Suspicious
Suspect

5906aa141749598b45851583aaefa182

PE Executable
|
MD5: 5906aa141749598b45851583aaefa182
|
Size: 1.87 MB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Obfuscation Score

Very high

Hash
 Hash Value
MD5
5906aa141749598b45851583aaefa182
Sha1
b7cf8356908d2b810bc9fab4db66561fb9e0c5a9
Sha256
018f85786e3cbf158c1a9d44c0d82bdd8d86958e7f8eb9e8dc74e3293f42c068
Sha384
4a13cbeebd526688fb0e40fb2861950f3cc216f3fcc48666b0bc1663068286a104204d002e62491b178b175fc36d27bc
Sha512
b70a848501a6a34800c9e5e7afabb8e44f4bade4d92665fa0a43a9ce2f4ca8b293a1b33e11152edc6f270e04552e38d0964b4b1e8475455dbc1388769e820719
SSDeep
24576:3ExD/kqGR8SlTxV0/eS9BrVXqI+6RO2XHyu:3Pvz9W/pVaInMs
TLSH
1785F00163D85F68F47F57349875086197F2BC03EE22DFCDB2895DAA2D31B81899A723

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
5906aa141749598b45851583aaefa182
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0032
ID:0
RT_GROUP_CURSOR4
ID:0001
ID:0
RT_VERSION
ID:0001
ID:0
.Net Resources
wDp0o9Gk.g.resources
wDp0o9Gk.Resources.resources
ae226db1d64a7c.Resources.resources
844dd58b0
[NBF]root.Data
844dd58b1
[NBF]root.Data
844dd58b10
[NBF]root.Data
844dd58b11
[NBF]root.Data
844dd58b12
[NBF]root.Data
844dd58b13
[NBF]root.Data
844dd58b14
[NBF]root.Data
844dd58b15
[NBF]root.Data
844dd58b16
[NBF]root.Data
844dd58b17
[NBF]root.Data
844dd58b18
[NBF]root.Data
844dd58b19
[NBF]root.Data
844dd58b2
[NBF]root.Data
844dd58b20
[NBF]root.Data
844dd58b21
[NBF]root.Data
844dd58b22
[NBF]root.Data
844dd58b23
[NBF]root.Data
844dd58b24
[NBF]root.Data
844dd58b25
[NBF]root.Data
844dd58b26
[NBF]root.Data
844dd58b27
[NBF]root.Data
844dd58b28
[NBF]root.Data
844dd58b29
[NBF]root.Data
844dd58b3
[NBF]root.Data
844dd58b30
[NBF]root.Data
844dd58b31
[NBF]root.Data
844dd58b32
[NBF]root.Data
844dd58b33
[NBF]root.Data
844dd58b34
[NBF]root.Data
844dd58b35
[NBF]root.Data
844dd58b36
[NBF]root.Data
844dd58b37
[NBF]root.Data
844dd58b38
[NBF]root.Data
844dd58b39
[NBF]root.Data
844dd58b4
[NBF]root.Data
844dd58b40
[NBF]root.Data
844dd58b41
[NBF]root.Data
844dd58b42
[NBF]root.Data
844dd58b43
[NBF]root.Data
844dd58b44
[NBF]root.Data
844dd58b45
[NBF]root.Data
844dd58b46
[NBF]root.Data
844dd58b47
[NBF]root.Data
844dd58b48
[NBF]root.Data
844dd58b49
[NBF]root.Data
844dd58b5
[NBF]root.Data
844dd58b50
[NBF]root.Data
844dd58b51
[NBF]root.Data
844dd58b52
[NBF]root.Data
844dd58b53
[NBF]root.Data
844dd58b54
[NBF]root.Data
844dd58b55
[NBF]root.Data
844dd58b56
[NBF]root.Data
844dd58b57
[NBF]root.Data
844dd58b58
[NBF]root.Data
844dd58b59
[NBF]root.Data
844dd58b6
[NBF]root.Data
844dd58b60
[NBF]root.Data
844dd58b61
[NBF]root.Data
844dd58b62
[NBF]root.Data
844dd58b63
[NBF]root.Data
844dd58b64
[NBF]root.Data
844dd58b65
[NBF]root.Data
844dd58b7
[NBF]root.Data
844dd58b8
[NBF]root.Data
844dd58b9
[NBF]root.Data
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

