Static | ZeroBOX

Name	Virtual Address	Virtual Size	Size of Raw Data	Entropy
.text	0x00001000	0x0001b268	0x0001c000	4.94465112957
.data	0x0001d000	0x00000a30	0x00001000	0.0
.rsrc	0x0001e000	0x00006728	0x00007000	5.4995925027

Name

Virtual Address

Virtual Size

Size of Raw Data

Entropy

.text

0x00001000

0x0001b268

0x0001c000

4.94465112957

.data

0x0001d000

0x00000a30

0x00001000

0.0

.rsrc

0x0001e000

0x00006728

0x00007000

5.4995925027

Name	Offset	Size	Language	Sub-language	File type
RT_ICON	0x0001e540	0x00000468	LANG_NEUTRAL	SUBLANG_NEUTRAL	GLS_BINARY_LSB_FIRST
RT_ICON	0x0001e540	0x00000468	LANG_NEUTRAL	SUBLANG_NEUTRAL	GLS_BINARY_LSB_FIRST
RT_ICON	0x0001e540	0x00000468	LANG_NEUTRAL	SUBLANG_NEUTRAL	GLS_BINARY_LSB_FIRST
RT_ICON	0x0001e540	0x00000468	LANG_NEUTRAL	SUBLANG_NEUTRAL	GLS_BINARY_LSB_FIRST
RT_ICON	0x0001e540	0x00000468	LANG_NEUTRAL	SUBLANG_NEUTRAL	GLS_BINARY_LSB_FIRST
RT_ICON	0x0001e540	0x00000468	LANG_NEUTRAL	SUBLANG_NEUTRAL	GLS_BINARY_LSB_FIRST
RT_ICON	0x0001e540	0x00000468	LANG_NEUTRAL	SUBLANG_NEUTRAL	GLS_BINARY_LSB_FIRST
RT_ICON	0x0001e540	0x00000468	LANG_NEUTRAL	SUBLANG_NEUTRAL	GLS_BINARY_LSB_FIRST
RT_ICON	0x0001e540	0x00000468	LANG_NEUTRAL	SUBLANG_NEUTRAL	GLS_BINARY_LSB_FIRST
RT_GROUP_ICON	0x0001e4bc	0x00000084	LANG_NEUTRAL	SUBLANG_NEUTRAL	data
RT_VERSION	0x0001e270	0x0000024c	LANG_ENGLISH	SUBLANG_ENGLISH_US	data

Name

Offset

Size

Language

Sub-language

File type

RT_ICON

0x0001e540

0x00000468

LANG_NEUTRAL

SUBLANG_NEUTRAL

GLS_BINARY_LSB_FIRST

RT_ICON

0x0001e540

0x00000468

LANG_NEUTRAL

SUBLANG_NEUTRAL

GLS_BINARY_LSB_FIRST

RT_ICON

0x0001e540

0x00000468

LANG_NEUTRAL

SUBLANG_NEUTRAL

GLS_BINARY_LSB_FIRST

RT_ICON

0x0001e540

0x00000468

LANG_NEUTRAL

SUBLANG_NEUTRAL

GLS_BINARY_LSB_FIRST

RT_ICON

0x0001e540

0x00000468

LANG_NEUTRAL

SUBLANG_NEUTRAL

GLS_BINARY_LSB_FIRST

RT_ICON

0x0001e540

0x00000468

LANG_NEUTRAL

SUBLANG_NEUTRAL

GLS_BINARY_LSB_FIRST

RT_ICON

0x0001e540

0x00000468

LANG_NEUTRAL

SUBLANG_NEUTRAL

GLS_BINARY_LSB_FIRST

RT_ICON

0x0001e540

0x00000468

LANG_NEUTRAL

SUBLANG_NEUTRAL

GLS_BINARY_LSB_FIRST

RT_ICON

0x0001e540

0x00000468

LANG_NEUTRAL

SUBLANG_NEUTRAL

GLS_BINARY_LSB_FIRST

RT_GROUP_ICON

0x0001e4bc

0x00000084

LANG_NEUTRAL

SUBLANG_NEUTRAL

data

RT_VERSION

0x0001e270

0x0000024c

LANG_ENGLISH

SUBLANG_ENGLISH_US

data

!This program cannot be run in DOS mode.

