General
Structural Analysis
Config.0
Yara Rules16
Sync
Community
Summary by MalvaGPT
Characteristics
Symbol Ofbuscation Score
Very high
|
Hash | Hash Value |
|---|---|
| MD5 | 6582f3d926471a6734e84bb4bafa33d9
|
| Sha1 | 4630a64ace4a3afa2203df6715fcbf25df7373b2
|
| Sha256 | 8b2d97da7fb93b492b665d385564d686f9265697e5082efdef2bf09121116bd9
|
| Sha384 | 775234c65d864aa62404982730e8bfb477103b4969ed2364ed3804e6e4c76036505d092275625e12228cd3d08af079a1
|
| Sha512 | a4583a0a02169ad8f0cb8e6e5efaa6d51fec70b315884018012ac3c5f0e68fd7855ff09356b35810e6cfded2eac23832b389caac78c9544fd8815a0c47161161
|
| SSDeep | 6144:eepEktqF3BQ1olsoSHXEBCcRnPP2D3AXPzsG6e8kR/1isk1mwGT:fp/t2xoolsoEy5RnP+bfaDdk1mf
|
| TLSH | EC64231BA13C8D14DB327B77604BD2A8A3B1903317A1AD8E7877331B2C87649F951E5B
|
PeID
.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
Informations
|
Name0 | Value |
|---|---|
| Module Name | Qfsarzgb.exe |
| Full Name | Qfsarzgb.exe |
| EntryPoint | System.Void Qfsarzgb.Gvhgwvxa::Main() |
| Scope Name | Qfsarzgb.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Qfsarzgb |
| Assembly Version | 1.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.0 |
| Total Strings | 4 |
| Main Method | System.Void Qfsarzgb.Gvhgwvxa::Main() |
| Main IL Instruction Count | 2 |
| Main IL | call System.Void Qfsarzgb.D.Uiefpu::Bsvfmhslcq() ret <null> |
| Module Name | Qfsarzgb.exe |
| Full Name | Qfsarzgb.exe |
| EntryPoint | System.Void Qfsarzgb.Gvhgwvxa::Main() |
| Scope Name | Qfsarzgb.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Qfsarzgb |
| Assembly Version | 1.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.0 |
| Total Strings | 4 |
| Main Method | System.Void Qfsarzgb.Gvhgwvxa::Main() |
| Main IL Instruction Count | 2 |
| Main IL | call System.Void Qfsarzgb.D.Uiefpu::Bsvfmhslcq() ret <null> |
Artefacts
|
Name0 | Value |
|---|---|
| Embedded Resources | 0 |
| Suspicious Type Names (1-2 chars) | 0 |
6582f3d926471a6734e84bb4bafa33d9 (325.63 KB)
File Structure
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
Characteristics
No malware configuration were found at this point.
Artefacts
|
Name0 | Value | Location |
|---|---|---|
| Embedded Resources | 0 |
6582f3d926471a6734e84bb4bafa33d9 |
| Suspicious Type Names (1-2 chars) | 0 |
6582f3d926471a6734e84bb4bafa33d9 |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.