Static Analysis

PE Compile Time

2025-04-12 03:30:54

PDB Path

C:\Users\Utilizador\Desktop\Testingvulnerabilities\x64\Release\Testingvulnerabilities.pdb

PE Imphash

fefa7ca933cb2a0a4143c7bf848eb035

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x00008493 0x00008600 6.0784057228
.rdata 0x0000a000 0x00004436 0x00004600 4.81098532916
.data 0x0000f000 0x00000b20 0x00000400 3.68450721273
.pdata 0x00010000 0x000007bc 0x00000800 4.3388448082
.rsrc 0x00011000 0x000001e0 0x00000200 4.71006138269
.reloc 0x00012000 0x000000b0 0x00000200 2.26734338173

Resources

Name Offset Size Language Sub-language File type
RT_MANIFEST 0x00011060 0x0000017d LANG_ENGLISH SUBLANG_ENGLISH_US XML 1.0 document, ASCII text, with CRLF line terminators

Imports

Library KERNEL32.dll:
0x14000a000 GetCurrentProcess
0x14000a008 LocalAlloc
0x14000a010 FormatMessageW
0x14000a018 GetLastError
0x14000a020 LoadLibraryA
0x14000a028 CloseHandle
0x14000a030 GetProcAddress
0x14000a038 LocalFree
0x14000a040 RtlLookupFunctionEntry
0x14000a048 RtlVirtualUnwind
0x14000a050 UnhandledExceptionFilter
0x14000a060 TerminateProcess
0x14000a070 IsDebuggerPresent
0x14000a078 GetModuleHandleW
0x14000a080 QueryPerformanceCounter
0x14000a088 GetCurrentProcessId
0x14000a090 GetCurrentThreadId
0x14000a098 GetSystemTimeAsFileTime
0x14000a0a0 InitializeSListHead
0x14000a0a8 RtlCaptureContext
Library OLEAUT32.dll:
0x14000a238 VariantClear
0x14000a240 VariantInit
0x14000a248 SysAllocString
Library MSVCP140.dll:
0x14000a1d8 ?_Xbad_alloc@std@@YAXXZ
0x14000a1e8 ??1_Lockit@std@@QEAA@XZ
0x14000a1f0 ??0_Lockit@std@@QEAA@H@Z
Library VCRUNTIME140_1.dll:
0x14000a2b0 __CxxFrameHandler4
Library VCRUNTIME140.dll:
0x14000a258 _CxxThrowException
0x14000a260 __std_exception_copy
0x14000a268 __std_exception_destroy
0x14000a270 memmove
0x14000a278 memcpy
0x14000a280 __C_specific_handler
0x14000a288 __current_exception
0x14000a290 memset
0x14000a298 __std_terminate
Library api-ms-win-crt-runtime-l1-1-0.dll:
0x14000a320 _crt_atexit
0x14000a328 _configure_narrow_argv
0x14000a330 _cexit
0x14000a338 _set_app_type
0x14000a340 _initialize_onexit_table
0x14000a350 _initterm
0x14000a358 _initterm_e
0x14000a360 _exit
0x14000a370 __p___argc
0x14000a378 __p___argv
0x14000a380 _c_exit
0x14000a390 _seh_filter_exe
0x14000a3a0 terminate
0x14000a3b0 exit
Library api-ms-win-crt-stdio-l1-1-0.dll:
0x14000a3c0 fputc
0x14000a3c8 __p__commode
0x14000a3d8 _set_fmode
0x14000a3e8 setvbuf
0x14000a3f0 fgetpos
0x14000a3f8 fwrite
0x14000a400 _fseeki64
0x14000a408 fread
0x14000a410 fgetc
0x14000a418 fsetpos
0x14000a420 fclose
0x14000a428 fflush
0x14000a430 ungetc
Library api-ms-win-crt-utility-l1-1-0.dll:
0x14000a460 rand
0x14000a468 srand
Library api-ms-win-crt-filesystem-l1-1-0.dll:
0x14000a2c0 _unlock_file
0x14000a2c8 _lock_file
Library api-ms-win-crt-time-l1-1-0.dll:
