Suspicious
Suspect

4f6b21c834c2e25e0d528cf9ec7a6d21

PE Executable
|
MD5: 4f6b21c834c2e25e0d528cf9ec7a6d21
|
Size: 32.26 KB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Obfuscation Score

Very low

Hash
 Hash Value
MD5
4f6b21c834c2e25e0d528cf9ec7a6d21
Sha1
3cbcac7ea2960ccbe5debe731ef7e487ae676fdc
Sha256
69a3f9f658a1278c1a984a7f2d267ea25ffefbe2f0b14f43046983f5a284902f
Sha384
59c7dc00273e2b77344f5314037ed26d5fcce32aff4c3d01dc7b1d70678b2005dc0a662ca57014290627d1cf20190d96
Sha512
c6c11108f2503eeba4bb8051deae662e583bd134246aa7b5da0b7f598767e0393014666c5921ed5df33a6b7efde895916f7a085c2b0ca2b279ac321c0a0c2b09
SSDeep
384:yd0cpHIb1AjacHxex+Jk5b4C3GjqBGmKSrvMlYykjWFYNOZ3XDkZgHoEQMp7e2B5:y+uobKJRkSjmHPpNA4Z/MZew/ig4Rob
TLSH
13E22B3DD1C1BCC0C75F23F0B89EA7D5019ACF037A662B2DF6D864661F60264AE76588
File Structure
4f6b21c834c2e25e0d528cf9ec7a6d21
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.reloc
.rsrc
Resources
RT_ICON
ID:0001
ID:1033
ID:0002
ID:1033
ID:0003
ID:1033
ID:0004
ID:1033
ID:0005
ID:1033
ID:0006
ID:1033
ID:0007
ID:1033
RT_GROUP_CURSOR4
ID:0067
ID:1033
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

