popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2073-09-29 17:23:52

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x0000f984 0x0000fa00 4.58843850764
.rsrc 0x00012000 0x000006b0 0x00000800 4.70008163384
.reloc 0x00014000 0x0000000c 0x00000200 0.101910425663

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x000120a0 0x00000424 LANG_ENGLISH SUBLANG_ENGLISH_US data
RT_MANIFEST 0x000124c4 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
v4.0.30319
#Strings
List`1
ToInt32
DgHMUAUzCZrtA
DtCMcgICUabNfzqiEND
OlcuTknMGFkbieiPTWfjryGIcDVEuxwiEhTbrBSzJF
WyQGySmksiTCBlYCZvyLF
VPSyzNDwJvhHjAtcSKlOxaUzJgXRJIzF
NJDbuKqFXhzyhflPyiTROjceG
cbcYkLxDnVglYEJajLwRYFwdegaTSqCxNIWQWcQHVH
EZpWxbEaCmK
ZYFzlYbXfelKBhxSoEakMRFazcKM
mYgCgbfKODahvONdJeM
QcLMSzeUCnZaqFQTWIYSMrbTofPVRSjbeZN
System.IO
yPjDXtMFNgIalINzxHJvaDLbLO
VLJWsLPynGtlomMXIP
TcyoOPsxOyCsaeGzuEGyuqEJScGFZFgT
HrMbWPWbMzJIMbzlgaQohuSnpsZ
vIZRYVmCezVQWhgzheHhUHa
get_ECmuJWdGCbpwKcusITdakwCqAeIdlWGlKtklozYlVMa
mscorlib
System.Collections.Generic
Microsoft.VisualBasic
EAxhJFPURreKJTDNJjdKeXVqSzmwRvc
Versioned
Synchronized
ReadToEnd
Replace
FrameworkEventSource
IDisposable
CallByName
WriteLine
CallType
SecurityProtocolType
Capture
ApplicationSettingsBase
HttpWebResponse
GetResponse
Dispose
Create
CompilerGeneratedAttribute
GeneratedCodeAttribute
DebuggerNonUserCodeAttribute
DefaultSettingValueAttribute
UserScopedSettingAttribute
ParamArrayAttribute
WriteByte
get_Value
Randomize
VPViVxexvyPcxEYUeLDKWtIxpHTdnJGjcXBniXfvOTg
ZvkexDQApNBUHhYsCThlBQsYiRsfg
System.Diagnostics.Tracing
GetEncoding
System.Runtime.Remoting.Messaging
ToString
VBMath
get_Length
get_SOQNXGzXpfWIZVUFnauFveMqSjdi
set_SOQNXGzXpfWIZVUFnauFveMqSjdi
JBCOHIldokMVcGOWdSGAfuhEgpjtscvpVihePgbXRGPNj
MkKOXPTCvqEMRoQPbtJbUysNdBOMzLDPj
YHpaHrBTPxBzexmBRk
eOhtBjreXNHcVkYyk
YHpaHrBTPxBzexmBRk.dll
set_SecurityProtocol
GetResponseStream
MemoryStream
get_Item
set_Item
System
EMjtjePRlJbmhctuaBbHersbopchiNjQgm
Boolean
YnBiXISipwsjan
Application
System.Deployment.Internal.Isolation
System.Configuration
MatchCollection
GroupCollection
ToChar
Header
StreamReader
TextReader
ServicePointManager
System.CodeDom.Compiler
IEnumerator
GetEnumerator
.cctor
myBmEzGHDBZfYZWxAnalmAbXYJs
BLWHwFiWEzMcuJTYtVSBAcs
System.Diagnostics
Keywords
Microsoft.VisualBasic.CompilerServices
System.Runtime.CompilerServices
Matches
System.Windows.Forms
Contains
System.Text.RegularExpressions
System.Collections
RegexOptions
get_Groups
get_Chars
DoEvents
hFhVdnIzKiHflLAfRnZgKfRNIt
Concat
Format
Object
System.Net
get_CharacterSet
set_UserAgent
get_Current
Convert
