Suspect
578bc83a14505641d9924050ad1e72b3
PE Executable | MD5: 578bc83a14505641d9924050ad1e72b3 | Size: 922.62 KB | application/x-dosexec
PE Executable
MD5: 578bc83a14505641d9924050ad1e72b3
Size: 922.62 KB
application/x-dosexec
Summary by MalvaGPT
Characteristics
Symbol Obfuscation Score
Very high
|
Hash | Hash Value |
|---|---|
| MD5 | 578bc83a14505641d9924050ad1e72b3
|
| Sha1 | 50f959dff85cfbb7b59676b5b99689d3941b8123
|
| Sha256 | 82cf55fa23c0c2493080bf0cbf52165ee502a58c782f8d85cfbbb5e601f8b6b3
|
| Sha384 | aea7d5b0aed44a14969354656863ed2cb64903ca5cbd2c566fd75989944cfff3c012ae0acab2fc0f845004e7b7a3d8f9
|
| Sha512 | b27b05b99b7e0bcbf03a9b4784ee925e44975e959fb2f31c863638490fcb7ee15d44039b89eacf2e05fe261574ca5ef993efe9e0b746ee2027c691f899b8cec1
|
| SSDeep | 24576:m9J8dZ+8EsdfRA8DHaP3HizHXdnfbFGP:RBDAuHRrpDo
|
| TLSH | 9B15CE1123E85A69F4FF9B3898754528CBB5BC27DA32DB5D2A4540EE1931F40CE62B33
|
PeID
.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
578bc83a14505641d9924050ad1e72b3
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
Eqn8k2Rp.g.resources
Eqn8k2Rp.Qtq7m1St6.resources
8c6a6c870397b6.Resources.resources
317ff3aa0
[NBF]root.Data
317ff3aa1
[NBF]root.Data
317ff3aa10
[NBF]root.Data
317ff3aa11
[NBF]root.Data
317ff3aa12
[NBF]root.Data
317ff3aa13
[NBF]root.Data
317ff3aa14
[NBF]root.Data
317ff3aa15
[NBF]root.Data
317ff3aa16
[NBF]root.Data
317ff3aa17
[NBF]root.Data
317ff3aa18
[NBF]root.Data
317ff3aa19
[NBF]root.Data
317ff3aa2
[NBF]root.Data
317ff3aa20
[NBF]root.Data
317ff3aa3
[NBF]root.Data
317ff3aa4
[NBF]root.Data
317ff3aa5
[NBF]root.Data
317ff3aa6
[NBF]root.Data
317ff3aa7
[NBF]root.Data
317ff3aa8
[NBF]root.Data
317ff3aa9
[NBF]root.Data
Informations
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Module Name | Eqn8k2Rp |
| Full Name | Eqn8k2Rp |
| EntryPoint | System.Void Eqn8k2Rp.Qtq7m1St6/mr2C5DkwmfR4a.1CsfH_9gs3zA7::1Ebrfz3T() |
| Scope Name | Eqn8k2Rp |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Eqn8k2Rp |
| Assembly Version | 25.23.8.21 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.6 |
| Total Strings | 1543 |
| Main Method | System.Void Eqn8k2Rp.Qtq7m1St6/mr2C5DkwmfR4a.1CsfH_9gs3zA7::1Ebrfz3T() |
| Main IL Instruction Count | 4 |
| Main IL | nop <null> newobj System.Void Eqn8k2Rp.w_7C1kG::.ctor() stloc.0 <null> ret <null> |
| Module Name | Eqn8k2Rp |
| Full Name | Eqn8k2Rp |
| EntryPoint | System.Void Eqn8k2Rp.Qtq7m1St6/mr2C5DkwmfR4a.1CsfH_9gs3zA7::1Ebrfz3T() |
| Scope Name | Eqn8k2Rp |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Eqn8k2Rp |
| Assembly Version | 25.23.8.21 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.6 |
| Total Strings | 1543 |
| Main Method | System.Void Eqn8k2Rp.Qtq7m1St6/mr2C5DkwmfR4a.1CsfH_9gs3zA7::1Ebrfz3T() |
| Main IL Instruction Count | 4 |
| Main IL | nop <null> newobj System.Void Eqn8k2Rp.w_7C1kG::.ctor() stloc.0 <null> ret <null> |
578bc83a14505641d9924050ad1e72b3 (922.62 KB)
File Structure
578bc83a14505641d9924050ad1e72b3
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
Eqn8k2Rp.g.resources
Eqn8k2Rp.Qtq7m1St6.resources
8c6a6c870397b6.Resources.resources
317ff3aa0
[NBF]root.Data
317ff3aa1
[NBF]root.Data
317ff3aa10
[NBF]root.Data
317ff3aa11
[NBF]root.Data
317ff3aa12
[NBF]root.Data
317ff3aa13
[NBF]root.Data
317ff3aa14
[NBF]root.Data
317ff3aa15
[NBF]root.Data
317ff3aa16
[NBF]root.Data
317ff3aa17
[NBF]root.Data
317ff3aa18
[NBF]root.Data
317ff3aa19
[NBF]root.Data
317ff3aa2
[NBF]root.Data
317ff3aa20
[NBF]root.Data
317ff3aa3
[NBF]root.Data
317ff3aa4
[NBF]root.Data
317ff3aa5
[NBF]root.Data
317ff3aa6
[NBF]root.Data
317ff3aa7
[NBF]root.Data
317ff3aa8
[NBF]root.Data
317ff3aa9
[NBF]root.Data
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.