`.data

MSVBVM60.DLL

Coaliserslnk

guaiacumsny

chilledgifler

wxxxxwxy

xxxxwy

:9:9^5

---111

:^a^15

~~~5J[@

rod[tuh

K]O[Ue`

@GH[BQF

chilledgifler

Command3

coriariaceaerandbem

Command2

INDIMELLEMEIDE

Command1

Oxygenisement

Check1

parcellisters

Check2

INFRANATURALISMJE

Check3

Luftlageneswa

Check4

Udmundgnidningsmod5

PicBox

+s<#Lo

*UB#^~

ANYC r

FOs<1D

oEf%Iu

dgggggggggggggggggggggggg

dRRRRRRRRRRRRRRRRRRRRRRRR

pbbbbbbbbbbbbbbbbbbbbbb

IkLLLLLLLLLLLLLLLLLLLLLLLLL

r11111111111111111111111111111

W<B;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

z6666666666666666666666666666

olllllllllllllllllllllll

aaaaaaaaaaaaaaaaaaaaaaaaa[

R!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

cccccccccccccccccccccccccccccc

FWWWWWWWWWWWWWWWWWWWWWWW

Q--------------------------

0,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

ttttttttttttttttttttttttttttK

~GGGGGGGGGGGGGGGGGGGGGGGGGG

MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM

|LLLLLLLLLLLLLLLLLLLLLLLLLL

,,,,,,,,,,,,,,,,,,,,,,,,,,,,

"_ggggggggggggggggggggggggggggggg

9\\\\\\\\\\\\\\\\\\\\\\\\

z&hhhhhhhhhhhhhhhhhhhhhhhhhhhh

Va=========================

t3lllllllllllllllllllllllll

!||||||||||||||||||||||||||||||||

ffffffffffffffffffffffffff

2KKKKKKKKKKKKKKKKKKKKKKKKKKKKKK

!PPPPPPPPPPPPPPPPPPPPPPPPPPPPP

BBBBBBBBBBBBBBBBBBBBBBBBB

77777777777777777777777777

E}}}}}}}}}}}}}}}}}}}}}}}}}}}}

1qqqqqqqqqqqqqqqqqqqqqqqq

X%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

'CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC

`((((((((((((((((((((((((

11111111111111111111111111

------------------------

Rcccccccccccccccccccccccccccccccj

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

NNNNNNNNNNNNNNNNNNNNNNNNNNNNNN

ggggggggggggggggggggg

Q"""""""""""""""""""""""""

OxFFFFFFFFFFFFFFFFFFFFFFFFFF

_=====================

22222222222222222222221

x,,,,,,,,,,,,,,,,,,,,,,,,,,,,

CCCCCCCCCCCCCCCCCCCCCCCCCCCCCC

_!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

VB5!6&*

partitionssystemrut

Coaliserslnk

guaiacumsny

PicBox

C:\Program Files (x86)\Microsoft Visual Studio\VB98\VB6.OLB

Command1

Check1

Command3

