General
Structural Analysis
Config.0
Yara Rules14
Sync
Community
Summary by MalvaGPT
Characteristics
Symbol Ofbuscation Score
Very low
|
Hash | Hash Value |
|---|---|
| MD5 | 38feb0f8f203d519b47ece44e10dbb03
|
| Sha1 | ae90d03f48eaf8507cd427a6e583dd198ff64e6c
|
| Sha256 | da829dd38edcb7df29f9b7926067515f07c8c70c8bdb932f56fa44b6de793e40
|
| Sha384 | a98da979abbaab2579b7dd003e5cdf689bb2e222fff70c6569708f7c1c355c5a882143504cf54c781556cb8a5a248507
|
| Sha512 | 0d1cb47a554376d6dcd1df318b266c442cc1ca635cdc86831b5ebf7d06a4dbebf80f94961f9142999107ec77a508274769163aa74ab69308de68b3194bc654a6
|
| SSDeep | 6144:X3JKPg/bO+YMus+BV6UMO+6UTvBJ1EWAxeoTCqkJdVx/SlECgS/F1RLfflUM4bkR:XT/bPkUUMnHRx/Sl6S/FDf+JtlbRod
|
| TLSH | 17B46C127BE8AD27D06F2375F4F20F5A83B0D589B226DB4F1580AAA91D83B460D117F7
|
PeID
.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
NAudio.Gui.Fader.resources
NAudio.Gui.PanSlider.resources
$this.DefaultModifiers
$this.GridSize
$this.Language
NAudio.Gui.VolumeSlider.resources
Informations
|
Name0 | Value |
|---|---|
| Module Name | Gbxagjtzt.exe |
| Full Name | Gbxagjtzt.exe |
| EntryPoint | System.Void Skjewibb.Fikihihdpqa::Main() |
| Scope Name | Gbxagjtzt.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Gbxagjtzt |
| Assembly Version | 1.0.6330.29536 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.6 |
| Total Strings | 1002 |
| Main Method | System.Void Skjewibb.Fikihihdpqa::Main() |
| Main IL Instruction Count | 2 |
| Main IL | call System.Void Skjewibb.Ncrteywck::Jgrzcgkw() ret <null> |
| Module Name | Gbxagjtzt.exe |
| Full Name | Gbxagjtzt.exe |
| EntryPoint | System.Void Skjewibb.Fikihihdpqa::Main() |
| Scope Name | Gbxagjtzt.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Gbxagjtzt |
| Assembly Version | 1.0.6330.29536 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.6 |
| Total Strings | 1002 |
| Main Method | System.Void Skjewibb.Fikihihdpqa::Main() |
| Main IL Instruction Count | 2 |
| Main IL | call System.Void Skjewibb.Ncrteywck::Jgrzcgkw() ret <null> |
Artefacts
|
Name0 | Value |
|---|---|
| Embedded Resources | 6 |
| Suspicious Type Names (1-2 chars) | 0 |
38feb0f8f203d519b47ece44e10dbb03 (500.22 KB)
File Structure
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
NAudio.Gui.Fader.resources
NAudio.Gui.PanSlider.resources
$this.DefaultModifiers
$this.GridSize
$this.Language
NAudio.Gui.VolumeSlider.resources
Characteristics
No malware configuration were found at this point.
Artefacts
|
Name0 | Value | Location |
|---|---|---|
| Embedded Resources | 6 |
38feb0f8f203d519b47ece44e10dbb03 |
| Suspicious Type Names (1-2 chars) | 0 |
38feb0f8f203d519b47ece44e10dbb03 |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.