Malicious
Malicious

635d87d107af9b7cb73e7e744f853300

PE Executable
|
MD5: 635d87d107af9b7cb73e7e744f853300
|
Size: 1.26 MB
|
application/x-dosexec

Infection Chain
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very high

Hash
 Hash Value
MD5
635d87d107af9b7cb73e7e744f853300
Sha1
911db9cf9af8735eb5a516fe4e4d5a9213b35a99
Sha256
0f0dae1305e32c864e9f7314081b7e2e8d8feea59853511892f16837d5590ad4
Sha384
1f21a22774e483a94379e0444d703d9549025c2ea817800f21ca69ea01902dc038e70dd33e5ea7c9d785af99ba7d1324
Sha512
de3a0a749a0d604ac5eefd1ce479c98ec6e5609d139b010881c76721919e8e2b3010057f23d775d743a95e489949eddae5707c885489b041661ea493b3f411eb
SSDeep
24576:YK6D9mAuVMMbpHkptMdT4ZuB6nzf+X96wtNiOh7OXzy:MyMt7zf+ntNvMz
TLSH
9D455A017E56CE01F0191237C2EF454887B0A9516AE6E31B7DFA37AE15123A7BC0E9DB

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
635d87d107af9b7cb73e7e744f853300
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
.Net Resources
afIUQkSSwrAMW2qeTp.bdc706XSEx2kdkWS58
h9Pf9868CJGHAyQD0o.W6e2r0pA0ySD4fUGZd
Informations
Name
 Value
Module Name

LZWzaDFwvIxXVNfZ0DakjrRLNleNo2JL
Full Name

LZWzaDFwvIxXVNfZ0DakjrRLNleNo2JL
EntryPoint

System.Void kWOkMn0xfU1ULl2pc9r.YwnaNT0dVAVJLcgJ3nc::WErg5I1JPC()
Scope Name

LZWzaDFwvIxXVNfZ0DakjrRLNleNo2JL
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

mY5e0UobSD3PaAYzl42MJIdHKlzj1I28mZtyk49twIQ
Assembly Version

6.3.9.7
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

63
Main Method

System.Void kWOkMn0xfU1ULl2pc9r.YwnaNT0dVAVJLcgJ3nc::WErg5I1JPC()
Main IL Instruction Count

14
Main IL

br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull call System.Void Wkl14ogaYSgQBmd7WRg.iHirywgThSKEgS2InX2::kLjw4iIsCLsZtxc4lksN0j() nop <null> ldsfld System.Object kWOkMn0xfU1ULl2pc9r.YwnaNT0dVAVJLcgJ3nc::dxVgJYCjak callvirt System.Void AjUE6T0TDB7TZyTmolU.B3JcQM0V7kbseh8dcNi::DbY93HVl9G() nop <null> ret <null>
Module Name

LZWzaDFwvIxXVNfZ0DakjrRLNleNo2JL
Full Name

LZWzaDFwvIxXVNfZ0DakjrRLNleNo2JL
EntryPoint

System.Void kWOkMn0xfU1ULl2pc9r.YwnaNT0dVAVJLcgJ3nc::WErg5I1JPC()
Scope Name

LZWzaDFwvIxXVNfZ0DakjrRLNleNo2JL
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

mY5e0UobSD3PaAYzl42MJIdHKlzj1I28mZtyk49twIQ
Assembly Version

6.3.9.7
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

63
Main Method

System.Void kWOkMn0xfU1ULl2pc9r.YwnaNT0dVAVJLcgJ3nc::WErg5I1JPC()
Main IL Instruction Count

14
Main IL

br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull call System.Void Wkl14ogaYSgQBmd7WRg.iHirywgThSKEgS2InX2::kLjw4iIsCLsZtxc4lksN0j() nop <null> ldsfld System.Object kWOkMn0xfU1ULl2pc9r.YwnaNT0dVAVJLcgJ3nc::dxVgJYCjak callvirt System.Void AjUE6T0TDB7TZyTmolU.B3JcQM0V7kbseh8dcNi::DbY93HVl9G() nop <null> ret <null>
635d87d107af9b7cb73e7e744f853300 (1.26 MB)
File Structure
635d87d107af9b7cb73e7e744f853300
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
.Net Resources
afIUQkSSwrAMW2qeTp.bdc706XSEx2kdkWS58
h9Pf9868CJGHAyQD0o.W6e2r0pA0ySD4fUGZd
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