Suspicious
Suspect

53437b083f2ba3db098a3f363df0cff6

PE Executable
|
MD5: 53437b083f2ba3db098a3f363df0cff6
|
Size: 81.92 KB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Medium

Hash
 Hash Value
MD5
53437b083f2ba3db098a3f363df0cff6
Sha1
940ea0c1762f45cdb65f89951711836163de1569
Sha256
c61ffb93ac7626531c54270b1b95dcdc22ec6e189053c4b79a2aa490d0c46518
Sha384
f316b65e5b02a6d52dc4c0d596ff02d0a10a8319629ab41d34a1c7a8c9280cf1589a4d75b92a42d3018d5c6636f98656
Sha512
4080ec47af0e852b9e02e08ea259794aeade1cbbf5d902a7eb528598df9c370796e2783afd08dca74f3b89afedb19b219d724915a969f7b6a4333fc8bbd5c4a5
SSDeep
1536:lPWNNm2jq1qT7bfxoL7QAvEis5Qx47f/Ijqj9LW4DPjUFwsPi8Bsc7N7tO8CttI4:6Ij+jNt1wk6naj+eC+lEJA
TLSH
5283C607BACA85F2C1445BFAF597C1C043A8D7C2F693D61E798F235A1847BFA994024B

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
53437b083f2ba3db098a3f363df0cff6
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
ILRepack.List
  ​           
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

Kamsgcypvl
Full Name

Kamsgcypvl
EntryPoint

System.Void Kamsgcypvl.Parameters.ControllableParameter::AdjustGlobalParameter()
Scope Name

Kamsgcypvl
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Kamsgcypvl
Assembly Version

1.0.8499.11148
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

0
Main Method

System.Void Kamsgcypvl.Parameters.ControllableParameter::AdjustGlobalParameter()
Main IL Instruction Count

