Symbol Obfuscation Score
|
Hash | Hash Value |
|---|---|
| MD5 | 69905105c88d17248aa705855c89c6c6
|
| Sha1 | 1e6fb29143f1d27dd1f750adda38bb9f6cef7301
|
| Sha256 | b8bc4a9c9cd869b0186a1477cfcab4576dfafb58995308c1e979ad3cc00c60f2
|
| Sha384 | e9c84eef0b20adb43c30634a9f5a19f8eaa500ff33959219c65ed647f836daf2c063dd70e3686905317e584c030d7e5a
|
| Sha512 | 38821f3fad47781780f77c1d5fcbd882d96833e1dfb15a9792a34958d07cd9f42f02dcf22ed1768be8d70a7b25a913dd5a8b54f74d1aaa23a55a723cee7e922f
|
| SSDeep | 6144:XKZ2rzyd3lb5MrlJv0/a9M2sCQYl6Wc5QX:aZ2rg3grl1V9MpCQOTs
|
| TLSH | 0A342349AEDC91B1CEE91FBEC8BB08B14294CE6C06DD9194EF21E1157F413E4990DA3E
|
PeID
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Module Name | 92dc8e92-fe59-444b-9591-6cdd8893e63a.exe |
| Full Name | 92dc8e92-fe59-444b-9591-6cdd8893e63a.exe |
| EntryPoint | System.Void Anivia.AniviaCRT::Main() |
| Scope Name | 92dc8e92-fe59-444b-9591-6cdd8893e63a.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | 92dc8e92-fe59-444b-9591-6cdd8893e63a |
| Assembly Version | 0.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | <null> |
| Total Strings | 11 |
| Main Method | System.Void Anivia.AniviaCRT::Main() |
| Main IL Instruction Count | 27 |
| Main IL | ldstr stloc.0 <null> ldc.i4 228384 newarr System.Byte dup <null> ldtoken <PrivateImplementationDetails>{907257D9-5663-4511-B6C9-3A7980B5FDF9}/__StaticArrayInitTypeSize=228384 <PrivateImplementationDetails>{907257D9-5663-4511-B6C9-3A7980B5FDF9}::$$method0x6000002-1 call System.Void System.Runtime.CompilerServices.RuntimeHelpers::InitializeArray(System.Array,System.RuntimeFieldHandle) stloc.1 <null> call System.Text.Encoding System.Text.Encoding::get_UTF8() ldstr AniviaCryptKey2024!32ByteKey!!XX callvirt System.Byte[] System.Text.Encoding::GetBytes(System.String) stloc.2 <null> ldc.i4.s 16 newarr System.Byte stloc.3 <null> ldloc.1 <null> ldloc.2 <null> ldloc.3 <null> call System.Byte[] Anivia.AniviaCRT::DecryptAES(System.Byte[],System.Byte[],System.Byte[]) stloc.s V_4 ldstr C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe ldloc.0 <null> ldloc.s V_4 ldc.i4.1 <null> call System.Boolean Anivia.AniviaCRT::Run(System.String,System.String,System.Byte[],System.Boolean) pop <null> ret <null> |
| Module Name | 92dc8e92-fe59-444b-9591-6cdd8893e63a.exe |
| Full Name | 92dc8e92-fe59-444b-9591-6cdd8893e63a.exe |
| EntryPoint | System.Void Anivia.AniviaCRT::Main() |
| Scope Name | 92dc8e92-fe59-444b-9591-6cdd8893e63a.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | 92dc8e92-fe59-444b-9591-6cdd8893e63a |
| Assembly Version | 0.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | <null> |
| Total Strings | 11 |
| Main Method | System.Void Anivia.AniviaCRT::Main() |
| Main IL Instruction Count | 27 |
| Main IL | ldstr stloc.0 <null> ldc.i4 228384 newarr System.Byte dup <null> ldtoken <PrivateImplementationDetails>{907257D9-5663-4511-B6C9-3A7980B5FDF9}/__StaticArrayInitTypeSize=228384 <PrivateImplementationDetails>{907257D9-5663-4511-B6C9-3A7980B5FDF9}::$$method0x6000002-1 call System.Void System.Runtime.CompilerServices.RuntimeHelpers::InitializeArray(System.Array,System.RuntimeFieldHandle) stloc.1 <null> call System.Text.Encoding System.Text.Encoding::get_UTF8() ldstr AniviaCryptKey2024!32ByteKey!!XX callvirt System.Byte[] System.Text.Encoding::GetBytes(System.String) stloc.2 <null> ldc.i4.s 16 newarr System.Byte stloc.3 <null> ldloc.1 <null> ldloc.2 <null> ldloc.3 <null> call System.Byte[] Anivia.AniviaCRT::DecryptAES(System.Byte[],System.Byte[],System.Byte[]) stloc.s V_4 ldstr C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe ldloc.0 <null> ldloc.s V_4 ldc.i4.1 <null> call System.Boolean Anivia.AniviaCRT::Run(System.String,System.String,System.Byte[],System.Boolean) pop <null> ret <null> |