popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2024-12-29 00:20:00

PE Imphash

71e0d6fab5f31c6d74b68ae2c05f0d5a

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x0004017b 0x00040200 6.73046077997
.rdata 0x00042000 0x000020bd 0x00002200 6.51069890711
.data 0x00045000 0x0000d618 0x00005400 6.5977296994
.reloc 0x00053000 0x00003b24 0x00003c00 6.48920593004

Imports

Library KERNEL32.dll:
0x443d0c CreateProcessW
0x443d10 ExitProcess
0x443d14 GetCommandLineW
0x443d18 GetCurrentProcessId
0x443d1c GetCurrentThreadId
0x443d20 GetLogicalDrives
0x443d24 GetSystemDirectoryW
0x443d28 GlobalLock
0x443d2c GlobalUnlock
Library SHELL32.dll:
0x443d34 SHEmptyRecycleBinW
0x443d38 SHGetFileInfoW
Library USER32.dll:
0x443d44 CloseClipboard
0x443d48 GetClipboardData
0x443d4c GetDC
0x443d50 GetForegroundWindow
0x443d54 GetSystemMetrics
0x443d58 GetWindowLongW
0x443d5c OpenClipboard
0x443d60 ReleaseDC
Library GDI32.dll:
0x443d68 BitBlt
0x443d70 CreateCompatibleDC
0x443d74 CreateDIBSection
0x443d78 DeleteDC
0x443d7c DeleteObject
0x443d80 GetCurrentObject
0x443d84 GetDIBits
0x443d88 GetObjectW
0x443d8c GetPixel
0x443d90 SelectObject
0x443d94 StretchBlt
Library ole32.dll:
0x443d9c CoCreateInstance
0x443da0 CoInitializeEx
0x443dac CoSetProxyBlanket
0x443db0 CoUninitialize
Library OLEAUT32.dll:
0x443db8 SysAllocString
0x443dbc SysFreeString
0x443dc0 VariantClear
0x443dc4 VariantInit
!This program cannot be run in DOS mode.$
`.rdata
@.data
.reloc
l$,j.W
E(;D$<
+F@;F$
~</vBV
F0;F4r
+N@;N$v(
N0;N4s
F0;F4s
V0;V4s
V0;V4s
B;V<sS
~0;~4s
V0;V4s
V0;V4s
N0;N4r
F0;F4r
N0;N4r
F0;F4r
N0;N4s
V0;V4r
N0;N4s
~0;~4s
~0;~4s
j)h}(D
L$HPQh
L$HPQW
D$ PUW
V0;V4s
N0;N4s
V0;V4s
N0;N4s
F0;F4s
N0;N4s
N0;N4s
F0;F4s
O0;O4s
o0;o4s
_0;_4s
O0;O4s
O0;O4s
G0;G4s
D$#geYd
D$'QmST
D$/OsO
D$3@DrF
D$;AH3
D$bRY`
D$fIIMC
D$nBDL
D$rNAH
D$vuP1
D$f961
D$fT_XY
D$HEq\s
D$LDuVw
D$ B![#
D$(()1
D$ B![#
D$(()1
PQRWSVh
D$@.a]bf
t$@QRSP
t$(j(R
;L$$t&
;L$$t&
T8t!G9
$P@I=_
D$hU2F0
D$hU2F0
k7_@=A
L$8QVPj
D$4NO1
L$xQVj
d$?8'u
D$LTRZ
D$Tkwg`
D$`{xw`f
D$DmH{B
D$HGWhH
D$LtZON
D$POAa_f
D$6MHx
D$>lpH
D$.urz|
D$2n~xx
D$h,mD
D$\@mD
D$TLmD
D$LXmD
t$8xVV
D$P(99#
D$T%<$
D$ OIE{
D$(h
D$\521
T$TPWQR
D$z]VWC
D$~QVTH
D$@>e8g
D$4PWV
L$0SVP
D$LT/f]
D$PYzW+
D$TxHLG
D$XdMKP
D$\Sin;
D$`lmeH
D$hj`j
VWQjRj
6QjRj
-uC<+
D$$lR@
D$$+O;l
D$,dinFf
\$$jUS
D$$jLB
D$('C1
D$$/:8*
D$,#1)
D$,BVAI
D$,{NI
p&X0{q
+T$ 2T$
D$ ,./,
PQSRVj
|$tRWj
D$D#D$<
t(WVPj
L$(QRj
T$$BG9
)%~tsG9
[3o@I=
D$(MVWT
t$hj,Q
D$ hkjm
