popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2025-03-06 20:56:13

PE Imphash

4c949bece784d757329c70b20520186b

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x00686b0b 0x00686c00 5.04454242035
.rdata 0x00688000 0x0000046c 0x00000600 4.00334920533
.data 0x00689000 0x00000030 0x00000200 0.122275881259
.rsrc 0x0068a000 0x00064950 0x00064a00 5.64198579084
.reloc 0x006ef000 0x00000960 0x00000a00 3.57918251853

Resources

Name Offset Size Language Sub-language File type
RT_ICON 0x006ed5a0 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x006ed5a0 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x006ed5a0 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x006ed5a0 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x006ed5a0 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x006ed5a0 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x006ed5a0 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x006ed5a0 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x006ed5a0 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x006ed5a0 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x006ed5a0 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x006ed5a0 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x006ed5a0 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x006ed5a0 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x006ed5a0 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x006ed5a0 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x006ed5a0 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_ICON 0x006ed5a0 0x00000468 LANG_NEUTRAL SUBLANG_NEUTRAL GLS_BINARY_LSB_FIRST
RT_MENU 0x006eda90 0x00000060 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_DIALOG 0x006edd10 0x00000164 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_DIALOG 0x006edd10 0x00000164 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_STRING 0x006ee6d8 0x000000f6 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_STRING 0x006ee6d8 0x000000f6 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_STRING 0x006ee6d8 0x000000f6 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_STRING 0x006ee6d8 0x000000f6 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_ACCELERATOR 0x006eded0 0x00000030 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_ACCELERATOR 0x006eded0 0x00000030 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_ACCELERATOR 0x006eded0 0x00000030 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_GROUP_ICON 0x006eda08 0x00000084 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_GROUP_ICON 0x006eda08 0x00000084 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_VERSION 0x006edf00 0x00000354 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_MANIFEST 0x006ee7d0 0x0000017d LANG_ENGLISH SUBLANG_ENGLISH_US XML 1.0 document text

