Malicious
Malicious

0184b2c2c4e82a68bbd52734ed55368d

PE Executable
|
MD5: 0184b2c2c4e82a68bbd52734ed55368d
|
Size: 916.48 KB
|
application/x-dosexec

Print
General
Structural Analysis
Config.0
Yara Rules34
Sync
Community
Infection Chain
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very high

Hash
 Hash Value
MD5
0184b2c2c4e82a68bbd52734ed55368d
Sha1
74529c269aeee0d5b855110400f8b9fa9dd94375
Sha256
ff42ccd0615ed68fd5f182a4b960d81c342f9bc66a4cfc604b6c59db8d34d9ac
Sha384
5d12dc3fb1fed56264e1369ca84365d8eb9b4bceb524b8417460d3a4b37899564d81cd4118be01eb77eafea52705ad9d
Sha512
c8773c50f6cdc39ffe790e6cbc88e0ef9b1d0377c03d7c44c34d7a58adb8de406a81a6dfb84adc6b435e4893c77f371b90302d6b6abbbe5c49194c3445631916
SSDeep
12288:unutou+AbqyMIbKy6wt6KoN3wsctPzX3TnZn/IP+SuLGUfT:uuOAbqyMIbawYKO3yP73TnN/hbLxL
TLSH
A91518017E44CE81F0191233C6EF454857B09D916AA6E32B7DBE37AE25123A77C1DACB

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
0184b2c2c4e82a68bbd52734ed55368d
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
.Net Resources
OokXxDONwq6uuAHLnC.8ElDGwbyarVeU3SILs
ngC7cGsaNp2RJooKRg.1gYJorfpoRoMo0pmvj
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

cVj4RIbWylo
Full Name

cVj4RIbWylo
EntryPoint

System.Void MnV7EFWtQHM6Uf091BI.G2xM40Wj7rjjjKFAUaC::dqHbEhmqCQ()
Scope Name

cVj4RIbWylo
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

JE45crOBCzGBm1Jv2f
Assembly Version

0.3.9.2
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

63
Main Method

System.Void MnV7EFWtQHM6Uf091BI.G2xM40Wj7rjjjKFAUaC::dqHbEhmqCQ()
Main IL Instruction Count

14
Main IL

br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull call System.Void DdfncSbL9Js6nNWaMAt.iCuNUibmZTuuyiLu4WU::kLjw4iIsCLsZtxc4lksN0j() nop <null> ldsfld System.Object MnV7EFWtQHM6Uf091BI.G2xM40Wj7rjjjKFAUaC::UgVblFLln8 callvirt System.Void CDhBoEWmMfX933aqxnd.qLImvjW8qa43TbswpDh::sBsfxOuvq0() nop <null> ret <null>
Module Name

cVj4RIbWylo
Full Name

cVj4RIbWylo
EntryPoint

System.Void MnV7EFWtQHM6Uf091BI.G2xM40Wj7rjjjKFAUaC::dqHbEhmqCQ()
Scope Name

cVj4RIbWylo
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

JE45crOBCzGBm1Jv2f
Assembly Version

0.3.9.2
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

63
Main Method

System.Void MnV7EFWtQHM6Uf091BI.G2xM40Wj7rjjjKFAUaC::dqHbEhmqCQ()
Main IL Instruction Count

14
Main IL

br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull call System.Void DdfncSbL9Js6nNWaMAt.iCuNUibmZTuuyiLu4WU::kLjw4iIsCLsZtxc4lksN0j() nop <null> ldsfld System.Object MnV7EFWtQHM6Uf091BI.G2xM40Wj7rjjjKFAUaC::UgVblFLln8 callvirt System.Void CDhBoEWmMfX933aqxnd.qLImvjW8qa43TbswpDh::sBsfxOuvq0() nop <null> ret <null>
0184b2c2c4e82a68bbd52734ed55368d (916.48 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