popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2068-11-10 11:07:17

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x0000be64 0x0000c000 5.64887743597
.rsrc 0x0000e000 0x0000081c 0x00000a00 5.17710004508
.reloc 0x00010000 0x0000000c 0x00000200 0.0815394123432

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x0000e0a0 0x00000590 LANG_ENGLISH SUBLANG_ENGLISH_US data
RT_MANIFEST 0x0000e630 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
%"r!
%#r#!
%$r'!
%%r+!
%(r!
%)r/!
%*r3!
%+r7!
%,r;!
%-r?!
%.rC!
%/rG!
%0rK!
%2rO!
%<rS!
%=rW!
%@r[!
%Xr!
%Yr#!
%Zr'!
%[r+!
%^r!
%_r/!
%`r3!
%ar7!
%br;!
%cr?!
%drC!
%erG!
%gr_!
%r3!
% r7!
%!r;!
%"r?!
%#rC!
%$rG!
%@r!
%Ar#!
%Br'!
%Cr+!
%Fr!
%Gr/!
%Hr3!
%Ir7!
%Jr;!
%Kr?!
%LrC!
%MrG!
%mr!
%nr#!
%or'!
%pr+!
%sr!
%tr/!
%ur3!
%vr7!
%wr;!
%xr?!
%yrC!
%zrG!
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
v4.0.30319
#Strings
List`1
SparselyPopulatedArray`1
ToInt32
ReadOnlyDictionary`2
System.IO
mscorlib
System.Collections.Generic
Microsoft.VisualBasic
Synchronized
CustomAce
Replace
set_AutoScaleMode
IDisposable
RuntimeTypeHandle
GetTypeFromHandle
Console
CallByName
CallType
Capture
ApplicationSettingsBase
Dispose
EditorBrowsableState
ParallelLoopState
ThreadStaticAttribute
CompilerGeneratedAttribute
GeneratedCodeAttribute
DebuggerNonUserCodeAttribute
EditorBrowsableAttribute
DefaultSettingValueAttribute
UserScopedSettingAttribute
ParamArrayAttribute
WriteByte
ToByte
get_Value
set_ClientSize
System.Diagnostics.Tracing
System.Threading
ToString
disposing
System.Drawing
get_Length
System.Collections.ObjectModel
System.ComponentModel
ContainerControl
System.Security.AccessControl
MemoryStream
get_Item
set_Item
System
Boolean
System.Configuration
System.Globalization
Interaction
System.Reflection
MatchCollection
GroupCollection
WebHeaderCollection
Exception
CultureInfo
ToChar
ResourceManager
IEnumMoniker
System.CodeDom.Compiler
IContainer
IEnumerator
GetEnumerator
.cctor
System.Diagnostics
System.Runtime.CompilerServices
System.Resources
.Properties.Resources.resources
Matches
System.Runtime.InteropServices.ComTypes
System.Threading.Tasks
System.Runtime.Remoting.Channels
System.Windows.Forms
Contains
System.Text.RegularExpressions
System.Collections
get_Groups
get_Chars
get_Headers
Concat
Format
Object
System.Net
WebClient
get_Current
RemotingProfilerEvent
Convert
MoveNext
set_Text
System.Security.Cryptography
get_Assembly
EventSourceActivity
3System.Resources.Tools.StronglyTypedResourceBuilder
4.0.0.0
KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator
16.6.0.0
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>PAPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADD
/brgBATkqpHziLkEzdVkBaxswlwolxfuKMqJWzSMOGWusmce1806
/lXPFLaEZKpdEZTknOvuAUCDdxNtAXdYtkhliEfapeKlkOhP1
NMhDRHDkJtM1402
%hYHdbHqJuRIcIJufvjqtopXGOQzhLGXBOSXcI1
bJETfNXeJzUwChasaxRap1+0)
"lhjXNUhnQMswuAMzjCZCerFLjyWjNufbHL10
xwKhZdXvIhdfNAFAopbykU1&0$
CxOoXAvGrPJcqPbDWFIxIdLwDmgQa0
210324235847Z
