Suspicious
Suspect

6e8db5206deb7df32f11ffd7537b5031

PE Executable
|
MD5: 6e8db5206deb7df32f11ffd7537b5031
|
Size: 1.39 MB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Medium

Hash
 Hash Value
MD5
6e8db5206deb7df32f11ffd7537b5031
Sha1
80d90f033f7cbf92eb8867d41ccae04c627c852d
Sha256
c9da21d05843d54922d10a1cb421be65c379e9c21d9b7e0dba5b4c6922ad6739
Sha384
4ca817125dfeaea7d6b440878d841fbe713d022a310c404aa9c49b0ec07dcb6dea5da9e630e76ef232284610231d4512
Sha512
7c13268c099f66282d5673fbed4d0a54ef809536e8a432ef02d376811c5f99ceab6d6089173426e984e41a989709d60ebbf81e6cd2a936e873a596913e4e6f79
SSDeep
24576:3pMX1Grpxm3h8O9qfMg6AcLVwW3cg3QJuoRpwn8XQO8OSTeswAU/Y3oMIrjRs:tpQ3fAMtjxwaapw8P8eswRps
TLSH
6755224B7A8AC7A1DA108B7AD58B103137A5DBD2FBB3F60AF54C23250B537E8854D41B

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
6e8db5206deb7df32f11ffd7537b5031
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
woNn
Informations
Name
 Value
Module Name

Ovdkskmsdsj.exe
Full Name

Ovdkskmsdsj.exe
EntryPoint

System.Void Pggezckbw.Specifications.CentralSpec::DefineExtendedSpec()
Scope Name

Ovdkskmsdsj.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Ovdkskmsdsj
Assembly Version

1.0.7000.3404
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

20
Main Method

System.Void Pggezckbw.Specifications.CentralSpec::DefineExtendedSpec()
Main IL Instruction Count

