6u
8uintty
8uintu
8uintu
8uintu
8uintu
8uintu
8floau
8floau
8striu
\ufff
|$<9;u
|$ 9;u
|$$9;u
|$(9;u
|$(9;u
|$$9;u
|$$9;u
|$49;u
|$49;u
|$ 9;u
|$ 9;u
|$$9;u
|$$9;u
|$ 9;u
|$ 9;u
9nullu
9nullu
9nullu
|$$9;u
|$(9;u
|$ 9;u
|$09;u
|$$9;u
|$D9;u
|$ 9;u
|$89;u
|$49;u
D$h9D$
|$,9;u
|$$9;u
|$ 9;u
|$$9;u
|$ 9;u
|$$9;u
|$(9;u
|$(9;u
|$,9;u
|$ 9;u
|$$9;u
|$(9;u
|$ 9;u
|$$9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$$9;u
|$(9;u
|$ 9;u
|$ 9;u
|$<9;u
|$ 9;u
|$$9;u
|$ 9;u
|$(9;u
|$49;u
|$$9;u
|$ 9;u
|$$9;u
|$$9;u
|$$9;u
|$(9;u
|$(9;u
nitytE
|$\9;u
D$T9D$
D$X9D$
D$P9D$
D$H9D$
D$L9D$
D$H9D$
D$ 9D$
D$ 9D$
;inliu
;minsu
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$@9;u
|$@9;u
|$@9;u
|$D9;u
|$09;u
|$09;u
|$d9;u
|$d9;u
|$,9;u
|$ 9;u
|$ 9;u
|$,9;u
|$,9;u
|$,9;u
|$,9;u
|$,9;u
|$,9;u
|$,9;u
|$,9;u
|$,9;u
|$,9;u
|$,9;u
|$,9;u
|$,9;u
|$,9;u
|$,9;u
|$,9;u
|$,9;u
|$,9;u
|$,9;u
|$,9;u
|$,9;u
|$,9;u
|$,9;u
|$,9;u
|$@9;u
|$H9;u
|$@9;u
|$H9;u
|$@9;u
|$@9;u
|$H9;u
|$@9;u
|$H9;u
|$@9;u
|$H9;u
|$@9;u
|$H9;u
|$@9;u
|$H9;u
|$@9;u
|$H9;u
|$@9;u
|$H9;u
|$@9;u
|$H9;u
|$@9;u
|$H9;u
|$@9;u
|$H9;u
|$@9;u
|$H9;u
|$@9;u
|$H9;u
|$@9;u
|$H9;u
|$@9;u
|$H9;u
|$@9;u
|$H9;u
|$@9;u
|$@9;u
|$H9;u
|$@9;u
|$H9;u
|$@9;u
|$@9;u
|$@9;u
8D$(u=
9D$0u!
|$H9;u
|$L9;u
|$@9;u
|$D9;u
|$D9;u
|$H9;u
|$L9;u
|$@9;u
|$,9;u
|$D9;u
|$D9;u
|$H9;u
|$D9;u
|$L9;u
|$H9;u
|$L9;u
|$D9;u
|$H9;u
D$$8D$
D$,9D$
|$@9;u
|$D9;u
|$D9;u
|$H9;u
|$,9;u
|$D9;u
|$H9;u
|$D9;u
|$L9;u
|$@9;u
|$D9;u
|$D9;u
|$H9;u
|$D9;u
|$H9;u
|$D9;u
|$89;u
|$@9;u
|$@9;u
|$@9;u
|$D9;u
|$$9;u
|$ 9;u
|$(9;u
|$D9;u
|$$9;u
|$ 9;u
|$,9;u
|$,9;u
|$@9;u
|$@9;u
D$09D$
;!!set
;!!mau
8!!nuu.f
8!!nuu$f
:!!stu
:notyf
8!!biuQ
naryuH
:!!biuL
naryuC
D$X9D$
9!!meu
:!!nuutf
9!!stu
9!!meu
9!!meu
D$@9H(~^
L$<9P(
L$(9L$
D$(9D$
L$(9L$
9nottf
9!!biu
9+Infu
9-Infu
;!!stu
:!!stu#
9!!biu
ht9hpu
Hp+Hx9
l$89kd
:!!inu
:!!bou
:!!biu
:!!stu
D$:0000
D$70000
8Byteu
8BigIu
8Byteu
8BigIu
|$,9;u
3ph3hl
PL3P$3Xp3Pt3
3XP3Xx3
3PT3P|3
3HX3x\
HL3H$1
3pP3px3
3PT3P|3
3H`3xd3
HL3H$3xp3Ht1
3hP3hx3
3pT3p|3
3ph3Hl1
3hP3hx3
3XT3X|3
s$3o 3w$
s,3o(3w,
s43o03w4
s<3o83w<
sD3o@3wD
sL3oH3wL
sT3oP3wT
s\3oX3w\
sd3o`3wd
sl3oh3wl
st3op3wt
s|3ox3w|
8Byteu
8Addru
|$`9;u
|$P9;u
|$X9;u
8Byteu
|$H9;u
|$89;u
|$,9;u
8Addru
|$@9;u
9nilLuBf
|$L9;u
D$P9D$
|$t9;u
|$t9;u
|$|9;u
|$|9;u
|$|9;u
|$|9;u
|$\9;u
|$\9;u
|$h9;u
|$h9;u
|$49;u
:cpu.u
D$p9D$
D$@9D$
D$H9D$
8PoliuM
|$$9;u
|$ 9;u
|$$9;u
|$$9;u
|$$9;u
|$x9;u
|$D9;u
|$|9;u
T$09T$
l$$9kDuP
L$49AP~'
