Static | ZeroBOX

PE Compile Time

2024-11-08 16:05:46

PE Imphash

fdb088ba51afbf555d7a0f495212d8f1

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x00014306 0x00014400 6.54251020425
.rdata 0x00016000 0x000074ea 0x00007600 5.15341612316
.data 0x0001e000 0x00001fec 0x00001400 1.54451772517
.rsrc 0x00020000 0x000000f8 0x00000200 2.50805576565
.reloc 0x00021000 0x00001af8 0x00001c00 6.51779870905

Resources

Name Offset Size Language Sub-language File type
RT_MANIFEST 0x00020060 0x00000091 LANG_ENGLISH SUBLANG_ENGLISH_US XML 1.0 document text

Imports

Library KERNEL32.dll:
0x10016000 GlobalAlloc
0x10016004 GlobalLock
0x10016008 GlobalUnlock
0x1001600c WideCharToMultiByte
0x10016010 Sleep
0x10016014 WriteConsoleW
0x10016018 CloseHandle
0x1001601c CreateFileW
0x10016020 SetFilePointerEx
0x10016024 GetConsoleMode
0x10016028 GetConsoleOutputCP
0x1001602c WriteFile
0x10016030 FlushFileBuffers
0x10016034 SetStdHandle
0x10016038 HeapReAlloc
0x1001603c HeapSize
0x10016048 GetCurrentProcess
0x1001604c TerminateProcess
0x10016054 IsDebuggerPresent
0x10016058 GetStartupInfoW
0x1001605c GetModuleHandleW
0x10016064 GetCurrentProcessId
0x10016068 GetCurrentThreadId
0x10016070 InitializeSListHead
0x10016074 RtlUnwind
0x10016078 RaiseException
0x1001607c InterlockedFlushSList
0x10016080 GetLastError
0x10016084 SetLastError
0x10016088 EncodePointer
0x1001608c EnterCriticalSection
0x10016090 LeaveCriticalSection
0x10016094 DeleteCriticalSection
0x1001609c TlsAlloc
0x100160a0 TlsGetValue
0x100160a4 TlsSetValue
0x100160a8 TlsFree
0x100160ac FreeLibrary
0x100160b0 GetProcAddress
0x100160b4 LoadLibraryExW
0x100160b8 ExitProcess
0x100160bc GetModuleHandleExW
0x100160c0 GetModuleFileNameW
0x100160c4 HeapAlloc
0x100160c8 HeapFree
0x100160cc FindClose
0x100160d0 FindFirstFileExW
0x100160d4 FindNextFileW
0x100160d8 IsValidCodePage
0x100160dc GetACP
0x100160e0 GetOEMCP
0x100160e4 GetCPInfo
0x100160e8 GetCommandLineA
0x100160ec GetCommandLineW
0x100160f0 MultiByteToWideChar
0x100160f4 GetEnvironmentStringsW
0x100160fc LCMapStringW
0x10016100 GetProcessHeap
0x10016104 GetStdHandle
0x10016108 GetFileType
0x1001610c GetStringTypeW
0x10016110 DecodePointer
Library USER32.dll:
0x10016118 EmptyClipboard
0x1001611c SetClipboardData
0x10016120 CloseClipboard
0x10016124 GetClipboardData
0x10016128 OpenClipboard
Library WININET.dll:
0x10016130 InternetOpenW
0x10016134 InternetConnectA
0x10016138 HttpOpenRequestA
0x1001613c HttpSendRequestA
0x10016140 InternetReadFile
0x10016144 InternetCloseHandle

