Suspicious
Suspect

1d08262d0e0dc23aceda1b3f2571d348

PE Executable
|
MD5: 1d08262d0e0dc23aceda1b3f2571d348
|
Size: 1.21 MB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very high

Hash
 Hash Value
MD5
1d08262d0e0dc23aceda1b3f2571d348
Sha1
18831ccfdf4a31b9ea8e8009f4fc9d232541a9f4
Sha256
4e127a701662f80fbe2fca77c6bd93cfb1d5793d3fafeb762280141e3c0a8e38
Sha384
101a7f32116baff4c289fed4938a536ec7d8b4425f4bb77e6c6eafafbd5cb06caf1b418bf16aa803c3c52a9af44489cd
Sha512
d1a2cefd436b43bb838943baaa2403560d78766bc39b9b1a206623a3f3415a8cd08842ef3171a4dc6ea241e52fd6a23d780655ec43f2d510f28694fbac65ab33
SSDeep
12288:lvNaxYhRMykk7CdKdrBQvf5vkZH6UaijoXzWXh8jU1KcMtKZ5lM2B21KObA2jAxH:lFSqyOCdZuaijsC8jkVZ5l81KObW
TLSH
4745F22E1AD55BA0E0BD9F78B3B510A403F5B65F8712E77E6D8812E48F1138A65133B3

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
1d08262d0e0dc23aceda1b3f2571d348
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
Kairolytix.DTnolina
Wp7yb5Td.Resources.resources
caa03462245bf1.Resources.resources
c65d56ec0
[NBF]root.Data
c65d56ec1
[NBF]root.Data
c65d56ec10
[NBF]root.Data
c65d56ec11
[NBF]root.Data
c65d56ec12
[NBF]root.Data
c65d56ec13
[NBF]root.Data
c65d56ec14
[NBF]root.Data
c65d56ec15
[NBF]root.Data
c65d56ec16
[NBF]root.Data
c65d56ec17
[NBF]root.Data
c65d56ec18
[NBF]root.Data
c65d56ec19
[NBF]root.Data
c65d56ec2
[NBF]root.Data
c65d56ec20
[NBF]root.Data
c65d56ec21
[NBF]root.Data
c65d56ec22
[NBF]root.Data
c65d56ec23
[NBF]root.Data
c65d56ec24
[NBF]root.Data
c65d56ec25
[NBF]root.Data
c65d56ec26
[NBF]root.Data
c65d56ec27
[NBF]root.Data
c65d56ec28
[NBF]root.Data
c65d56ec29
[NBF]root.Data
c65d56ec3
[NBF]root.Data
c65d56ec30
[NBF]root.Data
c65d56ec31
[NBF]root.Data
c65d56ec32
[NBF]root.Data
c65d56ec33
[NBF]root.Data
c65d56ec34
[NBF]root.Data
c65d56ec35
[NBF]root.Data
c65d56ec36
[NBF]root.Data
c65d56ec37
[NBF]root.Data
c65d56ec38
[NBF]root.Data
c65d56ec39
[NBF]root.Data
c65d56ec4
[NBF]root.Data
c65d56ec5
[NBF]root.Data
c65d56ec6
[NBF]root.Data
c65d56ec7
[NBF]root.Data
c65d56ec8
[NBF]root.Data
c65d56ec9
[NBF]root.Data
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

Wp7yb5Td
Full Name

Wp7yb5Td
EntryPoint

System.Void Wp7yb5Td.Ysp1of7LE5::6Dywsd()
Scope Name

Wp7yb5Td
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Wp7yb5Td
Assembly Version

