popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2024-09-30 21:09:15

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x00000a24 0x00000c00 5.0415177754
.rsrc 0x00004000 0x000002a0 0x00000400 2.13791071778
.reloc 0x00006000 0x0000000c 0x00000200 0.0776331623432

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x00004058 0x00000244 LANG_NEUTRAL SUBLANG_NEUTRAL data

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
D$$[[aYZQ
hws2_ThLw&
PPPP@P@Ph
WhunMa
v2.0.50727
#Strings
<Module>
msf443.exe
Shellcode
mscorlib
System
Object
MEM_COMMIT
PAGE_EXECUTE_READWRITE
VirtualAlloc
CreateThread
CloseHandle
WaitForSingleObject
System.Security.Permissions
SecurityPermissionAttribute
SecurityAction
System.Runtime.CompilerServices
CompilationRelaxationsAttribute
RuntimeCompatibilityAttribute
msf443
<PrivateImplementationDetails>{F37AD7EC-D9AD-4E32-9B2F-E1C9E15649F1}
CompilerGeneratedAttribute
ValueType
__StaticArrayInitTypeSize=354
$$method0x6000001-1
RuntimeHelpers
RuntimeFieldHandle
InitializeArray
IntPtr
op_Explicit
System.Runtime.InteropServices
Marshal
DllImportAttribute
kernel32
lpStartAddr
flAllocationType
flProtect
lpThreadAttributes
dwStackSize
lpStartAddress
dwCreationFlags
lpThreadId
handle
hHandle
dwMilliseconds
.cctor
System.Security
UnverifiableCodeAttribute
WrapNonExceptionThrows
System.Security.Permissions.SecurityPermissionAttribute, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
SkipVerification
_CorExeMain
mscoree.dll
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
FileDescription
FileVersion
0.0.0.0
InternalName
msf443.exe
LegalCopyright
OriginalFilename
msf443.exe
ProductVersion
0.0.0.0
Assembly Version
0.0.0.0
Antivirus Signature
Bkav W32.AIDetectMalware.CS
Lionic Trojan.Win32.Marte.4!c
Elastic Windows.Trojan.Metasploit
MicroWorld-eScan Generic.ShellCode.Marte.3.9134B131
CMC Clean
CAT-QuickHeal Clean
Skyhigh Artemis!Trojan
ALYac Generic.ShellCode.Marte.3.9134B131
Cylance Unsafe
Zillya Clean
Sangfor HackTool.Win32.Reverse_Bin_v2_5_through_v4_x.uwccg
CrowdStrike win/malicious_confidence_100% (W)
Alibaba Trojan:Win32/CobaltStrike.5c89
K7GW Clean
K7AntiVirus Clean
huorong Backdoor/Meterpreter.ak
Baidu Clean
VirIT Clean
Paloalto generic.ml
Symantec Trojan Horse
tehtris Clean
ESET-NOD32 a variant of MSIL/Rozena.W
APEX Malicious
Avast Win32:Meterpreter-C [Trj]
Cynet Clean
Kaspersky HEUR:Trojan.Win32.Generic
BitDefender Generic.ShellCode.Marte.3.9134B131
NANO-Antivirus Clean
ViRobot Clean
Tencent Trojan.Win32.Metasploit_heur.16000690
Sophos ATK/TurtleLd-N
F-Secure Trojan.TR/Rozena.Gen
DrWeb Trojan.PackedNET.2209
VIPRE Generic.ShellCode.Marte.3.9134B131
TrendMicro Backdoor.Win32.COBEACON.SMJMAB
McAfeeD Real Protect-LS!8CA7845E5556
Trapmine malicious.moderate.ml.score
CTX exe.trojan.rozena
Emsisoft Generic.ShellCode.Marte.3.9134B131 (B)
Ikarus Trojan.MSIL.Rozena
FireEye Generic.mg.8ca7845e555675b9
Jiangmin Clean
Webroot Clean
Varist W32/ABTrojan.YNED-9286
Avira TR/Rozena.Gen
Fortinet MSIL/Rozena.FW!tr
Antiy-AVL Clean
Kingsoft Win32.Trojan.Generic.a
Gridinsoft Trojan.Win32.Packed.sa
Xcitium Clean
Arcabit Generic.ShellCode.Marte.3.9134B131
SUPERAntiSpyware Clean
ZoneAlarm HEUR:Trojan.Win32.Generic
Microsoft VirTool:MSIL/Meterpreter.G!MTB
Google Detected
AhnLab-V3 Trojan/Win32.RL_Generic.C4234163
Acronis Clean
McAfee Artemis!8CA7845E5556
TACHYON Clean
VBA32 Clean
Malwarebytes Generic.Malware/Suspicious
Panda Clean
Zoner Clean
TrendMicro-HouseCall Clean
Rising HackTool.Swrort!1.6477 (CLASSIC)
Yandex Clean
SentinelOne Static AI - Malicious PE
MaxSecure Trojan.Malware.300983.susgen
GData Generic.ShellCode.Marte.3.9134B131
AVG Win32:Meterpreter-C [Trj]
DeepInstinct MALICIOUS
alibabacloud Clean
No IRMA results available.