Suspicious
Suspect

077c3db1316bf1baf6bc5e24eaa02271

PE Executable
|
MD5: 077c3db1316bf1baf6bc5e24eaa02271
|
Size: 1.21 MB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very high

Hash
 Hash Value
MD5
077c3db1316bf1baf6bc5e24eaa02271
Sha1
cc050a0b92997cb39b2be453857d2d00743913d6
Sha256
3f4afb63372c77224c9117b1f9c13cca311c0e73e33c6b0a61f5b99b8efa76fe
Sha384
8edf3e7fb29cdde1e481686378c75ab0ecc342d0c588c234ffe5caa2896b12c258ee7dbdae09290c4aead5ee667370bf
Sha512
89262a10eca37df6d5e9e5b933efbec6304ffc3674c19bfaf89c2f43e68422b4144302cfdb6a67baff9911a3e6021109eca8bd8eaf88ec9c4cd9de47a088ecb9
SSDeep
12288:QqQaxYhRMykk7CdKdrBpQvm5vkZHqolkul3A6G91lS8nhms0Oh7l21KObAFQ4sci:QTSqyOCdeIlkEwRlS4Jo1KOb8F
TLSH
4245F22E1AD55AA0E0BEDB38A37510A403F4B65FC611F76E6D8C52E4CF1138A65233B3

PeID

Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual Studio .NET
File Structure
077c3db1316bf1baf6bc5e24eaa02271
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
Kairolytix.DTnolina
9noZd.Resources.resources
afe06acbec12d9.Resources.resources
ba9d337b0
[NBF]root.Data
ba9d337b1
[NBF]root.Data
ba9d337b10
[NBF]root.Data
ba9d337b11
[NBF]root.Data
ba9d337b12
[NBF]root.Data
ba9d337b13
[NBF]root.Data
ba9d337b14
[NBF]root.Data
ba9d337b15
[NBF]root.Data
ba9d337b16
[NBF]root.Data
ba9d337b17
[NBF]root.Data
ba9d337b18
[NBF]root.Data
ba9d337b19
[NBF]root.Data
ba9d337b2
[NBF]root.Data
ba9d337b20
[NBF]root.Data
ba9d337b21
[NBF]root.Data
ba9d337b22
[NBF]root.Data
ba9d337b23
[NBF]root.Data
ba9d337b24
[NBF]root.Data
ba9d337b25
[NBF]root.Data
ba9d337b26
[NBF]root.Data
ba9d337b27
[NBF]root.Data
ba9d337b28
[NBF]root.Data
ba9d337b29
[NBF]root.Data
ba9d337b3
[NBF]root.Data
ba9d337b30
[NBF]root.Data
ba9d337b31
[NBF]root.Data
ba9d337b32
[NBF]root.Data
ba9d337b33
[NBF]root.Data
ba9d337b34
[NBF]root.Data
ba9d337b35
[NBF]root.Data
ba9d337b36
[NBF]root.Data
ba9d337b37
[NBF]root.Data
ba9d337b38
[NBF]root.Data
ba9d337b39
[NBF]root.Data
ba9d337b4
[NBF]root.Data
ba9d337b5
[NBF]root.Data
ba9d337b6
[NBF]root.Data
ba9d337b7
[NBF]root.Data
ba9d337b8
[NBF]root.Data
ba9d337b9
[NBF]root.Data
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