Command2

Check2

Check4

Check3

Trampoline

overmtningers

Untasteable

sinologen

opblandedes

luftrumsorganisationerne

TILLGSMAADES

STREPTASTER

VBA6.DLL

__vbaAryDestruct

__vbaStrI4

__vbaOnError

__vbaVarTstLt

__vbaVarAdd

__vbaI4Var

__vbaStrVarMove

__vbaLateIdCallLd

__vbaErase

__vbaVarMove

__vbaRedim

__vbaCastObj

__vbaFreeObjList

__vbaVarTstNe

__vbaI4Str

__vbaStrCmp

__vbaVarDup

__vbaStrCopy

__vbaFreeVarList

__vbaVarTstEq

__vbaObjSet

__vbaLateMemSt

__vbaFreeVar

__vbaLateMemCallLd

__vbaObjVar

__vbaObjSetAddref

__vbaFreeStr

__vbaFreeObj

__vbaHresultCheckObj

__vbaNew2

__vbaStrMove

Ciffernglen8

Sedimetric7

Lichenous3

Mrkerdes6

Wordings

Digtningens

Undtagen

MILLILITEREN

EREMITKREBSENE

Amplificate

Agglutineringers9

NAVNEMAADE

KVADRATRDDERS

Lemmer3

Filmfronten3

Fangedragternes

EFTERHAANDSOPLYSNINGEN

SPEKTROGRAMMERNES

Arbejdslederens

underbough

Tonguey2

OMLAGDES

Elvrksarbejderes

korfitz

guldsnor

LINEAR

skrddererer

Biophysics

Overfluent

Underutilization9

Bydelsordningen2

Bragite9

Filippas

Bdernes

ZELOTEN

Allegros

Semipacifist

AMNINGSMRKERS

Tintallerkners9

GIRLIES

Bekmpelsernes5

Dieters3

NONSUBSTITUTIONALLY

SHEEPBERRIES

Opsummeres

Nonacquisitiveness2

Elleveaarsbarnets

Brefrekvenss8

VINTERGK

stukkatren

Sunrooms

Saccharimetre

MSVBVM60.DLL

_CIcos

_adj_fptan

__vbaVarMove

__vbaStrI4

__vbaFreeVar

__vbaStrVarMove

__vbaFreeVarList

_adj_fdiv_m64

__vbaFreeObjList

_adj_fprem1

__vbaHresultCheckObj

_adj_fdiv_m32

__vbaAryDestruct

__vbaLateMemSt

__vbaObjSet

__vbaOnError

_adj_fdiv_m16i

__vbaObjSetAddref

_adj_fdivr_m16i

__vbaVarTstLt

_CIsin

__vbaErase

__vbaChkstk

EVENT_SINK_AddRef

__vbaStrCmp

__vbaVarTstEq

__vbaObjVar

_adj_fpatan

__vbaLateIdCallLd

__vbaRedim

EVENT_SINK_Release

_CIsqrt

EVENT_SINK_QueryInterface

__vbaExceptHandler

_adj_fprem

_adj_fdivr_m64

__vbaFPException

_CIlog

__vbaNew2

_adj_fdiv_m32i

_adj_fdivr_m32i

__vbaStrCopy

__vbaI4Str

_adj_fdivr_m32

_adj_fdiv_r

__vbaVarTstNe

__vbaI4Var

__vbaVarAdd

__vbaVarDup

__vbaLateMemCallLd

_CIatan

__vbaStrMove

__vbaCastObj

_allmul

_CItan

_CIexp

__vbaFreeObj

__vbaFreeStr

