086e33b2cce7f1460f7828c2f1961394

PE Executable
|
MD5: 086e33b2cce7f1460f7828c2f1961394
|
Size: 289.11 KB
|
application/x-dosexec

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	086e33b2cce7f1460f7828c2f1961394
Sha1	409cf0161ee117ef7e176e62c20ea0c80e4b4ac7
Sha256	86cdddef536b2d56b43e91095abd41a465db9baffedb1aae557eac1bef7b7439
Sha384	a446d59bc00b49b2f8f8d6f38f5b81be06c6db2b78665a555f1d80d23d2f8a09d79cf96c27400282a63b8f312063808d
Sha512	df547122f1b05e33fcbd6f086e7d3bb8bd498138b0ecbcf6f319c2b9052efa93505207b8c2e7767f4de225fcc48fb1b49667f9e1558e417d61f2b3a51f53a178
SSDeep	6144:K7PjPSpCEyyDVWHP5KD+spMVdSN16TsVXAt1UJsGRU5WM/07wMVd:KTSCZIWHP5KD+spMVdSN16TsVXAt1UJH
TLSH	CC54AE8E329439DFC877C472ABB55EE4E7586C7A531B810B90A3119C9E2D587FF042E2

PeID

MASM/TASM - sig4 (h)

File Structure

Informations

Name0	Value
Info	PE Detect: PeReader OK (file layout)
Info	Authenticode present at 0x43A00 size 12120 bytes
Info	PDB Path: MicroSoft.pdb
Module Name	MicroSoft.exe
Full Name	MicroSoft.exe
EntryPoint	System.Int32 <Module>::⁯‪⁮⁯‪‎⁯‮⁯‫‫⁮‍⁭‪‬‌⁯⁭‌‭⁭‌‮⁪‭‫⁫‎⁮‭‎⁬‮(System.String[])
Scope Name	MicroSoft.exe
Scope Type	ModuleDef
Kind	Console
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	MicroSoft
Assembly Version	1.0.9521.41914
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.8
Total Strings	0
Main Method	System.Int32 <Module>::⁯‪⁮⁯‪‎⁯‮⁯‫‫⁮‍⁭‪‬‌⁯⁭‌‭⁭‌‮⁪‭‫⁫‎⁮‭‎⁬‮(System.String[])
Main IL Instruction Count	38
Main IL	call ‏‌⁪⁭‮‮⁯‌⁮⁯⁯‪⁯⁫⁯⁫‭‌‎⁯⁭⁫‎‪⁬⁫⁭⁮⁫⁯⁮‌⁫⁭‮ modopt(System.Runtime.CompilerServices.CallConvCdecl) <Module>::‎‎‎‪‬⁯‪‫‭⁫‍‏‭⁮‭⁮⁯‮‪‭‌‍‎‌⁪‎‍‪‏‏‎‭‌⁯⁪‏‌‭‮() call System.Int32 modopt(System.Runtime.CompilerServices.CallConvCdecl) <Module>::‮‮⁫‎⁭‌‮‌‪⁬⁫‏‌‍‪‮⁯‭‎⁯‫‏⁮‫⁭‍⁬⁮‎⁮‌‍‮⁭‎⁫‮(‏‌⁪⁭‮‮⁯‌⁮⁯⁯‪⁯⁫⁯⁫‭‌‎⁯⁭⁫‎‪⁬⁫⁭⁮⁫⁯⁮‌⁫⁭‮) pop <null> ldc.i4 1450777607 ldc.i4 1991928661 xor <null> dup <null> stloc.2 <null> ldc.i4.3 <null> rem.un <null> switch dnlib.DotNet.Emit.Instruction[] br.s IL_0047: call System.Char modopt(System.Runtime.CompilerServices.CallConvCdecl) <Module>::‏‏⁪⁬‪⁬‎‪⁫‮‍‌‭‌‮⁫‬‏‌‬‬⁯‏⁫⁯⁭‍‌‍‫⁯⁯‍⁫‍⁭⁫‌⁮‮() call System.Int32 modopt(System.Runtime.CompilerServices.CallConvCdecl) <Module>::‎⁮‌‏⁪⁮‬⁬⁫‎⁯⁭⁬⁭⁮‌‫‎‭‪‫⁮‪‫⁪‮‬‬⁭‍‎‪‏⁬‫‫‍‬⁯‮() call System.Int32 modopt(System.Runtime.CompilerServices.CallConvCdecl) <Module>::⁮‪‍⁫‪⁮‬‪‎⁫‎‮‍‪⁯⁭‬‌‬‭⁮‮‪‪⁫‮‬⁭‮‏‭‏‫‎⁬‍‌‮‮(System.Int32) pop <null> ldloc.2 <null> ldc.i4 688767550 mul <null> ldc.i4 1149866908 xor <null> br.s IL_0010: ldc.i4 1991928661 call System.Char modopt(System.Runtime.CompilerServices.CallConvCdecl) <Module>::‏‏⁪⁬‪⁬‎‪⁫‮‍‌‭‌‮⁫‬‏‌‬‬⁯‏⁫⁯⁭‍‌‍‫⁯⁯‍⁫‍⁭⁫‌⁮‮() stloc.1 <null> ldarg.0 <null> call System.Int32 <Module>::⁭⁫⁪‭⁫⁫‎‌‫‏‮⁭⁬‪⁪‎‎‫‮⁪⁬⁪‬‍‎‬⁪⁯‍⁪⁪⁪⁮⁮‭‍‏‭⁪‮(System.String[]) stloc.0 <null> leave.s IL_0071: ldloc.0 pop <null> call System.Int32 <Module>::‪‎⁬‫⁫‪‎‫‭‭‫⁪‭‮‌⁬‪⁯‌‎‍‭‮⁮⁪‭⁫‏‏‮⁪‪‭⁮‮() call System.IntPtr <Module>::⁯‎⁭‭‌‎‭‭‫‍‏‭‍‌⁪‫‫‍‮‌‮‌‬‪⁫⁮‬‍‎‪‪‭‭‪‮‪‍‮‮() call System.Int32 modopt(System.Runtime.CompilerServices.CallConvCdecl) <Module>::‌‭‌‭‌⁪⁮⁪‏‏⁪⁬‫⁪‌⁭‌‍‭‏‌‌‫‍‬‌⁬⁪⁮‭⁫‫⁯⁮⁮‪⁬‮(System.UInt32 modopt(System.Runtime.CompilerServices.IsLong),⁬⁯⁫⁮⁫‬‌‏⁫‭‌‮‭⁬⁭⁯‏⁬‎‬‪⁭⁯‏⁬⁭‍⁪⁮⁯⁬‮⁫‮⁯‏‬‪‮*) endfilter <null> pop <null> call System.Int32 <Module>::‪‎⁬‫⁫‪‎‫‭‭‫⁪‭‮‌⁬‪⁯‌‎‍‭‮⁮⁪‭⁫‏‏‮⁪‪‭⁮‮() stloc.0 <null> leave.s IL_0071: ldloc.0 ldloc.0 <null> ret <null>

086e33b2cce7f1460f7828c2f1961394 (289.11 KB)

File Structure

Characteristics

No malware configuration were found at this point.

You must be signed in to post a comment.

086e33b2cce7f1460f7828c2f1961394

PE Executable | MD5: 086e33b2cce7f1460f7828c2f1961394 | Size: 289.11 KB | application/x-dosexec

PE Executable
|
MD5: 086e33b2cce7f1460f7828c2f1961394
|
Size: 289.11 KB
|
application/x-dosexec