68
Main IL

ldc.i4 6 stloc V_0 br IL_000E: ldloc V_0 ldloc V_0 switch dnlib.DotNet.Emit.Instruction[] br IL_0038: ret ret <null> newobj System.Void Ovdkskmsdsj.Diagnostics.FilterTemplate::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ldc.i4 0 ldsfld <Module>{8c4356ea-2c26-4b31-b92e-8e4ee046d11f} <Module>{8c4356ea-2c26-4b31-b92e-8e4ee046d11f}::m_bfc5fb36987340dea56f364fa69a619e ldfld System.Int32 <Module>{8c4356ea-2c26-4b31-b92e-8e4ee046d11f}::m_f2ff0bd621644ada95a0b48236de9c23 brfalse IL_0012: switch(IL_0038,IL_0100,IL_0086,IL_0062,IL_0039,IL_00C6,IL_00AB) pop <null> ldc.i4 0 br IL_0012: switch(IL_0038,IL_0100,IL_0086,IL_0062,IL_0039,IL_00C6,IL_00AB) call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4 2 ldsfld <Module>{8c4356ea-2c26-4b31-b92e-8e4ee046d11f} <Module>{8c4356ea-2c26-4b31-b92e-8e4ee046d11f}::m_bfc5fb36987340dea56f364fa69a619e ldfld System.Int32 <Module>{8c4356ea-2c26-4b31-b92e-8e4ee046d11f}::m_a3b55e6b5f7c4b20b4641d160074d461 brtrue IL_0012: switch(IL_0038,IL_0100,IL_0086,IL_0062,IL_0039,IL_00C6,IL_00AB) pop <null> ldc.i4 2 br IL_0012: switch(IL_0038,IL_0100,IL_0086,IL_0062,IL_0039,IL_00C6,IL_00AB) ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) ldc.i4 2 ldsfld <Module>{8c4356ea-2c26-4b31-b92e-8e4ee046d11f} <Module>{8c4356ea-2c26-4b31-b92e-8e4ee046d11f}::m_bfc5fb36987340dea56f364fa69a619e ldfld System.Int32 <Module>{8c4356ea-2c26-4b31-b92e-8e4ee046d11f}::m_2bc5389810d24540aa213eef9656472d brfalse IL_0012: switch(IL_0038,IL_0100,IL_0086,IL_0062,IL_0039,IL_00C6,IL_00AB) pop <null> ldc.i4 4 br IL_0012: switch(IL_0038,IL_0100,IL_0086,IL_0062,IL_0039,IL_00C6,IL_00AB) ldsfld System.Threading.ThreadExceptionEventHandler Pggezckbw.Specifications.CentralSpec/<>c::_GroupedSpec dup <null> brfalse IL_00BB: pop br IL_00DC: call System.Void System.Windows.Forms.Application::add_ThreadException(System.Threading.ThreadExceptionEventHandler) pop <null> ldc.i4 5 br IL_0012: switch(IL_0038,IL_0100,IL_0086,IL_0062,IL_0039,IL_00C6,IL_00AB) ldsfld Pggezckbw.Specifications.CentralSpec/<>c Pggezckbw.Specifications.CentralSpec/<>c::responsiveSpec ldftn System.Void Pggezckbw.Specifications.CentralSpec/<>c::ValidateLogicalSpec(System.Object,System.Threading.ThreadExceptionEventArgs) newobj System.Void System.Threading.ThreadExceptionEventHandler::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Threading.ThreadExceptionEventHandler Pggezckbw.Specifications.CentralSpec/<>c::_GroupedSpec call System.Void System.Windows.Forms.Application::add_ThreadException(System.Threading.ThreadExceptionEventHandler) ldc.i4 1 ldsfld <Module>{8c4356ea-2c26-4b31-b92e-8e4ee046d11f} <Module>{8c4356ea-2c26-4b31-b92e-8e4ee046d11f}::m_bfc5fb36987340dea56f364fa69a619e ldfld System.Int32 <Module>{8c4356ea-2c26-4b31-b92e-8e4ee046d11f}::m_3dfef947c7964f8a9aebe272029e453e brtrue IL_0012: switch(IL_0038,IL_0100,IL_0086,IL_0062,IL_0039,IL_00C6,IL_00AB) pop <null> ldc.i4 0 br IL_0012: switch(IL_0038,IL_0100,IL_0086,IL_0062,IL_0039,IL_00C6,IL_00AB) call System.AppDomain System.AppDomain::get_CurrentDomain() ldsfld System.UnhandledExceptionEventHandler Pggezckbw.Specifications.CentralSpec/<>c::m_SynchronizerObject dup <null> brfalse IL_0115: pop br IL_012C: callvirt System.Void System.AppDomain::add_UnhandledException(System.UnhandledExceptionEventHandler) pop <null> ldsfld Pggezckbw.Specifications.CentralSpec/<>c Pggezckbw.Specifications.CentralSpec/<>c::responsiveSpec ldftn System.Void Pggezckbw.Specifications.CentralSpec/<>c::CheckAdvancedSpec(System.Object,System.UnhandledExceptionEventArgs) newobj System.Void System.UnhandledExceptionEventHandler::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.UnhandledExceptionEventHandler Pggezckbw.Specifications.CentralSpec/<>c::m_SynchronizerObject callvirt System.Void System.AppDomain::add_UnhandledException(System.UnhandledExceptionEventHandler) ldc.i4 3 stloc V_0 br IL_000E: ldloc V_0
Module Name

Ovdkskmsdsj.exe
Full Name

Ovdkskmsdsj.exe
EntryPoint

System.Void Pggezckbw.Specifications.CentralSpec::DefineExtendedSpec()
Scope Name

Ovdkskmsdsj.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Ovdkskmsdsj
Assembly Version

1.0.7000.3404
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

20
Main Method

System.Void Pggezckbw.Specifications.CentralSpec::DefineExtendedSpec()
Main IL Instruction Count

