19125edc1d7688ba984abfeccf34b93e

PE Executable
|
MD5: 19125edc1d7688ba984abfeccf34b93e
|
Size: 1.36 MB
|
application/x-dosexec

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	19125edc1d7688ba984abfeccf34b93e
Sha1	bc1a40df5d28d274bd6d1dfaf1dacea5391ef0c2
Sha256	691939843feb83cbbeb6802fccb8d7ac8e6cbd7f7c676e5a9eb549353691db88
Sha384	ac08285fcf073d703b4421f3d9b9a762060c54f86000941dadac3dc0b3edbc282e68f1b9997511ecd67db2155df4d541
Sha512	4f45cdef3faee579c1b97fb265da04bacd1f54b5102127c507cd2be3218b49fc54704efb324489cc5df15ff251a7231db3f330ff783970d8a371843404897e48
SSDeep	24576:INF1icYGpoDcMCnRveYepqMKDmfC4KOSSn2c6G:OF181DgRveYkqM3fC41p2e
TLSH	1455BFE51EE43B51D17EFF314B7A0A7063FD79578E21CB89304723E69E2270698806E6

PeID

.NET executable

Microsoft Visual C# / Basic .NET

Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL

Microsoft Visual C# v7.0 / Basic .NET

Microsoft Visual Studio .NET

File Structure

Informations

Name0	Value
Info	PE Detect: PeReader OK (file layout)
Module Name	pw1ZQ6gzfA5fC
Full Name	pw1ZQ6gzfA5fC
EntryPoint	System.Void pw1ZQ6gzfA5fC.jXx2q6Cs::bAn7Zt4kicM()
Scope Name	pw1ZQ6gzfA5fC
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	pw1ZQ6gzfA5fC
Assembly Version	18.11.14.201
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.6
Total Strings	2241
Main Method	System.Void pw1ZQ6gzfA5fC.jXx2q6Cs::bAn7Zt4kicM()
Main IL Instruction Count	73
Main IL	nop <null> ldtoken System.Windows.Forms.Application call System.Type System.Type::GetTypeFromHandle(System.RuntimeTypeHandle) stloc.0 <null> ldloc.0 <null> ldstr EnableVisualStyles ldc.i4.s 24 callvirt System.Reflection.MethodInfo System.Type::GetMethod(System.String,System.Reflection.BindingFlags) ldnull <null> ldnull <null> callvirt System.Object System.Reflection.MethodBase::Invoke(System.Object,System.Object[]) pop <null> ldloc.0 <null> ldstr SetCompatibleTextRenderingDefault ldc.i4.s 24 callvirt System.Reflection.MethodInfo System.Type::GetMethod(System.String,System.Reflection.BindingFlags) ldnull <null> ldc.i4.1 <null> newarr System.Object dup <null> ldc.i4.0 <null> ldc.i4.0 <null> box System.Boolean stelem.ref <null> callvirt System.Object System.Reflection.MethodBase::Invoke(System.Object,System.Object[]) pop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> call System.OperatingSystem System.Environment::get_OSVersion() callvirt System.Version System.OperatingSystem::get_Version() callvirt System.Int32 System.Version::get_Major() ldc.i4.6 <null> clt <null> ldc.i4.0 <null> ceq <null> stloc.1 <null> ldloc.1 <null> brfalse.s IL_0071: nop call System.Boolean pw1ZQ6gzfA5fC.jXx2q6Cs::Zo2ksXk1Yr4n8() pop <null> nop <null> nop <null> call System.Boolean pw1ZQ6gzfA5fC.jXx2q6Cs::sA_4Dd() ldc.i4.0 <null> ceq <null> stloc.2 <null> ldloc.2 <null> brfalse.s IL_0080: nop br.s IL_00B6: ret nop <null> nop <null> call System.Void pw1ZQ6gzfA5fC.jXx2q6Cs::kSr5n6M() nop <null> leave.s IL_00AF: nop dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.3 <null> nop <null> ldstr Application failed to start: ldloc.3 <null> callvirt System.String System.Exception::get_Message() call System.String System.String::Concat(System.String,System.String) call System.Void pw1ZQ6gzfA5fC.jXx2q6Cs::8z_Js6Sx9(System.String) nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_00AF: nop nop <null> call System.Void System.Windows.Forms.Application::Exit() nop <null> ret <null>
