Malicious
Malicious

7742229ad2237e3bd199415f390f3017

PE Executable
|
MD5: 7742229ad2237e3bd199415f390f3017
|
Size: 2.05 MB
|
application/x-dosexec

Infection Chain
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very high

Hash
 Hash Value
MD5
7742229ad2237e3bd199415f390f3017
Sha1
bb1fe6c3b4a8720fd820ccda79a2abbd7c8ec3fa
Sha256
8adfdf08e1d7883adcdf8228be4da62f9380c5ad99848be748432ecb49ff76c9
Sha384
57b40f4a43628197030c2be0e4d3276d21b799fb9d336a459948419111388511858dae795b4750e8f8b864edd226bdc6
Sha512
36b436207742eb2c5b809ba1b0255b32c9537e9ac35944c29447da6bc3b6c2fbd8a63fdcbda7443d158a4d1fc9558e4f2a2a615144cc0bda95a80241a2051701
SSDeep
24576:l+kn8CP2Z/ZGdeVT9rOpD9xsW/W4VXV8TxXA/Rcs3M0p3z/DFIY/jbEQfwaoi1+s:lfBXbP8dw/e0BzEAwaN1+m/QHK0
TLSH
4595BE227A44CD62D129163BC9EF415483BCAD417762DB1B7EAF339D25923A34E0E1CE

PeID

.NET executable
HQR data file
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
UPolyX 0.3 -> delikon
File Structure
7742229ad2237e3bd199415f390f3017
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
.Net Resources
70eIo7F28expdTEDxw.qBJKZhbjBb1ikGvH7L
wtcACTj5IDUqQYIyyP.Yj3ofK8X0tDfoFIgch
Informations
Name
 Value
Module Name

Ro6BfCOSOO
Full Name

Ro6BfCOSOO
EntryPoint

System.Void bbffEuF2cpSI2a0bxMM.eVM4hFFNtyGbEGrDtyT::Xm9uZe06Kc()
Scope Name

Ro6BfCOSOO
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

SkpcAqFD9IEPI
Assembly Version

4.9.3.7
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

69
Main Method

System.Void bbffEuF2cpSI2a0bxMM.eVM4hFFNtyGbEGrDtyT::Xm9uZe06Kc()
Main IL Instruction Count

29
Main IL

br.s IL_0004: ldc.i4.1 pop <null> ldc.i4.0 <null> ldc.i4.1 <null> call System.Boolean bbffEuF2cpSI2a0bxMM.eVM4hFFNtyGbEGrDtyT::XJKl2GxqnUyKw6k5ctL() brtrue IL_0024: pop pop <null> ldc.i4 3 br IL_0047: switch(IL_001A,IL_001F,IL_002F,IL_001A,IL_006E,IL_007E) call System.Void NqWA7S3N9MWlQU9c1Sg.WxP3yZ3qsnkNdU9GPQa::kLjw4iIsCLsZtxc4lksN0j() br IL_002F: nop pop <null> ldc.i4 2 br IL_0047: switch(IL_001A,IL_001F,IL_002F,IL_001A,IL_006E,IL_007E) nop <null> call System.Void a0qMGrc1bsWtHs6xoZM.CQUwBdcfCrYvIRvdRqZ::xRgMLsFTZB() br IL_006E: nop ldc.i4 3 stloc V_0 ldloc V_0 switch dnlib.DotNet.Emit.Instruction[] ldc.i4 4 br IL_0047: switch(IL_001A,IL_001F,IL_002F,IL_001A,IL_006E,IL_007E) nop <null> call System.Void E3GKlgKKQffGha7CQZ9.yVyl51KcD6pDSyZBA3f::H9ATHtpTZB() ldc.i4 5 br IL_0047: switch(IL_001A,IL_001F,IL_002F,IL_001A,IL_006E,IL_007E) nop <null> ret <null>
Module Name

Ro6BfCOSOO
Full Name

Ro6BfCOSOO
EntryPoint

System.Void bbffEuF2cpSI2a0bxMM.eVM4hFFNtyGbEGrDtyT::Xm9uZe06Kc()
Scope Name

Ro6BfCOSOO
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

SkpcAqFD9IEPI
Assembly Version

4.9.3.7
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

69
Main Method

System.Void bbffEuF2cpSI2a0bxMM.eVM4hFFNtyGbEGrDtyT::Xm9uZe06Kc()
Main IL Instruction Count

29
Main IL

br.s IL_0004: ldc.i4.1 pop <null> ldc.i4.0 <null> ldc.i4.1 <null> call System.Boolean bbffEuF2cpSI2a0bxMM.eVM4hFFNtyGbEGrDtyT::XJKl2GxqnUyKw6k5ctL() brtrue IL_0024: pop pop <null> ldc.i4 3 br IL_0047: switch(IL_001A,IL_001F,IL_002F,IL_001A,IL_006E,IL_007E) call System.Void NqWA7S3N9MWlQU9c1Sg.WxP3yZ3qsnkNdU9GPQa::kLjw4iIsCLsZtxc4lksN0j() br IL_002F: nop pop <null> ldc.i4 2 br IL_0047: switch(IL_001A,IL_001F,IL_002F,IL_001A,IL_006E,IL_007E) nop <null> call System.Void a0qMGrc1bsWtHs6xoZM.CQUwBdcfCrYvIRvdRqZ::xRgMLsFTZB() br IL_006E: nop ldc.i4 3 stloc V_0 ldloc V_0 switch dnlib.DotNet.Emit.Instruction[] ldc.i4 4 br IL_0047: switch(IL_001A,IL_001F,IL_002F,IL_001A,IL_006E,IL_007E) nop <null> call System.Void E3GKlgKKQffGha7CQZ9.yVyl51KcD6pDSyZBA3f::H9ATHtpTZB() ldc.i4 5 br IL_0047: switch(IL_001A,IL_001F,IL_002F,IL_001A,IL_006E,IL_007E) nop <null> ret <null>
7742229ad2237e3bd199415f390f3017 (2.05 MB)
File Structure
7742229ad2237e3bd199415f390f3017
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
.Net Resources
70eIo7F28expdTEDxw.qBJKZhbjBb1ikGvH7L
wtcACTj5IDUqQYIyyP.Yj3ofK8X0tDfoFIgch
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