Malicious
Malicious

4f80d4c8d7b055953aaa514aa222c4e3

PE Executable
|
MD5: 4f80d4c8d7b055953aaa514aa222c4e3
|
Size: 1.36 MB
|
application/x-dosexec

Print
Infection Chain
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very high

Hash
 Hash Value
MD5
4f80d4c8d7b055953aaa514aa222c4e3
Sha1
8be5e5d88cf73c4352cb72fdd6181b19fa8912a5
Sha256
1d3a2118bbc34aa2fa91f73d67bde270afc1c83776a991ebd2584a434ed436ce
Sha384
319a63d8867d09e8151bc78e35de440836fcbbfc150da9c3857a4e0b8c33a43c624f942195ae8ee2fd206aadcc679aa7
Sha512
c49bc152a6865c94760bea16af46c1f60509baf4dc1bc6217359f23dfdec632e335a188d0db9f8c156b0f09e91a2cb0ac75c42b8dc7cde967aaffb802483ea23
SSDeep
24576:QgLKChCYVnQm97Ud0FpCtvXTZI5aClI1BIqQAWMSTL:vzV1NhU70bI1BIYWMS
TLSH
59556B017E85CE12F0191633C6EF45488BB4A95166B6E72B7DBA33AE15133A73C0D9CB

PeID

.NET executable
HQR data file
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
4f80d4c8d7b055953aaa514aa222c4e3
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
.Net Resources
vjHoVjdZWA7AmHD0Lo.Ri9DmdQj0dOrNYOCTq
kv5jeY35eFFWBR5cOw.LqY016Jq9rwrNdx9pu
Informations
Name
 Value
Module Name

C0eSN4RIEpXj
Full Name

C0eSN4RIEpXj
EntryPoint

System.Void XiDAIfs0a6eCa1YH23l.zpwfQ5sOYlpToVJy4PP::YYPIlpOXsF()
Scope Name

C0eSN4RIEpXj
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

TTLTbvg5FcStkqNK30WHvG5nFN3ubMZHbg0Ra9bwUP6Y
Assembly Version

1.5.6.2
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

63
Main Method

System.Void XiDAIfs0a6eCa1YH23l.zpwfQ5sOYlpToVJy4PP::YYPIlpOXsF()
Main IL Instruction Count

14
Main IL

br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull call System.Void LZh9TNIE5ct40kTjWo1.lObMcrIWYJSvfU7gHim::kLjw4iIsCLsZtxc4lksN0j() nop <null> ldsfld System.Object XiDAIfs0a6eCa1YH23l.zpwfQ5sOYlpToVJy4PP::I1SIDK4aal callvirt System.Void pvpoRwsWtwn0bbVADZ5.gqBeJBsaYmmI47HS6N2::kG7XCoBX81() nop <null> ret <null>
Module Name

C0eSN4RIEpXj
Full Name

C0eSN4RIEpXj
EntryPoint

System.Void XiDAIfs0a6eCa1YH23l.zpwfQ5sOYlpToVJy4PP::YYPIlpOXsF()
Scope Name

C0eSN4RIEpXj
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

TTLTbvg5FcStkqNK30WHvG5nFN3ubMZHbg0Ra9bwUP6Y
Assembly Version

1.5.6.2
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

63
Main Method

System.Void XiDAIfs0a6eCa1YH23l.zpwfQ5sOYlpToVJy4PP::YYPIlpOXsF()
Main IL Instruction Count

14
Main IL

br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull call System.Void LZh9TNIE5ct40kTjWo1.lObMcrIWYJSvfU7gHim::kLjw4iIsCLsZtxc4lksN0j() nop <null> ldsfld System.Object XiDAIfs0a6eCa1YH23l.zpwfQ5sOYlpToVJy4PP::I1SIDK4aal callvirt System.Void pvpoRwsWtwn0bbVADZ5.gqBeJBsaYmmI47HS6N2::kG7XCoBX81() nop <null> ret <null>
4f80d4c8d7b055953aaa514aa222c4e3 (1.36 MB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