Symbol Obfuscation Score
|
Hash | Hash Value |
|---|---|
| MD5 | 0c78720e1c3df66ab5a7c60a9e0c8502
|
| Sha1 | 8a3a3cc15f5035a772abcb15c01980c16df34d38
|
| Sha256 | 4694ccf2399010c0e069f481e3471745dfe0a4f72003ed476ecf86b7b6b4ef7f
|
| Sha384 | 95292cd6aed40c9ae7cde31392abad8bfa97687ac605003cc3c3318f46b6d143e1ffc3296cd87fda9ea37e0ac753b19f
|
| Sha512 | f8c042835dec3d209815082dacb624d1462787000232568d49d5b6392f7dd491e736900107774ebb38ffac3fa02892e8dc31a54d2fe4ab04f9b2c98fd492da43
|
| SSDeep | 24576:v7BHPDMz0ok523j1IKiEvO/3vtQsnHhIe8:v7BHPD543BdG/3vhnie8
|
| TLSH | 16252336F11E5636E307E27B00A59342F317BB5E2E275696494E11A8C737BFE030A693
|
PeID
|
Name | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Module Name | wmisect_bytepressed.exe |
| Full Name | wmisect_bytepressed.exe |
| EntryPoint | System.Int32 <Module>::Main(System.String[]) |
| Scope Name | wmisect_bytepressed.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | wmisect_bytepressed |
| Assembly Version | 6.2.19041.3758 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | <null> |
| Total Strings | 1 |
| Main Method | System.Int32 <Module>::Main(System.String[]) |
| Main IL Instruction Count | 103 |
| Main IL | ldc.i4 245632 pop <null> ldc.i4 245632 newarr System.UInt32 dup <null> ldtoken <Module>/DataType <Module>::DataField call System.Void System.Runtime.CompilerServices.RuntimeHelpers::InitializeArray(System.Array,System.RuntimeFieldHandle) stloc.0 <null> call System.Reflection.Assembly System.Reflection.Assembly::GetExecutingAssembly() stloc.1 <null> ldloc.1 <null> callvirt System.Reflection.Module System.Reflection.Assembly::get_ManifestModule() stloc.2 <null> ldloc.0 <null> ldc.i4 440016110 call System.Runtime.InteropServices.GCHandle <Module>::Decrypt(System.UInt32[],System.UInt32) stloc.3 <null> ldloca.s V_3 call System.Object System.Runtime.InteropServices.GCHandle::get_Target() castclass System.Byte[] stloc.s V_4 ldloc.1 <null> ldstr koi ldloc.s V_4 callvirt System.Reflection.Module System.Reflection.Assembly::LoadModule(System.String,System.Byte[]) stloc.s V_5 ldloc.s V_4 ldc.i4.0 <null> ldloc.s V_4 ldlen <null> conv.i4 <null> call System.Void System.Array::Clear(System.Array,System.Int32,System.Int32) ldloca.s V_3 call System.Void System.Runtime.InteropServices.GCHandle::Free() ldloc.0 <null> ldc.i4.0 <null> ldloc.0 <null> ldlen <null> conv.i4 <null> call System.Void System.Array::Clear(System.Array,System.Int32,System.Int32) ldloc.2 <null> ldc.i4 285212673 callvirt System.Byte[] System.Reflection.Module::ResolveSignature(System.Int32) stsfld System.Byte[] <Module>::key call System.AppDomain System.AppDomain::get_CurrentDomain() ldnull <null> ldftn System.Reflection.Assembly <Module>::Resolve(System.Object,System.ResolveEventArgs) newobj System.Void System.ResolveEventHandler::.ctor(System.Object,System.IntPtr) callvirt System.Void System.AppDomain::add_AssemblyResolve(System.ResolveEventHandler) ldloc.s V_5 callvirt System.Type[] System.Reflection.Module::GetTypes() pop <null> ldloc.s V_5 ldsfld System.Byte[] <Module>::key ldc.i4.0 <null> ldelem.u1 <null> ldsfld System.Byte[] <Module>::key ldc.i4.1 <null> ldelem.u1 <null> ldc.i4.8 <null> shl <null> or <null> ldsfld System.Byte[] <Module>::key ldc.i4.2 <null> ldelem.u1 <null> ldc.i4.s 16 shl <null> or <null> ldsfld System.Byte[] <Module>::key ldc.i4.3 <null> ldelem.u1 <null> ldc.i4.s 24 shl <null> or <null> callvirt System.Reflection.MethodBase System.Reflection.Module::ResolveMethod(System.Int32) stloc.s V_6 ldloc.s V_6 callvirt System.Reflection.ParameterInfo[] System.Reflection.MethodBase::GetParameters() ldlen <null> conv.i4 <null> newarr System.Object stloc.s V_7 ldloc.s V_7 ldlen <null> conv.i4 <null> brfalse.s IL_00E8: ldloc.s V_6 ldloc.s V_7 ldc.i4.0 <null> ldarg.0 <null> stelem.ref <null> ldloc.s V_6 ldnull <null> ldloc.s V_7 callvirt System.Object System.Reflection.MethodBase::Invoke(System.Object,System.Object[]) stloc.s V_8 ldloc.s V_8 isinst System.Int32 brfalse.s IL_0105: ldc.i4.0 ldloc.s V_8 unbox.any System.Int32 ret <null> ldc.i4.0 <null> ret <null> |
