06d5334d49746b9e5df32096867cf7e3
PE Executable | MD5: 06d5334d49746b9e5df32096867cf7e3 | Size: 24.06 KB | application/x-dosexec
Symbol Obfuscation Score
|
Hash | Hash Value |
|---|---|
| MD5 | 06d5334d49746b9e5df32096867cf7e3
|
| Sha1 | 1cb39a426b8f13fa36bac4e9c4cc47a6042fb0c6
|
| Sha256 | 0b014555196d3200ff9a28efb49591f617c0ec9904da44b9348a4c27c4edc2de
|
| Sha384 | 03743ee9ce3b0068bd3207dbe72410e1a2595267b897c9c03bbabe956d604d1d5073404a9afaf40ad7d62be8f49f7bd2
|
| Sha512 | c30625c339dc57f71b01c233d031cb7e3f42f6f82451dcde49ae8873f41c182ca91e03b7eb6c564cd9bd1fdb4f4226d96c7f5dba020d8bda7f53dbcf1e21b1c4
|
| SSDeep | 384:/I2SUwXh0ZbAzlRGCvkodj46hgHK0hrV5mRvR6JZlbw8hqIusZzZ/Y2:YbhEkdvXRpcnuYb
|
| TLSH | EFB2084A3FA98856C5BC1A748AA5D65003B4D1470423EE2F8DC960CBAFB36D91D48AFD
|
PeID
|
Config. Field0 | Value |
|---|---|
| victim_name [VN] | ضحايا تورنت |
| version [VR] | 0.7d |
| executable_name [EXE] | System.exe |
| directory [DR] | TEMP |
| reg_key [RG] | bd65b48195955e9803148beaf1b6a792 |
| cnc_host [H] | ali19951995.ddns.net |
| cnc_port [P] | 1177 |
| splitter [Y] | |'|'| |
| BD [BD] | True |
| is_dir_defined [Idr] | True |
| is_startup_folder [IsF] | True |
| is_user_reg [Isu] | True |
| reg_path [sf] | Software\Microsoft\Windows\CurrentVersion\Run |
| packet_size [b] | 5121 |
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Module Name | j.exe |
| Full Name | j.exe |
| EntryPoint | System.Void j.A::main() |
| Scope Name | j.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v2.0.50727 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | j |
| Assembly Version | 0.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | <null> |
| Total Strings | 214 |
| Main Method | System.Void j.A::main() |
| Main IL Instruction Count | 2 |
| Main IL | call System.Void j.OK::ko() ret <null> |
| Module Name | j.exe |
| Full Name | j.exe |
| EntryPoint | System.Void j.A::main() |
| Scope Name | j.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v2.0.50727 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | j |
| Assembly Version | 0.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | <null> |
| Total Strings | 214 |
| Main Method | System.Void j.A::main() |
| Main IL Instruction Count | 2 |
| Main IL | call System.Void j.OK::ko() ret <null> |
|
Name0 | Value |
|---|---|
| CnC | ali19951995.ddns.net |
| Port | 1177 |
|
Config. Field0 | Value |
|---|---|
| victim_name [VN] | ضحايا تورنت |
| version [VR] | 0.7d |
| executable_name [EXE] | System.exe |
| directory [DR] | TEMP |
| reg_key [RG] | bd65b48195955e9803148beaf1b6a792 |
| cnc_host [H] | ali19951995.ddns.net |
| cnc_port [P] | 1177 |
| splitter [Y] | |'|'| |
| BD [BD] | True |
| is_dir_defined [Idr] | True |
| is_startup_folder [IsF] | True |
| is_user_reg [Isu] | True |
| reg_path [sf] | Software\Microsoft\Windows\CurrentVersion\Run |
| packet_size [b] | 5121 |
|
Name0 | Value | Location |
|---|---|---|
| CnC | ali19951995.ddns.net Malicious |
06d5334d49746b9e5df32096867cf7e3 |
| Port | 1177 Malicious |
06d5334d49746b9e5df32096867cf7e3 |