68
Main IL

ldc.i4 6 stloc V_0 br IL_000E: ldloc V_0 ldloc V_0 switch dnlib.DotNet.Emit.Instruction[] br IL_0038: ret ret <null> newobj System.Void Ovdkskmsdsj.Diagnostics.FilterTemplate::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ldc.i4 0 ldsfld <Module>{8c4356ea-2c26-4b31-b92e-8e4ee046d11f} <Module>{8c4356ea-2c26-4b31-b92e-8e4ee046d11f}::m_bfc5fb36987340dea56f364fa69a619e ldfld System.Int32 <Module>{8c4356ea-2c26-4b31-b92e-8e4ee046d11f}::m_f2ff0bd621644ada95a0b48236de9c23 brfalse IL_0012: switch(IL_0038,IL_0100,IL_0086,IL_0062,IL_0039,IL_00C6,IL_00AB) pop <null> ldc.i4 0 br IL_0012: switch(IL_0038,IL_0100,IL_0086,IL_0062,IL_0039,IL_00C6,IL_00AB) call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4 2 ldsfld <Module>{8c4356ea-2c26-4b31-b92e-8e4ee046d11f} <Module>{8c4356ea-2c26-4b31-b92e-8e4ee046d11f}::m_bfc5fb36987340dea56f364fa69a619e ldfld System.Int32 <Module>{8c4356ea-2c26-4b31-b92e-8e4ee046d11f}::m_a3b55e6b5f7c4b20b4641d160074d461 brtrue IL_0012: switch(IL_0038,IL_0100,IL_0086,IL_0062,IL_0039,IL_00C6,IL_00AB) pop <null> ldc.i4 2 br IL_0012: switch(IL_0038,IL_0100,IL_0086,IL_0062,IL_0039,IL_00C6,IL_00AB) ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) ldc.i4 2 ldsfld <Module>{8c4356ea-2c26-4b31-b92e-8e4ee046d11f} <Module>{8c4356ea-2c26-4b31-b92e-8e4ee046d11f}::m_bfc5fb36987340dea56f364fa69a619e ldfld System.Int32 <Module>{8c4356ea-2c26-4b31-b92e-8e4ee046d11f}::m_2bc5389810d24540aa213eef9656472d brfalse IL_0012: switch(IL_0038,IL_0100,IL_0086,IL_0062,IL_0039,IL_00C6,IL_00AB) pop <null> ldc.i4 4 br IL_0012: switch(IL_0038,IL_0100,IL_0086,IL_0062,IL_0039,IL_00C6,IL_00AB) ldsfld System.Threading.ThreadExceptionEventHandler Pggezckbw.Specifications.CentralSpec/<>c::_GroupedSpec dup <null> brfalse IL_00BB: pop br IL_00DC: call System.Void System.Windows.Forms.Application::add_ThreadException(System.Threading.ThreadExceptionEventHandler) pop <null> ldc.i4 5 br IL_0012: switch(IL_0038,IL_0100,IL_0086,IL_0062,IL_0039,IL_00C6,IL_00AB) ldsfld Pggezckbw.Specifications.CentralSpec/<>c Pggezckbw.Specifications.CentralSpec/<>c::responsiveSpec ldftn System.Void Pggezckbw.Specifications.CentralSpec/<>c::ValidateLogicalSpec(System.Object,System.Threading.ThreadExceptionEventArgs) newobj System.Void System.Threading.ThreadExceptionEventHandler::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Threading.ThreadExceptionEventHandler Pggezckbw.Specifications.CentralSpec/<>c::_GroupedSpec call System.Void System.Windows.Forms.Application::add_ThreadException(System.Threading.ThreadExceptionEventHandler) ldc.i4 1 ldsfld <Module>{8c4356ea-2c26-4b31-b92e-8e4ee046d11f} <Module>{8c4356ea-2c26-4b31-b92e-8e4ee046d11f}::m_bfc5fb36987340dea56f364fa69a619e ldfld System.Int32 <Module>{8c4356ea-2c26-4b31-b92e-8e4ee046d11f}::m_3dfef947c7964f8a9aebe272029e453e brtrue IL_0012: switch(IL_0038,IL_0100,IL_0086,IL_0062,IL_0039,IL_00C6,IL_00AB) pop <null> ldc.i4 0 br IL_0012: switch(IL_0038,IL_0100,IL_0086,IL_0062,IL_0039,IL_00C6,IL_00AB) call System.AppDomain System.AppDomain::get_CurrentDomain() ldsfld System.UnhandledExceptionEventHandler Pggezckbw.Specifications.CentralSpec/<>c::m_SynchronizerObject dup <null> brfalse IL_0115: pop br IL_012C: callvirt System.Void System.AppDomain::add_UnhandledException(System.UnhandledExceptionEventHandler) pop <null> ldsfld Pggezckbw.Specifications.CentralSpec/<>c Pggezckbw.Specifications.CentralSpec/<>c::responsiveSpec ldftn System.Void Pggezckbw.Specifications.CentralSpec/<>c::CheckAdvancedSpec(System.Object,System.UnhandledExceptionEventArgs) newobj System.Void System.UnhandledExceptionEventHandler::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.UnhandledExceptionEventHandler Pggezckbw.Specifications.CentralSpec/<>c::m_SynchronizerObject callvirt System.Void System.AppDomain::add_UnhandledException(System.UnhandledExceptionEventHandler) ldc.i4 3 stloc V_0 br IL_000E: ldloc V_0
6e8db5206deb7df32f11ffd7537b5031 (1.39 MB)
File Structure
6e8db5206deb7df32f11ffd7537b5031
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
woNn
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