9noZd
Full Name

9noZd
EntryPoint

System.Void 9noZd.1Qjmi2_ZMis96R::5aqBknQ8()
Scope Name

9noZd
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

9noZd
Assembly Version

15.12.8.164
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

674
Main Method

System.Void 9noZd.1Qjmi2_ZMis96R::5aqBknQ8()
Main IL Instruction Count

87
Main IL

nop <null> nop <null> ldc.i4.s 25 stloc.0 <null> ldloc.0 <null> ldc.i4.s 23 add.ovf <null> ldc.i4.s 25 div <null> ldc.i4.s 25 mul.ovf <null> stloc.0 <null> ldloc.0 <null> ldc.i4.1 <null> sub.ovf <null> ldc.i4.1 <null> add.ovf <null> newarr System.Object stloc.1 <null> call System.Reflection.Assembly System.Reflection.Assembly::GetExecutingAssembly() callvirt System.String System.Reflection.Assembly::get_Location() call System.Diagnostics.FileVersionInfo System.Diagnostics.FileVersionInfo::GetVersionInfo(System.String) callvirt System.String System.Diagnostics.FileVersionInfo::get_FileVersion() stloc.2 <null> ldloc.2 <null> call System.Boolean System.String::IsNullOrEmpty(System.String) stloc.s V_7 ldloc.s V_7 brfalse.s IL_0042: ldc.i4.s 26 ldstr 1.0.0.0 stloc.2 <null> ldc.i4.s 26 call System.String System.Environment::GetFolderPath(System.Environment/SpecialFolder) ldstr SystemTools call System.String System.IO.Path::Combine(System.String,System.String) stloc.3 <null> ldloc.3 <null> call System.Boolean System.IO.Directory::Exists(System.String) ldc.i4.0 <null> ceq <null> stloc.s V_8 ldloc.s V_8 brfalse.s IL_006B: nop ldloc.3 <null> call System.IO.DirectoryInfo System.IO.Directory::CreateDirectory(System.String) pop <null> nop <null> nop <null> ldc.i4.s 80 call System.Void System.Threading.Thread::Sleep(System.Int32) nop <null> ldstr DTnolina stloc.s V_4 ldloc.s V_4 call System.Object 9noZd.1Qjmi2_ZMis96R::aHa90wJstn3WN(System.String) call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) stloc.s V_5 ldloc.s V_5 ldnull <null> ceq <null> stloc.s V_9 ldloc.s V_9 brfalse.s IL_0096: ldloc.s V_5 leave.s IL_00CC: nop ldloc.s V_5 call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) call System.Object 9noZd.1Qjmi2_ZMis96R::zLn6r1K(System.Object) call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) stloc.s V_6 ldloc.1 <null> ldloc.0 <null> ldc.i4.1 <null> sub.ovf <null> ldloc.s V_6 call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) stelem.ref <null> ldloc.1 <null> ldloc.0 <null> call System.Void 9noZd.1Qjmi2_ZMis96R::2xsBDt(System.Object[],System.Int32) nop <null> leave.s IL_00CC: nop call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_00CC: nop nop <null> ret <null>
Module Name

9noZd
Full Name

9noZd
EntryPoint

System.Void 9noZd.1Qjmi2_ZMis96R::5aqBknQ8()
Scope Name

9noZd
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

9noZd
Assembly Version

15.12.8.164
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

674
Main Method

System.Void 9noZd.1Qjmi2_ZMis96R::5aqBknQ8()
Main IL Instruction Count

87
Main IL

nop <null> nop <null> ldc.i4.s 25 stloc.0 <null> ldloc.0 <null> ldc.i4.s 23 add.ovf <null> ldc.i4.s 25 div <null> ldc.i4.s 25 mul.ovf <null> stloc.0 <null> ldloc.0 <null> ldc.i4.1 <null> sub.ovf <null> ldc.i4.1 <null> add.ovf <null> newarr System.Object stloc.1 <null> call System.Reflection.Assembly System.Reflection.Assembly::GetExecutingAssembly() callvirt System.String System.Reflection.Assembly::get_Location() call System.Diagnostics.FileVersionInfo System.Diagnostics.FileVersionInfo::GetVersionInfo(System.String) callvirt System.String System.Diagnostics.FileVersionInfo::get_FileVersion() stloc.2 <null> ldloc.2 <null> call System.Boolean System.String::IsNullOrEmpty(System.String) stloc.s V_7 ldloc.s V_7 brfalse.s IL_0042: ldc.i4.s 26 ldstr 1.0.0.0 stloc.2 <null> ldc.i4.s 26 call System.String System.Environment::GetFolderPath(System.Environment/SpecialFolder) ldstr SystemTools call System.String System.IO.Path::Combine(System.String,System.String) stloc.3 <null> ldloc.3 <null> call System.Boolean System.IO.Directory::Exists(System.String) ldc.i4.0 <null> ceq <null> stloc.s V_8 ldloc.s V_8 brfalse.s IL_006B: nop ldloc.3 <null> call System.IO.DirectoryInfo System.IO.Directory::CreateDirectory(System.String) pop <null> nop <null> nop <null> ldc.i4.s 80 call System.Void System.Threading.Thread::Sleep(System.Int32) nop <null> ldstr DTnolina stloc.s V_4 ldloc.s V_4 call System.Object 9noZd.1Qjmi2_ZMis96R::aHa90wJstn3WN(System.String) call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) stloc.s V_5 ldloc.s V_5 ldnull <null> ceq <null> stloc.s V_9 ldloc.s V_9 brfalse.s IL_0096: ldloc.s V_5 leave.s IL_00CC: nop ldloc.s V_5 call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) call System.Object 9noZd.1Qjmi2_ZMis96R::zLn6r1K(System.Object) call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) stloc.s V_6 ldloc.1 <null> ldloc.0 <null> ldc.i4.1 <null> sub.ovf <null> ldloc.s V_6 call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) stelem.ref <null> ldloc.1 <null> ldloc.0 <null> call System.Void 9noZd.1Qjmi2_ZMis96R::2xsBDt(System.Object[],System.Int32) nop <null> leave.s IL_00CC: nop call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_00CC: nop nop <null> ret <null>
077c3db1316bf1baf6bc5e24eaa02271 (1.21 MB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