5f85a99c4d5917dd62f7793f7653489a
PE Executable | MD5: 5f85a99c4d5917dd62f7793f7653489a | Size: 82.43 KB | application/x-dosexec
Symbol Ofbuscation Score
|
Hash | Hash Value |
|---|---|
| MD5 | 5f85a99c4d5917dd62f7793f7653489a
|
| Sha1 | f37c81228d5a6a492605816ee20f9496fd499874
|
| Sha256 | 4d490ace9c741baa4db3acd1377108c78c992ca5915494d4cbcf577016b17fdf
|
| Sha384 | 4fb260f649cf24cfcbc230f40bf4fc30cd75ca63d16e9f72f1b9c1cd4cd57fb9404d642450347b54e4ae67865a816384
|
| Sha512 | c26797071f67e699261805817a1fb668fb7d4d8f7c618aa66fcaef444107f21696333f536eefccb6c27b3fda6a6fc40976226d6b5a68211f75d178afedf54370
|
| SSDeep | 1536:FXrYVh0TsXQizMahODmmQd0WKxdibfDl2e5dEuuZG5CTWV+kkaXhvt:aVh0gh+1QVVljEK0zqZt
|
| TLSH | C483B407BB4BC5B2C6445BBBDD9F44001364D7B2B6A3D6DA394E235A1843BFA99C024F
|
PeID
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Module Name | Wxdetxii |
| Full Name | Wxdetxii |
| EntryPoint | System.Void Wxdetxii.Registry.IsolatedReg::OpenRandomReg() |
| Scope Name | Wxdetxii |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Wxdetxii |
| Assembly Version | 1.0.5550.23178 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.6 |
| Total Strings | 0 |
| Main Method | System.Void Wxdetxii.Registry.IsolatedReg::OpenRandomReg() |
| Main IL Instruction Count | 97 |
| Main IL | ldc.i4 3 stloc V_0 br IL_000E: ldloc V_0 ldloc V_0 switch dnlib.DotNet.Emit.Instruction[] br IL_0034: ret ret <null> newobj System.Void Wxdetxii.Registry.IsolatedReg/GenericAggregator::.ctor() stloc.s V_3 ldc.i4 2 br IL_0012: switch(IL_0034,IL_00B7,IL_0046,IL_0035,IL_0087,IL_005C) ldc.i4 1550850021 call System.String Wxdetxii.Collections.ExpandableQueue::FindQueue(System.Int32) stloc.s V_1 ldc.i4 5 br IL_0012: switch(IL_0034,IL_00B7,IL_0046,IL_0035,IL_0087,IL_005C) ldc.i4 1550849988 call System.String Wxdetxii.Collections.ExpandableQueue::FindQueue(System.Int32) stloc.s V_2 ldc.i4 4 ldsfld <Module>{2ffed06b-af7b-433c-a960-43c298ea052b} <Module>{2ffed06b-af7b-433c-a960-43c298ea052b}::m_9770a3f4e2b2433db29e9cd3443445c9 ldfld System.Int32 <Module>{2ffed06b-af7b-433c-a960-43c298ea052b}::m_865d16f0ca9a4953b29ed76c53c84b87 brfalse IL_0012: switch(IL_0034,IL_00B7,IL_0046,IL_0035,IL_0087,IL_005C) pop <null> ldc.i4 3 br IL_0012: switch(IL_0034,IL_00B7,IL_0046,IL_0035,IL_0087,IL_005C) ldsfld System.Func`1<System.Byte[]> Wxdetxii.Registry.IsolatedReg/SegmentedGenerator::_GeneratorDecider dup <null> brfalse IL_0097: pop br IL_00CD: newobj System.Void Wxdetxii.Collections.ProcParameter::.ctor(System.Func`1<System.Byte[]>) pop <null> ldc.i4 1 ldsfld <Module>{2ffed06b-af7b-433c-a960-43c298ea052b} <Module>{2ffed06b-af7b-433c-a960-43c298ea052b}::m_9770a3f4e2b2433db29e9cd3443445c9 ldfld System.Int32 <Module>{2ffed06b-af7b-433c-a960-43c298ea052b}::m_dc70c712fe2a40b6831376bcba234859 brtrue IL_0012: switch(IL_0034,IL_00B7,IL_0046,IL_0035,IL_0087,IL_005C) pop <null> ldc.i4 1 br IL_0012: switch(IL_0034,IL_00B7,IL_0046,IL_0035,IL_0087,IL_005C) ldsfld System.Object Wxdetxii.Registry.IsolatedReg/SegmentedGenerator::m_DynamicGenerator ldftn System.Byte[] Wxdetxii.Registry.IsolatedReg/SegmentedGenerator::CallGenerator() newobj