3a2c0219ff5ce2e58109691cf20f51eb

PE Executable
|
MD5: 3a2c0219ff5ce2e58109691cf20f51eb
|
Size: 1.98 MB
|
application/x-dosexec

Infection Chain

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	3a2c0219ff5ce2e58109691cf20f51eb
Sha1	1a9ccb0f5eb138bbbf88afe63510e37eded413f2
Sha256	df66645cb25a87f72bdac4ee457e8b22aff036c2c6c2d3f1073088a96ecc1058
Sha384	8a02a62ad4c55a15e8752c2f670f0981dbc4e46a6181fcdf8b3d7a016f83d37eb2b2be711fe700d46dae07d2612d1aed
Sha512	85b2b75d6cf9d82d659409137fc4f79533d89263b5a258cf2998906b99b9bb8b0a16d20f0204f6d5ab22ac75f8da4137a1b777170413b00097372ab3a0fa5a38
SSDeep	49152:mfIW/a3a7anKy1S9/aOHRnMovgncO3JVO71O7t:mfIW/a3a7im/aOFgnRJK4
TLSH	D895F04B76594874C069A63EC5DB8519E3F578456323E78F39C813A60E133EAED2E383

PeID

.NET executable

Microsoft Visual C# / Basic .NET

Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL

Microsoft Visual C# v7.0 / Basic .NET

Microsoft Visual C++ v6.0 DLL

Microsoft Visual Studio .NET

File Structure

Informations

Name0	Value
Info	PE Detect: PeReader OK (file layout)
Info	PDB Path: Syntex Spoofer.pdb
Module Name	Syntex Spoofer.exe
Full Name	Syntex Spoofer.exe
EntryPoint	System.Void shtrVLnNFGkUlfnSl6.lwUSp2Q9YOZxnmDJjA::V7IPVoMJP()
Scope Name	Syntex Spoofer.exe
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	Syntex Spoofer
Assembly Version	1.0.0.0
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.8
Total Strings	44
Main Method	System.Void shtrVLnNFGkUlfnSl6.lwUSp2Q9YOZxnmDJjA::V7IPVoMJP()
Main IL Instruction Count	31
Main IL	ldc.i4 2 stloc V_0 br IL_000E: ldloc V_0 ldloc V_0 switch dnlib.DotNet.Emit.Instruction[] br IL_003F: ret call System.Void InaZvlyKsh9JMloMNN5.IQFyMByPpADLwLFSf9F::tdLRyu84nc() ldc.i4 4 br IL_0012: switch(IL_003F,IL_0040,IL_0050,IL_0030,IL_0074) ret <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) ldc.i4 3 br IL_0012: switch(IL_003F,IL_0040,IL_0050,IL_0030,IL_0074) call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4 1 ldsfld <Module>{ce1011b1-43ec-41e5-a50c-3371cc47829e} <Module>{ce1011b1-43ec-41e5-a50c-3371cc47829e}::m_fe5ba2a53ef940ec9057ae4e2fae8281 ldfld System.Int32 <Module>{ce1011b1-43ec-41e5-a50c-3371cc47829e}::m_2848777202514cd78e6cbcfbb1786d46 brtrue IL_0012: switch(IL_003F,IL_0040,IL_0050,IL_0030,IL_0074) pop <null> ldc.i4 0 br IL_0012: switch(IL_003F,IL_0040,IL_0050,IL_0030,IL_0074) newobj System.Void Syntex_Spoofer.Menu::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ldc.i4 0 ldsfld <Module>{ce1011b1-43ec-41e5-a50c-3371cc47829e} <Module>{ce1011b1-43ec-41e5-a50c-3371cc47829e}::m_fe5ba2a53ef940ec9057ae4e2fae8281 ldfld System.Int32 <Module>{ce1011b1-43ec-41e5-a50c-3371cc47829e}::m_fd521fe3de044b57910f3dcb735e02bf brtrue IL_0012: switch(IL_003F,IL_0040,IL_0050,IL_0030,IL_0074) pop <null> ldc.i4 0 br IL_0012: switch(IL_003F,IL_0040,IL_0050,IL_0030,IL_0074)
Module Name	Syntex Spoofer.exe
Full Name	Syntex Spoofer.exe
EntryPoint	System.Void shtrVLnNFGkUlfnSl6.lwUSp2Q9YOZxnmDJjA::V7IPVoMJP()
Scope Name	Syntex Spoofer.exe
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	Syntex Spoofer
Assembly Version	1.0.0.0
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.8
Total Strings	44
Main Method	System.Void shtrVLnNFGkUlfnSl6.lwUSp2Q9YOZxnmDJjA::V7IPVoMJP()
Main IL Instruction Count	31
Main IL	ldc.i4 2 stloc V_0 br IL_000E: ldloc V_0 ldloc V_0 switch dnlib.DotNet.Emit.Instruction[] br IL_003F: ret call System.Void InaZvlyKsh9JMloMNN5.IQFyMByPpADLwLFSf9F::tdLRyu84nc() ldc.i4 4 br IL_0012: switch(IL_003F,IL_0040,IL_0050,IL_0030,IL_0074) ret <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) ldc.i4 3 br IL_0012: switch(IL_003F,IL_0040,IL_0050,IL_0030,IL_0074) call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4 1 ldsfld <Module>{ce1011b1-43ec-41e5-a50c-3371cc47829e} <Module>{ce1011b1-43ec-41e5-a50c-3371cc47829e}::m_fe5ba2a53ef940ec9057ae4e2fae8281 ldfld System.Int32 <Module>{ce1011b1-43ec-41e5-a50c-3371cc47829e}::m_2848777202514cd78e6cbcfbb1786d46 brtrue IL_0012: switch(IL_003F,IL_0040,IL_0050,IL_0030,IL_0074) pop <null> ldc.i4 0 br IL_0012: switch(IL_003F,IL_0040,IL_0050,IL_0030,IL_0074) newobj System.Void Syntex_Spoofer.Menu::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ldc.i4 0 ldsfld <Module>{ce1011b1-43ec-41e5-a50c-3371cc47829e} <Module>{ce1011b1-43ec-41e5-a50c-3371cc47829e}::m_fe5ba2a53ef940ec9057ae4e2fae8281 ldfld System.Int32 <Module>{ce1011b1-43ec-41e5-a50c-3371cc47829e}::m_fd521fe3de044b57910f3dcb735e02bf brtrue IL_0012: switch(IL_003F,IL_0040,IL_0050,IL_0030,IL_0074) pop <null> ldc.i4 0 br IL_0012: switch(IL_003F,IL_0040,IL_0050,IL_0030,IL_0074)

3a2c0219ff5ce2e58109691cf20f51eb (1.98 MB)

3a2c0219ff5ce2e58109691cf20f51eb

PE Executable | MD5: 3a2c0219ff5ce2e58109691cf20f51eb | Size: 1.98 MB | application/x-dosexec

PE Executable
|
MD5: 3a2c0219ff5ce2e58109691cf20f51eb
|
Size: 1.98 MB
|
application/x-dosexec