popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2094-04-12 04:12:45

PDB Path

C:\Users\d4ps\source\repos\PdfFile\obj\Release\Pdf Reader.pdb

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x00001114 0x00001200 5.22521616676
.rsrc 0x00004000 0x00010e80 0x00011000 3.72697431914
.reloc 0x00016000 0x0000000c 0x00000200 0.0815394123432

Resources

Name Offset Size Language Sub-language File type
RT_ICON 0x00004100 0x00010828 LANG_NEUTRAL SUBLANG_NEUTRAL dBase III DBT, version number 0, next free block index 40
RT_GROUP_ICON 0x00014938 0x00000014 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_VERSION 0x0001495c 0x00000324 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_MANIFEST 0x00014c90 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
v4.0.30319
#Strings
<Main>d__0
<>u__1
Task`1
TaskAwaiter`1
<url>5__2
<>u__2
<filePath>5__3
<client>5__4
<Module>
<Main>
System.IO
mscorlib
GetByteArrayAsync
Thread
AwaitUnsafeOnCompleted
get_IsCompleted
IDisposable
PdfFile
Console
set_FileName
WriteLine
Combine
IAsyncStateMachine
SetStateMachine
stateMachine
ValueType
Dispose
Create
<>1__state
CompilerGeneratedAttribute
GuidAttribute
DebuggableAttribute
ComVisibleAttribute
AssemblyTitleAttribute
AsyncStateMachineAttribute
AssemblyTrademarkAttribute
TargetFrameworkAttribute
DebuggerHiddenAttribute
AssemblyFileVersionAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
CompilationRelaxationsAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyCompanyAttribute
RuntimeCompatibilityAttribute
set_UseShellExecute
Pdf Reader.exe
System.Threading
System.Runtime.Versioning
String
GetTempPath
get_Task
Program
System
System.Reflection
SetException
ProcessStartInfo
System.Net.Http
Pdf Reader
AsyncTaskMethodBuilder
<>t__builder
TaskAwaiter
GetAwaiter
System.Diagnostics
System.Runtime.InteropServices
System.Runtime.CompilerServices
DebuggingModes
WriteAllBytes
System.Threading.Tasks
Process
Format
Object
GetResult
SetResult
HttpClient
MoveNext
WrapNonExceptionThrows
Monksmeet
Copyright
2024
$a7e969a1-19f7-441a-8638-73194ed108c4
4.0.0.0
.NETFramework,Version=v4.7.2
FrameworkDisplayName
.NET Framework 4.7.2
PdfFile.Program+<Main>d__0
RSDS7O
C:\Users\d4ps\source\repos\PdfFile\obj\Release\Pdf Reader.pdb
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
https://github.com/AdobePdf-Reader/Pdf-Reader/raw/refs/heads/main/Pdf%20Reader1.exe
SecurityHealthHost.exe
Installing MonksMeet....
Installing MonksMeet ({0}%)
Updating Application
Installation Failed!
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
Monksmeet
FileVersion
4.0.0.0
InternalName
Pdf Reader.exe
LegalCopyright
Copyright
2024
LegalTrademarks
OriginalFilename
Pdf Reader.exe
ProductName
Monksmeet
ProductVersion
4.0.0.0
Assembly Version
4.0.0.0
Antivirus Signature
Bkav W32.AIDetectMalware.CS
Lionic Trojan.Win32.Lazy.4!c
Elastic malicious (high confidence)
ClamAV Clean
CMC Clean
CAT-QuickHeal Trojan.Ghanarava.1737097591951f55
Skyhigh Artemis!Trojan
ALYac Gen:Variant.Lazy.629628
Cylance Unsafe
Zillya Downloader.Agent.Win32.582361
Sangfor Downloader.Win32.Agent.V5dt
CrowdStrike win/malicious_confidence_70% (D)
Alibaba Trojan:MSIL/DropperX.8a1e1425
K7GW Trojan-Downloader ( 005be3921 )
K7AntiVirus Trojan-Downloader ( 005be3921 )
huorong Clean
Baidu Clean
VirIT Clean
Paloalto generic.ml
Symantec ML.Attribute.HighConfidence
tehtris Clean
ESET-NOD32 a variant of MSIL/TrojanDownloader.Agent.RNI
APEX Clean
Avast Win32:DropperX-gen [Drp]
Cynet Clean
Kaspersky HEUR:Trojan.MSIL.Agent.gen
BitDefender Gen:Variant.Lazy.629628
NANO-Antivirus Clean
ViRobot Trojan.Win.Z.Agent.75264.QP
MicroWorld-eScan Gen:Variant.Lazy.629628
Tencent Malware.Win32.Gencirc.14247c45
Sophos Mal/Generic-S
F-Secure Trojan.TR/Dldr.Agent.sbiao
DrWeb Clean
VIPRE Gen:Variant.Lazy.629628
TrendMicro Clean
McAfeeD ti!2EA5686422BD
Trapmine Clean
CTX exe.trojan.msil
Emsisoft Gen:Variant.Lazy.629628 (B)
Ikarus Trojan-Downloader.MSIL.Agent
FireEye Gen:Variant.Lazy.629628
Jiangmin Clean
Webroot Clean
Varist W32/ABTrojan.GVAN-2061
Avira TR/Dldr.Agent.sbiao
Fortinet MSIL/Agent.RNI!tr.dldr
Antiy-AVL Clean
Kingsoft MSIL.Trojan.Agent.gen
Gridinsoft Clean
Xcitium Clean
Arcabit Trojan.Lazy.D99B7C
SUPERAntiSpyware Clean
Microsoft Trojan:Win32/Wacatac.B!ml
Google Detected
AhnLab-V3 Trojan/Win.Generic.R684863
Acronis Clean
McAfee Artemis!9D347D5AC998
TACHYON Clean
VBA32 Clean
Malwarebytes Malware.AI.1031032275
Panda Trj/Chgt.AD
Zoner Clean
TrendMicro-HouseCall TROJ_GEN.R023H09LE24
Rising Downloader.Agent!8.B23 (CLOUD)
Yandex Clean
SentinelOne Clean
MaxSecure Trojan.Malware.315562381.susgen
GData Gen:Variant.Lazy.629628
AVG Win32:DropperX-gen [Drp]
DeepInstinct MALICIOUS
alibabacloud Trojan[downloader]:MSIL/Lazy.Gen
No IRMA results available.