Exports

Ordinal Address Name
1 0x10001d60 ??4CClipperDLL@@QAEAAV0@$$QAV0@@Z
2 0x10001d60 ??4CClipperDLL@@QAEAAV0@ABV0@@Z
3 0x100059a0 Main
!This program cannot be run in DOS mode.
`.rdata
@.data
@.reloc
QQSVWd
URPQQh0
UQPXY]Y[
t#VhLo
zSSSSj
f9:t!V
PPPPPPPP
PPPPPWS
PP9E u:PPVWP
QQSVj8j@
bad allocation
bad exception
__based(
__cdecl
__pascal
__stdcall
__thiscall
__fastcall
__vectorcall
__clrcall
__eabi
__swift_1
__swift_2
__ptr64
__restrict
__unaligned
restrict(
delete
operator
`vftable'
`vbtable'
`vcall'
`typeof'
`local static guard'
`string'
`vbase destructor'
`vector deleting destructor'
`default constructor closure'
`scalar deleting destructor'
`vector constructor iterator'
`vector destructor iterator'
`vector vbase constructor iterator'
`virtual displacement map'
`eh vector constructor iterator'
`eh vector destructor iterator'
`eh vector vbase constructor iterator'
`copy constructor closure'
`udt returning'
`local vftable'
`local vftable constructor closure'
new[]
delete[]
`omni callsig'
`placement delete closure'
`placement delete[] closure'
`managed vector constructor iterator'
`managed vector destructor iterator'
`eh vector copy constructor iterator'
`eh vector vbase copy constructor iterator'
`dynamic initializer for '
`dynamic atexit destructor for '
`vector copy constructor iterator'
`vector vbase copy constructor iterator'
`managed vector copy constructor iterator'
`local static thread guard'
operator ""
operator co_await
operator<=>
Type Descriptor'
Base Class Descriptor at (
Base Class Array'
Class Hierarchy Descriptor'
Complete Object Locator'
`anonymous namespace'
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
InitializeCriticalSectionEx
CorExitProcess
 !"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~
Sunday
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
January
February
August
September
October
November
December
MM/dd/yy
dddd, MMMM dd, yyyy
HH:mm:ss
AreFileApisANSI
LCMapStringEx
LocaleNameToLCID
AppPolicyGetProcessTerminationMethod
?5Wg4p
%S#[k=
"B <1=
_hypot
_nextafter
Unknown exception
bad array new length
string too long
191655f008adc880f91bfc85bc56db54
c1ec479e5342a25940592acf24703eb2
4bee07
40149a3e95dd6efb1faf26970e5e6f97
CR7WFdNmCP4AOQJjRhq6
BYPt8NiD0wkycT2 4V7vhIeq
DQUrHu==
KwQg6BZi
zQRn8K==
BQLn8K==
NCRq9gqh1DFfTjin4UPwjHuKdo3hdXre3Zm=
NEnqTWqj2v5teZ6j
HV8qTB0oMDV7dZOQhwV43Yum0ZL8
NYLZ6WWQ2t==
Blfk7u==
NYLnTQSP2kVwMx==
AQV15RF=
HUngSXWn3T0=