Module Name	pw1ZQ6gzfA5fC
Full Name	pw1ZQ6gzfA5fC
EntryPoint	System.Void pw1ZQ6gzfA5fC.jXx2q6Cs::bAn7Zt4kicM()
Scope Name	pw1ZQ6gzfA5fC
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	pw1ZQ6gzfA5fC
Assembly Version	18.11.14.201
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.6
Total Strings	2241
Main Method	System.Void pw1ZQ6gzfA5fC.jXx2q6Cs::bAn7Zt4kicM()
Main IL Instruction Count	73
Main IL	nop <null> ldtoken System.Windows.Forms.Application call System.Type System.Type::GetTypeFromHandle(System.RuntimeTypeHandle) stloc.0 <null> ldloc.0 <null> ldstr EnableVisualStyles ldc.i4.s 24 callvirt System.Reflection.MethodInfo System.Type::GetMethod(System.String,System.Reflection.BindingFlags) ldnull <null> ldnull <null> callvirt System.Object System.Reflection.MethodBase::Invoke(System.Object,System.Object[]) pop <null> ldloc.0 <null> ldstr SetCompatibleTextRenderingDefault ldc.i4.s 24 callvirt System.Reflection.MethodInfo System.Type::GetMethod(System.String,System.Reflection.BindingFlags) ldnull <null> ldc.i4.1 <null> newarr System.Object dup <null> ldc.i4.0 <null> ldc.i4.0 <null> box System.Boolean stelem.ref <null> callvirt System.Object System.Reflection.MethodBase::Invoke(System.Object,System.Object[]) pop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> call System.OperatingSystem System.Environment::get_OSVersion() callvirt System.Version System.OperatingSystem::get_Version() callvirt System.Int32 System.Version::get_Major() ldc.i4.6 <null> clt <null> ldc.i4.0 <null> ceq <null> stloc.1 <null> ldloc.1 <null> brfalse.s IL_0071: nop call System.Boolean pw1ZQ6gzfA5fC.jXx2q6Cs::Zo2ksXk1Yr4n8() pop <null> nop <null> nop <null> call System.Boolean pw1ZQ6gzfA5fC.jXx2q6Cs::sA_4Dd() ldc.i4.0 <null> ceq <null> stloc.2 <null> ldloc.2 <null> brfalse.s IL_0080: nop br.s IL_00B6: ret nop <null> nop <null> call System.Void pw1ZQ6gzfA5fC.jXx2q6Cs::kSr5n6M() nop <null> leave.s IL_00AF: nop dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.3 <null> nop <null> ldstr Application failed to start: ldloc.3 <null> callvirt System.String System.Exception::get_Message() call System.String System.String::Concat(System.String,System.String) call System.Void pw1ZQ6gzfA5fC.jXx2q6Cs::8z_Js6Sx9(System.String) nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_00AF: nop nop <null> call System.Void System.Windows.Forms.Application::Exit() nop <null> ret <null>

19125edc1d7688ba984abfeccf34b93e (1.36 MB)

File Structure

Characteristics

No malware configuration were found at this point.

You must be signed in to post a comment.

19125edc1d7688ba984abfeccf34b93e

PE Executable | MD5: 19125edc1d7688ba984abfeccf34b93e | Size: 1.36 MB | application/x-dosexec

PE Executable
|
MD5: 19125edc1d7688ba984abfeccf34b93e
|
Size: 1.36 MB
|
application/x-dosexec