220324235847Z0
/brgBATkqpHziLkEzdVkBaxswlwolxfuKMqJWzSMOGWusmce1806
/lXPFLaEZKpdEZTknOvuAUCDdxNtAXdYtkhliEfapeKlkOhP1
NMhDRHDkJtM1402
%hYHdbHqJuRIcIJufvjqtopXGOQzhLGXBOSXcI1
bJETfNXeJzUwChasaxRap1+0)
"lhjXNUhnQMswuAMzjCZCerFLjyWjNufbHL10
xwKhZdXvIhdfNAFAopbykU1&0$
CxOoXAvGrPJcqPbDWFIxIdLwDmgQa0
/brgBATkqpHziLkEzdVkBaxswlwolxfuKMqJWzSMOGWusmce1806
/lXPFLaEZKpdEZTknOvuAUCDdxNtAXdYtkhliEfapeKlkOhP1
NMhDRHDkJtM1402
%hYHdbHqJuRIcIJufvjqtopXGOQzhLGXBOSXcI1
bJETfNXeJzUwChasaxRap1+0)
"lhjXNUhnQMswuAMzjCZCerFLjyWjNufbHL10
xwKhZdXvIhdfNAFAopbykU1&0$
CxOoXAvGrPJcqPbDWFIxIdLwDmgQa
20210324235847Z
DigiCert Inc1
www.digicert.com110/
(DigiCert SHA2 Assured ID Timestamping CA0
210101000000Z
310106000000Z0H1
DigiCert, Inc.1 0
DigiCert Timestamp 20210
http://www.digicert.com/CPS0
,http://crl3.digicert.com/sha2-assured-ts.crl02
,http://crl4.digicert.com/sha2-assured-ts.crl0
http://ocsp.digicert.com0O
Chttp://cacerts.digicert.com/DigiCertSHA2AssuredIDTimestampingCA.crt0
QJxy6z'
dwc_#Ri
DigiCert Inc1
www.digicert.com1$0"
DigiCert Assured ID Root CA0
160107120000Z
310107120000Z0r1
DigiCert Inc1
www.digicert.com110/
(DigiCert SHA2 Assured ID Timestamping CA0
fnVa')
http://ocsp.digicert.com0C
7http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
4http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
4http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0P
https://www.digicert.com/CPS0
8aMbF$
V3"/"6
DigiCert Inc1
www.digicert.com110/
(DigiCert SHA2 Assured ID Timestamping CA
210324235847Z0+
:E`9b[
g;pu @
PJoTWVtYBa
{0}{1}{2}{3}{4}{5}{6}{7}{8}{9}{10}{11}{12}{13}{14}{15}{16}{17}{18}{19}{20}{21}{22}{23}{24}{25}{26}{27}{28}{29}{30}{31}{32}{33}{34}{35}{36}{37}{38}{39}{40}{41}{42}{43}{44}{45}{46}{47}{48}{49}{50}{51}{52}{53}{54}{55}{56}{57}{58}{59}{60}{61}{62}{63}{64}{65}{66}{67}{68}{69}{70}{71}{72}{73}{74}{75}{76}{77}{78}{79}{80}{81}{82}{83}{84}{85}{86}{87}{88}{89}{90}{91}{92}{93}{94}{95}{96}{97}{98}{99}{100}{101}{102}{103}{104}{105}{106}{107}{108}{109}{110}{111}{112}{113}{114}{115}{116}{117}{118}{119}{120}{121}{122}{123}{124}{125}{126}{127}{128}{129}{130}{131}{132}{133}{134}{135}{136}{137}
{0}{1}{2}{3}{4}{5}{6}{7}{8}{9}{10}{11}{12}{13}{14}{15}{16}{17}{18}{19}{20}{21}{22}{23}{24}{25}{26}{27}{28}{29}{30}{31}{32}{33}{34}{35}{36}{37}{38}{39}{40}{41}{42}{43}{44}{45}{46}{47}{48}{49}{50}{51}{52}{53}{54}{55}{56}{57}{58}{59}{60}{61}{62}{63}{64}{65}{66}{67}{68}{69}{70}{71}{72}{73}{74}{75}{76}{77}{78}{79}{80}{81}{82}{83}{84}{85}{86}{87}{88}{89}{90}{91}{92}{93}{94}{95}{96}{97}{98}{99}{100}{101}{102}{103}{104}{105}{106}{107}{108}{109}{110}{111}{112}{113}{114}{115}{116}{117}{118}{119}{120}{121}{122}{123}{124}{125}{126}{127}{128}{129}{130}{131}{132}{133}{134}{135}{136}{137}{138}{139}{140}{141}{142}{143}{144}{145}{146}{147}{148}{149}{150}{151}{152}{153}{154}{155}{156}{157}{158}{159}{160}{161}{162}{163}{164}{165}{166}{167}{168}{169}{170}{171}{172}{173}{174}{175}{176}{177}{178}{179}{180}{181}{182}{183}{184}{185}{186}{187}{188}{189}{190}{191}{192}{193}{194}{195}{196}{197}{198}{199}{200}{201}{202}{203}{204}{205}{206}{207}{208}{209}{210}{211}{212}{213}{214}{215}{216}{217}{218}{219}{220}{221}{222}{223}{224}{225}{226