GeneratedExe.exe
Full Name

GeneratedExe.exe
EntryPoint

System.Void Program::Main()
Scope Name

GeneratedExe.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

GeneratedExe
Assembly Version

0.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

<null>
Total Strings

7
Main Method

System.Void Program::Main()
Main IL Instruction Count

176
Main IL

nop <null> ldc.i4 13009 newarr System.Byte dup <null> ldtoken <PrivateImplementationDetails>/__StaticArrayInitTypeSize=13009 <PrivateImplementationDetails>::672F80E07F8B31EBDE5FBDDEF7672D0F072BB0396C2B923BC18A2454BFA72597 call System.Void System.Runtime.CompilerServices.RuntimeHelpers::InitializeArray(System.Array,System.RuntimeFieldHandle) stloc.0 <null> call System.String System.IO.Path::GetTempPath() call System.Guid System.Guid::NewGuid() stloc.2 <null> ldloca.s V_2 constrained. System.Guid callvirt System.String System.Object::ToString() ldstr .bat call System.String System.String::Concat(System.String,System.String) call System.String System.IO.Path::Combine(System.String,System.String) stloc.1 <null> nop <null> ldloc.1 <null> ldloc.0 <null> call System.Void System.IO.File::WriteAllBytes(System.String,System.Byte[]) nop <null> newobj System.Void System.Diagnostics.ProcessStartInfo::.ctor() stloc.s V_6 ldloc.s V_6 ldstr cmd.exe callvirt System.Void System.Diagnostics.ProcessStartInfo::set_FileName(System.String) nop <null> ldloc.s V_6 ldstr /C " ldloc.1 <null> ldstr " call System.String System.String::Concat(System.String,System.String,System.String) callvirt System.Void System.Diagnostics.ProcessStartInfo::set_Arguments(System.String) nop <null> ldloc.s V_6 ldc.i4.1 <null> callvirt System.Void System.Diagnostics.ProcessStartInfo::set_WindowStyle(System.Diagnostics.ProcessWindowStyle) nop <null> ldloc.s V_6 ldc.i4.1 <null> callvirt System.Void System.Diagnostics.ProcessStartInfo::set_CreateNoWindow(System.Boolean) nop <null> ldloc.s V_6 ldc.i4.0 <null> callvirt System.Void System.Diagnostics.ProcessStartInfo::set_UseShellExecute(System.Boolean) nop <null> ldloc.s V_6 ldc.i4.1 <null> callvirt System.Void System.Diagnostics.ProcessStartInfo::set_RedirectStandardOutput(System.Boolean) nop <null> ldloc.s V_6 ldc.i4.1 <null> callvirt System.Void System.Diagnostics.ProcessStartInfo::set_RedirectStandardError(System.Boolean) nop <null> ldloc.s V_6 stloc.3 <null> newobj System.Void System.Collections.Generic.List`1<System.Int32>::.ctor() stloc.s V_7 ldloc.s V_7 ldc.i4.5 <null> callvirt System.Void System.Collections.Generic.List`1<System.Int32>::Add(System.Int32) nop <null> ldloc.s V_7 ldc.i4.s 12 callvirt System.Void System.Collections.Generic.List`1<System.Int32>::Add(System.Int32) nop <null> ldloc.s V_7 ldc.i4.7 <null> callvirt System.Void System.Collections.Generic.List`1<System.Int32>::Add(System.Int32) nop <null> ldloc.s V_7 ldc.i4.s 20 callvirt System.Void System.Collections.Generic.List`1<System.Int32>::Add(System.Int32) nop <null> ldloc.s V_7 ldc.i4.3 <null> callvirt System.Void System.Collections.Generic.List`1<System.Int32>::Add(System.Int32) nop <null> ldloc.s V_7 ldc.i4.s 15 callvirt System.Void System.Collections.Generic.List`1<System.Int32>::Add(System.Int32) nop <null> ldloc.s V_7 stloc.s V_4 ldloc.s V_4 ldsfld System.Func`2<System.Int32,System.Boolean> Program/<>c::<>9__0_0 dup <null> brtrue.s IL_0109: call System.Collections.Generic.IEnumerable`1<System.Int32> System.Linq.Enumerable::Where<System.Int32>(System.Collections.Generic.IEnumerable`1<System.Int32>,System.Func`2<System.Int32,System.Boolean>) pop <null> ldsfld Program/<>c Program/<>c::<>9 ldftn System.Boolean Program/<>c::<Main>b__0_0(System.Int32) newobj System.Void System.Func`2<System.Int32,System.Boolean>::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Func`2<System.Int32,System.Boolean> Program/<>c::<>9__0_0 call System.Collections.Generic.IEnumerable`1<System.Int32> System.Linq.Enumerable::Where<System.Int32>(System.Collections.Generic.IEnumerable`1<System.Int32>,System.Func`2<System.Int32,System.Boolean>) call System.Collections.Generic.List`1<System.Int32> System.Linq.Enumerable::ToList<System.Int32>(System.Collections.Generic.IEnumerable`1<System.Int32>) stloc.s V_5 ldstr Even numbers: call System.Void System.Console::WriteLine(System.String) nop <null> ldloc.s V_5 ldsfld System.Action`1<System.Int32> Program/<>c::<>9__0_1 dup <null> brtrue.s IL_0141: callvirt System.Void System.Collections.Generic.List`1<System.Int32>::ForEach(System.Action`1<System.Int32>) pop <null> ldsfld Program/<>c Program/<>c::<>9 ldftn System.Void Program/<>c::<Main>b__0_1(System.Int32) newobj System.Void System.Action`1<System.Int32>::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Action`1<System.Int32> Program/<>c::<>9__0_1 callvirt System.Void System.Collections.Generic.List`1<System.Int32>::ForEach(System.Action`1<System.Int32>) nop <null> nop <null> ldloc.3 <null> call System.Diagnostics.Process System.Diagnostics.Process::Start(System.Diagnostics.ProcessStartInfo) stloc.s V_8 nop <null> ldloc.s V_8 callvirt System.IO.StreamReader System.Diagnostics.Process::get_StandardOutput() callvirt System.String System.IO.TextReader::ReadToEnd() stloc.s V_9 ldloc.s V_8 callvirt System.IO.StreamReader System.Diagnostics.Process::get_StandardError() callvirt System.String System.IO.TextReader::ReadToEnd() stloc.s V_10 ldloc.s V_8 callvirt System.Void System.Diagnostics.Process::WaitForExit() nop <null> nop <null> leave.s IL_0185: nop ldloc.s V_8 brfalse.s IL_0184: endfinally ldloc.s V_8 callvirt System.Void System.IDisposable::Dispose() nop <null> endfinally <null> nop <null> nop <null> ldloc.s V_5 call System.Int32 Program::<Main>g__Sum|0_2(System.Collections.Generic.IEnumerable`1<System.Int32>) stloc.s V_11 ldstr Sum of even numbers: {0} ldloc.s V_11 box System.Int32 call System.String System.String::Format(System.String,System.Object) call System.Void System.Console::WriteLine(System.String) nop <null> nop <null> leave.s IL_01C7: nop stloc.s V_12 nop <null> ldstr Error: ldloc.s V_12 callvirt System.String System.Exception::get_Message() call System.String System.String::Concat(System.String,System.String) call System.Void System.Console::WriteLine(System.String) nop <null> nop <null> leave.s IL_01C7: nop nop <null> leave.s IL_01DD: ret nop <null> nop <null> ldloc.1 <null> call System.Void System.IO.File::Delete(System.String) nop <null> nop <null> leave.s IL_01DB: nop pop <null> nop <null> nop <null> leave.s IL_01DB: nop nop <null> endfinally <null> ret <null>
4f6b21c834c2e25e0d528cf9ec7a6d21 (32.26 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