Suspicious
Suspect

6e47672f1bfb1599a063136003fd57ba

PE Executable
|
MD5: 6e47672f1bfb1599a063136003fd57ba
|
Size: 3.23 MB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

High

Hash
 Hash Value
MD5
6e47672f1bfb1599a063136003fd57ba
Sha1
697807696b6fe55e2398fcd0250cbb13a9b9bc5b
Sha256
ae78caabec6a4241c64357ca5ca05de2e181fe253963de528807bf051fc3608e
Sha384
56de3fbec9365c6455d99a5d6495e57498245300ce8a8ce7c9cc3bc76f6e06477dd4ff2f36028a3d8a740c37e328b44f
Sha512
2c48f1e82ab51bbd22627cf792010d6599b996d64f8a000e9a745a5dc7ffee83aac68f3ad59c63d2142698a74fc0ed8d8991f1a8abf6ac5fc69038b719ce40a4
SSDeep
49152:SwPqj4GDQEqNmXwjPuCFnVBEy+HIamZVsBsMHXg/24vvHx7p:JPjGym0uCFVCpIZyxHw/24vvHxd
TLSH
07E5232933D39592C6FD46F542214248E379ECB7AA0AD37FA9D8F1FC4AB32515346283

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
6e47672f1bfb1599a063136003fd57ba
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0032
ID:0
ID:0-preview.png
ID:0033
ID:0
ID:0034
ID:0
ID:0035
ID:0
ID:0036
ID:0
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
.Net Resources
G.vW.resources
mhd.g.resources
2c4cb71f97012c.Resources.resources
1af846100
[NBF]root.Data
1af846101
[NBF]root.Data
1af8461010
[NBF]root.Data
1af8461011
[NBF]root.Data
1af8461012
[NBF]root.Data
1af8461013
[NBF]root.Data
1af8461014
[NBF]root.Data
1af8461015
[NBF]root.Data
1af8461016
[NBF]root.Data
1af8461017
[NBF]root.Data
1af8461018
[NBF]root.Data
1af8461019
[NBF]root.Data
1af846102
[NBF]root.Data
1af8461020
[NBF]root.Data
1af8461021
[NBF]root.Data
1af8461022
[NBF]root.Data
1af8461023
[NBF]root.Data
1af8461024
[NBF]root.Data
1af8461025
[NBF]root.Data
1af8461026
[NBF]root.Data
1af8461027
[NBF]root.Data
1af8461028
[NBF]root.Data
1af8461029
[NBF]root.Data
1af846103
[NBF]root.Data
1af8461030
[NBF]root.Data
1af8461031
[NBF]root.Data
1af8461032
[NBF]root.Data
1af8461033
[NBF]root.Data
1af8461034
[NBF]root.Data
1af8461035
[NBF]root.Data
1af8461036
[NBF]root.Data
1af8461037
[NBF]root.Data
1af8461038
[NBF]root.Data
1af8461039
[NBF]root.Data
1af846104
[NBF]root.Data
1af8461040
[NBF]root.Data
1af8461041
[NBF]root.Data
1af8461042
[NBF]root.Data
1af8461043
[NBF]root.Data
1af8461044
[NBF]root.Data
1af8461045
[NBF]root.Data
1af8461046
[NBF]root.Data
1af8461047
[NBF]root.Data
1af8461048
[NBF]root.Data
1af8461049
[NBF]root.Data
1af846105
[NBF]root.Data
1af8461050
[NBF]root.Data
1af8461051
[NBF]root.Data
1af8461052
[NBF]root.Data
1af8461053
[NBF]root.Data
1af8461054
[NBF]root.Data
1af8461055
[NBF]root.Data
1af8461056
[NBF]root.Data
1af8461057
[NBF]root.Data
1af8461058
[NBF]root.Data
1af8461059
[NBF]root.Data
1af846106
[NBF]root.Data
1af8461060
[NBF]root.Data
1af8461061
[NBF]root.Data
1af8461062
[NBF]root.Data
1af8461063
[NBF]root.Data
1af8461064
[NBF]root.Data
1af8461065
[NBF]root.Data
1af8461066
[NBF]root.Data
1af8461067
[NBF]root.Data
1af8461068
[NBF]root.Data
1af8461069
[NBF]root.Data
1af846107
[NBF]root.Data
1af8461070
[NBF]root.Data
1af8461071
[NBF]root.Data
1af8461072
[NBF]root.Data
1af8461073
[NBF]root.Data
1af8461074
[NBF]root.Data
1af8461075
[NBF]root.Data
1af8461076
[NBF]root.Data
1af8461077
[NBF]root.Data
1af8461078
[NBF]root.Data
1af8461079
[NBF]root.Data
1af846108
[NBF]root.Data
1af8461080
[NBF]root.Data
1af8461081
[NBF]root.Data
1af8461082
[NBF]root.Data
1af8461083
[NBF]root.Data
1af8461084
[NBF]root.Data
1af8461085
[NBF]root.Data
1af8461086
[NBF]root.Data
1af8461087
[NBF]root.Data
1af8461088
[NBF]root.Data
1af8461089
[NBF]root.Data
1af846109
[NBF]root.Data
1af8461090
[NBF]root.Data
1af8461091
[NBF]root.Data
1af8461092
[NBF]root.Data
1af8461093
[NBF]root.Data
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

