popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2062-10-11 06:18:31

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x0000e7a4 0x0000e800 5.92198124073
.rsrc 0x00012000 0x00010ef0 0x00011000 3.56189670813
.reloc 0x00024000 0x0000000c 0x00000200 0.0815394123432

Resources

Name Offset Size Language Sub-language File type
RT_ICON 0x00012130 0x00010828 LANG_NEUTRAL SUBLANG_NEUTRAL dBase IV DBT, blocks size 0, block length 2048, next free block index 40, next free block 0, next used block 0
RT_GROUP_ICON 0x00022958 0x00000014 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_VERSION 0x0002296c 0x00000398 LANG_ENGLISH SUBLANG_ENGLISH_US data
RT_MANIFEST 0x00022d04 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
v4.0.30319
#Strings
Nullable`1
List`1
Advapi32
Kernel32
ToInt32
LSA_TRUST_INFORMATION
System.IO
LSA_OBJECT_ATTRIBUTES
LSA_REFERENCED_DOMAIN_LIST
mscorlib
System.Collections.Generic
Microsoft.VisualBasic
Versioned
Synchronized
IsEqualDomainSid
GetWindowsAccountDomainSid
CreateWellKnownSid
IsWellKnownSid
ConvertStringSidToSid
Replace
SecurityQualityOfService
LocalFree
IDisposable
RuntimeTypeHandle
GetTypeFromHandle
SafeLsaPolicyHandle
SafeLsaMemoryHandle
ObjectName
CallByName
WellKnownSidType
CallType
Capture
ApplicationSettingsBase
Dispose
EditorBrowsableState
CompilerGeneratedAttribute
GeneratedCodeAttribute
DebuggerNonUserCodeAttribute
EditorBrowsableAttribute
DefaultSettingValueAttribute
UserScopedSettingAttribute
ParamArrayAttribute
ReadByte
ToByte
get_Value
Initialize
SizeOf
System.Diagnostics.Tracing
DownloadString
ToString
IsMatch
get_Length
get_BinaryLength
MaxBinaryLength
Marshal
System.Security.Principal
System.ComponentModel
MemoryStream
get_Item
set_Item
System
get_BinaryForm
GetBinaryForm
Boolean
get_Revision
get_IdentityReference_InvalidSidRevision
System.Configuration
System.Globalization
System.Reflection
MatchCollection
GroupCollection
WebHeaderCollection
Win32Exception
CannotUnloadAppDomainException
UnauthorizedAccessException
ArgumentException
OutOfMemoryException
CultureInfo
Interop
ToChar
FieldBuilder
_MethodBuilder
DefaultBinder
SafeBuffer
ResourceManager
SecurityIdentifier
System.CodeDom.Compiler
AcquirePointer
ReleasePointer
GetLastWin32Error
LsaNtStatusToWinError
IEnumerator
GetEnumerator
.cctor
SecurityDescriptor
IntPtr
System.Diagnostics
System.Runtime.InteropServices
Microsoft.VisualBasic.CompilerServices
System.Runtime.CompilerServices
System.Resources
.Properties.Resources.resources
Matches
Entries
MaxSubAuthorities
get_IdentityReference_InvalidNumberOfSubauthorities
Microsoft.Win32.SafeHandles
Attributes
Microsoft.Win32.Primitives
EventSourceSettings
Domains
Contains
System.Text.RegularExpressions
System.Collections
get_Groups
get_Chars
get_Headers
PolicyRights
System.Security.Principal.Windows
Concat
Format
Object
System.Net
op_Explicit
System.Reflection.Emit
WebClient
get_Current
Convert
MoveNext
LsaOpenPolicy
get_Assembly
RootDirectory
op_Equality
op_Inequality
wGxdx5xU
wGxdx5xs
wGxdx5xe
wGxdx5xr
wGxdx5xA
wGxdx5xg
wGxdx5xe
wGxdx5xn
wGxdx5xt
wGxdx5x:
wGxdx5x
wGxdx5xj
wGxdx5xi
wGxdx5x
wGxdx5x{
wGxdx5x
wGxdx5xn
wGxdx5xr
wGxdx5x
wGxdx5xi
wGxdx5x}
wGxdx5x{
wGxdx5x
wGxdx5xz
wGxdx5x
wGxdx5x
wGxdx5x~
wGxdx5xq
wGxdx5x}
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5xM
wGxdx5xo
wGxdx5xz
wGxdx5xi
wGxdx5xl
wGxdx5xl
wGxdx5xa
wGxdx5x/
wGxdx5x5
wGxdx5x.
