868d2de0a6f8164cddf803f50fee0fb1

PE Executable
|
MD5: 868d2de0a6f8164cddf803f50fee0fb1
|
Size: 1.12 MB
|
application/x-dosexec

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	868d2de0a6f8164cddf803f50fee0fb1
Sha1	0be41de62c4659386d5d68e4b63fded28d161b14
Sha256	706bd04b5489a253c4e35239df8e08b74f873dbfe8e5dfb3cfdd4a43491f9c62
Sha384	91da8be85aefe45ecafc54761f595613e138961467a5c6f72f5a793671e3b9bcba3893d48bde20d1400eab2ff3e9473c
Sha512	d584e562b7ffe9a11d2fa434cb5f85d727c8b299e9616192446350fe23e71d74dcbb4856562dcf45231ee9081a8cf3afdf12dfd84258f48ef78d547bb25a84c3
SSDeep	24576:IzH/guQEo+cIx88bFEvyCID1Wy36x1f6iBu6Y3VictTJw:IzH4uWDAEkDV3OAiS3Qc9m
TLSH	4B351230229DCD26C5ED17BA4470D33113B5AD2EA113D39B4EDA7DCBBE96B824854723

PeID

.NET executable

Microsoft Visual C# / Basic .NET

Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL

Microsoft Visual C# v7.0 / Basic .NET

Microsoft Visual Studio .NET

File Structure

Informations

Name0	Value
Info	PE Detect: PeReader OK (file layout)
Module Name	AsyncTaskMethodBuil
Full Name	AsyncTaskMethodBuil
EntryPoint	System.Void ImporterEventK.ContractFailedEventA::Main()
Scope Name	AsyncTaskMethodBuil
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	IfWwx
Assembly Version	1.0.0.0
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.0
Total Strings	210
Main Method	System.Void ImporterEventK.ContractFailedEventA::Main()
Main IL Instruction Count	35
Main IL	nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> nop <null> call System.String VARFL.RegistryValueOpti::get_VarsayilanDosyaYolu() call VARFL.RegistryValueOpti VARFL.RegistryValueOpti::Yukle(System.String) call System.Void ImporterEventK.ContractFailedEventA::set_Saray(VARFL.RegistryValueOpti) nop <null> call VARFL.RegistryValueOpti ImporterEventK.ContractFailedEventA::get_Saray() callvirt System.Collections.Generic.List`1<SinkProviderEn.NativeBuf> VARFL.RegistryValueOpti::get_Odalar() callvirt System.Int32 System.Collections.Generic.List`1<SinkProviderEn.NativeBuf>::get_Count() ldc.i4.0 <null> ceq <null> stloc.0 <null> ldloc.0 <null> brfalse.s IL_0040: nop call VARFL.RegistryValueOpti VARFL.RegistryValueOpti::OrnekOlustur() call System.Void ImporterEventK.ContractFailedEventA::set_Saray(VARFL.RegistryValueOpti) nop <null> nop <null> leave.s IL_0053: newobj System.Void MarshalByRefObj.AccessControlModificat::.ctor() pop <null> nop <null> call VARFL.RegistryValueOpti VARFL.RegistryValueOpti::OrnekOlustur() call System.Void ImporterEventK.ContractFailedEventA::set_Saray(VARFL.RegistryValueOpti) nop <null> nop <null> leave.s IL_0053: newobj System.Void MarshalByRefObj.AccessControlModificat::.ctor() newobj System.Void MarshalByRefObj.AccessControlModificat::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
Module Name	AsyncTaskMethodBuil
Full Name	AsyncTaskMethodBuil
EntryPoint	System.Void ImporterEventK.ContractFailedEventA::Main()
Scope Name	AsyncTaskMethodBuil
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	IfWwx
Assembly Version	1.0.0.0
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.0
Total Strings	210
Main Method	System.Void ImporterEventK.ContractFailedEventA::Main()
Main IL Instruction Count	35
Main IL	nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> nop <null> call System.String VARFL.RegistryValueOpti::get_VarsayilanDosyaYolu() call VARFL.RegistryValueOpti VARFL.RegistryValueOpti::Yukle(System.String) call System.Void ImporterEventK.ContractFailedEventA::set_Saray(VARFL.RegistryValueOpti) nop <null> call VARFL.RegistryValueOpti ImporterEventK.ContractFailedEventA::get_Saray() callvirt System.Collections.Generic.List`1<SinkProviderEn.NativeBuf> VARFL.RegistryValueOpti::get_Odalar() callvirt System.Int32 System.Collections.Generic.List`1<SinkProviderEn.NativeBuf>::get_Count() ldc.i4.0 <null> ceq <null> stloc.0 <null> ldloc.0 <null> brfalse.s IL_0040: nop call VARFL.RegistryValueOpti VARFL.RegistryValueOpti::OrnekOlustur() call System.Void ImporterEventK.ContractFailedEventA::set_Saray(VARFL.RegistryValueOpti) nop <null> nop <null> leave.s IL_0053: newobj System.Void MarshalByRefObj.AccessControlModificat::.ctor() pop <null> nop <null> call VARFL.RegistryValueOpti VARFL.RegistryValueOpti::OrnekOlustur() call System.Void ImporterEventK.ContractFailedEventA::set_Saray(VARFL.RegistryValueOpti) nop <null> nop <null> leave.s IL_0053: newobj System.Void MarshalByRefObj.AccessControlModificat::.ctor() newobj System.Void MarshalByRefObj.AccessControlModificat::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>

868d2de0a6f8164cddf803f50fee0fb1 (1.12 MB)

File Structure

Characteristics

No malware configuration were found at this point.

You must be signed in to post a comment.

868d2de0a6f8164cddf803f50fee0fb1

PE Executable | MD5: 868d2de0a6f8164cddf803f50fee0fb1 | Size: 1.12 MB | application/x-dosexec

PE Executable
|
MD5: 868d2de0a6f8164cddf803f50fee0fb1
|
Size: 1.12 MB
|
application/x-dosexec