Static Analysis

PE Compile Time

2019-04-26 13:28:09

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x0002a328 0x0002b000 4.7089217639

Resources

Name Offset Size Language Sub-language File type
RT_ICON 0x0002d3b4 0x00000128 LANG_NEUTRAL SUBLANG_NEUTRAL Device independent bitmap graphic, 16 x 32 x 4, image size 192
RT_ICON 0x0002d3b4 0x00000128 LANG_NEUTRAL SUBLANG_NEUTRAL Device independent bitmap graphic, 16 x 32 x 4, image size 192
RT_ICON 0x0002d3b4 0x00000128 LANG_NEUTRAL SUBLANG_NEUTRAL Device independent bitmap graphic, 16 x 32 x 4, image size 192
RT_GROUP_ICON 0x0002d384 0x00000030 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_VERSION 0x0002d150 0x00000234 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data

!This program cannot be run in DOS mode.
`.data
MSVBVM60.DLL
Unicorn
I'm Unicorn
Adobe Photoshop CC 2018 (Windows)
2019:01:07 19:44:27
Adobe_CM
dEU6te
'7GWgw
^FNEmu
T+i&5.<
T{@DiJ
\Photoshop 3.0
printOutput
PstSbool
Inteenum
printSixteenBitbool
printerNameTEXT
printProofSetupObjc
proofSetup
Bltnenum
builtinProof
proofCMYK
printOutputOptions
Cptnbool
Clbrbool
RgsMbool
CrnCbool
CntCbool
Lblsbool
Ngtvbool
EmlDbool
Intrbool
BckgObjc
Rd doub@o
Grn doub@o
Bl doub@o
BrdTUntF#Rlt
Bld UntF#Rlt
RsltUntF#Pxl@b
vectorDatabool
PgPsenum
LeftUntF#Rlt
Top UntF#Rlt
Scl UntF#Prc@Y
cropWhenPrintingbool
cropRectBottomlong
cropRectLefGlong
cropRectRightlong
lcropRectToplong
boundsObjc
Top long
Leftlong
Btomlo
Rghtlong
slicesVlLs
sliceIDlong
groupIDlong
originenum
ESliceOrigin
autoGenerated
Typeenum
ESliceType
boundsObjc
Top long
Leftlong
Btomlong
Rghtlo
urlTEXT
nullTEXT
MsgeTEXT
altTagTEXT
cellTextIsHTMLbool
cellTextTEXT
horzAlignenum
ESliceHorzAlign
default
vertAlignenum
ESliceVertAlign
default
lorTypeenum
ESliceBGColorType
topOutsetlong
leftOutsetlong
bottomOutsetlong
rightOutsetlong
Adobe_CM
dEU6te
'7GWgw
^FNEmu
T+i&5.<
T{@DiJ
zhttp://ns.adobe.com/xap/1.0/
<?xpacket begin="
" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c142 79.160924, 2017/07/13-01:06:39 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:photoshop="http://ns.adobe.com/photoshop/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stEvt="htkp://ns.adobe.com/xap/1.0/sType/ResourceEven
#" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CC 2018 (Windows)" xmp:CreateDate
"2018-12-02T15:50:06+08:00" xmp:ModifyDate="2019-01-07T19:44:27+08:00" xmp:MetadataDate="2019-01-07T19:44:27+0
:00" dc:format="image/jpeg" photoshop:ColorMode="3" photoshop:ICCProfile="sRGB IEC61966-2.1" xmpMM:InstanceID="xmp.iid:d5974899-ca88-7f42-9516-8e7635808df3" xmpMM:DocumentID="adobe:dociE:photoshop:953273c3-3fa6-8f45-b6a0-9baf393cacbc" xmpMM:OriginalDocumentID="xmp.did:94317eb3-7085-4449-8680-030e5a0890d3"> <xmpMM:History> <rdf:Seq> <rdf:li stEvt:action="created" stEvt:instanceID="xmp.iid:94317eb3-7085-4449-8680-030e5a0890d3" stEvt:when="2018-12-02T15:50:06+08:00" stEvt:softwareAgent="Adobe Photoshop CC 2018 (Windows)"/> <rdf:li stEvt:action="saved" stEvt:instanceID="xmp.iid:bda3dc4b-caee-fd46-b85f-119c665623ef" stEvt:when="2018-12-02T16:02:59+08:00" stEvt:softwareAgent="Adobe Photoshop CC 2018 (Windows)" stEvt:changed="/"/> <rdf:li stEvt:action="saved" stEvt:instanceID="xmp.iid:d9d77401-7124-ed42-8b71-4014b651f934" stEvt:when="2019-01-07T19:44:27+08:00" stEvt:softwareAgent="Adobe Photoshop CC 2018 (Windows)" stEvt:changed="/"/> <rdf:li stEvt:action="conVerted" stEvt:parameters="from image/png to image/jpeg"/>
ion="derived" stEvt:parameters="converted from image/png to image/jpeg"/> <rdf:li stEvt:action="saved" stEvt:instanceID="xmp.iid:d5974899-ca88-7f42-9516-8e7635808df3" stEvt:when="2019-01-07T19:44:27+08:00" stEvt:softwareAgent="Adobe Photoshop CC 2018 (Windows)" stEvt:changed="/"/> </rdf:Seq> </xmpMM:History> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:d9d77401-7124-ed42-8b71-4014b651f934" stRef:documentID="adoAe:docid:photoshop:ee396c7e-5800-2842-91eb-924792347dc3" stRef:originalDocumentID="xmp.did:94317eb3-7085-4449-8680-030e5a0890d3"/> </rdf:Description>
