Suspicious
Suspect

0dac597b6859aa99817d874c097ca837

PE Executable
|
MD5: 0dac597b6859aa99817d874c097ca837
|
Size: 4.8 MB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Obfuscation Score

Low

Hash
 Hash Value
MD5
0dac597b6859aa99817d874c097ca837
Sha1
94171a836975fc88ca013d271c75559f617b024c
Sha256
2fa5db557d2570a7da19132facbd0c6c351d4714705f285b765ea9db86d7ff1e
Sha384
176b11584712c32126214fe35dd7986b99e394a72525f20beb55d826b332380f72fd831556d04574ce92092060426f06
Sha512
c2128e24cd59eed5fc2436d342c3a48cfde77d98b2e2c748e58f65cf7ed6631fb8b72c21ecaee6a2a330bb51ecc3027407d1e8ff9948c8aaa3fc66d28843c501
SSDeep
98304:UC4NmEaetz8SEL/RBul1g2Mamz8PopOnQFlByr78KsCq601CgG05P9y0o:UC4fgL/RO1/efp3Flo0JCqv1Cf0
TLSH
9626338F34A6C635FD5E1B3698DFA71520BFF9ED968F8A38910D16430B14AF0103B669

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
0dac597b6859aa99817d874c097ca837
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
ojynmmevxv.Resources
Microsoft Network Realtime Inspection Service.exe
Microsoft Windows Search protocol Host.exe
Realtek HD Audio Universal Service.exe
bypass cracked.exe
miner.exe
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

bypass cracked.exe
Full Name

bypass cracked.exe
EntryPoint

System.Void Program::Main()
Scope Name

bypass cracked.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

bypass cracked
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

<null>
Total Strings

13
Main Method

System.Void Program::Main()
Main IL Instruction Count

10
Main IL

ldc.i4 2000 call System.Void System.Threading.Thread::Sleep(System.Int32) call System.Boolean Program::CreateMutex() brtrue.s IL_001B: ldnull call System.Int32 System.Environment::get_ExitCode() call System.Void System.Environment::Exit(System.Int32) ldnull <null> call System.Object Program::WorkF(System.Object) pop <null> ret <null>
Module Name

bypass cracked.exe
Full Name

bypass cracked.exe
EntryPoint

System.Void Program::Main()
Scope Name

bypass cracked.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

bypass cracked
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

<null>
Total Strings

13
Main Method

System.Void Program::Main()
Main IL Instruction Count

10
Main IL

ldc.i4 2000 call System.Void System.Threading.Thread::Sleep(System.Int32) call System.Boolean Program::CreateMutex() brtrue.s IL_001B: ldnull call System.Int32 System.Environment::get_ExitCode() call System.Void System.Environment::Exit(System.Int32) ldnull <null> call System.Object Program::WorkF(System.Object) pop <null> ret <null>
0dac597b6859aa99817d874c097ca837 (4.8 MB)
File Structure
0dac597b6859aa99817d874c097ca837
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
ojynmmevxv.Resources
Microsoft Network Realtime Inspection Service.exe
Microsoft Windows Search protocol Host.exe
Realtek HD Audio Universal Service.exe
bypass cracked.exe
miner.exe
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