Symbol Obfuscation Score
|
Hash | Hash Value |
|---|---|
| MD5 | 3ae8fdf004fe0a118d8cc11d6b773a25
|
| Sha1 | 3cbcd316504a68b85e4b1d04c29ae3fa25b1362a
|
| Sha256 | ab6ff7a7995de4441bf81d6eae1e9f3efe19ee655e1f6f1b6a927ee40bfd4b1d
|
| Sha384 | eb820c764499feaa6d8ca5449169f4c05dc6e32bf69679ff6fc2a4cfe158885898bfbfa04c2ec5730e53389477ca7668
|
| Sha512 | 2ec7c2391268b5b259f67d0bff2ddc3b19fe697f6ea01be2d60688582818fd7b0ea444ffda7f35d77e67c02c0fd55398faad9101a1022599d0fc96a53fc19241
|
| SSDeep | 12288:HD1Zf0JRJYA5Wa5ayPKWcSNeL4WZ4ec3LApV:HLsJXYC0ZS3WZ43LA/
|
| TLSH | C4E4AEA776634E21D2481377D0CB9980A7B49645B5A3FB0F728423E254473EEDE0B6E3
|
PeID
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Module Name | Jpkwf.exe |
| Full Name | Jpkwf.exe |
| EntryPoint | System.Void Cm5KDAo6abPuXm7tSb.aZ0cFQnOR2K9m5gts7::jNQ8FfOR2() |
| Scope Name | Jpkwf.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Jpkwf |
| Assembly Version | 1.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.0 |
| Total Strings | 43 |
| Main Method | System.Void Cm5KDAo6abPuXm7tSb.aZ0cFQnOR2K9m5gts7::jNQ8FfOR2() |
| Main IL Instruction Count | 58 |
| Main IL | ldc.i4 1 stloc V_2 ldloc V_2 switch dnlib.DotNet.Emit.Instruction[] ldloc V_2 ldc.i4 989 beq IL_0009: ldloc V_2 br IL_002E: nop ret <null> nop <null> newobj System.Void pttRGAshtKSYRlrMgJ.lJZ1FBHAod6bN2iL8l::.ctor() ldsfld s0R57C98KcO256TYa9t s0R57C98KcO256TYa9t::Bvf97wwmP2 call System.Boolean s0R57C98KcO256TYa9t::xBe99n5tqQ(System.Object,s0R57C98KcO256TYa9t) brtrue IL_0096: leave IL_002D ldc.i4 4 ldsfld <Module>{44591267-250a-49fe-a783-f8390ef47e97} <Module>{44591267-250a-49fe-a783-f8390ef47e97}::m_d49fc03a0117481fa1fe7c3ab913e74e ldfld System.Int32 <Module>{44591267-250a-49fe-a783-f8390ef47e97}::m_18e1da048f8a4e24860a8a2a5510c76f brfalse IL_0074: switch(IL_0090) pop <null> ldc.i4 0 br IL_0074: switch(IL_0090) br IL_0070: ldloc V_0 ldc.i4 0 stloc V_0 ldloc V_0 switch dnlib.DotNet.Emit.Instruction[] ldloc V_0 ldc.i4 988 beq IL_0070: ldloc V_0 br IL_0090: newobj System.Void System.InvalidOperationException::.ctor() newobj System.Void System.InvalidOperationException::.ctor() throw <null> leave IL_002D: ret pop <null> ldc.i4 0 ldsfld <Module>{44591267-250a-49fe-a783-f8390ef47e97} <Module>{44591267-250a-49fe-a783-f8390ef47e97}::m_d49fc03a0117481fa1fe7c3ab913e74e ldfld System.Int32 <Module>{44591267-250a-49fe-a783-f8390ef47e97}::m_5bf3ee28cd5847fb80c23f0b535c9849 brtrue IL_00CD: switch(IL_00E9) pop <null> ldc.i4 5 br IL_00CD: switch(IL_00E9) br IL_00C9: ldloc V_1 ldc.i4 0 stloc V_1 ldloc V_1 switch dnlib.DotNet.Emit.Instruction[] ldloc V_1 ldc.i4 988 beq IL_00C9: ldloc V_1 br IL_00E9: leave IL_002D leave IL_002D: ret ldc.i4 6 ldsfld <Module>{44591267-250a-49fe-a783-f8390ef47e97} <Module>{44591267-250a-49fe-a783-f8390ef47e97}::m_d49fc03a0117481fa1fe7c3ab913e74e ldfld System.Int32 <Module>{44591267-250a-49fe-a783-f8390ef47e97}::m_b5350b703565450cbc81650aab3bfb3f brfalse IL_000D: switch(IL_002D,IL_002E) pop <null> ldc.i4 0 br IL_000D: switch(IL_002D,IL_002E) |