System.Void System.Func`1<System.Byte[]>::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Func`1<System.Byte[]> Wxdetxii.Registry.IsolatedReg/SegmentedGenerator::_GeneratorDecider newobj System.Void Wxdetxii.Collections.ProcParameter::.ctor(System.Func`1<System.Byte[]>) ldloc.s V_3 ldloc.s V_1 ldloc.s V_2 newobj System.Void Wxdetxii.Elements.ElementResponder::.ctor(System.String,System.String) stfld System.Object Wxdetxii.Registry.IsolatedReg/GenericAggregator::m_OrderedAggregator ldloc.s V_3 newobj System.Void Wxdetxii.Generators.DetachedGenerator::.ctor() stfld System.Object Wxdetxii.Registry.IsolatedReg/GenericAggregator::gatewayChooser ldloc.s V_3 ldc.i4 1550850011 call System.String Wxdetxii.Collections.ExpandableQueue::FindQueue(System.Int32) ldc.i4 1550849543 call System.String Wxdetxii.Collections.ExpandableQueue::FindQueue(System.Int32) newobj System.Void Wxdetxii.Registry.GlobalReg::.ctor(System.String,System.String) stfld System.Object Wxdetxii.Registry.IsolatedReg/GenericAggregator::m_DeciderSpec dup <null> ldloc.s V_3 ldftn System.Void Wxdetxii.Registry.IsolatedReg/GenericAggregator::AggregateIsolatedAggregator(System.IO.MemoryStream) newobj System.Void System.Action`1<System.IO.MemoryStream>::.ctor(System.Object,System.IntPtr) callvirt System.Void Wxdetxii.Collections.ProcParameter::QueueDividedQueue(System.Action`1<System.IO.MemoryStream>) ldloc.s V_3 ldfld System.Object Wxdetxii.Registry.IsolatedReg/GenericAggregator::m_OrderedAggregator ldloc.s V_3 ldftn System.Void Wxdetxii.Registry.IsolatedReg/GenericAggregator::CollectCentralAggregator(System.IO.MemoryStream) newobj System.Void System.Action`1<System.IO.MemoryStream>::.ctor(System.Object,System.IntPtr) callvirt System.Void Wxdetxii.Elements.ElementResponder::ManageStatelessElement(System.Action`1<System.IO.MemoryStream>) ldloc.s V_3 ldfld System.Object Wxdetxii.Registry.IsolatedReg/GenericAggregator::gatewayChooser ldloc.s V_3 ldftn System.Void Wxdetxii.Registry.IsolatedReg/GenericAggregator::AggregateAdjustableAggregator(System.Reflection.Assembly) newobj System.Void System.Action`1<System.Reflection.Assembly>::.ctor(System.Object,System.IntPtr) callvirt System.Void Wxdetxii.Generators.DetachedGenerator::AdaptGenerator(System.Action`1<System.Reflection.Assembly>) ldloc.s V_3 ldfld System.Object Wxdetxii.Registry.IsolatedReg/GenericAggregator::m_DeciderSpec ldsfld System.Object Wxdetxii.Registry.IsolatedReg/SegmentedGenerator::statelessGenerator dup <null> brfalse IL_016A: pop br IL_0181: callvirt System.Void Wxdetxii.Registry.GlobalReg::AssessReg(System.Action) pop <null> ldsfld System.Object Wxdetxii.Registry.IsolatedReg/SegmentedGenerator::m_DynamicGenerator ldftn System.Void Wxdetxii.Registry.IsolatedReg/SegmentedGenerator::AssetGenerator() newobj System.Void System.Action::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Object Wxdetxii.Registry.IsolatedReg/SegmentedGenerator::statelessGenerator callvirt System.Void Wxdetxii.Registry.GlobalReg::AssessReg(System.Action) callvirt System.Void Wxdetxii.Collections.ProcParameter::OpenQueue() ldc.i4 0 ldsfld <Module>{2ffed06b-af7b-433c-a960-43c298ea052b} <Module>{2ffed06b-af7b-433c-a960-43c298ea052b}::m_9770a3f4e2b2433db29e9cd3443445c9 ldfld System.Int32 <Module>{2ffed06b-af7b-433c-a960-43c298ea052b}::m_e7170ca80855410abefc82cbd5e2c0ec brfalse IL_0012: switch(IL_0034,IL_00B7,IL_0046,IL_0035,IL_0087,IL_005C) pop <null> ldc.i4 0 br IL_0012: switch(IL_0034,IL_00B7,IL_0046,IL_0035,IL_0087,IL_005C) |
