Malicious
Malicious

03f213b823cec72ca7bbc6efc1fad38f

PE Executable
|
MD5: 03f213b823cec72ca7bbc6efc1fad38f
|
Size: 3.84 MB
|
application/x-dosexec

Infection Chain
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Low

Hash
 Hash Value
MD5
03f213b823cec72ca7bbc6efc1fad38f
Sha1
3cc0ad2ce4f44d94156b75f840dea6d85d7153b7
Sha256
49da831fdd4b8116e9ba67cf872f49593e35d05b6b9a8c8f6e12afe6157b80fb
Sha384
ddd4f94606044121d85453044723b75b6f486d9566d1767f328feec7e82ac8c464e86d20f1c289d408bfa4bec33cc52d
Sha512
2844a5a500fb81f53314e6b96936dd8a6990b1a3a4791f43a91d6bdc5cf8881c7855a236595a9b56380bc24e2b777b3d0796a9fb34a667bfa9739b41edb58221
SSDeep
49152:PAPrXmucajwrxOVIgS7DiWDbjoDY6RP2Pw3NI1MY0QZNsEdhDo/:oPzmnarS7Dia/oDYK3K1n0/ONo
TLSH
2F063A23EBCEB563C60A777ECDF708922360E2456317D30F6A49539A580776E9B0670E

PeID

.NET executable
HQR data file
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual C++ v6.0 DLL
Microsoft Visual Studio .NET
File Structure
03f213b823cec72ca7bbc6efc1fad38f
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
Xesmlezplg.Properties.Resources.resources
Ehkkuj
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

Hpikxj.exe
Full Name

Hpikxj.exe
EntryPoint

System.Void SteamKit2.Collectors.ReceiverError::CloseReceiver()
Scope Name

Hpikxj.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Hpikxj
Assembly Version

1.0.7154.4659
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

1291
Main Method

System.Void SteamKit2.Collectors.ReceiverError::CloseReceiver()
Main IL Instruction Count

18
Main IL

ldc.i4 1 stloc V_0 br IL_000E: ldloc V_0 ldloc V_0 switch dnlib.DotNet.Emit.Instruction[] br IL_0057: ret newobj System.Void SteamKit2.Collectors.IterableReceiver::.ctor() call System.Byte[] SteamKit2.Collectors.IterableReceiver::AcceptHiddenReceiver() call System.Byte[] SteamKit2.Verification.IntegratedVerifier::CheckAdaptableVerifier(System.Object) call System.Void Hpikxj.Templating.VirtualTemplate::DefineCommonTemplate(System.Object) ldc.i4 0 ldsfld <Module>{4f9d6bba-a354-410a-8e4a-0e1725c100b0} <Module>{4f9d6bba-a354-410a-8e4a-0e1725c100b0}::m_3269217a655c43d4a71bc11ae6ec773a ldfld System.Int32 <Module>{4f9d6bba-a354-410a-8e4a-0e1725c100b0}::m_2e1b7b83038449cca0bd485cd387e291 brtrue IL_0012: switch(IL_0057,IL_0024) pop <null> ldc.i4 0 br IL_0012: switch(IL_0057,IL_0024) ret <null>
Module Name

Hpikxj.exe
Full Name

Hpikxj.exe
EntryPoint

System.Void SteamKit2.Collectors.ReceiverError::CloseReceiver()
Scope Name

Hpikxj.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Hpikxj
Assembly Version

1.0.7154.4659
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

1291
Main Method

System.Void SteamKit2.Collectors.ReceiverError::CloseReceiver()
Main IL Instruction Count

18
Main IL

ldc.i4 1 stloc V_0 br IL_000E: ldloc V_0 ldloc V_0 switch dnlib.DotNet.Emit.Instruction[] br IL_0057: ret newobj System.Void SteamKit2.Collectors.IterableReceiver::.ctor() call System.Byte[] SteamKit2.Collectors.IterableReceiver::AcceptHiddenReceiver() call System.Byte[] SteamKit2.Verification.IntegratedVerifier::CheckAdaptableVerifier(System.Object) call System.Void Hpikxj.Templating.VirtualTemplate::DefineCommonTemplate(System.Object) ldc.i4 0 ldsfld <Module>{4f9d6bba-a354-410a-8e4a-0e1725c100b0} <Module>{4f9d6bba-a354-410a-8e4a-0e1725c100b0}::m_3269217a655c43d4a71bc11ae6ec773a ldfld System.Int32 <Module>{4f9d6bba-a354-410a-8e4a-0e1725c100b0}::m_2e1b7b83038449cca0bd485cd387e291 brtrue IL_0012: switch(IL_0057,IL_0024) pop <null> ldc.i4 0 br IL_0012: switch(IL_0057,IL_0024) ret <null>
03f213b823cec72ca7bbc6efc1fad38f (3.84 MB)
File Structure
03f213b823cec72ca7bbc6efc1fad38f
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
Xesmlezplg.Properties.Resources.resources
Ehkkuj
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