Suspicious
Suspect

8c5e953469059beaf923ae8229755178

PE Executable
|
MD5: 8c5e953469059beaf923ae8229755178
|
Size: 12.29 KB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Medium

Hash
 Hash Value
MD5
8c5e953469059beaf923ae8229755178
Sha1
ce7ac3df3ac96446531eae248f90656cf212d8fd
Sha256
ae05c7d70a5afa168435f9111cb79cdd6bfb1e17979b44de1540ccfd932a5b32
Sha384
2fd45f296289fd2e6f5121c987df4409a4333bc3215585643d3631fdee2befd5647780c548130218828227f100b3847f
Sha512
e3564e2752f16b23b33078b353b89bb09fcb1c71adc68a10cb0615178a05d21cba7a33f27ef7ac9983fedcb63d100510ebf82ba2a71468988bb2c131a50b0a1b
SSDeep
192:EI904pdgTH+26ln/D5ihHbR4NY9cMrp0kb8j1d6X2bhmLZ:F64cTP6ln1iNbaAk+89mL
TLSH
AF42B804B7895BB9FCE20B748E72A5205A7B7F5109B2DF5E39CC31429FB35650112739

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
8c5e953469059beaf923ae8229755178
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

Invoice.exe
Full Name

Invoice.exe
EntryPoint

System.Void Yauwuphwy.Qqsersmayxz::Main()
Scope Name

Invoice.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Invoice
Assembly Version

6.1.3.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

5
Main Method

System.Void Yauwuphwy.Qqsersmayxz::Main()
Main IL Instruction Count

11
Main IL

newobj System.Void Yauwuphwy.Lorwjnkgear::.ctor() call System.Byte[] Yauwuphwy.Lorwjnkgear::Mcmar() stloc.0 <null> newobj System.Void Yauwuphwy.Pjdtkqj::.ctor() ldloc.0 <null> call System.Byte[] Yauwuphwy.Pjdtkqj::Jrvusb(System.Byte[]) stloc.1 <null> newobj System.Void Yauwuphwy.Kdvupyqs::.ctor() ldloc.1 <null> call System.Void Yauwuphwy.Kdvupyqs::Gljqhpwse(System.Byte[]) ret <null>
Module Name

Invoice.exe
Full Name

Invoice.exe
EntryPoint

System.Void Yauwuphwy.Qqsersmayxz::Main()
Scope Name

Invoice.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Invoice
Assembly Version

6.1.3.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

5
Main Method

System.Void Yauwuphwy.Qqsersmayxz::Main()
Main IL Instruction Count

11
Main IL

newobj System.Void Yauwuphwy.Lorwjnkgear::.ctor() call System.Byte[] Yauwuphwy.Lorwjnkgear::Mcmar() stloc.0 <null> newobj System.Void Yauwuphwy.Pjdtkqj::.ctor() ldloc.0 <null> call System.Byte[] Yauwuphwy.Pjdtkqj::Jrvusb(System.Byte[]) stloc.1 <null> newobj System.Void Yauwuphwy.Kdvupyqs::.ctor() ldloc.1 <null> call System.Void Yauwuphwy.Kdvupyqs::Gljqhpwse(System.Byte[]) ret <null>
8c5e953469059beaf923ae8229755178 (12.29 KB)
File Structure
8c5e953469059beaf923ae8229755178
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