popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2101-06-05 10:55:26

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x0000c9e4 0x0000ca00 5.01029876554
.rsrc 0x00010000 0x00010ea4 0x00011000 3.65962866438
.reloc 0x00022000 0x0000000c 0x00000200 0.0776331623432

Resources

Name Offset Size Language Sub-language File type
RT_ICON 0x00010130 0x00010828 LANG_NEUTRAL SUBLANG_NEUTRAL dBase IV DBT, blocks size 0, block length 2048, next free block index 40, next free block 0, next used block 0
RT_GROUP_ICON 0x00020958 0x00000014 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_VERSION 0x0002096c 0x0000034c LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_MANIFEST 0x00020cb8 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
v4.0.30319
#Strings
List`1
ToInt32
Dictionary`2
MbePtAjgUazHnblLMZCvQTuRkOmUdHCiGDAFGMCxoYcZlbB
WthalXBcQvMDinpiB
SfLiWBLMAPepCuSqTATzHhtrYSpmqURtB
GMxtgNQpcKuzGrXdSelcuLJdfPeGJuB
RxHGYlgfYRwnaWICWTBGJAQNPcUZzB
RtZdbOpZgIECPGgOUJRsrHGUGvQNjwowyUzdjcmMUMJaC
ZuwxNyuiHlaUCjPCqMAbyD
MTAaBMxdHEDARboBfmctQJLsqcEpE
ZpcayCehzJnizBjntsSWBVerE
ZitIwtF
URvOTGtDlncFzNhmdKmcRHqVshG
VfldgHdLaOJgkG
JkaIjLxIPrfPgiFYDfrFXwRH
SigIrKWpBufTNeJWVuLzCathNwMcH
MViPEJsXLBSJLBKQurYhqVLwEKYfbvPLkcpQcZqH
IgXyvbFLcnEI
EzOsiauQEfmMSuGdfPI
KDsbuUdFonQlRHNikWieVnFQI
MgJWQlbxZWXHQOyGSMnbJeFqOvcoVRI
NCPcZHQVvykZDhFeTZkcBhygaMtonVXI
NUmoWmMAgqdJSCJfKPeKCFqQVRSqjtgTqSyjiEBSQRJ
VasZgGZJ
TwvZSERNwjfFclMxqcdPQMCuzkqPBKwfdGvSdySoCWJUSrEK
RjkAfBmXlMRfVfUhLXDYxiHIdkYcZMimvRYQrIMkXgJANPZuK
WFQuGuzK
BFBflHhIaHzbUAECXL
CrMVqBsjRgZnNzwRSuwpwfsXL
get_HHVDNMxwuPQRhodOWjSavJepOUOXQPmcrEBypLSVXKBM
set_HHVDNMxwuPQRhodOWjSavJepOUOXQPmcrEBypLSVXKBM
XnQZLbM
UCGLAVgZsiDHCN
WHvWNdjEwZRsBriyPFrgLYrQXJwAkUnVN
AnLoskjN
LqJMexFXCQJuidVgcFSxfyFXGrlN
JgtzOnHtvAlNurSqwJpYGYPolyN
System.IO
MkTNiTZyFbzMGiCKBHMwStIhBsiujMCinovGULyYNO
BTwrhYuDOHvMtxFWameDXEhPNgeJoO
ZKsicpjfpwUMaipNTYHzpkFHzSONADojnUuvBEbuMPeoEP
JjGHiIEcWsrOvsBDcvfOyMimcLJckaArP
YCyJsUlnQ
XqgcFOqGTiDlCtlS
IKeaGcOePqSEKrwzyqAlykUeylbULvGZQwWUJT
XsAGSTFrFpCstaniWPEoVJHXGU
CgbdZeLAIWeOIfVgVsuwyHbViUjdIYBaXjPmKcQwrBHU
BSsFVanDQreEGOsWaFuqMJTlYVqMLfNlSW
JydyhQsqKBnRqgJXbX
ODBQLPHobY
LCnPgVIqfNCEbjYoOjlKBnDgFGYDaXPbFiOcznwxDxuEfyY
QePMDvakmoVPnYPjCAhZuOmgbLkPVqNzrmtERBcYAVZ
WymfbOvmRWnITxZOzhSa
YBzgILdHFRpsRotmvFcVJbOVb
MjZNuYhsYahmJaSpECWOvzcxSEbykVxpOGhQcCvGHcqvlEqgb
mscorlib
get_BZqVkuFjKZRFxjKGySQaRuKnholNipqMBsTVMKdTkb
SjrkaepMovfDuJsPrIozRXbtFwYBRVSZYc
System.Collections.Generic
Microsoft.VisualBasic
Versioned
Synchronized
Replace
IDisposable
RuntimeTypeHandle
GetTypeFromHandle
CallByName
CallType
Capture
ApplicationSettingsBase
Dispose
EditorBrowsableState
CompilerGeneratedAttribute
NonSerializedAttribute
GeneratedCodeAttribute
DebuggerNonUserCodeAttribute
EditorBrowsableAttribute
DefaultSettingValueAttribute
UserScopedSettingAttribute
ParamArrayAttribute
WriteByte
ToByte
get_Value
CgbdZeLAIWeOIfVgVsuwyHbViUjdIYBaXjPmKcQwrBHU.exe
get_AJdLMnfUpIbrTPaOhgOtqBhmyoMHkoTEPNJvahOf
set_AJdLMnfUpIbrTPaOhgOtqBhmyoMHkoTEPNJvahOf
CCzQCZMjxAKvcvoOf
JlOROZTYgjAWf
MOaPXaZSZgzEYdyHyjkKhdKrUKFEMUqAmwdDg
QsvNAQsuhbAjTahNqOkObUVfruyuIrUJngJfg
DownloadString