HttpWebRequest
MoveNext
System.Text
XSIXzTKwLlZYazwScbudzv
KYXOtYUWEx
fTDxDpckx
GVGFPTOABRrmbMy
ToArray
IEnumReferenceIdentity
EventSourceActivity
ympwirsUPiMigTqYJDBVjganKJNZrcfFz
QHARCPDPz
KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator
16.6.0.0
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>PAPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDING
sWpfdupMBJoHwthIgqBuv1
qJUSOxPGmABPgNXJHmSy1
ToDwAeVuZPmkcmvnoWz1200
#gpiMSpFtLxIoCWxvrwntUlnBLDWLBCvsqsE10
fQDlyBJBqBJnEReRbDFUcH1
bosUSjbqYkDTqA1
ScUsCLkTIgKxEr1
MNyBxPpS0
210310132328Z
220310132328Z0
sWpfdupMBJoHwthIgqBuv1
qJUSOxPGmABPgNXJHmSy1
ToDwAeVuZPmkcmvnoWz1200
#gpiMSpFtLxIoCWxvrwntUlnBLDWLBCvsqsE10
fQDlyBJBqBJnEReRbDFUcH1
bosUSjbqYkDTqA1
ScUsCLkTIgKxEr1
MNyBxPpS0
#OYc%]j
sWpfdupMBJoHwthIgqBuv1
qJUSOxPGmABPgNXJHmSy1
ToDwAeVuZPmkcmvnoWz1200
#gpiMSpFtLxIoCWxvrwntUlnBLDWLBCvsqsE10
fQDlyBJBqBJnEReRbDFUcH1
bosUSjbqYkDTqA1
ScUsCLkTIgKxEr1
MNyBxPpS
v&'WywO
20210310132329Z
DigiCert Inc1
www.digicert.com110/
(DigiCert SHA2 Assured ID Timestamping CA0
210101000000Z
310106000000Z0H1
DigiCert, Inc.1 0
DigiCert Timestamp 20210
http://www.digicert.com/CPS0
,http://crl3.digicert.com/sha2-assured-ts.crl02
,http://crl4.digicert.com/sha2-assured-ts.crl0
http://ocsp.digicert.com0O
Chttp://cacerts.digicert.com/DigiCertSHA2AssuredIDTimestampingCA.crt0
QJxy6z'
dwc_#Ri
DigiCert Inc1
www.digicert.com1$0"
DigiCert Assured ID Root CA0
160107120000Z
310107120000Z0r1
DigiCert Inc1
www.digicert.com110/
(DigiCert SHA2 Assured ID Timestamping CA0
fnVa')
http://ocsp.digicert.com0C
7http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
4http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
4http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0P
https://www.digicert.com/CPS0
8aMbF$
V3"/"6
DigiCert Inc1
www.digicert.com110/
(DigiCert SHA2 Assured ID Timestamping CA
210310132329Z0+
I#CI+CI3
{0}{1}{2}{3}{4}{5}{6}{7}{8}{9}
{0}{1}{2}{3}{4}{5}{6}{7}{8}{9}{10}{11}{12}{13}{14}{15}{16}{17}{18}{19}{20}{21}{22}{23}{24}{25}{26}{27}{28}{29}{30}{31}{32}{33}{34}{35}{36}{37}{38}{39}{40}{41}{42}{43}{44}{45}{46}{47}{48}{49}{50}{51}{52}{53}{54}{55}{56}{57}{58}{59}{60}{61}{62}{63}{64}{65}{66}{67}{68}{69}{70}{71}{72}{73}{74}{75}{76}{77}{78}{79}{80}{81}{82}{83}{84}{85}{86}{87}{88}{89}{90}{91}{92}{93}{94}{95}{96}{97}{98}{99}{100}{101}{102}{103}{104}{105}{106}{107}{108}{109}{110}{111}{112}{113}{114}{115}{116}{117}{118}{119}{120}{121}{122}{123}{124}{125}{126}{127}{128}{129}{130}{131}{132}{133}{134}{135}{136}{137}{138}{139}{140}{141}
