Suspicious
Suspect

7f699e3847a09bd4182f714dca834510

PE Executable
|
MD5: 7f699e3847a09bd4182f714dca834510
|
Size: 1.06 MB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Medium

Hash
 Hash Value
MD5
7f699e3847a09bd4182f714dca834510
Sha1
576766a9c2175d3bd4bbc4b08872c26608265fbc
Sha256
b8c01872f5f8f7ea0056e521a82f5563a8dd491eb75be2450aacd301a4ee6454
Sha384
980352b7080e0d5c62887cf7211e2dd8e6312c7258ed5c71b9db08b528e180431153f913ab2d363c9e0ef4d1b7918afa
Sha512
5a11eba4f9ba0d5bc5f6288c18780edf837a7d144419f803a9dd1305464b16d7b7bdf659f48c894673e5225f29896daae04464ca5143d8442fccb523886c7e8f
SSDeep
24576:0+Szx+WO4Kp7YXRyX9Tgb5eqzu/B2BCa0dEgJqo:RSzx+94Y7YOcb5ez/c0a0dE2qo
TLSH
9F2523B857680933C1F5C97D76D27114DA34A097C2EAFB829480917E2F6B7E1C827E87

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
7f699e3847a09bd4182f714dca834510
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
{cc30cf4f-1e6b-4636-a84f-35870d54136e}
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

Axrjgvqap.exe
Full Name

Axrjgvqap.exe
EntryPoint

System.Void .::()
Scope Name

Axrjgvqap.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Axrjgvqap
Assembly Version

1.0.6808.5654
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

28
Main Method

System.Void .::()
Main IL Instruction Count

48
Main IL

ldc.i4.0 <null> brtrue.s IL_0009: ldstr "+hZp+/sFA4T+hSXZZXPdVg==" br.s IL_003D: newobj System.Void .::.ctor() ldc.i4.0 <null> brfalse.s IL_0044: stloc.0 pop <null> ldstr +hZp+/sFA4T+hSXZZXPdVg== br.s IL_0047: stloc.1 ldstr avJNJmf1IsQ= ldc.i4.1 <null> brtrue.s IL_004A: stloc.2 pop <null> ldstr eZEOnZ8N9X805VuaE5.eZJ5Qb7rKJtIaAmjCW br.s IL_004D: stloc.3 ldstr r53Egi1P7 br.s IL_0050: stloc.s V_4 ldc.i4.0 <null> brtrue.s IL_0009: ldstr "+hZp+/sFA4T+hSXZZXPdVg==" br.s IL_0054: ldloc.1 br.s IL_0057: ldloc.0 br.s IL_005A: ldloc.2 ldloc.s V_4 ldloc.3 <null> call System.Void .::(System.String,.,System.String,System.String,System.String) ldc.i4.0 <null> brtrue.s IL_0009: ldstr "+hZp+/sFA4T+hSXZZXPdVg==" leave.s IL_0060: ret newobj System.Void .::.ctor() br.s IL_0005: ldc.i4.0 stloc.0 <null> br.s IL_0009: ldstr "+hZp+/sFA4T+hSXZZXPdVg==" stloc.1 <null> br.s IL_0010: ldstr "avJNJmf1IsQ=" stloc.2 <null> br.s IL_0019: ldstr "eZEOnZ8N9X805VuaE5.eZJ5Qb7rKJtIaAmjCW" stloc.3 <null> br.s IL_0020: ldstr "r53Egi1P7" stloc.s V_4 br.s IL_0027: ldc.i4.0 ldloc.1 <null> br.s IL_002C: br.s IL_0057 ldloc.0 <null> br.s IL_002E: br.s IL_005A ldloc.2 <null> br.s IL_0030: ldloc.s V_4 pop <null> leave.s IL_0060: ret ret <null>
Module Name

Axrjgvqap.exe
Full Name

Axrjgvqap.exe
EntryPoint

System.Void .::()
Scope Name

Axrjgvqap.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Axrjgvqap
Assembly Version

1.0.6808.5654
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

28
Main Method

System.Void .::()
Main IL Instruction Count

48
Main IL

ldc.i4.0 <null> brtrue.s IL_0009: ldstr "+hZp+/sFA4T+hSXZZXPdVg==" br.s IL_003D: newobj System.Void .::.ctor() ldc.i4.0 <null> brfalse.s IL_0044: stloc.0 pop <null> ldstr +hZp+/sFA4T+hSXZZXPdVg== br.s IL_0047: stloc.1 ldstr avJNJmf1IsQ= ldc.i4.1 <null> brtrue.s IL_004A: stloc.2 pop <null> ldstr eZEOnZ8N9X805VuaE5.eZJ5Qb7rKJtIaAmjCW br.s IL_004D: stloc.3 ldstr r53Egi1P7 br.s IL_0050: stloc.s V_4 ldc.i4.0 <null> brtrue.s IL_0009: ldstr "+hZp+/sFA4T+hSXZZXPdVg==" br.s IL_0054: ldloc.1 br.s IL_0057: ldloc.0 br.s IL_005A: ldloc.2 ldloc.s V_4 ldloc.3 <null> call System.Void .::(System.String,.,System.String,System.String,System.String) ldc.i4.0 <null> brtrue.s IL_0009: ldstr "+hZp+/sFA4T+hSXZZXPdVg==" leave.s IL_0060: ret newobj System.Void .::.ctor() br.s IL_0005: ldc.i4.0 stloc.0 <null> br.s IL_0009: ldstr "+hZp+/sFA4T+hSXZZXPdVg==" stloc.1 <null> br.s IL_0010: ldstr "avJNJmf1IsQ=" stloc.2 <null> br.s IL_0019: ldstr "eZEOnZ8N9X805VuaE5.eZJ5Qb7rKJtIaAmjCW" stloc.3 <null> br.s IL_0020: ldstr "r53Egi1P7" stloc.s V_4 br.s IL_0027: ldc.i4.0 ldloc.1 <null> br.s IL_002C: br.s IL_0057 ldloc.0 <null> br.s IL_002E: br.s IL_005A ldloc.2 <null> br.s IL_0030: ldloc.s V_4 pop <null> leave.s IL_0060: ret ret <null>
7f699e3847a09bd4182f714dca834510 (1.06 MB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