13.10.36.444
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

674
Main Method

System.Void Wp7yb5Td.Ysp1of7LE5::6Dywsd()
Main IL Instruction Count

87
Main IL

nop <null> nop <null> ldc.i4.s 25 stloc.0 <null> ldloc.0 <null> ldc.i4.s 23 add.ovf <null> ldc.i4.s 25 div <null> ldc.i4.s 25 mul.ovf <null> stloc.0 <null> ldloc.0 <null> ldc.i4.1 <null> sub.ovf <null> ldc.i4.1 <null> add.ovf <null> newarr System.Object stloc.1 <null> call System.Reflection.Assembly System.Reflection.Assembly::GetExecutingAssembly() callvirt System.String System.Reflection.Assembly::get_Location() call System.Diagnostics.FileVersionInfo System.Diagnostics.FileVersionInfo::GetVersionInfo(System.String) callvirt System.String System.Diagnostics.FileVersionInfo::get_FileVersion() stloc.2 <null> ldloc.2 <null> call System.Boolean System.String::IsNullOrEmpty(System.String) stloc.s V_7 ldloc.s V_7 brfalse.s IL_0042: ldc.i4.s 26 ldstr 1.0.0.0 stloc.2 <null> ldc.i4.s 26 call System.String System.Environment::GetFolderPath(System.Environment/SpecialFolder) ldstr SystemTools call System.String System.IO.Path::Combine(System.String,System.String) stloc.3 <null> ldloc.3 <null> call System.Boolean System.IO.Directory::Exists(System.String) ldc.i4.0 <null> ceq <null> stloc.s V_8 ldloc.s V_8 brfalse.s IL_006B: nop ldloc.3 <null> call System.IO.DirectoryInfo System.IO.Directory::CreateDirectory(System.String) pop <null> nop <null> nop <null> ldc.i4.s 80 call System.Void System.Threading.Thread::Sleep(System.Int32) nop <null> ldstr DTnolina stloc.s V_4 ldloc.s V_4 call System.Object Wp7yb5Td.Ysp1of7LE5::wn6DjFf35psXy(System.String) call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) stloc.s V_5 ldloc.s V_5 ldnull <null> ceq <null> stloc.s V_9 ldloc.s V_9 brfalse.s IL_0096: ldloc.s V_5 leave.s IL_00CC: nop ldloc.s V_5 call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) call System.Object Wp7yb5Td.Ysp1of7LE5::0snQD1isjpM(System.Object) call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) stloc.s V_6 ldloc.1 <null> ldloc.0 <null> ldc.i4.1 <null> sub.ovf <null> ldloc.s V_6 call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) stelem.ref <null> ldloc.1 <null> ldloc.0 <null> call System.Void Wp7yb5Td.Ysp1of7LE5::1Mdyr8pS5(System.Object[],System.Int32) nop <null> leave.s IL_00CC: nop call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_00CC: nop nop <null> ret <null>
Module Name

Wp7yb5Td
Full Name

Wp7yb5Td
EntryPoint

System.Void Wp7yb5Td.Ysp1of7LE5::6Dywsd()
Scope Name

Wp7yb5Td
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Wp7yb5Td
Assembly Version

13.10.36.444
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

674
Main Method

System.Void Wp7yb5Td.Ysp1of7LE5::6Dywsd()
Main IL Instruction Count

87
Main IL

nop <null> nop <null> ldc.i4.s 25 stloc.0 <null> ldloc.0 <null> ldc.i4.s 23 add.ovf <null> ldc.i4.s 25 div <null> ldc.i4.s 25 mul.ovf <null> stloc.0 <null> ldloc.0 <null> ldc.i4.1 <null> sub.ovf <null> ldc.i4.1 <null> add.ovf <null> newarr System.Object stloc.1 <null> call System.Reflection.Assembly System.Reflection.Assembly::GetExecutingAssembly() callvirt System.String System.Reflection.Assembly::get_Location() call System.Diagnostics.FileVersionInfo System.Diagnostics.FileVersionInfo::GetVersionInfo(System.String) callvirt System.String System.Diagnostics.FileVersionInfo::get_FileVersion() stloc.2 <null> ldloc.2 <null> call System.Boolean System.String::IsNullOrEmpty(System.String) stloc.s V_7 ldloc.s V_7 brfalse.s IL_0042: ldc.i4.s 26 ldstr 1.0.0.0 stloc.2 <null> ldc.i4.s 26 call System.String System.Environment::GetFolderPath(System.Environment/SpecialFolder) ldstr SystemTools call System.String System.IO.Path::Combine(System.String,System.String) stloc.3 <null> ldloc.3 <null> call System.Boolean System.IO.Directory::Exists(System.String) ldc.i4.0 <null> ceq <null> stloc.s V_8 ldloc.s V_8 brfalse.s IL_006B: nop ldloc.3 <null> call System.IO.DirectoryInfo System.IO.Directory::CreateDirectory(System.String) pop <null> nop <null> nop <null> ldc.i4.s 80 call System.Void System.Threading.Thread::Sleep(System.Int32) nop <null> ldstr DTnolina stloc.s V_4 ldloc.s V_4 call System.Object Wp7yb5Td.Ysp1of7LE5::wn6DjFf35psXy(System.String) call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) stloc.s V_5 ldloc.s V_5 ldnull <null> ceq <null> stloc.s V_9 ldloc.s V_9 brfalse.s IL_0096: ldloc.s V_5 leave.s IL_00CC: nop ldloc.s V_5 call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) call System.Object Wp7yb5Td.Ysp1of7LE5::0snQD1isjpM(System.Object) call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) stloc.s V_6 ldloc.1 <null> ldloc.0 <null> ldc.i4.1 <null> sub.ovf <null> ldloc.s V_6 call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) stelem.ref <null> ldloc.1 <null> ldloc.0 <null> call System.Void Wp7yb5Td.Ysp1of7LE5::1Mdyr8pS5(System.Object[],System.Int32) nop <null> leave.s IL_00CC: nop call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_00CC: nop nop <null> ret <null>
1d08262d0e0dc23aceda1b3f2571d348 (1.21 MB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