8bf61dc7a30a52999b29a0363eeb7134
PE Executable | MD5: 8bf61dc7a30a52999b29a0363eeb7134 | Size: 748.03 KB | application/x-dosexec
Symbol Obfuscation Score
|
Hash | Hash Value |
|---|---|
| MD5 | 8bf61dc7a30a52999b29a0363eeb7134
|
| Sha1 | 9a4aded3eb39f5bba7df8da3613d4e1af9bb7eb4
|
| Sha256 | 9914a65cbb8460e2b6d4fbe679149a21cc1ee73a9556362767c23f829caf64f3
|
| Sha384 | 404ca0f4fa454676da564e3c18362a990336670fca7d3d044ac34a034080245ff6ec27ce2c4c7f36b22683b79ffa2911
|
| Sha512 | 14494ac7af1bfa5f576130fa262ab9faf848b6cf6867e381675d40642f087131abd0381dbf9d4ab047b13479bf1701d6b77daa0881554dd1f4a48953241fd7ae
|
| SSDeep | 12288:cmKlr6Vc+x5bKIkou3E3DzRJjuQqtRuZdd9yaDO4DgrPOwDLcY:NKldaK5ORJqQcYZxyaq4D62q
|
| TLSH | 7EF42351F38CAA04D2F74A3E6BD2C452DBA6D7D40B615634BB2872021F53EAFC265C92
|
PeID
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Module Name | Sdnzuhgwuss.exe |
| Full Name | Sdnzuhgwuss.exe |
| EntryPoint | System.Void Sdnzuhgwuss.Dbyhyx::Main() |
| Scope Name | Sdnzuhgwuss.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Sdnzuhgwuss |
| Assembly Version | 1.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.0 |
| Total Strings | 5 |
| Main Method | System.Void Sdnzuhgwuss.Dbyhyx::Main() |
| Main IL Instruction Count | 70 |
| Main IL | nop <null> call System.Byte[] Sdnzuhgwuss.Dbyhyx::SUvPtIHk9() call System.Reflection.Assembly System.Reflection.Assembly::Load(System.Byte[]) callvirt System.Type[] System.Reflection.Assembly::GetExportedTypes() stloc.s V_0 ldc.i4 2 ldsfld <Module>{01de9510-da41-423b-887a-53c0a9e2a524} <Module>{01de9510-da41-423b-887a-53c0a9e2a524}::m_8b4afad8ff1446a8924b694e0e8e87fe ldfld System.Int32 <Module>{01de9510-da41-423b-887a-53c0a9e2a524}::m_7d3422d08c1145caba755dd5a00268ac brfalse IL_0043: switch(IL_007C,IL_00E7,IL_00EF) pop <null> ldc.i4 1 br IL_0043: switch(IL_007C,IL_00E7,IL_00EF) br IL_003F: ldloc V_1 ldc.i4 0 stloc V_1 ldloc V_1 switch dnlib.DotNet.Emit.Instruction[] ldloc V_1 ldc.i4 990 beq IL_003F: ldloc V_1 br IL_00EF: leave IL_0104 br IL_00AC: ldloc.s V_3 br IL_00C1: ldloc.s V_0 ldloc.s V_3 ldc.i4.1 <null> add <null> stloc.s V_3 br IL_00AC: ldloc.s V_3 nop <null> ldloc.s V_2 ldstr RI61SXZdA6 ldc.i4 256 ldnull <null> ldnull <null> ldnull <null> callvirt System.Object System.Type::InvokeMember(System.String,System.Reflection.BindingFlags,System.Reflection.Binder,System.Object,System.Object[]) pop <null> br IL_0097: leave IL_0071 leave IL_0071: ldloc.s V_3 pop <null> br IL_00A2: leave IL_0071 leave IL_0071: ldloc.s V_3 br IL_0071: ldloc.s V_3 ldloc.s V_3 ldloc.s V_0 ldlen <null> conv.i4 <null> blt IL_00C1: ldloc.s V_0 ldc.i4 2 br IL_0043: switch(IL_007C,IL_00E7,IL_00EF) ldloc.s V_0 ldloc.s V_3 ldelem.ref <null> stloc.s V_2 ldc.i4 8 ldsfld <Module>{01de9510-da41-423b-887a-53c0a9e2a524} <Module>{01de9510-da41-423b-887a-53c0a9e2a524}::m_8b4afad8ff1446a8924b694e0e8e87fe