Suspicious
Suspect

819e10834de4e6e0fe64f7d700edb5f0

PE Executable
|
MD5: 819e10834de4e6e0fe64f7d700edb5f0
|
Size: 1.08 MB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Medium

Hash
 Hash Value
MD5
819e10834de4e6e0fe64f7d700edb5f0
Sha1
c8f08740fb914dc3cf376e42223f451eb11579a3
Sha256
4a880e52c3e1d5d7857a6b81bd13e61e35c3111be7a5555a4f1fa5a7b5e938b0
Sha384
8f0067b2d4d5cbc8399c9bfe0e8dd3e0561d3851aa3bb1005b128300964ce4d24a2657fb14d1af0a2af87b0a4a0cb2f0
Sha512
64cfa0547c6e104214e2bfb0a92b8ced4b381e7e8e6ce62383018ccf18bdb98e4131a163342ba359a28eb036f68c54e0323c2088b1f90123f5366e3cab3643d3
SSDeep
24576:LmEvauzhOlkw/DeqU0h2XBG573HSVEJli5Ixv:qEVhwreP2jAUli5Ixv
TLSH
663533220B88C493D6692B34BFCCF71255F3A35544BA58D5414BD8BF8FA612C0D7BAB2

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
819e10834de4e6e0fe64f7d700edb5f0
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
Dhoxta.Properties.Resources.resources
Cztwc
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

6841059370.exe
Full Name

6841059370.exe
EntryPoint

System.Void Dhoxta.Uknjhzyqppb::Main()
Scope Name

6841059370.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

6841059370
Assembly Version

1.0.4879.10742
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

6
Main Method

System.Void Dhoxta.Uknjhzyqppb::Main()
Main IL Instruction Count

10
Main IL

newobj System.Void Dhoxta.Xjdvtn::.ctor() ldstr vifbU2tkZMtJUv7LBW4Q7Q== ldstr HwEgI50LE7k= ldstr tRnafDhgRm8jiD5iQZ.J4FPYvkZ9X7lG7cCT4 ldstr ibZihDfvK callvirt System.Void Dhoxta.Xjdvtn::Cpiftx(System.String,System.String,System.String,System.String) leave IL_0029: ret pop <null> leave IL_0029: ret ret <null>
Module Name

6841059370.exe
Full Name

6841059370.exe
EntryPoint

System.Void Dhoxta.Uknjhzyqppb::Main()
Scope Name

6841059370.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

6841059370
Assembly Version

1.0.4879.10742
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

6
Main Method

System.Void Dhoxta.Uknjhzyqppb::Main()
Main IL Instruction Count

10
Main IL

newobj System.Void Dhoxta.Xjdvtn::.ctor() ldstr vifbU2tkZMtJUv7LBW4Q7Q== ldstr HwEgI50LE7k= ldstr tRnafDhgRm8jiD5iQZ.J4FPYvkZ9X7lG7cCT4 ldstr ibZihDfvK callvirt System.Void Dhoxta.Xjdvtn::Cpiftx(System.String,System.String,System.String,System.String) leave IL_0029: ret pop <null> leave IL_0029: ret ret <null>
819e10834de4e6e0fe64f7d700edb5f0 (1.08 MB)
File Structure
819e10834de4e6e0fe64f7d700edb5f0
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
Dhoxta.Properties.Resources.resources
Cztwc
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