Malicious
Malicious

77b65bd0ad4912d259b995fb8d739d59

PE Executable
|
MD5: 77b65bd0ad4912d259b995fb8d739d59
|
Size: 3.95 MB
|
application/x-dosexec

Infection Chain
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Low

Hash
 Hash Value
MD5
77b65bd0ad4912d259b995fb8d739d59
Sha1
fc3298a9d68214ae7e031f3f9b3b1954e57fa56a
Sha256
fe6f7c114d99eab00ed0f31758fb1ccf29b34f4c7bbf12769a87070fb5d88a8e
Sha384
793e95a35e4c4b91755fdb10040dfc46783ad24b9590b1ba14ecb1405286b5aa7bc7f097c8580e8c7738048d26cb7ca4
Sha512
56b3d9c4dd74c82db75fc4b6a12b490695c94225d093597f7f6ab19bf24bd94ca8ff3ec5335691d53c08b3d19cc66336458ff777d5fc43afa841ad2594a84f3f
SSDeep
49152:ybomj+8bUWeTvzA8deeD9z1KEJKg8te02wzCzEmmdGKKNm5xkbjdJ:ybomjnxG3GEJ4mwTsbM
TLSH
9D064C53EB8B5AA2D2407B7EC6FB48136370E543A313D72B7A4A635D980B7A71F08153

PeID

.NET executable
HQR data file
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual C++ v6.0 DLL
Microsoft Visual Studio .NET
File Structure
77b65bd0ad4912d259b995fb8d739d59
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
Tllnczoe.Properties.Resources.resources
Wihxb
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

Vmisienn.exe
Full Name

Vmisienn.exe
EntryPoint

System.Void Vmisienn.Wrapping.InterruptibleWrapper::WrapResponsiveWrapper()
Scope Name

Vmisienn.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Vmisienn
Assembly Version

1.0.569.17630
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

1291
Main Method

System.Void Vmisienn.Wrapping.InterruptibleWrapper::WrapResponsiveWrapper()
Main IL Instruction Count

18
Main IL

ldc.i4 1 stloc V_0 br IL_000E: ldloc V_0 ldloc V_0 switch dnlib.DotNet.Emit.Instruction[] br IL_0057: ret newobj System.Void SteamKit2.Messaging.IsolatedConsumer::.ctor() call System.Byte[] SteamKit2.Messaging.IsolatedConsumer::ViewConsumer() call System.Byte[] SteamKit2.Values.ExternalValue::EvaluateCombinedValue(System.Object) call System.Void Vmisienn.Schemas.ConfigurableSchema::DefineAdjustableSchema(System.Object) ldc.i4 0 ldsfld <Module>{7849c531-7e6d-4801-9097-f1ebf565e8c8} <Module>{7849c531-7e6d-4801-9097-f1ebf565e8c8}::m_723ac7b9df6a423aaa61bedf21ef901d ldfld System.Int32 <Module>{7849c531-7e6d-4801-9097-f1ebf565e8c8}::m_c58c67a119be40718827bda0d088c544 brfalse IL_0012: switch(IL_0057,IL_0024) pop <null> ldc.i4 0 br IL_0012: switch(IL_0057,IL_0024) ret <null>
Module Name

Vmisienn.exe
Full Name

Vmisienn.exe
EntryPoint

System.Void Vmisienn.Wrapping.InterruptibleWrapper::WrapResponsiveWrapper()
Scope Name

Vmisienn.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Vmisienn
Assembly Version

1.0.569.17630
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

1291
Main Method

System.Void Vmisienn.Wrapping.InterruptibleWrapper::WrapResponsiveWrapper()
Main IL Instruction Count

18
Main IL

ldc.i4 1 stloc V_0 br IL_000E: ldloc V_0 ldloc V_0 switch dnlib.DotNet.Emit.Instruction[] br IL_0057: ret newobj System.Void SteamKit2.Messaging.IsolatedConsumer::.ctor() call System.Byte[] SteamKit2.Messaging.IsolatedConsumer::ViewConsumer() call System.Byte[] SteamKit2.Values.ExternalValue::EvaluateCombinedValue(System.Object) call System.Void Vmisienn.Schemas.ConfigurableSchema::DefineAdjustableSchema(System.Object) ldc.i4 0 ldsfld <Module>{7849c531-7e6d-4801-9097-f1ebf565e8c8} <Module>{7849c531-7e6d-4801-9097-f1ebf565e8c8}::m_723ac7b9df6a423aaa61bedf21ef901d ldfld System.Int32 <Module>{7849c531-7e6d-4801-9097-f1ebf565e8c8}::m_c58c67a119be40718827bda0d088c544 brfalse IL_0012: switch(IL_0057,IL_0024) pop <null> ldc.i4 0 br IL_0012: switch(IL_0057,IL_0024) ret <null>
77b65bd0ad4912d259b995fb8d739d59 (3.95 MB)
File Structure
77b65bd0ad4912d259b995fb8d739d59
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
Tllnczoe.Properties.Resources.resources
Wihxb
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