{0}{1}{2}{3}{4}{5}{6}{7}{8}{9}{10}{11}{12}{13}{14}{15}{16}{17}{18}{19}{20}{21}{22}{23}{24}{25}{26}{27}{28}{29}{30}{31}{32}{33}{34}{35}{36}{37}{38}{39}{40}{41}{42}{43}{44}{45}{46}{47}{48}{49}{50}{51}{52}{53}{54}{55}{56}{57}{58}{59}{60}{61}{62}{63}{64}{65}{66}{67}{68}{69}{70}{71}{72}{73}{74}{75}{76}{77}{78}{79}{80}{81}{82}{83}{84}{85}{86}{87}{88}{89}{90}{91}{92}{93}{94}{95}{96}{97}{98}{99}{100}{101}{102}{103}{104}{105}{106}{107}{108}{109}{110}{111}{112}{113}{114}{115}{116}{117}{118}{119}{120}{121}
{0}{1}{2}{3}{4}{5}{6}{7}
<meta name="keywords" content="([\w\d ]*)">
{0}{1}{2}
{0}{1}{2}{3}{4}{5}{6}{7}{8}{9}{10}{11}{12}{13}{14}{15}{16}{17}{18}{19}{20}{21}{22}{23}{24}{25}{26}{27}{28}{29}{30}{31}{32}{33}{34}{35}{36}{37}{38}{39}{40}{41}{42}{43}{44}{45}{46}{47}{48}{49}{50}{51}{52}{53}{54}{55}{56}{57}{58}{59}{60}{61}{62}{63}{64}{65}{66}{67}{68}{69}{70}{71}{72}{73}{74}{75}{76}{77}{78}{79}{80}{81}{82}{83}{84}{85}{86}{87}{88}{89}{90}{91}{92}{93}{94}{95}{96}{97}{98}{99}{100}{101}{102}{103}{104}{105}{106}{107}{108}{109}{110}{111}{112}{113}{114}{115}{116}{117}{118}{119}{120}{121}{122}{123}{124}{125}{126}{127}{128}{129}{130}{131}{132}{133}{134}{135}{136}{137}{138}{139}{140}{141}{142}{143}{144}{145}{146}{147}{148}{149}{150}{151}{152}{153}{154}{155}{156}{157}{158}{159}{160}{161}{162}{163}{164}{165}{166}{167}{168}{169}{170}{171}{172}{173}{174}{175}{176}{177}{178}{179}{180}{181}{182}{183}{184}{185}{186}{187}{188}{189}{190}{191}{192}{193}{194}{195}{196}{197}{198}{199}{200}{201}{202}{203}{204}{205}{206}{207}{208}{209}{210}{211}{212}{213}{214}{215}{216}{217}{218}{219}{220}{221}{222}{223}{224}{225}{226
{0}{1}{2}{3}{4}{5}{6}{7}{8}{9}{10}{11}{12}{13}{14}{15}{16}{17}{18}{19}{20}{21}{22}{23}{24}{25}{26}{27}{28}{29}{30}{31}{32}{33}{34}{35}{36}{37}{38}{39}{40}{41}{42}{43}{44}{45}{46}{47}{48}{49}{50}{51}{52}{53}{54}{55}{56}{57}{58}{59}{60}{61}{62}{63}{64}{65}{66}{67}{68}{69}{70}{71}{72}{73}{74}{75}{76}{77}{78}{79}{80}{81}{82}{83}{84}{85}{86}{87}{88}{89}{90}{91}{92}{93}{94}{95}{96}{97}{98}{99}{100}{101}{102}{103}{104}{105}{106}{107}{108}{109}{110}{111}{112}{113}{114}{115}{116}{117}{118}{119}{120}{121}{122}{123}{124}{125}{126}{127}{128}{129}{130}{131}{132}{133}{134}{135}{136}{137}{138}{139}{140}{141}{142}{143}{144}{145}{146}{147}{148}{149}{150}{151}{152}{153}{154}{155}{156}{157}{158}{159}{160}{161}{162}{163}{164}{165}{166}{167}{168}{169}{170}{171}{172}{173}{174}{175}{176}{177}{178}{179}{180}{181}{182}{183}{184}{185}{186}{187}{188}{189}{190}{191}{192}{193}{194}{195}{196}{197}{198}{199}{200}{201}{202}{203}{204}{205}{206}{207}{208}{209}{210}{211}{212}{213}{214}{215}{216}{217}{218}{219}{220}{221}{222}{223}{224}{225}{226
