Symbol Obfuscation Score
|
Hash | Hash Value |
|---|---|
| MD5 | 7c26de59ad48e07090ff995d732b5e91
|
| Sha1 | 04fd9554e18e80ab9c7f090e1f4c5d7f4e961579
|
| Sha256 | a6640f14b119df661bb6d99d1e16a07a5d0f609c5d4ea3375ef3fa74bcab8d14
|
| Sha384 | 8314385ed577785d08d9ed31fdef0c02699b278b4f3ff4f416ccb9aa08150e1578d4a21fe4292dea2357aa72afbc8de5
|
| Sha512 | c8e4609cd5f1365e0571047eaaf39b3de5876826ce5d8f68f563a3043f779ec6c476122982f6112b4e657789da3593d4631c633cfd7a0feb2b7c2fdcafe18c9b
|
| SSDeep | 6144:xTEgdc0YFX7IxUpGREWPOhYUZTP0bC2cE38b8F9STsMsGD2N6icTR3y:xTEgdfY+xUCw2HnZi2N6icdy
|
| TLSH | 4EB46B4023F8862BE5BF5779E87105205BF9F407B26BFB5F4541B0E92CA67069E40BA3
|
PeID
|
Config. Field0 | Value |
|---|---|
| Conf. AES-Salt | BF-EB-1E-56-FB-CD-97-3B-B2-19-02-24-30-A5-78-43-00-3D-56-44-D2-1E-62-B9-D4-F1-80-E7-E6-C3-39-41 |
| Conf. AES-Key | C3B62195F19910EF379EFEFAC110A45451753B53 |
| Version | 1.4.0 |
| Port | 16 |
| Host | 45.81.113.187 |
| ReconnectDelay | 30 |
| SubDirectory | SubDir |
| InstallName | client.exe |
| Install | 1 |
| Startup | 1 |
| Mutex | 2c1b2e6c-18ee-42b8-8c19-f939412a |
| StartupKey | Defender |
| HideFile | 1 |
| EnableLogger | 1 |
| Tag | sigorta |
| LogDirectory | KEYLOGGER KAYIT |
| ServerSignature | BPINCFGzG2MKaGPFPK+T6NZEg0WfceyC9+ptXi4o2rch1GKPVFZpiyYLanQLZUr4YBKQNJmEjAuL9122r5brJtvz+HZdmYuTuKl37FMjNHspPd2zJilunS0wWuTQ97EAhr5LwruSQWDE9zLDve0YjGUn3nOLNxY+GGCedCCb2VZ1UsTR4gwSkpcyXWi75NoHX0yO9A4sMa1fxa7ypNsTLOgndOJoNw9i1346GG8b3GdJ1a5Xp5pCLoybxaQ+eFPSsfWn6BXDFYjdtIsNSyVIwEnm/Egp/9dfPVK++dnqy87G5BFhOkgTqwjZZrjmy2F5vfVSdRckXZ69rvjGy7fP4R6clZ5c4X6YDMz33F3KtHHQM4t1flC08PmV4sqVPyQzX5S/yzctDY0EfRTWxW8NDwgtGmc7eWf0Gc40vUX3gjQhTTIwRqpIogNA9XaVZW9ehsLigk5Lfiy7AN6VFeeEcGbTTeE6dmLGa6hOMQri9ZuFMZqdwYaRPebyaVp1ZuOX/CiYF4TqnheLpP+jT65ebt0LgYJDsD0xHsOsTzE4bMQUcdq4tvHBLrbEzrO4utON5YeprlCgIBwc7B20PVL0IemjRe8uV+moyjSV5Sp80qbF8Y5qKh9mP1auVyy+Zs/6BgmwJC2A8CJkz4qItYWga9JIRsQs+JOE |
| ServerCertificate | MIIE9DCCAtygAwIBAgIQAP/5CXGK+DEFDiQIwFdTSTANBgkqhkiG9w0BAQ0FADAbMRkwFwYDVQQDDBBRdWFzYXIgU2VydmVyIENBMCAXDTI1MDgxODA4MTgxMVoYDzk5OTkxMjMxMjM1OTU5WjAbMRkwFwYDVQQDDBBRdWFzYXIgU2VydmVyIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAkQpreWlXQlvUXjtxV2oSoGl7mUfwBFW4ljOoYn/vVMA2WmIbw9HPXf+wFATUe8hWXcTY9RZiboWkgQfhDfPcDWSe+R7VHplaZFx8MFn4ht+v8uJVUEwHyZHC5xg+oerQ8YPmdC097/2BwwzVVILAhbwN1sDeTzCr3K53UgNUjDCNOF5C9H9/iGNMJu3mVeUU/+S6FTFd7i5u21rbL9wLib4X0ScHfBOdtYOuLAuq2gp+0MKFWj0CJOs7ngSElVSfM4mpDopv4BEXJkVWI9vCWgnIKLg5nscYYwFdyzqgKIUP8Cn6vK68a3s+eJc8ntXfYrsnMwgdAUiKnS11ROaWwYvUN9SZyiV3TMQ6opWTmddIPAZXIk8ZV1MFfdhEdhV4mozaGq+oX/UcbYFZc+ylugWIrrVs2aLYi1+AM4OGQ7PdT9UciWNgVUCK7QXZw906AaK/xwnv0dU+Z+URPYY8+H681Ehznyg3L7rdH43pmG0r2xLM1/9QK5tIi9lanvzTYadHIcEy876d/G/hpLDwvfbGUaHxB/CzDiOmPLjWLnrjaBNvINFQgZ6RwkmRY+udBolOy66PEkQqmkB5OedIqcWZoDxcmj7bNDABnnrQkEy7THBzrpCq1xp4jLSpJbkpnYXgsIRIv6Q544jcnLyGZw5JLzRR1UUr236+UMSkJbsCAwEAAaMyMDAwHQYDVR0OBBYEFKl7sRj/Admj4sGsPfl+TK39LF79MA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQENBQADggIBABWpcJ6WFMvPRlvO3RKcO/vrc4t9CGcBz98ZqAHSQMS9Eu5tHa69a63lBardiEu4LtHHPIYVwyy/qrj5Yt0fhibRjhTaiJcdFCsYFYtdNJX8O4hrkfhNl/i6JABHzf7j3sMBMRAAMmesalgP3H0twFak7sgtGGMFkCrw3e7IXiHxL447P3xh9JU9oS+nu4dEDt7H2WBADli2WbSWepzVQuRu6/D1KowH+b9cvuF+gzzLMXaCm+kmUjws+NCxyJAnlvHjGAzC7FYlWPgdKIajlCnywDVC7kSzlX+HN3YkZAFxGChRLvoO5A2gNfurJSNZ7jofj/fGPeRXutR0gQjZJfiavPhZI9QLp6cazbH+C0H8b5PTniFesKyNXqJgnBCeoQ9GIS4BNiLYyshxv1B6shGCXZatyqeUOVjr1wM/AMgaOixwGGXBO6Z853FtIDPfrnVfTHPA2vUr8FFKBdmFVc7pYk+Xj6sBkYPdu8gK2NNPNrXHRppOgKxkP6eiY1TT/A5u4mE3CIQFftbhsdGTX8ZoAt+ztSjz21YQDm5g990B11Mj8PGLLvDdeWuZ3IWPiGicWxEyYledgfhaQ3P+aE8aUXbylOZcItr+GFPVxFzazrftJFDxt9VScMJ+OUzAgTXaZMPoBlfa18oVC327D+Ciycc6474jsM/x5Q70tXqT |
| HideLogDirectory | 0 |
| HideLogSubdirectory | 1 |
| UnattendedMod | 1 |
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Module Name | Client |
| Full Name | Client |
| EntryPoint | System.Void 낌�귗쭇�讚㫇임ᒇ텕ᵩೀ塐诫萷::Main(System.String[]) |
| Scope Name | Client |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Client |
| Assembly Version | 1.4.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.5.2 |
| Total Strings | 1552 |
| Main Method | System.Void 낌�귗쭇�讚㫇임ᒇ텕ᵩೀ塐诫萷::Main(System.String[]) |
| Main IL Instruction Count | 19 |
| Main IL | ldc.i4 3072 call System.Void System.Net.ServicePointManager::set_SecurityProtocol(System.Net.SecurityProtocolType) ldc.i4.2 <null> call System.Void System.Windows.Forms.Application::SetUnhandledExceptionMode(System.Windows.Forms.UnhandledExceptionMode) ldnull <null> ldftn System.Void 낌�귗쭇�讚㫇임ᒇ텕ᵩೀ塐诫萷::㵯♎僅爅ﰧ桍Ẑ訏奃鄉╛ᴽ沀尡텉멾㽔䘡(System.Object,System.Threading.ThreadExceptionEventArgs) newobj System.Void System.Threading.ThreadExceptionEventHandler::.ctor(System.Object,System.IntPtr) call System.Void System.Windows.Forms.Application::add_ThreadException(System.Threading.ThreadExceptionEventHandler) call System.AppDomain System.AppDomain::get_CurrentDomain() ldnull <null> ldftn System.Void 낌�귗쭇�讚㫇임ᒇ텕ᵩೀ塐诫萷::岅狅渍猧ꔺᚤ䈮ꯌ㕀輂짌갦䐠뛳紺(System.Object,System.UnhandledExceptionEventArgs) newobj System.Void System.UnhandledExceptionEventHandler::.ctor(System.Object,System.IntPtr) callvirt System.Void System.AppDomain::add_UnhandledException(System.UnhandledExceptionEventHandler) call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) newobj System.Void 㽨覞ꕵꋳ㕗谾ᷓ▪敫晱☢稩搥�欃ꎎ::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null> |
