3455c7d385c241c62995d9101039e811

PE Executable
|
MD5: 3455c7d385c241c62995d9101039e811
|
Size: 3.42 MB
|
application/x-dosexec

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	3455c7d385c241c62995d9101039e811
Sha1	1ce474480af6607221a3ec4e0a167f03b8148872
Sha256	511ace09e2e37545e0f12232fb3ad7da230f0c55ea803fa14ae84530257069b6
Sha384	d4daf7e0fdb003b66d6773df7616a6658e979e5532d04174eab85f2ef3c4727991322dbd9a9fca46e2eca7f2eda93b2b
Sha512	ef7e976aeedead95ea82f1a6347f63aa63e09cb02f04b9f7c7443f84a56a3ef3f0bc568935b22950114eec6529f137221f572111b9887ca8f76ec7a9347f5b74
SSDeep	49152:z+DP6joVqq/KRTSQ9lhp+GMPUdvxzcpNGq3bV0VWiCqU9Xg6YrsoJMdkQNQYx8ch:qDFu19doGMcJzr9IqDeRDNMeBOc0
TLSH	FAF523DD7120B1EFC817E5B58AA12D749621AC7B47179203A8233DCBBA3D0D79F148B6

PeID

.NET executable

Microsoft Visual C# / Basic .NET

Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL

Microsoft Visual C# v7.0 / Basic .NET

Microsoft Visual Studio .NET

File Structure

Informations

Name0	Value
Info	PE Detect: PeReader OK (file layout)
Module Name	server1.exe
Full Name	server1.exe
EntryPoint	System.Void ‪‫⁯‍⁭⁪‎⁫‏‭‭‫‬‭‮⁬⁭‏‎‍‫‮⁯⁮‫⁬⁯‌‫⁫⁯‌⁯⁪‎⁪‪⁮‮::⁫‪‮‍⁯‮‎‭‪⁮⁭‫‫‭‪‫‭‎‌⁪⁬⁬⁭⁮‫‪⁪⁬‏⁪‪‎‮‍⁬‭⁭‮()
Scope Name	server1.exe
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	server1
