popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2025-01-27 19:12:23

PDB Path

D:\Source Codes\fivem injector\fivem injector\x64\Release\loader.pdb

PE Imphash

9e9012fce1d985d6218cdb2dab474e32

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x00001d99 0x00001e00 6.06918807146
.rdata 0x00003000 0x00001ca6 0x00001e00 4.26991173223
.data 0x00005000 0x00000720 0x00000200 2.07357345676
.pdata 0x00006000 0x000002e8 0x00000400 3.10521859617
.rsrc 0x00007000 0x000001e8 0x00000200 4.7561464322
.reloc 0x00008000 0x00000058 0x00000200 1.2172153106

Resources

Name Offset Size Language Sub-language File type
RT_MANIFEST 0x00007060 0x00000188 LANG_ENGLISH SUBLANG_ENGLISH_US XML 1.0 document text

Imports

Library KERNEL32.dll:
0x140003000 SetConsoleTextAttribute
0x140003008 SetConsoleTitleA
0x140003010 GetStdHandle
0x140003018 Sleep
0x140003020 RtlLookupFunctionEntry
0x140003028 RtlVirtualUnwind
0x140003030 UnhandledExceptionFilter
0x140003040 GetCurrentProcess
0x140003048 TerminateProcess
0x140003058 QueryPerformanceCounter
0x140003060 GetCurrentProcessId
0x140003068 GetCurrentThreadId
0x140003070 GetSystemTimeAsFileTime
0x140003078 InitializeSListHead
0x140003080 IsDebuggerPresent
0x140003088 GetModuleHandleW
0x140003090 RtlCaptureContext
Library SHELL32.dll:
0x1400030f0 ShellExecuteW
Library MSVCP140.dll:
Library urlmon.dll:
0x140003280 URLDownloadToFileW
Library VCRUNTIME140_1.dll:
0x140003158 __CxxFrameHandler4
Library VCRUNTIME140.dll:
0x140003100 __C_specific_handler
0x140003108 __std_terminate
0x140003110 __current_exception
0x140003118 __std_exception_destroy
0x140003120 memcpy
0x140003128 _CxxThrowException
0x140003130 memmove
0x140003138 __std_exception_copy
0x140003148 memset
Library api-ms-win-crt-runtime-l1-1-0.dll:
0x1400031c8 _crt_atexit
0x1400031d0 _c_exit
0x1400031d8 __p___argv
0x1400031e0 _initterm_e
0x1400031e8 _initialize_onexit_table
0x1400031f0 exit
0x140003200 _initterm
0x140003218 _cexit
0x140003220 _set_app_type
0x140003228 _seh_filter_exe
0x140003230 __p___argc
0x140003238 _exit
0x140003248 system
0x140003250 terminate
0x140003258 _configure_narrow_argv
Library api-ms-win-crt-filesystem-l1-1-0.dll:
0x140003168 remove
Library api-ms-win-crt-heap-l1-1-0.dll:
0x140003178 _set_new_mode
0x140003180 free
0x140003188 _callnewh
0x140003190 malloc
Library api-ms-win-crt-math-l1-1-0.dll:
0x1400031b0 __setusermatherr
Library api-ms-win-crt-stdio-l1-1-0.dll:
0x140003268 _set_fmode
0x140003270 __p__commode
Library api-ms-win-crt-locale-l1-1-0.dll:
0x1400031a0 _configthreadlocale
!This program cannot be run in DOS mode.
`.rdata
@.data
.pdata
@.rsrc
@.reloc
@SUVAVAWH
fD9<Zu
A_A^^][
l$ VWAVH
VWATAVAWH
0A_A^A\_^
@SVAVAWH
8A_A^^[
VWATAVAWH
0A_A^A\_^
u/HcH<H
bad allocation
Unknown exception
bad array new length
string too long
Loader
mode con: cols=30 lines=10
Checking for Updates
Loading, Please wait..
C:\Windows\prefetch\VsGraphicsResou?r?ces.exe
D:\Source Codes\fivem injector\fivem injector\x64\Release\loader.pdb
.text$mn
.text$mn$00
.text$x
.idata$5
.00cfg
.CRT$XCA
.CRT$XCAA
.CRT$XCZ
.CRT$XIA
.CRT$XIAA
.CRT$XIAC
.CRT$XIZ
.CRT$XPA
.CRT$XPZ
.CRT$XTA
.CRT$XTZ
.rdata
.rdata$r
.rdata$voltmd
.rdata$zzzdbg
.rtc$IAA
.rtc$IZZ
.rtc$TAA
.rtc$TZZ
.xdata
.xdata$x
.idata$2
.idata$3
.idata$4
.idata$6
.data$r
.data$rs
.pdata
.rsrc$01
.rsrc$02
SetConsoleTextAttribute
SetConsoleTitleA
GetStdHandle
KERNEL32.dll
ShellExecuteW
SHELL32.dll
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?uncaught_exception@std@@YA_NXZ
?_Xlength_error@std@@YAXPEBD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?good@ios_base@std@@QEBA_NXZ
MSVCP140.dll
