1da31a49e21b6d13124a08df93110eec

PE Executable
|
MD5: 1da31a49e21b6d13124a08df93110eec
|
Size: 511.49 KB
|
application/x-dosexec

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	1da31a49e21b6d13124a08df93110eec
Sha1	a73318de79d785a0d716b2241efc6ce622525c52
Sha256	fb92f2044fd4221a569b8eb3193e777afb1d850f1317f808af3b4440e23c9660
Sha384	fb13fde0de21bd3fcc67d40a261c4a20fc34517d17a6a5d5e233ab339d6b01d22584b956f4845e6996a676965dfa0f9c
Sha512	1e4d1bbbe71b883362ac0e22fbaee4a69fd6d5f4a5afc750cda124731ac988ae5518114af315141db30451d3662bdfff20a186ff9b79fdd15b0672fb2078c154
SSDeep	12288:dSTW1fPQ+biwPPqDasqdQrlTT6znjVUJ7vn:kTW1fP9PPbSTT66N
TLSH	54B4BE6AD3E15D8DF2B69BBD9CF182344F72BCD8EB61D32E004020E81E72695DE51366

File Structure

Informations

Name0	Value
Info	PE Detect: PeReader OK (file layout)
Module Name	svchost.exe
Full Name	svchost.exe
EntryPoint	System.Void Loki.ZZJ::ZZK(System.String[])
Scope Name	svchost.exe
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	svchost
Assembly Version	1.2.0.0
Assembly Culture	<null>
Has PublicKey	True
PublicKey Token	1033239b79792944
Target Framework	.NETFramework,Version=v4.0
Total Strings	43
Main Method	System.Void Loki.ZZJ::ZZK(System.String[])
Main IL Instruction Count	24
Main IL	UNKNOWN1 <null> sub <null> ldelem.i4 <null> ldc.r4 -0.00086504046 ldarg.s <null> conv.ovf.i4 <null> ldelem.i4 <null> stloc.3 <null> callvirt <null> ldind.u4 <null> UNKNOWN1 <null> UNKNOWN1 <null> leave <null> UNKNOWN1 <null> UNKNOWN1 <null> conv.i1 <null> UNKNOWN1 <null> blt.un.s <null> UNKNOWN1 <null> blt.un.s <null> ldarg.3 <null> call <null> stind.r8 <null> ldelem.ref <null>

Artefacts

Name0	Value
PE Layout	MemoryMapped (process dump suspected)

1da31a49e21b6d13124a08df93110eec (511.49 KB)