Assembly Version	5.2.0.8
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.8
Total Strings	7
Main Method	System.Void ‪‫⁯‍⁭⁪‎⁫‏‭‭‫‬‭‮⁬⁭‏‎‍‫‮⁯⁮‫⁬⁯‌‫⁫⁯‌⁯⁪‎⁪‪⁮‮::⁫‪‮‍⁯‮‎‭‪⁮⁭‫‫‭‪‫‭‎‌⁪⁬⁬⁭⁮‫‪⁪⁬‏⁪‪‎‮‍⁬‭⁭‮()
Main IL Instruction Count	49
Main IL	nop <null> ldc.i4 1958338984 ldc.i4 2102187121 xor <null> dup <null> stloc.2 <null> ldc.i4.4 <null> rem.un <null> switch dnlib.DotNet.Emit.Instruction[] br IL_00B5: ret call System.String ⁬⁭⁫⁪‌‬‭‫‫‫⁮‍⁪‪⁭⁭‪‫⁪‭‍⁭‬‮‫‌⁭⁯⁮⁬⁭‬⁮⁫‏‪⁭‌⁬‮::‮‫‪⁮‬⁮⁭‍⁬‪‏‭‎‫‎⁫‌‬⁭⁮‎‌‫⁮⁪⁮‭‎‪‌‎⁬⁬‬‭‪‍‮() ldc.i4 598568236 call System.String <Module>::‫⁪‏‏‮⁭‌‌⁫⁭⁭⁪‏‌⁯‌‮‭⁮‭‍⁬‍‫‏‬‭‏⁯‍⁮‬⁫‭⁭‎‬‮<System.String>(System.UInt32) call System.String ‪‫⁯‍⁭⁪‎⁫‏‭‭‫‬‭‮⁬⁭‏‎‍‫‮⁯⁮‫⁬⁯‌‫⁫⁯‌⁯⁪‎⁪‪⁮‮::⁪⁫⁮‮‮‬⁭‮⁪⁫‎‍⁭‬‎‎⁯⁬‌⁯⁮‮⁪‭‌‭‎‍‫‏‫⁫‌‫⁫⁯‪⁮⁪‮(System.String,System.String) stsfld System.String ‪‫⁯‍⁭⁪‎⁫‏‭‭‫‬‭‮⁬⁭‏‎‍‫‮⁯⁮‫⁬⁯‌‫⁫⁯‌⁯⁪‎⁪‪⁮‮::‌‫‪‎‎⁪‮‮⁭⁮⁮‏‬‪‏‬⁬⁪‫‬‪⁫⁪‫‏‮‏‭‪‭‬‌⁪⁭‌‏‭‏‮ ldsfld System.String ‪‫⁯‍⁭⁪‎⁫‏‭‭‫‬‭‮⁬⁭‏‎‍‫‮⁯⁮‫⁬⁯‌‫⁫⁯‌⁯⁪‎⁪‪⁮‮::‌‫‪‎‎⁪‮‮⁭⁮⁮‏‬‪‏‬⁬⁪‫‬‪⁫⁪‫‏‮‏‭‪‭‬‌⁪⁭‌‏‭‏‮ call System.Byte[] ‪‫⁯‍⁭⁪‎⁫‏‭‭‫‬‭‮⁬⁭‏‎‍‫‮⁯⁮‫⁬⁯‌‫⁫⁯‌⁯⁪‎⁪‪⁮‮::⁫‌‪⁪⁭‪⁮‌⁬⁪⁪‬⁭‬⁭‍‫⁬⁪⁪‫⁭‮‌‍‮⁮⁬⁮‬‮⁬‫⁯‮‎⁬‮(System.String) stsfld System.Byte[] ‪‫⁯‍⁭⁪‎⁫‏‭‭‫‬‭‮⁬⁭‏‎‍‫‮⁯⁮‫⁬⁯‌‫⁫⁯‌⁯⁪‎⁪‪⁮‮::⁯‭‪‍‪‫‬‫⁮⁬‍⁪⁪‫⁯‎⁮‌‬⁮⁯‎‍⁫‎‪‌‏‎‬⁮‍‫‮‬‭⁮‮ ldloc.2 <null> ldc.i4 -1844136823 mul <null> ldc.i4 -811087837 