JEZeSQB6JZV3fDij41DdZ46geJ8cfnP6JUbe7gdo1ZZ3ZCaegkHwi5K7V4bgeHr6JVLkKWK90DU=
PUngSXWn3T1i1DCP3Tn43Yum0ZLu
KYZBPziqJhVfVTi9hkZAg4WUYH8kenLo41D8KX0n2jVxfCWahlDqg427SZbreH3rPVz8Lg073EVB1SSo3U4m2GCqdHHYdYLc1ELf
HUngSXWn3T0x1Uea
HUngSXWn3T1ffZChgEL1hy==
GVzo6XOUMx==
NYvt6Qdn4N==
LEvu5Wye1DwjNXiCNCvzgY6sfXzVOnPXPQqqLa==
HEZiTQSk0T5f
NYHqTW091Zlx
AgVfSRV=
JEbVTQSk0T5ffZChgEL1hy==
NYnk8A091Zlx
LEvu5Wye1DwjNXiCNEnqiISdc4fpOYzTBkLZTMFkGd==
HEvu5ySk2jVffZChgEL1h3t=
NYHc7Wm910Jo
LEvu5Wye1DwjNXiCNEHih4dndZKp2YbeyAZB
NZHg6A0c2jFwMx==
4EHc8AJ=
NELo6Wue
NFLuTRO5ODF30N==
NEHkSXWe1Z5kejiahu==
10L0RWW73DFC
4EHc8AK20ZV8ZZO7iEvA
4EHc8AK2
LELnTQinNT0=
LELnTQinNT0x1Uea
NYHg7WyP10Axgjil
NYPk6A0oMYw=
PEZe9u==
5Enu9u==
OVHq6Qq9MBxy0ZChNDD1g5Gb04P8
NYvV6W6eNt==
LEvu5Wye1DwjNXiCNAzCiI6nbYGbY3zl2ELVFg0TOPIjNXV=
O0ZpTgqc2t==
2Uvr7q==
G08t6W6a
NC4q6WihOSxGcEGkgULd0ZKfdkvz1YLaNCHgTgKQ1ERfVD6cfUUhWICUZS==
NC4q6WihOSxGcEGkgULd0ZKfdkvz1YLaNCnqSWKhxCN30UOa
J1rg7gJ=
NCZrTRO7xCNy1kOS3Vzm2G6q0ZDcLGHTOUznTPCB1Zdsdfyt3VHi
NCZrTRO7xCNy1kOS3Vzm2G6q0ZDcLGHTOUznTPCB1ZNkdzyIiEv14S==
HUHiTK==
NCRkSXOk2Z9pfCuu4E4m2HSt0ZCbUHzTOTnzTQ473Tx3ZBuk40bvNGObeIy=
NCRkSXOk2Z9pfCuu4E4m2HSt0ZCbUHzTOTnH6WS71zBWfDCP4O==
K1rW8A e0t==
NDDr8RWj0TtP0TG2Z1r2iI2jb3rQf3PryCHc8AK2GDVp0UShiDnNg4ajckvz1YLa
NDDr8RWj0TtP0TG2Z1r2iI2jb3rQf3PryCHc8AK2ID9m0Tt6Z1HiiIR=
G08t6W6e3T0=
NCDj7gdi0UVwZCSo4VyhWICUZXrz2XTa4UnVRyCkOZlxKBO7iEu=
NCDj7gdi0UVwZCSo4VyhWICUZXrHe3Ha2ArO8AKPON==
J1zd5RWQ1N==
NCZtSgqP3T1fXUKahgrF3ZObYGLg2nzU2FH8NAdc0T4jTDCP3O==
NCZtSgqP3T1fXUKahgrF3ZObYGrq13zlyDDVSRWa
LkbXSQC 0N==
NDPk8gKhODlfXUKahgrF3ZObYGLg2nzU2FH8NAdc0T4jTDCP3O==
NDPk8gKhODlfXUKahgrF3ZObYGrq13zlyDDVSRWa
G0Zo6WWk
NCDq6Qd 1YxHejCcg0Vd0ZKfdkvz1YLaNCHgTgKQ1ERfVD6cfUUhWICUZS==
NCDq6Qd 1YxHejCcg0Vd0ZKfdkvz1YLaNCnqSWKhxCN30UOa
G0ZeKWd9
NCDqSUSkNYxFej6Sh0Lz2HSt0ZCbUHzTOTnzTQ473Tx3ZBuk40bvNGObeIy=
NCDqSUSkNYxFej6Sh0Lz2HSt0ZCbUHzTOTnH6WS71zBWfDCP4O==
G08gTAdP
NCDjTQWk3CxYeZSnNCHiiIC7SIPh1YPl4DnH6Wie1fBH0UO7
NCDjTQWk3CxYeZSnNCHiiIC7UI3e1Xq K1Hc8AZ=
G0Lp8yOn10dC1UF=
NCDg6hWr2j96eZSn2DLA4ZFaSIzV1WrxPUPc8QCPMBxy1ZijNCHiiIB=
NCDg6hWr2j96eZSn2DLA4ZFaSIzV1WrF20Dc6wGI3DF31N==
KYLHLOSJxD9BcTaegjZ2hotmJJPu2YDnOURgRX471EVoNzyl3VDAi46s0H3X1XrUPQrBOedCxDxy1Zijhu==
2kLV7Wl63ZxkdfyajFrwhpNadJDq2nflPQrpSQ6aEN==
yEPq6AWa2g0=
yEjg9N691DVked==
Content-Type: application/x-www-form-urlencoded
ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789
abcdefghijklmnopqrstuvwxyz0123456789
invalid string position
.text$di
.text$mn
.text$x
.text$yd