t$@j$S
t$@j$S
.,0123456789abcdefxp
0123456789ABCDEFXP
00010203040506070809101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899
MbP?-C
-(;aU,$
00010203040506070809101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899
000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF
HpOoIh--@dxrkl0rd
GAbbTxtluHJPVtFQSopCH642uiNyZr7B6Z2KEju8XyV7arQ6fwDPEyclu3454i1v
wW'L`_q
GAbbTxtluHJPVtFQSopCH642uiNyZr7B6Z2KEju8XyVqZ7kmfwbXBTwz/yMi5TI=
GAbbTxtluHJPVtFQSopCH642uiNyZr7B6Z2KEju8XyV2abI8YgbNBjszu3454i1v
GAbbTxtluHJPVtFQSopCH642uiNyZr7B6Z2KEju8XyVsb6kqaxDaHiY1tCIgpDF3wUY=
GAbbTxtluHJPVtFQSopCH642uiNyZr7B6Z2KEju8XyV+dLoifg7fGz0jon454i1v
GAbbTxtluHJPVtFQSopCH642uiNyZr7B6Z2KEju8XyVvbrQjfhfLHT0/tH454i1v
GAbbTxtluHJPVtFQSopCH642uiNyZr7B6Z2KEju8XyV5ZKk6axHBHT8lv3454i1v
GAbbTxtluHJPVtFQSopCH642uiNyZr7B6Z2KEju8XyV2Y7o9YgbKFz8lvn454i1v
GAbbTxtluHJPVtFQSopCH642uiNyZr7B6Z2KEju8XyV+Z6g7YhbMGyw9tH456DE=
0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ
b9abc76ce53b6fc3a03566f8f764f5ea
CreateProcessW
ExitProcess
GetCommandLineW
GetCurrentProcessId
GetCurrentThreadId
GetLogicalDrives
GetSystemDirectoryW
GlobalLock
GlobalUnlock
SHEmptyRecycleBinW
SHGetFileInfoW
SHGetSpecialFolderPathW
CloseClipboard
GetClipboardData
GetForegroundWindow
GetSystemMetrics
GetWindowLongW
OpenClipboard
ReleaseDC
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBSection
DeleteDC
DeleteObject
GetCurrentObject
GetDIBits
GetObjectW
GetPixel
SelectObject
StretchBlt
CoCreateInstance
CoInitializeEx
CoInitializeSecurity
CoQueryClientBlanket
CoSetProxyBlanket
CoUninitialize
KERNEL32.dll
SHELL32.dll
USER32.dll
GDI32.dll
ole32.dll
OLEAUT32.dll
wx {cq
^B.IgZ7]F
2X?nko
M+Pb_k
~QusVm
(^0*))
2#\SG+
p_IOek,
Ex(Sn!
6N6+7L7
383J3[3
4!4-474
k5,6Z6u6
8(8b8y8
9S9X9e9v9
5"6f6p6N7
:Y;E<Q<\<k<v<
=!='=H=S=`=
>->8>Q>\>n>{>
?#?.?;?F?S?a?n?y?
0*050D0s0y0
4=5H5Z5e5
0V1j1x1
3$3?3E3S3Y3b3u3{3
4:4R4]4x4
;1<?<J<Z<l<s<
= =L=X=^=
>I>T>`>g>r>
2"212C3I3g3r3
4,5:5@5n5|5
5)6N6u6
;X;C>Q>\>k>v>
>?*?4???k?v?
60E0n0
0&151^1
333L3W3m3x3
4#444Q4b4|4
;,;7;n;
>'>4>?>V>
3M3X3u3
:::I:}:
9b:L;V;~;(<2<Z<
6q7[9a9f9
;);>;U;[;m;
;$<*<C<I<k<
=:=~=h?
<1K1Q1
4*5^5f5
6"787>7
7-898n8|8
9:9X9b9
2)393^3
8)999^9
7B8X8p8
<.=4=:=[=e=
4/4Z4u4
5656Q6e6
:V;g;X<
=0I0x0
667B7w7
8.8f9q9
:+:6:K:V:k:v:
< =/=M=
"2-2M2X2t2
9*9I9T9h9s95:^:i:
<1<<<n<
=7=B=d=
>)>3>>>[>f>`?k?
E1V1_2e2
1!1'1R1
2 2$2(2,2024282<2@2D2H2L2P2T2}4
:':H:[:j:
<2<P<i<
=<=l={=
>5>D>b>
?>?S?j?
376U6n6;9";=;
=,>J>c>
>3?X?\?`?d?h?l?p?t?x?|?