| Module Name | Jpkwf.exe |
| Full Name | Jpkwf.exe |
| EntryPoint | System.Void Cm5KDAo6abPuXm7tSb.aZ0cFQnOR2K9m5gts7::jNQ8FfOR2() |
| Scope Name | Jpkwf.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Jpkwf |
| Assembly Version | 1.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.0 |
| Total Strings | 43 |
| Main Method | System.Void Cm5KDAo6abPuXm7tSb.aZ0cFQnOR2K9m5gts7::jNQ8FfOR2() |
| Main IL Instruction Count | 58 |
| Main IL | ldc.i4 1 stloc V_2 ldloc V_2 switch dnlib.DotNet.Emit.Instruction[] ldloc V_2 ldc.i4 989 beq IL_0009: ldloc V_2 br IL_002E: nop ret <null> nop <null> newobj System.Void pttRGAshtKSYRlrMgJ.lJZ1FBHAod6bN2iL8l::.ctor() ldsfld s0R57C98KcO256TYa9t s0R57C98KcO256TYa9t::Bvf97wwmP2 call System.Boolean s0R57C98KcO256TYa9t::xBe99n5tqQ(System.Object,s0R57C98KcO256TYa9t) brtrue IL_0096: leave IL_002D ldc.i4 4 ldsfld <Module>{44591267-250a-49fe-a783-f8390ef47e97} <Module>{44591267-250a-49fe-a783-f8390ef47e97}::m_d49fc03a0117481fa1fe7c3ab913e74e ldfld System.Int32 <Module>{44591267-250a-49fe-a783-f8390ef47e97}::m_18e1da048f8a4e24860a8a2a5510c76f brfalse IL_0074: switch(IL_0090) pop <null> ldc.i4 0 br IL_0074: switch(IL_0090) br IL_0070: ldloc V_0 ldc.i4 0 stloc V_0 ldloc V_0 switch dnlib.DotNet.Emit.Instruction[] ldloc V_0 ldc.i4 988 beq IL_0070: ldloc V_0 br IL_0090: newobj System.Void System.InvalidOperationException::.ctor() newobj System.Void System.InvalidOperationException::.ctor() throw <null> leave IL_002D: ret pop <null> ldc.i4 0 ldsfld <Module>{44591267-250a-49fe-a783-f8390ef47e97} <Module>{44591267-250a-49fe-a783-f8390ef47e97}::m_d49fc03a0117481fa1fe7c3ab913e74e ldfld System.Int32 <Module>{44591267-250a-49fe-a783-f8390ef47e97}::m_5bf3ee28cd5847fb80c23f0b535c9849 brtrue IL_00CD: switch(IL_00E9) pop <null> ldc.i4 5 br IL_00CD: switch(IL_00E9) br IL_00C9: ldloc V_1 ldc.i4 0 stloc V_1 ldloc V_1 switch dnlib.DotNet.Emit.Instruction[] ldloc V_1 ldc.i4 988 beq IL_00C9: ldloc V_1 br IL_00E9: leave IL_002D leave IL_002D: ret ldc.i4 6 ldsfld <Module>{44591267-250a-49fe-a783-f8390ef47e97} <Module>{44591267-250a-49fe-a783-f8390ef47e97}::m_d49fc03a0117481fa1fe7c3ab913e74e ldfld System.Int32 <Module>{44591267-250a-49fe-a783-f8390ef47e97}::m_b5350b703565450cbc81650aab3bfb3f brfalse IL_000D: switch(IL_002D,IL_002E) pop <null> ldc.i4 0 br IL_000D: switch(IL_002D,IL_002E) |