mschainCommon.exe
PE Executable | MD5: 38ca8f01949a23e6c8807a4aa24f5fc4 | Size: 2 MB | application/x-dosexec
Symbol Ofbuscation Score
|
Hash | Hash Value |
|---|---|
| MD5 | 38ca8f01949a23e6c8807a4aa24f5fc4
|
| Sha1 | d7a54168e34384598d2370647fc8238de55f5477
|
| Sha256 | 5ca0a3b3c82ae44d4f9dd1a9b7246bc03bb9a299372f142244a63f11496669a3
|
| Sha384 | 9903737627760520466d79577c22072a252ae52333599a4e336d471915b043e853777cca2f9349632e1c3e542524570d
|
| Sha512 | a7e0964a0b42bf64e4894a7b883af765689f78cdea1ad25a02931fb1fcb4bbeed1c0b0615e830630ce3386182578ef7bd66087a82c07d0d75bfc3865d04aca8e
|
| SSDeep | 49152:TBONSfU6Bdu3k+gnIOiy/8YsJ5Ut0EBfiX5bg/3OVAJ8tb5:QHlAkrUeEBfMbg/3OVAOb
|
| TLSH | 1295BE0665D28E33C3615B319657023D9391C7263992EF5B3A1F21D7A94BBF08B722B3
|
PeID
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Module Name | pxqDsBPmp0nY |
| Full Name | pxqDsBPmp0nY |
| EntryPoint | System.Void PZSHbx3Z3Yo2GoLoQTh.Cj8lue3sqpKHPKiHgjx::IqQ37kxWAo() |
| Scope Name | pxqDsBPmp0nY |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | SGxDUr5uRrbW2X9YcTIdUkMi5E |
| Assembly Version | 4.1.5.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.0 |
| Total Strings | 47 |
| Main Method | System.Void PZSHbx3Z3Yo2GoLoQTh.Cj8lue3sqpKHPKiHgjx::IqQ37kxWAo() |
| Main IL Instruction Count | 43 |
| Main IL | ldc.i4 2 stloc V_0 br IL_000E: ldloc V_0 ldloc V_0 switch dnlib.DotNet.Emit.Instruction[] br IL_005C: ldc.i4 2095465609 ret <null> ldnull <null> ldnull <null> newobj System.Void sKK7vOZJkSTX75mk9xO.Yb6766ZNyZZT6Y7Q8a9::.ctor(System.String,System.String) call System.Void cBfbUU1pHFoxl3gEGLW.EQXJ7w1315eQLwsH4ii::e0n1dxsKfB(sKK7vOZJkSTX75mk9xO.Yb6766ZNyZZT6Y7Q8a9) ldc.i4 0 ldsfld <Module>{44e4318b-d231-4207-b616-b46b9865b829} <Module>{44e4318b-d231-4207-b616-b46b9865b829}::m_c207eebef89c4c2daae5ee746776076a ldfld System.Int32 <Module>{44e4318b-d231-4207-b616-b46b9865b829}::m_de81ef26954b4c88a2260c8e2dacc854 brfalse IL_0012: switch(IL_005C,IL_0090,IL_00A0,IL_0031,IL_0030) pop <null> ldc.i4 0 br IL_0012: switch(IL_005C,IL_0090,IL_00A0,IL_0031,IL_0030) ldc.i4 2095465609 neg <null> ldc.i4 -626326929 xor <null> ldsfld <Module>{44e4318b-d231-4207-b616-b46b9865b829} <Module>{44e4318b-d231-4207-b616-b46b9865b829}::m_c207eebef89c4c2daae5ee746776076a ldfld System.Int32 <Module>{44e4318b-d231-4207-b616-b46b9865b829}::m_d5d08074046044fd8de80dd0b138076e xor <null> call System.String UNcXSUXBbyRICixbFmo.AEwcoTXClCs7qI5wLbT::RdcXxU3ohu(System.Int32) newobj System.Void aQpGsvhoGmWI4VEF1Qd.rrNGSMhwdRv5bTrueeB::.ctor(System.String) call System.Void aQpGsvhoGmWI4VEF1Qd.rrNGSMhwdRv5bTrueeB::gq5hQskDEd() ldc.i4 4 stloc V_0 br IL_000E: ldloc V_0 newobj System.Void yQqCleIwuxJICoW91CM.NxZjifIRGCOW2rYEIRL::.ctor() pop <null> ldc.i4 3 br IL_0012: switch(IL_005C,IL_0090,IL_00A0,IL_0031,IL_0030) call System.Void hG2l8xFyBpBTBYtshlZ.QWVoG2FBmYMZJ6ydO7n::piU1t4wBGYp() ldc.i4 1 ldsfld <Module>{44e4318b-d231-4207-b616-b46b9865b829} <Module>{44e4318b-d231-4207-b616-b46b9865b829}::m_c207eebef89c4c2daae5ee746776076a ldfld System.Int32 <Module>{44e4318b-d231-4207-b616-b46b9865b829}::m_b7ce780561cc47c5a7b9413190f717a6 brtrue IL_0012: switch(IL_005C,IL_0090,IL_00A0,IL_0031,IL_0030) pop <null> ldc.i4 0 br IL_0012: switch(IL_005C,IL_0090,IL_00A0,IL_0031,IL_0030) |