6)6?6]6s6
7%7C7a7
818G8]8{8
81<:<a<
6I8R8u8
3K4[4t5Q6f6 8S8r8S9f9
:":<:Q:k:
;/;D;T;w;
< <P<\<
9N9Z9b9B:P;~;
;5<;<a<
A8Z9m9
?%?J?Q?t?~?
184>4T4v4>8r8
0.1:1j1!4
?2?B?e?k?
3T4Z4b4{4
6+676E6S6
8i89%9C9M9w9
:+:V:h:r:|:
;!<E<o<
>K>W>_>
3!4T4y4
5-737a7
939G9V9
=>?f?v?
0&1/1A1
424<4M4S4_4h4n4
465c5l5
>>?K?Q?
0 0$0(0,0004080<0@0D0H0L0
78)868
=E?P?b?m?
8,878w8
809;9`:k:p;{;9<X<c<v>
0A2L2X2c2
3D346:6E6[6
>>2>8>g>r>
233>3v3
5#5:5P5f5|5
6!666<6Q6g6m6
7+7A7W7]7r7
8%8;8Q8g8}8
9 969L9b9x9~9
:&:<:B:W:]:r:x:
;;%;:;@;U;[;p;v;
;!<=<s<
;.;=;[;
<<%<5<;<K<U<_<i<s<}<
=%=/=5=E=O=U=e=o=u=
>%>/>9>?>O>Y>c>i>y>
?)?/???E?
7#8H8t8
6+7B7G7m7
0%0R0t0
2 2+262A2L2W2b2m2
333F3d4
<!<7<M<c<y<
=)=?=U=k=
>1>G>]>s>
?#?9?O?e?{?
0+0A0W0m0
131I1_1u1
2)2G2e2
373U3s3
4'4E4c4
5)5A5^9s:
5&50565F5P5Z5`5p5z5
6 6*646:6J6T6^6h6r6x6
7&707:7D7J7Z7d7n7t7
8$8.888>8N8T8d8j8z8
9*909@9F9V9\9l9r9
:8;f;|;
<!=8=c=
>A?J?n?
666F7R7s7
93<L<l<
=!=1=@=P=d=
1*1A1S1m1
<:=F=x=j>v>
2&323d3
)0)171B1
3-383N3T3p3
44Q4W4
8%8H8S8g8m8
8\9n9y9
::):4:?:J:U:^:r:{:
<I=X=6>A>8?>?m?s?
0$0.040l1t1z1
252L2W2'3
4I4]4h4
4&5:5E5P5i5w5}5
5!6*656Q6
7"8/8J8R8
9%9+9p9
:+:6:a:g:)<3<><V<a<~<
=.=[=r=}=
>?>J>a>k>q>
?.?9?J?U?j?p?x?
3F3^3y3
8,9A9F9`9x9
9-;9;f;
6.7:7n7^9j9
9.;:;o;
T5X5\5`5d5h5l5p5t5x5|5
6 6$6(6,6064686<6@6D6H6L6P6T6X6\6`6d6h6l6p6t6x6|6
7 7$7(7,7074787<7@7D7H7L7P7T7X7\7`7d7h7l7p7t7x7|7
2 2$2(2,2024282<2@2D2
0 0$0(0,0004080<0@0D0H0L0P0T0X0\0`0d0h0l0p0t0x0|0
1 1$1(1,1014181<1@1D1L1P1T1X1\1`1d1h1l1p1t1x1|1
2 2$2(2,2024282<2@2D2H2L2P2T2X2\2`2d2l2p2t2x2|2
3 3$3(3,3034383<3@3D3H3L3P3T3\3`3h3l3
4 4H4L4T4X4h4l4t4x4
54585@5D5L5P5X5\5l5p5
5P6T6X6\6`6d6h6l6p6t6x6|6
7,70787<7D7H7P7T7\7`7h7l7t7x7
8 8$8,808@8D8L8P8
8H9L9T9X9h9l9t9x9
:0:4:8:<:@:D:H:L:P:T:X:\:`:d:h:l:p:t:x:|:
; ;$;(;,;0;4;8;<;@;D;H;L;P;X;\;`;d;h;x;|;
< <8<<<D<H<P<T<d<h<p<t<|<
= =$=,=0=8=<=D=H=l=x=|=
? ?$?(?,?0?4?8?<?@?D?H?L?P?T?X?\?`?d?h?l?p?t?x?|?