{0}{1}{2}{3}{4}{5}{6}{7}{8}{9}{10}{11}{12}{13}{14}{15}{16}{17}{18}{19}{20}{21}{22}{23}{24}{25}{26}{27}{28}{29}{30}{31}{32}{33}{34}{35}{36}{37}{38}{39}{40}{41}{42}{43}{44}{45}{46}{47}{48}{49}{50}{51}{52}{53}{54}{55}{56}{57}{58}{59}{60}{61}{62}{63}{64}{65}{66}{67}{68}{69}{70}{71}{72}{73}{74}{75}{76}{77}{78}{79}{80}{81}{82}{83}{84}{85}{86}{87}{88}{89}{90}{91}{92}{93}{94}{95}{96}{97}{98}{99}{100}{101}{102}{103}{104}{105}{106}{107}{108}{109}{110}{111}{112}{113}{114}{115}{116}{117}{118}{119}{120}{121}{122}{123}{124}{125}{126}{127}{128}{129}{130}{131}{132}{133}{134}{135}{136}{137}{138}{139}{140}{141}{142}{143}{144}{145}{146}{147}{148}{149}{150}{151}{152}{153}{154}{155}{156}{157}{158}{159}{160}{161}{162}{163}{164}{165}{166}{167}{168}{169}{170}{171}{172}{173}{174}{175}{176}{177}{178}{179}{180}{181}{182}{183}{184}{185}{186}{187}{188}{189}{190}{191}{192}{193}{194}{195}{196}{197}{198}{199}{200}{201}{202}{203}{204}{205}{206}{207}{208}{209}{210}{211}{212}{213}{214}{215}{216}{217}{218}{219}{220}{221}{222}{223}{224}{225}{226
{0}{1}{2}{3}{4}{5}{6}{7}{8}{9}{10}{11}{12}{13}{14}{15}{16}{17}{18}{19}{20}{21}{22}{23}{24}{25}{26}{27}{28}{29}{30}{31}{32}{33}{34}{35}{36}{37}{38}{39}{40}{41}{42}{43}{44}{45}{46}{47}{48}{49}{50}{51}{52}{53}{54}{55}{56}{57}{58}{59}{60}{61}{62}{63}{64}{65}{66}{67}{68}{69}{70}{71}{72}{73}{74}{75}{76}{77}{78}{79}{80}{81}{82}{83}{84}{85}{86}{87}{88}{89}{90}{91}{92}{93}{94}{95}{96}{97}{98}{99}{100}{101}{102}{103}{104}{105}{106}{107}{108}{109}{110}{111}{112}{113}{114}{115}{116}{117}{118}{119}{120}{121}{122}{123}{124}{125}{126}{127}{128}{129}{130}{131}{132}{133}{134}{135}{136}{137}{138}{139}{140}{141}{142}{143}{144}{145}{146}{147}{148}{149}{150}{151}{152}{153}{154}{155}{156}{157}{158}{159}{160}{161}{162}{163}{164}{165}{166}{167}{168}{169}{170}{171}{172}{173}{174}{175}{176}{177}{178}{179}{180}{181}{182}{183}{184}{185}{186}{187}{188}{189}{190}{191}{192}{193}{194}{195}{196}{197}{198}{199}{200}{201}{202}{203}{204}{205}{206}{207}{208}{209}{210}{211}{212}{213}{214}{215}{216}{217}{218}{219}{220}{221}{222}{223}{224}{225}{226
{0}{1}{2}{3}{4}{5}{6}{7}{8}{9}{10}{11}{12}{13}{14}{15}{16}{17}{18}{19}{20}{21}{22}{23}{24}{25}{26}{27}{28}{29}{30}{31}{32}{33}{34}{35}{36}{37}{38}{39}{40}{41}{42}{43}{44}{45}{46}{47}{48}{49}{50}{51}{52}{53}{54}{55}{56}{57}{58}{59}{60}{61}{62}{63}{64}{65}{66}{67}{68}{69}{70}{71}{72}{73}{74}{75}{76}{77}{78}{79}{80}{81}{82}{83}{84}{85}{86}{87}{88}{89}{90}{91}{92}{93}{94}{95}{96}{97}{98}{99}{100}{101}{102}{103}{104}{105}{106}{107}{108}{109}{110}{111}{112}{113}{114}{115}{116}{117}{118}{119}{120}{121}{122}{123}{124}{125}{126}{127}{128}{129}{130}{131}{