96
Main IL

ldc.i4 1 stloc V_0 br IL_000E: ldloc V_0 ldloc V_0 switch dnlib.DotNet.Emit.Instruction[] br IL_0034: ldc.i4 220841266 ldc.i4 220841266 call System.String Kamsgcypvl.Core.Engines.GeneralEngine::RunRemoteEngine(System.Int32) stloc.s V_1 ldc.i4 3 br IL_0012: switch(IL_0034,IL_004A,IL_009C,IL_0071,IL_00B7,IL_0070) newobj System.Void Kamsgcypvl.Parameters.ControllableParameter/CombinedConfiguration::.ctor() stloc.s V_3 ldc.i4 0 ldsfld <Module>{11ded4ab-50da-4e73-ada5-6dfb82cf4012} <Module>{11ded4ab-50da-4e73-ada5-6dfb82cf4012}::m_9dde4a1a060b46ebb40af16bc0134ee8 ldfld System.Int32 <Module>{11ded4ab-50da-4e73-ada5-6dfb82cf4012}::m_dd7bbebcc73249c3b91436b1bac43034 brtrue IL_0012: switch(IL_0034,IL_004A,IL_009C,IL_0071,IL_00B7,IL_0070) pop <null> ldc.i4 0 br IL_0012: switch(IL_0034,IL_004A,IL_009C,IL_0071,IL_00B7,IL_0070) ret <null> ldc.i4 220841171 call System.String Kamsgcypvl.Core.Engines.GeneralEngine::RunRemoteEngine(System.Int32) stloc.s V_2 ldc.i4 2 ldsfld <Module>{11ded4ab-50da-4e73-ada5-6dfb82cf4012} <Module>{11ded4ab-50da-4e73-ada5-6dfb82cf4012}::m_9dde4a1a060b46ebb40af16bc0134ee8 ldfld System.Int32 <Module>{11ded4ab-50da-4e73-ada5-6dfb82cf4012}::m_2b779393165f40b6ac420dc90b8da27e brtrue IL_0012: switch(IL_0034,IL_004A,IL_009C,IL_0071,IL_00B7,IL_0070) pop <null> ldc.i4 1 br IL_0012: switch(IL_0034,IL_004A,IL_009C,IL_0071,IL_00B7,IL_0070) ldsfld System.Func`1<System.Byte[]> Kamsgcypvl.Parameters.ControllableParameter/TagProc::customizableTag dup <null> brfalse IL_00AC: pop br IL_00CD: newobj System.Void Kamsgcypvl.Settings.ConfigurationRecommender::.ctor(System.Func`1<System.Byte[]>) pop <null> ldc.i4 4 br IL_0012: switch(IL_0034,IL_004A,IL_009C,IL_0071,IL_00B7,IL_0070) ldsfld System.Object Kamsgcypvl.Parameters.ControllableParameter/TagProc::m_PortableTag ldftn System.Byte[] Kamsgcypvl.Parameters.ControllableParameter/TagProc::TagGroupedTag() newobj System.Void System.Func`1<System.Byte[]>::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Func`1<System.Byte[]> Kamsgcypvl.Parameters.ControllableParameter/TagProc::customizableTag newobj System.Void Kamsgcypvl.Settings.ConfigurationRecommender::.ctor(System.Func`1<System.Byte[]>) ldloc.s V_3 ldloc.s V_1 ldloc.s V_2 newobj System.Void Kamsgcypvl.Tagging.TagThread::.ctor(System.String,System.String) stfld System.Object Kamsgcypvl.Parameters.ControllableParameter/CombinedConfiguration::_TrackerRecord ldloc.s V_3 newobj System.Void Kamsgcypvl.Visitors.SetTransaction::.ctor() stfld System.Object Kamsgcypvl.Parameters.ControllableParameter/CombinedConfiguration::configurationLogger ldloc.s V_3 ldc.i4 220841196 call System.String Kamsgcypvl.Core.Engines.GeneralEngine::RunRemoteEngine(System.Int32) ldc.i4 220841104 call System.String Kamsgcypvl.Core.Engines.GeneralEngine::RunRemoteEngine(System.Int32) newobj System.Void Kamsgcypvl.Visitors.QueueVisitor::.ctor(System.String,System.String) stfld System.Object Kamsgcypvl.Parameters.ControllableParameter/CombinedConfiguration::responsiveConfiguration dup <null> ldloc.s V_3 ldftn System.Void Kamsgcypvl.Parameters.ControllableParameter/CombinedConfiguration::SetAlphabeticConfiguration(System.IO.MemoryStream) newobj System.Void System.Action`1<System.IO.MemoryStream>::.ctor(System.Object,System.IntPtr) callvirt System.Void Kamsgcypvl.Settings.ConfigurationRecommender::SetCustomizableConfiguration(System.Action`1<System.IO.MemoryStream>) ldloc.s V_3 ldfld System.Object Kamsgcypvl.Parameters.ControllableParameter/CombinedConfiguration::_TrackerRecord ldloc.s V_3 ldftn System.Void Kamsgcypvl.Parameters.ControllableParameter/CombinedConfiguration::FormatConfiguration(System.IO.MemoryStream) newobj System.Void System.Action`1<System.IO.MemoryStream>::.ctor(System.Object,System.IntPtr) callvirt System.Void Kamsgcypvl.Tagging.TagThread::LabelEfficientTag(System.Action`1<System.IO.MemoryStream>) ldloc.s V_3 ldfld System.Object Kamsgcypvl.Parameters.ControllableParameter/CombinedConfiguration::configurationLogger ldloc.s V_3 ldftn System.Void Kamsgcypvl.Parameters.ControllableParameter/CombinedConfiguration::ConfigureSortedConfiguration(System.Reflection.Assembly) newobj System.Void System.Action`1<System.Reflection.Assembly>::.ctor(System.Object,System.IntPtr) callvirt System.Void Kamsgcypvl.Visitors.SetTransaction::ViewVisitor(System.Action`1<System.Reflection.Assembly>) ldloc.s V_3 ldfld System.Object Kamsgcypvl.Parameters.ControllableParameter/CombinedConfiguration::responsiveConfiguration ldsfld System.Object Kamsgcypvl.Parameters.ControllableParameter/TagProc::_ScalableLocator dup <null> brtrue IL_017C: callvirt System.Void Kamsgcypvl.Visitors.QueueVisitor::VisitGenericVisitor(System.Action) pop <null> ldsfld System.Object Kamsgcypvl.Parameters.ControllableParameter/TagProc::m_PortableTag ldftn System.Void Kamsgcypvl.Parameters.ControllableParameter/TagProc::LabelConvertibleTag() newobj System.Void System.Action::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Object Kamsgcypvl.Parameters.ControllableParameter/TagProc::_ScalableLocator callvirt System.Void Kamsgcypvl.Visitors.QueueVisitor::VisitGenericVisitor(System.Action) callvirt System.Void Kamsgcypvl.Settings.ConfigurationRecommender::ConfigureStatelessConfiguration() ldc.i4 5 ldsfld <Module>{11ded4ab-50da-4e73-ada5-6dfb82cf4012} <Module>{11ded4ab-50da-4e73-ada5-6dfb82cf4012}::m_9dde4a1a060b46ebb40af16bc0134ee8 ldfld System.Int32 <Module>{11ded4ab-50da-4e73-ada5-6dfb82cf4012}::m_3a919ce2b3624163b7df4d6075283b86 brtrue IL_0012: switch(IL_0034,IL_004A,IL_009C,IL_0071,IL_00B7,IL_0070) pop <null> ldc.i4 5 br IL_0012: switch(IL_0034,IL_004A,IL_009C,IL_0071,IL_00B7,IL_0070)
Module Name