wGxdx5x0
wGxdx5x
wGxdx5x(
wGxdx5xX
wGxdx5x1
wGxdx5x1
wGxdx5x;
wGxdx5xj
wGxdx5xi
wGxdx5x
wGxdx5x{
wGxdx5x
wGxdx5xn
wGxdx5xr
wGxdx5x
wGxdx5xi
wGxdx5x}
wGxdx5x{
wGxdx5x
wGxdx5xz
wGxdx5x
wGxdx5x
wGxdx5x~
wGxdx5xq
wGxdx5x}
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5xL
wGxdx5xi
wGxdx5xn
wGxdx5xu
wGxdx5xx
wGxdx5x
wGxdx5xx
wGxdx5x8
wGxdx5x6
wGxdx5xj
wGxdx5xi
wGxdx5x
wGxdx5x{
wGxdx5x
wGxdx5xn
wGxdx5xr
wGxdx5x
wGxdx5xi
wGxdx5x}
wGxdx5x{
wGxdx5x
wGxdx5xz
wGxdx5x
wGxdx5x
wGxdx5x~
wGxdx5xq
wGxdx5x}
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x_
wGxdx5x6
wGxdx5x4
wGxdx5x)
wGxdx5x
wGxdx5xj
wGxdx5xi
wGxdx5x
wGxdx5x{
wGxdx5x
wGxdx5xn
wGxdx5xr
wGxdx5x
wGxdx5xi
wGxdx5x}
wGxdx5x{
wGxdx5x
wGxdx5xz
wGxdx5x
wGxdx5x
wGxdx5x~
wGxdx5xq
wGxdx5x}
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5xA
wGxdx5xp
wGxdx5xp
wGxdx5xl
wGxdx5xe
wGxdx5xW
wGxdx5xe
wGxdx5xb
wGxdx5xK
wGxdx5xi
wGxdx5xt
wGxdx5x/
wGxdx5x5
wGxdx5x3
wGxdx5x7
wGxdx5xj
wGxdx5xi
wGxdx5x
wGxdx5x{
wGxdx5x
wGxdx5xn
wGxdx5xr
wGxdx5x
wGxdx5xi
wGxdx5x}
wGxdx5x{
wGxdx5x
wGxdx5xz
wGxdx5x
wGxdx5x
wGxdx5x~
wGxdx5xq
wGxdx5x}
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x.
