popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2025-03-07 06:26:29

PDB Path

D:\A = myProject\FIVEM CHEAT == KIKO ==\weebhoook sent info\x64\Release\weebhoook sent info.pdb

PE Imphash

2acc85ed2babd33763d3fdef1028401e

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x00003184 0x00003200 6.19138264419
.rdata 0x00005000 0x0000476a 0x00004800 5.05730070294
.data 0x0000a000 0x00000758 0x00000200 2.10563489717
.pdata 0x0000b000 0x000003c0 0x00000400 3.86492690094
.rsrc 0x0000c000 0x000001e0 0x00000200 4.70150325825
.reloc 0x0000d000 0x00000060 0x00000200 1.27043984842

Resources

Name Offset Size Language Sub-language File type
RT_MANIFEST 0x0000c060 0x0000017d LANG_ENGLISH SUBLANG_ENGLISH_US XML 1.0 document text

Imports

Library KERNEL32.dll:
0x140005000 GetModuleFileNameA
0x140005008 GetComputerNameA
0x140005010 RtlLookupFunctionEntry
0x140005018 RtlVirtualUnwind
0x140005020 UnhandledExceptionFilter
0x140005030 GetCurrentProcess
0x140005038 TerminateProcess
0x140005048 QueryPerformanceCounter
0x140005050 GetCurrentProcessId
0x140005058 GetCurrentThreadId
0x140005060 GetSystemTimeAsFileTime
0x140005068 InitializeSListHead
0x140005070 IsDebuggerPresent
0x140005078 GetModuleHandleW
0x140005080 RtlCaptureContext
Library MSVCP140.dll:
Library WINHTTP.dll:
0x140005178 WinHttpConnect
0x140005180 WinHttpCloseHandle
0x140005188 WinHttpOpenRequest
0x140005190 WinHttpReceiveResponse
0x140005198 WinHttpOpen
0x1400051a0 WinHttpSendRequest
Library VCRUNTIME140_1.dll:
0x140005168 __CxxFrameHandler4
Library VCRUNTIME140.dll:
0x140005110 __C_specific_handler
0x140005118 _CxxThrowException
0x140005120 memset
0x140005128 memcpy
0x140005130 memcmp
0x140005138 __std_exception_copy
0x140005140 __std_exception_destroy
0x140005148 __current_exception
0x140005150 __std_terminate
0x140005158 memmove
Library api-ms-win-crt-utility-l1-1-0.dll:
0x1400052d0 rand
0x1400052d8 srand
Library api-ms-win-crt-filesystem-l1-1-0.dll:
0x1400051b0 rename
Library api-ms-win-crt-time-l1-1-0.dll:
0x1400052c0 _time64
Library api-ms-win-crt-runtime-l1-1-0.dll:
0x140005208 __p___argc
0x140005210 _initialize_onexit_table
0x140005220 _cexit
0x140005228 _exit
0x140005230 exit
0x140005238 _initterm_e
0x140005240 _initterm
0x140005248 _c_exit
0x140005250 __p___argv
0x140005260 _crt_atexit
0x140005278 _configure_narrow_argv
0x140005288 _set_app_type
0x140005290 _seh_filter_exe
0x140005298 terminate
Library api-ms-win-crt-heap-l1-1-0.dll:
0x1400051c0 free
0x1400051c8 malloc
0x1400051d0 _callnewh
0x1400051d8 _set_new_mode
Library api-ms-win-crt-math-l1-1-0.dll:
0x1400051f8 __setusermatherr
Library api-ms-win-crt-stdio-l1-1-0.dll:
0x1400052a8 __p__commode
0x1400052b0 _set_fmode
Library api-ms-win-crt-locale-l1-1-0.dll:
0x1400051e8 _configthreadlocale
!This program cannot be run in DOS mode.
`.rdata
@.data
.pdata
@.rsrc
@.reloc
UVWATAUAVAWH
A_A^A]A\_^]
UATAUAVAWH
A_A^A]A\]
VWATAVAWH
0A_A^A\_^
@SUVAVH
(A^^][
(A^^][
@SVATAVH
(A^A\^[
@SWAVH
)t$@H;
SVWAVH
8A^_^[
WAVAWH
u/HcH<H
bad allocation
Unknown exception
bad array new length
string too long
Unknown
Failed to open WinHTTP session.
discord.com
/api/webhooks
Failed to connect to Discord.
Failed to open HTTP request.
{"content":"
Failed to send HTTP request.
Failed to receive HTTP response.
269c4fa9-5021-42eb-a565-0814276a3df2
269c4fa9-5021-42eb-a565-081427asdasdasd6a3df2
https://discordapp.com/api/webhooks/1308419714812481536/tYhIFuTxiumFIdaQoMoB3hCEfKTResHsj1eNC1i8ZznbVBtdIKBRCcoff_8MElszHoBl
Computer Name:
Webhook sent successfully!
Failed to send webhook.
invalid string position
D:\A = myProject\FIVEM CHEAT == KIKO ==\weebhoook sent info\x64\Release\weebhoook sent info.pdb
.text$mn
.text$mn$00
.text$x
.idata$5
.00cfg
.CRT$XCA
.CRT$XCAA
.CRT$XCZ
.CRT$XIA
.CRT$XIAA
.CRT$XIAC
.CRT$XIZ
.CRT$XPA
.CRT$XPZ
.CRT$XTA
.CRT$XTZ
.rdata
.rdata$r