Kamsgcypvl
Full Name

Kamsgcypvl
EntryPoint

System.Void Kamsgcypvl.Parameters.ControllableParameter::AdjustGlobalParameter()
Scope Name

Kamsgcypvl
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Kamsgcypvl
Assembly Version

1.0.8499.11148
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

0
Main Method

System.Void Kamsgcypvl.Parameters.ControllableParameter::AdjustGlobalParameter()
Main IL Instruction Count

96
Main IL

ldc.i4 1 stloc V_0 br IL_000E: ldloc V_0 ldloc V_0 switch dnlib.DotNet.Emit.Instruction[] br IL_0034: ldc.i4 220841266 ldc.i4 220841266 call System.String Kamsgcypvl.Core.Engines.GeneralEngine::RunRemoteEngine(System.Int32) stloc.s V_1 ldc.i4 3 br IL_0012: switch(IL_0034,IL_004A,IL_009C,IL_0071,IL_00B7,IL_0070) newobj System.Void Kamsgcypvl.Parameters.ControllableParameter/CombinedConfiguration::.ctor() stloc.s V_3 ldc.i4 0 ldsfld <Module>{11ded4ab-50da-4e73-ada5-6dfb82cf4012} <Module>{11ded4ab-50da-4e73-ada5-6dfb82cf4012}::m_9dde4a1a060b46ebb40af16bc0134ee8 ldfld System.Int32 <Module>{11ded4ab-50da-4e73-ada5-6dfb82cf4012}::m_dd7bbebcc73249c3b91436b1bac43034 brtrue IL_0012: switch(IL_0034,IL_004A,IL_009C,IL_0071,IL_00B7,IL_0070) pop <null> ldc.i4 0 br IL_0012: switch(IL_0034,IL_004A,IL_009C,IL_0071,IL_00B7,IL_0070) ret <null> ldc.i4 220841171 call System.String Kamsgcypvl.Core.Engines.GeneralEngine::RunRemoteEngine(System.Int32) stloc.s V_2 ldc.i4 2 ldsfld <Module>{11ded4ab-50da-4e73-ada5-6dfb82cf4012} <Module>{11ded4ab-50da-4e73-ada5-6dfb82cf4012}::m_9dde4a1a060b46ebb40af16bc0134ee8 ldfld System.Int32 <Module>{11ded4ab-50da-4e73-ada5-6dfb82cf4012}::m_2b779393165f40b6ac420dc90b8da27e brtrue IL_0012: switch(IL_0034,IL_004A,IL_009C,IL_0071,IL_00B7,IL_0070) pop <null> ldc.i4 1 br IL_0012: switch(IL_0034,IL_004A,IL_009C,IL_0071,IL_00B7,IL_0070) ldsfld System.Func`1<System.Byte[]> Kamsgcypvl.Parameters.ControllableParameter/TagProc::customizableTag dup <null> brfalse IL_00AC: pop br IL_00CD: newobj System.Void Kamsgcypvl.Settings.ConfigurationRecommender::.ctor(System.Func`1<System.Byte[]>) pop <null> ldc.i4 4 br IL_0012: switch(IL_0034,IL_004A,IL_009C,IL_0071,IL_00B7,IL_0070) ldsfld System.Object Kamsgcypvl.Parameters.ControllableParameter/TagProc::m_PortableTag ldftn System.Byte[] Kamsgcypvl.Parameters.ControllableParameter/TagProc::TagGroupedTag() newobj System.Void System.Func`1<System.Byte[]>::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Func`1<System.Byte[]> Kamsgcypvl.Parameters.ControllableParameter/TagProc::customizableTag newobj System.Void Kamsgcypvl.Settings.ConfigurationRecommender::.ctor(System.Func`1<System.Byte[]>) ldloc.s V_3 ldloc.s V_1 ldloc.s V_2 newobj System.Void Kamsgcypvl.Tagging.TagThread::.ctor(System.String,System.String) stfld System.Object Kamsgcypvl.Parameters.ControllableParameter/CombinedConfiguration::_TrackerRecord ldloc.s V_3 newobj System.Void Kamsgcypvl.Visitors.SetTransaction::.ctor() stfld System.Object Kamsgcypvl.Parameters.ControllableParameter/CombinedConfiguration::configurationLogger ldloc.s V_3 ldc.i4 220841196 call System.String