wGxdx5x3
wGxdx5x6
wGxdx5x
wGxdx5x(
wGxdx5xj
wGxdx5xi
wGxdx5x
wGxdx5x{
wGxdx5x
wGxdx5xn
wGxdx5xr
wGxdx5x
wGxdx5xi
wGxdx5x}
wGxdx5x{
wGxdx5x
wGxdx5xz
wGxdx5x
wGxdx5x
wGxdx5x~
wGxdx5xq
wGxdx5x}
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5xK
wGxdx5xH
wGxdx5xT
wGxdx5xM
wGxdx5xL
wGxdx5x,
wGxdx5x
wGxdx5xl
wGxdx5xj
wGxdx5xi
wGxdx5x
wGxdx5x{
wGxdx5x
wGxdx5xn
wGxdx5xr
wGxdx5x
wGxdx5xi
wGxdx5x}
wGxdx5x{
wGxdx5x
wGxdx5xz
wGxdx5x
wGxdx5x
wGxdx5x~
wGxdx5xq
wGxdx5x}
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5xi
wGxdx5xk
wGxdx5xe
wGxdx5x
wGxdx5xj
wGxdx5xi
wGxdx5x
wGxdx5x{
wGxdx5x
wGxdx5xn
wGxdx5xr
wGxdx5x
wGxdx5xi
wGxdx5x}
wGxdx5x{
wGxdx5x
wGxdx5xz
wGxdx5x
wGxdx5x
wGxdx5x~
wGxdx5xq
wGxdx5x}
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5xG
wGxdx5xe
wGxdx5xc
wGxdx5xk
wGxdx5xo
wGxdx5x)
wGxdx5x
wGxdx5xC
wGxdx5xh
wGxdx5xr
wGxdx5xo
wGxdx5xm
wGxdx5xe
wGxdx5xj
wGxdx5xi
wGxdx5x
wGxdx5x{
wGxdx5x
wGxdx5xn
wGxdx5xr
wGxdx5x
wGxdx5xi
wGxdx5x}
wGxdx5x{
wGxdx5x
wGxdx5xz
wGxdx5x
wGxdx5x
wGxdx5x~
wGxdx5xq
wGxdx5x}
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x/
wGxdx5x5
wGxdx5x1
wGxdx5x.
wGxdx5xj
wGxdx5xi
wGxdx5x
wGxdx5x{
wGxdx5x
wGxdx5xn
wGxdx5xr
wGxdx5x
wGxdx5xi
wGxdx5x}
wGxdx5x{
wGxdx5x
wGxdx5xz
wGxdx5x
wGxdx5x
wGxdx5x~
wGxdx5xq
wGxdx5x}
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x0
wGxdx5x.
wGxdx5x2
wGxdx5x7
wGxdx5x0
wGxdx5x4
wGxdx5x.
wGxdx5xj
wGxdx5xi
wGxdx5x
wGxdx5x{
wGxdx5x
wGxdx5xn
wGxdx5xr
wGxdx5x
wGxdx5xi
wGxdx5x}
wGxdx5x{
wGxdx5x
wGxdx5xz
wGxdx5x
wGxdx5x
wGxdx5x~
wGxdx5xq
wGxdx5x}
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x1
wGxdx5x0
wGxdx5x6
wGxdx5x
wGxdx5xS
wGxdx5xa
wGxdx5xf
wGxdx5xj
wGxdx5xi
wGxdx5x
wGxdx5x{
wGxdx5x
wGxdx5xn
wGxdx5xr
wGxdx5x
wGxdx5xi
wGxdx5x}
wGxdx5x{
wGxdx5x
wGxdx5xz
wGxdx5x
wGxdx5x
wGxdx5x~
wGxdx5xq
wGxdx5x}
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5xa
wGxdx5xr
wGxdx5xi
wGxdx5x/
wGxdx5x5
wGxdx5x3
wGxdx5x7
wGxdx5xj
wGxdx5xi
wGxdx5x
wGxdx5x{
wGxdx5x
wGxdx5xn
wGxdx5xr
wGxdx5x
wGxdx5xi
wGxdx5x}
wGxdx5x{
wGxdx5x
wGxdx5xz
wGxdx5x
wGxdx5x
wGxdx5x~
wGxdx5xq
wGxdx5x}
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x.
wGxdx5x3
wGxdx5x6
wGxdx5x
wGxdx5xO
wGxdx5xP
wGxdx5xR
wGxdx5x/
wGxdx5xj
wGxdx5xi
wGxdx5x
wGxdx5x{
wGxdx5x
wGxdx5xn
wGxdx5xr
wGxdx5x
wGxdx5xi
wGxdx5x}
wGxdx5x{
wGxdx5x
wGxdx5xz
wGxdx5x
wGxdx5x
wGxdx5x~
wGxdx5xq
wGxdx5x}
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x3
wGxdx5x8
wGxdx5x.
wGxdx5x0
wGxdx5x.
