popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2053-06-27 17:03:23

PDB Path

G:\Source\RunPE\RunPE\obj\x86\Release\RunPE.pdb

PE Imphash

dae02f32a21e03ce65412f6e56942daa

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x000025f0 0x00002600 6.20701054577
.rsrc 0x00006000 0x00000358 0x00000400 2.72614926753
.reloc 0x00008000 0x0000000c 0x00000200 0.0815394123432

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x00006058 0x000002fc LANG_NEUTRAL SUBLANG_NEUTRAL data

Imports

Library mscoree.dll:
0x10002000 _CorDllMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
v4.0.30319
#Strings
Reserved1
kernel32
ToUInt32
ToInt32
Reserved2
ToInt16
<Module>
CreateProcessA
LoadLibraryA
mscorlib
ThreadId
ProcessId
GetProcessById
bytesRead
ResumeThread
thread
method
EndInvoke
BeginInvoke
ThreadHandle
RuntimeTypeHandle
GetTypeFromHandle
ProcessHandle
handle
applicationName
commandLine
ValueType
MulticastDelegate
GuidAttribute
DebuggableAttribute
ComVisibleAttribute
AssemblyTitleAttribute
AssemblyTrademarkAttribute
TargetFrameworkAttribute
AssemblyFileVersionAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
CompilationRelaxationsAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyCompanyAttribute
RuntimeCompatibilityAttribute
get_Size
bufferSize
SizeOf
System.Runtime.Versioning
String
length
LoadApi
CreateApi
AsyncCallback
callback
Marshal
RunPE.dll
System
bytesWritten
processInformation
ZwUnmapViewOfSection
System.Reflection
Exception
startupInfo
Desktop
Buffer
buffer
GetDelegateForFunctionPointer
BitConverter
StdError
.cctor
IntPtr
System.Diagnostics
System.Runtime.InteropServices
System.Runtime.CompilerServices
DebuggingModes
inheritHandles
threadAttributes
processAttributes
GetBytes
creationFlags
hProcess
process
GetProcAddress
baseAddress
address
Object
object
protect
IAsyncResult
result
environment
Convert
StdInput
StdOutput
Wow64GetThreadContext
Wow64SetThreadContext
context
VirtualAllocEx
BlockCopy
ReadProcessMemory
WriteProcessMemory
currentDirectory
WrapNonExceptionThrows
Copyright
2021
$e8591b22-2072-4c9c-bdb6-e53bbbd0cafb
1.0.0.0
.NETFramework,Version=v4.5
FrameworkDisplayName
.NET Framework 4.5
G:\Source\RunPE\RunPE\obj\x86\Release\RunPE.pdb
_CorDllMain
mscoree.dll
kernel32
ResumeThread
Wow64SetThreadContext
SetThreadContext
Wow64GetThreadContext
GetThreadContext
VirtualAllocEx
WriteProcessMemory
ReadProcessMemory
ZwUnmapViewOfSection
CreateProcessA
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
FileVersion
1.0.0.0
InternalName
RunPE.dll
LegalCopyright
Copyright
2021
LegalTrademarks
OriginalFilename
RunPE.dll
ProductName
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0
Antivirus Signature
Bkav W32.AIDetectMalware.CS
Lionic Trojan.Win32.BotX.4!c
Elastic malicious (high confidence)
ClamAV Clean
CMC Clean
CAT-QuickHeal cld.trojan.generic
Skyhigh ACL/BotX Trojan
ALYac Clean
Cylance Unsafe
Zillya Trojan.Injector.Win32.1592221
Sangfor Suspicious.Win32.Save.a
CrowdStrike win/malicious_confidence_100% (W)
Alibaba Trojan:MSIL/Injector.eb718516
K7GW Trojan ( 005690671 )
K7AntiVirus Trojan ( 005690671 )
huorong Trojan/MSIL.Injector.gy
Baidu Clean
VirIT Clean
Paloalto generic.ml
Symantec Trojan.Gen.MBT
tehtris Clean
ESET-NOD32 a variant of MSIL/Injector.LOS
APEX Clean
Avast Win32:MalwareX-gen [Bot]
Cynet Clean
Kaspersky HEUR:Trojan.Win32.Generic
BitDefender Gen:Heur.MSIL.Krypt.6
NANO-Antivirus Clean
ViRobot Trojan.Win32.Z.Injector.11776.BG
MicroWorld-eScan Gen:Heur.MSIL.Krypt.6
Tencent Trojan.Msil.Injector.16001767
Sophos Mal/Generic-S
F-Secure Heuristic.HEUR/AGEN.1364289
DrWeb Trojan.InjectNET.17
VIPRE Gen:Heur.MSIL.Krypt.6
TrendMicro TROJ_GEN.R002C0DC525
McAfeeD ti!B162CA047B3B
Trapmine Clean
CTX dll.trojan.msil
Emsisoft Gen:Heur.MSIL.Krypt.6 (B)
Ikarus Trojan-Spy.Agent
GData Gen:Heur.MSIL.Krypt.6
Jiangmin Clean
Webroot W32.Trojan.Gen
Varist W32/MSIL_Troj.C.gen!Eldorado
Avira HEUR/AGEN.1364289
Antiy-AVL Trojan[Injector]/MSIL.Agent
Kingsoft Win32.Trojan.Generic.a
Gridinsoft Clean
Xcitium Malware@#1p0kytyq9j5vq
Arcabit Trojan.MSIL.Krypt.6
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft Trojan:MSIL/Rozena.HNG!MTB
Google Detected
AhnLab-V3 Trojan/Win.MSIL.R506909
Acronis Clean
McAfee ACL/BotX Trojan
TACHYON Clean
VBA32 Clean
Malwarebytes Trojan.Injector.MSIL
Panda Trj/GdSda.A
Zoner Clean
TrendMicro-HouseCall Trojan.Win32.VSX.PE04C9Z
Rising Malware.Obfus/MSIL@AI.87 (RDM.MSIL2:FOe33/dOUDho8k3YRz5Ymg)
Yandex Clean
SentinelOne Static AI - Malicious PE
MaxSecure Trojan.Malware.7164915.susgen
Fortinet MSIL/Injector.B!tr
AVG Win32:MalwareX-gen [Bot]
DeepInstinct MALICIOUS
alibabacloud Trojan:MSIL/Injector.LOS
No IRMA results available.