Suspect
1be11e45dbf13bafed173cc7b16b1a08
PE Executable | MD5: 1be11e45dbf13bafed173cc7b16b1a08 | Size: 564.74 KB | application/x-dosexec
PE Executable
MD5: 1be11e45dbf13bafed173cc7b16b1a08
Size: 564.74 KB
application/x-dosexec
Summary by MalvaGPT
Characteristics
Symbol Ofbuscation Score
Very high
|
Hash | Hash Value |
|---|---|
| MD5 | 1be11e45dbf13bafed173cc7b16b1a08
|
| Sha1 | fa0cb4039df64094bc8653e72c3939428efacfee
|
| Sha256 | 35ec950215ab50445813e2babef90dafe6c2f7e6dd4e8a70418cb48ab61358ea
|
| Sha384 | c10ab9a274cb16e667929fd55a7109d90be000c5f21323f2533966dc061ccf9cb337208a563c15b1f1dbd8a75321a738
|
| Sha512 | 93f22fc93a575c43f9ab70bb2672d8d72c928115379038dc05f0f0e81b90a8d0f6a2d61804200519445fae16af1a74529d45ebec9851f1318fe9301161e5c055
|
| SSDeep | 12288:G1cJ2M9h5SbZospYljiI5C7s+3sPoUmlm28n+wf1mcJNOYuXaE:sGV5SNBpYljiI7+czm42uIM+
|
| TLSH | 70C4234226AC9622C49B94BF8EF6E0D211F0F314A830CE34115B8B9B7767F6CD94E6D5
|
PeID
.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
Informations
|
Name0 | Value |
|---|---|
| Module Name | Hypgkdn.exe |
| Full Name | Hypgkdn.exe |
| EntryPoint | System.Void Hypgkdn.Cgcmy::Main() |
| Scope Name | Hypgkdn.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Hypgkdn |
| Assembly Version | 1.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.0 |
| Total Strings | 4 |
| Main Method | System.Void Hypgkdn.Cgcmy::Main() |
| Main IL Instruction Count | 2 |
| Main IL | call System.Void Hypgkdn.D.Qcsofivqiru::Geoqnqrqoop() ret <null> |
| Module Name | Hypgkdn.exe |
| Full Name | Hypgkdn.exe |
| EntryPoint | System.Void Hypgkdn.Cgcmy::Main() |
| Scope Name | Hypgkdn.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Hypgkdn |
| Assembly Version | 1.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.0 |
| Total Strings | 4 |
| Main Method | System.Void Hypgkdn.Cgcmy::Main() |
| Main IL Instruction Count | 2 |
| Main IL | call System.Void Hypgkdn.D.Qcsofivqiru::Geoqnqrqoop() ret <null> |
Artefacts
|
Name0 | Value |
|---|---|
| Embedded Resources | 0 |
| Suspicious Type Names (1-2 chars) | 0 |
1be11e45dbf13bafed173cc7b16b1a08 (564.74 KB)
File Structure
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
Characteristics
No malware configuration were found at this point.
Artefacts
|
Name0 | Value | Location |
|---|---|---|
| Embedded Resources | 0 |
1be11e45dbf13bafed173cc7b16b1a08 |
| Suspicious Type Names (1-2 chars) | 0 |
1be11e45dbf13bafed173cc7b16b1a08 |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.