132}{133}{134}{135}{136}{137}{138}{139}{140}{141}{142}{143}{144}{145}{146}{147}{148}{149}{150}{151}{152}{153}{154}{155}{156}{157}{158}{159}{160}{161}{162}{163}{164}{165}{166}{167}{168}{169}{170}{171}{172}{173}{174}{175}{176}{177}{178}{179}{180}{181}{182}{183}{184}{185}{186}{187}{188}{189}{190}{191}{192}{193}{194}{195}{196}{197}{198}{199}{200}{201}{202}{203}{204}{205}{206}{207}{208}{209}{210}{211}{212}{213}{214}{215}{216}{217}{218}{219}{220}{221}{222}{223}{224}{225}{226
{0}{1}{2}{3}{4}{5}{6}{7}{8}{9}{10}{11}{12}{13}{14}{15}{16}{17}{18}{19}{20}{21}{22}{23}{24}{25}{26}{27}{28}{29}{30}{31}{32}{33}{34}{35}{36}{37}{38}{39}{40}{41}{42}{43}{44}{45}{46}{47}{48}{49}{50}{51}{52}{53}{54}{55}{56}{57}{58}{59}{60}{61}{62}{63}{64}{65}{66}{67}{68}{69}{70}{71}{72}{73}{74}{75}{76}{77}{78}{79}{80}{81}
uMgrOYhUuidUNEIcG
SOQNXGzXpfWIZVUFnauFveMqSjdi
VS_VERSION_INFO
StringFileInfo
040904e4
Comments
hsFZjnpQzWpGoyYifWUZ
CompanyName
hsFZjnpQzWpGoyYifWUZ Inc.
FileDescription
hsFZjnpQzWpGoyYifWUZ
FileVersion
1.328.500.174
InternalName
hsFZjnpQzWpGoyYifWUZ.exe
LegalCopyright
All Rights Reserved
LegalTrademarks
hsFZjnpQzWpGoyYifWUZ
OriginalFilename
hsFZjnpQzWpGoyYifWUZ.exe
ProductName
hsFZjnpQzWpGoyYifWUZ
ProductVersion
1.328.500.174
Assembly Version
1.328.500.174
VarFileInfo
Translation
Antivirus Signature
Bkav Clean
Elastic malicious (high confidence)
DrWeb Clean
MicroWorld-eScan Clean
FireEye Clean
CAT-QuickHeal Clean
ALYac Clean
Cylance Clean
Zillya Clean
SUPERAntiSpyware Clean
Sangfor Trojan.Win32.Save.a
CrowdStrike Clean
Alibaba Clean
K7GW Clean
K7AntiVirus Clean
BitDefenderTheta Gen:NN.ZemsilF.34608.em1@aqmYDebi
Cyren Clean
Symantec Clean
ESET-NOD32 Clean
APEX Malicious
TotalDefense Clean
Avast FileRepMalware
ClamAV Clean
Kaspersky Clean
BitDefender Clean
NANO-Antivirus Clean
Paloalto Clean
ViRobot Clean
Tencent Clean
Ad-Aware Clean
TACHYON Clean
Emsisoft Clean
Comodo Clean
F-Secure Clean
Baidu Clean
VIPRE Clean
TrendMicro Clean
McAfee-GW-Edition Artemis!Trojan
CMC Clean
Sophos Clean
SentinelOne Static AI - Suspicious PE
eGambit Unsafe.AI_Score_88%
Avira Clean
Antiy-AVL Clean
Kingsoft Clean
Microsoft Trojan:Win32/AgentTesla!ml
Gridinsoft Clean
Arcabit Clean
AegisLab Clean
ZoneAlarm Clean
GData Clean
Cynet Clean
AhnLab-V3 Clean
Acronis Clean
McAfee Artemis!2BD6DCE81140
MAX Clean
VBA32 Clean
Malwarebytes Malware.AI.1759459124
Zoner Clean
TrendMicro-HouseCall Clean
Rising Clean
Yandex Clean
Ikarus Trojan.MSIL.Inject
MaxSecure Clean
Fortinet Clean
Webroot Clean
AVG FileRepMalware
Cybereason malicious.89775c
Panda Clean
Qihoo-360 Clean
No IRMA results available.