wDp0o9Gk
Full Name

wDp0o9Gk
EntryPoint

System.Void wDp0o9Gk.6WrqKgg1y/jKq2kf1AD_o75b.Amk6z5g::3s_EM5ok()
Scope Name

wDp0o9Gk
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

wDp0o9Gk
Assembly Version

6.23.43.145
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

1568
Main Method

System.Void wDp0o9Gk.6WrqKgg1y/jKq2kf1AD_o75b.Amk6z5g::3s_EM5ok()
Main IL Instruction Count

145
Main IL

nop <null> newobj System.Void System.Windows.Forms.Form::.ctor() stloc.1 <null> ldc.i4.s 25 stloc.2 <null> ldc.i4 671145 box System.Int32 stloc.3 <null> ldsfld System.String wDp0o9Gk.6WrqKgg1y::bAk41ePdJ9bww stloc.s V_4 ldloc.s V_4 call System.String wDp0o9Gk.6WrqKgg1y/jKq2kf1AD_o75b.Amk6z5g/Cg8ox1JfY.9Cdkb0yJjj::Pq5c2awAm(System.String) stloc.s V_5 ldloc.s V_5 call System.Byte[] wDp0o9Gk.8BownfH4::Ab1my9Sijz4T3y(System.String) ldloc.3 <null> call System.Int32 Microsoft.VisualBasic.CompilerServices.Conversions::ToInteger(System.Object) call System.Object wDp0o9Gk.Dxx2ws::Gek8bq2Bd(System.Byte[],System.Int32) ldnull <null> ldstr ToArray ldc.i4.0 <null> newarr System.Object ldnull <null> ldnull <null> ldnull <null> call System.Object Microsoft.VisualBasic.CompilerServices.NewLateBinding::LateGet(System.Object,System.Type,System.String,System.Object[],System.String[],System.Type[],System.Boolean[]) call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) stloc.s V_6 ldc.i4.3 <null> stloc.s V_7 ldc.i4.7 <null> stloc.0 <null> nop <null> ldloc.s V_7 ldc.i4.3 <null> beq.s IL_005F: nop br.s IL_006B: nop nop <null> ldloc.s V_6 call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) stloc.s V_8 br.s IL_006B: nop nop <null> ldc.i4.s 9 stloc.0 <null> ldtoken System.Reflection.Assembly call System.Type System.Type::GetTypeFromHandle(System.RuntimeTypeHandle) stloc.s V_9 ldloc.s V_9 callvirt System.Reflection.MethodInfo[] System.Type::GetMethods() ldsfld System.Func`2<System.Reflection.MethodInfo,System.Boolean> wDp0o9Gk.6WrqKgg1y/jKq2kf1AD_o75b.Amk6z5g/pNc6S.kLp5W6bzmjC3nM::wg6X9jPfbDr58d brfalse.s IL_0090: ldsfld wDp0o9Gk.6WrqKgg1y/jKq2kf1AD_o75b.Amk6z5g/pNc6S.kLp5W6bzmjC3nM wDp0o9Gk.6WrqKgg1y/jKq2kf1AD_o75b.Amk6z5g/pNc6S.kLp5W6bzmjC3nM::iy0K3y ldsfld System.Func`2<System.Reflection.MethodInfo,System.Boolean> wDp0o9Gk.6WrqKgg1y/jKq2kf1AD_o75b.Amk6z5g/pNc6S.kLp5W6bzmjC3nM::wg6X9jPfbDr58d br.s IL_00A6: call System.Collections.Generic.IEnumerable`1<System.Reflection.MethodInfo> System.Linq.Enumerable::Where<System.Reflection.MethodInfo>(System.Collections.Generic.IEnumerable`1<System.Reflection.MethodInfo>,System.Func`2<System.Reflection.MethodInfo,System.Boolean>) ldsfld wDp0o9Gk.6WrqKgg1y/jKq2kf1AD_o75b.Amk6z5g/pNc6S.kLp5W6bzmjC3nM wDp0o9Gk.6WrqKgg1y/jKq2kf1AD_o75b.Amk6z5g/pNc6S.kLp5W6bzmjC3nM::iy0K3y ldftn System.Boolean wDp0o9Gk.6WrqKgg1y/jKq2kf1AD_o75b.Amk6z5g/pNc6S.kLp5W6bzmjC3nM::df4EmJi0B5g(System.Reflection.MethodInfo) newobj