General
Structural Analysis
Config.0
Yara Rules20
Sync
Community
Summary by MalvaGPT
Characteristics
Symbol Ofbuscation Score
Very high
|
Hash | Hash Value |
|---|---|
| MD5 | 441663452ddafc8951f9ba7d1c428d28
|
| Sha1 | 0f7b4ea962fe19d93151ec5f7fa5fb1109837dea
|
| Sha256 | 2f18faa567de85a9af071bb6b52c9497d412f50179e0796e2cd8f4f4ecb098f2
|
| Sha384 | e31f86015cbb12f7d8d90301d17f552d476da2fe1addfaa87e82cdd9746f7c378bd27bb599489ec2836f8218b749ec84
|
| Sha512 | 0e60878d439483f8ecea620837b0e31bb7e5ffe040ed2a25161ca64aba90866deef7f6e212bc04f0bcf71f7a504fdea7e189cfaae9c492ea9dc03b06fece4f28
|
| SSDeep | 12288:S9JHM9+1y4mzNq1+lt4e7nCP3Wl8tZN4O0qg+6gexMIi+/XAop1wa0X/d8:cHU+Ou2tCPLP4OP5eBfX1p1wa018
|
| TLSH | 9E35D04B0AC95CE0D47CD630E378385587F8E29BBA17D2AE1BC547ECAA253273742257
|
PeID
.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
441663452ddafc8951f9ba7d1c428d28
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
9Tz_s5LqPw4.Xk4oy.resources
7571fbae97f8f6.Resources.resources
3561b94a0
[NBF]root.Data
3561b94a1
[NBF]root.Data
3561b94a10
[NBF]root.Data
3561b94a11
[NBF]root.Data
3561b94a12
[NBF]root.Data
3561b94a13
[NBF]root.Data
3561b94a14
[NBF]root.Data
3561b94a15
[NBF]root.Data
3561b94a16
[NBF]root.Data
3561b94a17
[NBF]root.Data
3561b94a18
[NBF]root.Data
3561b94a19
[NBF]root.Data
3561b94a2
[NBF]root.Data
3561b94a20
[NBF]root.Data
3561b94a21
[NBF]root.Data
3561b94a22
[NBF]root.Data
3561b94a23
[NBF]root.Data
3561b94a24
[NBF]root.Data
3561b94a25
[NBF]root.Data
3561b94a26
[NBF]root.Data
3561b94a27
[NBF]root.Data
3561b94a28
[NBF]root.Data
3561b94a29
[NBF]root.Data
3561b94a3
[NBF]root.Data
3561b94a30
[NBF]root.Data
3561b94a31
[NBF]root.Data
3561b94a32
[NBF]root.Data
3561b94a33
[NBF]root.Data
3561b94a34
[NBF]root.Data
3561b94a35
[NBF]root.Data
3561b94a36
[NBF]root.Data
3561b94a37
[NBF]root.Data
3561b94a38
[NBF]root.Data
3561b94a39
[NBF]root.Data
3561b94a4
[NBF]root.Data
3561b94a40
[NBF]root.Data
3561b94a41
[NBF]root.Data
3561b94a42
[NBF]root.Data
3561b94a5
[NBF]root.Data
3561b94a6
[NBF]root.Data
3561b94a7
[NBF]root.Data
3561b94a8
[NBF]root.Data
3561b94a9
[NBF]root.Data
Informations
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Module Name | 9Tz_s5LqPw4 |
| Full Name | 9Tz_s5LqPw4 |
| EntryPoint | System.Void 9Tz_s5LqPw4.qm4Hn6AzRd::Gm7k2() |
| Scope Name | 9Tz_s5LqPw4 |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | 9Tz_s5LqPw4 |
| Assembly Version | 4.15.21.244 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.6 |
| Total Strings | 548 |
| Main Method | System.Void 9Tz_s5LqPw4.qm4Hn6AzRd::Gm7k2() |
| Main IL Instruction Count | 7 |
| Main IL | nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> newobj System.Void 9Tz_s5LqPw4.Xk4oy::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null> |
| Module Name | 9Tz_s5LqPw4 |
| Full Name | 9Tz_s5LqPw4 |
| EntryPoint | System.Void 9Tz_s5LqPw4.qm4Hn6AzRd::Gm7k2() |
| Scope Name | 9Tz_s5LqPw4 |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | 9Tz_s5LqPw4 |
| Assembly Version | 4.15.21.244 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.6 |
| Total Strings | 548 |
| Main Method | System.Void 9Tz_s5LqPw4.qm4Hn6AzRd::Gm7k2() |
| Main IL Instruction Count | 7 |
| Main IL | nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> newobj System.Void 9Tz_s5LqPw4.Xk4oy::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null> |
441663452ddafc8951f9ba7d1c428d28 (1.16 MB)
File Structure
441663452ddafc8951f9ba7d1c428d28
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
9Tz_s5LqPw4.Xk4oy.resources
7571fbae97f8f6.Resources.resources
3561b94a0
[NBF]root.Data
3561b94a1
[NBF]root.Data
3561b94a10
[NBF]root.Data
3561b94a11
[NBF]root.Data
3561b94a12
[NBF]root.Data
3561b94a13
[NBF]root.Data
3561b94a14
[NBF]root.Data
3561b94a15
[NBF]root.Data
3561b94a16
[NBF]root.Data
3561b94a17
[NBF]root.Data
3561b94a18
[NBF]root.Data
3561b94a19
[NBF]root.Data
3561b94a2
[NBF]root.Data
3561b94a20
[NBF]root.Data
3561b94a21
[NBF]root.Data
3561b94a22
[NBF]root.Data
3561b94a23
[NBF]root.Data
3561b94a24
[NBF]root.Data
3561b94a25
[NBF]root.Data
3561b94a26
[NBF]root.Data
3561b94a27
[NBF]root.Data
3561b94a28
[NBF]root.Data
3561b94a29
[NBF]root.Data
3561b94a3
[NBF]root.Data
3561b94a30
[NBF]root.Data
3561b94a31
[NBF]root.Data
3561b94a32
[NBF]root.Data
3561b94a33
[NBF]root.Data
3561b94a34
[NBF]root.Data
3561b94a35
[NBF]root.Data
3561b94a36
[NBF]root.Data
3561b94a37
[NBF]root.Data
3561b94a38
[NBF]root.Data
3561b94a39
[NBF]root.Data
3561b94a4
[NBF]root.Data
3561b94a40
[NBF]root.Data
3561b94a41
[NBF]root.Data
3561b94a42
[NBF]root.Data
3561b94a5
[NBF]root.Data
3561b94a6
[NBF]root.Data
3561b94a7
[NBF]root.Data
3561b94a8
[NBF]root.Data
3561b94a9
[NBF]root.Data
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.