wGxdx5xj
wGxdx5xi
wGxdx5x
wGxdx5x{
wGxdx5x
wGxdx5xn
wGxdx5xr
wGxdx5x
wGxdx5xi
wGxdx5x}
wGxdx5x{
wGxdx5x
wGxdx5xz
wGxdx5x
wGxdx5x
wGxdx5x~
wGxdx5xq
wGxdx5x}
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x2
wGxdx5x2
wGxdx5x2
wGxdx5x0
wGxdx5x.
wGxdx5x4
wGxdx5x1
wGxdx5xj
wGxdx5xi
wGxdx5x
wGxdx5x{
wGxdx5x
wGxdx5xn
wGxdx5xr
wGxdx5x
wGxdx5xi
wGxdx5x}
wGxdx5x{
wGxdx5x
wGxdx5xz
wGxdx5x
wGxdx5x
wGxdx5x~
wGxdx5xq
wGxdx5x}
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
wGxdx5x
3System.Resources.Tools.StronglyTypedResourceBuilder
4.0.0.0
KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator
16.6.0.0
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>PAPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDING
xodAXEaLve
[^\u0000-\u007F]+
BulletProofVPS.Properties.Resources
VS_VERSION_INFO
StringFileInfo
040904e4
Comments
CompanyName
FileDescription
FileVersion
8.727.857.169
InternalName
LegalCopyright
All Rights Reserved
LegalTrademarks
OriginalFilename
ProductName
ProductVersion
8.727.857.169
Assembly Version
8.727.857.169
VarFileInfo
Translation
Antivirus Signature
Bkav Clean
Elastic malicious (high confidence)
MicroWorld-eScan Trojan.GenericKD.36537603
CMC Clean
CAT-QuickHeal Clean
McAfee Artemis!5C2CD6D19381
Cylance Unsafe
Zillya Clean
Sangfor Trojan.Win32.Save.a
K7AntiVirus Trojan-Downloader ( 0057964b1 )
Alibaba Clean
K7GW Trojan-Downloader ( 0057964b1 )
Cybereason Clean
Baidu Clean
Cyren W32/MSIL_Kryptik.DQG.gen!Eldorado
ESET-NOD32 a variant of MSIL/TrojanDownloader.Agent.HPD
APEX Malicious
Avast Win32:Trojan-gen
ClamAV Clean
Kaspersky HEUR:Trojan.MSIL.PowerShell.gen
BitDefender Trojan.GenericKD.36537603
NANO-Antivirus Clean
ViRobot Clean
AegisLab Trojan.Multi.Generic.4!c
Tencent Clean
Ad-Aware Trojan.GenericKD.36537603
TACHYON Clean
Sophos Mal/Generic-S
Comodo Clean
F-Secure Clean
DrWeb Trojan.DownLoader37.62775
VIPRE Clean
TrendMicro Clean
McAfee-GW-Edition Artemis!Trojan
FireEye Generic.mg.5c2cd6d19381ac5a
Emsisoft Trojan.GenericKD.36537603 (B)
SentinelOne Static AI - Malicious PE
GData Trojan.GenericKD.36537603
Jiangmin Clean
Webroot W32.Trojan.Gen
Avira Clean
Antiy-AVL Clean
Kingsoft Win32.Troj.Undef.(kcloud)
Gridinsoft Clean
Arcabit Clean
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft Trojan:MSIL/AgentTesla.MS!MTB
Cynet Clean
AhnLab-V3 Clean
Acronis Clean
VBA32 Clean
ALYac Clean
MAX malware (ai score=83)
Malwarebytes Clean
Zoner Clean
TrendMicro-HouseCall Clean
Rising Downloader.Agent!8.B23 (CLOUD)
Yandex Clean
Ikarus Trojan-Downloader.MSIL.Agent
MaxSecure Clean
Fortinet MSIL/Agent.HPD!tr.dldr
BitDefenderTheta Gen:NN.ZemsilF.34628.hm0@a8mxuJni
AVG Win32:Trojan-gen
Panda Clean
CrowdStrike win/malicious_confidence_80% (W)
Qihoo-360 Win32/Trojan.Generic.HgIASREA
No IRMA results available.