Malicious
Malicious

523f3797ef31ec298108fbd26bbf2cce

PE Executable
|
MD5: 523f3797ef31ec298108fbd26bbf2cce
|
Size: 847.36 KB
|
application/x-dosexec

Infection Chain
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very high

Hash
 Hash Value
MD5
523f3797ef31ec298108fbd26bbf2cce
Sha1
3202962bd7531f5b4370f791d6cf8428f14af457
Sha256
f8a85602655e366f369d3431aed9c12e202d45d708e1f4b748b15e116bc815dc
Sha384
acccb3134dc302f19b1e410720d8f87e7c54d882282fd9ed7d565ea3205a8a9912db3c4a1bf93e5876225d6f43d41a50
Sha512
ad7176ed5eaef203fa8d32987a9595d7df4989b8d4cbe0ddcf8c2e23f8dd15ddea05c55875ba04907b0d92b47cacd6269f72f2718d227cc263540bb5ed725b95
SSDeep
12288:WRQ5elxlIUqTN+G4GfuvWRlAvkDJjJK+ZJBhO2nFIVnuYiqvQ:fkbuUqhjfuvWRlAMS+ZJBUCFGnubqY
TLSH
6B05F701BE44CE11F0991A33D3EF46484BB49C516AA6E32B7DBA376D16123A73C1D9CB

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
523f3797ef31ec298108fbd26bbf2cce
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
.Net Resources
jCjm1OHBhua8GUylJa.J3Djddgmhx3M7mt89J
VwIrb1xl8KcrC3Cgox.DtQ2yldvDi3duHU0rZ
Informations
Name
 Value
Module Name

ngfBgeH3dUMQwhL2JUBdX9yYumLaYErIb
Full Name

ngfBgeH3dUMQwhL2JUBdX9yYumLaYErIb
EntryPoint

System.Void FVG4wcJbgxVjJMRQoTU.L3VF7rJvHm6x2WGULlO::QjnGvK1hTE()
Scope Name

ngfBgeH3dUMQwhL2JUBdX9yYumLaYErIb
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

qsVDBLpe53Nw3zny4
Assembly Version

0.5.8.3
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

63
Main Method

System.Void FVG4wcJbgxVjJMRQoTU.L3VF7rJvHm6x2WGULlO::QjnGvK1hTE()
Main IL Instruction Count

14
Main IL

br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull call System.Void xZhopnsROtvxgXLTASC.cWTsSGsHvsLqX2ClPu4::kLjw4iIsCLsZtxc4lksN0j() nop <null> ldsfld System.Object FVG4wcJbgxVjJMRQoTU.L3VF7rJvHm6x2WGULlO::G4NGef0J49 callvirt System.Void w9MIaVJHEmHEdYBF4Y2.wJgVhWJd7NJZ51BS7mN::qFl3uZDSP4() nop <null> ret <null>
Module Name

ngfBgeH3dUMQwhL2JUBdX9yYumLaYErIb
Full Name

ngfBgeH3dUMQwhL2JUBdX9yYumLaYErIb
EntryPoint

System.Void FVG4wcJbgxVjJMRQoTU.L3VF7rJvHm6x2WGULlO::QjnGvK1hTE()
Scope Name

ngfBgeH3dUMQwhL2JUBdX9yYumLaYErIb
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

qsVDBLpe53Nw3zny4
Assembly Version

0.5.8.3
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

63
Main Method

System.Void FVG4wcJbgxVjJMRQoTU.L3VF7rJvHm6x2WGULlO::QjnGvK1hTE()
Main IL Instruction Count

14
Main IL

br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull call System.Void xZhopnsROtvxgXLTASC.cWTsSGsHvsLqX2ClPu4::kLjw4iIsCLsZtxc4lksN0j() nop <null> ldsfld System.Object FVG4wcJbgxVjJMRQoTU.L3VF7rJvHm6x2WGULlO::G4NGef0J49 callvirt System.Void w9MIaVJHEmHEdYBF4Y2.wJgVhWJd7NJZ51BS7mN::qFl3uZDSP4() nop <null> ret <null>
523f3797ef31ec298108fbd26bbf2cce (847.36 KB)
File Structure
523f3797ef31ec298108fbd26bbf2cce
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
.Net Resources
jCjm1OHBhua8GUylJa.J3Djddgmhx3M7mt89J
VwIrb1xl8KcrC3Cgox.DtQ2yldvDi3duHU0rZ
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