ldfld System.Int32 <Module>{01de9510-da41-423b-887a-53c0a9e2a524}::m_2adeffa70fa74932993be4aa4a723657 brfalse IL_0043: switch(IL_007C,IL_00E7,IL_00EF) pop <null> ldc.i4 0 br IL_0043: switch(IL_007C,IL_00E7,IL_00EF) ldc.i4.0 <null> stloc.s V_3 br IL_0067: br IL_00AC leave IL_0104: ret pop <null> br IL_00FA: leave IL_0104 leave IL_0104: ret br IL_0104: ret ret <null> |
| Module Name | Sdnzuhgwuss.exe |
| Full Name | Sdnzuhgwuss.exe |
| EntryPoint | System.Void Sdnzuhgwuss.Dbyhyx::Main() |
| Scope Name | Sdnzuhgwuss.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Sdnzuhgwuss |
| Assembly Version | 1.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.0 |
| Total Strings | 5 |
| Main Method | System.Void Sdnzuhgwuss.Dbyhyx::Main() |
| Main IL Instruction Count | 70 |
| Main IL | nop <null> call System.Byte[] Sdnzuhgwuss.Dbyhyx::SUvPtIHk9() call System.Reflection.Assembly System.Reflection.Assembly::Load(System.Byte[]) callvirt System.Type[] System.Reflection.Assembly::GetExportedTypes() stloc.s V_0 ldc.i4 2 ldsfld <Module>{01de9510-da41-423b-887a-53c0a9e2a524} <Module>{01de9510-da41-423b-887a-53c0a9e2a524}::m_8b4afad8ff1446a8924b694e0e8e87fe ldfld System.Int32 <Module>{01de9510-da41-423b-887a-53c0a9e2a524}::m_7d3422d08c1145caba755dd5a00268ac brfalse IL_0043: switch(IL_007C,IL_00E7,IL_00EF) pop <null> ldc.i4 1 br IL_0043: switch(IL_007C,IL_00E7,IL_00EF) br IL_003F: ldloc V_1 ldc.i4 0 stloc V_1 ldloc V_1 switch dnlib.DotNet.Emit.Instruction[] ldloc V_1 ldc.i4 990 beq IL_003F: ldloc V_1 br IL_00EF: leave IL_0104 br IL_00AC: ldloc.s V_3 br IL_00C1: ldloc.s V_0 ldloc.s V_3 ldc.i4.1 <null> add <null> stloc.s V_3 br IL_00AC: ldloc.s V_3 nop <null> ldloc.s V_2 ldstr RI61SXZdA6 ldc.i4 256 ldnull <null> ldnull <null> ldnull <null> callvirt System.Object System.Type::InvokeMember(System.String,System.Reflection.BindingFlags,System.Reflection.Binder,System.Object,System.Object[]) pop <null> br IL_0097: leave IL_0071 leave IL_0071: ldloc.s V_3 pop <null> br IL_00A2: leave IL_0071 leave IL_0071: ldloc.s V_3 br IL_0071: ldloc.s V_3 ldloc.s V_3 ldloc.s V_0 ldlen <null> conv.i4 <null> blt IL_00C1: ldloc.s V_0 ldc.i4 2 br IL_0043: switch(IL_007C,IL_00E7,IL_00EF) ldloc.s V_0 ldloc.s V_3 ldelem.ref <null> stloc.s V_2 ldc.i4 8 ldsfld <Module>{01de9510-da41-423b-887a-53c0a9e2a524} <Module>{01de9510-da41-423b-887a-53c0a9e2a524}::m_8b4afad8ff1446a8924b694e0e8e87fe ldfld System.Int32 <Module>{01de9510-da41-423b-887a-53c0a9e2a524}::m_2adeffa70fa74932993be4aa4a723657 brfalse IL_0043: switch(IL_007C,IL_00E7,IL_00EF) pop <null> ldc.i4 0 br IL_0043: switch(IL_007C,IL_00E7,IL_00EF) ldc.i4.0 <null> stloc.s V_3 br IL_0067: br IL_00AC leave IL_0104: ret pop <null> br IL_00FA: leave IL_0104 leave IL_0104: ret br IL_0104: ret ret <null> |