69a47130e70f4cb75e57a2244270bf99
PE Executable | MD5: 69a47130e70f4cb75e57a2244270bf99 | Size: 1.59 MB | application/x-dosexec
Symbol Ofbuscation Score
|
Hash | Hash Value |
|---|---|
| MD5 | 69a47130e70f4cb75e57a2244270bf99
|
| Sha1 | 08bd906b5cbe374927dd853998b067c89ee6872d
|
| Sha256 | e733b5d3f57e88dce901c45eeae3de358de460cc107c6c51ed2e8ebaf0ba25c9
|
| Sha384 | c926cb945dcda81b628c917ad5426aebe8de1aaf196a30e84a3998d3540b8e97960767fee52d1e787bd6897e53fc3de8
|
| Sha512 | b9efd56e4814990013be60b56f099bb8dbde16f851b6e03f0734088cba375bcbc8142c975a8183477d2985e37a6158d5ab33e45e6705edaeef3081791083f03f
|
| SSDeep | 24576:RUL0iCZkzIbxQ01JrdjXrneOaaCLv/nvRmLqaYiCA00KcJk+Ea2YTJ4rsgqz8Q:TiEP1Jr5eRaCLv/vRmWXxSkq2yJB
|
| TLSH | 21752382FA49A5B0CC2E27721836DC7052177CADC575BD1C2ECF3D777A7B1A2A482462
|
PeID
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Module Name | take |
| Full Name | take |
| EntryPoint | System.Void Kbrmtmvlxl.Mowdwx::Main() |
| Scope Name | take |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | take |
| Assembly Version | 1.0.2008.4556 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.6 |
| Total Strings | 48 |
| Main Method | System.Void Kbrmtmvlxl.Mowdwx::Main() |
| Main IL Instruction Count | 60 |
| Main IL | newobj System.Void Kbrmtmvlxl.Mowdwx/<>c__DisplayClass0_0::.ctor() stloc.0 <null> ldstr /l7DlxtCzFCv8akypeTLPQ== stloc.1 <null> ldstr CB5v0/iLM3A= stloc.2 <null> ldsfld System.Func`1<System.Byte[]> Kbrmtmvlxl.Mowdwx/<>c::<>9__0_0 dup <null> brtrue.s IL_0031: newobj System.Void Kbrmtmvlxl.Ookpmythb::.ctor(System.Func`1<System.Byte[]>) pop <null> ldsfld Kbrmtmvlxl.Mowdwx/<>c Kbrmtmvlxl.Mowdwx/<>c::<>9 ldftn System.Byte[] Kbrmtmvlxl.Mowdwx/<>c::<Main>b__0_0() newobj System.Void System.Func`1<System.Byte[]>::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Func`1<System.Byte[]> Kbrmtmvlxl.Mowdwx/<>c::<>9__0_0 newobj System.Void Kbrmtmvlxl.Ookpmythb::.ctor(System.Func`1<System.Byte[]>) ldloc.0 <null> ldloc.1 <null> ldloc.2 <null> newobj System.Void Kbrmtmvlxl.Pxyejqsp::.ctor(System.String,System.String) stfld Kbrmtmvlxl.Pxyejqsp Kbrmtmvlxl.Mowdwx/<>c__DisplayClass0_0::decryptor ldloc.0 <null> newobj System.Void Kbrmtmvlxl.Iphdhutdgji::.ctor() stfld Kbrmtmvlxl.Iphdhutdgji Kbrmtmvlxl.Mowdwx/<>c__DisplayClass0_0::loader ldloc.0 <null> ldstr pp0WhUdFk9rADSwTcK.NCTgWV31viu6ZCtlBZ ldstr pMQyla5KH newobj System.Void Kbrmtmvlxl.Xentftvais::.ctor(System.String,System.String) stfld Kbrmtmvlxl.Xentftvais Kbrmtmvlxl.Mowdwx/<>c__DisplayClass0_0::invoker dup <null> ldloc.0 <null> ldftn System.Void