3a5e1ff720c9c6de257905a73f59766e
PE Executable | MD5: 3a5e1ff720c9c6de257905a73f59766e | Size: 84.48 KB | application/x-dosexec
Symbol Ofbuscation Score
|
Hash | Hash Value |
|---|---|
| MD5 | 3a5e1ff720c9c6de257905a73f59766e
|
| Sha1 | a5961bdd7328e4890cec0aedc3bb93b5dc0f0b77
|
| Sha256 | c9fdf75ee50ce4d77a861a8d166b9675ee935b7872b7f8d9fc55fa3b782dcb9f
|
| Sha384 | 893b18d064220abb26bc90ad49803cd1b93f330164a74f96c06149d4996ea761f819d73074494146dcc9f09d020cf1ba
|
| Sha512 | 4bc553f89afd503baa81c590fe736961ff2051e6e0c6c80a666877551a2f34f03e0cad980b2ab1a194c5501c794abc78c2705e59fe2fd93f3fedfb4ef90a7ab9
|
| SSDeep | 1536:OmeGLsVlBeTrWu+YTxHilfcGqYh8pJYuNmvuDFFJF6cjdBrJHvQv2tzBrdxop0T:1tm0u4xjzmvuD9QC1vK2ZBrdIg
|
| TLSH | 6683C407BA0B8EB2C6449B7AC59745100367DB81B793D61A79CF23DA19C37FAC94027B
|
PeID
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Module Name | Ghlio |
| Full Name | Ghlio |
| EntryPoint | System.Void Ghlio.Matching.RemoteMatcher::ValidatePortableMatcher() |
| Scope Name | Ghlio |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Ghlio |
| Assembly Version | 1.0.5494.25270 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.6 |
| Total Strings | 0 |
| Main Method | System.Void Ghlio.Matching.RemoteMatcher::ValidatePortableMatcher() |
| Main IL Instruction Count | 101 |
| Main IL | ldc.i4 1 stloc V_3 br IL_000E: ldloc V_3 ldloc V_3 switch dnlib.DotNet.Emit.Instruction[] br IL_0086: ldc.i4 -1074851512 ldc.i4 -1074851477 call System.String Ghlio.Elements.ElementRecord::AccessActiveElement(System.Int32) stloc.s V_2 ldc.i4 4 ldsfld <Module>{b01ccd81-9672-4541-bd15-f5cdf1f6c437} <Module>{b01ccd81-9672-4541-bd15-f5cdf1f6c437}::m_dde40ca473644a8c97d5eb336aa367f5 ldfld System.Int32 <Module>{b01ccd81-9672-4541-bd15-f5cdf1f6c437}::m_e05eeda5c7da48c091792e8eef5437c7 brtrue IL_0012: switch(IL_0086,IL_005F,IL_0034,IL_0085,IL_00B1,IL_00CC) pop <null> ldc.i4 1 br IL_0012: switch(IL_0086,IL_005F,IL_0034,IL_0085,IL_00B1,IL_00CC) newobj System.Void Ghlio.Matching.RemoteMatcher/RemoteEvaluator::.ctor() stloc.s V_0 ldc.i4 0 ldsfld <Module>{b01ccd81-9672-4541-bd15-f5cdf1f6c437} <Module>{b01ccd81-9672-4541-bd15-f5cdf1f6c437}::m_dde40ca473644a8c97d5eb336aa367f5 ldfld System.Int32 <Module>{b01ccd81-9672-4541-bd15-f5cdf1f6c437}::m_5afb72db98704418b0e953ea7c5d910a brtrue IL_0012: switch(IL_0086,IL_005F,IL_0034,IL_0085,IL_00B1,IL_00CC) pop <null> ldc.i4 0 br IL_0012: switch(IL_0086,IL_005F,IL_0034,IL_0085,IL_00B1,IL_00CC) ret <null> ldc.i4 -1074851512 call System.String Ghlio.Elements.ElementRecord::AccessActiveElement(System.Int32) stloc.s V_1 ldc.i4 2 ldsfld <Module>{b01ccd81-9672-4541-bd15-f5cdf1f6c437} <Module>{b01ccd81-9672-4541-bd15-f5cdf1f6c437}::m_dde40ca473644a8c97d5eb336aa367f5 ldfld System.Int32 <Module>{b01ccd81-9672-4541-bd15-f5cdf1f6c437}::m_e0b173ffd48d413fa756712988526298 brtrue IL_0012: switch(IL_0086,IL_005F,IL_0034,IL_0085,IL_00B1,IL_00CC) pop <null> ldc.i4 1 br IL_0012: switch(IL_0086,IL_005F,IL_0034,IL_0085,IL_00B1,IL_00CC) ldsfld System.Func`1<System.Byte[]> Ghlio.Matching.RemoteMatcher/CalculatorProcessor::processorSingleton dup <null> brfalse IL_00C1: pop br IL_00E2: newobj System.Void Ghlio.Evaluation.UserEvaluator::.ctor(System.Func`1<System.Byte[]>) pop <null> ldc.i4 5 br IL_0012: