popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2049-07-31 22:25:28

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x00005e24 0x00006000 6.34859488327
.rsrc 0x00008000 0x00000838 0x00000a00 5.18915100408
.reloc 0x0000a000 0x0000000c 0x00000200 0.0815394123432

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x000080a0 0x000005ac LANG_ENGLISH SUBLANG_ENGLISH_US data
RT_MANIFEST 0x0000864c 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
v4.0.30319
#Strings
List`1
ToInt32
System.IO
mscorlib
System.Collections.Generic
Microsoft.VisualBasic
Versioned
Synchronized
Append
Replace
set_AutoScaleMode
IDisposable
RuntimeTypeHandle
GetTypeFromHandle
CallByName
CallType
Capture
ApplicationSettingsBase
Dispose
EditorBrowsableState
STAThreadAttribute
CompilerGeneratedAttribute
GeneratedCodeAttribute
UnverifiableCodeAttribute
DebuggerNonUserCodeAttribute
EditorBrowsableAttribute
DefaultSettingValueAttribute
UserScopedSettingAttribute
ScopelessEnumAttribute
ParamArrayAttribute
WriteByte
ToByte
get_Value
GetObjectValue
Remove
set_ClientSize
DownloadString
ToString
disposing
System.Runtime.Remoting
System.Drawing
IsMatch
get_Length
SerStack
System.ComponentModel
ContainerControl
System.Security.AccessControl
MemoryStream
get_Item
set_Item
System
Boolean
System.Configuration
System.Globalization
System.Reflection
MatchCollection
GroupCollection
WebHeaderCollection
IConstantMembershipCondition
Exception
CultureInfo
ToChar
StringBuilder
EventBuilder
ResourceManager
System.CodeDom.Compiler
IContainer
ContractHelper
Converter
RSAOAEPKeyExchangeDeformatter
IEnumerator
GetEnumerator
.cctor
System.Diagnostics
Microsoft.VisualBasic.CompilerServices
System.Runtime.CompilerServices
System.Resources
.Properties.Resources.resources
Matches
System.Windows.Forms
Contains
System.Text.RegularExpressions
System.Collections
get_Groups
get_Chars
get_Headers
RuntimeHelpers
CryptoKeyRights
Concat
Object
System.Net
System.Reflection.Emit
WebClient
get_Current
Convert
MoveNext
System.Text
set_Text
ToArray
System.Security.Policy
System.Security.Cryptography
get_Assembly
System.Runtime.Serialization.Formatters.Binary
DelayLoadClientChannelEntry
System.Security
*n-n"n/n,n
ZBZ0Z5Z
Z1Z8Z*Z
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
)$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
'$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
!$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
5$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
%$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
$5M5"565.5)5$5X5R5(5Q5J5.5*5W5O5N5P5E5 5(5)5L5U5F58545@5*5S525J5B5 5O565
3System.Resources.Tools.StronglyTypedResourceBuilder
4.0.0.0
KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator
16.6.0.0
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>PAPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGX
WindowsFormsApp1.Properties.Resources
RtkrlBxMoI
ttp://liverpooldabestteamoftheworld.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-7A2AB40279D7479606C06352F7C02022.html
http://liverpooldabestteamoftheworld.co
m/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-073BDF3395BFB968CA94EEC59190E8D0.html
http://liverpooldabestteamoftheworld.com/liverp
ool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-8E156582C0AB58A409D662D5717608E5.html
UserAgent:
Mozilla/5.0 (X11;
Linux x86
AppleWebKit/537
KHTML, l
Gecko) Chrome
0.2704.
106 Saf
ari/537
.36 OPR/
2220.41
a name="
="([\w
VS_VERSION_INFO
StringFileInfo
040904e4
Comments
CompanyName
FileDescription
FileVersion
2.707.367.831
InternalName
LegalCopyright
All Rights Reserved
LegalTrademarks
OriginalFilename
ProductName
ProductVersion
2.707.367.831
Assembly Version
2.707.367.831
VarFileInfo
Translation
Antivirus Signature
Bkav Clean
Elastic malicious (high confidence)
MicroWorld-eScan Gen:Variant.Bulz.397751
FireEye Generic.mg.2dad7653e7530107
CAT-QuickHeal Clean
ALYac Trojan.Agent.Wacatac
Cylance Unsafe
Sangfor Trojan.Win32.Save.a
K7AntiVirus Trojan-Downloader ( 0057949f1 )
BitDefender Gen:Variant.Bulz.397751
K7GW Trojan-Downloader ( 0057949f1 )
Cybereason malicious.707b94
Arcabit Trojan.Bulz.D611B7
BitDefenderTheta Gen:NN.ZemsilF.34628.bm0@a8Y2hKpi
Cyren W32/MSIL_Kryptik.DNK.gen!Eldorado
Symantec ML.Attribute.HighConfidence
TotalDefense Clean
TrendMicro-HouseCall TROJ_GEN.R002H0CCI21
Paloalto Clean
Cynet Malicious (score: 100)
Alibaba Trojan:MSIL/PowerShell.cc9cb3c5
NANO-Antivirus Clean
ViRobot Trojan.Win32.Z.Bulz.28160.H
AegisLab Trojan.Multi.Generic.4!c
Tencent Clean
Ad-Aware Gen:Variant.Bulz.397751
Emsisoft Trojan-Downloader.Agent (A)
Comodo Malware@#desjeiwpv5cg
F-Secure Clean
DrWeb Clean
Zillya Clean
TrendMicro Clean
CMC Clean
Sophos Mal/Generic-S
SentinelOne Static AI - Malicious PE
Jiangmin Clean
MaxSecure Trojan.Malware.74168641.susgen
Avira TR/Dldr.Agent.hriyz
MAX malware (ai score=81)
Antiy-AVL Clean
Kingsoft Win32.Troj.Undef.(kcloud)
Gridinsoft Trojan.Win32.Downloader.oa
Microsoft Trojan:Win32/Ditertag.A
SUPERAntiSpyware Clean
ZoneAlarm Clean
GData Gen:Variant.Bulz.397751
AhnLab-V3 Trojan/Msil.AgentTesla!MTB.R372915
Acronis Clean
VBA32 TScope.Trojan.MSIL
TACHYON Clean
Malwarebytes Trojan.Downloader.MSIL
APEX Malicious
ESET-NOD32 a variant of MSIL/TrojanDownloader.Agent.HOL
Rising Downloader.Agent!8.B23 (CLOUD)
Yandex Clean
Ikarus Trojan.MSIL.Inject
eGambit Clean
Fortinet MSIL/Agent.HOL!tr.dldr
Webroot Clean
Panda Trj/GdSda.A
CrowdStrike win/malicious_confidence_100% (W)
Qihoo-360 Win32/Trojan.Generic.HgIASQ8A
No IRMA results available.