mhd
Full Name

mhd
EntryPoint

System.Void Jx0t5LEp.e3PMk28::b2FBk9m()
Scope Name

mhd
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

mhd
Assembly Version

3.0.1.7
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

0
Main Method

System.Void Jx0t5LEp.e3PMk28::b2FBk9m()
Main IL Instruction Count

181
Main IL

ldc.i4.s 9 stloc.s V_6 ldloc.s V_6 switch dnlib.DotNet.Emit.Instruction[] ldc.i4.1 <null> stloc.0 <null> ldc.i4.s 17 stloc.s V_6 br.s IL_0004: ldloc.s V_6 ldloc.0 <null> ldc.i4.2 <null> mul.ovf <null> ldc.i4.s 24 call System.Int32 System.Math::Min(System.Int32,System.Int32) stloc.0 <null> ldc.i4.s 17 stloc.s V_6 br.s IL_0004: ldloc.s V_6 ldloc.0 <null> ldc.i4.s 24 rem <null> ldc.i4.0 <null> ceq <null> stloc.3 <null> ldloc.3 <null> brfalse.s IL_007D: ldc.i4.8 ldc.i4.s 15 stloc.s V_6 br.s IL_0004: ldloc.s V_6 ldc.i4.8 <null> br.s IL_0079: stloc.s V_6 ldloc.0 <null> ldc.i4.1 <null> sub.ovf <null> ldc.i4.1 <null> add.ovf <null> newarr System.Object stloc.1 <null> ldc.i4.s 16 newarr System.Byte stloc.2 <null> ldc.i4.s 16 stloc.s V_6 br IL_0004: ldloc.s V_6 ldloc.2 <null> castclass System.Byte[] ldc.i4.0 <null> ldc.i4 154 stelem.i1 <null> ldloc.2 <null> isinst System.Byte[] ldc.i4.1 <null> ldc.i4 207 stelem.i1 <null> ldc.i4.s 10 stloc.s V_6 br IL_0004: ldloc.s V_6 ldloc.2 <null> castclass System.Byte[] ldc.i4.2 <null> ldc.i4 168 stelem.i1 <null> ldloc.2 <null> isinst System.Byte[] ldc.i4.3 <null> ldc.i4 244 stelem.i1 <null> ldc.i4.7 <null> stloc.s V_6 br IL_0004: ldloc.s V_6 ldloc.2 <null> castclass System.Byte[] ldc.i4.4 <null> ldc.i4 231 stelem.i1 <null> ldloc.2 <null> castclass System.Byte[] ldc.i4.5 <null> ldc.i4.s 118 stelem.i1 <null> ldc.i4.2 <null> stloc.s V_6 br IL_0004: ldloc.s V_6 ldloc.2 <null> castclass System.Byte[] ldc.i4.6 <null> ldc.i4.s 110 stelem.i1 <null> ldloc.2 <null> castclass System.Byte[] ldc.i4.7 <null> ldc.i4.s 15 stelem.i1 <null> ldc.i4.s 12 stloc.s V_6 br IL_0004: ldloc.s V_6 ldloc.2 <null> castclass System.Byte[] ldc.i4.8 <null> ldc.i4.s 96 stelem.i1 <null> ldloc.2 <null> castclass System.Byte[] ldc.i4.s 9 ldc.i4.s 99 stelem.i1 <null> ldc.i4.0 <null> stloc.s V_6 br IL_0004: ldloc.s V_6 ldloc.2 <null> isinst System.Byte[] ldc.i4.s 10 ldc.i4 203 stelem.i1 <null> ldloc.2 <null> castclass System.Byte[] ldc.i4.s 11 ldc.i4 134 stelem.i1 <null> ldc.i4.s 13 stloc.s V_6 br IL_0004: ldloc.s V_6 ldloc.2 <null> castclass System.Byte[] ldc.i4.s 12 ldc.i4 166 stelem.i1 <null> ldloc.2 <null> castclass System.Byte[] ldc.i4.s 13 ldc.i4 237 stelem.i1 <null> ldc.i4.s 14 stloc.s V_6 br IL_0004: ldloc.s V_6 ldloc.2 <null> isinst System.Byte[] ldc.i4.s 14 ldc.i4 240 stelem.i1 <null> ldloc.2 <null> isinst System.Byte[] ldc.i4.s 15 ldc.i4.s 120 stelem.i1 <null> ldc.i4.4 <null> stloc.s V_6 br IL_0004: ldloc.s V_6 ldloc.1 <null> isinst System.Object[] ldloc.0 <null> ldc.i4.1 <null> sub.ovf <null> ldc.i4 1925867139 ldc.i4.0 <null> ldnull <null> call System.String t2B4Dep5.y2XDt8c9::m4YMc7s8(System.Int32,System.Int32,System.Reflection.Assembly) call System.Byte[] Jx0t5LEp.Mm8r7J::o2F3AfRd(System.String) ldloc.2 <null> isinst System.Byte[] call System.Byte[] Jx0t5LEp.Dk6x4Y3::Sx09FcJ(System.Byte[],System.Byte[]) call System.Byte[] System.Linq.Enumerable::ToArray<System.Byte>(System.Collections.Generic.IEnumerable`1<System.Byte>) stelem.ref <null> ldc.i4.1 <null> stloc.s V_6 br IL_0004: ldloc.s V_6 ldloc.1 <null> castclass System.Object[] ldloc.0 <null> call System.Void Jx0t5LEp.Dk6x4Y3::Gf72HcS(System.Object[],System.Int32) leave.s IL_01F5: ldc.i4.3 dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.s V_4 call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_01F5: ldc.i4.3 ldc.i4.3 <null> stloc.s V_8 ldloc.s V_8 switch dnlib.DotNet.Emit.Instruction[] ret <null>
Module Name