</rdf:RDF> </x:xmpmeta>
d
 ) b v n K
<?xpacket end="w"?>
XICC_PROFILE
mntrRGB XYZ
acspMSFT
IEC sRGB
Copyright (c) 1998 Hewlett-Packard Company
sRGB IEC61966-2.1
sRGB IEC
1966-2.1
IEC http://www.iec.ch
C http://www.iec.ch
.IEC 61966-2.1 Default RGB colour space - sRGB
.IEC 61966-2.1 Default RGB colour space - sRGB
,Reference Viewing Condition in IEC61966-2.1
,Reference Viewing Condition in IEC61966-2.1
CRT curv
$$M$|$
DTsEF7Gc(UVW
u*9:HIJXYZghijvwxyz
(GWf8v
*:JZjz
+bTyi'
((jjjp
`sk.D
Q[UCAl
=rSc)jj40
kvr=K
u:6Z
tB1$5ej
oA[=:U
:Ck&/sg
%euWFWGP
>_+`39
6Oy4R'
UaM'=X
%&snfi
jiqTed
_\[Z!y
{/7Q5c
=`?bqm
-.>O!C*
efR2:Q
/Mt!f+
6?ft~/
^]Vw`u]f
oUb1[7)
'OIZ#^
&qy<u=-
)Nd/$q
(5_=EU
[/3Z-A
I5eOAg
+6~g1A
gxf31`hM
Kekn_{
ayf3~=
ys{*G-(`
jd>HUg
.\uuL9
YQ$Pb
hzAf2~)&
7PVQll?_
+6a{M=
KOCCGM
U@%fZ]
g]rU}z
Ay7VrF
]*[Z(Z&
%fgpeM$
Cg`;kjCWMW
{uU>cj
ugrCgu
=)g]'=la
MQMT+G
in)Bh|
K[_[U*C
p8uV_#%
PRAEICL)
o^,OF[
kijG?F
v*FH=k
u<q5P7
fRh:qM
5_\n}
ue/|L~
SE~-o~
RKWU4pE
1(P^If
jEhMGE
mnnVXa$z
im:sJ
WUA@z<
+0;oro
05pWb3
7q#wc?
qun{#5v
#^;>co
xt[vDCywF
Timer2
Timer1
Label1
Unicorn
MS Sans Serif
VB5!6&vb6chs`dll
Kawaii-Unicorn
Kawaii-Unicorn
nicorn
C:\Program Files (x86)\Microsoft Visual Studio\VB98\VB6.OLB
Label1
Timer2
Timer1
uAer32
SetLayeredWindowAttributes
GetWindowLongA
SetWindowLongA
VBA6.DLL
__vbaEnd
__vbaR8Str
__vbaStrR8
__vbaFreeVarList
__vbaVarCat
__vbaStrVarVal
__vbaAryDestru
__vbaPutOwner3
__vbaFreeObj
__vbaFreeStr
__vbaObjSet
__vbaVarMod
__vbaUI1Var
__vbaI4Var
__vbaUbound
__vbaFPInt
__vbaVarMove+
__vbaFileClose
__vbaStrCat
__vbaGetOwneW3
__vbaRedim
__vbaFreeObjList
__vbaFreeStrList
__vbaNew2
__vbaStrMove
__vbaFileOpen
__vbaFreeVar
__vbaSetSystemError
__vbaHresultCheckObj
__vbaO
MSVBVM60.DLL
_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
__vbaFreeVarList
__vbaEnd
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryDestruct
__vbaOnError
__vbaObjSet
_adj_fdiv_m16i
_adj_fdivr_m16i
_CIsin
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
__vbaPutOwner3
DllFunctionCall
_adj_fpatan
__vbaRedim
__vbaStrR8
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
__vbaGetOwner3
__vbaUbound
__vbaStrVarVal
__vbaVarCat
_CIlog
__vbaFileOpen
__vbaNew2
__vbaR8Str
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
__vbaI4Var
__vbaVarMod
_CIatan
__vbaStrMove
_allmul
_CItan
__vbaFPInt
__vbaUI1Var
_CIexp
__vbaFreeStr
__vbaFreeObj
rrogram Files (x8
Proof Setup
Adobe Photoshop
Adobe Phot
shop CC 2018
#(-27;@EJOTY^chmrw|
\Unicorn-
rename "
.exe"
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
080404B0
CompanyName
ProductName
Kawaii-Unicorn
FileVersion
ProductVersion
InternalName
Kawaii-Unicorn
OriginalFilename
Kawaii-Unicorn.exe
No antivirus signatures available.
IRMA Signature
Trend Micro SProtect (Linux) Possible_SMMULDROPVSA
Avast Core Security (Linux) Win32:VB-AJKU [Trj]
C4S ClamAV (Linux) Win.Malware.Generickdz-10004857-0
Trellix (Linux) GenericRXHC-SS
Sophos Anti-Virus (Linux) Mal/VB-AQT
Bitdefender Antivirus (Linux) Generic.Dacic.94CCEEA9.A.A7364D06
G Data Antivirus (Windows) Virus: Generic.Dacic.94CCEEA9.A.A7364D06 (Engine A)
WithSecure (Linux) Trojan.TR/Crypt.XPACK.Gen
ESET Security (Windows) a variant of Win32/VBClone.D trojan
DrWeb Antivirus (Linux) Trojan.MulDrop17.61497
ClamAV (Linux) Win.Malware.Generickdz-10004857-0
eScan Antivirus (Linux) Generic.Dacic.94CCEEA9.A.A7364D06(DB)
Kaspersky Standard (Windows) HEUR:Trojan.Win32.VB.gen
Emsisoft Commandline Scanner (Windows) Generic.Dacic.94CCEEA9.A.A7364D06 (B)
Cuckoo

We're processing your submission... This could take a few seconds.