Suspicious
Suspect

3e14a809577a4b893312a88f713a5492

PE Executable
|
MD5: 3e14a809577a4b893312a88f713a5492
|
Size: 20.99 KB
|
application/x-dosexec


Print
General
Structural Analysis
Config.0
Yara Rules12
Sync
Community
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Medium

Hash
Hash Value
MD5
3e14a809577a4b893312a88f713a5492
Sha1
6c7d60d64cc4bafc749d696daddcf82065ebb67e
Sha256
a2baa23bbe548f06cf0ae0f0487cf55bbec120d7d36d7d4eeaafe3ba3397faee
Sha384
56608ec6f3e52f37a5d56e3f0d1e1ff7c5679e7d3efdcff12ad055cc1ca47415a4df2af2ca5d19dbca4342f706a25db2
Sha512
0e9e0340b3be982672abc1c16d8e6e5bc36a3ece38b301487d104a39708cc913312ad575d7566d8cf26807d051a413cf1d4ea44cf9eaeeaefdbce5df1ddd0ddb
SSDeep
384:w7+iAthvMchdvP8tPYDTUGwFqxH3PfkF9XBO4mm7rh/8u/:lt1f7X0EUGwFIHfje3/
TLSH
76928D42EB85C377D67E0B3BA8B3C3310394E7C965838B1B6999340B2D623945D63BA5

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0-preview.png
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
Informations
Name
Value
Info

PE Detect: PeReader OK (file layout)

Module Name

Ogwuhqy.exe

Full Name

Ogwuhqy.exe

EntryPoint

System.Void Gkltl.Cekxrr::Main()

Scope Name

Ogwuhqy.exe

Scope Type

ModuleDef

Kind

Windows

Runtime Version

v4.0.30319

Tables Header Version

512

WinMD Version

<null>

Assembly Name

Ogwuhqy

Assembly Version

1.0.4553.7786

Assembly Culture

<null>

Has PublicKey

False

PublicKey Token

<null>

Target Framework

.NETFramework,Version=v4.5

Total Strings

5

Main Method

System.Void Gkltl.Cekxrr::Main()

Main IL Instruction Count

21

Main IL

nop <null> ldc.i4 3072 call System.Void System.Net.ServicePointManager::set_SecurityProtocol(System.Net.SecurityProtocolType) nop <null> nop <null> newobj System.Void Gkltl.Wpxoy::.ctor() stloc.0 <null> ldloc.0 <null> ldnull <null> ldstr 6BZU2r9cfh7XsBBl/kB6iA== ldstr vkZEjwGk22A6IQZhSX.CkVTO0VtRTUq77K4ee ldstr K5neKsfIM callvirt System.Void Gkltl.Wpxoy::Fyndfkyc(System.String,System.String,System.String,System.String) nop <null> nop <null> leave IL_0038: ret pop <null> nop <null> nop <null> leave IL_0038: ret ret <null>

Module Name

Ogwuhqy.exe

Full Name

Ogwuhqy.exe

EntryPoint

System.Void Gkltl.Cekxrr::Main()

Scope Name

Ogwuhqy.exe

Scope Type

ModuleDef

Kind

Windows

Runtime Version

v4.0.30319

Tables Header Version

512

WinMD Version

<null>

Assembly Name

Ogwuhqy

Assembly Version

1.0.4553.7786

Assembly Culture

<null>

Has PublicKey

False

PublicKey Token

<null>

Target Framework

.NETFramework,Version=v4.5

Total Strings

5

Main Method

System.Void Gkltl.Cekxrr::Main()

Main IL Instruction Count

21

Main IL

nop <null> ldc.i4 3072 call System.Void System.Net.ServicePointManager::set_SecurityProtocol(System.Net.SecurityProtocolType) nop <null> nop <null> newobj System.Void Gkltl.Wpxoy::.ctor() stloc.0 <null> ldloc.0 <null> ldnull <null> ldstr 6BZU2r9cfh7XsBBl/kB6iA== ldstr vkZEjwGk22A6IQZhSX.CkVTO0VtRTUq77K4ee ldstr K5neKsfIM callvirt System.Void Gkltl.Wpxoy::Fyndfkyc(System.String,System.String,System.String,System.String) nop <null> nop <null> leave IL_0038: ret pop <null> nop <null> nop <null> leave IL_0038: ret ret <null>

3e14a809577a4b893312a88f713a5492 (20.99 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