11956ce2b8d603dd9edd106bdc31d20c

PE Executable
|
MD5: 11956ce2b8d603dd9edd106bdc31d20c
|
Size: 729.09 KB
|
application/x-dosexec

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	11956ce2b8d603dd9edd106bdc31d20c
Sha1	6678761967ad2f9ddd9bd282bd648cff348f4f8b
Sha256	3c70bd86849bc23186189bf40b89a9030195885a9b3d823145d9be423c5f8d15
Sha384	a3b9a227292edc13c107b739c3522b8a0b8c006474162487c88e2b76e3ef051dd8bcaf1cbc7de78432da773d571cb07c
Sha512	801e96e69ddd67a1f49002e0f058403bd8586e5e65a0a17945a11d99f4fb1a529c28c2c6d0854ca2b0238a4474caa2e4cbdffefc28bec2d9aff7b67dc431cad8
SSDeep	12288:l9SrBjqyYZbxL3XRgUZnhkGyNk8aFZGqs0zIElk4Ve:l9gBsZbxLmonhkVkXb9O
TLSH	6FF49D06E7D81B44F4BF537464729E248FF1B966E62DEA9E7F6840ED0912B80C807367

PeID

.NET executable

Microsoft Visual C# / Basic .NET

Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL

Microsoft Visual C# v7.0 / Basic .NET

Microsoft Visual Studio .NET

File Structure

Informations

Name0	Value
Info	PE Detect: PeReader OK (file layout)
Module Name	Ryw3aK4_H2nidF
Full Name	Ryw3aK4_H2nidF
EntryPoint	System.Void Ryw3aK4_H2nidF.1akYP6ymxE5wN/7NwcEn6e0.Xp8sn1eA_P4i::am4N2mCeJ5or()
Scope Name	Ryw3aK4_H2nidF
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	Ryw3aK4_H2nidF
Assembly Version	25.23.8.214
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.6
Total Strings	1290
Main Method	System.Void Ryw3aK4_H2nidF.1akYP6ymxE5wN/7NwcEn6e0.Xp8sn1eA_P4i::am4N2mCeJ5or()
Main IL Instruction Count	104
Main IL	nop <null> nop <null> newobj System.Void Ryw3aK4_H2nidF.1akYP6ymxE5wN::.ctor() stloc.0 <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> newobj System.Void System.Object::.ctor() ldnull <null> ldstr CreateTab ldc.i4.2 <null> newarr System.Object dup <null> ldc.i4.0 <null> ldstr segmen stelem.ref <null> dup <null> ldc.i4.1 <null> ldloc.0 <null> stelem.ref <null> dup <null> stloc.2 <null> ldnull <null> ldnull <null> ldc.i4.2 <null> newarr System.Boolean dup <null> ldc.i4.1 <null> ldc.i4.1 <null> stelem.i1 <null> dup <null> stloc.3 <null> call System.Object Microsoft.VisualBasic.CompilerServices.NewLateBinding::LateGet(System.Object,System.Type,System.String,System.Object[],System.String[],System.Type[],System.Boolean[]) stloc.s V_4 ldloc.3 <null> ldc.i4.1 <null> ldelem.u1 <null> brtrue.s IL_0049: ldloc.2 br.s IL_0066: ldloc.s V_4 ldloc.2 <null> ldc.i4.1 <null> ldelem.ref <null> call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) ldtoken Ryw3aK4_H2nidF.1akYP6ymxE5wN call System.Type System.Type::GetTypeFromHandle(System.RuntimeTypeHandle) call System.Object Microsoft.VisualBasic.CompilerServices.Conversions::ChangeType(System.Object,System.Type) castclass Ryw3aK4_H2nidF.1akYP6ymxE5wN stloc.0 <null> ldloc.s V_4 call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) stloc.1 <null> leave.s IL_00E5: nop dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.s V_5 nop <null> nop <null> ldc.i4 214 stloc.s V_6 br.s IL_00A9: ldloc.s V_6 ldloc.s V_6 ldc.i4.3 <null> mul.ovf <null> stloc.s V_6 ldloc.s V_6 ldc.i4.s 24 cgt <null> stloc.s V_8 ldloc.s V_8 brfalse.s IL_00A7: nop ldc.i4.s 24 stloc.s V_6 ldstr resources/s call System.Byte[] Ryw3aK4_H2nidF.8PeqLc6o1Rf/E_j6n8Mk0K.oRw4q::1xfHcS8i(System.String) stloc.s V_7 br.s IL_00B7: ldloc.s V_7 nop <null> nop <null> ldloc.s V_6 ldc.i4.s 24 rem <null> ldc.i4.0 <null> cgt.un <null> stloc.s V_9 ldloc.s V_9 brtrue.s IL_0083: ldloc.s V_6 ldloc.s V_7 castclass System.Byte[] call System.Void Ryw3aK4_H2nidF.bHe8r5Gz9ry/6EtnZj8xs4NoX.oa8QBmk4mP5bD::3ktXtoL0Ae8m(System.Byte[]) nop <null> ldc.i4.0 <null> call System.Void System.Environment::Exit(System.Int32) nop <null> leave.s IL_00DD: nop dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.s V_10 nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_00DD: nop nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_00E5: nop nop <null> ret <null>
