Malicious
Malicious

042294460498250324189c0f3b246b41

PE Executable
MD5: 042294460498250324189c0f3b246b41
Size: 1.13 MB
application/x-dosexec
Ctrl + scroll to zoom · drag to pan

Get an AI-generated breakdown of this malware's behaviour, IOCs and recommendations.

AI analysis is available with Essential.
Unlock with Essential
Symbol Obfuscation Score Very high
MD5 042294460498250324189c0f3b246b41
Sha1 eb942efb914acd951859c361a390ae3f9f3df99f
Sha256 f9f14b4c12fc02ab7429fdcc5d050fb33120b776947c9d205fd637e8207384aa
Sha384 e552b7c71a036b58a2d9ddcd657c86cd3916b3dfe1e321628cca6c23449727c2e0e37de0663ef898544da865454cc707
Sha512 224e649bfbdad9b6fe4ee66ae7e9ef8e62048f4489bae4d0e3bd86ae62f07b1beb2f28422aa05ccc5d501e0835f19fe26ad7ca244bf08af365ec6b2d57305657
SSDeep 24576:HqwleHPxfnTdr+Lo8UNUEa+7oa/S7ysA+CeiY3ai:HqTsLERacoYS+sA+Ce
TLSH 483538017E46CA41F4085233D2EF858847B5A85166E6F32B7DBE376D95223A73C0E9CB
PeID
.NET executableHQR data fileMicrosoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL Microsoft Visual Studio .NET
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
.Net Resources
6bCLaCimrGmdic41Cx.93HR2KELLW1WGwJJEZ
U6dIIJZ1sw6DvH69vR.bbDaS4Oj7Y5ZpCrFmH
Name Value
Info
PE Detect: PeReader OK (file layout)
Module Name
EEfo9DSF1QamS1qMAwuLquvyLndJVXkosGwnQF
Full Name
EEfo9DSF1QamS1qMAwuLquvyLndJVXkosGwnQF
EntryPoint
System.Void iQsfPW6CTkZ3KKMKvBW.ClmV7g6WmTtT32rMgWd::ovJPBUdohh()
Scope Name
EEfo9DSF1QamS1qMAwuLquvyLndJVXkosGwnQF
Scope Type
ModuleDef
Kind
Windows
Runtime Version
v4.0.30319
Tables Header Version
512
WinMD Version
<null>
Assembly Name
2iG3NU44uXBEgMcJ
Assembly Version
3.3.6.4
Assembly Culture
<null>
Has PublicKey
False
PublicKey Token
<null>
Target Framework
.NETFramework,Version=v4.0
Total Strings
63
Main Method
System.Void iQsfPW6CTkZ3KKMKvBW.ClmV7g6WmTtT32rMgWd::ovJPBUdohh()
Main IL Instruction Count
14
Main IL
br.s IL_000B: ldc.i4.0
call <null>
ldnull <null>
ldc.i4.0 <null>
ldelem.ref <null>
pop <null>
ldc.i4.0 <null>
brtrue.s IL_0007: ldnull
call System.Void PTMNP7Pgta6JIY8W2IN.SL5x1xPfcMFOYcCEKZB::kLjw4iIsCLsZtxc4lksN0j()
nop <null>
ldsfld System.Object iQsfPW6CTkZ3KKMKvBW.ClmV7g6WmTtT32rMgWd::wGfPOA9O6f
callvirt System.Void iXThZT6f5SWh1Ij9wLM.VoSvce69c64oZlOeUpX::SNT2sERfUp()
nop <null>
ret <null>
Module Name
EEfo9DSF1QamS1qMAwuLquvyLndJVXkosGwnQF
Full Name
EEfo9DSF1QamS1qMAwuLquvyLndJVXkosGwnQF
EntryPoint
System.Void iQsfPW6CTkZ3KKMKvBW.ClmV7g6WmTtT32rMgWd::ovJPBUdohh()
Scope Name
EEfo9DSF1QamS1qMAwuLquvyLndJVXkosGwnQF
Scope Type
ModuleDef
Kind
Windows
Runtime Version
v4.0.30319
Tables Header Version
512
WinMD Version
<null>
Assembly Name
2iG3NU44uXBEgMcJ
Assembly Version
3.3.6.4
Assembly Culture
<null>
Has PublicKey
False
PublicKey Token
<null>
Target Framework
.NETFramework,Version=v4.0
Total Strings
63
Main Method
System.Void iQsfPW6CTkZ3KKMKvBW.ClmV7g6WmTtT32rMgWd::ovJPBUdohh()
Main IL Instruction Count
14
Main IL
br.s IL_000B: ldc.i4.0
call <null>
ldnull <null>
ldc.i4.0 <null>
ldelem.ref <null>
pop <null>
ldc.i4.0 <null>
brtrue.s IL_0007: ldnull
call System.Void PTMNP7Pgta6JIY8W2IN.SL5x1xPfcMFOYcCEKZB::kLjw4iIsCLsZtxc4lksN0j()
nop <null>
ldsfld System.Object iQsfPW6CTkZ3KKMKvBW.ClmV7g6WmTtT32rMgWd::wGfPOA9O6f
callvirt System.Void iXThZT6f5SWh1Ij9wLM.VoSvce69c64oZlOeUpX::SNT2sERfUp()
nop <null>
ret <null>
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
.Net Resources
6bCLaCimrGmdic41Cx.93HR2KELLW1WGwJJEZ
U6dIIJZ1sw6DvH69vR.bbDaS4Oj7Y5ZpCrFmH
No malware configuration was found at this point.
You must be signed in to view YARA rules.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