Suspicious
Suspect

263454ca3273257ff74f0f412cf13d05

PE Executable
|
MD5: 263454ca3273257ff74f0f412cf13d05
|
Size: 111.62 KB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Low

Hash
 Hash Value
MD5
263454ca3273257ff74f0f412cf13d05
Sha1
0119d3bac846df6821a1f3c4b15294d32ff9e40d
Sha256
9a5fbc975f0c8d292e6b55b74c06a36a2fc2287c0776fa18bb4d9058204bdefd
Sha384
25974dfee0fb6637bd101e5da7af62051b364fac8875dba1f126813b6b1b4127318a6a40b13495d80d92bf2b5f4d715c
Sha512
43746544c96ee083ef181b3929fe258779054c0519a0f0a532422a2c6ad6327d7cd676e8ccd307e2087ccb2d1c7b05f3d3b36c4505caa0f30a9d0c6d92ac34c2
SSDeep
1536:QmbZVcOw9eUwy6dePF7d6foYDT9QtYLjvscOwy6dePF7d6foYDT9QtYLjv:Q6ZVcB9e/si
TLSH
0CB366212AEB109DF3B79FB12FD8B8FF49AAE5B3291D70B9204147064761E84CD52B35

PeID

Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
File Structure
263454ca3273257ff74f0f412cf13d05
[Base64-Block @0x00004077]
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

FleetAgentAdvanced_final.exe
Full Name

FleetAgentAdvanced_final.exe
EntryPoint

System.Void Microsoft.NET.Runtime.Program::Main(System.String[])
Scope Name

FleetAgentAdvanced_final.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

FleetAgentAdvanced_final
Assembly Version

4.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

<null>
Total Strings

208
Main Method

System.Void Microsoft.NET.Runtime.Program::Main(System.String[])
Main IL Instruction Count

75
Main IL

call System.IntPtr Microsoft.NET.Runtime.Program::GetConsoleWindow() stloc.0 <null> ldloc.0 <null> ldsfld System.IntPtr System.IntPtr::Zero call System.Boolean System.IntPtr::op_Inequality(System.IntPtr,System.IntPtr) brfalse.s IL_001B: leave.s IL_0020 ldloc.0 <null> ldc.i4.0 <null> call System.Boolean Microsoft.NET.Runtime.Program::ShowWindow(System.IntPtr,System.Int32) pop <null> leave.s IL_0020: ldarg.0 pop <null> leave.s IL_0020: ldarg.0 ldarg.0 <null> ldlen <null> conv.i4 <null> ldc.i4.0 <null> ble.s IL_0055: call System.Boolean Microsoft.NET.Runtime.Program::AcquireMutex() ldarg.0 <null> ldc.i4.0 <null> ldelem.ref <null> ldstr --watchdog call System.Boolean System.String::op_Equality(System.String,System.String) brfalse.s IL_0055: call System.Boolean Microsoft.NET.Runtime.Program::AcquireMutex() ldc.i4.1 <null> stsfld System.Boolean Microsoft.NET.Runtime.Program::_isWatchdog ldarg.0 <null> ldlen <null> conv.i4 <null> ldc.i4.1 <null> ble.s IL_004F: call System.Void Microsoft.NET.Runtime.Program::RunWatchdog() ldarg.0 <null> ldc.i4.1 <null> ldelem.ref <null> ldsflda System.Int32 Microsoft.NET.Runtime.Program::_mainPid call System.Boolean System.Int32::TryParse(System.String,System.Int32&) pop <null> call System.Void Microsoft.NET.Runtime.Program::RunWatchdog() ret <null> call System.Boolean Microsoft.NET.Runtime.Program::AcquireMutex() brtrue.s IL_005D: call System.Void Microsoft.NET.Runtime.Program::Install() ret <null> call System.Void Microsoft.NET.Runtime.Program::Install() ldsfld System.String Microsoft.NET.Runtime.Program::_installPath call System.Boolean System.String::IsNullOrEmpty(System.String) brtrue.s IL_007F: call System.String Microsoft.NET.Runtime.Program::GenId() ldsfld System.String Microsoft.NET.Runtime.Program::_installPath call System.Boolean System.IO.File::Exists(System.String) brfalse.s IL_007F: call System.String Microsoft.NET.Runtime.Program::GenId() call System.Void Microsoft.NET.Runtime.Program::StartWatchdog() call System.String Microsoft.NET.Runtime.Program::GenId() stsfld System.String Microsoft.NET.Runtime.Program::_mid call System.String System.Environment::get_MachineName() stsfld System.String Microsoft.NET.Runtime.Program::_host br.s IL_00B0: ldsfld System.Boolean Microsoft.NET.Runtime.Program::_run call System.Void Microsoft.NET.Runtime.Program::MainLoop() leave.s IL_009F: ldsfld System.Boolean Microsoft.NET.Runtime.Program::_run pop <null> leave.s IL_009F: ldsfld System.Boolean Microsoft.NET.Runtime.Program::_run ldsfld System.Boolean Microsoft.NET.Runtime.Program::_run brfalse.s IL_00B0: ldsfld System.Boolean Microsoft.NET.Runtime.Program::_run ldc.i4 5000 call System.Void System.Threading.Thread::Sleep(System.Int32) ldsfld System.Boolean Microsoft.NET.Runtime.Program::_run brtrue.s IL_0095: call System.Void Microsoft.NET.Runtime.Program::MainLoop() leave.s IL_00D6: ret ldsfld System.IntPtr Microsoft.NET.Runtime.Program::_mutex ldsfld System.IntPtr System.IntPtr::Zero call System.Boolean System.IntPtr::op_Inequality(System.IntPtr,System.IntPtr) brfalse.s IL_00D5: endfinally ldsfld System.IntPtr Microsoft.NET.Runtime.Program::_mutex call System.Boolean Microsoft.NET.Runtime.Program::ReleaseMutex(System.IntPtr) pop <null> endfinally <null> ret <null>
Module Name

