6c4604e9567b1674a2fe35e74a1e9cf1

PE Executable
|
MD5: 6c4604e9567b1674a2fe35e74a1e9cf1
|
Size: 1.63 MB
|
application/x-dosexec

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	6c4604e9567b1674a2fe35e74a1e9cf1
Sha1	647ed1633aeb7dae8b986deb4f14f491108556ad
Sha256	d1bc4e42ecce35e89268c590d57779b243c1c9726468aebe52f286c309d26d5d
Sha384	815979858680168f947f32f75c0b136d7513b2251308b22284f2042a00403745d1b2038ebac04cd9048e2beb66e4f59a
Sha512	669d425d0b5e741715fc99363757cf3331d7216daa8c9108efa1f20bd35febd90bd621d197f0847ea0bd721c843b8cee01b7976264294e084e87e1b46b14788d
SSDeep	49152:8qnfD4L1AXUz5+cB10P5TI1RDJwyRWg0/mUgIY:Znr4uE1BOxMjFLWgImd
TLSH	14753367AC0E01F1E139C4BD4085769D4660E1BE6773CA2FB32A031C5BB67908A5BF6D

PeID

.NET executable

Microsoft Visual C# / Basic .NET

Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL

Microsoft Visual C# v7.0 / Basic .NET

Microsoft Visual Studio .NET

File Structure

Informations

Name0	Value
Info	PE Detect: PeReader OK (file layout)
Module Name	Ehvwvm.exe
Full Name	Ehvwvm.exe
EntryPoint	System.Void Fbrwvrsfq.Structures.StubNode::DisConnectConnectedNode()
Scope Name	Ehvwvm.exe
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	Ehvwvm
Assembly Version	1.0.2269.8255
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.6
Total Strings	6
Main Method	System.Void Fbrwvrsfq.Structures.StubNode::DisConnectConnectedNode()
Main IL Instruction Count	38
Main IL	ldc.i4 3 stloc V_1 br IL_000E: ldloc V_1 ldloc V_1 switch dnlib.DotNet.Emit.Instruction[] br IL_002C: newobj System.Void Ehvwvm.DesignPatterns.EditableAdapter::.ctor() newobj System.Void Ehvwvm.DesignPatterns.EditableAdapter::.ctor() ldloc.s V_2 call System.Void Ehvwvm.DesignPatterns.EditableAdapter::PauseAdapter(System.Byte[]) ldc.i4 1 ldsfld <Module>{10916e11-2c2a-4477-88b8-a5890c2d62fd} <Module>{10916e11-2c2a-4477-88b8-a5890c2d62fd}::m_e025fb1edf0a435fa9aa79605d3a4a76 ldfld System.Int32 <Module>{10916e11-2c2a-4477-88b8-a5890c2d62fd}::m_d960c87071814d8d82bbe9605b9dbce4 brtrue IL_0012: switch(IL_002C,IL_0057,IL_0083,IL_0058) pop <null> ldc.i4 1 br IL_0012: switch(IL_002C,IL_0057,IL_0083,IL_0058) ret <null> newobj System.Void Ehvwvm.Networking.ServiceToken::.ctor() call System.Byte[] Ehvwvm.Networking.ServiceToken::SendFlexibleRequest() stloc.s V_0 ldc.i4 2 ldsfld <Module>{10916e11-2c2a-4477-88b8-a5890c2d62fd} <Module>{10916e11-2c2a-4477-88b8-a5890c2d62fd}::m_e025fb1edf0a435fa9aa79605d3a4a76 ldfld System.Int32 <Module>{10916e11-2c2a-4477-88b8-a5890c2d62fd}::m_8fe03fc7d88145a3a9e927fdd73efd1e brfalse IL_0012: switch(IL_002C,IL_0057,IL_0083,IL_0058) pop <null> ldc.i4 2 br IL_0012: switch(IL_002C,IL_0057,IL_0083,IL_0058) newobj System.Void Ehvwvm.Networking.MonoRequest::.ctor() ldloc.s V_0 call System.Byte[] Ehvwvm.Networking.MonoRequest::RequestSimpleRequest(System.Byte[]) stloc.s V_2 ldc.i4 0 ldsfld <Module>{10916e11-2c2a-4477-88b8-a5890c2d62fd} <Module>{10916e11-2c2a-4477-88b8-a5890c2d62fd}::m_e025fb1edf0a435fa9aa79605d3a4a76 ldfld System.Int32 <Module>{10916e11-2c2a-4477-88b8-a5890c2d62fd}::m_488fbeeb8978486c8a8b9d575f65ff0e brtrue IL_0012: switch(IL_002C,IL_0057,IL_0083,IL_0058) pop <null> ldc.i4 0 br IL_0012: switch(IL_002C,IL_0057,IL_0083,IL_0058)
