Symbol Obfuscation Score
|
Hash | Hash Value |
|---|---|
| MD5 | 6b58696a77c43b21585f02cd6569e735
|
| Sha1 | d1051448a0e24315921fcb9ae261866eb3204c65
|
| Sha256 | 2faf6556a65fc54fd76285662f237716a0201c0937e53b33efd40609f81a44fb
|
| Sha384 | 1cb83463f83584ca163d2937d09690d826128eafc2aa55e8ab846bff3b406e5dc537732f578edd60d888161808a93cba
|
| Sha512 | ce9ef935e3025ffcabef04b962185707269189cd14ee15d323faa763d4ef565e4b5939b08078c43ba2049a1fe1a5f998917273ebfa5d524981b1e2c596b8079d
|
| SSDeep | 12288:fsAJzJhJ6GRFJWPWnCWfcok+fFfvzAXKU9:fsAJzJT3RFvn3zk/l
|
| TLSH | 29D49DA673674E22D1442777C0CB8A41A3B5974AB5A7F30F724423D6154A3EECE07AE3
|
PeID
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Module Name | Wbflwygzzvo.exe |
| Full Name | Wbflwygzzvo.exe |
| EntryPoint | System.Void J1esFOGeionw0aG2by.MeCLQyjr0UBJrj96FU::ItLO254Ut() |
| Scope Name | Wbflwygzzvo.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Wbflwygzzvo |
| Assembly Version | 1.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.0 |
| Total Strings | 43 |
| Main Method | System.Void J1esFOGeionw0aG2by.MeCLQyjr0UBJrj96FU::ItLO254Ut() |
| Main IL Instruction Count | 58 |
| Main IL | ldc.i4 1 stloc V_0 ldloc V_0 switch dnlib.DotNet.Emit.Instruction[] ldloc V_0 ldc.i4 989 beq IL_0009: ldloc V_0 br IL_002D: ret ret <null> nop <null> newobj System.Void yGXudBy4rBoQRwAs62.JHoV7eiS9VEeaVo3ew::.ctor() ldsfld KKUa9pTODmf4hMojWZl KKUa9pTODmf4hMojWZl::qg6TZbVf23 call System.Boolean KKUa9pTODmf4hMojWZl::tnCTT66Xpr(System.Object,KKUa9pTODmf4hMojWZl) brtrue IL_0096: leave IL_002D ldc.i4 1 ldsfld <Module>{fc08a985-c321-4f11-92b4-b32c93bc9ed6} <Module>{fc08a985-c321-4f11-92b4-b32c93bc9ed6}::m_a16ed184dc7840a8859f8eb96b4ac781 ldfld System.Int32 <Module>{fc08a985-c321-4f11-92b4-b32c93bc9ed6}::m_f6ab5be84a434f5e933d56b407938255 brtrue IL_0074: switch(IL_0090) pop <null> ldc.i4 0 br IL_0074: switch(IL_0090) br IL_0070: ldloc V_1 ldc.i4 0 stloc V_1 ldloc V_1 switch dnlib.DotNet.Emit.Instruction[] ldloc V_1 ldc.i4 988 beq IL_0070: ldloc V_1 br IL_0090: newobj System.Void System.InvalidOperationException::.ctor() newobj System.Void System.InvalidOperationException::.ctor() throw <null> leave IL_002D: ret pop <null> ldc.i4 0 ldsfld <Module>{fc08a985-c321-4f11-92b4-b32c93bc9ed6} <Module>{fc08a985-c321-4f11-92b4-b32c93bc9ed6}::m_a16ed184dc7840a8859f8eb96b4ac781 ldfld System.Int32 <Module>{fc08a985-c321-4f11-92b4-b32c93bc9ed6}::m_fd6f4d6d67db418ea8c8e7ca68e81d4f brfalse IL_00CD: switch(IL_00E9) pop <null> ldc.i4 4 br IL_00CD: switch(IL_00E9) br IL_00C9: ldloc V_2 ldc.i4 0 stloc V_2 ldloc V_2 switch dnlib.DotNet.Emit.Instruction[] ldloc V_2 ldc.i4 988 beq IL_00C9: ldloc V_2 br IL_00E9: leave IL_002D leave IL_002D: ret ldc.i4 2 ldsfld <Module>{fc08a985-c321-4f11-92b4-b32c93bc9ed6} <Module>{fc08a985-c321-4f11-92b4-b32c93bc9ed6}::m_a16ed184dc7840a8859f8eb96b4ac781 ldfld System.Int32 <Module>{fc08a985-c321-4f11-92b4-b32c93bc9ed6}::m_b9066dfb93d54905aa8cf756d5574401 brtrue IL_000D: switch(IL_002D,IL_002E) pop <null> ldc.i4 0 br IL_000D: switch(IL_002D,IL_002E) |