System.Void System.Func`2<System.Reflection.MethodInfo,System.Boolean>::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Func`2<System.Reflection.MethodInfo,System.Boolean> wDp0o9Gk.6WrqKgg1y/jKq2kf1AD_o75b.Amk6z5g/pNc6S.kLp5W6bzmjC3nM::wg6X9jPfbDr58d call System.Collections.Generic.IEnumerable`1<System.Reflection.MethodInfo> System.Linq.Enumerable::Where<System.Reflection.MethodInfo>(System.Collections.Generic.IEnumerable`1<System.Reflection.MethodInfo>,System.Func`2<System.Reflection.MethodInfo,System.Boolean>) call System.Reflection.MethodInfo[] System.Linq.Enumerable::ToArray<System.Reflection.MethodInfo>(System.Collections.Generic.IEnumerable`1<System.Reflection.MethodInfo>) stloc.s V_10 ldloc.s V_10 stloc.s V_11 ldc.i4.0 <null> stloc.s V_12 br IL_015A: ldloc.s V_12 ldloc.s V_11 ldloc.s V_12 ldelem.ref <null> stloc.s V_13 nop <null> ldloc.s V_13 ldnull <null> ldc.i4.1 <null> newarr System.Object dup <null> ldc.i4.0 <null> ldloc.s V_8 stelem.ref <null> callvirt System.Object System.Reflection.MethodBase::Invoke(System.Object,System.Object[]) call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) stloc.s V_14 ldloc.s V_14 ldnull <null> ldstr GetTypes ldc.i4.0 <null> newarr System.Object ldnull <null> ldnull <null> ldnull <null> call System.Object Microsoft.VisualBasic.CompilerServices.NewLateBinding::LateGet(System.Object,System.Type,System.String,System.Object[],System.String[],System.Type[],System.Boolean[]) ldc.i4.1 <null> newarr System.Object dup <null> ldc.i4.0 <null> ldc.i4.s 25 box System.Int32 stelem.ref <null> ldnull <null> call System.Object Microsoft.VisualBasic.CompilerServices.NewLateBinding::LateIndexGet(System.Object,System.Object[],System.String[]) ldnull <null> ldstr GetMethods ldc.i4.0 <null> newarr System.Object ldnull <null> ldnull <null> ldnull <null> call System.Object Microsoft.VisualBasic.CompilerServices.NewLateBinding::LateGet(System.Object,System.Type,System.String,System.Object[],System.String[],System.Type[],System.Boolean[]) ldc.i4.1 <null> newarr System.Object dup <null> ldc.i4.0 <null> ldc.i4.0 <null> box System.Int32 stelem.ref <null> ldnull <null> call System.Object Microsoft.VisualBasic.CompilerServices.NewLateBinding::LateIndexGet(System.Object,System.Object[],System.String[]) call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) call System.Object wDp0o9Gk.6WrqKgg1y::nz9We(System.Object) pop <null> leave.s IL_016B: ldc.i4.4 dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.s V_15 nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_0152: nop nop <null> nop <null> ldloc.s V_12 ldc.i4.1 <null> add.ovf <null> stloc.s V_12 ldloc.s V_12 ldloc.s V_11 ldlen <null> conv.i4 <null> clt <null> stloc.s V_16 ldloc.s V_16 brtrue IL_00BE: ldloc.s V_11 ldc.i4.4 <null> stloc.0 <null> ret <null>
Module Name