Imports

Library KERNEL32.dll:
0xa88000 GetCommandLineA
0xa88004 GetTempPathW
0xa88008 GetLastError
0xa8800c HeapAlloc
0xa88010 HeapFree
0xa88014 GetProcessHeap
0xa8801c Sleep
0xa88020 ExitProcess
0xa88024 GetSystemInfo
0xa88028 GetVersion
0xa8802c GetTickCount
0xa88030 GetModuleFileNameW
0xa88034 GetModuleHandleW
0xa88038 GetProcAddress
0xa8803c LoadLibraryW
0xa88040 MultiByteToWideChar
Library USER32.dll:
0xa8804c IsWindowVisible
0xa88054 MessageBoxA
0xa88058 GetWindowLongW
0xa8805c IsDialogMessageW
0xa88060 RegisterClassW
!This program cannot be run in DOS mode.
Richsz
`.rdata
@.data
@.reloc
MpVmp32Entry
.text$mn
.idata$5
.rdata
.rdata$voltmd
.rdata$zzzdbg
.idata$2
.idata$3
.idata$4
.idata$6
.rsrc$01
.rsrc$02
GetCommandLineA
GetTempPathW
GetLastError
HeapAlloc
HeapFree
GetProcessHeap
SetCriticalSectionSpinCount
ExitProcess
GetSystemInfo
GetVersion
GetTickCount
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
LoadLibraryW
MultiByteToWideChar
ConvertDefaultLocale
KERNEL32.dll
RegisterClassW
IsWindowVisible
GetWindowContextHelpId
MessageBoxA
GetWindowLongW
IsDialogMessageW
USER32.dll
g+DkHr
&SB*B.
"^0XKY
-fXI@g
!Jk63ag
hEgcDo{
,Okg 4
+yAB~~
{LI7OI;
(\1Ew{
8k1EAU,
?\9[p4
^pkVp{n
r1sw{4
VQQ9XOCD
<g:/Z>
{Bn5S/3h
d:[:.8
x<^iM>,t,[
$!M5'6F$
n^Cqc-
*;<h:V
#p~~b6a
a,uH1F
V%: 1
PKv:GYV
x|/Bgb
B)U3xTR1c
hV"D `&Pp
?aL<g
\8 8YV
EK./.D;
Q+v>Po&"
f2E@@J
looo-//
*0?Ha(
E9$rQ
}d6 )
I6&'B/
" L@Y:)
=yeeEz
pCC|!f
_8#wWs
lWxok
h~W2.|
74F3=-k1
+/aww^
FC:,?~
'SSSh4
R6#z B
;3aH"4
JjoS]{
t;'D=}
333XXX
},//0
UUU477
!|>===
VWWsq:::d
---166f
5ccc,--I
a7>>.;
^XX`rr
cyy97d
SWWGgg'g
x<N__
Ba=zDww7G
277Gss3
$4773<<
g+DkHr
&SB*B.
"^0XKY
-fXI@g
!Jk63ag
hEgcDo{
,Okg 4
+yAB~~
{LI7OI;
(\1Ew{
8k1EAU,
?\9[p4
^pkVp{n
r1sw{4
VQQ9XOCD
<g:/Z>
{Bn5S/3h
d:[:.8
x<^iM>,t,[
$!M5'6F$
n^Cqc-
*;<h:V
#p~~b6a
a,uH1F
V%: 1
PKv:GYV
x|/Bgb
B)U3xTR1c
hV"D `&Pp
?aL<g
\8 8YV
EK./.D;
Q+v>Po&"
f2E@@J
looo-//
*0?Ha(
E9$rQ
}d6 )
I6&'B/
" L@Y:)
=yeeEz
pCC|!f
_8#wWs
lWxok
h~W2.|
74F3=-k1
+/aww^
FC:,?~
'SSSh4
R6#z B
;3aH"4
JjoS]{
t;'D=}
333XXX
},//0
UUU477
!|>===
VWWsq:::d
---166f
5ccc,--I
a7>>.;
^XX`rr
cyy97d
SWWGgg'g
x<N__
Ba=zDww7G
277Gss3
$4773<<
<?xml version='1.0' encoding='UTF-8' standalone='yes'?>
<assembly xmlns='urn:schemas-microsoft-com:asm.v1' manifestVersion='1.0'>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
<security>
<requestedPrivileges>
<requestedExecutionLevel level='asInvoker' uiAccess='false' />
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
2'262P2a2t2{2
55<5Q5V5\5c5p5v5
88.8=8L8[8j8y8
9*999H9W9f9u9|9
jjjjjj
kernel32.dll
Fswwa.dll
&Notification
Jachixaobkhqha
Impact
msctls_updown32
rYSXoOXxt6
msctls_statusbar32
RDftgEtMEX
bRORY2K8re
SysAnimate32
JLKxg8Z58t
msctls_progress32
9utYZc7x90
msctls_hotkey32
F2P4C1WCLd
Lcozatrgjumzhzpun
Tahoma
msctls_progress32
WKFz1Gd6Xr
3EKeCjfQjS
IVRBxbj6KJ
msctls_hotkey32
kNAph8H5LT
VS_VERSION_INFO
StringFileInfo
040904B0
FileDescription
Graphic design software.
InternalName
EventDispatcher
OriginalFilename
RemIn.exe
CompanyName
FutureSolutions Designings.
LegalCopyright
Copyright (C) 2019-2025 for FutureSolutions Designings.
ProductName
Task Manager DeLuxe
FileVersion
4.9.37.16
ProductVersion
4.9.37.16
VarFileInfo
Translation
Welcome back!
Changes saved
Session expired
Please wait
Error occurred
Please wait
Changes saved
Changes saved
Error occurred
Session expired
Changes saved
Welcome back!
User not authenticated
Error occurred
Update available
User not authenticated
Welcome back!
User not authenticated
Welcome back!
Session expired
User not authenticated
Session expired
Welcome back!
Settings updated
Settings updated
Error occurred
Error occurred
Changes saved
Error occurred
User not authenticated
Update available
Welcome back!
Session expired
User not authenticated
Changes saved
Changes saved
Session expired
Session expired
Please wait
Please wait
Update available
Changes saved
Antivirus Signature
Bkav Clean
Lionic Trojan.Win32.Generic.4!c
Elastic malicious (high confidence)
ClamAV Clean
CMC Clean
CAT-QuickHeal Trojan.Ghanarava.1741321656764501
Skyhigh Artemis!Trojan
ALYac Clean
Cylance Unsafe
Zillya Clean
Sangfor Clean
CrowdStrike win/malicious_confidence_90% (W)
Alibaba Clean
K7GW Clean
K7AntiVirus Clean
huorong HVM:VirTool/Obfuscator.h
Baidu Clean
VirIT Clean
Paloalto Clean
Symantec Trojan Horse
tehtris Clean
ESET-NOD32 a variant of Win32/Kryptik.HYUA
APEX Malicious
Avast Win32:CrypterX-gen [Trj]
Cynet Malicious (score: 99)
Kaspersky UDS:DangerousObject.Multi.Generic
BitDefender Clean
NANO-Antivirus Clean
ViRobot Clean
MicroWorld-eScan Clean
Tencent Win32.Trojan.Genkryptik.Wmhl
Sophos Mal/Generic-S
F-Secure Trojan.TR/AD.Nekark.hettb
DrWeb Clean
VIPRE Clean
TrendMicro Trojan.Win32.AMADEY.YXFCFZ
McAfeeD ti!1BE77012B7C7
Trapmine malicious.moderate.ml.score
CTX exe.trojan.genkryptik
Emsisoft Clean
Ikarus Win32.Outbreak
FireEye Generic.mg.87fc5821b29f5cde
Jiangmin Clean
Webroot Clean
Varist W32/ABTrojan.XQAF-0496
Avira TR/AD.Nekark.hettb
Fortinet W32/GenKryptik.HGWG!tr
Antiy-AVL Trojan/Win32.GenKryptik
Kingsoft Win32.Troj.Obfuscator.h
Gridinsoft Clean
Xcitium Clean
Arcabit Clean
SUPERAntiSpyware Clean
Microsoft Trojan:Win32/Wacatac.B!ml
Google Detected
AhnLab-V3 Trojan/Win.PWSX-gen.R694548
Acronis Clean
McAfee Artemis!87FC5821B29F
TACHYON Clean
VBA32 Clean
Malwarebytes Clean
Panda Clean
Zoner Clean
TrendMicro-HouseCall Trojan.Win32.AMADEY.YXFCFZ
Rising Trojan.Kryptik!8.8 (TFE:4:bZTaiU55tHM)
Yandex Clean
SentinelOne Static AI - Suspicious PE
MaxSecure Clean
GData Win32.Trojan.Agent.GI5O7G
AVG Win32:CrypterX-gen [Trj]
DeepInstinct MALICIOUS
alibabacloud Clean
No IRMA results available.