| Module Name | Wxdetxii |
| Full Name | Wxdetxii |
| EntryPoint | System.Void Wxdetxii.Registry.IsolatedReg::OpenRandomReg() |
| Scope Name | Wxdetxii |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Wxdetxii |
| Assembly Version | 1.0.5550.23178 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.6 |
| Total Strings | 0 |
| Main Method | System.Void Wxdetxii.Registry.IsolatedReg::OpenRandomReg() |
| Main IL Instruction Count | 97 |
| Main IL | ldc.i4 3 stloc V_0 br IL_000E: ldloc V_0 ldloc V_0 switch dnlib.DotNet.Emit.Instruction[] br IL_0034: ret ret <null> newobj System.Void Wxdetxii.Registry.IsolatedReg/GenericAggregator::.ctor() stloc.s V_3 ldc.i4 2 br IL_0012: switch(IL_0034,IL_00B7,IL_0046,IL_0035,IL_0087,IL_005C) ldc.i4 1550850021 call System.String Wxdetxii.Collections.ExpandableQueue::FindQueue(System.Int32) stloc.s V_1 ldc.i4 5 br IL_0012: switch(IL_0034,IL_00B7,IL_0046,IL_0035,IL_0087,IL_005C) ldc.i4 1550849988 call System.String Wxdetxii.Collections.ExpandableQueue::FindQueue(System.Int32) stloc.s V_2 ldc.i4 4 ldsfld <Module>{2ffed06b-af7b-433c-a960-43c298ea052b} <Module>{2ffed06b-af7b-433c-a960-43c298ea052b}::m_9770a3f4e2b2433db29e9cd3443445c9 ldfld System.Int32 <Module>{2ffed06b-af7b-433c-a960-43c298ea052b}::m_865d16f0ca9a4953b29ed76c53c84b87 brfalse IL_0012: switch(IL_0034,IL_00B7,IL_0046,IL_0035,IL_0087,IL_005C) pop <null> ldc.i4 3 br IL_0012: switch(IL_0034,IL_00B7,IL_0046,IL_0035,IL_0087,IL_005C) ldsfld System.Func`1<System.Byte[]> Wxdetxii.Registry.IsolatedReg/SegmentedGenerator::_GeneratorDecider dup <null> brfalse IL_0097: pop br IL_00CD: newobj System.Void Wxdetxii.Collections.ProcParameter::.ctor(System.Func`1<System.Byte[]>) pop <null> ldc.i4 1 ldsfld <Module>{2ffed06b-af7b-433c-a960-43c298ea052b} <Module>{2ffed06b-af7b-433c-a960-43c298ea052b}::m_9770a3f4e2b2433db29e9cd3443445c9 ldfld System.Int32 <Module>{2ffed06b-af7b-433c-a960-43c298ea052b}::m_dc70c712fe2a40b6831376bcba234859 brtrue IL_0012: switch(IL_0034,IL_00B7,IL_0046,IL_0035,IL_0087,IL_005C) pop <null> ldc.i4 1 br IL_0012: switch(IL_0034,IL_00B7,IL_0046,IL_0035,IL_0087,IL_005C) ldsfld System.Object Wxdetxii.Registry.IsolatedReg/SegmentedGenerator::m_DynamicGenerator ldftn System.Byte[] Wxdetxii.Registry.IsolatedReg/SegmentedGenerator::CallGenerator() newobj System.Void System.Func`1<System.Byte[]>::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Func`1<System.Byte[]> Wxdetxii.Registry.IsolatedReg/SegmentedGenerator::_GeneratorDecider newobj System.Void Wxdetxii.Collections.ProcParameter::.ctor(System.Func`1<System.Byte[]>) ldloc.s V_3 ldloc.s V_1 ldloc.s V_2 newobj System.Void Wxdetxii.Elements.ElementResponder::.ctor(System.String,System.String) stfld