wDp0o9Gk
Full Name

wDp0o9Gk
EntryPoint

System.Void wDp0o9Gk.6WrqKgg1y/jKq2kf1AD_o75b.Amk6z5g::3s_EM5ok()
Scope Name

wDp0o9Gk
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

wDp0o9Gk
Assembly Version

6.23.43.145
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

1568
Main Method

System.Void wDp0o9Gk.6WrqKgg1y/jKq2kf1AD_o75b.Amk6z5g::3s_EM5ok()
Main IL Instruction Count

145
Main IL

nop <null> newobj System.Void System.Windows.Forms.Form::.ctor() stloc.1 <null> ldc.i4.s 25 stloc.2 <null> ldc.i4 671145 box System.Int32 stloc.3 <null> ldsfld System.String wDp0o9Gk.6WrqKgg1y::bAk41ePdJ9bww stloc.s V_4 ldloc.s V_4 call System.String wDp0o9Gk.6WrqKgg1y/jKq2kf1AD_o75b.Amk6z5g/Cg8ox1JfY.9Cdkb0yJjj::Pq5c2awAm(System.String) stloc.s V_5 ldloc.s V_5 call System.Byte[] wDp0o9Gk.8BownfH4::Ab1my9Sijz4T3y(System.String) ldloc.3 <null> call System.Int32 Microsoft.VisualBasic.CompilerServices.Conversions::ToInteger(System.Object) call System.Object wDp0o9Gk.Dxx2ws::Gek8bq2Bd(System.Byte[],System.Int32) ldnull <null> ldstr ToArray ldc.i4.0 <null> newarr System.Object ldnull <null> ldnull <null> ldnull <null> call System.Object Microsoft.VisualBasic.CompilerServices.NewLateBinding::LateGet(System.Object,System.Type,System.String,System.Object[],System.String[],System.Type[],System.Boolean[]) call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) stloc.s V_6 ldc.i4.3 <null> stloc.s V_7 ldc.i4.7 <null> stloc.0 <null> nop <null> ldloc.s V_7 ldc.i4.3 <null> beq.s IL_005F: nop br.s IL_006B: nop nop <null> ldloc.s V_6 call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) stloc.s V_8 br.s IL_006B: nop nop <null> ldc.i4.s 9 stloc.0 <null> ldtoken System.Reflection.Assembly call System.Type System.Type::GetTypeFromHandle(System.RuntimeTypeHandle) stloc.s V_9 ldloc.s V_9 callvirt System.Reflection.MethodInfo[] System.Type::GetMethods() ldsfld System.Func`2<System.Reflection.MethodInfo,System.Boolean> wDp0o9Gk.6WrqKgg1y/jKq2kf1AD_o75b.Amk6z5g/pNc6S.kLp5W6bzmjC3nM::wg6X9jPfbDr58d brfalse.s IL_0090: ldsfld wDp0o9Gk.6WrqKgg1y/jKq2kf1AD_o75b.Amk6z5g/pNc6S.kLp5W6bzmjC3nM wDp0o9Gk.6WrqKgg1y/jKq2kf1AD_o75b.Amk6z5g/pNc6S.kLp5W6bzmjC3nM::iy0K3y ldsfld System.Func`2<System.Reflection.MethodInfo,System.Boolean> wDp0o9Gk.6WrqKgg1y/jKq2kf1AD_o75b.Amk6z5g/pNc6S.kLp5W6bzmjC3nM::wg6X9jPfbDr58d br.s IL_00A6: call System.Collections.Generic.IEnumerable`1<System.Reflection.MethodInfo> System.Linq.Enumerable::Where<System.Reflection.MethodInfo>(System.Collections.Generic.IEnumerable`1<System.Reflection.MethodInfo>,System.Func`2<System.Reflection.MethodInfo,System.Boolean>) ldsfld wDp0o9Gk.6WrqKgg1y/jKq2kf1AD_o75b.Amk6z5g/pNc6S.kLp5W6bzmjC3nM wDp0o9Gk.6WrqKgg1y/jKq2kf1AD_o75b.Amk6z5g/pNc6S.kLp5W6bzmjC3nM::iy0K3y ldftn System.Boolean wDp0o9Gk.6WrqKgg1y/jKq2kf1AD_o75b.Amk6z5g/pNc6S.kLp5W6bzmjC3nM::df4EmJi0B5g(System.Reflection.MethodInfo) newobj