Symbol Ofbuscation Score
|
Hash | Hash Value |
|---|---|
| MD5 | 5b37f5fc42384834b7aac5081a5bac85
|
| Sha1 | 51aa8b08dc67cb91435ce58d4453a8ae5e0dd577
|
| Sha256 | 072ce701ec0252eeddd6a0501555296bce512a7b90422addbb6d3619ae10f4ff
|
| Sha384 | e7142c44b87cadefbfadcfe173fdf5e7d45e3acca27cbd0f8c5b4cdaa7767050e2e6fc589e6e4fe43117b3c815420d70
|
| Sha512 | eaa5c443c1dc2696a1593b32f171630342d1fb9b9b7d11f15bc3401f4c45eef322c16a1c1c63cd4f24209019a4ad6d345574cb73ca8c90108d8470976a761439
|
| SSDeep | 384:nHVOeCwqR63Jxk8GbfRvShKPR9VZwfuFnjPRWcnsW:oeCwh5xk8JKJ9jj
|
| TLSH | 97822A08B7E48324E1BE0B38A8B313685975F5975833DB5D2DC5202E09B37809E12F73
|
PeID
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Module Name | FleetAgentFUD.exe |
| Full Name | FleetAgentFUD.exe |
| EntryPoint | System.Void Microsoft.NET.Runtime.Program::Main(System.String[]) |
| Scope Name | FleetAgentFUD.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | FleetAgentFUD |
| Assembly Version | 4.8.4682.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | <null> |
| Total Strings | 143 |
| Main Method | System.Void Microsoft.NET.Runtime.Program::Main(System.String[]) |
| Main IL Instruction Count | 42 |
| Main IL | call System.IntPtr Microsoft.NET.Runtime.Program::GetConsoleWindow() stloc.0 <null> ldloc.0 <null> ldsfld System.IntPtr System.IntPtr::Zero call System.Boolean System.IntPtr::op_Inequality(System.IntPtr,System.IntPtr) brfalse.s IL_001B: leave.s IL_0020 ldloc.0 <null> ldc.i4.0 <null> call System.Boolean Microsoft.NET.Runtime.Program::ShowWindow(System.IntPtr,System.Int32) pop <null> leave.s IL_0020: call System.Void Microsoft.NET.Runtime.Program::P() pop <null> leave.s IL_0020: call System.Void Microsoft.NET.Runtime.Program::P() call System.Void Microsoft.NET.Runtime.Program::P() leave.s IL_002A: ldsfld System.Byte[] Microsoft.NET.Runtime.Program::_h pop <null> leave.s IL_002A: ldsfld System.Byte[] Microsoft.NET.Runtime.Program::_h ldsfld System.Byte[] Microsoft.NET.Runtime.Program::_h call System.String Microsoft.NET.Runtime.Program::D(System.Byte[]) stloc.1 <null> ldsfld System.Byte[] Microsoft.NET.Runtime.Program::_p call System.String Microsoft.NET.Runtime.Program::D(System.Byte[]) call System.Int32 System.Int32::Parse(System.String) stloc.2 <null> call System.String Microsoft.NET.Runtime.Program::G() stsfld System.String Microsoft.NET.Runtime.Program::_i call System.String System.Environment::get_MachineName() stsfld System.String Microsoft.NET.Runtime.Program::_m br.s IL_0078: ldsfld System.Boolean Microsoft.NET.Runtime.Program::_r ldloc.1 <null> ldloc.2 <null> call System.Void Microsoft.NET.Runtime.Program::L(System.String,System.Int32) leave.s IL_0067: ldsfld System.Boolean Microsoft.NET.Runtime.Program::_r pop <null> leave.s IL_0067: ldsfld System.Boolean Microsoft.NET.Runtime.Program::_r ldsfld System.Boolean Microsoft.NET.Runtime.Program::_r brfalse.s IL_0078: ldsfld System.Boolean Microsoft.NET.Runtime.Program::_r ldc.i4 5000 call System.Void System.Threading.Thread::Sleep(System.Int32) ldsfld System.Boolean Microsoft.NET.Runtime.Program::_r brtrue.s IL_005B: ldloc.1 ret <null> |
| Module Name | FleetAgentFUD.exe |
| Full Name | FleetAgentFUD.exe |
| EntryPoint | System.Void Microsoft.NET.Runtime.Program::Main(System.String[]) |
| Scope Name | FleetAgentFUD.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | FleetAgentFUD |
| Assembly Version | 4.8.4682.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | <null> |
| Total Strings | 143 |
| Main Method | System.Void Microsoft.NET.Runtime.Program::Main(System.String[]) |
| Main IL Instruction Count | 42 |
| Main IL | call System.IntPtr Microsoft.NET.Runtime.Program::GetConsoleWindow() stloc.0 <null> ldloc.0 <null> ldsfld System.IntPtr System.IntPtr::Zero call System.Boolean System.IntPtr::op_Inequality(System.IntPtr,System.IntPtr) brfalse.s IL_001B: leave.s IL_0020 ldloc.0 <null> ldc.i4.0 <null> call System.Boolean Microsoft.NET.Runtime.Program::ShowWindow(System.IntPtr,System.Int32) pop <null> leave.s IL_0020: call System.Void Microsoft.NET.Runtime.Program::P() pop <null> leave.s IL_0020: call System.Void Microsoft.NET.Runtime.Program::P() call System.Void Microsoft.NET.Runtime.Program::P() leave.s IL_002A: ldsfld System.Byte[] Microsoft.NET.Runtime.Program::_h pop <null> leave.s IL_002A: ldsfld System.Byte[] Microsoft.NET.Runtime.Program::_h ldsfld System.Byte[] Microsoft.NET.Runtime.Program::_h call System.String Microsoft.NET.Runtime.Program::D(System.Byte[]) stloc.1 <null> ldsfld System.Byte[] Microsoft.NET.Runtime.Program::_p call System.String Microsoft.NET.Runtime.Program::D(System.Byte[]) call System.Int32 System.Int32::Parse(System.String) stloc.2 <null> call System.String Microsoft.NET.Runtime.Program::G() stsfld System.String Microsoft.NET.Runtime.Program::_i call System.String System.Environment::get_MachineName() stsfld System.String Microsoft.NET.Runtime.Program::_m br.s IL_0078: ldsfld System.Boolean Microsoft.NET.Runtime.Program::_r ldloc.1 <null> ldloc.2 <null> call System.Void Microsoft.NET.Runtime.Program::L(System.String,System.Int32) leave.s IL_0067: ldsfld System.Boolean Microsoft.NET.Runtime.Program::_r pop <null> leave.s IL_0067: ldsfld System.Boolean Microsoft.NET.Runtime.Program::_r ldsfld System.Boolean Microsoft.NET.Runtime.Program::_r brfalse.s IL_0078: ldsfld System.Boolean Microsoft.NET.Runtime.Program::_r ldc.i4 5000 call System.Void System.Threading.Thread::Sleep(System.Int32) ldsfld System.Boolean Microsoft.NET.Runtime.Program::_r brtrue.s IL_005B: ldloc.1 ret <null> |