FleetAgentAdvanced_final.exe
Full Name

FleetAgentAdvanced_final.exe
EntryPoint

System.Void Microsoft.NET.Runtime.Program::Main(System.String[])
Scope Name

FleetAgentAdvanced_final.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

FleetAgentAdvanced_final
Assembly Version

4.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

<null>
Total Strings

208
Main Method

System.Void Microsoft.NET.Runtime.Program::Main(System.String[])
Main IL Instruction Count

75
Main IL

call System.IntPtr Microsoft.NET.Runtime.Program::GetConsoleWindow() stloc.0 <null> ldloc.0 <null> ldsfld System.IntPtr System.IntPtr::Zero call System.Boolean System.IntPtr::op_Inequality(System.IntPtr,System.IntPtr) brfalse.s IL_001B: leave.s IL_0020 ldloc.0 <null> ldc.i4.0 <null> call System.Boolean Microsoft.NET.Runtime.Program::ShowWindow(System.IntPtr,System.Int32) pop <null> leave.s IL_0020: ldarg.0 pop <null> leave.s IL_0020: ldarg.0 ldarg.0 <null> ldlen <null> conv.i4 <null> ldc.i4.0 <null> ble.s IL_0055: call System.Boolean Microsoft.NET.Runtime.Program::AcquireMutex() ldarg.0 <null> ldc.i4.0 <null> ldelem.ref <null> ldstr --watchdog call System.Boolean System.String::op_Equality(System.String,System.String) brfalse.s IL_0055: call System.Boolean Microsoft.NET.Runtime.Program::AcquireMutex() ldc.i4.1 <null> stsfld System.Boolean Microsoft.NET.Runtime.Program::_isWatchdog ldarg.0 <null> ldlen <null> conv.i4 <null> ldc.i4.1 <null> ble.s IL_004F: call System.Void Microsoft.NET.Runtime.Program::RunWatchdog() ldarg.0 <null> ldc.i4.1 <null> ldelem.ref <null> ldsflda System.Int32 Microsoft.NET.Runtime.Program::_mainPid call System.Boolean System.Int32::TryParse(System.String,System.Int32&) pop <null> call System.Void Microsoft.NET.Runtime.Program::RunWatchdog() ret <null> call System.Boolean Microsoft.NET.Runtime.Program::AcquireMutex() brtrue.s IL_005D: call System.Void Microsoft.NET.Runtime.Program::Install() ret <null> call System.Void Microsoft.NET.Runtime.Program::Install() ldsfld System.String Microsoft.NET.Runtime.Program::_installPath call System.Boolean System.String::IsNullOrEmpty(System.String) brtrue.s IL_007F: call System.String Microsoft.NET.Runtime.Program::GenId() ldsfld System.String Microsoft.NET.Runtime.Program::_installPath call System.Boolean System.IO.File::Exists(System.String) brfalse.s IL_007F: call System.String Microsoft.NET.Runtime.Program::GenId() call System.Void Microsoft.NET.Runtime.Program::StartWatchdog() call System.String Microsoft.NET.Runtime.Program::GenId() stsfld System.String Microsoft.NET.Runtime.Program::_mid call System.String System.Environment::get_MachineName() stsfld System.String Microsoft.NET.Runtime.Program::_host br.s IL_00B0: ldsfld System.Boolean Microsoft.NET.Runtime.Program::_run call System.Void Microsoft.NET.Runtime.Program::MainLoop() leave.s IL_009F: ldsfld System.Boolean Microsoft.NET.Runtime.Program::_run pop <null> leave.s IL_009F: ldsfld System.Boolean Microsoft.NET.Runtime.Program::_run ldsfld System.Boolean Microsoft.NET.Runtime.Program::_run brfalse.s IL_00B0: ldsfld System.Boolean Microsoft.NET.Runtime.Program::_run ldc.i4 5000 call System.Void System.Threading.Thread::Sleep(System.Int32) ldsfld System.Boolean Microsoft.NET.Runtime.Program::_run brtrue.s IL_0095: call System.Void Microsoft.NET.Runtime.Program::MainLoop() leave.s IL_00D6: ret ldsfld System.IntPtr Microsoft.NET.Runtime.Program::_mutex ldsfld System.IntPtr System.IntPtr::Zero call System.Boolean System.IntPtr::op_Inequality(System.IntPtr,System.IntPtr) brfalse.s IL_00D5: endfinally ldsfld System.IntPtr Microsoft.NET.Runtime.Program::_mutex call System.Boolean Microsoft.NET.Runtime.Program::ReleaseMutex(System.IntPtr) pop <null> endfinally <null> ret <null>
263454ca3273257ff74f0f412cf13d05 (111.62 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