Malicious
Malicious

56c68bc817573263aa715f18cc305b58

PE Executable
|
MD5: 56c68bc817573263aa715f18cc305b58
|
Size: 2.91 MB
|
application/x-dosexec

Infection Chain
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very high

Hash
 Hash Value
MD5
56c68bc817573263aa715f18cc305b58
Sha1
2524ac14b017f32357e2a0a590f6db5e829a00e1
Sha256
d31d3cffc35347c38b0c958b7311d3d6e65c24c0a3ccb91cbcd1df36817850d9
Sha384
bd266bfd2f9c3109b057b7f0f3b9753653fe6a115eafc7342aee44bd6698a361998fa9966ee4c87f9c67aa3ad2e96648
Sha512
04b404b3a3890a3fdfd7d34baa12e7703a1f37226929c047120acd4d5b04428667a628945ee68c7427be2d1c442f2a513231aed4553cc5ffae21b8d2cfd444bd
SSDeep
49152:dj3Yv0zatSUXHxJzP4h7r2iJ53sskJ2otak+FgnzcD4q:l3V+X3nQhl5yJ2ot6Mc
TLSH
33D5D0027E84CE11F0591233C6EF454847B4A9526AF6E32B7CBA376E55123A77C0E9CB

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
56c68bc817573263aa715f18cc305b58
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_GROUP_CURSOR4
ID:0001
ID:0
RT_VERSION
ID:0001
ID:1033
.Net Resources
UvokIws9qD7wI1P4o6.JDKiOWkJkGxPDIOPDh
sE4McdP0anl3ADQgBO.yBnsXe1LsyZEZtkch7
Informations
Name
 Value
Module Name

Jutnmie65oKnGuG3WZX9QnuMuQvghBuEKA7e
Full Name

Jutnmie65oKnGuG3WZX9QnuMuQvghBuEKA7e
EntryPoint

System.Void ywfy9cJbTPFdZha9oMA.CM9qioJuQ7Ub40pYE83::K9UrNNskk7()
Scope Name

Jutnmie65oKnGuG3WZX9QnuMuQvghBuEKA7e
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

uJelwpMlXUAqOzq5ugg9
Assembly Version

5.8.3.8
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

63
Main Method

System.Void ywfy9cJbTPFdZha9oMA.CM9qioJuQ7Ub40pYE83::K9UrNNskk7()
Main IL Instruction Count

14
Main IL

br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull call System.Void fO9Or3s74kyUJeGRJVc.tevY50sVPryGcxTYmGd::kLjw4iIsCLsZtxc4lksN0j() nop <null> ldsfld System.Object ywfy9cJbTPFdZha9oMA.CM9qioJuQ7Ub40pYE83::wcmr4Vqnvi callvirt System.Void P08WQPJVa2N8wF7cdRu.aYE94BJtBXfjOALdNNP::KWTCVk02yV() nop <null> ret <null>
Module Name

Jutnmie65oKnGuG3WZX9QnuMuQvghBuEKA7e
Full Name

Jutnmie65oKnGuG3WZX9QnuMuQvghBuEKA7e
EntryPoint

System.Void ywfy9cJbTPFdZha9oMA.CM9qioJuQ7Ub40pYE83::K9UrNNskk7()
Scope Name

Jutnmie65oKnGuG3WZX9QnuMuQvghBuEKA7e
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

uJelwpMlXUAqOzq5ugg9
Assembly Version

5.8.3.8
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

63
Main Method

System.Void ywfy9cJbTPFdZha9oMA.CM9qioJuQ7Ub40pYE83::K9UrNNskk7()
Main IL Instruction Count

14
Main IL

br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull call System.Void fO9Or3s74kyUJeGRJVc.tevY50sVPryGcxTYmGd::kLjw4iIsCLsZtxc4lksN0j() nop <null> ldsfld System.Object ywfy9cJbTPFdZha9oMA.CM9qioJuQ7Ub40pYE83::wcmr4Vqnvi callvirt System.Void P08WQPJVa2N8wF7cdRu.aYE94BJtBXfjOALdNNP::KWTCVk02yV() nop <null> ret <null>
56c68bc817573263aa715f18cc305b58 (2.91 MB)
File Structure
56c68bc817573263aa715f18cc305b58
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_GROUP_CURSOR4
ID:0001
ID:0
RT_VERSION
ID:0001
ID:1033
.Net Resources
UvokIws9qD7wI1P4o6.JDKiOWkJkGxPDIOPDh
sE4McdP0anl3ADQgBO.yBnsXe1LsyZEZtkch7
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