| Module Name | pxqDsBPmp0nY |
| Full Name | pxqDsBPmp0nY |
| EntryPoint | System.Void PZSHbx3Z3Yo2GoLoQTh.Cj8lue3sqpKHPKiHgjx::IqQ37kxWAo() |
| Scope Name | pxqDsBPmp0nY |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | SGxDUr5uRrbW2X9YcTIdUkMi5E |
| Assembly Version | 4.1.5.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.0 |
| Total Strings | 47 |
| Main Method | System.Void PZSHbx3Z3Yo2GoLoQTh.Cj8lue3sqpKHPKiHgjx::IqQ37kxWAo() |
| Main IL Instruction Count | 43 |
| Main IL | ldc.i4 2 stloc V_0 br IL_000E: ldloc V_0 ldloc V_0 switch dnlib.DotNet.Emit.Instruction[] br IL_005C: ldc.i4 2095465609 ret <null> ldnull <null> ldnull <null> newobj System.Void sKK7vOZJkSTX75mk9xO.Yb6766ZNyZZT6Y7Q8a9::.ctor(System.String,System.String) call System.Void cBfbUU1pHFoxl3gEGLW.EQXJ7w1315eQLwsH4ii::e0n1dxsKfB(sKK7vOZJkSTX75mk9xO.Yb6766ZNyZZT6Y7Q8a9) ldc.i4 0 ldsfld <Module>{44e4318b-d231-4207-b616-b46b9865b829} <Module>{44e4318b-d231-4207-b616-b46b9865b829}::m_c207eebef89c4c2daae5ee746776076a ldfld System.Int32 <Module>{44e4318b-d231-4207-b616-b46b9865b829}::m_de81ef26954b4c88a2260c8e2dacc854 brfalse IL_0012: switch(IL_005C,IL_0090,IL_00A0,IL_0031,IL_0030) pop <null> ldc.i4 0 br IL_0012: switch(IL_005C,IL_0090,IL_00A0,IL_0031,IL_0030) ldc.i4 2095465609 neg <null> ldc.i4 -626326929 xor <null> ldsfld <Module>{44e4318b-d231-4207-b616-b46b9865b829} <Module>{44e4318b-d231-4207-b616-b46b9865b829}::m_c207eebef89c4c2daae5ee746776076a ldfld System.Int32 <Module>{44e4318b-d231-4207-b616-b46b9865b829}::m_d5d08074046044fd8de80dd0b138076e xor <null> call System.String UNcXSUXBbyRICixbFmo.AEwcoTXClCs7qI5wLbT::RdcXxU3ohu(System.Int32) newobj System.Void aQpGsvhoGmWI4VEF1Qd.rrNGSMhwdRv5bTrueeB::.ctor(System.String) call System.Void aQpGsvhoGmWI4VEF1Qd.rrNGSMhwdRv5bTrueeB::gq5hQskDEd() ldc.i4 4 stloc V_0 br IL_000E: ldloc V_0 newobj System.Void yQqCleIwuxJICoW91CM.NxZjifIRGCOW2rYEIRL::.ctor() pop <null> ldc.i4 3 br IL_0012: switch(IL_005C,IL_0090,IL_00A0,IL_0031,IL_0030) call System.Void hG2l8xFyBpBTBYtshlZ.QWVoG2FBmYMZJ6ydO7n::piU1t4wBGYp() ldc.i4 1 ldsfld <Module>{44e4318b-d231-4207-b616-b46b9865b829} <Module>{44e4318b-d231-4207-b616-b46b9865b829}::m_c207eebef89c4c2daae5ee746776076a ldfld System.Int32 <Module>{44e4318b-d231-4207-b616-b46b9865b829}::m_b7ce780561cc47c5a7b9413190f717a6 brtrue IL_0012: switch(IL_005C,IL_0090,IL_00A0,IL_0031,IL_0030) pop <null> ldc.i4 0 br IL_0012: switch(IL_005C,IL_0090,IL_00A0,IL_0031,IL_0030) |