.rdata$voltmd
.rdata$zzzdbg
.rtc$IAA
.rtc$IZZ
.rtc$TAA
.rtc$TZZ
.xdata
.xdata$x
.idata$2
.idata$3
.idata$4
.idata$6
.data$r
.data$rs
.pdata
.rsrc$01
.rsrc$02
GetModuleFileNameA
GetComputerNameA
KERNEL32.dll
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?uncaught_exception@std@@YA_NXZ
?_Xout_of_range@std@@YAXPEBD@Z
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Xlength_error@std@@YAXPEBD@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?good@ios_base@std@@QEBA_NXZ
MSVCP140.dll
WinHttpConnect
WinHttpSendRequest
WinHttpCloseHandle
WinHttpOpenRequest
WinHttpOpen
WinHttpReceiveResponse
WINHTTP.dll
__CxxFrameHandler4
__std_exception_destroy
__std_exception_copy
__std_terminate
memcmp
memcpy
memset
__current_exception
__current_exception_context
__C_specific_handler
_CxxThrowException
VCRUNTIME140_1.dll
VCRUNTIME140.dll
rename
_time64
_invalid_parameter_noinfo_noreturn
_callnewh
malloc
terminate
_seh_filter_exe
_set_app_type
__setusermatherr
_configure_narrow_argv
_initialize_narrow_environment
_get_initial_narrow_environment
_initterm
_initterm_e
_set_fmode
__p___argc
__p___argv
_cexit
_c_exit
_register_thread_local_exe_atexit_callback
_configthreadlocale
_set_new_mode
__p__commode
_initialize_onexit_table
_register_onexit_function
_crt_atexit
api-ms-win-crt-utility-l1-1-0.dll
api-ms-win-crt-filesystem-l1-1-0.dll
api-ms-win-crt-time-l1-1-0.dll
api-ms-win-crt-runtime-l1-1-0.dll
api-ms-win-crt-heap-l1-1-0.dll
api-ms-win-crt-math-l1-1-0.dll
api-ms-win-crt-stdio-l1-1-0.dll
api-ms-win-crt-locale-l1-1-0.dll
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetModuleHandleW
memmove
.?AVbad_alloc@std@@
.?AVexception@std@@
.?AVbad_array_new_length@std@@
.?AVtype_info@@
<?xml version='1.0' encoding='UTF-8' standalone='yes'?>
<assembly xmlns='urn:schemas-microsoft-com:asm.v1' manifestVersion='1.0'>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
<security>
<requestedPrivileges>
<requestedExecutionLevel level='asInvoker' uiAccess='false' />
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
nWebhook Sender
Content-Type: application/json
Antivirus Signature
Bkav Clean
Lionic Trojan.Win32.Disco.i!c
Elastic Clean
ClamAV Clean
CMC Clean
CAT-QuickHeal Trojan.Ghanarava.1743284684ac02d7
Skyhigh Artemis!Trojan
ALYac Trojan.GenericKD.76092814
Cylance Unsafe
Zillya Clean
Sangfor Clean
CrowdStrike win/malicious_confidence_70% (W)
Alibaba Clean
K7GW Clean
K7AntiVirus Clean
huorong Clean
Baidu Clean
VirIT Clean
Paloalto generic.ml
Symantec Trojan.Gen.MBT
tehtris Clean
ESET-NOD32 Clean
APEX Malicious
Avast Win64:MalwareX-gen [Trj]
Cynet Clean
Kaspersky Trojan-PSW.Win32.Disco.yiq
BitDefender Trojan.GenericKD.76092814
NANO-Antivirus Clean
ViRobot Clean
MicroWorld-eScan Trojan.GenericKD.76092814
Tencent Malware.Win32.Gencirc.14520f0f
Sophos Mal/Generic-S
F-Secure Clean
DrWeb Clean
VIPRE Trojan.GenericKD.76092814
TrendMicro Clean
McAfeeD ti!2DEDA9CDEA0C
Trapmine Clean
CTX exe.trojan.disco
Emsisoft Trojan.GenericKD.76092814 (B)
Ikarus Clean
FireEye Trojan.GenericKD.76092814
Jiangmin Clean
Webroot Clean
Varist W64/ABTrojan.CTWQ-4286
Avira Clean
Fortinet W32/PossibleThreat
Antiy-AVL GrayWare/Win32.Wacapew
Kingsoft Clean
Gridinsoft Clean
Xcitium Clean
Arcabit Trojan.Generic.D489158E
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft Program:Win32/Wacapew.C!ml
Google Detected
AhnLab-V3 Trojan/Win.Generic.C5746297
Acronis Clean
McAfee Artemis!616C8DD2596E
TACHYON Clean
VBA32 Clean
Malwarebytes Malware.AI.4268573523
Panda Trj/Chgt.AD
Zoner Clean
TrendMicro-HouseCall Trojan.Win32.VSX.PE04C9V
Rising Stealer.Disco!8.1326E (CLOUD)
Yandex Clean
SentinelOne Clean
MaxSecure Trojan.Malware.337693816.susgen
GData Trojan.GenericKD.76092814
AVG Win64:MalwareX-gen [Trj]
DeepInstinct MALICIOUS
alibabacloud Trojan[stealer]:Win/Disco.yQy
No IRMA results available.