Malicious
Malicious

5a24282e52c6a94fea1cffd11d5ce223

PE Executable
|
MD5: 5a24282e52c6a94fea1cffd11d5ce223
|
Size: 1.17 MB
|
application/x-dosexec

Print
Infection Chain
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
5a24282e52c6a94fea1cffd11d5ce223
Sha1
ddc8a2e49e2512c499c62f316423176e99e394a0
Sha256
8065672c4d2afa9bee5a00a1e9d209d3f9fa20df917484143accc8f5b6145774
Sha384
709fd1e25c9aa8134e63c87b2a161b101ee08a340d96f88b27c852992da564722984614095f96f52a1a44419b019bff3
Sha512
0a92a1e1e4f7a3b0df8f47efe926f96f6b86f9e69b7607584ae2a4ea92cb571261f3f0726718706a4f6b1f3aad26c9314157fd05957bbdda2a489fcee3e6fbcd
SSDeep
24576:pLgh4/jtTx3wQqB8Cm+K4021BbHRpx2QsnX9ahXH7YpvbG0:5E+lJpIxpgNNMbz
TLSH
224539027E459E11F0096233C6FF498897B4E8417AA6E31B7DBA376D64523A33C0D9DB

PeID

.NET executable
HQR data file
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
5a24282e52c6a94fea1cffd11d5ce223
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
Informations
Name
 Value
Module Name

EqLSqD8FMmXcZ42a
Full Name

EqLSqD8FMmXcZ42a
EntryPoint

System.Void crrk1NnR3ATil9h9VxI.ijrHSdnFRnj4BA4hlyl::JpnExMPfDF()
Scope Name

EqLSqD8FMmXcZ42a
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

K284NSR2Cm
Assembly Version

5.8.9.8
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

63
Main Method

System.Void crrk1NnR3ATil9h9VxI.ijrHSdnFRnj4BA4hlyl::JpnExMPfDF()
Main IL Instruction Count

14
Main IL

br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull call System.Void mBnHxBEBrUisWoUayD7.WTZ0LMEshtMrGZUTxMB::kLjw4iIsCLsZtxc4lksN0j() nop <null> ldsfld System.Object crrk1NnR3ATil9h9VxI.ijrHSdnFRnj4BA4hlyl::OTCE0FKgK6 callvirt System.Void WRlo1Lns9VAiEcFaFod.VmEE3yn2WyLc2SN2acb::cAiQMfkatQ() nop <null> ret <null>
Module Name

EqLSqD8FMmXcZ42a
Full Name

EqLSqD8FMmXcZ42a
EntryPoint

System.Void crrk1NnR3ATil9h9VxI.ijrHSdnFRnj4BA4hlyl::JpnExMPfDF()
Scope Name

EqLSqD8FMmXcZ42a
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

K284NSR2Cm
Assembly Version

5.8.9.8
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

63
Main Method

System.Void crrk1NnR3ATil9h9VxI.ijrHSdnFRnj4BA4hlyl::JpnExMPfDF()
Main IL Instruction Count

14
Main IL

br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull call System.Void mBnHxBEBrUisWoUayD7.WTZ0LMEshtMrGZUTxMB::kLjw4iIsCLsZtxc4lksN0j() nop <null> ldsfld System.Object crrk1NnR3ATil9h9VxI.ijrHSdnFRnj4BA4hlyl::OTCE0FKgK6 callvirt System.Void WRlo1Lns9VAiEcFaFod.VmEE3yn2WyLc2SN2acb::cAiQMfkatQ() nop <null> ret <null>
Artefacts
Name
 Value
Embedded Resources

2
Suspicious Type Names (1-2 chars)

0
5a24282e52c6a94fea1cffd11d5ce223 (1.17 MB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