Suspicious
Suspect

85375eb61b93206468fe85a68ef07a74

PE Executable
|
MD5: 85375eb61b93206468fe85a68ef07a74
|
Size: 460.8 KB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Medium

Hash
 Hash Value
MD5
85375eb61b93206468fe85a68ef07a74
Sha1
82f51dd35c6fdf03e665c2b04b6ef76601996258
Sha256
2aaeba7c7de64209a13a95a4a744d7a28e487a2007687cdeb74cf3bde7012ec1
Sha384
dcdad291c96a354425b4daecfcd2771fe6021144c84ce7888b8cd41e7b4df51e7de3146a5bc1f860bd9e1984b49378b5
Sha512
51265ec3c0a34d5d1dddb8391f88e3bd23dc0c3c9afdb0d5263d3324fe5cfc8b58bc87e28367fd50eac28541c9ee0b12f66190107784ab7d17ac14db3406f98e
SSDeep
12288:P1zIyfQ9UVt2BxwHq/mhi5Gpmj5dUSJk:P1pfQQHqTJk
TLSH
48A42301F77AD275C6AA47397C76820052E1A2656EABDEDF315E338F4883306EF4164E

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
85375eb61b93206468fe85a68ef07a74
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
Mwmhcgjx.Properties.Resources.resources
Bvruixczcm
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

Mwmhcgjx.exe
Full Name

Mwmhcgjx.exe
EntryPoint

System.Void Mwmhcgjx.Ymukbrkyzlo::Main()
Scope Name

Mwmhcgjx.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Mwmhcgjx
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

12
Main Method

System.Void Mwmhcgjx.Ymukbrkyzlo::Main()
Main IL Instruction Count

19
Main IL

br IL_0041: newobj System.Void Mwmhcgjx.Ujofkk::.ctor() ret <null> nop <null> ldloc.s V_0 call System.Byte[] Mwmhcgjx.Properties.Lidxpc::get_Bvruixczcm() ldsfld System.Byte[] Mwmhcgjx.Viewers.CustomViewer::transmitterRecordData ldsfld System.Byte[] Mwmhcgjx.Viewers.CustomViewer::_ViewerSubscribers ldstr aLOpmp8ZV3Rpou5uFA.vdKq0IHVd1Yj2S9R0E ldstr ueiceHSA6 callvirt System.Void Mwmhcgjx.Ujofkk::Csezcwt(System.Byte[],System.Byte[],System.Byte[],System.String,System.String) br IL_002C: leave IL_0005 leave IL_0005: ret pop <null> br IL_0037: leave IL_0005 leave IL_0005: ret br IL_0005: ret newobj System.Void Mwmhcgjx.Ujofkk::.ctor() stloc.s V_0 br IL_0006: nop
Module Name

Mwmhcgjx.exe
Full Name

Mwmhcgjx.exe
EntryPoint

System.Void Mwmhcgjx.Ymukbrkyzlo::Main()
Scope Name

Mwmhcgjx.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Mwmhcgjx
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

12
Main Method

System.Void Mwmhcgjx.Ymukbrkyzlo::Main()
Main IL Instruction Count

19
Main IL

br IL_0041: newobj System.Void Mwmhcgjx.Ujofkk::.ctor() ret <null> nop <null> ldloc.s V_0 call System.Byte[] Mwmhcgjx.Properties.Lidxpc::get_Bvruixczcm() ldsfld System.Byte[] Mwmhcgjx.Viewers.CustomViewer::transmitterRecordData ldsfld System.Byte[] Mwmhcgjx.Viewers.CustomViewer::_ViewerSubscribers ldstr aLOpmp8ZV3Rpou5uFA.vdKq0IHVd1Yj2S9R0E ldstr ueiceHSA6 callvirt System.Void Mwmhcgjx.Ujofkk::Csezcwt(System.Byte[],System.Byte[],System.Byte[],System.String,System.String) br IL_002C: leave IL_0005 leave IL_0005: ret pop <null> br IL_0037: leave IL_0005 leave IL_0005: ret br IL_0005: ret newobj System.Void Mwmhcgjx.Ujofkk::.ctor() stloc.s V_0 br IL_0006: nop
85375eb61b93206468fe85a68ef07a74 (460.8 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