Malicious
Malicious

4d8fff1d87eca49e0b497828d7095e09

PE Executable
|
MD5: 4d8fff1d87eca49e0b497828d7095e09
|
Size: 947.71 KB
|
application/x-dosexec

Print
Infection Chain
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very high

Hash
 Hash Value
MD5
4d8fff1d87eca49e0b497828d7095e09
Sha1
fef0d9611f81f7079dfd80d7868657bf91bbe95f
Sha256
1dd4e49b7c3099c66edbb99d4d44ef594998908bde9b131df77b750aa72ea1b7
Sha384
6f03be8e6327947935918bca797da9e6c38a06b9a679f63df17a8879bec6c943028c2c0e505052d6a83b7a6a037c2901
Sha512
17043af8190f734547531c2628eb77f506f2c06b247574eb98310356de4f17cc895ce2393a69eedcb41ff5f9841e793bf9f553a875f2337e21c5fa16962b6a2b
SSDeep
12288:u16GGQ05gnk9WSmrEMruh621N05uyu1YTY93/rsUao0mFoqbz7KXC:HGGQ0enkGoMru8u1YTY93/Xao91V
TLSH
171519027E44CF52F0191233C2EF454887B0A9516AA6E72B7DBA377E55123973C0DAEB

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
4d8fff1d87eca49e0b497828d7095e09
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
.Net Resources
OORgZNXPhua0G0kluw.NurS8QrsCowV9JXqNy
gtpalUjE6oKqS6oVZd.aiu3kDuM8TqreRJOFx
Informations
Name
 Value
Module Name

u5DQSsYymn
Full Name

u5DQSsYymn
EntryPoint

System.Void MmgUfQOmx2ahX1223PT.HGG106Oa0IGv7WoEwTD::RQw6llq7Yh()
Scope Name

u5DQSsYymn
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

tiA7LnWowx4uCfeL31D1T
Assembly Version

2.7.6.9
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

63
Main Method

System.Void MmgUfQOmx2ahX1223PT.HGG106Oa0IGv7WoEwTD::RQw6llq7Yh()
Main IL Instruction Count

14
Main IL

br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull call System.Void OqjhT96bxlZWILInWij.BBm8XZ6w6vd6w0quULM::kLjw4iIsCLsZtxc4lksN0j() nop <null> ldsfld System.Object MmgUfQOmx2ahX1223PT.HGG106Oa0IGv7WoEwTD::Jke6FRLyXy callvirt System.Void IxAxDDOwjy2Upqh30Wd.al2pA6O1bEo3DFuqLiU::EpQdkamcYC() nop <null> ret <null>
Module Name

u5DQSsYymn
Full Name

u5DQSsYymn
EntryPoint

System.Void MmgUfQOmx2ahX1223PT.HGG106Oa0IGv7WoEwTD::RQw6llq7Yh()
Scope Name

u5DQSsYymn
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

tiA7LnWowx4uCfeL31D1T
Assembly Version

2.7.6.9
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

63
Main Method

System.Void MmgUfQOmx2ahX1223PT.HGG106Oa0IGv7WoEwTD::RQw6llq7Yh()
Main IL Instruction Count

14
Main IL

br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull call System.Void OqjhT96bxlZWILInWij.BBm8XZ6w6vd6w0quULM::kLjw4iIsCLsZtxc4lksN0j() nop <null> ldsfld System.Object MmgUfQOmx2ahX1223PT.HGG106Oa0IGv7WoEwTD::Jke6FRLyXy callvirt System.Void IxAxDDOwjy2Upqh30Wd.al2pA6O1bEo3DFuqLiU::EpQdkamcYC() nop <null> ret <null>
4d8fff1d87eca49e0b497828d7095e09 (947.71 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