popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2021-03-17 22:38:05

PE Imphash

df5504c1c67b4885da4f7997a05bf0c0

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x000092c5 0x00009400 5.79480269846
.rdata 0x0000b000 0x000003c2 0x00000400 4.316062685
.data 0x0000c000 0x00009058 0x00009200 5.18951010608
.pdata 0x00016000 0x000000a8 0x00000200 1.50272067558

Imports

Library SHLWAPI.dll:
0x18000b018 StrStrA
Library KERNEL32.dll:
0x18000b000 Sleep
0x18000b008 GetCurrentThreadId
Library USER32.dll:
0x18000b028 SetTimer
0x18000b030 SendMessageA

Exports

Ordinal Address Name
1 0x180003444 ?usr@@YAHXZ
2 0x180003514 DllRegisterServer
!This program cannot be run in DOS mode.
`.rdata
@.data
.pdata
@USVWATAUAVAWH
A_A^A]A\_^[]
|$ UAVAWH
@A_A^]
@USVWATAVAWH
A_A^A\_^[]
@USVWATAUAVAWH
MHMcA<D
EPIcO<
HA_A^A]A\_^[]
UVWATAUAVAWH
@A_A^A]A\_^]
UATAUAVAWH
0A_A^A]A\]
|$ UATAUAVAWH
M0HcS<
M0E9,$
E0}vA#
A_A^A]A\]
|$ UATAUAVAWH
|$HA_A^A]A\]
UVWATAUAVAWH
MX)UPD
EXt;A#
0A_A^A]A\_^]
UATAUAVAWH
0A_A^A]A\]
.text$mn
.idata$5
.rdata
.rdata$zzzdbg
.xdata
.edata
.idata$2
.idata$3
.idata$4
.idata$6
.pdata
?usr@@YAHXZ
DllRegisterServer
StrStrA
SHLWAPI.dll
GetCurrentThreadId
KERNEL32.dll
SendMessageA
SetTimer
USER32.dll
Antivirus Signature
Bkav Clean
Elastic Clean
ClamAV Clean
FireEye Gen:Variant.Razy.853088
CAT-QuickHeal Clean
McAfee RDN/Generic.dx
Cylance Unsafe
Zillya Clean
AegisLab Trojan.Win32.Razy.4!c
Sangfor Trojan.Win64.TurtleLoader.F
CrowdStrike win/malicious_confidence_60% (W)
BitDefender Gen:Variant.Razy.853088
K7GW Trojan ( 005795761 )
K7AntiVirus Trojan ( 005795761 )
Baidu Clean
Cyren Clean
Symantec Trojan.Gen.2
TotalDefense Clean
APEX Clean
Avast Win64:Trojan-gen
Cynet Malicious (score: 100)
Kaspersky Trojan.Win32.Ligooc.kw
Alibaba Clean
NANO-Antivirus Clean
ViRobot Clean
MicroWorld-eScan Gen:Variant.Razy.853088
Tencent Clean
Ad-Aware Gen:Variant.Razy.853088
Sophos Mal/Generic-S
Comodo Clean
F-Secure Clean
DrWeb Trojan.DownLoader37.55025
VIPRE Clean
TrendMicro Clean
McAfee-GW-Edition Artemis!Trojan
CMC Clean
Emsisoft Gen:Variant.Razy.853088 (B)
Ikarus Trojan.Win64.Crypt
GData Gen:Variant.Razy.853088
Jiangmin Clean
MaxSecure Clean
Avira Clean
MAX malware (ai score=80)
Antiy-AVL Clean
Kingsoft Win32.Troj.Ligooc.kw.(kcloud)
Gridinsoft Clean
Arcabit Clean
SUPERAntiSpyware Clean
ZoneAlarm Trojan.Win32.Ligooc.kw
Microsoft Trojan:Win64/TurtleLoader.F!dha
AhnLab-V3 Clean
Acronis Clean
BitDefenderTheta Clean
ALYac Trojan.IcedID.gen
TACHYON Clean
VBA32 Clean
Malwarebytes Clean
Panda Trj/CI.A
Zoner Clean
ESET-NOD32 a variant of Win64/Kryptik.CID
TrendMicro-HouseCall TROJ_GEN.R002H09CI21
Rising Trojan.Kryptik!8.8 (CLOUD)
Yandex Clean
SentinelOne Clean
eGambit Clean
Fortinet W64/Kryptik.CID!tr
Webroot W32.Malware.Gen
AVG Win64:Trojan-gen
Paloalto generic.ml
Qihoo-360 Win64/Trojan.Generic.HggASRAA
No IRMA results available.