Module Name	Ehvwvm.exe
Full Name	Ehvwvm.exe
EntryPoint	System.Void Fbrwvrsfq.Structures.StubNode::DisConnectConnectedNode()
Scope Name	Ehvwvm.exe
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	Ehvwvm
Assembly Version	1.0.2269.8255
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.6
Total Strings	6
Main Method	System.Void Fbrwvrsfq.Structures.StubNode::DisConnectConnectedNode()
Main IL Instruction Count	38
Main IL	ldc.i4 3 stloc V_1 br IL_000E: ldloc V_1 ldloc V_1 switch dnlib.DotNet.Emit.Instruction[] br IL_002C: newobj System.Void Ehvwvm.DesignPatterns.EditableAdapter::.ctor() newobj System.Void Ehvwvm.DesignPatterns.EditableAdapter::.ctor() ldloc.s V_2 call System.Void Ehvwvm.DesignPatterns.EditableAdapter::PauseAdapter(System.Byte[]) ldc.i4 1 ldsfld <Module>{10916e11-2c2a-4477-88b8-a5890c2d62fd} <Module>{10916e11-2c2a-4477-88b8-a5890c2d62fd}::m_e025fb1edf0a435fa9aa79605d3a4a76 ldfld System.Int32 <Module>{10916e11-2c2a-4477-88b8-a5890c2d62fd}::m_d960c87071814d8d82bbe9605b9dbce4 brtrue IL_0012: switch(IL_002C,IL_0057,IL_0083,IL_0058) pop <null> ldc.i4 1 br IL_0012: switch(IL_002C,IL_0057,IL_0083,IL_0058) ret <null> newobj System.Void Ehvwvm.Networking.ServiceToken::.ctor() call System.Byte[] Ehvwvm.Networking.ServiceToken::SendFlexibleRequest() stloc.s V_0 ldc.i4 2 ldsfld <Module>{10916e11-2c2a-4477-88b8-a5890c2d62fd} <Module>{10916e11-2c2a-4477-88b8-a5890c2d62fd}::m_e025fb1edf0a435fa9aa79605d3a4a76 ldfld System.Int32 <Module>{10916e11-2c2a-4477-88b8-a5890c2d62fd}::m_8fe03fc7d88145a3a9e927fdd73efd1e brfalse IL_0012: switch(IL_002C,IL_0057,IL_0083,IL_0058) pop <null> ldc.i4 2 br IL_0012: switch(IL_002C,IL_0057,IL_0083,IL_0058) newobj System.Void Ehvwvm.Networking.MonoRequest::.ctor() ldloc.s V_0 call System.Byte[] Ehvwvm.Networking.MonoRequest::RequestSimpleRequest(System.Byte[]) stloc.s V_2 ldc.i4 0 ldsfld <Module>{10916e11-2c2a-4477-88b8-a5890c2d62fd} <Module>{10916e11-2c2a-4477-88b8-a5890c2d62fd}::m_e025fb1edf0a435fa9aa79605d3a4a76 ldfld System.Int32 <Module>{10916e11-2c2a-4477-88b8-a5890c2d62fd}::m_488fbeeb8978486c8a8b9d575f65ff0e brtrue IL_0012: switch(IL_002C,IL_0057,IL_0083,IL_0058) pop <null> ldc.i4 0 br IL_0012: switch(IL_002C,IL_0057,IL_0083,IL_0058)

6c4604e9567b1674a2fe35e74a1e9cf1 (1.63 MB)

6c4604e9567b1674a2fe35e74a1e9cf1

PE Executable | MD5: 6c4604e9567b1674a2fe35e74a1e9cf1 | Size: 1.63 MB | application/x-dosexec

PE Executable
|
MD5: 6c4604e9567b1674a2fe35e74a1e9cf1
|
Size: 1.63 MB
|
application/x-dosexec