z9KP~/
;Flusu0
D$,9D$
D$(9D$
D$09D$Ht
9INFOu
9WARNuj
9DEBUu
9ERROu7
|$(9;u
|$$9;u
|$<9;u
D$D9D$,t
|$p9;u
L$D+L$d
D$$9D$
X 8Z uP
X!8Z!uG
\$ 9\$
|$,9;u
9TRUEt
9Truet
9trueu:
9FALSu
9Falsu
9falsu
D$D9D$
D$T9D$
9L$8t\
:TRUEt
:Truet
:trueuH1
:FALSu
:Falsu
:falsu
fixeu%f
zigzuO
ag64uF
>packu
>protu
>oneou
>stdtu!f
D$\9D$
D$X9D$
D$X9D$
D$T9D$
:byteu
fixeu#f
fixeu#f
:byteu
fixeu#f
;packu
;protu
:stdtu f
D$,9D$
D$$9D$
D$,9D$
D$,9D$
D$$9D$
D$$9D$
D$(9D$
D$(9D$
D$$9D$
D$$9D$
D$(9D$
D$(9D$
D$$9D$
D$$9D$
D$(9D$
D$(9D$
D$$9D$
D$$9D$
D$(9D$
D$(9D$
D$$9D$
D$$9D$
D$,9D$
D$,9D$
D$$9D$
D$$9D$
D$,9D$
D$,9D$
D$$9D$
D$$9D$
D$(9D$
D$(9D$
D$$9D$
D$$9D$
D$,9D$
D$,9D$
D$$9D$
D$$9D$
D$$9D$
D$$9D$
D$$9D$
D$$9D$
D$$9D$
D$(9D$
D$$9D$
D$(9D$
D$,9D$
D$$9D$
:byteu
fixeu#f
:byteu
fixeu#f
;protu
;stdtu.f
8grouu
D$T9D$
:grouu
D$@9D$8
Hl9Jlu:
Z 9X uy
Z(9X(uq
|$<9;u
D$x9D$
D$l9D$
9protu
9protu
9protu
D$l9D$
D$l9D$
B$9E$u*
]09Z0u
E89B8uE
E@9B@u
Z$9]$u
B,9E,uE
B49E4u
Z 8] t(
T$t9J<u*
Z$9]$u
B09E0uE
B89E8u
Z 8] u"
Z(9](u
T$h9J<uo
T$h9JDu
B$9E$uE
B,9E,u
9unknuFf
|$ 9;u
|$ 9;u
|$,9;u
|$,9;u
|$ 9;u
|$09;u
|$<9;u
|$(9;u
D$89D$
D$49D$
D$X9D$
|$ 9;u
|$ 9;u
|$ 9;u
|$09;u
|$09;u
|$$9;u
|$<9;u
|$ 9;u
D$89D$
D$49D$
D$X9D$
D$\9D$
D$<9D$
D$ 9D$
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
9amd6u
9arm6u
=poweu
9poweu
>satcu
>signu
9amd6u
8amd6u
8arm6u
8ppc6uk
8loonu
8ppc6u
8riscu
D$\9D$
noneu$
D$T9D$
9gccgu
D$29D$<
L$Lf9L$h
L$Pf9L$luv
L$Nf9L$juj
f9T$Du
f9D$Hu
f9T$Du
f9D$Hu
|$<9;u
|$89;u
$f9D$(u
f9D$,u
|$@9;u
|$T9;u
|$49;u
|$<9;u
|$ 9;u
|$ 9;u
|$$9;u
4Xf9.u
D$Tf=2
|$ 9;u
|$$9;u
|$ 9;u
|$(9;u
k89k<u
u<+u89u0t
C$9C(u
\$#8\$N
X 9Z uw
X$9Z$uo
P$9S$uq
H 9J u
\$l9S0
\$$9\$
|$ 9;u
|$ 9;u
|$(9;u
|$(9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$$9;u
|$$9;u
|$89;u
|$89;u
|$89;u
|$89;u
|$89;u
|$89;u
|$ 9;u
|$ 9;u
|$(9;u
|$(9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$(9;u
|$(9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$$9;u
|$$9;u
|$89;u
|$89;u
|$89;u
|$89;u
|$89;u
|$89;u
|$ 9;u
|$ 9;u
|$(9;u
|$(9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$@9;u
|$,9;u
|$L9;u
|$L9;u
|$ 9;u
|$ 9;u
|$$9;u
|$$9;u
|$ 9;u
|$ 9;u
|$,9;u
|$,9;u
|$ 9;u
|$ 9;u
|$,9;u
|$,9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$H9;u
|$ 9;u
|$(9;u
|$(9;u
|$$9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$(9;u
|$(9;u
|$ 9;u
|$ 9;u
|$(9;u
|$(9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$(9;u
|$(9;u
|$(9;u
|$(9;u
8CURRu/f
8LOCKu!