mhd
Full Name

mhd
EntryPoint

System.Void Jx0t5LEp.e3PMk28::b2FBk9m()
Scope Name

mhd
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

mhd
Assembly Version

3.0.1.7
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

0
Main Method

System.Void Jx0t5LEp.e3PMk28::b2FBk9m()
Main IL Instruction Count

181
Main IL

ldc.i4.s 9 stloc.s V_6 ldloc.s V_6 switch dnlib.DotNet.Emit.Instruction[] ldc.i4.1 <null> stloc.0 <null> ldc.i4.s 17 stloc.s V_6 br.s IL_0004: ldloc.s V_6 ldloc.0 <null> ldc.i4.2 <null> mul.ovf <null> ldc.i4.s 24 call System.Int32 System.Math::Min(System.Int32,System.Int32) stloc.0 <null> ldc.i4.s 17 stloc.s V_6 br.s IL_0004: ldloc.s V_6 ldloc.0 <null> ldc.i4.s 24 rem <null> ldc.i4.0 <null> ceq <null> stloc.3 <null> ldloc.3 <null> brfalse.s IL_007D: ldc.i4.8 ldc.i4.s 15 stloc.s V_6 br.s IL_0004: ldloc.s V_6 ldc.i4.8 <null> br.s IL_0079: stloc.s V_6 ldloc.0 <null> ldc.i4.1 <null> sub.ovf <null> ldc.i4.1 <null> add.ovf <null> newarr System.Object stloc.1 <null> ldc.i4.s 16 newarr System.Byte stloc.2 <null> ldc.i4.s 16 stloc.s V_6 br IL_0004: ldloc.s V_6 ldloc.2 <null> castclass System.Byte[] ldc.i4.0 <null> ldc.i4 154 stelem.i1 <null> ldloc.2 <null> isinst System.Byte[] ldc.i4.1 <null> ldc.i4 207 stelem.i1 <null> ldc.i4.s 10 stloc.s V_6 br IL_0004: ldloc.s V_6 ldloc.2 <null> castclass System.Byte[] ldc.i4.2 <null> ldc.i4 168 stelem.i1 <null> ldloc.2 <null> isinst System.Byte[] ldc.i4.3 <null> ldc.i4 244 stelem.i1 <null> ldc.i4.7 <null> stloc.s V_6 br IL_0004: ldloc.s V_6 ldloc.2 <null> castclass System.Byte[] ldc.i4.4 <null> ldc.i4 231 stelem.i1 <null> ldloc.2 <null> castclass System.Byte[] ldc.i4.5 <null> ldc.i4.s 118 stelem.i1 <null> ldc.i4.2 <null> stloc.s V_6 br IL_0004: ldloc.s V_6 ldloc.2 <null> castclass System.Byte[] ldc.i4.6 <null> ldc.i4.s 110 stelem.i1 <null> ldloc.2 <null> castclass System.Byte[] ldc.i4.7 <null> ldc.i4.s 15 stelem.i1 <null> ldc.i4.s 12 stloc.s