0x14000a450 _time64
Library api-ms-win-crt-heap-l1-1-0.dll:
0x14000a2d8 free
0x14000a2e0 malloc
0x14000a2e8 _callnewh
0x14000a2f0 _set_new_mode
Library api-ms-win-crt-math-l1-1-0.dll:
0x14000a310 __setusermatherr
Library api-ms-win-crt-locale-l1-1-0.dll:
0x14000a300 _configthreadlocale
Library api-ms-win-crt-string-l1-1-0.dll:
0x14000a440 strcmp
!This program cannot be run in DOS mode.
`.rdata
@.data
.pdata
@.rsrc
@.reloc
L$ SUVWH
|$ UATAUAVAWH
A_A^A]A\]
\$ UWAWH
UATAUAVAWH
L+t$Ht~H
A_A^A]A\]
WAVAWH
@SUVWAVH
L90u"H
0A^_^][
@SWAWH
A__[H
@UVAVH
0A^^]H
@SUVAVAWH
fD9<Zu
A_A^^][
@SWAVH
VWATAVAWH
0A_A^A\_^
X UVWAVAWH
`A_A^_^]
@SUVAVH
(A^^][
(A^^][
@SUVAWH
(A_^][
@SVATAUH
8A]A\^[
@VWAUAVH
8A^A]_^
UVWATAUAVAWH
A_A^A]A\_^]
@SUVWATAVH
L+|$ L
HA^A\_^][
VWATAVAWH
0A_A^A\_^
@VWAUAVAWH
0A_A^A]_^
u/HcH<H
bad allocation
Unknown exception
bad array new length
string too long
bad cast
WinDed
kernel32.dll
Failed to load kernel32.dll
MultiByteToWideChar
GetModuleFileNameA
Failed to resolve kernel32 functions.
advapi32.dll
Failed to load advapi32.dll
RegCreateKeyExA
RegSetValueExA
RegCloseKey
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
FreeSid
GetLengthSid
InitializeAcl
AddAccessDeniedAce
AddAccessAllowedAce
SetSecurityInfo
SetEntriesInAclA
SetNamedSecurityInfoA
Failed to resolve some advapi32 functions.
shell32.dll
Failed to load shell32.dll
SHGetFolderPathA
SHGetFolderPathW
Failed to resolve shell32 functions.
user32.dll
Failed to load user32.dll
CreateWindowExA
GetMessageA
TranslateMessage
DispatchMessageA
Failed to resolve user32 functions.
ole32.dll
Failed to load ole32.dll
CoInitialize
CoUninitialize
CoCreateInstance
CLSIDFromProgID
Failed to resolve ole32 functions.
[TaskScheduler Error]
Software\Microsoft\Windows\CurrentVersion\RunOnce
Microsoft Corporation
CoCreateInstance(WScript.Shell)
GetIDsOfNames(CreateShortcut)
Invoke(CreateShortcut)
SetProperty(TargetPath)
SetProperty(Description)
GetIDsOfNames(Save)
You really tough
STATIC
Failed to open process token.
Failed to get token information size.
Failed to allocate memory for token information.
Failed to get token information.
SetEntriesInAcl failed:
SetNamedSecurityInfo failed:
Failed to open self for mutation.
Failed to write mutated file.
Failed to set file ownership and lock the file.
Self-mutation complete; mutated file created:
-nomutate
Self-mutation succeeded. Continuing execution...
Added to Registry RunOnce (will run at next logon).
Failed to add to Registry RunOnce.
Added to Startup Folder.
Failed to add to Startup Folder.
Added to Startup Folder via WScript.Shell method.
Failed to add to Startup Folder via WScript.Shell method.
invalid string position
vector too long
C:\Users\Utilizador\Desktop\Testingvulnerabilities\x64\Release\Testingvulnerabilities.pdb
.text$di
.text$mn
.text$mn$00
.text$x
.text$yd
.idata$5
