Malicious
Malicious

15e762f40cb669c5bf7a5db7680c0bfe

PE Executable
|
MD5: 15e762f40cb669c5bf7a5db7680c0bfe
|
Size: 830.98 KB
|
application/x-dosexec

Infection Chain
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very high

Hash
 Hash Value
MD5
15e762f40cb669c5bf7a5db7680c0bfe
Sha1
c480b5f1dcdabd6fa698f39db98ddfc27a1c9d44
Sha256
7b3be163d17d29553678d1621a2f9c4f9a51f6ea2eaf1d9ddecf873f8879ef60
Sha384
b564c6c2ed2cf5034bb1bd76a3ad881165e482065e264c2ddd432a4b6971f56ea86730498447a7678c38f45716fda528
Sha512
df12211ed0a22597dc10e139bec851cfd32727ba46daa5bda139690271ae913842740437e1aa2323e3b1c3a464f0cdb162d1258293b3e3f570076d2b92d6946b
SSDeep
24576:zefKmdgt9BnovnZc+gNaENPmjaddztTI+:zey1BnovZcDNBPmjYlh
TLSH
5705E01AE256035ED45756B0A0BF3D71CF97AF83263EFE993A847A4C07F21828E15709

PeID

Microsoft Visual C++ v6.0 DLL
File Structure
15e762f40cb669c5bf7a5db7680c0bfe
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_ICON
ID:0002
ID:0
ID:0003
ID:0
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
JJbPVZ4jr3OVvf4fmM.HXbvKgls2v3ieZt3XU
qfQxggb6j0se48N689.OZlHQ8m3lMkRwlJDAY
BI11.g.resources
aR3nbf8dQp2feLmk31.lSfgApatkdxsVcGcrktoFd.resources
$this.Icon
[NBF]root.IconData
progressBar1.Modifiers
$this.Language
$this.GridSize
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

BI11.exe
Full Name

BI11.exe
EntryPoint

System.Void blPMfKftKL7QQwq1YM.DXh638y2wPMQhsaTeq::WgsqI8Xh6(System.String[])
Scope Name

BI11.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

BI11
Assembly Version

0.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

<null>
Total Strings

26
Main Method

System.Void blPMfKftKL7QQwq1YM.DXh638y2wPMQhsaTeq::WgsqI8Xh6(System.String[])
Main IL Instruction Count

15
Main IL

br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull ldc.i4 0 call System.String W033Ypb8Qr3rPNaAQ7.EKLlsOnRgCMKr5crMq::K5xQQek1ad(System.Int32) call System.Void blPMfKftKL7QQwq1YM.DXh638y2wPMQhsaTeq::v82iwPMQh(System.Object) leave IL_0028: ret pop <null> leave IL_0028: ret ret <null>
15e762f40cb669c5bf7a5db7680c0bfe (830.98 KB)
File Structure
15e762f40cb669c5bf7a5db7680c0bfe
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_ICON
ID:0002
ID:0
ID:0003
ID:0
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
JJbPVZ4jr3OVvf4fmM.HXbvKgls2v3ieZt3XU
qfQxggb6j0se48N689.OZlHQ8m3lMkRwlJDAY
BI11.g.resources
aR3nbf8dQp2feLmk31.lSfgApatkdxsVcGcrktoFd.resources
$this.Icon
[NBF]root.IconData
progressBar1.Modifiers
$this.Language
$this.GridSize
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