xor <null> br.s IL_0006: ldc.i4 2102187121 newobj System.Void ‮‭‬‎⁬‎‎⁭‌‬‎‏⁪‏‍‍‭‫⁬‭‫‬‏⁭‭‫⁬‏‪‭⁭⁪‎‏⁫‌⁯‮::.ctor() stloc.0 <null> ldloc.0 <null> ldsfld System.Byte[] ‪‫⁯‍⁭⁪‎⁫‏‭‭‫‬‭‮⁬⁭‏‎‍‫‮⁯⁮‫⁬⁯‌‫⁫⁯‌⁯⁪‎⁪‪⁮‮::⁯‭‪‍‪‫‬‫⁮⁬‍⁪⁪‫⁯‎⁮‌‬⁮⁯‎‍⁫‎‪‌‏‎‬⁮‍‫‮‬‭⁮‮ call System.Diagnostics.Process ‪‫⁯‍⁭⁪‎⁫‏‭‭‫‬‭‮⁬⁭‏‎‍‫‮⁯⁮‫⁬⁯‌‫⁫⁯‌⁯⁪‎⁪‪⁮‮::⁪‌‪⁯‫‫⁬‮‌‎‮‭⁭⁪⁬‬‫⁪⁫⁭⁬‌⁬‌⁫⁫‫‎‏‎⁪⁮‎‎‫‬⁫‮() call System.Diagnostics.ProcessModule ‪‫⁯‍⁭⁪‎⁫‏‭‭‫‬‭‮⁬⁭‏‎‍‫‮⁯⁮‫⁬⁯‌‫⁫⁯‌⁯⁪‎⁪‪⁮‮::⁯‍‪‬⁪⁭‭⁯‬⁪⁭‬‏⁮⁯⁯‫‌‬‮‮⁬⁯‎⁮‭⁫‬⁬‪‏‫‬‫⁭⁪‮(System.Diagnostics.Process) call System.String ‪‫⁯‍⁭⁪‎⁫‏‭‭‫‬‭‮⁬⁭‏‎‍‫‮⁯⁮‫⁬⁯‌‫⁫⁯‌⁯⁪‎⁪‪⁮‮::⁬⁭⁮‬⁮⁪‭⁭‏‎⁮‫⁯⁫‌⁬‫‍⁬‏‭⁪‏‎‌‬⁪⁭⁬‮⁯‏‬⁫‬‌‎‏‮(System.Diagnostics.ProcessModule) callvirt System.Boolean ‮‭‬‎⁬‎‎⁭‌‬‎‏⁪‏‍‍‭‫⁬‭‫‬‏⁭‭‫⁬‏‪‭⁭⁪‎‏⁫‌⁯‮::‬‫‌‬⁫‬‪⁮⁪‎⁭⁯⁫‌‬‬‍‭⁬‫‭⁭‫⁬‌‫‏‭‬⁫‬‬⁯⁪‬‪⁫‮(System.Byte[],System.String) pop <null> newobj System.Void ‍‭‬‫‬‫‮‮⁮‬⁮‌‪⁮‏‮‏‍‭⁮‫‭‮⁯⁫‬‬‪⁭‫‏⁮‮⁪‬⁯‫⁫‮‮::.ctor() stloc.1 <null> ldloc.1 <null> ldsfld System.Byte[] ‪‫⁯‍⁭⁪‎⁫‏‭‭‫‬‭‮⁬⁭‏‎‍‫‮⁯⁮‫⁬⁯‌‫⁫⁯‌⁯⁪‎⁪‪⁮‮::⁯‭‪‍‪‫‬‫⁮⁬‍⁪⁪‫⁯‎⁮‌‬⁮⁯‎‍⁫‎‪‌‏‎‬⁮‍‫‮‬‭⁮‮ call System.Diagnostics.Process ‪‫⁯‍⁭⁪‎⁫‏‭‭‫‬‭‮⁬⁭‏‎‍‫‮⁯⁮‫⁬⁯‌‫⁫⁯‌⁯⁪‎⁪‪⁮‮::⁪‌‪⁯‫‫⁬‮‌‎‮‭⁭⁪⁬‬‫⁪⁫⁭⁬‌⁬‌⁫⁫‫‎‏‎⁪⁮‎‎‫‬⁫‮() call System.Diagnostics.ProcessModule ‪‫⁯‍⁭⁪‎⁫‏‭‭‫‬‭‮⁬⁭‏‎‍‫‮⁯⁮‫⁬⁯‌‫⁫⁯‌⁯⁪‎⁪‪⁮‮::⁯‍‪‬⁪⁭‭⁯‬⁪⁭‬‏⁮⁯⁯‫‌‬‮‮⁬⁯‎⁮‭⁫‬⁬‪‏‫‬‫⁭⁪‮(System.Diagnostics.Process) call System.String ‪‫⁯‍⁭⁪‎⁫‏‭‭‫‬‭‮⁬⁭‏‎‍‫‮⁯⁮‫⁬⁯‌‫⁫⁯‌⁯⁪‎⁪‪⁮‮::⁬⁭⁮‬⁮⁪‭⁭‏‎⁮‫⁯⁫‌⁬‫‍⁬‏‭⁪‏‎‌‬⁪⁭⁬‮⁯‏‬⁫‬‌‎‏‮(System.Diagnostics.ProcessModule) callvirt System.Boolean ‍‭‬‫‬‫‮‮⁮‬⁮‌‪⁮‏‮‏‍‭⁮‫‭‮⁯⁫‬‬‪⁭‫‏⁮‮⁪‬⁯‫⁫‮‮::‫‫‪‪‏⁭⁭⁯⁬‮‍‎‍⁭⁪‬‫⁪‮‮⁫⁫⁭‬‍‭‭⁪‮⁪⁬‪‏‮⁫‍‮(System.Byte[],System.String) pop <null> ldloc.2 <null> ldc.i4 -1822046194 mul <null> ldc.i4 -810632145 xor <null> br IL_0006: ldc.i4 2102187121 ret <null>
Module Name	server1.exe
Full Name	server1.exe
EntryPoint	System.Void ‪‫⁯‍⁭⁪‎⁫‏‭‭‫‬‭‮⁬⁭‏‎‍‫‮⁯⁮‫⁬⁯‌‫⁫⁯‌⁯⁪‎⁪‪⁮‮::⁫‪‮‍⁯‮‎‭‪⁮⁭‫‫‭‪‫‭‎‌⁪⁬⁬⁭⁮‫‪⁪⁬‏⁪‪‎‮‍⁬‭⁭‮()
Scope Name	server1.exe
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	server1
Assembly Version	5.2.0.8
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.8
Total Strings	7
Main Method	System.Void ‪‫⁯‍⁭⁪‎⁫‏‭‭‫‬‭‮⁬⁭‏‎‍‫‮⁯⁮‫⁬⁯‌‫⁫⁯‌⁯⁪‎⁪‪⁮‮::⁫‪‮‍⁯‮‎‭‪⁮⁭‫‫‭‪‫‭‎‌⁪⁬⁬⁭⁮‫‪⁪⁬‏⁪‪‎‮‍⁬‭⁭‮()
Main IL Instruction Count	49
Main IL	nop <null> ldc.i4 1958338984 ldc.i4 2102187121 xor <null> dup <null> stloc.2 <null> ldc.i4.4 <null> rem.un <null> switch dnlib.DotNet.Emit.Instruction[] br IL_00B5: ret call System.String ⁬⁭⁫⁪‌‬‭‫‫‫⁮‍⁪‪⁭⁭‪‫⁪‭‍⁭‬‮‫‌⁭⁯⁮⁬⁭‬⁮⁫‏‪⁭‌⁬‮::‮‫‪⁮‬⁮⁭‍⁬‪‏‭‎‫‎⁫‌‬⁭⁮‎‌‫⁮⁪⁮‭‎‪‌‎⁬⁬‬‭‪‍‮() ldc.i4 598568236 call System.String <Module>::‫⁪‏‏‮⁭‌‌⁫⁭⁭⁪‏‌⁯‌‮‭⁮‭‍⁬‍‫‏‬‭‏⁯‍⁮‬⁫‭⁭‎‬‮<System.String>(System.UInt32) call