Malicious
Malicious

1a7875e8687ba510645595d66fca835f

PE Executable
|
MD5: 1a7875e8687ba510645595d66fca835f
|
Size: 722.94 KB
|
application/x-dosexec

Infection Chain
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

High

Hash
 Hash Value
MD5
1a7875e8687ba510645595d66fca835f
Sha1
568b84b937966af15ebdf4e60781986170da08e4
Sha256
442ce68e17af6b391f004c0871e10f57a226ac047468150cc89e109311444e41
Sha384
7279456f153cc91ce059fa87ff6f05bc1545407a3210a0571de8322e169e10c0d3fe250fbdde65c6546faf32a3471f55
Sha512
f28925ef626bb102e0f63e0d2b5dccea81009598fa7cc2d6ce94f2b9780df90e1e708217cda6878c4863b452d088307fee92663ca2cb632e97a0d39bf413dc36
SSDeep
12288:+JwexOeH62t9yOa3fQjOmCCJ+SgKweGPh1TEuYZw/nv5DkANaiokk0kswOdj1NJB:cwPea23B6SOmxdgKDGPUZSuem5Odj9OK
TLSH
35F4238237C7A390C58943B6C0D759102BE2F7AB6A7BE74A768823D40A237D57503B5F

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
1a7875e8687ba510645595d66fca835f
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
VirtualFormatter.StackDecryptor
Swojaf.g.resources
aR3nbf8dQp2feLmk31.lSfgApatkdxsVcGcrktoFd.resources
$this.Icon
[NBF]root.IconData
progressBar1.Modifiers
$this.Language
$this.GridSize
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

Swojaf.exe
Full Name

Swojaf.exe
EntryPoint

System.Void Swojaf.Structures.StructSummarizer::FilterStruct()
Scope Name

Swojaf.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Swojaf
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

40
Main Method

System.Void Swojaf.Structures.StructSummarizer::FilterStruct()
Main IL Instruction Count

3
Main IL

newobj System.Void Swojaf.Factories.AllocatorFactory::.ctor() call System.Void Swojaf.Factories.AllocatorFactory::CreateCombinedFactory() ret <null>
Module Name

Swojaf.exe
Full Name

Swojaf.exe
EntryPoint

System.Void Swojaf.Structures.StructSummarizer::FilterStruct()
Scope Name

Swojaf.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Swojaf
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

40
Main Method

System.Void Swojaf.Structures.StructSummarizer::FilterStruct()
Main IL Instruction Count

3
Main IL

newobj System.Void Swojaf.Factories.AllocatorFactory::.ctor() call System.Void Swojaf.Factories.AllocatorFactory::CreateCombinedFactory() ret <null>
1a7875e8687ba510645595d66fca835f (722.94 KB)
File Structure
1a7875e8687ba510645595d66fca835f
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
VirtualFormatter.StackDecryptor
Swojaf.g.resources
aR3nbf8dQp2feLmk31.lSfgApatkdxsVcGcrktoFd.resources
$this.Icon
[NBF]root.IconData
progressBar1.Modifiers
$this.Language
$this.GridSize
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