|$ 9;u
|$<9;u
|$49;u
|$,9;u
|$@9;u
|$<9;u
|$<9;u
|$ 9;u
|$49;u
|$T9;u
|$,9;u
|$,9;u
l$0f9B
\$"f9Z
\$df9S
T$x9H0
|+$9H(
t$H9p8
T$h9J0~
\$Xf9C
|$(9;u
|$(9;u
|$89;u
|$89;u
|$89;u
|$89;u
|$,9;u
|$,9;u
|$(9;u
|$(9;u
|$89;u
|$89;u
|$89;u
|$89;u
|$,9;u
|$,9;u
|$|9;u
|$(9;u
|$(9;u
|$89;u
|$89;u
|$89;u
|$89;u
|$,9;u
|$,9;u
|$L9;u
\$T9K0
L$(9ADu
L$L9D$$
D$<9D$`t
|$l9;u
|$$9;u
|$$9;u
|$D9;u
|$d9;u
|$49;u
|$49;u
|$49;u
|$d9;u
|$X9;u
|$h9;u
|$d9;u
|$d9;u
Hx9Htu%
H|9Htu
Xx9X|uU
9\$xvc
H<9J<u#
H@9J@u
D$h%#"
D$49D$
D$$9D$
D$(9D$
|$(9;u
|$(9;u
:ignou
:paniu
&[AuB
D$d9D$
D$d9D$
D$d9D$
D$d9D$
D$d9D$
D$d9D$
D$d9D$
D$ 9D$
D$$9D$
D$,9D$
|$@9;u
|$T9;u
|$$9;u
D$|9D$x
D$X9D$
D$D9D$$}
:-infu
D$d9D$
HH9HDu
HP9HTu
H\9H`u
=protu!f
Y=prot
\$89\$,
t$(9\$$
D$X9D$,
l$HM9l$,
|$(9l$$
D$L9\$H~
D$D9\$@
|$49D$0~
D$XH9D$0
H8Ju
H 8J u
zigzuZ
zigzuU
ag64uL
:grouu%
:packu*f
:protuGf
D$|9D$
D$$9D$
L$ 9L$
D$t9D$
D$l9D$
D$\9D$
D$|9D$
D$D9D$
D$ 9D$
ZL9XLuy
XT9ZTuq
|$ 9;u
|$ 9;u
|$09;u
|$(9;u
|$(9;u
|$ 9;u
|$ 9;u
|$(9;u
|$(9;u
|$(9;u
|$(9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$49;u
|$89;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
D$$9D$
D$`9D$
D$D9D$
D$49D$
L$p+AH
|$$9;u
|$$9;u
\$,9\$T
P 9S uz
|$(9;u
|$49;u
L$p+AH
D$(9F
t$T9M,
l$(9]T
T$09T$
\$49\$
l$09\$4
T$H9L$L
\$`9\$t
\$\9\$p
l$,95x
L$x9i(t[
|$,9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$,9;u
\$`9K,}X
8filtu
8footu
D$@9D$
D$H9D$
D$D9D$
L$ 9H,}V
8nullu
|e9HX~\
|^9XX~U
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$ 9;u
|$09;u
|$09;u
|$,9;u
|$,9;u
|$09;u
|$09;u
|$09;u
|$(9;u
D$<9D$
D$(9D$$uQ
D$(9D$$uE
D$(9D$
T$ 9T$
D$ 9D$
D$t9D$
D$(9C|
D$(9C|u
D$(9C|u
t20+>9
|M9H(~H
D$,9D$
T$09T$
D$L9D$
D$L9D$
NL8HTu
VM8PUu@
T$09D$,
T$09D$,
l$<9h
l$,9L$$~
\$,9Z<|
archuAf
9TRUEt
9Truet
9trueuV
9FALSu
9Falsu
9falsu
9TRUEt
9Truet
9trueuV
9FALSu
9Falsu
9falsu
9leveu_f
9TRUEt
9Truet
9trueuV
9FALSu
9Falsu
9falsu
9TRUEt
9Truet
9trueuV
9FALSu
9Falsu
9falsu
9TRUEt
9Truet
9trueuV1
9FALSu
9Falsu
9falsu
9TRUEt
9Truet
9trueuV
9FALSu
9Falsu
9falsu
9TRUEt
9Truet
9trueuV
9FALSu
9Falsu
9falsu
9TRUEt
9Truet
9trueuV
9FALSu
9Falsu
9falsu
9tablu+
9nullu
H<9H8u%
+HD9HH|
H@9H8u
H<9H@u
|$T9t$p