| Module Name | Wbflwygzzvo.exe |
| Full Name | Wbflwygzzvo.exe |
| EntryPoint | System.Void J1esFOGeionw0aG2by.MeCLQyjr0UBJrj96FU::ItLO254Ut() |
| Scope Name | Wbflwygzzvo.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Wbflwygzzvo |
| Assembly Version | 1.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.0 |
| Total Strings | 43 |
| Main Method | System.Void J1esFOGeionw0aG2by.MeCLQyjr0UBJrj96FU::ItLO254Ut() |
| Main IL Instruction Count | 58 |
| Main IL | ldc.i4 1 stloc V_0 ldloc V_0 switch dnlib.DotNet.Emit.Instruction[] ldloc V_0 ldc.i4 989 beq IL_0009: ldloc V_0 br IL_002D: ret ret <null> nop <null> newobj System.Void yGXudBy4rBoQRwAs62.JHoV7eiS9VEeaVo3ew::.ctor() ldsfld KKUa9pTODmf4hMojWZl KKUa9pTODmf4hMojWZl::qg6TZbVf23 call System.Boolean KKUa9pTODmf4hMojWZl::tnCTT66Xpr(System.Object,KKUa9pTODmf4hMojWZl) brtrue IL_0096: leave IL_002D ldc.i4 1 ldsfld <Module>{fc08a985-c321-4f11-92b4-b32c93bc9ed6} <Module>{fc08a985-c321-4f11-92b4-b32c93bc9ed6}::m_a16ed184dc7840a8859f8eb96b4ac781 ldfld System.Int32 <Module>{fc08a985-c321-4f11-92b4-b32c93bc9ed6}::m_f6ab5be84a434f5e933d56b407938255 brtrue IL_0074: switch(IL_0090) pop <null> ldc.i4 0 br IL_0074: switch(IL_0090) br IL_0070: ldloc V_1 ldc.i4 0 stloc V_1 ldloc V_1 switch dnlib.DotNet.Emit.Instruction[] ldloc V_1 ldc.i4 988 beq IL_0070: ldloc V_1 br IL_0090: newobj System.Void System.InvalidOperationException::.ctor() newobj System.Void System.InvalidOperationException::.ctor() throw <null> leave IL_002D: ret pop <null> ldc.i4 0 ldsfld <Module>{fc08a985-c321-4f11-92b4-b32c93bc9ed6} <Module>{fc08a985-c321-4f11-92b4-b32c93bc9ed6}::m_a16ed184dc7840a8859f8eb96b4ac781 ldfld System.Int32 <Module>{fc08a985-c321-4f11-92b4-b32c93bc9ed6}::m_fd6f4d6d67db418ea8c8e7ca68e81d4f brfalse IL_00CD: switch(IL_00E9) pop <null> ldc.i4 4 br IL_00CD: switch(IL_00E9) br IL_00C9: ldloc V_2 ldc.i4 0 stloc V_2 ldloc V_2 switch dnlib.DotNet.Emit.Instruction[] ldloc V_2 ldc.i4 988 beq IL_00C9: ldloc V_2 br IL_00E9: leave IL_002D leave IL_002D: ret ldc.i4 2 ldsfld <Module>{fc08a985-c321-4f11-92b4-b32c93bc9ed6} <Module>{fc08a985-c321-4f11-92b4-b32c93bc9ed6}::m_a16ed184dc7840a8859f8eb96b4ac781 ldfld System.Int32 <Module>{fc08a985-c321-4f11-92b4-b32c93bc9ed6}::m_b9066dfb93d54905aa8cf756d5574401 brtrue IL_000D: switch(IL_002D,IL_002E) pop <null> ldc.i4 0 br IL_000D: switch(IL_002D,IL_002E) |