Malicious
Malicious

1035b77776b556ed8d377c740ae0a91a

PE Executable
|
MD5: 1035b77776b556ed8d377c740ae0a91a
|
Size: 1.58 MB
|
application/x-dosexec

Print
Infection Chain
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very high

Hash
 Hash Value
MD5
1035b77776b556ed8d377c740ae0a91a
Sha1
27428a8978374b0558f45f62dca22c20dc01d057
Sha256
107e5d98e41c2de3fc4d8844c85e6ccb2af6d35414a6b958eb39cb3feed64854
Sha384
6b10b666c3226f1c94f563229b5f3acbbc2c45cfb11eb63c6e5a59021aa835f4abb13d7655b0c1640ced8f62c9c79dd7
Sha512
258d5b9747500b65caeb0e1a9cb3981ad87b44c15cd48156ba3031fce01f187c6caf1a4754c3471d800839340645efcc75c40380f4de8e4a5e6535bc92277a63
SSDeep
12288:kcuWWhW3ive+MGQaA6uKEPk39wM6cS+sYr+U7HJmC4f25Kh7j3jsKZgdUf8I741o:CWWhW7GQr+L4UjwBfoMZgdI8CQ62q
TLSH
46758C027E448E01F41913B3C2EF465847B4A88166A6E32B7DBA777E65123A73C4DDCB

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
1035b77776b556ed8d377c740ae0a91a
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
.Net Resources
dISrRpN7h9soul3yA4.qN6oC4UXHOoadNaMmc
2dklNsrlJLAmuo1ZU3.NlLSkhgp6B1ewqfDrn
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

44ja1MMC85QPgnDqzOUNnDhyq0ihKsJLne990
Full Name

44ja1MMC85QPgnDqzOUNnDhyq0ihKsJLne990
EntryPoint

System.Void zgjqsqYrlS4wcZduY38.kllqvfYh5kbDI3wbaGg::l6sdlvNOZm()
Scope Name

44ja1MMC85QPgnDqzOUNnDhyq0ihKsJLne990
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

UeXQnZM4PqQPkspyK1XvtBop1PwEmBoDz
Assembly Version

1.8.8.8
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

63
Main Method

System.Void zgjqsqYrlS4wcZduY38.kllqvfYh5kbDI3wbaGg::l6sdlvNOZm()
Main IL Instruction Count

14
Main IL

br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull call System.Void ePf60JdeOBYMhQ9sDMT.RhuWfgd4vSs9bvov7H8::kLjw4iIsCLsZtxc4lksN0j() nop <null> ldsfld System.Object zgjqsqYrlS4wcZduY38.kllqvfYh5kbDI3wbaGg::c1Rd7itZmu callvirt System.Void rUN4AYY4p96yVCNDBu8.VvsOC2YX671pVvj2t6o::LifaJVt37q() nop <null> ret <null>
Module Name

44ja1MMC85QPgnDqzOUNnDhyq0ihKsJLne990
Full Name

44ja1MMC85QPgnDqzOUNnDhyq0ihKsJLne990
EntryPoint

System.Void zgjqsqYrlS4wcZduY38.kllqvfYh5kbDI3wbaGg::l6sdlvNOZm()
Scope Name

44ja1MMC85QPgnDqzOUNnDhyq0ihKsJLne990
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

UeXQnZM4PqQPkspyK1XvtBop1PwEmBoDz
Assembly Version

1.8.8.8
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

63
Main Method

System.Void zgjqsqYrlS4wcZduY38.kllqvfYh5kbDI3wbaGg::l6sdlvNOZm()
Main IL Instruction Count

14
Main IL

br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull call System.Void ePf60JdeOBYMhQ9sDMT.RhuWfgd4vSs9bvov7H8::kLjw4iIsCLsZtxc4lksN0j() nop <null> ldsfld System.Object zgjqsqYrlS4wcZduY38.kllqvfYh5kbDI3wbaGg::c1Rd7itZmu callvirt System.Void rUN4AYY4p96yVCNDBu8.VvsOC2YX671pVvj2t6o::LifaJVt37q() nop <null> ret <null>
1035b77776b556ed8d377c740ae0a91a (1.58 MB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