Suspicious
Suspect

09d4d202ad31f235146bcdb152dfd73f

PE Executable
|
MD5: 09d4d202ad31f235146bcdb152dfd73f
|
Size: 1.83 MB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Low

Hash
 Hash Value
MD5
09d4d202ad31f235146bcdb152dfd73f
Sha1
8e9967f3493e29cfb77597c86f825f8384f3400a
Sha256
ecdc4285745f04d5d3141f3668e48d5633849cf2594c0092e943d1e7ac5384d0
Sha384
76e66e794cb42b67d591f83a833b9bd9f9e6f51656a0e1e162bda2f09f885fb44c05b6fde4ac90b4524255174b29d7bd
Sha512
30f3d12c6452879f0d91eab6d43bc3402d52374597a07255e9d1a5fa46dd0e49efe05259f740d92bf83264e18a8d1b10939e399ed97ec58ded26169fc90ce6fc
SSDeep
24576:WJzJkjdXFUG+LcaAH/2yCC2c0oidIWUL51hTLyKOho+8KT5dZ1c8:WO5G6p2cPidIWkTTmOKT5
TLSH
1385E1D0EEACA91BE47A6B39D0F3163007F8A4529E32EF4A085054D906537177DE26FB

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual C++ v6.0 DLL
Microsoft Visual Studio .NET
File Structure
09d4d202ad31f235146bcdb152dfd73f
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
Veehfjvp.Properties.Resources.resources
Cscfg
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

Aikmlov.exe
Full Name

Aikmlov.exe
EntryPoint

System.Void Veehfjvp.Cazapjpioaa::Main()
Scope Name

Aikmlov.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Aikmlov
Assembly Version

1.0.5207.20762
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

4890
Main Method

System.Void Veehfjvp.Cazapjpioaa::Main()
Main IL Instruction Count

75
Main IL

nop <null> ldnull <null> stloc.0 <null> br IL_001E: ldc.i4.1 nop <null> nop <null> call System.Byte[] Veehfjvp.Properties.Ewcdhfulzyu::get_Cscfg() stloc.0 <null> leave IL_0022: ldloc.0 pop <null> nop <null> nop <null> leave IL_001D: nop nop <null> ldc.i4.1 <null> stloc.1 <null> br.s IL_0008: nop ldloc.0 <null> ldnull <null> cgt.un <null> stloc.2 <null> ldloc.2 <null> brfalse IL_00A9: ret nop <null> ldloc.0 <null> call System.Byte[] Veehfjvp.Cazapjpioaa::Irhvfpz(System.Byte[]) stloc.3 <null> ldloc.3 <null> ldlen <null> ldc.i4.0 <null> cgt.un <null> stloc.s V_4 ldloc.s V_4 brfalse IL_00A8: nop nop <null> ldloc.3 <null> call System.Reflection.Assembly System.Reflection.Assembly::Load(System.Byte[]) stloc.s V_5 ldloc.s V_5 callvirt System.String System.Reflection.Assembly::get_CodeBase() call System.Boolean System.String::IsNullOrWhiteSpace(System.String) ldc.i4.0 <null> ceq <null> stloc.s V_6 ldloc.s V_6 brfalse IL_00A7: nop nop <null> ldstr iwVDoFuX5ITAZeJTK5.DJ7qMikmMPgaHZstIm stloc.s V_7 ldloc.s V_5 ldloc.s V_7 callvirt System.Type System.Reflection.Assembly::GetType(System.String) stloc.s V_8 ldloc.s V_8 callvirt System.String System.Type::get_FullName() call System.Boolean System.String::IsNullOrEmpty(System.String) ldc.i4.0 <null> ceq <null> stloc.s V_9 ldloc.s V_9 brfalse IL_00A6: nop nop <null> ldloc.s V_8 ldstr ogKh3KHkk ldc.i4 256 ldnull <null> ldnull <null> ldnull <null> callvirt System.Object System.Type::InvokeMember(System.String,System.Reflection.BindingFlags,System.Reflection.Binder,System.Object,System.Object[]) pop <null> nop <null> nop <null> nop <null> nop <null> ret <null>
Module Name

Aikmlov.exe
Full Name

Aikmlov.exe
EntryPoint

System.Void Veehfjvp.Cazapjpioaa::Main()
Scope Name

Aikmlov.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Aikmlov
Assembly Version

1.0.5207.20762
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

4890
Main Method

System.Void Veehfjvp.Cazapjpioaa::Main()
Main IL Instruction Count

75
Main IL

nop <null> ldnull <null> stloc.0 <null> br IL_001E: ldc.i4.1 nop <null> nop <null> call System.Byte[] Veehfjvp.Properties.Ewcdhfulzyu::get_Cscfg() stloc.0 <null> leave IL_0022: ldloc.0 pop <null> nop <null> nop <null> leave IL_001D: nop nop <null> ldc.i4.1 <null> stloc.1 <null> br.s IL_0008: nop ldloc.0 <null> ldnull <null> cgt.un <null> stloc.2 <null> ldloc.2 <null> brfalse IL_00A9: ret nop <null> ldloc.0 <null> call System.Byte[] Veehfjvp.Cazapjpioaa::Irhvfpz(System.Byte[]) stloc.3 <null> ldloc.3 <null> ldlen <null> ldc.i4.0 <null> cgt.un <null> stloc.s V_4 ldloc.s V_4 brfalse IL_00A8: nop nop <null> ldloc.3 <null> call System.Reflection.Assembly System.Reflection.Assembly::Load(System.Byte[]) stloc.s V_5 ldloc.s V_5 callvirt System.String System.Reflection.Assembly::get_CodeBase() call System.Boolean System.String::IsNullOrWhiteSpace(System.String) ldc.i4.0 <null> ceq <null> stloc.s V_6 ldloc.s V_6 brfalse IL_00A7: nop nop <null> ldstr iwVDoFuX5ITAZeJTK5.DJ7qMikmMPgaHZstIm stloc.s V_7 ldloc.s V_5 ldloc.s V_7 callvirt System.Type System.Reflection.Assembly::GetType(System.String) stloc.s V_8 ldloc.s V_8 callvirt System.String System.Type::get_FullName() call System.Boolean System.String::IsNullOrEmpty(System.String) ldc.i4.0 <null> ceq <null> stloc.s V_9 ldloc.s V_9 brfalse IL_00A6: nop nop <null> ldloc.s V_8 ldstr ogKh3KHkk ldc.i4 256 ldnull <null> ldnull <null> ldnull <null> callvirt System.Object System.Type::InvokeMember(System.String,System.Reflection.BindingFlags,System.Reflection.Binder,System.Object,System.Object[]) pop <null> nop <null> nop <null> nop <null> nop <null> ret <null>
09d4d202ad31f235146bcdb152dfd73f (1.83 MB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