Module Name	Ryw3aK4_H2nidF
Full Name	Ryw3aK4_H2nidF
EntryPoint	System.Void Ryw3aK4_H2nidF.1akYP6ymxE5wN/7NwcEn6e0.Xp8sn1eA_P4i::am4N2mCeJ5or()
Scope Name	Ryw3aK4_H2nidF
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	Ryw3aK4_H2nidF
Assembly Version	25.23.8.214
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.6
Total Strings	1290
Main Method	System.Void Ryw3aK4_H2nidF.1akYP6ymxE5wN/7NwcEn6e0.Xp8sn1eA_P4i::am4N2mCeJ5or()
Main IL Instruction Count	104
Main IL	nop <null> nop <null> newobj System.Void Ryw3aK4_H2nidF.1akYP6ymxE5wN::.ctor() stloc.0 <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> newobj System.Void System.Object::.ctor() ldnull <null> ldstr CreateTab ldc.i4.2 <null> newarr System.Object dup <null> ldc.i4.0 <null> ldstr segmen stelem.ref <null> dup <null> ldc.i4.1 <null> ldloc.0 <null> stelem.ref <null> dup <null> stloc.2 <null> ldnull <null> ldnull <null> ldc.i4.2 <null> newarr System.Boolean dup <null> ldc.i4.1 <null> ldc.i4.1 <null> stelem.i1 <null> dup <null> stloc.3 <null> call System.Object Microsoft.VisualBasic.CompilerServices.NewLateBinding::LateGet(System.Object,System.Type,System.String,System.Object[],System.String[],System.Type[],System.Boolean[]) stloc.s V_4 ldloc.3 <null> ldc.i4.1 <null> ldelem.u1 <null> brtrue.s IL_0049: ldloc.2 br.s IL_0066: ldloc.s V_4 ldloc.2 <null> ldc.i4.1 <null> ldelem.ref <null> call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) ldtoken Ryw3aK4_H2nidF.1akYP6ymxE5wN call System.Type System.Type::GetTypeFromHandle(System.RuntimeTypeHandle) call System.Object Microsoft.VisualBasic.CompilerServices.Conversions::ChangeType(System.Object,System.Type) castclass Ryw3aK4_H2nidF.1akYP6ymxE5wN stloc.0 <null> ldloc.s V_4 call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) stloc.1 <null> leave.s IL_00E5: nop dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.s V_5 nop <null> nop <null> ldc.i4 214 stloc.s V_6 br.s IL_00A9: ldloc.s V_6 ldloc.s V_6 ldc.i4.3 <null> mul.ovf <null> stloc.s V_6 ldloc.s V_6 ldc.i4.s 24 cgt <null> stloc.s V_8 ldloc.s V_8 brfalse.s IL_00A7: nop ldc.i4.s 24 stloc.s V_6 ldstr resources/s call System.Byte[] Ryw3aK4_H2nidF.8PeqLc6o1Rf/E_j6n8Mk0K.oRw4q::1xfHcS8i(System.String) stloc.s V_7 br.s IL_00B7: ldloc.s V_7 nop <null> nop <null> ldloc.s V_6 ldc.i4.s 24 rem <null> ldc.i4.0 <null> cgt.un <null> stloc.s V_9 ldloc.s V_9 brtrue.s IL_0083: ldloc.s V_6 ldloc.s V_7 castclass System.Byte[] call System.Void Ryw3aK4_H2nidF.bHe8r5Gz9ry/6EtnZj8xs4NoX.oa8QBmk4mP5bD::3ktXtoL0Ae8m(System.Byte[]) nop <null> ldc.i4.0 <null> call System.Void System.Environment::Exit(System.Int32) nop <null> leave.s IL_00DD: nop dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.s V_10 nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_00DD: nop nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_00E5: nop nop <null> ret <null>

11956ce2b8d603dd9edd106bdc31d20c (729.09 KB)

File Structure

Characteristics

No malware configuration were found at this point.

You must be signed in to post a comment.

11956ce2b8d603dd9edd106bdc31d20c

PE Executable | MD5: 11956ce2b8d603dd9edd106bdc31d20c | Size: 729.09 KB | application/x-dosexec

PE Executable
|
MD5: 11956ce2b8d603dd9edd106bdc31d20c
|
Size: 729.09 KB
|
application/x-dosexec