Malicious
Malicious

424cdd6a0d3f3dd8417750d379cdc943

PE Executable
|
MD5: 424cdd6a0d3f3dd8417750d379cdc943
|
Size: 3.02 MB
|
application/x-dosexec

Print
Infection Chain
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
424cdd6a0d3f3dd8417750d379cdc943
Sha1
3e2b1ccb1d4e543c07fb6fd07006ba4b79aec076
Sha256
bb2153f4393601174d491f9be952ec246a4f77e67b46e0ad7983d7270436b8f1
Sha384
ad360de34d3b1517ba37f58487abc8fb9a240536075ac033748e0f2f4b9f65dfab0c500c663c4f1d53f3277d0d3cc0e1
Sha512
1104b68c663f484390ea8f80fdd4ea2d6669d244b254fd7c72b405d194e12281c9468f94318640f189a31b8a51623130e6eec7a7401f3f1e03b0f6b7c1f42c2e
SSDeep
49152:SI2q7mswm6BPiGif2iEY79rU/2i7vOWC5yIQC4KhgC4S3jxU:SI2im1iGi3nxO77via4
TLSH
D8E5E0417E04CE01F0181A37C3EF55588BB0995166AAE72B7CBA37BE25123A77C0D9DB

PeID

.NET executable
HQR data file
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
424cdd6a0d3f3dd8417750d379cdc943
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
Informations
Name
 Value
Module Name

QY1dx
Full Name

QY1dx
EntryPoint

System.Void JZ0ZMvB61rWR5HqsjQC.lRqqysBrXsOx2DBojMO::DCMlqnJ4Nx()
Scope Name

QY1dx
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

5v5NXyln8GqALMSXNxIL2SJQETgnRXuGum4ZoUNgl
Assembly Version

1.1.3.8
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

63
Main Method

System.Void JZ0ZMvB61rWR5HqsjQC.lRqqysBrXsOx2DBojMO::DCMlqnJ4Nx()
Main IL Instruction Count

14
Main IL

br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull call System.Void clONGBl5fj5g5UmCWDk.fNG4cqlX3Kmq4tgj9HO::kLjw4iIsCLsZtxc4lksN0j() nop <null> ldsfld System.Object JZ0ZMvB61rWR5HqsjQC.lRqqysBrXsOx2DBojMO::SAxlaBuX9E callvirt System.Void tJWglKBXdDVCodAqCop.RIlmf4B7k1gddVTuKWn::JXE3SSV1T7() nop <null> ret <null>
Module Name

QY1dx
Full Name

QY1dx
EntryPoint

System.Void JZ0ZMvB61rWR5HqsjQC.lRqqysBrXsOx2DBojMO::DCMlqnJ4Nx()
Scope Name

QY1dx
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

5v5NXyln8GqALMSXNxIL2SJQETgnRXuGum4ZoUNgl
Assembly Version

1.1.3.8
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

63
Main Method

System.Void JZ0ZMvB61rWR5HqsjQC.lRqqysBrXsOx2DBojMO::DCMlqnJ4Nx()
Main IL Instruction Count

14
Main IL

br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull call System.Void clONGBl5fj5g5UmCWDk.fNG4cqlX3Kmq4tgj9HO::kLjw4iIsCLsZtxc4lksN0j() nop <null> ldsfld System.Object JZ0ZMvB61rWR5HqsjQC.lRqqysBrXsOx2DBojMO::SAxlaBuX9E callvirt System.Void tJWglKBXdDVCodAqCop.RIlmf4B7k1gddVTuKWn::JXE3SSV1T7() nop <null> ret <null>
Artefacts
Name
 Value
Embedded Resources

2
Suspicious Type Names (1-2 chars)

0
424cdd6a0d3f3dd8417750d379cdc943 (3.02 MB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