Suspicious
Suspect

283ab64b3368282db30c090927616539

PE Executable
|
MD5: 283ab64b3368282db30c090927616539
|
Size: 1.27 MB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very high

Hash
Hash Value
MD5
283ab64b3368282db30c090927616539
Sha1
11dad80c29d082e7f707c79aff6efd3e1d68dd84
Sha256
a48f535d6b7b30519c4ae130d656070607fed004b9b5d1cb0cb711a424a295b1
Sha384
96fa920c8e5d5b2afb93d8c1412b5e1d9a048be00fc4c60ff4a041fcbe4eba4a8c7e2b9d1bb151672a1b04d471f49498
Sha512
a37ee56e5826217ceedbeb9e1bd509e89a499b082f1bd38180c5d8bbffd1edc4188506de4086bc2482de0c4e05fa9d6f1411efd0fc5bd68240e5968ea2d7218a
SSDeep
12288:MI3S6ZtwCj87yZTKZq5k6URmNKGv6CgLye2ncqB277owVA:pS64Cj8auwW6pIGv6PLqnc4wA
TLSH
5B45C01A2BD96EF4E1BF8F749278015047F0B61BC222E75E6994F2F8CED2B495112363

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
TetraSite.demandflatteningrules
Pgr6a.cAr5w2Eb9Qxc.resources
c58d01f18145ed.Resources.resources
804899c50
[NBF]root.Data
804899c51
[NBF]root.Data
804899c510
[NBF]root.Data
804899c511
[NBF]root.Data
804899c512
[NBF]root.Data
804899c513
[NBF]root.Data
804899c514
[NBF]root.Data
804899c515
[NBF]root.Data
804899c516
[NBF]root.Data
804899c517
[NBF]root.Data
804899c518
[NBF]root.Data
804899c519
[NBF]root.Data
804899c52
[NBF]root.Data
804899c520
[NBF]root.Data
804899c521
[NBF]root.Data
804899c522
[NBF]root.Data
804899c523
[NBF]root.Data
804899c524
[NBF]root.Data
804899c525
[NBF]root.Data
804899c526
[NBF]root.Data
804899c527
[NBF]root.Data
804899c528
[NBF]root.Data
804899c529
[NBF]root.Data
804899c53
[NBF]root.Data
804899c530
[NBF]root.Data
804899c531
[NBF]root.Data
804899c532
[NBF]root.Data
804899c533
[NBF]root.Data
804899c534
[NBF]root.Data
804899c535
[NBF]root.Data
804899c536
[NBF]root.Data
804899c537
[NBF]root.Data
804899c538
[NBF]root.Data
804899c539
[NBF]root.Data
804899c54
[NBF]root.Data
804899c540
[NBF]root.Data
804899c541
[NBF]root.Data
804899c542
[NBF]root.Data
804899c55
[NBF]root.Data
804899c56
[NBF]root.Data
804899c57
[NBF]root.Data
804899c58
[NBF]root.Data
804899c59
[NBF]root.Data
Informations
Name
Value
Info

PE Detect: PeReader OK (file layout)

Module Name

Pgr6a

Full Name

Pgr6a

EntryPoint

System.Void Pgr6a.po2H4cS_J9a/Ef4g1Hr.8Wkpkg0Dx2XsqG::5syHwK6dD4g()

Scope Name

Pgr6a

Scope Type

ModuleDef

Kind

Windows

Runtime Version

v4.0.30319

Tables Header Version

512

WinMD Version

<null>

Assembly Name

Pgr6a

Assembly Version

26.9.10.176

Assembly Culture

<null>

Has PublicKey

False

PublicKey Token

<null>

Target Framework

.NETFramework,Version=v4.6

Total Strings

1175

Main Method

System.Void Pgr6a.po2H4cS_J9a/Ef4g1Hr.8Wkpkg0Dx2XsqG::5syHwK6dD4g()