| Module Name | wmisect_bytepressed.exe |
| Full Name | wmisect_bytepressed.exe |
| EntryPoint | System.Int32 <Module>::Main(System.String[]) |
| Scope Name | wmisect_bytepressed.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | wmisect_bytepressed |
| Assembly Version | 6.2.19041.3758 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | <null> |
| Total Strings | 1 |
| Main Method | System.Int32 <Module>::Main(System.String[]) |
| Main IL Instruction Count | 103 |
| Main IL | ldc.i4 245632 pop <null> ldc.i4 245632 newarr System.UInt32 dup <null> ldtoken <Module>/DataType <Module>::DataField call System.Void System.Runtime.CompilerServices.RuntimeHelpers::InitializeArray(System.Array,System.RuntimeFieldHandle) stloc.0 <null> call System.Reflection.Assembly System.Reflection.Assembly::GetExecutingAssembly() stloc.1 <null> ldloc.1 <null> callvirt System.Reflection.Module System.Reflection.Assembly::get_ManifestModule() stloc.2 <null> ldloc.0 <null> ldc.i4 440016110 call System.Runtime.InteropServices.GCHandle <Module>::Decrypt(System.UInt32[],System.UInt32) stloc.3 <null> ldloca.s V_3 call System.Object System.Runtime.InteropServices.GCHandle::get_Target() castclass System.Byte[] stloc.s V_4 ldloc.1 <null> ldstr koi ldloc.s V_4 callvirt System.Reflection.Module System.Reflection.Assembly::LoadModule(System.String,System.Byte[]) stloc.s V_5 ldloc.s V_4 ldc.i4.0 <null> ldloc.s V_4 ldlen <null> conv.i4 <null> call System.Void System.Array::Clear(System.Array,System.Int32,System.Int32) ldloca.s V_3 call System.Void System.Runtime.InteropServices.GCHandle::Free() ldloc.0 <null> ldc.i4.0 <null> ldloc.0 <null> ldlen <null> conv.i4 <null> call System.Void System.Array::Clear(System.Array,System.Int32,System.Int32) ldloc.2 <null> ldc.i4 285212673 callvirt System.Byte[] System.Reflection.Module::ResolveSignature(System.Int32) stsfld System.Byte[] <Module>::key call System.AppDomain System.AppDomain::get_CurrentDomain() ldnull <null> ldftn System.Reflection.Assembly <Module>::Resolve(System.Object,System.ResolveEventArgs) newobj System.Void System.ResolveEventHandler::.ctor(System.Object,System.IntPtr) callvirt System.Void System.AppDomain::add_AssemblyResolve(System.ResolveEventHandler) ldloc.s V_5 callvirt System.Type[] System.Reflection.Module::GetTypes() pop <null> ldloc.s V_5 ldsfld System.Byte[] <Module>::key ldc.i4.0 <null> ldelem.u1 <null> ldsfld System.Byte[] <Module>::key ldc.i4.1 <null> ldelem.u1 <null> ldc.i4.8 <null> shl <null> or <null> ldsfld System.Byte[] <Module>::key ldc.i4.2 <null> ldelem.u1 <null> ldc.i4.s 16 shl <null> or <null> ldsfld System.Byte[] <Module>::key ldc.i4.3 <null> ldelem.u1 <null> ldc.i4.s 24 shl <null> or <null> callvirt System.Reflection.MethodBase System.Reflection.Module::ResolveMethod(System.Int32) stloc.s V_6 ldloc.s V_6 callvirt System.Reflection.ParameterInfo[] System.Reflection.MethodBase::GetParameters() ldlen <null> conv.i4 <null> newarr System.Object stloc.s V_7 ldloc.s V_7 ldlen <null> conv.i4 <null> brfalse.s IL_00E8: ldloc.s V_6 ldloc.s V_7 ldc.i4.0 <null> ldarg.0 <null> stelem.ref <null> ldloc.s V_6 ldnull <null> ldloc.s V_7 callvirt System.Object System.Reflection.MethodBase::Invoke(System.Object,System.Object[]) stloc.s V_8 ldloc.s V_8 isinst System.Int32 brfalse.s IL_0105: ldc.i4.0 ldloc.s V_8 unbox.any System.Int32 ret <null> ldc.i4.0 <null> ret <null> |