0 0$0(0,0004080<0@0D0H0L0P0T0X0\0`0d0h0l0p0t0x0|0
1 1$1(1,1014181<1@1D1H1L1P1T1X1\1`1d1h1l1p1t1x1|1
2 2$2(2,2024282<2@2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|2
3 3$3(3,3034383<3@3D3H3L3P3T3X3\3`3d3h3l3p3t3x3|3
4 4$4(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|4
5 5$5(5,5054585<5@5D5H5L5P5X5\5d5h5l5p5t5x5|5
6 6$6(6,6064686<6@6D6H6L6P6T6X6\6`6d6h6l6p6t6x6|6
7 7$7(7,7074787<7@7D7H7L7P7T7X7\7`7d7h7l7p7t7x7|7
8 8$8(8,808<8D8H8L8P8T8X8\8`8d8h8l8p8t8x8|8
9,909H9L9\9`9x9|9
:(:,:4:8:@:D:L:P:X:\:l:p:
; ;$;(;,;0;4;8;<;@;D;H;L;P;T;X;\;`;d;h;l;p;t;x;|;
< <$<(<,<0<4<8<<<@<D<H<L<P<T<X<\<`<d<h<l<p<t<x<|<
= =$=(=,=0=@=D=L=P=X=\=
> >$>(>,>0>4>8><>@>D>H>L>P>T>X>\>`>d>l>p>t>x>|>
? ?$?(?,?0?4?8?<?@?D?T?X?\?`?d?h?l?p?t?x?|?
0 0$0(0,0004080<0@0D0H0L0P0T0X0\0`0d0h0l0p0t0x0|0
1 1$1(1,1014181<1@1D1H1L1P1T1X1\1`1d1h1l1p1t1x1|1
2 2$2(2,2024282<2@2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|2
3 3$3(3,30343@3D3H3L3P3T3X3\3`3d3h3l3p3t3x3|3
4 4$4(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|4
5 5$5(5,5054585<5@5D5H5L5P5T5X5\5`5d5h5l5p5t5x5|5
6 6$6(6,6064686<6@6D6H6L6P6T6X6\6`6d6h6l6p6t6x6|6
7 7$7(7,7074787<7@7D7H7L7P7X7\7`7d7h7l7p7t7x7|7
8 8$8(8084888<8@8D8H8L8P8T8X8\8`8d8h8l8p8t8x8|8
9 9$9(9,9094989<9@9D9H9L9P9T9X9\9`9d9h9l9p9t9x9|9
: :$:(:,:0:4:8:<:@:D:H:L:P:T:X:\:`:d:h:l:p:t:x:|:
; ;$;(;,;0;4;8;<;@;D;H;L;P;T;d;h;l;p;t;x;|;
< <$<(<,<8<@<D<H<L<P<T<X<\<`<d<h<l<p<t<x<|<
= =$=(=,=0=4=8=<=@=D=H=L=P=T=X=\=`=d=h=l=p=t=x=|=
> >$>(>,>0>4>8><>@>D>H>L>P>T>X>\>`>d>h>l>p>t>x>|>
? ?$?(?,?0?4?8?<?@?D?H?L?P?T?X?\?`?d?h?l?p?t?x?|?
0 0$0(0,0004080<0@0D0H0L0P0T0X0\0`0d0h0l0p0t0x0|0
1 1$1(1,1014181<1@1D1H1L1P1T1X1\1`1d1h1l1p1t1x1|1
2 2$2(2,2024282<2@2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|2
30343T3X3p3t3
4(4<4@4P4T4\4`4h4l4t4x4
5 5$5,505@5D5L5P5`5d5t5x5
6 60646<6@6X6\6l6p6
7 7(7,74787X7\7l7p7x7|7
8 8$8,80888<8D8H8X8\8d8h8p8t8
9$9(90949
:$:(:0:4:D:H:P:T:\:`:p:t:|:
;$;(;8;<;\;`;h;l;|;
< <$<(<,<0<4<8<<<@<D<H<L<P<T<X<\<`<d<h<l<p<t<x<|<
= =$=(=,=0=4=8=<=@=D=H=L=P=T=X=\=`=d=h=l=p=t=x=|=
> >$>(>,>0>4>8><>@>D>H>L>P>T>X>\>`>d>h>l>p>t>x>|>
? ?$?(?,?0?4?8?<?@?D?H?L?P?T?X?\?`?d?h?l?p?t?x?|?