switch(IL_0086,IL_005F,IL_0034,IL_0085,IL_00B1,IL_00CC) ldsfld System.Object Ghlio.Matching.RemoteMatcher/CalculatorProcessor::_ProcessorProvider ldftn System.Byte[] Ghlio.Matching.RemoteMatcher/CalculatorProcessor::InterruptProcessor() newobj System.Void System.Func`1<System.Byte[]>::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Func`1<System.Byte[]> Ghlio.Matching.RemoteMatcher/CalculatorProcessor::processorSingleton newobj System.Void Ghlio.Evaluation.UserEvaluator::.ctor(System.Func`1<System.Byte[]>) ldloc.s V_0 ldloc.s V_1 ldloc.s V_2 newobj System.Void Ghlio.Execution.ScopeRunner::.ctor(System.String,System.String) stfld System.Object Ghlio.Matching.RemoteMatcher/RemoteEvaluator::_FilterEvaluator ldloc.s V_0 newobj System.Void Ghlio.Evaluation.EvaluatorMatcher::.ctor() stfld System.Object Ghlio.Matching.RemoteMatcher/RemoteEvaluator::_CustomizableEvaluator ldloc.s V_0 ldc.i4 -1074851458 call System.String Ghlio.Elements.ElementRecord::AccessActiveElement(System.Int32) ldc.i4 -1074851670 call System.String Ghlio.Elements.ElementRecord::AccessActiveElement(System.Int32) newobj System.Void Ghlio.Management.EditableManager::.ctor(System.String,System.String) stfld System.Object Ghlio.Matching.RemoteMatcher/RemoteEvaluator::evaluatorVerifier dup <null> ldloc.s V_0 ldftn System.Void Ghlio.Matching.RemoteMatcher/RemoteEvaluator::EvaluateJoinedEvaluator(System.IO.MemoryStream) newobj System.Void System.Action`1<System.IO.MemoryStream>::.ctor(System.Object,System.IntPtr) callvirt System.Void Ghlio.Evaluation.UserEvaluator::HandleRandomEvaluator(System.Action`1<System.IO.MemoryStream>) ldloc.s V_0 ldfld System.Object Ghlio.Matching.RemoteMatcher/RemoteEvaluator::_FilterEvaluator ldloc.s V_0 ldftn System.Void Ghlio.Matching.RemoteMatcher/RemoteEvaluator::EvaluateTransferableEvaluator(System.IO.MemoryStream) newobj System.Void System.Action`1<System.IO.MemoryStream>::.ctor(System.Object,System.IntPtr) callvirt System.Void Ghlio.Execution.ScopeRunner::DeleteRunner(System.Action`1<System.IO.MemoryStream>) ldloc.s V_0 ldfld System.Object Ghlio.Matching.RemoteMatcher/RemoteEvaluator::_CustomizableEvaluator ldloc.s V_0 ldftn System.Void Ghlio.Matching.RemoteMatcher/RemoteEvaluator::HandleSeparatedEvaluator(System.Reflection.Assembly) newobj System.Void System.Action`1<System.Reflection.Assembly>::.ctor(System.Object,System.IntPtr) callvirt System.Void Ghlio.Evaluation.EvaluatorMatcher::EvaluateLogicalEvaluator(System.Action`1<System.Reflection.Assembly>) ldloc.s V_0 ldfld System.Object Ghlio.Matching.RemoteMatcher/RemoteEvaluator::evaluatorVerifier ldsfld System.Object Ghlio.Matching.RemoteMatcher/CalculatorProcessor::_CacheBuffer dup <null> brtrue IL_0191: callvirt System.Void Ghlio.Management.EditableManager::RecordGroupedManager(System.Action) pop <null> ldsfld System.Object Ghlio.Matching.RemoteMatcher/CalculatorProcessor::_ProcessorProvider ldftn System.Void Ghlio.Matching.RemoteMatcher/CalculatorProcessor::MergeProcessor() newobj System.Void System.Action::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Object Ghlio.Matching.RemoteMatcher/CalculatorProcessor::_CacheBuffer callvirt System.Void Ghlio.Management.EditableManager::RecordGroupedManager(System.Action) callvirt System.Void Ghlio.Evaluation.UserEvaluator::HandleVisibleEvaluator() ldc.i4 1 ldsfld <Module>{b01ccd81-9672-4541-bd15-f5cdf1f6c437} <Module>{b01ccd81-9672-4541-bd15-f5cdf1f6c437}::m_dde40ca473644a8c97d5eb336aa367f5 ldfld System.Int32 <Module>{b01ccd81-9672-4541-bd15-f5cdf1f6c437}::m_371f5c0717b4437e88e9563816936f9f brtrue IL_0012: switch(IL_0086,IL_005F,IL_0034,IL_0085,IL_00B1,IL_00CC) pop <null> ldc.i4 3 br IL_0012: switch(IL_0086,IL_005F,IL_0034,IL_0085,IL_00B1,IL_00CC) |
