Suspicious
Suspect

31e12a9f69593892fe52fa3b799e9ada

PE Executable
|
MD5: 31e12a9f69593892fe52fa3b799e9ada
|
Size: 3.84 MB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Low

Hash
 Hash Value
MD5
31e12a9f69593892fe52fa3b799e9ada
Sha1
e05f70b91d908fd5d4195fd332586d6a6787bcbe
Sha256
6c2b4ca9e169f3d71f3fa2962b947c0f7b1e358e2e7ce6c9ee12778e0679f6b1
Sha384
e03101ad6ceb4397984b478e5664033a5755bd680d9bf26f9c24e07cbed32e4e6b1e9c2822dc6865988f70bfc792f1f9
Sha512
c02bbac8a49b86792f627491d309b33f0fcef7ba390d5a4d2a62ae67f30a9ba5baea75fbcd50ed17d7f1336ca57fdcc7b5e085c926d554ae9d93ad62044820d2
SSDeep
98304:zhcJinaokGnSNeZfpnk0X5bev+s7ZtGXayDJ7tH0:GJaJzS4ZhvXSF83Dt
TLSH
D60623DC3A4575EEC85BC8728E985D70B9842D3B430E8613E06735DEAA3DD87DF181A2

PeID

Microsoft Visual C# / Basic .NET
File Structure
31e12a9f69593892fe52fa3b799e9ada
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
cIz@T|
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0002
ID:0
ID:0003
ID:0
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
Informations
Name
 Value
Module Name

server1.exe
Full Name

server1.exe
EntryPoint

System.Int32 <Module>::‍‭‭‭‌‬‭‌‬‮‭‏​‏​‬‬‫‏‪‬‌‮‏‮‮‍‏‪‮(System.String[])
Scope Name

server1.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

server1
Assembly Version

4.5.5.8
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.8
Total Strings

3
Main Method

System.Int32 <Module>::‍‭‭‭‌‬‭‌‬‮‭‏​‏​‬‬‫‏‪‬‌‮‏‮‮‍‏‪‮(System.String[])
Main IL Instruction Count

30
Main IL

ldind.ref <null> ldind.i <null> ldarg.s <null> unbox <null> and <null> stelem.i8 <null> stind.i1 <null> unbox.any <null> ldarg.s <null> UNKNOWN1 <null> sub <null> add <null> conv.ovf.i1 <null> UNKNOWN1 <null> conv.i1 <null> prefix6 <null> UNKNOWN1 <null> brfalse <null> ble.un.s IL_0026: ldc.r4 3.2689684E+10 ldind.ref <null> ldelem.i1 <null> conv.ovf.u8.un <null> UNKNOWN1 <null> ldc.r4 3.2689684E+10 ldlen <null> conv.ovf.u8 <null> ldlen <null> ldc.i4.7 <null> stobj <null> ldc.r4 -5.1296594E+23
Module Name

server1.exe
Full Name

server1.exe
EntryPoint

System.Int32 <Module>::‍‭‭‭‌‬‭‌‬‮‭‏​‏​‬‬‫‏‪‬‌‮‏‮‮‍‏‪‮(System.String[])
Scope Name

server1.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

server1
Assembly Version

4.5.5.8
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.8
Total Strings

3
Main Method

System.Int32 <Module>::‍‭‭‭‌‬‭‌‬‮‭‏​‏​‬‬‫‏‪‬‌‮‏‮‮‍‏‪‮(System.String[])
Main IL Instruction Count

30
Main IL

ldind.ref <null> ldind.i <null> ldarg.s <null> unbox <null> and <null> stelem.i8 <null> stind.i1 <null> unbox.any <null> ldarg.s <null> UNKNOWN1 <null> sub <null> add <null> conv.ovf.i1 <null> UNKNOWN1 <null> conv.i1 <null> prefix6 <null> UNKNOWN1 <null> brfalse <null> ble.un.s IL_0026: ldc.r4 3.2689684E+10 ldind.ref <null> ldelem.i1 <null> conv.ovf.u8.un <null> UNKNOWN1 <null> ldc.r4 3.2689684E+10 ldlen <null> conv.ovf.u8 <null> ldlen <null> ldc.i4.7 <null> stobj <null> ldc.r4 -5.1296594E+23
Artefacts
Name
 Value
Embedded Resources

1
Suspicious Type Names (1-2 chars)

0
31e12a9f69593892fe52fa3b799e9ada (3.84 MB)
File Structure
31e12a9f69593892fe52fa3b799e9ada
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
cIz@T|
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0002
ID:0
ID:0003
ID:0
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
Characteristics
No malware configuration were found at this point.
Artefacts
Name
 Value Location
Embedded Resources

1

31e12a9f69593892fe52fa3b799e9ada
Suspicious Type Names (1-2 chars)

0

31e12a9f69593892fe52fa3b799e9ada
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