Kbrmtmvlxl.Mowdwx/<>c__DisplayClass0_0::<Main>b__1(System.IO.MemoryStream) newobj System.Void System.Action`1<System.IO.MemoryStream>::.ctor(System.Object,System.IntPtr) callvirt System.Void Kbrmtmvlxl.Ookpmythb::add_DownloadCompleted(System.Action`1<System.IO.MemoryStream>) ldloc.0 <null> ldfld Kbrmtmvlxl.Pxyejqsp Kbrmtmvlxl.Mowdwx/<>c__DisplayClass0_0::decryptor ldloc.0 <null> ldftn System.Void Kbrmtmvlxl.Mowdwx/<>c__DisplayClass0_0::<Main>b__2(System.IO.MemoryStream) newobj System.Void System.Action`1<System.IO.MemoryStream>::.ctor(System.Object,System.IntPtr) callvirt System.Void Kbrmtmvlxl.Pxyejqsp::add_DecryptionCompleted(System.Action`1<System.IO.MemoryStream>) ldloc.0 <null> ldfld Kbrmtmvlxl.Iphdhutdgji Kbrmtmvlxl.Mowdwx/<>c__DisplayClass0_0::loader ldloc.0 <null> ldftn System.Void Kbrmtmvlxl.Mowdwx/<>c__DisplayClass0_0::<Main>b__3(System.Reflection.Assembly) newobj System.Void System.Action`1<System.Reflection.Assembly>::.ctor(System.Object,System.IntPtr) callvirt System.Void Kbrmtmvlxl.Iphdhutdgji::add_LoadCompleted(System.Action`1<System.Reflection.Assembly>) ldloc.0 <null> ldfld Kbrmtmvlxl.Xentftvais Kbrmtmvlxl.Mowdwx/<>c__DisplayClass0_0::invoker ldsfld System.Action Kbrmtmvlxl.Mowdwx/<>c::<>9__0_4 dup <null> brtrue.s IL_00C8: callvirt System.Void Kbrmtmvlxl.Xentftvais::add_InvocationCompleted(System.Action) pop <null> ldsfld Kbrmtmvlxl.Mowdwx/<>c Kbrmtmvlxl.Mowdwx/<>c::<>9 ldftn System.Void Kbrmtmvlxl.Mowdwx/<>c::<Main>b__0_4() newobj System.Void System.Action::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Action Kbrmtmvlxl.Mowdwx/<>c::<>9__0_4 callvirt System.Void Kbrmtmvlxl.Xentftvais::add_InvocationCompleted(System.Action) callvirt System.Void Kbrmtmvlxl.Ookpmythb::Btuiphlorp() ret <null> |
| Module Name | take |
| Full Name | take |
| EntryPoint | System.Void Kbrmtmvlxl.Mowdwx::Main() |
| Scope Name | take |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | take |
| Assembly Version | 1.0.2008.4556 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.6 |
| Total Strings | 48 |
| Main Method | System.Void Kbrmtmvlxl.Mowdwx::Main() |
| Main IL Instruction Count | 60 |
| Main IL | newobj System.Void Kbrmtmvlxl.Mowdwx/<>c__DisplayClass0_0::.ctor() stloc.0 <null> ldstr /l7DlxtCzFCv8akypeTLPQ== stloc.1 <null> ldstr CB5v0/iLM3A= stloc.2 <null> ldsfld System.Func`1<System.Byte[]> Kbrmtmvlxl.Mowdwx/<>c::<>9__0_0 dup <null> brtrue.s IL_0031: newobj System.Void Kbrmtmvlxl.Ookpmythb::.ctor(System.Func`1<System.Byte[]>) pop <null> ldsfld Kbrmtmvlxl.Mowdwx/<>c Kbrmtmvlxl.Mowdwx/<>c::<>9 ldftn System.Byte[] Kbrmtmvlxl.Mowdwx/<>c::<Main>b__0_0() newobj