Malicious
Malicious

77391af4c055f88d4cc42e208a5b519f

PE Executable
|
MD5: 77391af4c055f88d4cc42e208a5b519f
|
Size: 899.58 KB
|
application/x-dosexec

Infection Chain
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very high

Hash
 Hash Value
MD5
77391af4c055f88d4cc42e208a5b519f
Sha1
6d4ce000c9656674bc6a4c7e9745785fc4f7cb66
Sha256
517cf866220ab92aabf5d1969ca4239126fbb7ee72d2698df2fbf3d9dc8fc4c5
Sha384
b5a953746215933d691a7d99eff03265ff3b7584a5cfa892e03a69390a85938649a6050c1d82944b9a403e7d7f72ba3e
Sha512
77f6dc5e4f526e16c9e5b6731f08427d2406f824d997c055af1357aff65ccb85b9372ccca8cdd1357e543a934a10c1f58a7b3f6f4bfd7fe7aad16b277d41c123
SSDeep
24576:CAOgh+qAJXHwFQHah0VZSfd48FiV3sh+sHUczDDC4:CAeg+8j0WFC
TLSH
7F1518017E44CE15F0092233C2FF454887B0A9956AA7E32B7DBA376E65163A77C0D9CB

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
77391af4c055f88d4cc42e208a5b519f
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
.Net Resources
nTndMuUiB3sM3rCMto.tMnnWf33X77wLq1McI
Tugc8l4d3ob3cmEYAm.f9tGSWo0UvpNT2GTko
Informations
Name
 Value
Module Name

34XusUxMxeQw2DyL0dsAjm
Full Name

34XusUxMxeQw2DyL0dsAjm
EntryPoint

System.Void pK1vU6oXD8YuOdHcL04.v2wj25oCAk02NCqxnuY::JyMFdaNKvT()
Scope Name

34XusUxMxeQw2DyL0dsAjm
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

2cf6eOaQH6y9dOr56LKANtUGq52G8io1RAeSMXT7X
Assembly Version

2.1.8.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

63
Main Method

System.Void pK1vU6oXD8YuOdHcL04.v2wj25oCAk02NCqxnuY::JyMFdaNKvT()
Main IL Instruction Count

14
Main IL

br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull call System.Void imEURuF78yWgRI2l8E8.Y8wYHeF3bYni0T7Qn3x::kLjw4iIsCLsZtxc4lksN0j() nop <null> ldsfld System.Object pK1vU6oXD8YuOdHcL04.v2wj25oCAk02NCqxnuY::ATMFAPMKAO callvirt System.Void dyBSKUo32dXsmKRFyQs.uLksNGobwoAZQtyFwbf::IQF5LTKNYa() nop <null> ret <null>
Module Name

34XusUxMxeQw2DyL0dsAjm
Full Name

34XusUxMxeQw2DyL0dsAjm
EntryPoint

System.Void pK1vU6oXD8YuOdHcL04.v2wj25oCAk02NCqxnuY::JyMFdaNKvT()
Scope Name

34XusUxMxeQw2DyL0dsAjm
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

2cf6eOaQH6y9dOr56LKANtUGq52G8io1RAeSMXT7X
Assembly Version

2.1.8.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

63
Main Method

System.Void pK1vU6oXD8YuOdHcL04.v2wj25oCAk02NCqxnuY::JyMFdaNKvT()
Main IL Instruction Count

14
Main IL

br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull call System.Void imEURuF78yWgRI2l8E8.Y8wYHeF3bYni0T7Qn3x::kLjw4iIsCLsZtxc4lksN0j() nop <null> ldsfld System.Object pK1vU6oXD8YuOdHcL04.v2wj25oCAk02NCqxnuY::ATMFAPMKAO callvirt System.Void dyBSKUo32dXsmKRFyQs.uLksNGobwoAZQtyFwbf::IQF5LTKNYa() nop <null> ret <null>
77391af4c055f88d4cc42e208a5b519f (899.58 KB)
File Structure
77391af4c055f88d4cc42e208a5b519f
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
.Net Resources
nTndMuUiB3sM3rCMto.tMnnWf33X77wLq1McI
Tugc8l4d3ob3cmEYAm.f9tGSWo0UvpNT2GTko
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