| Module Name | Ghlio |
| Full Name | Ghlio |
| EntryPoint | System.Void Ghlio.Matching.RemoteMatcher::ValidatePortableMatcher() |
| Scope Name | Ghlio |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Ghlio |
| Assembly Version | 1.0.5494.25270 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.6 |
| Total Strings | 0 |
| Main Method | System.Void Ghlio.Matching.RemoteMatcher::ValidatePortableMatcher() |
| Main IL Instruction Count | 101 |
| Main IL | ldc.i4 1 stloc V_3 br IL_000E: ldloc V_3 ldloc V_3 switch dnlib.DotNet.Emit.Instruction[] br IL_0086: ldc.i4 -1074851512 ldc.i4 -1074851477 call System.String Ghlio.Elements.ElementRecord::AccessActiveElement(System.Int32) stloc.s V_2 ldc.i4 4 ldsfld <Module>{b01ccd81-9672-4541-bd15-f5cdf1f6c437} <Module>{b01ccd81-9672-4541-bd15-f5cdf1f6c437}::m_dde40ca473644a8c97d5eb336aa367f5 ldfld System.Int32 <Module>{b01ccd81-9672-4541-bd15-f5cdf1f6c437}::m_e05eeda5c7da48c091792e8eef5437c7 brtrue IL_0012: switch(IL_0086,IL_005F,IL_0034,IL_0085,IL_00B1,IL_00CC) pop <null> ldc.i4 1 br IL_0012: switch(IL_0086,IL_005F,IL_0034,IL_0085,IL_00B1,IL_00CC) newobj System.Void Ghlio.Matching.RemoteMatcher/RemoteEvaluator::.ctor() stloc.s V_0 ldc.i4 0 ldsfld <Module>{b01ccd81-9672-4541-bd15-f5cdf1f6c437} <Module>{b01ccd81-9672-4541-bd15-f5cdf1f6c437}::m_dde40ca473644a8c97d5eb336aa367f5 ldfld System.Int32 <Module>{b01ccd81-9672-4541-bd15-f5cdf1f6c437}::m_5afb72db98704418b0e953ea7c5d910a brtrue IL_0012: switch(IL_0086,IL_005F,IL_0034,IL_0085,IL_00B1,IL_00CC) pop <null> ldc.i4 0 br IL_0012: switch(IL_0086,IL_005F,IL_0034,IL_0085,IL_00B1,IL_00CC) ret <null> ldc.i4 -1074851512 call System.String Ghlio.Elements.ElementRecord::AccessActiveElement(System.Int32) stloc.s V_1 ldc.i4 2 ldsfld <Module>{b01ccd81-9672-4541-bd15-f5cdf1f6c437} <Module>{b01ccd81-9672-4541-bd15-f5cdf1f6c437}::m_dde40ca473644a8c97d5eb336aa367f5 ldfld System.Int32 <Module>{b01ccd81-9672-4541-bd15-f5cdf1f6c437}::m_e0b173ffd48d413fa756712988526298 brtrue IL_0012: switch(IL_0086,IL_005F,IL_0034,IL_0085,IL_00B1,IL_00CC) pop <null> ldc.i4 1 br IL_0012: switch(IL_0086,IL_005F,IL_0034,IL_0085,IL_00B1,IL_00CC) ldsfld System.Func`1<System.Byte[]> Ghlio.Matching.RemoteMatcher/CalculatorProcessor::processorSingleton dup <null> brfalse IL_00C1: pop br IL_00E2: newobj System.Void Ghlio.Evaluation.UserEvaluator::.ctor(System.Func`1<System.Byte[]>) pop <null> ldc.i4 5 br IL_0012: switch(IL_0086,IL_005F,IL_0034,IL_0085,IL_00B1,IL_00CC) ldsfld System.Object Ghlio.Matching.RemoteMatcher/CalculatorProcessor::_ProcessorProvider ldftn System.Byte[] Ghlio.Matching.RemoteMatcher/CalculatorProcessor::InterruptProcessor() newobj System.Void System.Func`1<System.Byte[]>::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Func`1<System.Byte[]> Ghlio.Matching.RemoteMatcher/CalculatorProcessor::processorSingleton newobj