0f02e596dbf04be3b1cac5106477e62d
PE Executable | MD5: 0f02e596dbf04be3b1cac5106477e62d | Size: 37.89 KB | application/x-dosexec
Symbol Obfuscation Score
|
Hash | Hash Value |
|---|---|
| MD5 | 0f02e596dbf04be3b1cac5106477e62d
|
| Sha1 | 631ea5e0f473e4a6274aca32efacb05dbdb74f52
|
| Sha256 | a78bb9de185f6096e2a2acb943c2257e0b10f8d14918b7e651d9532d972a8456
|
| Sha384 | 58516eed61475d2081a66a11cfbf3e97ca748075c367db613a3a5f7830cd7d3e2cc78afd1616d9f613fc690a69b7898d
|
| Sha512 | 70a2cde45e4e8d5e11878324224aeb3640dbb454f815a97a2d3ab75c38faa2c4feaa0bb2c546cf360f852d15869114bdb7b3441d6b5ff3328ae2d9f12690cc51
|
| SSDeep | 384:VansiDjT95hL5YyUvZ7vLOw4qYddlrAF+rMRTyN/0L+EcoinblneHQM3epzXUNrc:Evv5zUvZ7blYrlrM+rMRa8NuWmt
|
| TLSH | 22032A4D7FE1816CC5FD097B06B2D01207BBE04B6E23D91E8EE5649A37636C48B50AF2
|
PeID
|
Config. Field0 | Value |
|---|---|
| packet_size [b] | 5121 |
| BD [BD] | False |
| directory [DR] | TEMP |
| executable_name [EXE] | server.exe |
| cnc_host [HH] | fitness-locking.gl.at.ply.gg |
| is_dir_defined [Idr] | False |
| is_startup_folder [IsF] | False |
| is_user_reg [Isu] | False |
| NH [NH] | 0 |
| cnc_port [P] | 14523 |
| reg_key [RG] | 52cf72d1dc06023aceacc509009ce9a4 |
| reg_path [sf] | Software\Microsoft\Windows\CurrentVersion\Run |
| sizk | 20 |
| victim_name [VN] | HacKed |
| version [VR] | im523 |
| splitter [Y] | |'|'| |
| HD | False |
| anti [anti] | Exsample.exe |
| anti2 [anti2] | False |
| usb [usb] | False |
| usbx [usbx] | svchost.exe |
| task [task] | False |
|
Name0 | Value |
|---|---|
| Module Name | w.exe |
| Full Name | w.exe |
| EntryPoint | System.Void w.A::main() |
| Scope Name | w.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v2.0.50727 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | w |
| Assembly Version | 0.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | <null> |
| Total Strings | 338 |
| Main Method | System.Void w.A::main() |
| Main IL Instruction Count | 5 |
| Main IL | nop <null> call System.Void w.OK::ko() nop <null> nop <null> ret <null> |
| Module Name | w.exe |
| Full Name | w.exe |
| EntryPoint | System.Void w.A::main() |
| Scope Name | w.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v2.0.50727 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | w |
| Assembly Version | 0.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | <null> |
| Total Strings | 338 |
| Main Method | System.Void w.A::main() |
| Main IL Instruction Count | 5 |
| Main IL | nop <null> call System.Void w.OK::ko() nop <null> nop <null> ret <null> |
|
Name0 | Value |
|---|---|
| Port | 14523 |
|
Config. Field0 | Value |
|---|---|
| packet_size [b] | 5121 |
| BD [BD] | False |
| directory [DR] | TEMP |
| executable_name [EXE] | server.exe |
| cnc_host [HH] | fitness-locking.gl.at.ply.gg |
| is_dir_defined [Idr] | False |
| is_startup_folder [IsF] | False |
| is_user_reg [Isu] | False |
| NH [NH] | 0 |
| cnc_port [P] | 14523 |
| reg_key [RG] | 52cf72d1dc06023aceacc509009ce9a4 |
| reg_path [sf] | Software\Microsoft\Windows\CurrentVersion\Run |
| sizk | 20 |
| victim_name [VN] | HacKed |
| version [VR] | im523 |
| splitter [Y] | |'|'| |
| HD | False |
| anti [anti] | Exsample.exe |
| anti2 [anti2] | False |
| usb [usb] | False |
| usbx [usbx] | svchost.exe |
| task [task] | False |
|
Name0 | Value | Location |
|---|---|---|
| Port | 14523 Malicious |
0f02e596dbf04be3b1cac5106477e62d |