Malicious
Malicious

89edcd96dd316f5ffaeb793c289fdcf7

PE Executable
|
MD5: 89edcd96dd316f5ffaeb793c289fdcf7
|
Size: 3.55 MB
|
application/x-dosexec

Print
Infection Chain
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very high

Hash
 Hash Value
MD5
89edcd96dd316f5ffaeb793c289fdcf7
Sha1
c207726c271803087f86c3c334f11fca0c9d8ee6
Sha256
b86a67a7dea558bd5719148ecc93ecb2c4f9270006ff304d860c866519c8ca15
Sha384
e0bbf72a01d4b13f2ccf8fb4bb5b793b05a8f8eaab909da0e7136720585b4048c0adaae5b6b670ea224b2db2b9c9df35
Sha512
144a2e037284620b293d106e20efc9f54692bfc1574664831e3cab39eba66dc43eef78bafc1f05acfbf31ee82e05dc0b0c565a05ec3d380d72ef853fa2ebaeb0
SSDeep
98304:JaBJV38SWF2AYzVUgeDNupIscRfxs/rIEdM:6ByF2RZU3upyxs/
TLSH
82F5E0417E488D02F0491A33D2EF29448BB09D517AE5E71B7DBA37AE65123937C0DACB

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
89edcd96dd316f5ffaeb793c289fdcf7
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
.Net Resources
CJEFpuFZwuJBsQj1Oj.bGHZ4SvHZ6yBXMlNDC
HJHidymUSaEAdu6aMI.MWZFl0am0jyMyZipLc
Informations
Name
 Value
Module Name

7RTCWgd0lKRlT2R9QEqeFYDXRTRZrbWmw0W2rL
Full Name

7RTCWgd0lKRlT2R9QEqeFYDXRTRZrbWmw0W2rL
EntryPoint

System.Void deplTYhNhS2ZJvnksLe.vktQpjhZTHdof1DKIdq::FAS1TnERM0()
Scope Name

7RTCWgd0lKRlT2R9QEqeFYDXRTRZrbWmw0W2rL
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

AA4VGn4b
Assembly Version

3.4.8.5
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

63
Main Method

System.Void deplTYhNhS2ZJvnksLe.vktQpjhZTHdof1DKIdq::FAS1TnERM0()
Main IL Instruction Count

14
Main IL

br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull call System.Void uJCea21OZcNoa2AV2XN.eVFk8p1QfhhqB2VywX9::kLjw4iIsCLsZtxc4lksN0j() nop <null> ldsfld System.Object deplTYhNhS2ZJvnksLe.vktQpjhZTHdof1DKIdq::ekh1sypXym callvirt System.Void zQGbw4hQJkq6D13ty64.r8AsIPhqkud0hxHhCQH::iP3fpq6kyS() nop <null> ret <null>
Module Name

7RTCWgd0lKRlT2R9QEqeFYDXRTRZrbWmw0W2rL
Full Name

7RTCWgd0lKRlT2R9QEqeFYDXRTRZrbWmw0W2rL
EntryPoint

System.Void deplTYhNhS2ZJvnksLe.vktQpjhZTHdof1DKIdq::FAS1TnERM0()
Scope Name

7RTCWgd0lKRlT2R9QEqeFYDXRTRZrbWmw0W2rL
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

AA4VGn4b
Assembly Version

3.4.8.5
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

63
Main Method

System.Void deplTYhNhS2ZJvnksLe.vktQpjhZTHdof1DKIdq::FAS1TnERM0()
Main IL Instruction Count

14
Main IL

br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull call System.Void uJCea21OZcNoa2AV2XN.eVFk8p1QfhhqB2VywX9::kLjw4iIsCLsZtxc4lksN0j() nop <null> ldsfld System.Object deplTYhNhS2ZJvnksLe.vktQpjhZTHdof1DKIdq::ekh1sypXym callvirt System.Void zQGbw4hQJkq6D13ty64.r8AsIPhqkud0hxHhCQH::iP3fpq6kyS() nop <null> ret <null>
89edcd96dd316f5ffaeb793c289fdcf7 (3.55 MB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