Malicious
Malicious

7444d4b374e22e9dcbb54701baed11ac

PE Executable
|
MD5: 7444d4b374e22e9dcbb54701baed11ac
|
Size: 2.43 MB
|
application/x-dosexec

Infection Chain
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very high

Hash
 Hash Value
MD5
7444d4b374e22e9dcbb54701baed11ac
Sha1
fc06d01744009206d6d63053e758b595f86a6795
Sha256
7d406ea4f3c94f86228662495df35517c89df991b672eb804d5ec796fa0a2a63
Sha384
6b3b1de4fb296dd416e3ed6aacad6caca96d1439d303a61db48dec640e8dfb9d89420ade6d1f723c8caeb5b38d18f7a0
Sha512
778a9fe214d1e9835c1ea041b577c49219d712fa602c3944f8a9ba7a19bf60e72ecdf41157fd99bb5ed5f6e2e46d4173b06278e9ded59fa368dd12142ab6c3a2
SSDeep
49152:va3mif54OP5zI99Un90Fgv7op6gqUuQLdMBJ6r:v5if5nRzIJ6v0p6zYAJ
TLSH
D0B5CF027E45CE01F0091633C2EF454847B9A95166A6E32FBDBA376E59523E73C0DACB

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
7444d4b374e22e9dcbb54701baed11ac
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
.Net Resources
iR5ld5GGHfHLVvcUjS.k3fja1RS6wLuMBuNBA
8u3butjI4pBWNlBtVv.Bl2TtD79TaO5K7co46
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

6b7BhwF7x7mgtafM7GcXg2CLbcFvLjBG17TR4J
Full Name

6b7BhwF7x7mgtafM7GcXg2CLbcFvLjBG17TR4J
EntryPoint

System.Void VhQ7NMOmmrMtyyHQqRm.eJ7fRNOaLUGiDGP6L5H::d3ZvxcgBOS()
Scope Name

6b7BhwF7x7mgtafM7GcXg2CLbcFvLjBG17TR4J
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

GTSosIQ
Assembly Version

8.4.7.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

63
Main Method

System.Void VhQ7NMOmmrMtyyHQqRm.eJ7fRNOaLUGiDGP6L5H::d3ZvxcgBOS()
Main IL Instruction Count

14
Main IL

br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull call System.Void eKrQ6F4gPt0ASO4M3IK.jClgNO4uTYPviJm6U3T::kLjw4iIsCLsZtxc4lksN0j() nop <null> ldsfld System.Object VhQ7NMOmmrMtyyHQqRm.eJ7fRNOaLUGiDGP6L5H::jeCvAnm45Z callvirt System.Void w32Fs6OuNb60BKWYcap.sISfPGOAci3TUpXqoGy::tRnFYfoeQ1() nop <null> ret <null>
Module Name

6b7BhwF7x7mgtafM7GcXg2CLbcFvLjBG17TR4J
Full Name

6b7BhwF7x7mgtafM7GcXg2CLbcFvLjBG17TR4J
EntryPoint

System.Void VhQ7NMOmmrMtyyHQqRm.eJ7fRNOaLUGiDGP6L5H::d3ZvxcgBOS()
Scope Name

6b7BhwF7x7mgtafM7GcXg2CLbcFvLjBG17TR4J
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

GTSosIQ
Assembly Version

8.4.7.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

63
Main Method

System.Void VhQ7NMOmmrMtyyHQqRm.eJ7fRNOaLUGiDGP6L5H::d3ZvxcgBOS()
Main IL Instruction Count

14
Main IL

br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull call System.Void eKrQ6F4gPt0ASO4M3IK.jClgNO4uTYPviJm6U3T::kLjw4iIsCLsZtxc4lksN0j() nop <null> ldsfld System.Object VhQ7NMOmmrMtyyHQqRm.eJ7fRNOaLUGiDGP6L5H::jeCvAnm45Z callvirt System.Void w32Fs6OuNb60BKWYcap.sISfPGOAci3TUpXqoGy::tRnFYfoeQ1() nop <null> ret <null>
7444d4b374e22e9dcbb54701baed11ac (2.43 MB)
File Structure
7444d4b374e22e9dcbb54701baed11ac
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
.Net Resources
iR5ld5GGHfHLVvcUjS.k3fja1RS6wLuMBuNBA
8u3butjI4pBWNlBtVv.Bl2TtD79TaO5K7co46
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