Suspicious
Suspect

019e2908e6762b84d64475b84f7ac951

PE Executable
|
MD5: 019e2908e6762b84d64475b84f7ac951
|
Size: 892.93 KB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
019e2908e6762b84d64475b84f7ac951
Sha1
51e517e785d6902015cdb22e280816aa4e5c9b64
Sha256
85689bddd40f7d9d2608a2ca656b74731a1c3ce1e1d011d297b1211452178344
Sha384
0f0a53b2a822372816e0022d2ba8326c917e6b2876ddad29435df0d30b98d7a990a5cc61cf8229187aea6810b9e25aa5
Sha512
549743c849d4028d71b49e9ecde06400273fe08d68cc9704fd2ffbf38f2ad851d0aef4312ca31b38cf820280bef4a9e474c3b568657798e8cd4ab4c297f28c6d
SSDeep
12288:7jXHQpnCFFdVXUjmsnAxuv9eE8fsYyY25BkL9+Dwk7yGnSk:70WbaCgvyfsYwRnnz
TLSH
D9159DA833495D81D03C77399973375087F2B9DBE8BA831A56CCA2DEB5227D02D9170B

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
019e2908e6762b84d64475b84f7ac951
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
Informations
Name
 Value
Module Name

OBINA-77846YRH
Full Name

OBINA-77846YRH
EntryPoint

System.Void Ck6a8.p5C3Kz::Lx98QpHc()
Scope Name

OBINA-77846YRH
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

OBINA-77846YRH
Assembly Version

1.4.6.13
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

3094
Main Method

System.Void Ck6a8.p5C3Kz::Lx98QpHc()
Main IL Instruction Count

132
Main IL

nop <null> nop <null> ldstr MjA= stloc.0 <null> ldstr MTA= stloc.1 <null> ldstr NA== stloc.2 <null> call System.Text.Encoding System.Text.Encoding::get_UTF8() ldloc.0 <null> call System.Byte[] System.Convert::FromBase64String(System.String) callvirt System.String System.Text.Encoding::GetString(System.Byte[]) call System.Int32 System.Convert::ToInt32(System.String) stloc.3 <null> call System.Text.Encoding System.Text.Encoding::get_UTF8() ldloc.1 <null> call System.Byte[] System.Convert::FromBase64String(System.String) callvirt System.String System.Text.Encoding::GetString(System.Byte[]) call System.Int32 System.Convert::ToInt32(System.String) stloc.s V_4 call System.Text.Encoding System.Text.Encoding::get_UTF8() ldloc.2 <null> call System.Byte[] System.Convert::FromBase64String(System.String) callvirt System.String System.Text.Encoding::GetString(System.Byte[]) call System.Int32 System.Convert::ToInt32(System.String) stloc.s V_5 ldloc.3 <null> ldloc.s V_4 mul.ovf <null> stloc.s V_6 ldloc.s V_6 ldloc.s V_5 add.ovf <null> stloc.s V_7 call System.DateTime System.DateTime::get_Now() stloc.s V_8 ldc.i4 2000 stloc.s V_9 br.s IL_00A6: call System.DateTime System.DateTime::get_Now() ldloc.s V_7 conv.r8 <null> call System.Double System.Math::Sqrt(System.Double) ldloc.s V_7 conv.r8 <null> ldc.r8 2 call System.Double System.Math::Pow(System.Double,System.Double) mul <null> stloc.s V_11 ldloc.s V_11 ldc.r8 100 rem <null> call System.Double System.Math::Round(System.Double) conv.ovf.i4 <null> stloc.s V_7 nop <null> call System.DateTime System.DateTime::get_Now() ldloc.s V_8 call System.TimeSpan System.DateTime::op_Subtraction(System.DateTime,System.DateTime) stloc.s V_13 ldloca.s V_13 call System.Double System.TimeSpan::get_TotalMilliseconds() ldloc.s V_9 conv.r8 <null> clt <null> stloc.s V_12 ldloc.s V_12 brtrue.s IL_0075: ldloc.s V_7 ldc.r8 0 stloc.s V_10 ldc.i4.1 <null> stloc.s V_14 ldloc.s V_10 ldloc.s V_14 conv.r8 <null> call System.Double System.Math::Sin(System.Double) ldloc.s V_14 conv.r8 <null> call System.Double System.Math::Cos(System.Double) mul <null> add <null> stloc.s V_10 ldloc.s V_14 ldc.i4.1 <null> add.ovf <null> stloc.s V_14 ldloc.s V_14 ldc.i4 1000000 ble.s IL_00D4: ldloc.s V_10 call System.DateTime System.DateTime::get_Now() stloc.s V_8 ldc.i4 3000 stloc.s V_9 br.s IL_0131: call System.DateTime System.DateTime::get_Now() ldloc.s V_7 conv.r8 <null> call System.Double System.Math::Log(System.Double) ldloc.s V_7 conv.r8 <null> call System.Double System.Math::Exp(System.Double) add <null> stloc.s V_15 ldloc.s V_15 ldc.r8 50 rem <null> call System.Double System.Math::Round(System.Double) conv.ovf.i4 <null> stloc.s V_7 nop <null> call System.DateTime System.DateTime::get_Now() ldloc.s V_8 call System.TimeSpan System.DateTime::op_Subtraction(System.DateTime,System.DateTime) stloc.s V_13 ldloca.s V_13 call System.Double System.TimeSpan::get_TotalMilliseconds() ldloc.s V_9 conv.r8 <null> clt <null> stloc.s V_16 ldloc.s V_16 brtrue.s IL_0109: ldloc.s V_7 ldstr 595183056 call System.Void Ck6a8.Hw57Ec::p1W8Ea(System.String) nop <null> leave.s IL_016E: nop dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.s V_17 nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_016E: nop nop <null> ret <null>
Module Name