ToString
ZlduTyfCrPfKJkBwFLiKzg
IsMatch
get_Length
TLsCWAnzh
VgePYsCaVBmkOMzThi
HJWhJrbMYRyIxIDIFRabUlLk
System.ComponentModel
AScGAcqsUcQAzfPAqcehmBwNsyePAQXeUpvTWCuVoMBUaUuxl
MZwYHkDiCxQm
DxvhdqIdJUm
MemoryStream
get_Item
set_Item
System
HLNrlJCBxUDkYyEFKeheQclsaqyhVn
Boolean
System.Deployment.Internal.Isolation
System.Configuration
System.Globalization
System.Reflection
MatchCollection
GroupCollection
WebHeaderCollection
KeyCollection
DivideByZeroException
CultureInfo
IjsbrQckqchzraKuISdqAmqRvHqlxAnfErAixp
OMBzwMawfZiaQeApPctFSQOAgIHmtZbhzp
IQjLlUKnVqLgzJmTNvaqNOoaVIEYMTRijwtyGqOwWhGq
LVEuELeJSARInXqsywrQcTtudtoq
TxXnHAgDZqrIvOGizgjsDQGeIfOgWSECZvgKgurUr
ToChar
ResourceManager
System.CodeDom.Compiler
ResourceHelper
ConcurrentExclusiveSchedulerPair
IEnumerator
GetEnumerator
.cctor
VLCpCNgtDhkSHnyOAeAfTbGhjpfKzRvXMYPMjlKeTAs
RBoAqDBGIs
System.Diagnostics
Microsoft.VisualBasic.CompilerServices
System.Runtime.CompilerServices
System.Resources
TwvZSERNwjfFclMxqcdPQMCuzkqPBKwfdGvSdySoCWJUSrEK.Properties.Resources.resources
Matches
System.Threading.Tasks
Contains
System.Text.RegularExpressions
System.Collections
get_Groups
get_Chars
get_Headers
SxiUmpKlMAULFfadvTZimUSbfziGCxLYFt
Concat
Format
Object
System.Net
WebClient
SecurityDocumentElement
Environment
get_Current
Convert
ARemrtNSIxWgmzut
MoveNext
IActContext
MCBTYjVmbISJmYOhvdwTeBsOTgoMZsAPjioHpnWDcwlGEKBu
DEDQvQMnpfhLzEYQLbuqpurgTCihKzihzDaJv
XcpNnwGEuFhYbBmhknzJBXvyWwBlgkGERv
UIPVRtv
RnOrIwUtjguzxrNbCAfNjkVQrBkltqQPWACYGdxHUFjwGveVw
XQWTaTPrgbWxYAjJIhwULKWFsNx
GgyNTCnBuKygpKDvaCEBxqTdEMAxLqenpzbnWNskgPx
QjlfypyUzpQIqCWrhix
get_QYECnthleBKVhtx
QhQWMrbHowx
get_Assembly
NxAyKaOxBgfFOZrJImnavarDxLelPGkTjTrFmtnfOAhpy
System.Security
TbctxLrjubgEGvjwDiwjqkaIDSGexBHz
3System.Resources.Tools.StronglyTypedResourceBuilder
4.0.0.0
KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator
16.6.0.0
_CorExeMain
mscoree.dll
x4}5z6
x4{Dy7~sy5}
|7|%w7}Sy6}
4x7~ay6~
By6~qy6}
$z5}Qy6
2x5~_y5~
y6}Ax6
w4|1x6~]z6}
y4}?x7
{.{!x7
l0qnl0qnl0qnl0qnl0qnl2qem.r1
Jx6~yz5~
k0rof3f
:y5~iz5}
,x6~Yy6~
s1{z6}Kx5~{x6~
<y6~kz5
.x5~[y5~
z4}Mz7~}x5~
>y5~my6}
z5z0y4
x4x"z6}Oz6~
w3{@y4~oy5}
z3z2x5~_y5~
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>PAPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPAD
XWGVyuRwpa
{0}{1}{2}{3}{4}{5}{6}{7}{8}{9}{10}{11}{12}{13}{14}{15}{16}{17}{18}{19}{20}{21}{22}{23}{24}{25}{26}{27}{28}{29}{30}{31}{32}{33}{34}{35}{36}{37}{38}{39}{40}{41}{42}{43}{44}{45}{46}{47}{48}{49}{50}{51}{52}{53}{54}{55}{56}{57}{58}{59}{60}{61}{62}{63}{64}{65}{66}{67}{68}{69}{70}{71}{72}{73}{74}{75}{76}{77}{78}{79}{80}{81}{82}{83}{84}{85}{86}{87}{88}{89}{90}{91}{92}{93}{94}{95}{96}{97}{98}{99}{100}{101}{102}{103}{104}{105}{106}{107}{108}{109}{110}{111}{112}{113}{114}{115}{116}{117}{118}{119}{120}{121}{122}{123}{124}{125}{126}{127}{128}{129}{130}{131}{132}{133}{134}{135}{136}{137}{138}{139}{140}{141}{142}