System.String ‪‫⁯‍⁭⁪‎⁫‏‭‭‫‬‭‮⁬⁭‏‎‍‫‮⁯⁮‫⁬⁯‌‫⁫⁯‌⁯⁪‎⁪‪⁮‮::⁪⁫⁮‮‮‬⁭‮⁪⁫‎‍⁭‬‎‎⁯⁬‌⁯⁮‮⁪‭‌‭‎‍‫‏‫⁫‌‫⁫⁯‪⁮⁪‮(System.String,System.String) stsfld System.String ‪‫⁯‍⁭⁪‎⁫‏‭‭‫‬‭‮⁬⁭‏‎‍‫‮⁯⁮‫⁬⁯‌‫⁫⁯‌⁯⁪‎⁪‪⁮‮::‌‫‪‎‎⁪‮‮⁭⁮⁮‏‬‪‏‬⁬⁪‫‬‪⁫⁪‫‏‮‏‭‪‭‬‌⁪⁭‌‏‭‏‮ ldsfld System.String ‪‫⁯‍⁭⁪‎⁫‏‭‭‫‬‭‮⁬⁭‏‎‍‫‮⁯⁮‫⁬⁯‌‫⁫⁯‌⁯⁪‎⁪‪⁮‮::‌‫‪‎‎⁪‮‮⁭⁮⁮‏‬‪‏‬⁬⁪‫‬‪⁫⁪‫‏‮‏‭‪‭‬‌⁪⁭‌‏‭‏‮ call System.Byte[] ‪‫⁯‍⁭⁪‎⁫‏‭‭‫‬‭‮⁬⁭‏‎‍‫‮⁯⁮‫⁬⁯‌‫⁫⁯‌⁯⁪‎⁪‪⁮‮::⁫‌‪⁪⁭‪⁮‌⁬⁪⁪‬⁭‬⁭‍‫⁬⁪⁪‫⁭‮‌‍‮⁮⁬⁮‬‮⁬‫⁯‮‎⁬‮(System.String) stsfld System.Byte[] ‪‫⁯‍⁭⁪‎⁫‏‭‭‫‬‭‮⁬⁭‏‎‍‫‮⁯⁮‫⁬⁯‌‫⁫⁯‌⁯⁪‎⁪‪⁮‮::⁯‭‪‍‪‫‬‫⁮⁬‍⁪⁪‫⁯‎⁮‌‬⁮⁯‎‍⁫‎‪‌‏‎‬⁮‍‫‮‬‭⁮‮ ldloc.2 <null> ldc.i4 -1844136823 mul <null> ldc.i4 -811087837 xor <null> br.s IL_0006: ldc.i4 2102187121 newobj System.Void ‮‭‬‎⁬‎‎⁭‌‬‎‏⁪‏‍‍‭‫⁬‭‫‬‏⁭‭‫⁬‏‪‭⁭⁪‎‏⁫‌⁯‮::.ctor() stloc.0 <null> ldloc.0 <null> ldsfld System.Byte[] ‪‫⁯‍⁭⁪‎⁫‏‭‭‫‬‭‮⁬⁭‏‎‍‫‮⁯⁮‫⁬⁯‌‫⁫⁯‌⁯⁪‎⁪‪⁮‮::⁯‭‪‍‪‫‬‫⁮⁬‍⁪⁪‫⁯‎⁮‌‬⁮⁯‎‍⁫‎‪‌‏‎‬⁮‍‫‮‬‭⁮‮ call System.Diagnostics.Process ‪‫⁯‍⁭⁪‎⁫‏‭‭‫‬‭‮⁬⁭‏‎‍‫‮⁯⁮‫⁬⁯‌‫⁫⁯‌⁯⁪‎⁪‪⁮‮::⁪‌‪⁯‫‫⁬‮‌‎‮‭⁭⁪⁬‬‫⁪⁫⁭⁬‌⁬‌⁫⁫‫‎‏‎⁪⁮‎‎‫‬⁫‮() call System.Diagnostics.ProcessModule ‪‫⁯‍⁭⁪‎⁫‏‭‭‫‬‭‮⁬⁭‏‎‍‫‮⁯⁮‫⁬⁯‌‫⁫⁯‌⁯⁪‎⁪‪⁮‮::⁯‍‪‬⁪⁭‭⁯‬⁪⁭‬‏⁮⁯⁯‫‌‬‮‮⁬⁯‎⁮‭⁫‬⁬‪‏‫‬‫⁭⁪‮(System.Diagnostics.Process) call System.String ‪‫⁯‍⁭⁪‎⁫‏‭‭‫‬‭‮⁬⁭‏‎‍‫‮⁯⁮‫⁬⁯‌‫⁫⁯‌⁯⁪‎⁪‪⁮‮::⁬⁭⁮‬⁮⁪‭⁭‏‎⁮‫⁯⁫‌⁬‫‍⁬‏‭⁪‏‎‌‬⁪⁭⁬‮⁯‏‬⁫‬‌‎‏‮(System.Diagnostics.ProcessModule) callvirt