Static Analysis

PE Compile Time

2095-03-03 21:39:38

PE Imphash

09aa7a1a68855623e3ac071d6080ef31

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x00003c20 0x00003e00 6.50280421934
.data 0x00005000 0x000005f0 0x00000600 1.81753667804
.idata 0x00006000 0x000003b6 0x00000400 3.79646882455
.reloc 0x00007000 0x00000094 0x00000200 1.96285730402

Imports

Library ntdll.dll:
0x180006008 NtProtectVirtualMemory
0x180006010 RtlInitUnicodeString
0x180006018 LdrGetDllHandle
0x180006020 LdrLoadDll
0x180006028 RtlInitAnsiString
0x180006030 LdrGetProcedureAddress
0x180006038 RtlTimeToTimeFields
0x180006040 NtSetEvent
0x180006048 RtlRandomEx
0x180006058 NtQuerySystemTime
0x180006060 RtlTimeFieldsToTime
0x180006068 RtlAllocateHeap
0x180006080 NtClose
0x180006088 swprintf_s
0x180006090 strcmp
0x180006098 _wcsnicmp
0x1800060a0 memmove
0x1800060a8 memcpy
0x1800060b0 memset
0x1800060b8 wcslen
0x1800060c0 _wcsicmp
0x1800060c8 memcmp
!This program cannot be run in DOS mode.
`.data
.idata
@.reloc
RpcStringBindingComposeW
RpcBindingFromStringBindingW
RpcStringFreeW
RpcBindingFree
RpcAsyncInitializeHandle
RpcAsyncCompleteCall
NdrAsyncClientCall
NdrClientCall2
Ndr64AsyncClientCall
NdrClientCall3
Ei !sU
@[r8SZeq
CryptAcquireContextW
CryptImportKey
CryptSetKeyParam
CryptEncrypt
CryptDestroyKey
CryptReleaseContext
CryptDecrypt
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptSetHashParam
CryptGenRandom
GetSystemDefaultLCID
WATAUAVAWH
A_A^A]A\_
WATAUAVAWH
T$PH;W(
0H;Q(r
A_A^A]A\_
K(H9H(r
A(L9C(r6w<H;
K(M9H(r<wEI+
B(H;A(s0
B(I9@(s]
A(H9B(s!
WAVAWH
A_A^_
WAVAWH
A_A^_
ATAVAWH
A_A^A\
UVWAVAWH
A_A^_^]
UATAUAVAWH
A_A^A]A\]
\$ UVWATAUAVAWH
D9'u"L
D9'u L
A_A^A]A\_^]
H SUVWAVAWH
XA_A^_^][
H SUVWAVH
PA^_^][
H SUVWATAVAWH
t^H9=B
`A_A^A\_^][
H SUVWAVAWH
XA_A^_^][
USVWATAUAVAWH
A_A^A]A\_^[]
\$ UVAVH
LdrDisableThreadCalloutsForDll
NtProtectVirtualMemory
RtlInitUnicodeString
LdrGetDllHandle
LdrLoadDll
RtlInitAnsiString
LdrGetProcedureAddress
RtlTimeToTimeFields
NtSetEvent
RtlRandomEx
NtQueryPerformanceCounter
NtQuerySystemTime
RtlTimeFieldsToTime
RtlAllocateHeap
LdrOpenImageFileOptionsKey
LdrQueryImageFileKeyOption
NtClose
ntdll.dll
strcmp
_wcsnicmp
memmove
memcpy
memset
wcslen
_wcsicmp
swprintf_s
memcmp
rpcrt4.dll
osppobjs
sppobjs
SppExtComObj
ADVAPI32
ncacn_ip_tcp
%s:%s[%s]
127.0.0.1
kernel32.dll
%05u-%05u-%03u-%06u-%02u-%u-%u.0000-%03d%04d
KMS_Emulation
KMS_ActivationInterval
KMS_RenewalInterval
KMS_HWID
KMS_PID_%08lx-%04hx-%04hx-%02hx%02hx-%02hx%02hx%02hx%02hx%02hx%02hx
Antivirus Signature
Bkav W64.AIDetectMalware
Lionic Hacktool.Win32.KMSAuto.3!c
Elastic Clean
ClamAV Clean
CMC Clean
CAT-QuickHeal HackTool.Win64CiR
Skyhigh Generic pup.cpe
ALYac Application.Hacktool.BBJ
Cylance unsafe
Zillya Tool.KMSAuto.Win64.203
Sangfor Clean
CrowdStrike win/grayware_confidence_100% (W)
Alibaba HackTool:Win64/KMSAuto.4ecb8b1b
K7GW Riskware ( 00584baa1 )
K7AntiVirus Riskware ( 00584baa1 )
Baidu Clean
VirIT Clean
Paloalto Clean
Symantec Clean
tehtris Clean
ESET-NOD32 Clean
APEX Clean
Avast Clean
Cynet Malicious (score: 100)
Kaspersky HackTool.Win64.KMSAuto.ac
BitDefender Application.Hacktool.BBJ
NANO-Antivirus Clean
ViRobot Clean
MicroWorld-eScan Application.Hacktool.BBJ
Tencent Clean
TACHYON Clean
Sophos KMS Activator (PUA)
F-Secure Clean
DrWeb Clean
VIPRE Application.Hacktool.BBJ
TrendMicro HackTool.Win64.AutoKMS.GAR.component
Trapmine Clean
FireEye Application.Hacktool.BBJ
Emsisoft Application.Hacktool.BBJ (B)
SentinelOne Clean
GData Application.Hacktool.BBJ
Jiangmin HackTool.KMSAuto.agi
Webroot W32.Malware.Gen
Varist W64/ABApplication.PPWM-2423
Avira Clean
Antiy-AVL Clean
Kingsoft Clean
Gridinsoft Clean
Xcitium Clean
Arcabit Application.Hacktool.BBJ
SUPERAntiSpyware Clean
ZoneAlarm HackTool.Win64.KMSAuto.ac
Microsoft HackTool:Win64/AutoKMS!MSR
Google Detected
AhnLab-V3 Clean
Acronis Clean
McAfee Generic pup.cpe
MAX Clean
VBA32 Clean
Malwarebytes Clean
Panda HackingTool/AutoKMS
Zoner Clean
TrendMicro-HouseCall HackTool.Win64.AutoKMS.GAR.component
Rising Hacktool.KMSAuto!8.3AE (CLOUD)
Yandex Clean
Ikarus PUA.Hacktool.KMS
MaxSecure Trojan.Malware.106413943.susgen
Fortinet Clean
BitDefenderTheta Clean
AVG Clean
DeepInstinct MALICIOUS
IRMA Signature
ESET Security (Windows) Clean
Avast Core Security (Linux) Clean
C4S ClamAV (Linux) Clean
F-Secure Antivirus (Linux) Clean
Windows Defender (Windows) HackTool:Win64/AutoKMS!MSR
McAfee CLI scanner (Linux) Clean
Microsoft Defender ATP (Linux) HackTool:Win64/AutoKms
Forticlient (Linux) Clean
Bitdefender Antivirus (Linux) Application.Hacktool.BBJ
G Data Antivirus (Windows) Virus: Application.Hacktool.BBJ (Engine A)
Sophos Anti-Virus (Linux) Clean
DrWeb Antivirus (Linux) Clean
Trend Micro SProtect (Linux) Clean
ClamAV (Linux) Clean
eScan Antivirus (Linux) Application.Hacktool.BBJ(DB)
Kaspersky Standard (Windows) HackTool.Win64.KMSAuto.ac
Cuckoo

We're processing your submission... This could take a few seconds.