System.Void System.Func`2<System.Reflection.MethodInfo,System.Boolean>::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Func`2<System.Reflection.MethodInfo,System.Boolean> wDp0o9Gk.6WrqKgg1y/jKq2kf1AD_o75b.Amk6z5g/pNc6S.kLp5W6bzmjC3nM::wg6X9jPfbDr58d call System.Collections.Generic.IEnumerable`1<System.Reflection.MethodInfo> System.Linq.Enumerable::Where<System.Reflection.MethodInfo>(System.Collections.Generic.IEnumerable`1<System.Reflection.MethodInfo>,System.Func`2<System.Reflection.MethodInfo,System.Boolean>) call System.Reflection.MethodInfo[] System.Linq.Enumerable::ToArray<System.Reflection.MethodInfo>(System.Collections.Generic.IEnumerable`1<System.Reflection.MethodInfo>) stloc.s V_10 ldloc.s V_10 stloc.s V_11 ldc.i4.0 <null> stloc.s V_12 br IL_015A: ldloc.s V_12 ldloc.s V_11 ldloc.s V_12 ldelem.ref <null> stloc.s V_13 nop <null> ldloc.s V_13 ldnull <null> ldc.i4.1 <null> newarr System.Object dup <null> ldc.i4.0 <null> ldloc.s V_8 stelem.ref <null> callvirt System.Object System.Reflection.MethodBase::Invoke(System.Object,System.Object[]) call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) stloc.s V_14 ldloc.s V_14 ldnull <null> ldstr GetTypes ldc.i4.0 <null> newarr System.Object ldnull <null> ldnull <null> ldnull <null> call System.Object Microsoft.VisualBasic.CompilerServices.NewLateBinding::LateGet(System.Object,System.Type,System.String,System.Object[],System.String[],System.Type[],System.Boolean[]) ldc.i4.1 <null> newarr System.Object dup <null> ldc.i4.0 <null> ldc.i4.s 25 box System.Int32 stelem.ref <null> ldnull <null> call System.Object Microsoft.VisualBasic.CompilerServices.NewLateBinding::LateIndexGet(System.Object,System.Object[],System.String[]) ldnull <null> ldstr GetMethods ldc.i4.0 <null> newarr System.Object ldnull <null> ldnull <null> ldnull <null> call System.Object Microsoft.VisualBasic.CompilerServices.NewLateBinding::LateGet(System.Object,System.Type,System.String,System.Object[],System.String[],System.Type[],System.Boolean[]) ldc.i4.1 <null> newarr System.Object dup <null> ldc.i4.0 <null> ldc.i4.0 <null> box System.Int32 stelem.ref <null> ldnull <null> call System.Object Microsoft.VisualBasic.CompilerServices.NewLateBinding::LateIndexGet(System.Object,System.Object[],System.String[]) call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) call System.Object wDp0o9Gk.6WrqKgg1y::nz9We(System.Object) pop <null> leave.s IL_016B: ldc.i4.4 dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.s V_15 nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_0152: nop nop <null> nop <null> ldloc.s V_12 ldc.i4.1 <null> add.ovf <null> stloc.s V_12 ldloc.s V_12 ldloc.s V_11 ldlen <null> conv.i4 <null> clt <null> stloc.s V_16 ldloc.s V_16 brtrue IL_00BE: ldloc.s V_11 ldc.i4.4 <null> stloc.0 <null> ret <null>
5906aa141749598b45851583aaefa182 (1.87 MB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