URLDownloadToFileW
urlmon.dll
__CxxFrameHandler4
__std_exception_destroy
__std_exception_copy
__std_terminate
__C_specific_handler
_CxxThrowException
__current_exception
__current_exception_context
memset
VCRUNTIME140_1.dll
VCRUNTIME140.dll
remove
system
_invalid_parameter_noinfo_noreturn
_callnewh
malloc
_seh_filter_exe
_set_app_type
__setusermatherr
_configure_narrow_argv
_initialize_narrow_environment
_get_initial_narrow_environment
_initterm
_initterm_e
_set_fmode
__p___argc
__p___argv
_cexit
_c_exit
_register_thread_local_exe_atexit_callback
_configthreadlocale
_set_new_mode
__p__commode
_initialize_onexit_table
_register_onexit_function
_crt_atexit
terminate
api-ms-win-crt-runtime-l1-1-0.dll
api-ms-win-crt-filesystem-l1-1-0.dll
api-ms-win-crt-heap-l1-1-0.dll
api-ms-win-crt-math-l1-1-0.dll
api-ms-win-crt-stdio-l1-1-0.dll
api-ms-win-crt-locale-l1-1-0.dll
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetModuleHandleW
memcpy
memmove
.?AVbad_alloc@std@@
.?AVexception@std@@
.?AVbad_array_new_length@std@@
.?AVtype_info@@
<?xml version='1.0' encoding='UTF-8' standalone='yes'?>
<assembly xmlns='urn:schemas-microsoft-com:asm.v1' manifestVersion='1.0'>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
<security>
<requestedPrivileges>
<requestedExecutionLevel level='requireAdministrator' uiAccess='false' />
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
C:\Windows\prefetch\VsGraphicsResou
ces.exe
https://raw.githubusercontent.com/Husky169/files187/refs/heads/main/kxz-free/msedge.exe
Antivirus Signature
Bkav W32.Common.3092A4C4
Lionic Trojan.Win32.Agent.Y!c
Elastic malicious (high confidence)
ClamAV Clean
CMC Clean
CAT-QuickHeal Trojan.Ghanarava.1739509998923404
Skyhigh BehavesLike.Win64.Trojan.lm
ALYac Trojan.GenericKD.75857349
Cylance Unsafe
Zillya Trojan.AgentAGen.Win64.8854
Sangfor Downloader.Win32.Agent.Vnab
CrowdStrike win/malicious_confidence_100% (W)
Alibaba TrojanDownloader:Win64/MalwareX.57de0d4d
K7GW Trojan ( 005c1e2a1 )
K7AntiVirus Trojan ( 005c1e2a1 )
huorong Clean
Baidu Clean
VirIT Clean
Paloalto generic.ml
Symantec ML.Attribute.HighConfidence
tehtris Clean
ESET-NOD32 a variant of Win64/Agent_AGen.CXB
APEX Malicious
Avast Win64:MalwareX-gen [Trj]
Cynet Malicious (score: 99)
Kaspersky Trojan-Downloader.Win32.Agent.xyddpc
BitDefender Trojan.GenericKD.75857349
NANO-Antivirus Trojan.Win64.AgentAGen.kvpilm
ViRobot Trojan.Win.Z.Agent.18944.WB
MicroWorld-eScan Trojan.GenericKD.75857349
Tencent Malware.Win32.Gencirc.1432bcb0
Sophos Generic Reputation PUA (PUA)
F-Secure Trojan.TR/Agent_AGen.pqgnx
DrWeb Clean
VIPRE Trojan.GenericKD.75857349
TrendMicro Clean
McAfeeD ti!E5C75A6E453E
Trapmine Clean
CTX exe.trojan.agen
Emsisoft Trojan.GenericKD.75857349 (B)
Ikarus Trojan.Win64.Agent
FireEye Trojan.GenericKD.75857349
Jiangmin Clean
Webroot Clean
Varist W64/ABApplication.IYNA-5089
Avira TR/Agent_AGen.pqgnx
Fortinet Malicious_Behavior.SB
Antiy-AVL Trojan[Downloader]/Win32.Agent
Kingsoft Clean
Gridinsoft Clean
Xcitium Clean
Arcabit Trojan.Generic.D4857DC5
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft Trojan:Win64/Malgent!MTB
Google Detected
AhnLab-V3 Trojan/Win.Generic.R692944
Acronis Clean
McAfee Artemis!C797BEEEE8E4
TACHYON Clean
VBA32 Clean
Malwarebytes Trojan.Downloader
Panda Clean
Zoner Clean
TrendMicro-HouseCall TROJ_GEN.R007H09BG25
Rising Downloader.Agent!8.B23 (CLOUD)
Yandex Clean
SentinelOne Static AI - Malicious PE
MaxSecure Trojan.Malware.333294164.susgen
GData Trojan.GenericKD.75857349
AVG Win64:MalwareX-gen [Trj]
DeepInstinct Clean
alibabacloud Trojan[downloader]:Win/Agent_AGen.CDH
No IRMA results available.