{0}{1}{2}{3}{4}{5}{6}{7}{8}{9}{10}{11}{12}{13}{14}{15}{16}{17}{18}{19}{20}{21}{22}{23}{24}{25}{26}{27}{28}{29}{30}{31}{32}{33}{34}{35}{36}{37}{38}{39}{40}{41}{42}{43}{44}{45}{46}{47}{48}{49}{50}{51}{52}{53}{54}{55}{56}{57}{58}{59}{60}{61}{62}{63}{64}{65}{66}{67}{68}{69}{70}{71}{72}{73}{74}{75}{76}{77}{78}{79}{80}{81}{82}{83}{84}{85}{86}{87}{88}{89}{90}{91}{92}{93}{94}{95}{96}{97}{98}{99}{100}{101}{102}{103}{104}{105}{106}{107}{108}{109}{110}{111}{112}{113}{114}{115}{116}{117}{118}{119}{120}{121}{122}{123}{124}{125}{126}{127}{128}{129}{130}{131}{132}{133}{134}{135}{136}{137}{138}{139}{140}{141}{142}{143}{144}{145}{146}{147}{148}{149}{150}{151}{152}{153}{154}{155}{156}{157}{158}{159}{160}{161}{162}{163}{164}{165}{166}{167}{168}{169}{170}{171}{172}{173}{174}{175}{176}{177}{178}{179}{180}{181}{182}{183}{184}{185}{186}{187}{188}{189}{190}{191}{192}{193}{194}{195}{196}{197}{198}{199}{200}{201}{202}{203}{204}{205}{206}{207}{208}{209}{210}{211}{212}{213}{214}{215}{216}{217}{218}{219}{220}{221}{222}{223}{224}{225}{226
WindowsFormsApp1.Properties.Resources
VS_VERSION_INFO
StringFileInfo
040904e4
Comments
CompanyName
FileDescription
FileVersion
8.701.729.408
LegalCopyright
All Rights Reserved
InternalName
LegalTrademarks
OriginalFilename
ProductName
ProductVersion
8.701.729.408
Assembly Version
8.701.729.408
VarFileInfo
Translation
Antivirus Signature
Bkav Clean
Elastic malicious (high confidence)
DrWeb Trojan.Siggen12.56601
MicroWorld-eScan Clean
CMC Clean
CAT-QuickHeal Clean
ALYac Clean
Cylance Clean
VIPRE Clean
AegisLab Clean
Sangfor Trojan.Win32.Save.a
K7AntiVirus Clean
BitDefender Clean
K7GW Clean
CrowdStrike Clean
BitDefenderTheta Gen:NN.ZemsilF.34628.dm1@aeWDA9hi
Cyren W32/MSIL_Kryptik.DNK.gen!Eldorado
Symantec Clean
TotalDefense Clean
APEX Malicious
Avast FileRepMetagen [Malware]
ClamAV Clean
Kaspersky UDS:DangerousObject.Multi.Generic
Alibaba Clean
NANO-Antivirus Clean
ViRobot Clean
Ad-Aware Clean
TACHYON Clean
Sophos Clean
Comodo Clean
F-Secure Clean
Baidu Clean
Zillya Clean
TrendMicro Clean
McAfee-GW-Edition Clean
FireEye Generic.mg.fb9211bd03036666
Emsisoft Clean
Ikarus Trojan-Downloader.MSIL.Agent
GData Clean
Jiangmin Clean
MaxSecure Clean
Avira Clean
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Clean
Arcabit Clean
SUPERAntiSpyware Clean
ZoneAlarm UDS:DangerousObject.Multi.Generic
Microsoft Trojan:Win32/AgentTesla!ml
Cynet Malicious (score: 100)
AhnLab-V3 Clean
Acronis Clean
McAfee Clean
MAX Clean
VBA32 Clean
Malwarebytes Clean
Panda Clean
Zoner Clean
ESET-NOD32 a variant of MSIL/TrojanDownloader.Agent.HPX
TrendMicro-HouseCall Clean
Rising Clean
Yandex Clean
SentinelOne Clean
eGambit Clean
Fortinet Clean
Webroot Clean
AVG FileRepMetagen [Malware]
Cybereason malicious.2e0b49
Paloalto generic.ml
Qihoo-360 HEUR/QVM03.0.235F.Malware.Gen
No IRMA results available.