Malicious
Malicious

00d8dc697cc5a26e3f3e9ffb828ea105

PE Executable
|
MD5: 00d8dc697cc5a26e3f3e9ffb828ea105
|
Size: 1.22 MB
|
application/x-dosexec

Infection Chain
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very high

Hash
 Hash Value
MD5
00d8dc697cc5a26e3f3e9ffb828ea105
Sha1
9350b076269b57cf35c4f652cc58fac5769ebb99
Sha256
6ffd43adae4c299f3c65d8fecda3103a7666904efbb86062cbabd516007636e4
Sha384
769f9bd0a4a88d9ec26a87a8f89d40b18dfdcd33f0b2a25b9512307fb7395ce1c25d6df5b1a084f87e012916d9260c96
Sha512
9b96fe92f0eee7f438f2b6051f65c31abb85ecbb6830fad06f1a3605bbe72827554ce475fd1dad3fbad42782ccccf29bcbbc726708483acb7f62aa4912efa2d1
SSDeep
24576:wLzgFKSH84KKSV4zVYQL7jrfpIGIT7ndp:wLz4yiNPTIn
TLSH
32454A017E44CE92F0191673C1EF420847F4A9616AA6E72BBDEA337D55123A73D0E9CB

PeID

.NET executable
HQR data file
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
00d8dc697cc5a26e3f3e9ffb828ea105
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
.Net Resources
EUHUACdLsLMAce3S1T.WtIMu6Y43mevQAl0AC
En07gp3g4sq9QvdMr2.HS6F5EJBGFamULyrnp
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

1ZX3qE
Full Name

1ZX3qE
EntryPoint

System.Void cwiM8Y9G46beGjFjuna.aCBKIO9Q746FeBjKhvu::hpkS3IuQGp()
Scope Name

1ZX3qE
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

bWkmW87n7
Assembly Version

0.5.4.8
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

63
Main Method

System.Void cwiM8Y9G46beGjFjuna.aCBKIO9Q746FeBjKhvu::hpkS3IuQGp()
Main IL Instruction Count

14
Main IL

br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull call System.Void mNLrvrS7uw2cuFr3xnJ.N9rCHbSLU4U6djbaQ4b::kLjw4iIsCLsZtxc4lksN0j() nop <null> ldsfld System.Object cwiM8Y9G46beGjFjuna.aCBKIO9Q746FeBjKhvu::P7tSnM3dut callvirt System.Void Rj1c1o9LmTRTUllIOhv.Ipg5S49EydQivfitjmx::I6K0xPypg0() nop <null> ret <null>
Module Name

1ZX3qE
Full Name

1ZX3qE
EntryPoint

System.Void cwiM8Y9G46beGjFjuna.aCBKIO9Q746FeBjKhvu::hpkS3IuQGp()
Scope Name

1ZX3qE
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

bWkmW87n7
Assembly Version

0.5.4.8
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

63
Main Method

System.Void cwiM8Y9G46beGjFjuna.aCBKIO9Q746FeBjKhvu::hpkS3IuQGp()
Main IL Instruction Count

14
Main IL

br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull call System.Void mNLrvrS7uw2cuFr3xnJ.N9rCHbSLU4U6djbaQ4b::kLjw4iIsCLsZtxc4lksN0j() nop <null> ldsfld System.Object cwiM8Y9G46beGjFjuna.aCBKIO9Q746FeBjKhvu::P7tSnM3dut callvirt System.Void Rj1c1o9LmTRTUllIOhv.Ipg5S49EydQivfitjmx::I6K0xPypg0() nop <null> ret <null>
00d8dc697cc5a26e3f3e9ffb828ea105 (1.22 MB)
File Structure
00d8dc697cc5a26e3f3e9ffb828ea105
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
.Net Resources
EUHUACdLsLMAce3S1T.WtIMu6Y43mevQAl0AC
En07gp3g4sq9QvdMr2.HS6F5EJBGFamULyrnp
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