System.Object Wxdetxii.Registry.IsolatedReg/GenericAggregator::m_OrderedAggregator ldloc.s V_3 newobj System.Void Wxdetxii.Generators.DetachedGenerator::.ctor() stfld System.Object Wxdetxii.Registry.IsolatedReg/GenericAggregator::gatewayChooser ldloc.s V_3 ldc.i4 1550850011 call System.String Wxdetxii.Collections.ExpandableQueue::FindQueue(System.Int32) ldc.i4 1550849543 call System.String Wxdetxii.Collections.ExpandableQueue::FindQueue(System.Int32) newobj System.Void Wxdetxii.Registry.GlobalReg::.ctor(System.String,System.String) stfld System.Object Wxdetxii.Registry.IsolatedReg/GenericAggregator::m_DeciderSpec dup <null> ldloc.s V_3 ldftn System.Void Wxdetxii.Registry.IsolatedReg/GenericAggregator::AggregateIsolatedAggregator(System.IO.MemoryStream) newobj System.Void System.Action`1<System.IO.MemoryStream>::.ctor(System.Object,System.IntPtr) callvirt System.Void Wxdetxii.Collections.ProcParameter::QueueDividedQueue(System.Action`1<System.IO.MemoryStream>) ldloc.s V_3 ldfld System.Object Wxdetxii.Registry.IsolatedReg/GenericAggregator::m_OrderedAggregator ldloc.s V_3 ldftn System.Void Wxdetxii.Registry.IsolatedReg/GenericAggregator::CollectCentralAggregator(System.IO.MemoryStream) newobj System.Void System.Action`1<System.IO.MemoryStream>::.ctor(System.Object,System.IntPtr) callvirt System.Void Wxdetxii.Elements.ElementResponder::ManageStatelessElement(System.Action`1<System.IO.MemoryStream>) ldloc.s V_3 ldfld System.Object Wxdetxii.Registry.IsolatedReg/GenericAggregator::gatewayChooser ldloc.s V_3 ldftn System.Void Wxdetxii.Registry.IsolatedReg/GenericAggregator::AggregateAdjustableAggregator(System.Reflection.Assembly) newobj System.Void System.Action`1<System.Reflection.Assembly>::.ctor(System.Object,System.IntPtr) callvirt System.Void Wxdetxii.Generators.DetachedGenerator::AdaptGenerator(System.Action`1<System.Reflection.Assembly>) ldloc.s V_3 ldfld System.Object Wxdetxii.Registry.IsolatedReg/GenericAggregator::m_DeciderSpec ldsfld System.Object Wxdetxii.Registry.IsolatedReg/SegmentedGenerator::statelessGenerator dup <null> brfalse IL_016A: pop br IL_0181: callvirt System.Void Wxdetxii.Registry.GlobalReg::AssessReg(System.Action) pop <null> ldsfld System.Object Wxdetxii.Registry.IsolatedReg/SegmentedGenerator::m_DynamicGenerator ldftn System.Void Wxdetxii.Registry.IsolatedReg/SegmentedGenerator::AssetGenerator() newobj System.Void System.Action::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Object Wxdetxii.Registry.IsolatedReg/SegmentedGenerator::statelessGenerator callvirt System.Void Wxdetxii.Registry.GlobalReg::AssessReg(System.Action) callvirt System.Void Wxdetxii.Collections.ProcParameter::OpenQueue() ldc.i4 0 ldsfld <Module>{2ffed06b-af7b-433c-a960-43c298ea052b} <Module>{2ffed06b-af7b-433c-a960-43c298ea052b}::m_9770a3f4e2b2433db29e9cd3443445c9 ldfld System.Int32 <Module>{2ffed06b-af7b-433c-a960-43c298ea052b}::m_e7170ca80855410abefc82cbd5e2c0ec brfalse IL_0012: switch(IL_0034,IL_00B7,IL_0046,IL_0035,IL_0087,IL_005C) pop <null> ldc.i4 0 br IL_0012: switch(IL_0034,IL_00B7,IL_0046,IL_0035,IL_0087,IL_005C) |