System.Boolean ‮‭‬‎⁬‎‎⁭‌‬‎‏⁪‏‍‍‭‫⁬‭‫‬‏⁭‭‫⁬‏‪‭⁭⁪‎‏⁫‌⁯‮::‬‫‌‬⁫‬‪⁮⁪‎⁭⁯⁫‌‬‬‍‭⁬‫‭⁭‫⁬‌‫‏‭‬⁫‬‬⁯⁪‬‪⁫‮(System.Byte[],System.String) pop <null> newobj System.Void ‍‭‬‫‬‫‮‮⁮‬⁮‌‪⁮‏‮‏‍‭⁮‫‭‮⁯⁫‬‬‪⁭‫‏⁮‮⁪‬⁯‫⁫‮‮::.ctor() stloc.1 <null> ldloc.1 <null> ldsfld System.Byte[] ‪‫⁯‍⁭⁪‎⁫‏‭‭‫‬‭‮⁬⁭‏‎‍‫‮⁯⁮‫⁬⁯‌‫⁫⁯‌⁯⁪‎⁪‪⁮‮::⁯‭‪‍‪‫‬‫⁮⁬‍⁪⁪‫⁯‎⁮‌‬⁮⁯‎‍⁫‎‪‌‏‎‬⁮‍‫‮‬‭⁮‮ call System.Diagnostics.Process ‪‫⁯‍⁭⁪‎⁫‏‭‭‫‬‭‮⁬⁭‏‎‍‫‮⁯⁮‫⁬⁯‌‫⁫⁯‌⁯⁪‎⁪‪⁮‮::⁪‌‪⁯‫‫⁬‮‌‎‮‭⁭⁪⁬‬‫⁪⁫⁭⁬‌⁬‌⁫⁫‫‎‏‎⁪⁮‎‎‫‬⁫‮() call System.Diagnostics.ProcessModule ‪‫⁯‍⁭⁪‎⁫‏‭‭‫‬‭‮⁬⁭‏‎‍‫‮⁯⁮‫⁬⁯‌‫⁫⁯‌⁯⁪‎⁪‪⁮‮::⁯‍‪‬⁪⁭‭⁯‬⁪⁭‬‏⁮⁯⁯‫‌‬‮‮⁬⁯‎⁮‭⁫‬⁬‪‏‫‬‫⁭⁪‮(System.Diagnostics.Process) call System.String ‪‫⁯‍⁭⁪‎⁫‏‭‭‫‬‭‮⁬⁭‏‎‍‫‮⁯⁮‫⁬⁯‌‫⁫⁯‌⁯⁪‎⁪‪⁮‮::⁬⁭⁮‬⁮⁪‭⁭‏‎⁮‫⁯⁫‌⁬‫‍⁬‏‭⁪‏‎‌‬⁪⁭⁬‮⁯‏‬⁫‬‌‎‏‮(System.Diagnostics.ProcessModule) callvirt System.Boolean ‍‭‬‫‬‫‮‮⁮‬⁮‌‪⁮‏‮‏‍‭⁮‫‭‮⁯⁫‬‬‪⁭‫‏⁮‮⁪‬⁯‫⁫‮‮::‫‫‪‪‏⁭⁭⁯⁬‮‍‎‍⁭⁪‬‫⁪‮‮⁫⁫⁭‬‍‭‭⁪‮⁪⁬‪‏‮⁫‍‮(System.Byte[],System.String) pop <null> ldloc.2 <null> ldc.i4 -1822046194 mul <null> ldc.i4 -810632145 xor <null> br IL_0006: ldc.i4 2102187121 ret <null>

3455c7d385c241c62995d9101039e811 (3.42 MB)

3455c7d385c241c62995d9101039e811

PE Executable | MD5: 3455c7d385c241c62995d9101039e811 | Size: 3.42 MB | application/x-dosexec

PE Executable
|
MD5: 3455c7d385c241c62995d9101039e811
|
Size: 3.42 MB
|
application/x-dosexec