62703422306efbbcc1f4a97f48d9c89c
PE Executable | MD5: 62703422306efbbcc1f4a97f48d9c89c | Size: 27.14 KB | application/x-dosexec
Symbol Obfuscation Score
|
Hash | Hash Value |
|---|---|
| MD5 | 62703422306efbbcc1f4a97f48d9c89c
|
| Sha1 | 47160d7d4124b406e3f28f29fa0c208830c6f1d3
|
| Sha256 | a9da4306b7f890736de53910a49040880c211ed4a1144221a8ff76e344a3936e
|
| Sha384 | f4fda8f432ce1d6149da90aadb6380b796cd4bcf0cb4e946aa84cdb1107477d0a1459dcc7ed5ffd5e48f88fff6f51e8a
|
| Sha512 | ac32dfea61e7a3a8fdbf6144185a34d915d9a2a6ab51aa55191bd66bc5b9f0421c0f45dd9e4571c70683384d011c6f7f683593242901dda3c11df051f1fea844
|
| SSDeep | 384:dLd6m6G0jVnfU6e1HzCYe/CY2OzRLTm3yilqr636bTtlvGz:NfijVfgT5e/CsEylvGz
|
| TLSH | E2C22A5D3BA08176D2DF6BB006A2DB2142B2E1074A27DB5F4CD844FBAB733C14D81AE5
|
PeID
|
Config. Field0 | Value |
|---|---|
| webcam | 0 |
| packet_size [b] | 5121 |
| BD [BD] | False |
| directory [DR] | TEMP |
| cnc_host [H] | 185.244.29.224 |
| is_dir_defined [Idr] | 1 |
| is_startup_folder [IsF] | 0 |
| is_user_reg [Isu] | false |
| cnc_port [P] | 7000 |
| reg_key [RG] | 6a2634340fbf8a0a2c038c6263d49fd1 |
| reg_path [sf] | Software\Microsoft\Windows\CurrentVersion\Run |
| victim_name [VN] | Teste Do VBS |
| version [VR] | 0.7d By Pjoao1578 |
| splitter [Y] | |'|'| |
| LastAV | 0 |
| vn1 | [kl] |
| DownloadHostOrNot | False |
| DownloadHostOrNotURL | {URLHOST} |
|
Name0 | Value |
|---|---|
| Module Name | Server.exe |
| Full Name | Server.exe |
| EntryPoint | System.Void j.A::Main() |
| Scope Name | Server.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Server |
| Assembly Version | 0.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | <null> |
| Total Strings | 192 |
| Main Method | System.Void j.A::Main() |
| Main IL Instruction Count | 2 |
| Main IL | call System.Void j.OK::KO() ret <null> |
| Module Name | Server.exe |
| Full Name | Server.exe |
| EntryPoint | System.Void j.A::Main() |
| Scope Name | Server.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Server |
| Assembly Version | 0.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | <null> |
| Total Strings | 192 |
| Main Method | System.Void j.A::Main() |
| Main IL Instruction Count | 2 |
| Main IL | call System.Void j.OK::KO() ret <null> |
|
Name0 | Value |
|---|---|
| CnC | 185.244.29.224 |
| Port | 7000 |
|
Config. Field0 | Value |
|---|---|
| webcam | 0 |
| packet_size [b] | 5121 |
| BD [BD] | False |
| directory [DR] | TEMP |
| cnc_host [H] | 185.244.29.224 |
| is_dir_defined [Idr] | 1 |
| is_startup_folder [IsF] | 0 |
| is_user_reg [Isu] | false |
| cnc_port [P] | 7000 |
| reg_key [RG] | 6a2634340fbf8a0a2c038c6263d49fd1 |
| reg_path [sf] | Software\Microsoft\Windows\CurrentVersion\Run |
| victim_name [VN] | Teste Do VBS |
| version [VR] | 0.7d By Pjoao1578 |
| splitter [Y] | |'|'| |
| LastAV | 0 |
| vn1 | [kl] |
| DownloadHostOrNot | False |
| DownloadHostOrNotURL | {URLHOST} |
|
Name0 | Value | Location |
|---|---|---|
| CnC | 185.244.29.224 Malicious |
62703422306efbbcc1f4a97f48d9c89c |
| Port | 7000 Malicious |
62703422306efbbcc1f4a97f48d9c89c |