.idata$5
.00cfg
.CRT$XCA
.CRT$XCU
.CRT$XCZ
.CRT$XIA
.CRT$XIC
.CRT$XIZ
.CRT$XPA
.CRT$XPX
.CRT$XPXA
.CRT$XPZ
.CRT$XTA
.CRT$XTZ
.rdata
.rdata$r
.rdata$sxdata
.rdata$voltmd
.rdata$zzzdbg
.rtc$IAA
.rtc$IZZ
.rtc$TAA
.rtc$TZZ
.xdata$x
.edata
.idata$2
.idata$3
.idata$4
.idata$6
.data$r
.data$rs
.rsrc$01
.rsrc$02
CLIPPERDLL.dll
??4CClipperDLL@@QAEAAV0@$$QAV0@@Z
??4CClipperDLL@@QAEAAV0@ABV0@@Z
GlobalAlloc
GlobalLock
GlobalUnlock
WideCharToMultiByte
KERNEL32.dll
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetClipboardData
USER32.dll
InternetOpenW
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetReadFile
InternetCloseHandle
WININET.dll
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwind
RaiseException
InterlockedFlushSList
GetLastError
SetLastError
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
HeapAlloc
HeapFree
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
GetProcessHeap
GetStdHandle
GetFileType
GetStringTypeW
HeapSize
HeapReAlloc
SetStdHandle
FlushFileBuffers
WriteFile
GetConsoleOutputCP
GetConsoleMode
SetFilePointerEx
CreateFileW
CloseHandle
WriteConsoleW
DecodePointer
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
.?AVlogic_error@std@@
.?AVlength_error@std@@
.?AVout_of_range@std@@
.?AVbad_exception@std@@
.?AVexception@std@@
.?AVbad_alloc@std@@
.?AVbad_array_new_length@std@@
.?AVtype_info@@
<?xml version='1.0' encoding='UTF-8' standalone='yes'?>
<assembly xmlns='urn:schemas-microsoft-com:asm.v1' manifestVersion='1.0'>
</assembly>
0#0(020C0H0R0c0h0r0
1#1(121C1H1R1c1h1r1
2#2(222C2H2R2c2h2r2
3#3(323C3H3R3c3h3r3
4#4(424C4H4R4c4h4r4
5#5(525C5H5R5c5h5r5
6#6(626C6H6R6c6h6r6
7#7(727C7H7R7c7h7r7
8#8(828C8H8R8c8h8r8
9#9(929C9H9R9c9h9r9
:#:(:2:C:H:R:c:h:r:
;#;(;2;C;H;R;c;h;r;
<#<(<2<C<H<R<c<h<r<
=!=1=A=Q=
>/>O>h>
30M0M2b2G4
5,54595d5
676A6K6V6c6&757
969H9r9
>0>G>N>W>g>m>v>
4(4h4F5U5~5f7u7
<=)=1=F=
>+>2>8>A>Z>b>l>
?,?H?P?Z?
091?1F1L1U1d1n1
2L2V2`2k2x2
3:3D3N3Y3f3
55Y5`5p5
728<8D8Y8
9!9>9E9K9T9m9u9
9,:?:[:c:m:
;*;D;W;n;
=#=5=d=
>7>Q>d>{>
?'?9?h?
U6[6z6
:$:6:@:
:!;*;5;<;O;];c;i;o;u;{;
<(<1<U<c<i<o<u<{<
>B>J>}>
0f1o1w1
2$2-2;2D2f2m2
4$414G4
8p9@;p;;<
?4?I?c?
0&040O0`0l0
9@9X9^9
=>;>[>i>p>v>
0-090H0`0
11$1?1I1U1Z1_1z1
4&5k5p5t5x5|5
9$919b9
1"171A1T1[1g1
3&353a3
344=4v4
8"8,818<8G8[8
<?<T<_<g<r<x<
2$393K3X3q3
4*414R4{4
8&8-8a8g8
8!9'999
44&4@4O4Y4f4p4
565%7H7
788A8E8K8O8U8Y8c8v8
:Q:v;{;
>">'>L>h>v>
?K?c?s?
0%0*0/0J0Y0d0i0n0
1 1Y1}1
2!2+2A2y2
373I3}3
4M5T5[5b5o5
7#7O7u7
;";7;N;q;
