Malicious
Malicious

3414edafa4a0d0680e7ed4b0292baa25

PE Executable
|
MD5: 3414edafa4a0d0680e7ed4b0292baa25
|
Size: 1.39 MB
|
application/x-dosexec

Print
Infection Chain
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very high

Hash
 Hash Value
MD5
3414edafa4a0d0680e7ed4b0292baa25
Sha1
a7e0f55cbbd0db78d4e6081cd677d7d0fd0a9e2f
Sha256
73f381d17ddb4efbc58dfa92f2242f85c9cce44260b269f4c2b67fc2766649d3
Sha384
e41ff83a6e544714c902860771cceda2e56dfdc241f258d2bb2efbaa63cdf076009700d0d98678413e9dda834c4af096
Sha512
a73ac6f161e03be5121479765f6525788a89ecdc56bea59fd48646bd02005cd3dea19f32aea896d7fbd8a2061cb95be5245612427f47f0932f313299616243a2
SSDeep
24576:tktv+XZNPb27Q/1gziID/2lzyxQnytW4jASQN+xH+:pu7a1e6y0ytvjAF+
TLSH
1B557B117EA8CE11F00912B3C2FF454887B09D5166A6E71BBDBA377E65123A73C0D9CA

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
3414edafa4a0d0680e7ed4b0292baa25
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
.Net Resources
gYYvYFPhgx9f7hAoNg.N976vxcAg5prKO90Ou
sRotl3bq8Pqfoc8mKN.2UtdJcn7xuo6ohK1ZN
Informations
Name
 Value
Module Name

YDUVqaaGqMR5
Full Name

YDUVqaaGqMR5
EntryPoint

System.Void qX4ZhxkTVFMotYetmSV.nxi2oVkGEtF3i0pmGES::RKDTlOG4M1()
Scope Name

YDUVqaaGqMR5
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

xKn02mP5BBM6iaNGy3
Assembly Version

7.9.8.3
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

63
Main Method

System.Void qX4ZhxkTVFMotYetmSV.nxi2oVkGEtF3i0pmGES::RKDTlOG4M1()
Main IL Instruction Count

14
Main IL

br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull call System.Void jZWhDuAWAUqPNPGPkdb.tLpkt7A3T7tyxDiDKEe::kLjw4iIsCLsZtxc4lksN0j() nop <null> ldsfld System.Object qX4ZhxkTVFMotYetmSV.nxi2oVkGEtF3i0pmGES::ePMT1rBGJr callvirt System.Void CvuUGPk3bdBaOZ2oUCl.oZjKkGkDjdQnFWH3jRs::caxYxaaFK6() nop <null> ret <null>
Module Name

YDUVqaaGqMR5
Full Name

YDUVqaaGqMR5
EntryPoint

System.Void qX4ZhxkTVFMotYetmSV.nxi2oVkGEtF3i0pmGES::RKDTlOG4M1()
Scope Name

YDUVqaaGqMR5
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

xKn02mP5BBM6iaNGy3
Assembly Version

7.9.8.3
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

63
Main Method

System.Void qX4ZhxkTVFMotYetmSV.nxi2oVkGEtF3i0pmGES::RKDTlOG4M1()
Main IL Instruction Count

14
Main IL

br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull call System.Void jZWhDuAWAUqPNPGPkdb.tLpkt7A3T7tyxDiDKEe::kLjw4iIsCLsZtxc4lksN0j() nop <null> ldsfld System.Object qX4ZhxkTVFMotYetmSV.nxi2oVkGEtF3i0pmGES::ePMT1rBGJr callvirt System.Void CvuUGPk3bdBaOZ2oUCl.oZjKkGkDjdQnFWH3jRs::caxYxaaFK6() nop <null> ret <null>
3414edafa4a0d0680e7ed4b0292baa25 (1.39 MB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