.00cfg
.CRT$XCA
.CRT$XCAA
.CRT$XCL
.CRT$XCU
.CRT$XCZ
.CRT$XIA
.CRT$XIAA
.CRT$XIAC
.CRT$XIZ
.CRT$XPA
.CRT$XPZ
.CRT$XTA
.CRT$XTZ
.rdata
.rdata$r
.rdata$voltmd
.rdata$zzzdbg
.rtc$IAA
.rtc$IZZ
.rtc$TAA
.rtc$TZZ
.xdata
.xdata$x
.idata$2
.idata$3
.idata$4
.idata$6
.data$r
.data$rs
.pdata
.rsrc$01
.rsrc$02
GetCurrentProcess
LocalAlloc
FormatMessageW
GetLastError
LoadLibraryA
CloseHandle
GetProcAddress
LocalFree
KERNEL32.dll
OLEAUT32.dll
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?uncaught_exception@std@@YA_NXZ
?_Xout_of_range@std@@YAXPEBD@Z
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?_Xlength_error@std@@YAXPEBD@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEBX@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?good@ios_base@std@@QEBA_NXZ
??7ios_base@std@@QEBA_NXZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
??Bid@locale@std@@QEAA_KXZ
MSVCP140.dll
?_Xbad_alloc@std@@YAXXZ
__CxxFrameHandler4
__std_exception_destroy
__std_exception_copy
__std_terminate
memcpy
__C_specific_handler
_CxxThrowException
__current_exception
__current_exception_context
memset
VCRUNTIME140_1.dll
VCRUNTIME140.dll
__stdio_common_vswprintf_s
fflush
fclose
_unlock_file
_lock_file
fwrite
fgetpos
setvbuf
_time64
ungetc
fsetpos
_fseeki64
_invalid_parameter_noinfo_noreturn
_get_stream_buffer_pointers
malloc
_callnewh
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_crt_atexit
_cexit
_seh_filter_exe
_set_app_type
__setusermatherr
_get_initial_narrow_environment
_initterm
_initterm_e
_set_fmode
__p___argc
__p___argv
_c_exit
_register_thread_local_exe_atexit_callback
_configthreadlocale
_set_new_mode
__p__commode
terminate
api-ms-win-crt-runtime-l1-1-0.dll
api-ms-win-crt-stdio-l1-1-0.dll
api-ms-win-crt-utility-l1-1-0.dll
api-ms-win-crt-filesystem-l1-1-0.dll
api-ms-win-crt-time-l1-1-0.dll
api-ms-win-crt-heap-l1-1-0.dll
api-ms-win-crt-math-l1-1-0.dll
api-ms-win-crt-locale-l1-1-0.dll
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
memmove
strcmp
api-ms-win-crt-string-l1-1-0.dll
.?AVbad_alloc@std@@
.?AVbad_cast@std@@
.?AVexception@std@@
.?AVbad_array_new_length@std@@
.?AVtype_info@@
.?AV?$basic_filebuf@DU?$char_traits@D@std@@@std@@
.?AV?$basic_ifstream@DU?$char_traits@D@std@@@std@@
.?AVios_base@std@@
.?AV?$_Iosb@H@std@@
.?AV?$basic_ofstream@DU?$char_traits@D@std@@@std@@
.?AV?$basic_streambuf@DU?$char_traits@D@std@@@std@@
.?AV?$basic_istream@DU?$char_traits@D@std@@@std@@
.?AV?$basic_ios@DU?$char_traits@D@std@@@std@@
.?AV_com_error@@
.?AV?$basic_ostream@DU?$char_traits@D@std@@@std@@
<?xml version='1.0' encoding='UTF-8' standalone='yes'?>
<assembly xmlns='urn:schemas-microsoft-com:asm.v1' manifestVersion='1.0'>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
<security>
<requestedPrivileges>
<requestedExecutionLevel level='asInvoker' uiAccess='false' />
