Suspicious
Suspect

092bf918dc5bee238d1769b39b138c1c

PE Executable
|
MD5: 092bf918dc5bee238d1769b39b138c1c
|
Size: 1.33 MB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Medium

Hash
 Hash Value
MD5
092bf918dc5bee238d1769b39b138c1c
Sha1
fd8bc7076922823e3663492dcda60b7fd8754467
Sha256
fdbb81e017d8da1de63f8ba31144baa47c351638d321f3b94d29c79385171148
Sha384
8c72cd1ab056af3bee6c9cc223b6b8766994deec8479aaadf258ea64de5eef76a499b92f8d5d57ccde405a2b87cf7637
Sha512
5b0bdbc8c78b0a6a20afc0b8300436daee4aa2a13fa99af247596932d2988965e7dedf7bd4fe420614f44d4281f10ad48374859a1fa44c2b06d68a6d16019a3b
SSDeep
24576:smi6foHrWcr1FQof3mj+z8/FpxY9+US997ZRCk4KsJ:sm/fWdr3bmj+gWo9tC3K0
TLSH
D155020BBACA86A3C1696B36C5F6462007B5F981B633D70E3D4713DE5E037BA4941B4B

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
092bf918dc5bee238d1769b39b138c1c
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
Xmntxt.Properties.Resources.resources
Jgbfqzoopdx
Informations
Name
 Value
Module Name

Znsqwtblks.exe
Full Name

Znsqwtblks.exe
EntryPoint

System.Void Znsqwtblks.Drivers.TransferableDriver::WatchDriver()
Scope Name

Znsqwtblks.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Znsqwtblks
Assembly Version

1.0.1799.24236
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

392
Main Method

System.Void Znsqwtblks.Drivers.TransferableDriver::WatchDriver()
Main IL Instruction Count

2
Main IL

call System.Void Znsqwtblks.Drivers.TransferableDriver::ForceDetachedDriver() ret <null>
Module Name

Znsqwtblks.exe
Full Name

Znsqwtblks.exe
EntryPoint

System.Void Znsqwtblks.Drivers.TransferableDriver::WatchDriver()
Scope Name

Znsqwtblks.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Znsqwtblks
Assembly Version

1.0.1799.24236
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

392
Main Method

System.Void Znsqwtblks.Drivers.TransferableDriver::WatchDriver()
Main IL Instruction Count

2
Main IL

call System.Void Znsqwtblks.Drivers.TransferableDriver::ForceDetachedDriver() ret <null>
092bf918dc5bee238d1769b39b138c1c (1.33 MB)
File Structure
092bf918dc5bee238d1769b39b138c1c
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
Xmntxt.Properties.Resources.resources
Jgbfqzoopdx
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