| Module Name | Client |
| Full Name | Client |
| EntryPoint | System.Void 낌�귗쭇�讚㫇임ᒇ텕ᵩೀ塐诫萷::Main(System.String[]) |
| Scope Name | Client |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Client |
| Assembly Version | 1.4.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.5.2 |
| Total Strings | 1552 |
| Main Method | System.Void 낌�귗쭇�讚㫇임ᒇ텕ᵩೀ塐诫萷::Main(System.String[]) |
| Main IL Instruction Count | 19 |
| Main IL | ldc.i4 3072 call System.Void System.Net.ServicePointManager::set_SecurityProtocol(System.Net.SecurityProtocolType) ldc.i4.2 <null> call System.Void System.Windows.Forms.Application::SetUnhandledExceptionMode(System.Windows.Forms.UnhandledExceptionMode) ldnull <null> ldftn System.Void 낌�귗쭇�讚㫇임ᒇ텕ᵩೀ塐诫萷::㵯♎僅爅ﰧ桍Ẑ訏奃鄉╛ᴽ沀尡텉멾㽔䘡(System.Object,System.Threading.ThreadExceptionEventArgs) newobj System.Void System.Threading.ThreadExceptionEventHandler::.ctor(System.Object,System.IntPtr) call System.Void System.Windows.Forms.Application::add_ThreadException(System.Threading.ThreadExceptionEventHandler) call System.AppDomain System.AppDomain::get_CurrentDomain() ldnull <null> ldftn System.Void 낌�귗쭇�讚㫇임ᒇ텕ᵩೀ塐诫萷::岅狅渍猧ꔺᚤ䈮ꯌ㕀輂짌갦䐠뛳紺(System.Object,System.UnhandledExceptionEventArgs) newobj System.Void System.UnhandledExceptionEventHandler::.ctor(System.Object,System.IntPtr) callvirt System.Void System.AppDomain::add_UnhandledException(System.UnhandledExceptionEventHandler) call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) newobj System.Void 㽨覞ꕵꋳ㕗谾ᷓ▪敫晱☢稩搥�欃ꎎ::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null> |
|
Name0 | Value |
|---|---|
| CnC | 45.81.113.187 |
| Port | 16 |
|
Config. Field0 | Value |
|---|---|
| Conf. AES-Salt | BF-EB-1E-56-FB-CD-97-3B-B2-19-02-24-30-A5-78-43-00-3D-56-44-D2-1E-62-B9-D4-F1-80-E7-E6-C3-39-41 |
| Conf. AES-Key | C3B62195F19910EF379EFEFAC110A45451753B53 |
| Version | 1.4.0 |
| Port | 16 |
| Host | 45.81.113.187 |
| ReconnectDelay | 30 |
| SubDirectory | SubDir |
| InstallName | client.exe |
| Install | 1 |
| Startup | 1 |
| Mutex | 2c1b2e6c-18ee-42b8-8c19-f939412a |
| StartupKey | Defender |
| HideFile | 1 |
| EnableLogger | 1 |
| Tag | sigorta |
| LogDirectory | KEYLOGGER KAYIT |
