Static Analysis

PE Compile Time

2025-07-05 16:48:10

PDB Path

C:\Users\jasiu\source\repos\Dll1\Release\Dll1.pdb

PE Imphash

7ee93a10316750f620435f4452ff6dbc

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x00000f70 0x00001000 6.08204633284
.rdata 0x00002000 0x00000b74 0x00000c00 4.38869584063
.data 0x00003000 0x000003dc 0x00000200 0.359429413828
.rsrc 0x00004000 0x000000f8 0x00000200 2.51196201565
.reloc 0x00005000 0x00000194 0x00000200 5.55886129494

Resources

Name Offset Size Language Sub-language File type
RT_MANIFEST 0x00004060 0x00000091 LANG_ENGLISH SUBLANG_ENGLISH_US XML 1.0 document, ASCII text, with CRLF line terminators

Imports

Library KERNEL32.dll:
0x10002000 CreateDirectoryW
0x10002004 Sleep
0x10002008 ExitProcess
0x10002010 CreateThread
0x10002014 IsDebuggerPresent
0x10002018 InitializeSListHead
0x10002020 GetCurrentThreadId
0x10002024 GetCurrentProcessId
0x10002030 TerminateProcess
0x10002034 GetCurrentProcess
Library USER32.dll:
0x10002050 wsprintfW
0x10002054 MessageBoxW
Library SHELL32.dll:
0x10002044 ShellExecuteW
0x10002048 SHGetKnownFolderPath
Library ole32.dll:
0x10002090 CoTaskMemFree
Library urlmon.dll:
0x10002098 URLDownloadToFileW
Library VCRUNTIME140.dll:
0x10002060 memset
Library api-ms-win-crt-runtime-l1-1-0.dll:
0x1000206c _cexit
0x10002078 _configure_narrow_argv
0x1000207c _initterm_e
0x10002080 _initterm
0x10002084 _execute_onexit_table
0x10002088 _seh_filter_dll
!This program cannot be run in DOS mode.
`.rdata
@.data
@.reloc
C:\Users\jasiu\source\repos\Dll1\Release\Dll1.pdb
.text$mn
.idata$5
.00cfg
.CRT$XCA
.CRT$XCZ
.CRT$XIA
.CRT$XIZ
.CRT$XPA
.CRT$XPZ
.CRT$XTA
.CRT$XTZ
.rdata
.rdata$sxdata
.rdata$voltmd
.rdata$zzzdbg
.rtc$IAA
.rtc$IZZ
.rtc$TAA
.rtc$TZZ
.xdata$x
.idata$2
.idata$3
.idata$4
.idata$6
.rsrc$01
.rsrc$02
CreateDirectoryW
ExitProcess
DisableThreadLibraryCalls
CreateThread
KERNEL32.dll
wsprintfW
MessageBoxW
USER32.dll
SHGetKnownFolderPath
ShellExecuteW
SHELL32.dll
CoTaskMemFree
ole32.dll
URLDownloadToFileW
urlmon.dll
__std_type_info_destroy_list
memset
_except_handler4_common
VCRUNTIME140.dll
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table
_cexit
api-ms-win-crt-runtime-l1-1-0.dll
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
<?xml version='1.0' encoding='UTF-8' standalone='yes'?>
<assembly xmlns='urn:schemas-microsoft-com:asm.v1' manifestVersion='1.0'>
</assembly>
0)0/0H0O0a0s0z0
2!2c2k2
2U3g3)4f4
5$5+52595@5H5P5X5d5m5r5x5
6 6Z6c6j6p6v6
7%8K8Z8q8w8}8
;.;p;u;
=$=-=;=C=y=
>(>->a>o>w>}>
%s\Interium
%s\Interium_loader.exe
https://github.com/Hackergithu/Interium/raw/refs/heads/main/Interium_loader.exe
Interium cr@ck
Injection failed use MANUAL MAP!.
Antivirus Signature
Bkav W32.AIDetectMalware
Lionic Clean
Elastic Clean
ClamAV Clean
CMC Clean
CAT-QuickHeal Clean
Skyhigh Clean
ALYac Clean
Cylance Unsafe
Zillya Clean
Sangfor Clean
CrowdStrike win/malicious_confidence_90% (D)
Alibaba Clean
K7GW Clean
K7AntiVirus Clean
huorong Clean
Baidu Clean
VirIT Clean
Paloalto generic.ml
Symantec Clean
tehtris Clean
ESET-NOD32 Clean
APEX Malicious
Avast Win32:MalwareX-gen [Drp]
Cynet Malicious (score: 100)
Kaspersky Trojan-PSW.MSIL.Umbral.fo
BitDefender Clean
NANO-Antivirus Clean
ViRobot Clean
MicroWorld-eScan Clean
Tencent Clean
Sophos Clean
F-Secure Clean
DrWeb Clean
VIPRE Clean
TrendMicro Clean
McAfeeD ti!A816BAD8CAA6
Trapmine Clean
CTX Clean
Emsisoft Clean
Ikarus Clean
GData Clean
Jiangmin Clean
Webroot Clean
Varist Clean
Avira Clean
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Clean
Xcitium Clean
Arcabit Clean
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft Trojan:Win32/Wacatac.B!ml
Google Clean
AhnLab-V3 Clean
Acronis Clean
VBA32 Clean
TACHYON Clean
Malwarebytes Clean
Panda Clean
Zoner Clean
TrendMicro-HouseCall Clean
Rising Clean
Yandex Clean
TrellixENS Artemis!17DBFD6DC82B
SentinelOne Static AI - Suspicious PE
MaxSecure Clean
Fortinet Malicious_Behavior.SB
AVG Win32:MalwareX-gen [Drp]
DeepInstinct MALICIOUS
alibabacloud Clean
IRMA Signature
Trend Micro SProtect (Linux) Clean
Avast Core Security (Linux) Win32:MalwareX-gen [Drp]
C4S ClamAV (Linux) Clean
Trellix (Linux) Clean
Sophos Anti-Virus (Linux) Clean
Bitdefender Antivirus (Linux) Trojan.GenericKD.76791859
G Data Antivirus (Windows) Virus: Trojan.GenericKD.76791859 (Engine A)
WithSecure (Linux) Dropper.DR/AVI.MalwareX.xzcpd
ESET Security (Windows) a variant of Win32/TrojanDownloader.Agent.IGD trojan
DrWeb Antivirus (Linux) Clean
ClamAV (Linux) Clean
eScan Antivirus (Linux) Trojan.GenericKD.76791859(DB)
Kaspersky Standard (Windows) UDS:Trojan-PSW.MSIL.Umbral.fo
Emsisoft Commandline Scanner (Windows) Trojan.GenericKD.76791859 (B)
Cuckoo

We're processing your submission... This could take a few seconds.