|$@9;u
|$,9;u
|$|9;u
|$d9;u
|$H9;u
|$09;u
|$H9;u
|$09;u
|$H9;u
|$09;u
|$H9;u
|$09;u
|$X9;u
|$89;u
|$X9;u
|$89;u
|$H9;u
|$09;u
|$L9;u
|$49;u
|$,9;u
|$,9;u
|$,9;u
|$$9;u
|$ 9;u
|$X9;u
|$d9;u
|$d9;u
|$ 9;u
|$(9;u
|$ 9;u
Antivirus Signature
Bkav W32.AIDetectMalware
Lionic Trojan.Win32.GenericKDQ.4!c
Elastic malicious (high confidence)
ClamAV Clean
CMC Clean
CAT-QuickHeal Clean
Skyhigh Artemis
ALYac QD:Trojan.GenericKDQ.2602F14C45
Cylance Unsafe
Zillya Clean
CrowdStrike Clean
Alibaba TrojanDropper:Win32/LummaStealer.5ca5e56a
K7GW Trojan ( 005b9b1b1 )
K7AntiVirus Trojan ( 005b9b1b1 )
Baidu Clean
VirIT Trojan.Win32.Genus.WVS
Paloalto generic.ml
Symantec ML.Attribute.HighConfidence
tehtris Clean
ESET-NOD32 a variant of WinGo/TrojanDropper.Agent.EK
APEX Clean
Avast Win32:Malware-gen
Cynet Clean
Kaspersky Trojan.Win32.Injuke.okjn
BitDefender QD:Trojan.GenericKDQ.2602F14C45
NANO-Antivirus Clean
ViRobot Clean
MicroWorld-eScan QD:Trojan.GenericKDQ.2602F14C45
Tencent Clean
Sophos Troj/Inject-JQY
F-Secure Trojan.TR/Redcap.ylcpx
DrWeb Clean
VIPRE QD:Trojan.GenericKDQ.2602F14C45
TrendMicro TrojanSpy.Win32.LUMMASTEALER.YXEJ3Z
McAfeeD ti!D4A2D9C10BAB
Trapmine suspicious.low.ml.score
CTX exe.trojan.lummastealer
Emsisoft QD:Trojan.GenericKDQ.2602F14C45 (B)
huorong Trojan/Injector.bxh
FireEye QD:Trojan.GenericKDQ.2602F14C45
Jiangmin Clean
Webroot Clean
Varist Clean
Avira TR/Redcap.ylcpx
Fortinet W32/Agent.EK!tr
Antiy-AVL Trojan/Win32.LummaStealer
Kingsoft Win32.Trojan.Injuke.okjn
Gridinsoft Clean
Xcitium Clean
Arcabit QD:Trojan.GenericQ.2602F14C45
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft Trojan:Win32/LummaStealer.RPA!MTB
Google Detected
AhnLab-V3 Trojan/Win.LummaStealer.C5688773
Acronis Clean
McAfee Artemis!0680170D17B9
TACHYON Clean
VBA32 Clean
Malwarebytes Trojan.Dropper.GO
Panda Trj/CI.A
Zoner Clean
TrendMicro-HouseCall TrojanSpy.Win32.LUMMASTEALER.YXEJ3Z
Rising Dropper.Agent!1.10426 (CLASSIC)
Yandex Clean
Ikarus Trojan-Dropper.WinGo.Agent
MaxSecure Clean
GData QD:Trojan.GenericKDQ.2602F14C45
AVG Win32:Malware-gen
DeepInstinct MALICIOUS
alibabacloud Trojan[dropper]:Multi/Agent.EH
No IRMA results available.