0 0$0(0,0004080<0@0D0H0L0P0T0X0\0`0d0h0l0p0t0x0|0
1$1(181<1L1P1X1\1l1p1x1|1
2(2,24282@2D2L2P2p2t2|2
30343<3@3H3L3d3h3p3t3
3$4(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|4
5 5$5(5,505@5D5H5L5P5T5X5\5`5d5h5l5p5t5x5|5
6 6$6,646<6@6D6H6`6d6l6p6x6|6
7$7(70747D7H7P7T7d7h7p7t7
8 8$8(8,8084888<8@8D8H8L8P8T8X8\8`8d8h8l8p8t8x8|8
9 9(9,9094989<9@9D9H9L9P9T9X9\9`9d9h9l9p9t9x9|9
: :$:,:0:@:D:L:P:X:\:t:x:
;$;(;0;4;T;X;`;d;l;p;
;$<(<@<D<T<X<`<d<l<p<
= =0=4=<=@=P=T=\=`=h=l=t=x=
> >(>,>T>X>`>d>
? ?$?(?,?0?4?8?<?D?H?L?T?X?\?`?d?h?l?p?t?|?
0 0$0(0,0004080@0D0H0L0P0T0X0\0`0d0h0l0p0t0x0|0
1 1$1(181<1@1D1H1L1P1T1X1\1`1d1h1t1|1
2 2$2(2,2024282<2@2D2H2L2P2T2X2
Djjjjjj
jjjjjj
jjjjjj
jjjjjj
#+3;CScs
Antivirus Signature
Bkav W32.AIDetectMalware
Lionic Trojan.Win32.LummaStealer.i!c
Elastic malicious (high confidence)
MicroWorld-eScan Gen:Heur.Mint.Zard.25
CMC Clean
CAT-QuickHeal Clean
ALYac Clean
Cylance Unsafe
Zillya Trojan.Convagent.Win32.578603
Sangfor Spyware.Win32.Lummastealer.V8un
CrowdStrike win/malicious_confidence_90% (D)
Alibaba TrojanPSW:Win32/LummaC.38ae3de1
K7GW Trojan ( 005bef1d1 )
K7AntiVirus Trojan ( 005bef1d1 )
huorong HEUR:TrojanSpy/LummaStealer.a
VirIT Trojan.Win32.GenusT.EGWX
Paloalto Clean
Symantec ML.Attribute.HighConfidence
tehtris Clean
ESET-NOD32 a variant of Win32/Spy.LummaStealer.I
APEX Malicious
Avast Win32:Evo-gen [Trj]
Cynet Malicious (score: 100)
Kaspersky HEUR:Trojan-PSW.Win32.Convagent.gen
BitDefender Gen:Heur.Mint.Zard.25
NANO-Antivirus Virus.Win32.Gen.ccmw
ViRobot Clean
Tencent Malware.Win32.Gencirc.10c08c1f
Sophos Mal/Generic-S
F-Secure Trojan.TR/Redcap.tfqqj
DrWeb Trojan.PWS.Lumma.1113
VIPRE Gen:Heur.Mint.Zard.25
TrendMicro Clean
McAfeeD Real Protect-LS!3DB6763AEBEA
Trapmine malicious.high.ml.score
CTX exe.trojan.lummastealer
Emsisoft Gen:Heur.Mint.Zard.25 (B)
Ikarus Trojan-Spy.Win32.LummaStealer
FireEye Generic.mg.3db6763aebea7031
Jiangmin Clean
Webroot Clean
Varist W32/Lumma.H.gen!Eldorado
Avira Clean
Fortinet W32/LummaStealer.I!tr.spy
Antiy-AVL Trojan/Win32.Agent
Kingsoft malware.kb.a.998
Gridinsoft Trojan.Win32.Agent.sa
Xcitium Clean
Arcabit Trojan.Mint.Zard.25
SUPERAntiSpyware Clean
Microsoft Trojan:Win32/LummaC.AU!MTB
Google Detected
AhnLab-V3 Trojan/Win.Generic.R686935
Acronis Clean
VBA32 BScope.TrojanPSW.Lumma
TACHYON Clean
Malwarebytes Malware.AI.3917377028
Panda Trj/Genetic.gen
Zoner Clean
TrendMicro-HouseCall Clean
Rising Spyware.LummaStealer!8.1A464 (TFE:2:4GhwlW5QpOO)
Yandex Clean
SentinelOne Static AI - Suspicious PE
MaxSecure Trojan.Malware.109650624.susgen
GData Win32.Trojan.PSE.11VMAPP
AVG Win32:Evo-gen [Trj]
DeepInstinct MALICIOUS
alibabacloud Trojan[stealer]:Win/LummaStealer.I
No IRMA results available.