Main IL Instruction Count

32

Main IL

nop <null> nop <null> ldc.i4.s 20 stloc.0 <null> newobj System.Void System.Collections.Generic.List`1<System.Int32>::.ctor() stloc.1 <null> ldloc.0 <null> stloc.2 <null> ldc.i4.1 <null> stloc.3 <null> br.s IL_001D: ldloc.3 ldloc.1 <null> ldloc.3 <null> callvirt System.Void System.Collections.Generic.List`1<System.Int32>::Add(System.Int32) nop <null> ldloc.3 <null> ldc.i4.1 <null> add.ovf <null> stloc.3 <null> ldloc.3 <null> ldloc.2 <null> ble.s IL_0011: ldloc.1 ldstr demandflatteningrules call System.Void Pgr6a.2zkWdJx8j6Ni::Yx3w9(System.String) nop <null> leave.s IL_003B: nop call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_003B: nop nop <null> ret <null>

Module Name

Pgr6a

Full Name

Pgr6a

EntryPoint

System.Void Pgr6a.po2H4cS_J9a/Ef4g1Hr.8Wkpkg0Dx2XsqG::5syHwK6dD4g()

Scope Name

Pgr6a

Scope Type

ModuleDef

Kind

Windows

Runtime Version

v4.0.30319

Tables Header Version

512

WinMD Version

<null>

Assembly Name

Pgr6a

Assembly Version

26.9.10.176

Assembly Culture

<null>

Has PublicKey

False

PublicKey Token

<null>

Target Framework

.NETFramework,Version=v4.6

Total Strings

1175

Main Method

System.Void Pgr6a.po2H4cS_J9a/Ef4g1Hr.8Wkpkg0Dx2XsqG::5syHwK6dD4g()

Main IL Instruction Count

32

Main IL

nop <null> nop <null> ldc.i4.s 20 stloc.0 <null> newobj System.Void System.Collections.Generic.List`1<System.Int32>::.ctor() stloc.1 <null> ldloc.0 <null> stloc.2 <null> ldc.i4.1 <null> stloc.3 <null> br.s IL_001D: ldloc.3 ldloc.1 <null> ldloc.3 <null> callvirt System.Void System.Collections.Generic.List`1<System.Int32>::Add(System.Int32) nop <null> ldloc.3 <null> ldc.i4.1 <null> add.ovf <null> stloc.3 <null> ldloc.3 <null> ldloc.2 <null> ble.s IL_0011: ldloc.1 ldstr demandflatteningrules call System.Void Pgr6a.2zkWdJx8j6Ni::Yx3w9(System.String) nop <null> leave.s IL_003B: nop call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_003B: nop nop <null> ret <null>

283ab64b3368282db30c090927616539 (1.27 MB)
File Structure
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
TetraSite.demandflatteningrules
Pgr6a.cAr5w2Eb9Qxc.resources
c58d01f18145ed.Resources.resources
804899c50
[NBF]root.Data
804899c51
[NBF]root.Data
804899c510
[NBF]root.Data
804899c511
[NBF]root.Data
804899c512
[NBF]root.Data
804899c513
[NBF]root.Data
804899c514
[NBF]root.Data
804899c515
[NBF]root.Data
804899c516
[NBF]root.Data
804899c517
[NBF]root.Data
804899c518
[NBF]root.Data
804899c519
[NBF]root.Data
804899c52
[NBF]root.Data
804899c520
[NBF]root.Data
804899c521
[NBF]root.Data
804899c522
[NBF]root.Data
804899c523
[NBF]root.Data
804899c524
[NBF]root.Data
804899c525
[NBF]root.Data
804899c526
[NBF]root.Data
804899c527
[NBF]root.Data
804899c528
[NBF]root.Data
804899c529
[NBF]root.Data
804899c53
[NBF]root.Data
804899c530
[NBF]root.Data
804899c531
[NBF]root.Data
804899c532
[NBF]root.Data
804899c533
[NBF]root.Data
804899c534
[NBF]root.Data
804899c535
[NBF]root.Data
804899c536
[NBF]root.Data
804899c537
[NBF]root.Data
804899c538
[NBF]root.Data
804899c539
[NBF]root.Data
804899c54
[NBF]root.Data
804899c540
[NBF]root.Data
804899c541
[NBF]root.Data
804899c542
[NBF]root.Data
804899c55
[NBF]root.Data
804899c56
[NBF]root.Data
804899c57
[NBF]root.Data
804899c58
[NBF]root.Data
804899c59
[NBF]root.Data
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