5b2ddd7aa13873a0beeabab2935d26e1

PE Executable
|
MD5: 5b2ddd7aa13873a0beeabab2935d26e1
|
Size: 1.37 MB
|
application/x-dosexec

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	5b2ddd7aa13873a0beeabab2935d26e1
Sha1	dd4fa02408cbca1f0787f10ee7ac0b5e0907e328
Sha256	a56e10d246a4738546db98052e93096eed2e6ccea1688e3976e8e053aaa0b3d0
Sha384	e737ca6fb9cd00327c60d31774a1abe1ed88d281e42b9e606c5fc702e6d71b5f472a92fccb99d5e671ca8d2bdc6da20d
Sha512	b52e01b2e17e86be81bb8e041ddd198adbb12361e6d63e66025f9b32c388ffdbae511a33dba4e8ec5be182835bc0e23cef8d1669794336d3dc32c62b6f3279b6
SSDeep	24576:OjnTF/fb39Z1JXJ00n0e0WU+rft0v1smgAaRLwgZQzqtLYO:OLTBfb9ZnXVn0LQEJCRLXKOtLz
TLSH	4B55F11617D456A8F0BECB74A6B4046443F1F91BE32AEB6F7A8841ED4E21BC5A543333

PeID

.NET executable

Microsoft Visual C# / Basic .NET

Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL

Microsoft Visual C# v7.0 / Basic .NET

Microsoft Visual Studio .NET

File Structure

Informations

Name0	Value
Info	PE Detect: PeReader OK (file layout)
Module Name	4wpQS6cwf
Full Name	4wpQS6cwf
EntryPoint	System.Void 4wpQS6cwf.1Nwwd0kP/mLc7Nt8pq.pz0NB::Jjg87Cw()
Scope Name	4wpQS6cwf
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	4wpQS6cwf
Assembly Version	8.6.28.144
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.6
Total Strings	1089
Main Method	System.Void 4wpQS6cwf.1Nwwd0kP/mLc7Nt8pq.pz0NB::Jjg87Cw()
Main IL Instruction Count	39
Main IL	nop <null> nop <null> call System.Reflection.Assembly System.Reflection.Assembly::GetExecutingAssembly() callvirt System.String System.Reflection.Assembly::get_Location() call System.Diagnostics.FileVersionInfo System.Diagnostics.FileVersionInfo::GetVersionInfo(System.String) callvirt System.String System.Diagnostics.FileVersionInfo::get_FileVersion() stloc.0 <null> ldloc.0 <null> call System.Boolean System.String::IsNullOrEmpty(System.String) stloc.3 <null> ldloc.3 <null> brfalse.s IL_0027: ldc.i4.s 100 ldstr 1.6.4.9 stloc.0 <null> ldc.i4.s 100 call System.Void System.Threading.Thread::Sleep(System.Int32) nop <null> ldc.i4.s 26 call System.String System.Environment::GetFolderPath(System.Environment/SpecialFolder) ldstr AppConfig.dat call System.String System.IO.Path::Combine(System.String,System.String) stloc.1 <null> newobj System.Void 4wpQS6cwf.7Cs_r8qHtD9::.ctor() stloc.2 <null> ldloc.2 <null> call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> leave.s IL_0067: nop dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.s V_4 nop <null> ldc.i4.0 <null> call System.Void System.Environment::Exit(System.Int32) nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_0067: nop nop <null> ret <null>
Module Name	4wpQS6cwf
Full Name	4wpQS6cwf
EntryPoint	System.Void 4wpQS6cwf.1Nwwd0kP/mLc7Nt8pq.pz0NB::Jjg87Cw()
Scope Name	4wpQS6cwf
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	4wpQS6cwf
Assembly Version	8.6.28.144
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.6
Total Strings	1089
Main Method	System.Void 4wpQS6cwf.1Nwwd0kP/mLc7Nt8pq.pz0NB::Jjg87Cw()
Main IL Instruction Count	39
Main IL	nop <null> nop <null> call System.Reflection.Assembly System.Reflection.Assembly::GetExecutingAssembly() callvirt System.String System.Reflection.Assembly::get_Location() call System.Diagnostics.FileVersionInfo System.Diagnostics.FileVersionInfo::GetVersionInfo(System.String) callvirt System.String System.Diagnostics.FileVersionInfo::get_FileVersion() stloc.0 <null> ldloc.0 <null> call System.Boolean System.String::IsNullOrEmpty(System.String) stloc.3 <null> ldloc.3 <null> brfalse.s IL_0027: ldc.i4.s 100 ldstr 1.6.4.9 stloc.0 <null> ldc.i4.s 100 call System.Void System.Threading.Thread::Sleep(System.Int32) nop <null> ldc.i4.s 26 call System.String System.Environment::GetFolderPath(System.Environment/SpecialFolder) ldstr AppConfig.dat call System.String System.IO.Path::Combine(System.String,System.String) stloc.1 <null> newobj System.Void 4wpQS6cwf.7Cs_r8qHtD9::.ctor() stloc.2 <null> ldloc.2 <null> call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> leave.s IL_0067: nop dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.s V_4 nop <null> ldc.i4.0 <null> call System.Void System.Environment::Exit(System.Int32) nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_0067: nop nop <null> ret <null>

5b2ddd7aa13873a0beeabab2935d26e1 (1.37 MB)

File Structure

Characteristics

No malware configuration were found at this point.

You must be signed in to post a comment.

5b2ddd7aa13873a0beeabab2935d26e1

PE Executable | MD5: 5b2ddd7aa13873a0beeabab2935d26e1 | Size: 1.37 MB | application/x-dosexec

PE Executable
|
MD5: 5b2ddd7aa13873a0beeabab2935d26e1
|
Size: 1.37 MB
|
application/x-dosexec