6da86fe3927604e619611626e33fb366

PE Executable
|
MD5: 6da86fe3927604e619611626e33fb366
|
Size: 1.75 MB
|
application/x-dosexec

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	6da86fe3927604e619611626e33fb366
Sha1	aa3c315da743384a77ceaa4519cfb8ad76c08653
Sha256	4978680ea558de05a0f4aafd970ffeb9123ddbe34cda433512faf68e80a6bc8a
Sha384	004f172abb1d4cf02cc67c922e9000d8d13ba90322b8e87d7b6fdc27e62f46155003a0ca97493a525973faa810d1f9bf
Sha512	8eeff5db24a48ae0ecbf22d7cc63b06a3af8c6e196b888da026e07d6bf1bf63bb832c6bf31911b5de9bce28711d031bed12ab7f020bbe93a3bc19221dccd2a41
SSDeep	12288:En/uLts2Tzg70BxGPGZD52Am2RhSHIp7bGt4w5aYETUiZhxAYMWr/b5HxiqFMEOl:Nzg0BxGPGZD52Agy1w5NCaW7ES2
TLSH	CC85F791F4A528B18146A6BDD0AE054F8F2972D7E983901FF19C6BC41F1FE81B9C7A43

PeID

.NET executable

Microsoft Visual C# / Basic .NET

Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL

Microsoft Visual C# v7.0 / Basic .NET

Microsoft Visual Studio .NET

File Structure

Informations

Name0	Value
Info	PE Detect: PeReader OK (file layout)
Module Name	Gpfknawwe.exe
Full Name	Gpfknawwe.exe
EntryPoint	System.Void PhoneNumbers.Processing.CollectorFunction::GetEfficientCollector()
Scope Name	Gpfknawwe.exe
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	Gpfknawwe
Assembly Version	1.0.1576.11619
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.5
Total Strings	555
Main Method	System.Void PhoneNumbers.Processing.CollectorFunction::GetEfficientCollector()
Main IL Instruction Count	17
Main IL	ldc.i4 1 stloc V_0 br IL_000E: ldloc V_0 ldloc V_0 switch dnlib.DotNet.Emit.Instruction[] br IL_0049: nop nop <null> call System.Void PhoneNumbers.Processing.CollectorFunction::CollectInternalCollector() ldc.i4 0 ldsfld <Module>{78edf9bd-2dff-4986-a25a-102401f5f97e} <Module>{78edf9bd-2dff-4986-a25a-102401f5f97e}::m_f737b7b3ab1b45f9b31705daf1858533 ldfld System.Int32 <Module>{78edf9bd-2dff-4986-a25a-102401f5f97e}::m_9ea943434c5541b998549df9a68a5c2b brfalse IL_0012: switch(IL_0049,IL_0024) pop <null> ldc.i4 0 br IL_0012: switch(IL_0049,IL_0024) nop <null> ret <null>
Module Name	Gpfknawwe.exe
Full Name	Gpfknawwe.exe
EntryPoint	System.Void PhoneNumbers.Processing.CollectorFunction::GetEfficientCollector()
Scope Name	Gpfknawwe.exe
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	Gpfknawwe
Assembly Version	1.0.1576.11619
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.5
Total Strings	555
Main Method	System.Void PhoneNumbers.Processing.CollectorFunction::GetEfficientCollector()
Main IL Instruction Count	17
Main IL	ldc.i4 1 stloc V_0 br IL_000E: ldloc V_0 ldloc V_0 switch dnlib.DotNet.Emit.Instruction[] br IL_0049: nop nop <null> call System.Void PhoneNumbers.Processing.CollectorFunction::CollectInternalCollector() ldc.i4 0 ldsfld <Module>{78edf9bd-2dff-4986-a25a-102401f5f97e} <Module>{78edf9bd-2dff-4986-a25a-102401f5f97e}::m_f737b7b3ab1b45f9b31705daf1858533 ldfld System.Int32 <Module>{78edf9bd-2dff-4986-a25a-102401f5f97e}::m_9ea943434c5541b998549df9a68a5c2b brfalse IL_0012: switch(IL_0049,IL_0024) pop <null> ldc.i4 0 br IL_0012: switch(IL_0049,IL_0024) nop <null> ret <null>

6da86fe3927604e619611626e33fb366 (1.75 MB)

File Structure

Characteristics

No malware configuration were found at this point.

You must be signed in to post a comment.

6da86fe3927604e619611626e33fb366

PE Executable | MD5: 6da86fe3927604e619611626e33fb366 | Size: 1.75 MB | application/x-dosexec

PE Executable
|
MD5: 6da86fe3927604e619611626e33fb366
|
Size: 1.75 MB
|
application/x-dosexec