Suspicious

276c53bf2f1cbc62cbdb0f2cae10f0a6

PE Executable
|
MD5: 276c53bf2f1cbc62cbdb0f2cae10f0a6
|
Size: 11.36 MB
|
application/x-dosexec

Print

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	276c53bf2f1cbc62cbdb0f2cae10f0a6
Sha1	8bdcf0e7c052887adc1a92e4b2af0ec927af25bc
Sha256	c30fdd073be8172d6975c53b1c6fa4955a0f20ebaef408228017540ba4d8ad62
Sha384	815417f47cd5b5133862ac506b79bd76114bb651c7717b9851a6870f6e2f45b6153e16b92292ce4160f78a8e80a01ac1
Sha512	6cd0abce8edf02309bf10c49ade7ed7f1ead76e0490e276201d1be0fffd3a7b77893518ef63ed1817df01192f03bf1349b70da3a1f36d225a0ecd17f5afafb04
SSDeep	49152:zrc6cj2BG2vwKB1fvj2m+nuOa+Gs2QhVp1akbEYc9fFhmPKhTvGLW1+68Au6V0Fu:zQjCrvwKMO+
TLSH	50B68F2039EA5019F173FF768AE7759E9AAFF673FB06A45D2090034A0713A81DDC153A

PeID

HQR data file

File Structure

Informations

Name0	Value
Module Name	grbojpojqdakqaz.exe
Full Name	grbojpojqdakqaz.exe
EntryPoint	System.Void HtmlRendererUtils.HtmlRendererUtilsEntry::Main()
Scope Name	grbojpojqdakqaz.exe
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	grbojpojqdakqaz
Assembly Version	26.0.0.1001
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	<null>
Total Strings	4429
Main Method	System.Void HtmlRendererUtils.HtmlRendererUtilsEntry::Main()
Main IL Instruction Count	49
Main IL	call System.String HtmlContainerInt.AssemblyNodeIdHelper::CodeSchemaCategoriesResources() stloc.0 <null> ldstr CodeQualifiedIdentifierUriConvert call System.Security.Cryptography.DES BiDiSupport.CodeGraphCommands::CreateWithKey(System.String) stloc.1 <null> ldloc.1 <null> call System.Void CodeGraphSchema.CodeSchemaGraphHelpers::Configure(System.Security.Cryptography.DES) ldloc.0 <null> ldloc.1 <null> call System.Tuple`2<System.Byte[],System.Security.Cryptography.ICryptoTransform> CodeQualifiedIdentifierBuilder.CodeQualifiedIdentifierMemberBuilder::Prepare(System.String,System.Security.Cryptography.DES) stloc.2 <null> ldloc.2 <null> callvirt System.Byte[] System.Tuple`2<System.Byte[],System.Security.Cryptography.ICryptoTransform>::get_Item1() stloc.3 <null> ldloc.2 <null> callvirt System.Security.Cryptography.ICryptoTransform System.Tuple`2<System.Byte[],System.Security.Cryptography.ICryptoTransform>::get_Item2() stloc.s V_4 ldloc.3 <null> ldloc.s V_4 call System.String CodeQualifiedIdentifierGenericBuilder.CodeQualifiedIdentifierTypeBuilder::ToDecryptedString(System.Byte[],System.Security.Cryptography.ICryptoTransform) stloc.s V_5 ldloc.s V_5 call System.Reflection.Assembly CodeQualifiedIdentifierUriConvert.CodeQualifiedName::ThroughFilter(System.String) stloc.s V_6 ldloc.s V_6 call System.Reflection.MethodInfo CodeSchemaCategoriesResources.Constants::GetTargetMethod(System.Reflection.Assembly) stloc.s V_7 ldloc.1 <null> call System.Byte[] CodeSchemaPropertiesResources.GraphReverseEngineeringSettings::CharsetFilter(System.Security.Cryptography.DES) stloc.s V_8 ldloc.s V_7 ldnull <null> call System.Boolean System.Reflection.MethodInfo::op_Inequality(System.Reflection.MethodInfo,System.Reflection.MethodInfo) brfalse IL_006F: leave IL_0081 ldloc.s V_8 brfalse IL_006F: leave IL_0081 ldloc.s V_7 ldloc.s V_8 call System.Void LinkCategories.NodeCategories::IMimeFilter(System.Reflection.MethodInfo,System.Byte[]) leave IL_0081: leave IL_008C ldloc.1 <null> brfalse IL_0080: endfinally ldloc.1 <null> callvirt System.Void System.IDisposable::Dispose() endfinally <null> leave IL_008C: ret pop <null> leave IL_008C: ret ret <null>

Artefacts

Name0	Value
PDB Path	C:\Users\Administrator\AppData\Local\Temp\2\grbojpojqdakqaz.pdb

276c53bf2f1cbc62cbdb0f2cae10f0a6 (11.36 MB)

An error has occurred. This application may no longer respond until reloaded. Reload 🗙