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
@[/;@@@@
c::::@
yRe%.I$
IDispatch error #%d
Unknown error 0x%0lX
WinDed
WScript.Shell
CreateShortcut
TargetPath
)Microsoft Corporation
Description
Antivirus Signature
Bkav W64.AIDetectMalware
Lionic Clean
Elastic malicious (high confidence)
ClamAV Win.Malware.Tedy-10044415-0
CMC Clean
CAT-QuickHeal Clean
Skyhigh Clean
ALYac Generic.Dacic.6108.7DEB8AFB
Cylance Clean
Zillya Trojan.AgentAGen.Win32.138065
Sangfor Clean
CrowdStrike win/malicious_confidence_60% (D)
Alibaba Clean
K7GW Trojan ( 005c59531 )
K7AntiVirus Trojan ( 005c59531 )
huorong Trojan/Agent.chc
Baidu Clean
VirIT Clean
Paloalto Clean
Symantec ML.Attribute.HighConfidence
tehtris Clean
ESET-NOD32 Win64/Agent.FVV
APEX Malicious
Avast Win64:MalwareX-gen [Misc]
Cynet Malicious (score: 99)
Kaspersky HEUR:Trojan.Win32.Agent.pef
BitDefender Generic.Dacic.6108.7DEB8AFB
NANO-Antivirus Clean
ViRobot Clean
MicroWorld-eScan Generic.Dacic.6108.7DEB8AFB
Tencent Trojan.Win64.Agent.16001895
Sophos Clean
F-Secure Trojan.TR/Agent_AGen.snbsy
DrWeb Clean
VIPRE Generic.Dacic.6108.7DEB8AFB
TrendMicro Clean
McAfeeD ti!7C5B4B86ECBD
Trapmine Clean
CTX exe.unknown.dacic
Emsisoft Generic.Dacic.6108.7DEB8AFB (B)
Ikarus Trojan.Win64.Agent
GData Generic.Dacic.6108.7DEB8AFB
Jiangmin Trojan.Tedy.cj
Webroot Clean
Varist W64/Agent.LCF.gen!Eldorado
Avira TR/Agent_AGen.snbsy
Antiy-AVL Trojan/Win32.Agent
Kingsoft Clean
Gridinsoft Trojan.Win64.Agent.oa!s1
Xcitium Clean
Arcabit Generic.Dacic.6108.7DEB8AFB
SUPERAntiSpyware Trojan.Agent/Gen-Crypt
ZoneAlarm Clean
Microsoft Trojan:Win64/Tedy.ATYE!MTB
Google Detected
AhnLab-V3 Trojan/Win.Generic.R700341
Acronis Clean
VBA32 Trojan.Agent
TACHYON Clean
Malwarebytes Malware.AI.1515020114
Panda Trj/GdSda.A
Zoner Clean
TrendMicro-HouseCall Clean
Rising Trojan.Agent!8.B1E (RDMK:cmRtazrr1FMmPpWHHcPCm14BOBee)
Yandex Trojan.Agent!0uHxq6uv8yE
TrellixENS Clean
SentinelOne Clean
MaxSecure Trojan.Malware.300983.susgen
Fortinet W32/Agent_AGen.EUV!tr
AVG Win64:MalwareX-gen [Misc]
DeepInstinct MALICIOUS
alibabacloud Clean
IRMA Signature
Trend Micro SProtect (Linux) Clean
Avast Core Security (Linux) Win64:MalwareX-gen [Misc]
C4S ClamAV (Linux) Win.Malware.Tedy-10044415-0
Trellix (Linux) Clean
Sophos Anti-Virus (Linux) Mal/Generic-S
Bitdefender Antivirus (Linux) Generic.Dacic.6108.7DEB8AFB
G Data Antivirus (Windows) Virus: Generic.Dacic.6108.7DEB8AFB (Engine A)
WithSecure (Linux) Trojan.TR/Agent_AGen.snbsy
ESET Security (Windows) Win64/Agent.FVV trojan
DrWeb Antivirus (Linux) Trojan.MulDrop32.32436
ClamAV (Linux) Win.Malware.Tedy-10044415-0
eScan Antivirus (Linux) Generic.Dacic.6108.7DEB8AFB(DB)
Kaspersky Standard (Windows) HEUR:Trojan.Win32.Agent.pef
Emsisoft Commandline Scanner (Windows) Generic.Dacic.6108.7DEB8AFB (B)
Cuckoo

We're processing your submission... This could take a few seconds.