Symbol Obfuscation Score
|
Hash | Hash Value |
|---|---|
| MD5 | 1343d468105dce1f53bf2eddad30ad48
|
| Sha1 | 83cce969c6b6564d858ac21eaf6fc81e5cbe4449
|
| Sha256 | d0a14b62df8f9e028d68246a36a3823666306f5f648f8342e791ef2f391bc1bf
|
| Sha384 | 85be07ce096bc9defa05f5aea7dc1da0a244813cd3172c4fe01a2b01f8d1121bd740165718c2d2e9d63e3891d6231967
|
| Sha512 | fd915e7ce88a8b0747f44f66619569cfe4a197f52b28ddc40bc2474a07c9a75263de8cf2a67cbd11ecaca426e50e59d0a7fecba9952221b7a52ce7e453907a5a
|
| SSDeep | 384:WKmqvcN8CisyMKS2g5EyY/iawVV355XgXPyyJvrAF+rMRTyN/0L+EcoinblneHQ3:nTG5HY/ia4DoPyyVrM+rMRa8Nu62t
|
| TLSH | 7E032B4DBFE18168C5FE067B05B2D41207BAE10B6E13D90E8EE5649A37636C58F50EF2
|
PeID
|
Config. Field0 | Value |
|---|---|
| packet_size [b] | 5121 |
| BD [BD] | True |
| directory [DR] | WinDir |
| executable_name [EXE] | WindowsControlDefenderser.exe |
| cnc_host [HH] | 178.17.59.117 |
| is_dir_defined [Idr] | True |
| is_startup_folder [IsF] | True |
| is_user_reg [Isu] | True |
| NH [NH] | 0 |
| cnc_port [P] | 5552 |
| reg_key [RG] | 9d19f88c70525d292bfd4d6ad365102b |
| reg_path [sf] | Software\Microsoft\Windows\CurrentVersion\Run |
| sizk | 512 |
| victim_name [VN] | |
| version [VR] | im523 |
| splitter [Y] | |'|'| |
| HD | False |
| anti [anti] | Exsample.exe |
| anti2 [anti2] | False |
| usb [usb] | True |
| usbx [usbx] | MicrosoftCommonLanguageRuntimeNativeCompil.exe |
| task [task] | True |
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Module Name | w.exe |
| Full Name | w.exe |
| EntryPoint | System.Void w.A::main() |
| Scope Name | w.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v2.0.50727 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | w |
| Assembly Version | 0.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | <null> |
| Total Strings | 338 |
| Main Method | System.Void w.A::main() |
| Main IL Instruction Count | 5 |
| Main IL | nop <null> call System.Void w.OK::ko() nop <null> nop <null> ret <null> |
| Module Name | w.exe |
| Full Name | w.exe |
| EntryPoint | System.Void w.A::main() |
| Scope Name | w.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v2.0.50727 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | w |
| Assembly Version | 0.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | <null> |
| Total Strings | 338 |
| Main Method | System.Void w.A::main() |
| Main IL Instruction Count | 5 |
| Main IL | nop <null> call System.Void w.OK::ko() nop <null> nop <null> ret <null> |
|
Name0 | Value |
|---|---|
| Port | 5552 |
|
Config. Field0 | Value |
|---|---|
| packet_size [b] | 5121 |
| BD [BD] | True |
| directory [DR] | WinDir |
| executable_name [EXE] | WindowsControlDefenderser.exe |
| cnc_host [HH] | 178.17.59.117 |
| is_dir_defined [Idr] | True |
| is_startup_folder [IsF] | True |
| is_user_reg [Isu] | True |
| NH [NH] | 0 |
| cnc_port [P] | 5552 |
| reg_key [RG] | 9d19f88c70525d292bfd4d6ad365102b |
| reg_path [sf] | Software\Microsoft\Windows\CurrentVersion\Run |
| sizk | 512 |
| victim_name [VN] | |
| version [VR] | im523 |
| splitter [Y] | |'|'| |
| HD | False |
| anti [anti] | Exsample.exe |
| anti2 [anti2] | False |
| usb [usb] | True |
| usbx [usbx] | MicrosoftCommonLanguageRuntimeNativeCompil.exe |
| task [task] | True |
|
Name0 | Value | Location |
|---|---|---|
| Port | 5552 Malicious |
1343d468105dce1f53bf2eddad30ad48 |