Suspicious
Suspect

248af5728f876961c4f8955b856671a4

PE Executable
|
MD5: 248af5728f876961c4f8955b856671a4
|
Size: 989.18 KB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

High

Hash
 Hash Value
MD5
248af5728f876961c4f8955b856671a4
Sha1
5439ed62b92fef32652556ff2c911158d67c827f
Sha256
f8d890d669d40fb6abe1041abc6d67390739a8e1c999cabafa8a65bb0b865bc8
Sha384
94189502309b20ff3df9393ffa56e3f9fe797a8123ee00b02e00b731ba21ab415677d365aa059a01fc1df6b404466e4e
Sha512
cd36598dba4c05c252465b5fea357ef1c633ad55a7ea8c425752a23c6e84e4136f0aa1b1fbb05584b8ac0172f8999bb83a9a6bd7f68d09dfa160e279d080e52f
SSDeep
24576:MUnWX6Hw99WdIRvaDO24v6XB9OFRj1bd:MfXe69EIsBEj1b
TLSH
DD2523A2F62C820EC31749B165EE13F10CAA81575191C9BC3C3DB64A9F95392A4F3B6D

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
248af5728f876961c4f8955b856671a4
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
Fhfvmax.Properties.Resources.resources
Yaumgzs
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

Ydwzjq.exe
Full Name

Ydwzjq.exe
EntryPoint

System.Void Fhfvmax.Lzjxsamd::Main()
Scope Name

Ydwzjq.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Ydwzjq
Assembly Version

1.0.4632.23880
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

6
Main Method

System.Void Fhfvmax.Lzjxsamd::Main()
Main IL Instruction Count

10
Main IL

newobj System.Void Fhfvmax.Mylpekmend::.ctor() ldstr 7nYRxKQkgk9oUfVdAQTukw== ldstr RZVahDoMRK8= ldstr xDE8t4baqrCaFGeoSD.zZ6ZAPqBJfGOePx1Mm ldstr Gp7eu7Pyh callvirt System.Void Fhfvmax.Mylpekmend::Chrzog(System.String,System.String,System.String,System.String) leave IL_0029: ret pop <null> leave IL_0029: ret ret <null>
Module Name

Ydwzjq.exe
Full Name

Ydwzjq.exe
EntryPoint

System.Void Fhfvmax.Lzjxsamd::Main()
Scope Name

Ydwzjq.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Ydwzjq
Assembly Version

1.0.4632.23880
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

6
Main Method

System.Void Fhfvmax.Lzjxsamd::Main()
Main IL Instruction Count

10
Main IL

newobj System.Void Fhfvmax.Mylpekmend::.ctor() ldstr 7nYRxKQkgk9oUfVdAQTukw== ldstr RZVahDoMRK8= ldstr xDE8t4baqrCaFGeoSD.zZ6ZAPqBJfGOePx1Mm ldstr Gp7eu7Pyh callvirt System.Void Fhfvmax.Mylpekmend::Chrzog(System.String,System.String,System.String,System.String) leave IL_0029: ret pop <null> leave IL_0029: ret ret <null>
248af5728f876961c4f8955b856671a4 (989.18 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