Symbol Ofbuscation Score
|
Hash | Hash Value |
|---|---|
| MD5 | 77fd461671e836a6ff77f991cfcb394a
|
| Sha1 | 9f8b7682428bab8773e20d63a62ff2be03bc97ec
|
| Sha256 | 41ca3c2c7a51d75336e053983d5174e50119ef1ea8b4d2ad3b73616b9e5fce11
|
| Sha384 | c9aca1fef4411dfba495177f26ca196718adff51f7af0b467c348afef118d5f32ccaac44a3b6412213449ac550a5e9ec
|
| Sha512 | c0c8fb79e00b7e0826231e768be9363628c1d6509c520eceb1986913f07b2662427d7dfb9f777edcd418d5501e462108334a3b44c74ecbabf24266a120778ae1
|
| SSDeep | 384:qGOIiu/jtD+P3V+y0bFwRktv7ms2cPmrAF+rMRTyN/0L+EcoinblneHQM3epzXkw:TXmV10bFwRktalcOrM+rMRa8NumPYt
|
| TLSH | 8D033A4D7FE18168D5FD067B05B2D01207BAE04B6E23DE1E8EE164AA37636C1CB50AF1
|
PeID
|
Config. Field0 | Value |
|---|---|
| packet_size [b] | 5121 |
| BD [BD] | True |
| directory [DR] | AllUsersProfile |
| executable_name [EXE] | system32.exe |
| cnc_host [HH] | 194.5.65.9 |
| is_dir_defined [Idr] | True |
| is_startup_folder [IsF] | True |
| is_user_reg [Isu] | True |
| NH [NH] | 0 |
| cnc_port [P] | 8080 |
| reg_key [RG] | 93b51036d4337ec738b89226dca82525 |
| reg_path [sf] | Software\Microsoft\Windows\CurrentVersion\Run |
| sizk | 20 |
| victim_name [VN] | HacKed |
| version [VR] | im523 |
| splitter [Y] | |'|'| |
| HD | True |
| anti [anti] | Exsample.exe |
| anti2 [anti2] | True |
| usb [usb] | True |
| usbx [usbx] | svchost.exe |
| task [task] | True |
|
Name0 | Value |
|---|---|
| Module Name | w.exe |
| Full Name | w.exe |
| EntryPoint | System.Void w.A::main() |
| Scope Name | w.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v2.0.50727 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | w |
| Assembly Version | 0.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | <null> |
| Total Strings | 338 |
| Main Method | System.Void w.A::main() |
| Main IL Instruction Count | 5 |
| Main IL | nop <null> call System.Void w.OK::ko() nop <null> nop <null> ret <null> |
| Module Name | w.exe |
| Full Name | w.exe |
| EntryPoint | System.Void w.A::main() |
| Scope Name | w.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v2.0.50727 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | w |
| Assembly Version | 0.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | <null> |
| Total Strings | 338 |
| Main Method | System.Void w.A::main() |
| Main IL Instruction Count | 5 |
| Main IL | nop <null> call System.Void w.OK::ko() nop <null> nop <null> ret <null> |
|
Name0 | Value |
|---|---|
| Port | 8080 |
|
Config. Field0 | Value |
|---|---|
| packet_size [b] | 5121 |
| BD [BD] | True |
| directory [DR] | AllUsersProfile |
| executable_name [EXE] | system32.exe |
| cnc_host [HH] | 194.5.65.9 |
| is_dir_defined [Idr] | True |
| is_startup_folder [IsF] | True |
| is_user_reg [Isu] | True |
| NH [NH] | 0 |
| cnc_port [P] | 8080 |
| reg_key [RG] | 93b51036d4337ec738b89226dca82525 |
| reg_path [sf] | Software\Microsoft\Windows\CurrentVersion\Run |
| sizk | 20 |
| victim_name [VN] | HacKed |
| version [VR] | im523 |
| splitter [Y] | |'|'| |
| HD | True |
| anti [anti] | Exsample.exe |
| anti2 [anti2] | True |
| usb [usb] | True |
| usbx [usbx] | svchost.exe |
| task [task] | True |
|
Name0 | Value | Location |
|---|---|---|
| Port | 8080 Malicious |
77fd461671e836a6ff77f991cfcb394a |