;C< ='=
0?0V0v0
1F2X2j2|2
3?3Q3c3u3
=">(>P>y>
050<0S0i0
:*:I:";
4D4h4s4
5 6&6+626B6P6a6y6
7,868Q8
9@:j:r:
1%151F1
2+2>2]2
323T3x3
7-9H9^9t9|9
7;9X9r9|9
:2:<:g:q:{:
:';1;;;R;\;
<G<Q<[<r<|<
=2=<=g=q={=
='>1>;>R>\>
?G?Q?[?r?|?
020<0g0q0{0
0'111;1R1\1
2G2Q2[2r2|2
323<3g3q3{3
3'414;4R4\4
5G5Q5[5r5|5
626<6g6q6{6
6'717;7R7\7
8G8Q8[8r8|8
929<9g9q9{9
9':1:;:R:\:
;G;Q;[;r;|;
<2<<<g<q<{<
<'=1=;=R=\=
>G>Q>[>r>|>
?2?<?g?q?{?
'010;0R0\0
1G1Q1[1r1|1
222<2g2q2{2
2'313;3R3\3
4G4Q4[4r4|4
525<5g5q5{5
5'616;6R6\6
7G7Q7[7r7|7
828<8g8q8{8
8'919;9R9\9
:G:Q:[:r:|:
;2;<;g;q;{;
;'<1<;<R<\<
=G=Q=[=r=|=
>2><>g>q>{>
>'?1?;?R?\?
0G0Q0[0r0|0
121<1g1q1{1
1'212;2R2\2
L1T1X1\1`1d1h1l1p1t1x1|1
2 2$2(2,2024282<2@2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|2
3 3,30343P3T3X3\3`3d3x3|3
4 4(40484@4H4P4X4`4h4p4x4
5 5(50585@5H5P5X5`5h5p5x5
6 6(60686@6H6P6X6`6h6p6x6
7 7(70787@7H7P7X7
=`?h?p?t?x?|?
H7L7P7T7X7\7`7d7h7l7p7t7x7|7
8 8$8(8,8084888<8@8D8H8L8P8T8X8\8`8d8h8l8p8t8x8|8
<H<L<P<T<X<\<`<d<h<l<p<t<x<|<
l1t1|1
2$2,242<2D2L2T2\2d2l2t2|2
3$3,343<3D3L3T3\3d3l3t3|3
4$4,444<4D4L4T4\4d4l4t4|4
5$5,545<5D5L5T5\5d5l5t5|5
6$6,646<6D6L6T6\6d6l6t6|6
7$7,747<7D7L7T7\7d7l7t7|7
8$8,848<8D8L8T8\8d8l8t8|8
3 3(30383@3H3P3X3`3h3p3x3
4 4(40484@4H4P4X4`4h4p4x4
5 5(50585@5H5P5X5`5h5p5x5
6 6(60686@6H6P6X6`6h6p6x6
7 7(70787@7H7P7X7`7h7p7x7
8 8(80888@8H8P8X8`8h8p8x8
9 9(90989@9H9P9X9`9h9p9x9
=$=,=4=<=D=L=T=\=d=l=t=|=
; <8<L<P<`<d<h<p<
=(=8=<=L=P=X=p=
>4>D>T>d>t>x>
2@2H2P2X2`2h2p2|2
30383D3d3l3t3
4 4,4L4T4\4d4p4
5$5,545<5D5L5T5\5d5l5t5|5
6$6,646<6D6L6T6\6d6l6t6|6
7 7(7,70787L7d7h7
888@8D8T8x8
909L9P9p9
:0:P:p:
;0;P;p;
<0<L<P<X<\<`<h<|<
7 7$7(7,70747
3(3H3d3
api-ms-win-core-fibers-l1-1-1
api-ms-win-core-synch-l1-2-0
kernel32
api-ms-
mscoree.dll
((((( H
Sunday
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
January
February
August
September
October
November
December
MM/dd/yy
dddd, MMMM dd, yyyy
HH:mm:ss
api-ms-win-core-datetime-l1-1-1
api-ms-win-core-file-l1-2-2
api-ms-win-core-localization-l1-2-1
api-ms-win-core-localization-obsolete-l1-2-0
api-ms-win-core-processthreads-l1-1-2
api-ms-win-core-string-l1-1-0
api-ms-win-core-sysinfo-l1-2-1
api-ms-win-core-winrt-l1-1-0
api-ms-win-core-xstate-l2-1-0
api-ms-win-rtcore-ntuser-window-l1-1-0
api-ms-win-security-systemfunctions-l1-1-0
ext-ms-win-ntuser-dialogbox-l1-1-0
ext-ms-win-ntuser-windowstation-l1-1-0
advapi32
api-ms-win-appmodel-runtime-l1-1-2
user32
ext-ms-
zh-CHS
az-AZ-Latn
uz-UZ-Latn
kok-IN
syr-SY
div-MV
