Symbol Obfuscation Score
|
Hash | Hash Value |
|---|---|
| MD5 | 5e70f40b30816dbbeed70591e356a24a
|
| Sha1 | 6e6480cd180900b645514caf97efc0e3c7db48bf
|
| Sha256 | 6feba2bc4cbceb767f2d765dabc7ef4d0145d755a630fd0eaddd4f2550158cc6
|
| Sha384 | 9bd0c7c8868587850f36c4bf795a292688da42c359158293230f4429a69d7c50154ecabaf510c35bdf33f93a48ecd8bd
|
| Sha512 | 963991e90d1713caf4ba5b866c7bb24a3d57f569944ceaa04346953fcfe3f4e5aedf7362392187e0f02a1185aded09254d5cd8783cf5f62c017e02691c1225a8
|
| SSDeep | 6144:c1lYdNveXXKrRafJH5Va9h9dzbYVV0UUehwl54v0a/G3JonWvuoHBSyz2cfTS:klYBrGj4b1bYLiI8GA
|
| TLSH | 00A4282527EC0A08FAFF2B39E4B204518AB7B807B876D71E0959855F1B73B40D921B77
|
PeID
|
Name0 | Value |
|---|---|
| Module Name | Rubeus.exe |
| Full Name | Rubeus.exe |
| EntryPoint | System.Void Rubeus.Program::Main(System.String[]) |
| Scope Name | Rubeus.exe |
| Scope Type | ModuleDef |
| Kind | Console |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Rubeus |
| Assembly Version | 1.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.8 |
| Total Strings | 2735 |
| Main Method | System.Void Rubeus.Program::Main(System.String[]) |
| Main IL Instruction Count | 47 |
| Main IL | ldarg.0 <null> call Rubeus.Domain.ArgumentParserResult Rubeus.Domain.ArgumentParser::Parse(System.Collections.Generic.IEnumerable`1<System.String>) stloc.0 <null> ldloc.0 <null> callvirt System.Boolean Rubeus.Domain.ArgumentParserResult::get_ParsedOk() brtrue.s IL_001A: ldarg.0 call System.Void Rubeus.Domain.Info::ShowLogo() call System.Void Rubeus.Domain.Info::ShowUsage() ret <null> ldarg.0 <null> ldlen <null> brtrue.s IL_0025: ldarg.0 ldstr br.s IL_0028: stloc.1 ldarg.0 <null> ldc.i4.0 <null> ldelem.ref <null> stloc.1 <null> ldloc.0 <null> callvirt System.Collections.Generic.Dictionary`2<System.String,System.String> Rubeus.Domain.ArgumentParserResult::get_Arguments() ldstr /nowrap callvirt System.Boolean System.Collections.Generic.Dictionary`2<System.String,System.String>::ContainsKey(System.String) brfalse.s IL_0041: ldloc.0 ldc.i4.0 <null> stsfld System.Boolean Rubeus.Program::wrapTickets ldloc.0 <null> callvirt System.Collections.Generic.Dictionary`2<System.String,System.String> Rubeus.Domain.ArgumentParserResult::get_Arguments() ldstr /debug callvirt System.Boolean System.Collections.Generic.Dictionary`2<System.String,System.String>::ContainsKey(System.String) brfalse.s IL_0059: ldloc.0 ldc.i4.1 <null> stsfld System.Boolean Rubeus.Program::Debug ldloc.0 <null> callvirt System.Collections.Generic.Dictionary`2<System.String,System.String> Rubeus.Domain.ArgumentParserResult::get_Arguments() ldstr /consoleoutfile callvirt System.Boolean System.Collections.Generic.Dictionary`2<System.String,System.String>::ContainsKey(System.String) brfalse.s IL_0078: ldloc.1 ldloc.1 <null> ldloc.0 <null> callvirt System.Collections.Generic.Dictionary`2<System.String,System.String> Rubeus.Domain.ArgumentParserResult::get_Arguments() call System.Void Rubeus.Program::FileExecute(System.String,System.Collections.Generic.Dictionary`2<System.String,System.String>) ret <null> ldloc.1 <null> ldloc.0 <null> callvirt System.Collections.Generic.Dictionary`2<System.String,System.String> Rubeus.Domain.ArgumentParserResult::get_Arguments() call System.Void Rubeus.Program::MainExecute(System.String,System.Collections.Generic.Dictionary`2<System.String,System.String>) ret <null> |
| Module Name | Rubeus.exe |
| Full Name | Rubeus.exe |
| EntryPoint | System.Void Rubeus.Program::Main(System.String[]) |
| Scope Name | Rubeus.exe |
| Scope Type | ModuleDef |
| Kind | Console |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Rubeus |
| Assembly Version | 1.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.8 |
| Total Strings | 2735 |
| Main Method | System.Void Rubeus.Program::Main(System.String[]) |
| Main IL Instruction Count | 47 |
| Main IL | ldarg.0 <null> call Rubeus.Domain.ArgumentParserResult Rubeus.Domain.ArgumentParser::Parse(System.Collections.Generic.IEnumerable`1<System.String>) stloc.0 <null> ldloc.0 <null> callvirt System.Boolean Rubeus.Domain.ArgumentParserResult::get_ParsedOk() brtrue.s IL_001A: ldarg.0 call System.Void Rubeus.Domain.Info::ShowLogo() call System.Void Rubeus.Domain.Info::ShowUsage() ret <null> ldarg.0 <null> ldlen <null> brtrue.s IL_0025: ldarg.0 ldstr br.s IL_0028: stloc.1 ldarg.0 <null> ldc.i4.0 <null> ldelem.ref <null> stloc.1 <null> ldloc.0 <null> callvirt System.Collections.Generic.Dictionary`2<System.String,System.String> Rubeus.Domain.ArgumentParserResult::get_Arguments() ldstr /nowrap callvirt System.Boolean System.Collections.Generic.Dictionary`2<System.String,System.String>::ContainsKey(System.String) brfalse.s IL_0041: ldloc.0 ldc.i4.0 <null> stsfld System.Boolean Rubeus.Program::wrapTickets ldloc.0 <null> callvirt System.Collections.Generic.Dictionary`2<System.String,System.String> Rubeus.Domain.ArgumentParserResult::get_Arguments() ldstr /debug callvirt System.Boolean System.Collections.Generic.Dictionary`2<System.String,System.String>::ContainsKey(System.String) brfalse.s IL_0059: ldloc.0 ldc.i4.1 <null> stsfld System.Boolean Rubeus.Program::Debug ldloc.0 <null> callvirt System.Collections.Generic.Dictionary`2<System.String,System.String> Rubeus.Domain.ArgumentParserResult::get_Arguments() ldstr /consoleoutfile callvirt System.Boolean System.Collections.Generic.Dictionary`2<System.String,System.String>::ContainsKey(System.String) brfalse.s IL_0078: ldloc.1 ldloc.1 <null> ldloc.0 <null> callvirt System.Collections.Generic.Dictionary`2<System.String,System.String> Rubeus.Domain.ArgumentParserResult::get_Arguments() call System.Void Rubeus.Program::FileExecute(System.String,System.Collections.Generic.Dictionary`2<System.String,System.String>) ret <null> ldloc.1 <null> ldloc.0 <null> callvirt System.Collections.Generic.Dictionary`2<System.String,System.String> Rubeus.Domain.ArgumentParserResult::get_Arguments() call System.Void Rubeus.Program::MainExecute(System.String,System.Collections.Generic.Dictionary`2<System.String,System.String>) ret <null> |