{0}{1}{2}{3}{4}{5}{6}{7}{8}{9}{10}{11}{12}{13}{14}{15}{16}{17}{18}{19}{20}{21}{22}{23}{24}{25}{26}{27}{28}{29}{30}{31}{32}{33}{34}{35}{36}{37}{38}{39}{40}{41}{42}{43}{44}{45}{46}{47}{48}{49}{50}{51}{52}{53}{54}{55}{56}{57}{58}{59}{60}{61}{62}{63}{64}{65}{66}{67}{68}{69}{70}{71}{72}{73}{74}{75}{76}{77}{78}{79}{80}{81}{82}{83}{84}{85}{86}{87}{88}{89}{90}{91}{92}{93}{94}{95}{96}{97}{98}{99}{100}{101}{102}{103}{104}{105}{106}{107}{108}{109}{110}{111}{112}{113}{114}{115}{116}{117}{118}{119}{120}{121}{122}{123}{124}{125}{126}{127}{128}{129}{130}{131}{132}{133}{134}{135}{136}{137}{138}{139}{140}{141}{142}{143}{144}{145}{146}{147}{148}{149}{150}{151}{152}{153}{154}{155}{156}{157}{158}{159}{160}{161}{162}{163}{164}{165}{166}{167}{168}{169}{170}{171}{172}{173}{174}{175}{176}{177}{178}{179}{180}{181}{182}{183}{184}{185}{186}{187}{188}{189}{190}{191}{192}{193}{194}{195}{196}{197}{198}{199}{200}{201}{202}{203}{204}{205}{206}{207}{208}{209}{210}{211}{212}{213}{214}{215}{216}{217}{218}{219}{220}{221}{222}{223}{224}{225}{226
QPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmd
QPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmdBrQPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmdeQPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmdwQPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmdsQPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmdteQPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmdr
{0}{1}{2}{3}{4}{5}{6}{7}{8}{9}{10}{11}{12}{13}{14}{15}{16}{17}{18}{19}{20}{21}{22}{23}{24}{25}{26}{27}{28}{29}{30}{31}{32}{33}{34}{35}{36}{37}{38}{39}{40}{41}{42}{43}{44}{45}{46}{47}{48}{49}{50}{51}{52}{53}{54}{55}{56}{57}{58}{59}{60}{61}{62}{63}{64}{65}{66}{67}{68}{69}{70}{71}{72}{73}{74}{75}{76}{77}{78}{79}{80}{81}{82}{83}{84}{85}{86}{87}{88}{89}{90}{91}{92}{93}{94}{95}{96}{97}{98}{99}{100}{101}{102}{103}{104}{105}{106}{107}{108}{109}{110}{111}{112}{113}{114}{115}{116}{117}{118}{119}{120}{121}{122}{123}{124}{125}{126}{127}{128}{129}{130}{131}{132}{133}{134}{135}{136}{137}{138}{139}{140}{141}{142}{143}{144}{145}{146}{147}{148}{149}{150}{151}{152}{153}{154}{155}{156}{157}{158}{159}{160}{161}{162}{163}{164}{165}{166}{167}{168}{169}{170}{171}{172}{173}{174}{175}{176}{177}{178}{179}{180}{181}{182}{183}{184}{185}{186}{187}{188}{189}{190}{191}{192}{193}{194}{195}{196}{197}{198}{199}{200}{201}{202}{203}{204}{205}{206}{207}{208}{209}{210}{211}{212}{213}{214}{215}{216}{217}{218}{219}{220}{221}{222}{223}{224}{225}{226
QPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmdwwQPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmdw
QPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmdGQPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmdetQPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmdTyQPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmdpQPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmdeQPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmd
QPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmdAsQPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmdsemQPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmdblyQPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmd
QPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmdToQPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmdArQPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmdraQPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmdyQPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmd
QPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmdLQPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmdoQPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmdaQPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmddQPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmd
QPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmdEQPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmdnQPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmdtQPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmdryQPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmdPoQPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmdiQPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmdntQPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmd
QPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmdInQPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmdvQPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmdoQPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmdkQPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmdeQPDPkyXIDzaiRjCxaYCNQypITkQEZhfuanEtzSOdcoFqmd
BulletPurHomme.Properties.Resources
AJdLMnfUpIbrTPaOhgOtqBhmyoMHkoTEPNJvahOf
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
BulletPurHomme
FileVersion
1.0.0.0
InternalName
BulletPurHomme.exe
LegalCopyright
Copyright
2021
LegalTrademarks
OriginalFilename
BulletPurHomme.exe
ProductName
BulletPurHomme
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0
Antivirus Signature
Bkav Clean
Elastic malicious (high confidence)
DrWeb Clean
MicroWorld-eScan Trojan.MSIL.Basic.3.Gen
FireEye Generic.mg.6501f3fe3404704b
CAT-QuickHeal Clean
McAfee Artemis!6501F3FE3404
Malwarebytes Trojan.PCrypt.MSIL.Generic
Zillya Clean
Sangfor Trojan.Win32.Save.a
K7AntiVirus Clean
BitDefender Trojan.MSIL.Basic.3.Gen
K7GW Clean
CrowdStrike win/malicious_confidence_100% (D)
BitDefenderTheta Gen:NN.ZemsilF.34628.hm0@aOXRR!b
Cyren W32/MSIL_Kryptik.CXK.gen!Eldorado
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of MSIL/TrojanDownloader.Agent.HPM
Zoner Clean
TrendMicro-HouseCall Clean
TotalDefense Clean
Paloalto Clean
ClamAV Clean
Kaspersky UDS:DangerousObject.Multi.Generic
Alibaba Clean
NANO-Antivirus Clean
ViRobot Clean
Rising Clean
Ad-Aware Trojan.MSIL.Basic.3.Gen
Emsisoft Trojan.MSIL.Basic.3.Gen (B)
Comodo Clean
F-Secure Clean
Baidu Clean
VIPRE Clean
TrendMicro Clean
McAfee-GW-Edition Artemis
CMC Clean
Sophos Clean
Ikarus Trojan.MSIL.PSW
GData Trojan.MSIL.Basic.3.Gen
Jiangmin Clean
MaxSecure Clean
Avira Clean
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Clean
Arcabit Trojan.MSIL.Basic.3.Gen
SUPERAntiSpyware Clean
ZoneAlarm UDS:DangerousObject.Multi.Generic
Microsoft Program:Win32/Wacapew.C!ml
TACHYON Clean
AhnLab-V3 Clean
Acronis Clean
VBA32 Clean
ALYac Trojan.MSIL.Basic.3.Gen
MAX malware (ai score=86)
Panda Clean
APEX Malicious
Tencent Clean
Yandex Clean
SentinelOne Static AI - Malicious PE
eGambit Unsafe.AI_Score_96%
Fortinet MSIL/Agent.HPD!tr.dldr
Webroot Clean
Cybereason malicious.e34047
Avast Clean
Qihoo-360 Clean
No IRMA results available.