Malicious
Malicious

12c98e1e800ae21b28b869428d8b17b7

PE Executable
|
MD5: 12c98e1e800ae21b28b869428d8b17b7
|
Size: 846.85 KB
|
application/x-dosexec

Infection Chain
Summary by MalvaGPT
Characteristics

Symbol Obfuscation Score

Very high

Hash
 Hash Value
MD5
12c98e1e800ae21b28b869428d8b17b7
Sha1
42fa745418dcc48901100ebbabdff89f2b578bba
Sha256
fd143774daea49447ddd9c344fda8562da66bce8c18f49d6d301b55bde5c2d4a
Sha384
e7d0cd34a567b82173830514228914170f8869191509e0d3d89abe880c75457d1cae9fdfabacf3e78271dd080b024aa7
Sha512
b633e1d47a4ae9edb846fb2aad943df0a5f35dd27f8957f5d672da8e0ce54ee8b24a6814b21c789479683e0339efb1ca337d18d10c3f7bbe9f9987963a58b878
SSDeep
12288:TPsnSOklUxcnwxYQiZMYiJrqhMmR/dpwHJ4pyD4yKhUMsXYg+ljp:Tj3lUxcDQimeXCyyWUMfg+Vp
TLSH
4C05E6027E44CA52F0091273C2EF454847B0E9516BA6E32B7DBA77BE5512397BC0DACB

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
12c98e1e800ae21b28b869428d8b17b7
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
.Net Resources
LaUUVNx5A4g9lektsN.Zgvkam0cfqMK7orh9L
na5yW8LaoumEEI3LKT.5wGSJO4QxWBVxP9vmS
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

VSTNthn1GZt2Ek6RVD1ePt4o0wk5df
Full Name

VSTNthn1GZt2Ek6RVD1ePt4o0wk5df
EntryPoint

System.Void Inqmlf6DripsZBxLQY2.MWl1496W8Qum1HZNwfL::U7YvrpO9rb()
Scope Name

VSTNthn1GZt2Ek6RVD1ePt4o0wk5df
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

EgKgKR18
Assembly Version

4.3.9.3
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

63
Main Method

System.Void Inqmlf6DripsZBxLQY2.MWl1496W8Qum1HZNwfL::U7YvrpO9rb()
Main IL Instruction Count

14
Main IL

br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull call System.Void cKy0TPRnjkw9yXW425F.urjV0FRdsYYPbWOu2oN::kLjw4iIsCLsZtxc4lksN0j() nop <null> ldsfld System.Object Inqmlf6DripsZBxLQY2.MWl1496W8Qum1HZNwfL::DeRvDSEky1 callvirt System.Void NnJfN76d63AfxnAV5gI.VuCa4s6JT9G5LK0UQFK::ak402qvSUW() nop <null> ret <null>
Module Name

VSTNthn1GZt2Ek6RVD1ePt4o0wk5df
Full Name

VSTNthn1GZt2Ek6RVD1ePt4o0wk5df
EntryPoint

System.Void Inqmlf6DripsZBxLQY2.MWl1496W8Qum1HZNwfL::U7YvrpO9rb()
Scope Name

VSTNthn1GZt2Ek6RVD1ePt4o0wk5df
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

EgKgKR18
Assembly Version

4.3.9.3
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

63
Main Method

System.Void Inqmlf6DripsZBxLQY2.MWl1496W8Qum1HZNwfL::U7YvrpO9rb()
Main IL Instruction Count

14
Main IL

br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull call System.Void cKy0TPRnjkw9yXW425F.urjV0FRdsYYPbWOu2oN::kLjw4iIsCLsZtxc4lksN0j() nop <null> ldsfld System.Object Inqmlf6DripsZBxLQY2.MWl1496W8Qum1HZNwfL::DeRvDSEky1 callvirt System.Void NnJfN76d63AfxnAV5gI.VuCa4s6JT9G5LK0UQFK::ak402qvSUW() nop <null> ret <null>
12c98e1e800ae21b28b869428d8b17b7 (846.85 KB)
File Structure
12c98e1e800ae21b28b869428d8b17b7
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
.Net Resources
LaUUVNx5A4g9lektsN.Zgvkam0cfqMK7orh9L
na5yW8LaoumEEI3LKT.5wGSJO4QxWBVxP9vmS
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