System.Void System.Func`1<System.Byte[]>::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Func`1<System.Byte[]> Kbrmtmvlxl.Mowdwx/<>c::<>9__0_0 newobj System.Void Kbrmtmvlxl.Ookpmythb::.ctor(System.Func`1<System.Byte[]>) ldloc.0 <null> ldloc.1 <null> ldloc.2 <null> newobj System.Void Kbrmtmvlxl.Pxyejqsp::.ctor(System.String,System.String) stfld Kbrmtmvlxl.Pxyejqsp Kbrmtmvlxl.Mowdwx/<>c__DisplayClass0_0::decryptor ldloc.0 <null> newobj System.Void Kbrmtmvlxl.Iphdhutdgji::.ctor() stfld Kbrmtmvlxl.Iphdhutdgji Kbrmtmvlxl.Mowdwx/<>c__DisplayClass0_0::loader ldloc.0 <null> ldstr pp0WhUdFk9rADSwTcK.NCTgWV31viu6ZCtlBZ ldstr pMQyla5KH newobj System.Void Kbrmtmvlxl.Xentftvais::.ctor(System.String,System.String) stfld Kbrmtmvlxl.Xentftvais Kbrmtmvlxl.Mowdwx/<>c__DisplayClass0_0::invoker dup <null> ldloc.0 <null> ldftn System.Void Kbrmtmvlxl.Mowdwx/<>c__DisplayClass0_0::<Main>b__1(System.IO.MemoryStream) newobj System.Void System.Action`1<System.IO.MemoryStream>::.ctor(System.Object,System.IntPtr) callvirt System.Void Kbrmtmvlxl.Ookpmythb::add_DownloadCompleted(System.Action`1<System.IO.MemoryStream>) ldloc.0 <null> ldfld Kbrmtmvlxl.Pxyejqsp Kbrmtmvlxl.Mowdwx/<>c__DisplayClass0_0::decryptor ldloc.0 <null> ldftn System.Void Kbrmtmvlxl.Mowdwx/<>c__DisplayClass0_0::<Main>b__2(System.IO.MemoryStream) newobj System.Void System.Action`1<System.IO.MemoryStream>::.ctor(System.Object,System.IntPtr) callvirt System.Void Kbrmtmvlxl.Pxyejqsp::add_DecryptionCompleted(System.Action`1<System.IO.MemoryStream>) ldloc.0 <null> ldfld Kbrmtmvlxl.Iphdhutdgji Kbrmtmvlxl.Mowdwx/<>c__DisplayClass0_0::loader ldloc.0 <null> ldftn System.Void Kbrmtmvlxl.Mowdwx/<>c__DisplayClass0_0::<Main>b__3(System.Reflection.Assembly) newobj System.Void System.Action`1<System.Reflection.Assembly>::.ctor(System.Object,System.IntPtr) callvirt System.Void Kbrmtmvlxl.Iphdhutdgji::add_LoadCompleted(System.Action`1<System.Reflection.Assembly>) ldloc.0 <null> ldfld Kbrmtmvlxl.Xentftvais Kbrmtmvlxl.Mowdwx/<>c__DisplayClass0_0::invoker ldsfld System.Action Kbrmtmvlxl.Mowdwx/<>c::<>9__0_4 dup <null> brtrue.s IL_00C8: callvirt System.Void Kbrmtmvlxl.Xentftvais::add_InvocationCompleted(System.Action) pop <null> ldsfld Kbrmtmvlxl.Mowdwx/<>c Kbrmtmvlxl.Mowdwx/<>c::<>9 ldftn System.Void Kbrmtmvlxl.Mowdwx/<>c::<Main>b__0_4() newobj System.Void System.Action::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Action Kbrmtmvlxl.Mowdwx/<>c::<>9__0_4 callvirt System.Void Kbrmtmvlxl.Xentftvais::add_InvocationCompleted(System.Action) callvirt System.Void Kbrmtmvlxl.Ookpmythb::Btuiphlorp() ret <null> |