System.Void Ghlio.Evaluation.UserEvaluator::.ctor(System.Func`1<System.Byte[]>) ldloc.s V_0 ldloc.s V_1 ldloc.s V_2 newobj System.Void Ghlio.Execution.ScopeRunner::.ctor(System.String,System.String) stfld System.Object Ghlio.Matching.RemoteMatcher/RemoteEvaluator::_FilterEvaluator ldloc.s V_0 newobj System.Void Ghlio.Evaluation.EvaluatorMatcher::.ctor() stfld System.Object Ghlio.Matching.RemoteMatcher/RemoteEvaluator::_CustomizableEvaluator ldloc.s V_0 ldc.i4 -1074851458 call System.String Ghlio.Elements.ElementRecord::AccessActiveElement(System.Int32) ldc.i4 -1074851670 call System.String Ghlio.Elements.ElementRecord::AccessActiveElement(System.Int32) newobj System.Void Ghlio.Management.EditableManager::.ctor(System.String,System.String) stfld System.Object Ghlio.Matching.RemoteMatcher/RemoteEvaluator::evaluatorVerifier dup <null> ldloc.s V_0 ldftn System.Void Ghlio.Matching.RemoteMatcher/RemoteEvaluator::EvaluateJoinedEvaluator(System.IO.MemoryStream) newobj System.Void System.Action`1<System.IO.MemoryStream>::.ctor(System.Object,System.IntPtr) callvirt System.Void Ghlio.Evaluation.UserEvaluator::HandleRandomEvaluator(System.Action`1<System.IO.MemoryStream>) ldloc.s V_0 ldfld System.Object Ghlio.Matching.RemoteMatcher/RemoteEvaluator::_FilterEvaluator ldloc.s V_0 ldftn System.Void Ghlio.Matching.RemoteMatcher/RemoteEvaluator::EvaluateTransferableEvaluator(System.IO.MemoryStream) newobj System.Void System.Action`1<System.IO.MemoryStream>::.ctor(System.Object,System.IntPtr) callvirt System.Void Ghlio.Execution.ScopeRunner::DeleteRunner(System.Action`1<System.IO.MemoryStream>) ldloc.s V_0 ldfld System.Object Ghlio.Matching.RemoteMatcher/RemoteEvaluator::_CustomizableEvaluator ldloc.s V_0 ldftn System.Void Ghlio.Matching.RemoteMatcher/RemoteEvaluator::HandleSeparatedEvaluator(System.Reflection.Assembly) newobj System.Void System.Action`1<System.Reflection.Assembly>::.ctor(System.Object,System.IntPtr) callvirt System.Void Ghlio.Evaluation.EvaluatorMatcher::EvaluateLogicalEvaluator(System.Action`1<System.Reflection.Assembly>) ldloc.s V_0 ldfld System.Object Ghlio.Matching.RemoteMatcher/RemoteEvaluator::evaluatorVerifier ldsfld System.Object Ghlio.Matching.RemoteMatcher/CalculatorProcessor::_CacheBuffer dup <null> brtrue IL_0191: callvirt System.Void Ghlio.Management.EditableManager::RecordGroupedManager(System.Action) pop <null> ldsfld System.Object Ghlio.Matching.RemoteMatcher/CalculatorProcessor::_ProcessorProvider ldftn System.Void Ghlio.Matching.RemoteMatcher/CalculatorProcessor::MergeProcessor() newobj System.Void System.Action::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Object Ghlio.Matching.RemoteMatcher/CalculatorProcessor::_CacheBuffer callvirt System.Void Ghlio.Management.EditableManager::RecordGroupedManager(System.Action) callvirt System.Void Ghlio.Evaluation.UserEvaluator::HandleVisibleEvaluator() ldc.i4 1 ldsfld <Module>{b01ccd81-9672-4541-bd15-f5cdf1f6c437} <Module>{b01ccd81-9672-4541-bd15-f5cdf1f6c437}::m_dde40ca473644a8c97d5eb336aa367f5 ldfld System.Int32 <Module>{b01ccd81-9672-4541-bd15-f5cdf1f6c437}::m_371f5c0717b4437e88e9563816936f9f brtrue IL_0012: switch(IL_0086,IL_005F,IL_0034,IL_0085,IL_00B1,IL_00CC) pop <null> ldc.i4 3 br IL_0012: switch(IL_0086,IL_005F,IL_0034,IL_0085,IL_00B1,IL_00CC) |