| ServerSignature | BPINCFGzG2MKaGPFPK+T6NZEg0WfceyC9+ptXi4o2rch1GKPVFZpiyYLanQLZUr4YBKQNJmEjAuL9122r5brJtvz+HZdmYuTuKl37FMjNHspPd2zJilunS0wWuTQ97EAhr5LwruSQWDE9zLDve0YjGUn3nOLNxY+GGCedCCb2VZ1UsTR4gwSkpcyXWi75NoHX0yO9A4sMa1fxa7ypNsTLOgndOJoNw9i1346GG8b3GdJ1a5Xp5pCLoybxaQ+eFPSsfWn6BXDFYjdtIsNSyVIwEnm/Egp/9dfPVK++dnqy87G5BFhOkgTqwjZZrjmy2F5vfVSdRckXZ69rvjGy7fP4R6clZ5c4X6YDMz33F3KtHHQM4t1flC08PmV4sqVPyQzX5S/yzctDY0EfRTWxW8NDwgtGmc7eWf0Gc40vUX3gjQhTTIwRqpIogNA9XaVZW9ehsLigk5Lfiy7AN6VFeeEcGbTTeE6dmLGa6hOMQri9ZuFMZqdwYaRPebyaVp1ZuOX/CiYF4TqnheLpP+jT65ebt0LgYJDsD0xHsOsTzE4bMQUcdq4tvHBLrbEzrO4utON5YeprlCgIBwc7B20PVL0IemjRe8uV+moyjSV5Sp80qbF8Y5qKh9mP1auVyy+Zs/6BgmwJC2A8CJkz4qItYWga9JIRsQs+JOE |
| ServerCertificate | MIIE9DCCAtygAwIBAgIQAP/5CXGK+DEFDiQIwFdTSTANBgkqhkiG9w0BAQ0FADAbMRkwFwYDVQQDDBBRdWFzYXIgU2VydmVyIENBMCAXDTI1MDgxODA4MTgxMVoYDzk5OTkxMjMxMjM1OTU5WjAbMRkwFwYDVQQDDBBRdWFzYXIgU2VydmVyIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAkQpreWlXQlvUXjtxV2oSoGl7mUfwBFW4ljOoYn/vVMA2WmIbw9HPXf+wFATUe8hWXcTY9RZiboWkgQfhDfPcDWSe+R7VHplaZFx8MFn4ht+v8uJVUEwHyZHC5xg+oerQ8YPmdC097/2BwwzVVILAhbwN1sDeTzCr3K53UgNUjDCNOF5C9H9/iGNMJu3mVeUU/+S6FTFd7i5u21rbL9wLib4X0ScHfBOdtYOuLAuq2gp+0MKFWj0CJOs7ngSElVSfM4mpDopv4BEXJkVWI9vCWgnIKLg5nscYYwFdyzqgKIUP8Cn6vK68a3s+eJc8ntXfYrsnMwgdAUiKnS11ROaWwYvUN9SZyiV3TMQ6opWTmddIPAZXIk8ZV1MFfdhEdhV4mozaGq+oX/UcbYFZc+ylugWIrrVs2aLYi1+AM4OGQ7PdT9UciWNgVUCK7QXZw906AaK/xwnv0dU+Z+URPYY8+H681Ehznyg3L7rdH43pmG0r2xLM1/9QK5tIi9lanvzTYadHIcEy876d/G/hpLDwvfbGUaHxB/CzDiOmPLjWLnrjaBNvINFQgZ6RwkmRY+udBolOy66PEkQqmkB5OedIqcWZoDxcmj7bNDABnnrQkEy7THBzrpCq1xp4jLSpJbkpnYXgsIRIv6Q544jcnLyGZw5JLzRR1UUr236+UMSkJbsCAwEAAaMyMDAwHQYDVR0OBBYEFKl7sRj/Admj4sGsPfl+TK39LF79MA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQENBQADggIBABWpcJ6WFMvPRlvO3RKcO/vrc4t9CGcBz98ZqAHSQMS9Eu5tHa69a63lBardiEu4LtHHPIYVwyy/qrj5Yt0fhibRjhTaiJcdFCsYFYtdNJX8O4hrkfhNl/i6JABHzf7j3sMBMRAAMmesalgP3H0twFak7sgtGGMFkCrw3e7IXiHxL447P3xh9JU9oS+nu4dEDt7H2WBADli2WbSWepzVQuRu6/D1KowH+b9cvuF+gzzLMXaCm+kmUjws+NCxyJAnlvHjGAzC7FYlWPgdKIajlCnywDVC7kSzlX+HN3YkZAFxGChRLvoO5A2gNfurJSNZ7jofj/fGPeRXutR0gQjZJfiavPhZI9QLp6cazbH+C0H8b5PTniFesKyNXqJgnBCeoQ9GIS4BNiLYyshxv1B6shGCXZatyqeUOVjr1wM/AMgaOixwGGXBO6Z853FtIDPfrnVfTHPA2vUr8FFKBdmFVc7pYk+Xj6sBkYPdu8gK2NNPNrXHRppOgKxkP6eiY1TT/A5u4mE3CIQFftbhsdGTX8ZoAt+ztSjz21YQDm5g990B11Mj8PGLLvDdeWuZ3IWPiGicWxEyYledgfhaQ3P+aE8aUXbylOZcItr+GFPVxFzazrftJFDxt9VScMJ+OUzAgTXaZMPoBlfa18oVC327D+Ciycc6474jsM/x5Q70tXqT |
| HideLogDirectory | 0 |
| HideLogSubdirectory | 1 |
| UnattendedMod | 1 |
|
Name0 | Value | Location |
|---|---|---|
| CnC | 45.81.113.187 Malicious |
7c26de59ad48e07090ff995d732b5e91 |
| Port | 16 Malicious |
7c26de59ad48e07090ff995d732b5e91 |