Suspicious
Suspect

60b9e56fa68dc6bc17949d31fec7387c

PE Executable
|
MD5: 60b9e56fa68dc6bc17949d31fec7387c
|
Size: 588.29 KB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Medium

Hash
 Hash Value
MD5
60b9e56fa68dc6bc17949d31fec7387c
Sha1
16df9114e8dd746fd41aa9f4b41ce233cc5da7fb
Sha256
1a103462a3933e381b06b239b43bbc4ae9b4af4ea5af56a301df6dbcf4a43ee8
Sha384
dc3a30d9b5be0489a6fe58a7f6e1df4dc898d292717edeb3a7e8e843826e7f975472b6a4ea5e50baec9900e89ff2a0bf
Sha512
6b777eadfc4ae13d02d11c2ae50d523e18c9c68dee97d1c2267c636560e9b78d4a007cf3ca2a61b5914be955c6fe04338c8cfed548d519066e5cc9d7f6f8a50e
SSDeep
12288:x2AqJVwhZLTbJXc+xsVuLwxayC3r8/TjktAPKxwgCRWsZhiucR:IVs7s+xsIkYustAPKinxTeR
TLSH
2DC4234E6AE9D2A8C6B1173FECF6830213D6C253E4038F9EF186776D51537BAC606216

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
60b9e56fa68dc6bc17949d31fec7387c
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
Lcchv.Properties.Resources.resources
Xfzytcug
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

Lcchv.exe
Full Name

Lcchv.exe
EntryPoint

System.Void Lcchv.Zvcwqlqacs::Main()
Scope Name

Lcchv.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Lcchv
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

12
Main Method

System.Void Lcchv.Zvcwqlqacs::Main()
Main IL Instruction Count

18
Main IL

newobj System.Void Lcchv.Uouujx::.ctor() stloc.s V_0 br IL_000D: nop ret <null> nop <null> ldloc.s V_0 call System.Byte[] Lcchv.Properties.Zwdjlest::get_Xfzytcug() ldsfld System.Byte[] Lcchv.Processing.AggregatorMonitor::m_ConnectedAggregatorArray ldsfld System.Byte[] Lcchv.Processing.AggregatorMonitor::extendedAggregatorArray ldstr XohYKjlpwI6ptoUpg0.GrX9YxbN4XnxPWUlIF ldstr YyWUjbn4s callvirt System.Void Lcchv.Uouujx::Zfxozq(System.Byte[],System.Byte[],System.Byte[],System.String,System.String) br IL_0033: leave IL_000C leave IL_000C: ret pop <null> br IL_003E: leave IL_000C leave IL_000C: ret br IL_000C: ret
Module Name

Lcchv.exe
Full Name

Lcchv.exe
EntryPoint

System.Void Lcchv.Zvcwqlqacs::Main()
Scope Name

Lcchv.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Lcchv
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

12
Main Method

System.Void Lcchv.Zvcwqlqacs::Main()
Main IL Instruction Count

18
Main IL

newobj System.Void Lcchv.Uouujx::.ctor() stloc.s V_0 br IL_000D: nop ret <null> nop <null> ldloc.s V_0 call System.Byte[] Lcchv.Properties.Zwdjlest::get_Xfzytcug() ldsfld System.Byte[] Lcchv.Processing.AggregatorMonitor::m_ConnectedAggregatorArray ldsfld System.Byte[] Lcchv.Processing.AggregatorMonitor::extendedAggregatorArray ldstr XohYKjlpwI6ptoUpg0.GrX9YxbN4XnxPWUlIF ldstr YyWUjbn4s callvirt System.Void Lcchv.Uouujx::Zfxozq(System.Byte[],System.Byte[],System.Byte[],System.String,System.String) br IL_0033: leave IL_000C leave IL_000C: ret pop <null> br IL_003E: leave IL_000C leave IL_000C: ret br IL_000C: ret
60b9e56fa68dc6bc17949d31fec7387c (588.29 KB)
File Structure
60b9e56fa68dc6bc17949d31fec7387c
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
Lcchv.Properties.Resources.resources
Xfzytcug
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