V_6 br IL_0004: ldloc.s V_6 ldloc.2 <null> castclass System.Byte[] ldc.i4.8 <null> ldc.i4.s 96 stelem.i1 <null> ldloc.2 <null> castclass System.Byte[] ldc.i4.s 9 ldc.i4.s 99 stelem.i1 <null> ldc.i4.0 <null> stloc.s V_6 br IL_0004: ldloc.s V_6 ldloc.2 <null> isinst System.Byte[] ldc.i4.s 10 ldc.i4 203 stelem.i1 <null> ldloc.2 <null> castclass System.Byte[] ldc.i4.s 11 ldc.i4 134 stelem.i1 <null> ldc.i4.s 13 stloc.s V_6 br IL_0004: ldloc.s V_6 ldloc.2 <null> castclass System.Byte[] ldc.i4.s 12 ldc.i4 166 stelem.i1 <null> ldloc.2 <null> castclass System.Byte[] ldc.i4.s 13 ldc.i4 237 stelem.i1 <null> ldc.i4.s 14 stloc.s V_6 br IL_0004: ldloc.s V_6 ldloc.2 <null> isinst System.Byte[] ldc.i4.s 14 ldc.i4 240 stelem.i1 <null> ldloc.2 <null> isinst System.Byte[] ldc.i4.s 15 ldc.i4.s 120 stelem.i1 <null> ldc.i4.4 <null> stloc.s V_6 br IL_0004: ldloc.s V_6 ldloc.1 <null> isinst System.Object[] ldloc.0 <null> ldc.i4.1 <null> sub.ovf <null> ldc.i4 1925867139 ldc.i4.0 <null> ldnull <null> call System.String t2B4Dep5.y2XDt8c9::m4YMc7s8(System.Int32,System.Int32,System.Reflection.Assembly) call System.Byte[] Jx0t5LEp.Mm8r7J::o2F3AfRd(System.String) ldloc.2 <null> isinst System.Byte[] call System.Byte[] Jx0t5LEp.Dk6x4Y3::Sx09FcJ(System.Byte[],System.Byte[]) call System.Byte[] System.Linq.Enumerable::ToArray<System.Byte>(System.Collections.Generic.IEnumerable`1<System.Byte>) stelem.ref <null> ldc.i4.1 <null> stloc.s V_6 br IL_0004: ldloc.s V_6 ldloc.1 <null> castclass System.Object[] ldloc.0 <null> call System.Void Jx0t5LEp.Dk6x4Y3::Gf72HcS(System.Object[],System.Int32) leave.s IL_01F5: ldc.i4.3 dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.s V_4 call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_01F5: ldc.i4.3 ldc.i4.3 <null> stloc.s V_8 ldloc.s V_8 switch dnlib.DotNet.Emit.Instruction[] ret <null>
6e47672f1bfb1599a063136003fd57ba (3.23 MB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