popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2021-02-12 05:56:44

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x003c5334 0x003c5400 2.56406488885
.rsrc 0x003c8000 0x00000640 0x00000800 4.72926439331
.reloc 0x003ca000 0x0000000c 0x00000200 0.101910425663

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x003c80a0 0x000003b4 LANG_ENGLISH SUBLANG_ENGLISH_US data
RT_MANIFEST 0x003c8454 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
v4.0.30319
#Strings
<Module>
System.IO
mscorlib
Microsoft.VisualBasic
CompareMethod
Replace
Invoke
MethodBase
WriteByte
ToByte
ToString
get_Length
MemoryStream
System
System.Reflection
InsufficientMemoryException
MethodInfo
.cctor
Microsoft.VisualBasic.CompilerServices
Strings
Conversions
get_Chars
Object
get_EntryPoint
ToArray
Assembly
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>PAPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDING
0123456789
C'ka|mJ[Wh
[[xhCx'||xCxaxCxCxCx|xCxCxCxkmmxkmmxCxCx'W|xCxCxCxCxCxCxCxJ|xCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCx'kWxCxCxCx'|xa'x'WJx'|xCx'WCxhxkCmxaax'W|x'x[JxkCmxaaxW|x'C|x'Cmx''mxakx''kx''|x'''x'Cax''|xh[x'Chxakxhhxh[x''Cx''Cx'''x''JxakxhWx'C'xakx''|x''[x''Cxakx'Cmx''CxakxJWx[hxWaxakx'Chx'''x'CCx'C'x|Jx'ax'ax'CxaJxCxCxCxCxCxCxCxWCxJhxCxCx[Jx'xaxCx''x'm|xa[xhJxCxCxCxCxCxCxCxCxkk|xCxa|xCx''x'xWCxCxCx'aCxWxCxCxJxCxCxCxCxCxCx[Wx'JCxWxCxCxakxCxCxCx'hkxWxCxCxCxCx'JxCxakxCxCxCxkxCxCx|xCxCxCxCxCxCxCx|xCxCxCxCxCxCxCxCxCxhxCxCxkxCxCxCxCxCxCxkxCxJ|x'aaxCxCx'JxCxCx'JxCxCxCxCx'JxCxCx'JxCxCxCxCxCxCx'JxCxCxCxCxCxCxCxCxCxCxCxk|Wx'mhxWxCxWaxCxCxCxCx'hkxWxCxW|xaxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxkk|xWxCx'kxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxCxakxCxCxWxCxCxCxCxCxCxCxCxCxCxCxWxakxCxCx[kxCxCxCxCxCxCxCxCxCxCxCx|Jx''Jx'C'x'kCx''JxCxCxCxW|x'kWxWxCxCxakxCxCxCx'aCxWxCxCxkxCxCxCxCxCxCxCxCxCxCxCxCxCxCxakxCxCxhJx|Jx''|x''mx''|xhhxCxCxCxW|xaxCxCxCx
VS_VERSION_INFO
StringFileInfo
040904e4
ProductName
Bandicam
FileDescription
Bandicam Setup File
CompanyName
Bandicam Company
LegalCopyright
Copyright(C) 2009-2021 Bandicam.com, All rights reserved.
LegalTrademarks
9739a5b8 d54b 4bc8 b829 748ade030cc6
Comments
Bandicam Setup File (2020-12-24
2:52:43)
FileVersion
5.0.1.1799
1dbc49bd-8222-4a65-9288-cb92c9a25fe7
VarFileInfo
Translation
Antivirus Signature
Bkav Clean
Elastic malicious (high confidence)
DrWeb BackDoor.SpyBotNET.25
MicroWorld-eScan Clean
FireEye Generic.mg.5ba86988b432c61b
CAT-QuickHeal Clean
McAfee PWS-FCWL!5BA86988B432
Cylance Unsafe
VIPRE Clean
Sangfor Trojan.Win32.Save.a
CrowdStrike win/malicious_confidence_100% (D)
BitDefender Clean
K7GW Clean
K7AntiVirus Clean
BitDefenderTheta Gen:NN.ZemsilF.34628.Xp0@aGYftogi
Cyren Clean
Symantec Scr.Malcode!gdn34
TotalDefense Clean
APEX Malicious
Avast Win32:TrojanX-gen [Trj]
ClamAV Clean
Kaspersky Clean
Alibaba Clean
NANO-Antivirus Clean
ViRobot Clean
AegisLab Clean
Rising Clean
Ad-Aware Clean
TACHYON Clean
Emsisoft Clean
Comodo Clean
F-Secure Clean
Baidu Clean
Zillya Clean
TrendMicro Clean
McAfee-GW-Edition PWS-FCWL!5BA86988B432
CMC Clean
Sophos ML/PE-A
SentinelOne Static AI - Malicious PE
GData Clean
Jiangmin Clean
Webroot Clean
Avira HEUR/AGEN.1141726
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Clean
Arcabit Clean
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft Trojan:MSIL/AgentTesla.MHR!MTB
Cynet Malicious (score: 100)
AhnLab-V3 Malware/Win32.RL_Generic.C4334150
Acronis Clean
VBA32 Clean
ALYac Clean
MAX Clean
Malwarebytes Trojan.Crypt.MSIL.Generic
Panda Clean
Zoner Clean
ESET-NOD32 a variant of MSIL/GenKryptik.FBHJ
TrendMicro-HouseCall Clean
Tencent Clean
Yandex Clean
Ikarus Trojan.Inject
MaxSecure Clean
Fortinet MSIL/GenKryptik.FBHJ!tr
AVG Win32:TrojanX-gen [Trj]
Paloalto Clean
Qihoo-360 HEUR/QVM03.0.F5E0.Malware.Gen
No IRMA results available.