OBINA-77846YRH
Full Name

OBINA-77846YRH
EntryPoint

System.Void Ck6a8.p5C3Kz::Lx98QpHc()
Scope Name

OBINA-77846YRH
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

OBINA-77846YRH
Assembly Version

1.4.6.13
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

3094
Main Method

System.Void Ck6a8.p5C3Kz::Lx98QpHc()
Main IL Instruction Count

132
Main IL

nop <null> nop <null> ldstr MjA= stloc.0 <null> ldstr MTA= stloc.1 <null> ldstr NA== stloc.2 <null> call System.Text.Encoding System.Text.Encoding::get_UTF8() ldloc.0 <null> call System.Byte[] System.Convert::FromBase64String(System.String) callvirt System.String System.Text.Encoding::GetString(System.Byte[]) call System.Int32 System.Convert::ToInt32(System.String) stloc.3 <null> call System.Text.Encoding System.Text.Encoding::get_UTF8() ldloc.1 <null> call System.Byte[] System.Convert::FromBase64String(System.String) callvirt System.String System.Text.Encoding::GetString(System.Byte[]) call System.Int32 System.Convert::ToInt32(System.String) stloc.s V_4 call System.Text.Encoding System.Text.Encoding::get_UTF8() ldloc.2 <null> call System.Byte[] System.Convert::FromBase64String(System.String) callvirt System.String System.Text.Encoding::GetString(System.Byte[]) call System.Int32 System.Convert::ToInt32(System.String) stloc.s V_5 ldloc.3 <null> ldloc.s V_4 mul.ovf <null> stloc.s V_6 ldloc.s V_6 ldloc.s V_5 add.ovf <null> stloc.s V_7 call System.DateTime System.DateTime::get_Now() stloc.s V_8 ldc.i4 2000 stloc.s V_9 br.s IL_00A6: call System.DateTime System.DateTime::get_Now() ldloc.s V_7 conv.r8 <null> call System.Double System.Math::Sqrt(System.Double) ldloc.s V_7 conv.r8 <null> ldc.r8 2 call System.Double System.Math::Pow(System.Double,System.Double) mul <null> stloc.s V_11 ldloc.s V_11 ldc.r8 100 rem <null> call System.Double System.Math::Round(System.Double) conv.ovf.i4 <null> stloc.s V_7 nop <null> call System.DateTime System.DateTime::get_Now() ldloc.s V_8 call System.TimeSpan System.DateTime::op_Subtraction(System.DateTime,System.DateTime) stloc.s V_13 ldloca.s V_13 call System.Double System.TimeSpan::get_TotalMilliseconds() ldloc.s V_9 conv.r8 <null> clt <null> stloc.s V_12 ldloc.s V_12 brtrue.s IL_0075: ldloc.s V_7 ldc.r8 0 stloc.s V_10 ldc.i4.1 <null> stloc.s V_14 ldloc.s V_10 ldloc.s V_14 conv.r8 <null> call System.Double System.Math::Sin(System.Double) ldloc.s V_14 conv.r8 <null> call System.Double System.Math::Cos(System.Double) mul <null> add <null> stloc.s V_10 ldloc.s V_14 ldc.i4.1 <null> add.ovf <null> stloc.s V_14 ldloc.s V_14 ldc.i4 1000000 ble.s IL_00D4: ldloc.s V_10 call System.DateTime System.DateTime::get_Now() stloc.s V_8 ldc.i4 3000 stloc.s V_9 br.s IL_0131: call System.DateTime System.DateTime::get_Now() ldloc.s V_7 conv.r8 <null> call System.Double System.Math::Log(System.Double) ldloc.s V_7 conv.r8 <null> call System.Double System.Math::Exp(System.Double) add <null> stloc.s V_15 ldloc.s V_15 ldc.r8 50 rem <null> call System.Double System.Math::Round(System.Double) conv.ovf.i4 <null> stloc.s V_7 nop <null> call System.DateTime System.DateTime::get_Now() ldloc.s V_8 call System.TimeSpan System.DateTime::op_Subtraction(System.DateTime,System.DateTime) stloc.s V_13 ldloca.s V_13 call System.Double System.TimeSpan::get_TotalMilliseconds() ldloc.s V_9 conv.r8 <null> clt <null> stloc.s V_16 ldloc.s V_16 brtrue.s IL_0109: ldloc.s V_7 ldstr 595183056 call System.Void Ck6a8.Hw57Ec::p1W8Ea(System.String) nop <null> leave.s IL_016E: nop dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.s V_17 nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_016E: nop nop <null> ret <null>
Artefacts
Name
 Value
Embedded Resources

5
Suspicious Type Names (1-2 chars)

0
019e2908e6762b84d64475b84f7ac951 (892.93 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