Suspicious
Suspect

2f722c069bc2612c7cf0548c625b34f8

PE Executable
|
MD5: 2f722c069bc2612c7cf0548c625b34f8
|
Size: 1.35 MB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very high

Hash
 Hash Value
MD5
2f722c069bc2612c7cf0548c625b34f8
Sha1
be4d67974e02309f3a4f10b882b90306a719cc43
Sha256
f8aa02fae887ea80156c2e8be3940405bfc612434d7efae60320a802a9d15a93
Sha384
72ea0cd6f0e427625970272b1215e46fa74629694b2b17447067888aba7da94b16b7be3d3abc3d93938affe252034cff
Sha512
16f7d1c804f08a395c2ac0cf14161499800c657629e1dbd0310cec3a0011d0ac5fa7c096103c297826afbc70dc3e632e0d2077653af91d754b6855a4182f8ed3
SSDeep
24576:jdZZzdCJvkYzllNkPbdb9tV2CWCKOJaCXMJph91KOb:jvZzdizzjepb96ifJaC8Jp5
TLSH
FC55F02917E95A14F0FF5B38B77800640BF0BC2B9A31E66E6A5241ED4E61F49ED21373
File Structure
2f722c069bc2612c7cf0548c625b34f8
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
wDc68mx.g.resources
wDc68mx.Resources.resources
94b9b62cb176bd.Resources.resources
f8a3f71f0
[NBF]root.Data
f8a3f71f1
[NBF]root.Data
f8a3f71f10
[NBF]root.Data
f8a3f71f11
[NBF]root.Data
f8a3f71f12
[NBF]root.Data
f8a3f71f13
[NBF]root.Data
f8a3f71f14
[NBF]root.Data
f8a3f71f15
[NBF]root.Data
f8a3f71f16
[NBF]root.Data
f8a3f71f17
[NBF]root.Data
f8a3f71f18
[NBF]root.Data
f8a3f71f19
[NBF]root.Data
f8a3f71f2
[NBF]root.Data
f8a3f71f20
[NBF]root.Data
f8a3f71f21
[NBF]root.Data
f8a3f71f22
[NBF]root.Data
f8a3f71f23
[NBF]root.Data
f8a3f71f24
[NBF]root.Data
f8a3f71f25
[NBF]root.Data
f8a3f71f26
[NBF]root.Data
f8a3f71f27
[NBF]root.Data
f8a3f71f28
[NBF]root.Data
f8a3f71f29
[NBF]root.Data
f8a3f71f3
[NBF]root.Data
f8a3f71f30
[NBF]root.Data
f8a3f71f31
[NBF]root.Data
f8a3f71f32
[NBF]root.Data
f8a3f71f33
[NBF]root.Data
f8a3f71f34
[NBF]root.Data
f8a3f71f35
[NBF]root.Data
f8a3f71f36
[NBF]root.Data
f8a3f71f37
[NBF]root.Data
f8a3f71f38
[NBF]root.Data
f8a3f71f39
[NBF]root.Data
f8a3f71f4
[NBF]root.Data
f8a3f71f5
[NBF]root.Data
f8a3f71f6
[NBF]root.Data
f8a3f71f7
[NBF]root.Data
f8a3f71f8
[NBF]root.Data
f8a3f71f9
[NBF]root.Data
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

wDc68mx
Full Name

wDc68mx
EntryPoint

System.Void wDc68mx.eg5LRq/pr3FD9fwcS.Gxa82Fzxk7Lp4Y::kTy97xwDdKb()
Scope Name

wDc68mx
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

wDc68mx
Assembly Version

10.8.31.163
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

1195
Main Method

System.Void wDc68mx.eg5LRq/pr3FD9fwcS.Gxa82Fzxk7Lp4Y::kTy97xwDdKb()
Main IL Instruction Count

39
Main IL

nop <null> nop <null> call System.Reflection.Assembly System.Reflection.Assembly::GetExecutingAssembly() callvirt System.String System.Reflection.Assembly::get_Location() call System.Diagnostics.FileVersionInfo System.Diagnostics.FileVersionInfo::GetVersionInfo(System.String) callvirt System.String System.Diagnostics.FileVersionInfo::get_FileVersion() stloc.0 <null> ldloc.0 <null> call System.Boolean System.String::IsNullOrEmpty(System.String) stloc.3 <null> ldloc.3 <null> brfalse.s IL_0027: ldc.i4.s 100 ldstr 1.6.4.9 stloc.0 <null> ldc.i4.s 100 call System.Void System.Threading.Thread::Sleep(System.Int32) nop <null> ldc.i4.s 26 call System.String System.Environment::GetFolderPath(System.Environment/SpecialFolder) ldstr AppConfig.dat call System.String System.IO.Path::Combine(System.String,System.String) stloc.1 <null> newobj System.Void wDc68mx.3baCsdW7::.ctor() stloc.2 <null> ldloc.2 <null> call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> leave.s IL_0067: nop dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.s V_4 nop <null> ldc.i4.0 <null> call System.Void System.Environment::Exit(System.Int32) nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_0067: nop nop <null> ret <null>
2f722c069bc2612c7cf0548c625b34f8 (1.35 MB)
File Structure
2f722c069bc2612c7cf0548c625b34f8
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
wDc68mx.g.resources
wDc68mx.Resources.resources
94b9b62cb176bd.Resources.resources
f8a3f71f0
[NBF]root.Data
f8a3f71f1
[NBF]root.Data
f8a3f71f10
[NBF]root.Data
f8a3f71f11
[NBF]root.Data
f8a3f71f12
[NBF]root.Data
f8a3f71f13
[NBF]root.Data
f8a3f71f14
[NBF]root.Data
f8a3f71f15
[NBF]root.Data
f8a3f71f16
[NBF]root.Data
f8a3f71f17
[NBF]root.Data
f8a3f71f18
[NBF]root.Data
f8a3f71f19
[NBF]root.Data
f8a3f71f2
[NBF]root.Data
f8a3f71f20
[NBF]root.Data
f8a3f71f21
[NBF]root.Data
f8a3f71f22
[NBF]root.Data
f8a3f71f23
[NBF]root.Data
f8a3f71f24
[NBF]root.Data
f8a3f71f25
[NBF]root.Data
f8a3f71f26
[NBF]root.Data
f8a3f71f27
[NBF]root.Data
f8a3f71f28
[NBF]root.Data
f8a3f71f29
[NBF]root.Data
f8a3f71f3
[NBF]root.Data
f8a3f71f30
[NBF]root.Data
f8a3f71f31
[NBF]root.Data
f8a3f71f32
[NBF]root.Data
f8a3f71f33
[NBF]root.Data
f8a3f71f34
[NBF]root.Data
f8a3f71f35
[NBF]root.Data
f8a3f71f36
[NBF]root.Data
f8a3f71f37
[NBF]root.Data
f8a3f71f38
[NBF]root.Data
f8a3f71f39
[NBF]root.Data
f8a3f71f4
[NBF]root.Data
f8a3f71f5
[NBF]root.Data
f8a3f71f6
[NBF]root.Data
f8a3f71f7
[NBF]root.Data
f8a3f71f8
[NBF]root.Data
f8a3f71f9
[NBF]root.Data
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