Kamsgcypvl.Core.Engines.GeneralEngine::RunRemoteEngine(System.Int32) ldc.i4 220841104 call System.String Kamsgcypvl.Core.Engines.GeneralEngine::RunRemoteEngine(System.Int32) newobj System.Void Kamsgcypvl.Visitors.QueueVisitor::.ctor(System.String,System.String) stfld System.Object Kamsgcypvl.Parameters.ControllableParameter/CombinedConfiguration::responsiveConfiguration dup <null> ldloc.s V_3 ldftn System.Void Kamsgcypvl.Parameters.ControllableParameter/CombinedConfiguration::SetAlphabeticConfiguration(System.IO.MemoryStream) newobj System.Void System.Action`1<System.IO.MemoryStream>::.ctor(System.Object,System.IntPtr) callvirt System.Void Kamsgcypvl.Settings.ConfigurationRecommender::SetCustomizableConfiguration(System.Action`1<System.IO.MemoryStream>) ldloc.s V_3 ldfld System.Object Kamsgcypvl.Parameters.ControllableParameter/CombinedConfiguration::_TrackerRecord ldloc.s V_3 ldftn System.Void Kamsgcypvl.Parameters.ControllableParameter/CombinedConfiguration::FormatConfiguration(System.IO.MemoryStream) newobj System.Void System.Action`1<System.IO.MemoryStream>::.ctor(System.Object,System.IntPtr) callvirt System.Void Kamsgcypvl.Tagging.TagThread::LabelEfficientTag(System.Action`1<System.IO.MemoryStream>) ldloc.s V_3 ldfld System.Object Kamsgcypvl.Parameters.ControllableParameter/CombinedConfiguration::configurationLogger ldloc.s V_3 ldftn System.Void Kamsgcypvl.Parameters.ControllableParameter/CombinedConfiguration::ConfigureSortedConfiguration(System.Reflection.Assembly) newobj System.Void System.Action`1<System.Reflection.Assembly>::.ctor(System.Object,System.IntPtr) callvirt System.Void Kamsgcypvl.Visitors.SetTransaction::ViewVisitor(System.Action`1<System.Reflection.Assembly>) ldloc.s V_3 ldfld System.Object Kamsgcypvl.Parameters.ControllableParameter/CombinedConfiguration::responsiveConfiguration ldsfld System.Object Kamsgcypvl.Parameters.ControllableParameter/TagProc::_ScalableLocator dup <null> brtrue IL_017C: callvirt System.Void Kamsgcypvl.Visitors.QueueVisitor::VisitGenericVisitor(System.Action) pop <null> ldsfld System.Object Kamsgcypvl.Parameters.ControllableParameter/TagProc::m_PortableTag ldftn System.Void Kamsgcypvl.Parameters.ControllableParameter/TagProc::LabelConvertibleTag() newobj System.Void System.Action::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Object Kamsgcypvl.Parameters.ControllableParameter/TagProc::_ScalableLocator callvirt System.Void Kamsgcypvl.Visitors.QueueVisitor::VisitGenericVisitor(System.Action) callvirt System.Void Kamsgcypvl.Settings.ConfigurationRecommender::ConfigureStatelessConfiguration() ldc.i4 5 ldsfld <Module>{11ded4ab-50da-4e73-ada5-6dfb82cf4012} <Module>{11ded4ab-50da-4e73-ada5-6dfb82cf4012}::m_9dde4a1a060b46ebb40af16bc0134ee8 ldfld System.Int32 <Module>{11ded4ab-50da-4e73-ada5-6dfb82cf4012}::m_3a919ce2b3624163b7df4d6075283b86 brtrue IL_0012: switch(IL_0034,IL_004A,IL_009C,IL_0071,IL_00B7,IL_0070) pop <null> ldc.i4 5 br IL_0012: switch(IL_0034,IL_004A,IL_009C,IL_0071,IL_00B7,IL_0070)
53437b083f2ba3db098a3f363df0cff6 (81.92 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