~~~5J[@

rod[tuh

K]O[Ue`

@GH[BQF

:9:9^5

---111

:^a^15

wxxxxwxy

xxxxwy

VB.VscrollBar

bombepanik

Visible

VB.PictureBox

MISFOSTRETS

Enabled

Berejsningens

Burelage

untrying

Nonnitrous

Jalousiskabenes

Annmari4

UDVIKLINGSOPGAVE

indsuger

VS_VERSION_INFO

VarFileInfo

Translation

StringFileInfo

040904B0

Comments

Techy Fighters

ProductName

Coaliserslnk

FileVersion

ProductVersion

InternalName

partitionssystemrut

OriginalFilename

partitionssystemrut.exe

Antivirus	Signature
Bkav	W32.AIDetect.malware2
Elastic	malicious (high confidence)
DrWeb	Clean
MicroWorld-eScan	Gen:Variant.Ser.Ursu.18757
FireEye	Generic.mg.8d2ee34543afa9e5
CAT-QuickHeal	Clean
Qihoo-360	Clean
ALYac	Gen:Variant.Ser.Ursu.18757
Cylance	Unsafe
VIPRE	Clean
SUPERAntiSpyware	Clean
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Clean
Alibaba	Clean
K7GW	Clean
CrowdStrike	win/malicious_confidence_60% (D)
Arcabit	Clean
BitDefenderTheta	Gen:NN.ZevbaF.34608.jm0@aqFHOvli
Cyren	Clean
Symantec	Clean
ESET-NOD32	Clean
APEX	Malicious
TotalDefense	Clean
Avast	Win32:Malware-gen
ClamAV	Clean
Kaspersky	UDS:DangerousObject.Multi.Generic
BitDefender	Gen:Variant.Ser.Ursu.18757
NANO-Antivirus	Clean
Paloalto	Clean
ViRobot	Clean
Ad-Aware	Gen:Variant.Ser.Ursu.18757
Sophos	Clean
Comodo	Clean
F-Secure	Clean
Baidu	Clean
Zillya	Clean
TrendMicro	Clean
McAfee-GW-Edition	Clean
CMC	Clean
Emsisoft	Gen:Variant.Ser.Ursu.18757 (B)
Ikarus	Trojan.VB.Crypt
Webroot	Clean
Avira	Clean
MAX	malware (ai score=85)
Antiy-AVL	Clean
Kingsoft	Clean
Gridinsoft	Clean
Microsoft	Trojan:Win32/Wacatac.B!ml
AegisLab	Trojan.Multi.Generic.4!c
ZoneAlarm	Clean
GData	Gen:Variant.Ser.Ursu.18757
Cynet	Malicious (score: 100)
AhnLab-V3	Win-Trojan/VBKrand.Gen
Acronis	Clean
McAfee	Clean
TACHYON	Clean
VBA32	Clean
Malwarebytes	Clean
Zoner	Clean
TrendMicro-HouseCall	Clean
Rising	Clean
Yandex	Clean
SentinelOne	Static AI - Suspicious PE
eGambit	Clean
Fortinet	W32/Kryptik.EOVV!tr
AVG	Win32:Malware-gen
Cybereason	malicious.543afa
Panda	Clean
MaxSecure	Clean

Antivirus

Signature

Bkav

W32.AIDetect.malware2

Elastic

malicious (high confidence)

DrWeb

Clean

MicroWorld-eScan

Gen:Variant.Ser.Ursu.18757

FireEye

Generic.mg.8d2ee34543afa9e5

CAT-QuickHeal

Clean

Qihoo-360

Clean

ALYac

Gen:Variant.Ser.Ursu.18757

Cylance

Unsafe

VIPRE

Clean

SUPERAntiSpyware

Clean

Sangfor

Trojan.Win32.Save.a

K7AntiVirus

Clean

Alibaba

Clean

K7GW

Clean

CrowdStrike

win/malicious_confidence_60% (D)

Arcabit

Clean

BitDefenderTheta

Gen:NN.ZevbaF.34608.jm0@aqFHOvli

Cyren

Clean

Symantec

Clean

ESET-NOD32

Clean

APEX

Malicious

TotalDefense

Clean

Avast

Win32:Malware-gen

ClamAV

Clean

Kaspersky

UDS:DangerousObject.Multi.Generic

BitDefender

Gen:Variant.Ser.Ursu.18757

NANO-Antivirus

Clean

Paloalto

Clean

ViRobot

Clean

Ad-Aware

Gen:Variant.Ser.Ursu.18757

Sophos

Clean

Comodo

Clean

F-Secure

Clean

Baidu

Clean

Zillya

Clean

TrendMicro

Clean

McAfee-GW-Edition

Clean

CMC

Clean

Emsisoft

Gen:Variant.Ser.Ursu.18757 (B)

Ikarus

Trojan.VB.Crypt

Webroot

Clean

Avira

Clean

MAX

malware (ai score=85)

Antiy-AVL

Clean

Kingsoft

Clean

Gridinsoft

Clean

Microsoft

Trojan:Win32/Wacatac.B!ml

AegisLab

Trojan.Multi.Generic.4!c

ZoneAlarm

Clean

GData

Gen:Variant.Ser.Ursu.18757

Cynet

Malicious (score: 100)

AhnLab-V3

Win-Trojan/VBKrand.Gen

Acronis

Clean

McAfee

Clean

TACHYON

Clean

VBA32

Clean

Malwarebytes

Clean

Zoner

Clean

TrendMicro-HouseCall

Clean

Rising

Clean

Yandex

Clean

SentinelOne

Static AI - Suspicious PE

eGambit

Clean

Fortinet

W32/Kryptik.EOVV!tr

AVG

Win32:Malware-gen

Cybereason

malicious.543afa

Panda

Clean

MaxSecure

Clean

Static Analysis

PE Compile Time

PE Imphash

Sections

Resources

Imports