quz-BO
sr-SP-Latn
az-AZ-Cyrl
uz-UZ-Cyrl
quz-EC
sr-SP-Cyrl
quz-PE
smj-NO
bs-BA-Latn
smj-SE
sr-BA-Latn
sma-NO
sr-BA-Cyrl
sma-SE
sms-FI
smn-FI
zh-CHT
az-az-cyrl
az-az-latn
bs-ba-latn
div-mv
kok-in
quz-bo
quz-ec
quz-pe
sma-no
sma-se
smj-no
smj-se
smn-fi
sms-fi
sr-ba-cyrl
sr-ba-latn
sr-sp-cyrl
sr-sp-latn
syr-sy
uz-uz-cyrl
uz-uz-latn
zh-chs
zh-cht
CONOUT$
Antivirus Signature
Bkav W32.AIDetectMalware
Lionic Trojan.Win32.ClipBanker.Z!c
Elastic malicious (high confidence)
ClamAV Win.Malware.Zusy-10015683-0
CMC Clean
CAT-QuickHeal Trojan.Agent
Skyhigh BehavesLike.Win32.NetLoader.ch
ALYac Trojan.GenericKD.74748467
Cylance Unsafe
Zillya Trojan.Agent.Win32.4041657
Sangfor Clean
CrowdStrike win/malicious_confidence_90% (W)
Alibaba Trojan:Win32/Amadey.934a1625
K7GW Trojan ( 005b155f1 )
K7AntiVirus Trojan ( 005b155f1 )
huorong TrojanSpy/ClipBanker.y
Baidu Clean
VirIT Clean
Paloalto generic.ml
Symantec ML.Attribute.HighConfidence
tehtris Clean
ESET-NOD32 a variant of Win32/ClipBanker.SJ
APEX Clean
Avast Win32:TrojanX-gen [Trj]
Cynet Malicious (score: 100)
Kaspersky Trojan.Win32.Agent.xbudtu
BitDefender Trojan.GenericKD.74748467
NANO-Antivirus Clean
ViRobot Trojan.Win.Z.Lazy.126976.FHU
MicroWorld-eScan Trojan.GenericKD.74748467
Tencent Malware.Win32.Gencirc.11cb7ef6
Sophos Mal/Generic-S
F-Secure Trojan.TR/ClipBanker.sxlrr
DrWeb Trojan.PWS.Amadey.18
VIPRE Trojan.GenericKD.74748467
TrendMicro TROJ_GEN.R014C0DKA24
McAfeeD ti!885BF0B3B12B
Trapmine Clean
CTX dll.trojan.clipbanker
Emsisoft Trojan.GenericKD.74748467 (B)
Ikarus Trojan.Win32.Clipbanker
FireEye Trojan.GenericKD.74748467
Jiangmin Clean
Webroot Clean
Varist W32/ABTrojan.CRHJ-7824
Avira TR/ClipBanker.sxlrr
Fortinet W32/ClipBanker.SJ!tr
Antiy-AVL Trojan/Win32.Amadey
Kingsoft Win32.Trojan.Agent.xbudtu
Gridinsoft Trojan.Win32.Amadey.tr
Xcitium Clean
Arcabit Trojan.Generic.D4749233
SUPERAntiSpyware Clean
ZoneAlarm UDS:DangerousObject.Multi.Generic
Microsoft Trojan:Win32/Amadey.MA!MTB
Google Detected
AhnLab-V3 Trojan/Win.Amadey.C5684740
Acronis Clean
McAfee Artemis!0D3418372C85
TACHYON Clean
VBA32 TrojanDownloader.Deyma
Malwarebytes Trojan.ClipBanker
Panda Trj/GdSda.A
Zoner Clean
TrendMicro-HouseCall TROJ_GEN.R014C0DKA24
Rising Trojan.ClipBanker!8.5FB (TFE:5:ejfSgHdx95N)
Yandex Clean
SentinelOne Clean
MaxSecure Trojan.Malware.298530211.susgen
GData Trojan.GenericKD.74748467
AVG Win32:TrojanX-gen [Trj]
DeepInstinct MALICIOUS
alibabacloud Clean
No IRMA results available.