popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2018-06-06 02:03:45

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x00007ebf 0x00008000 7.70101360179

!This program cannot be run in DOS mode.
<R>VfVV
#45:7%%809V
VVWVVV
>VVV^<
#45:7%%809V
>VVV^<
VVVV#R"TYE
NVVSopVV>NTVV
VfVV"Zs
PPPPQPPV
VVVV#P"R
)FVvVVY
BVVVsV
V&V3V5VsVVV
tVVVyV5VvV%V"V7V$V"VvVtVtVvVtVsV%VtVVV
ZVVV$V#V8V7V%VVV
_VVV%4?32::VV
#$$38"
98"$9:
3$ ?53%
VVV'3;#VVVVVV ?$"#7:VVV ;!7$3VVVV.38VVVVVVVV
VVVV#S"U/<x
VVV=V3V$V8V3V:VeVdVVV#V%V3V$VeVdVVVVVVV7V2V V7V&V?VeVdVVV%V>V3V:V:VeVdVVVVVV
+G}A B
@SVWATH
UxSubclassInfo
[j`XeH
CreateThread
CloseHandle
SetPropA
0A\_^[
$hFa.Zc
MmU*Wj]IUh
KOhZLRWU
v7TIRh
b.T Wc
U{4*f2O
Uxr|bI
G3XKVs
YaV|`D
\NpU[.s_
I<h_3C
;UGKH;
DG,heG
Ww &%k
W)9G[\T
PEvlbA lT
LEEK`U
hrtsXU
LNn5LYiPH
wDFtemv(AI
ThFNX7u
wlW3"Le
)h Xl['
TmW)RO
DhU|T*
~T|S@V
&TEF>^A
@T$"X\
jEY\?aG
LuLVhU
j^fJhR
NPnyLNk
Jz){Lsj
gVmql<@
qIW$|C5
=Zq<Z@
PW~^|F
yp8\(w
jJlhy5
V\EBVmV
,h+;<`
SpU\Wh
i54VXQ
|]3CXU
?QwBhSG
vAF'W$k
V|ZzRjV$Ux
^nQ(Wl
f"eHfld
iQ=UmW
W.T Wc
nU1UmU(
Um/F_I
}rU7dP
\-QbUWIT
\t!]L=
Vh=wVh
UaZ{vd
"yUG,dV
tCDJnU/
^UlA.pXE
zh!Vto
nC\Ph^
TlVH]3C"W
rHU$^IU
iA\V|U
Vs<,V)
$4$*uW)1$
`K9A})
=eSx <
e#VPur1
HP.(yw?
6QDV5%
Vt{3CKU
^ UE&x
+TEV+EG
q}'^ 6
]3Z}+,S
Z5]>p5^
&H-e&H
9hEF[XU
@wBhUOn
CwzelP%2
!DF0Y$
Y9N$Vq |
3yftZ<{
4ZUA.i
jUFW$UG
fFRRAZhS
f UG"Lm
Hht<I(
W:@<V{
&iGL^hG
[hG,KlG
VBLbxU
~hX,Kn%
JhU-KhUdS
hUp'i%
VgU3YhZ
VgU3YhZ
%08X%08X
Antivirus Signature
Bkav W32.AIDetect.malware1
Elastic malicious (high confidence)
DrWeb Trojan.PWS.Spy.21017
MicroWorld-eScan Gen:Variant.Ser.Razy.7042
FireEye Generic.mg.800b215d94cf5361
CAT-QuickHeal Clean
ALYac Gen:Variant.Ser.Razy.7042
Cylance Unsafe
VIPRE Trojan.Win32.Winwebsec.m (v)
AegisLab Trojan.Win32.Generic.4!c
Sangfor Trojan.Win32.Save.a
CrowdStrike win/malicious_confidence_100% (D)
BitDefender Gen:Variant.Ser.Razy.7042
K7GW Trojan-Downloader ( 0052c9d61 )
K7AntiVirus Trojan-Downloader ( 0052c9d61 )
BitDefenderTheta AI:Packer.EB5DFF611E
Cyren W32/Dofoil.H.gen!Eldorado
Symantec ML.Attribute.HighConfidence
TotalDefense Clean
Zoner Clean
TrendMicro-HouseCall Trojan.Win32.ZURGOP.SM
Avast Win32:Malware-gen
ClamAV Win.Malware.Razy-7588168-0
Kaspersky HEUR:Trojan.Win32.Generic
Alibaba TrojanDownloader:Win32/Zurgop.e6862447
NANO-Antivirus Trojan.Win32.Zurgop.fednlb
ViRobot Clean
Rising Downloader.Zurgop!8.4BB (CLOUD)
Ad-Aware Gen:Variant.Ser.Razy.7042
Sophos ML/PE-A + Mal/Behav-204
Comodo Malware@#18lp5b3ss14sy
F-Secure Trojan.TR/Crypt.XPACK.Gen
Baidu Clean
Zillya Trojan.Generic.Win32.1241921
TrendMicro Trojan.Win32.ZURGOP.SM
McAfee-GW-Edition BehavesLike.Win32.VirRansom.nc
SentinelOne Static AI - Malicious PE
CMC Clean
Emsisoft Trojan-Downloader.Zurgop (A)
Ikarus Trojan-Downloader.Win32.Dofoil
GData Gen:Variant.Ser.Razy.7042
Jiangmin Trojan.Generic.cspjr
Webroot Clean
Avira TR/Crypt.XPACK.Gen
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Clean
Arcabit Clean
SUPERAntiSpyware Clean
ZoneAlarm HEUR:Trojan.Win32.Generic
Microsoft TrojanDownloader:Win32/Dofoil.AD
Cynet Malicious (score: 100)
AhnLab-V3 Trojan/Win32.Dofoil.R223509
Acronis suspicious
McAfee GenericRXGK-YC!800B215D94CF
MAX malware (ai score=88)
VBA32 TScope.Malware-Cryptor.SB
Malwarebytes Trojan.Agent
Panda Trj/CI.A
APEX Malicious
ESET-NOD32 a variant of Win32/Smokeloader.J
Tencent Win32.Trojan.Generic.Dvpj
Yandex Trojan.Agent!d96018NE7Ww
TACHYON Clean
MaxSecure Trojan.Malware.300983.susgen
Fortinet W32/Zurgop.DA!tr
AVG Win32:Malware-gen
Cybereason malicious.d94cf5
Paloalto generic.ml
Qihoo-360 Win32/Trojan.Generic.HxMBP1AA
No IRMA results available.