8d44f00f6a87e0bc15b5f244e3eda0c2

PE Executable
|
MD5: 8d44f00f6a87e0bc15b5f244e3eda0c2
|
Size: 822.78 KB
|
application/x-dosexec

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	8d44f00f6a87e0bc15b5f244e3eda0c2
Sha1	071b00a293bb42f091b468716708f23b689cbeee
Sha256	eb1a02ec53eba0ce4ae75d74d6dff37d4e920390d8bd4f6e525761cb52208a22
Sha384	07f7ca5c9dc67998717632dd177a7fa0b241f6dee82f57a7bc13aabd61be145f9e3c5a423e5fb771d3cdc045d2f7eac9
Sha512	bf951f36fe947d1205ea41a4526e2f006c2e3254060472457d6e5308db106404f0af97e88aa0a7a2638a3c86cff3bedfeed5f1f0663727992ccc24dbf75d511a
SSDeep	12288:UjXHQpnCFFdVXUjmsnAxuv9eE8fsYyY25BkL9+Dwk7pXq7hp3:U0WbaCgvyfsYwRpq7f
TLSH	3E058DA833495D81D03C77399973375087F2B9DBE87AC31A56CCA2EEA5267D02D8170B

PeID

.NET executable

Microsoft Visual C# / Basic .NET

Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL

Microsoft Visual C# v7.0 / Basic .NET

Microsoft Visual Studio .NET

File Structure

Informations

Name0	Value
Module Name	xworn data enc
Full Name	xworn data enc
EntryPoint	System.Void t1PAe8.t2K5Jpd::s0N7Sxz()
Scope Name	xworn data enc
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	xworn data enc
Assembly Version	1.4.6.13
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.6
Total Strings	3094
Main Method	System.Void t1PAe8.t2K5Jpd::s0N7Sxz()
Main IL Instruction Count	132
Main IL	nop <null> nop <null> ldstr MjA= stloc.0 <null> ldstr MTA= stloc.1 <null> ldstr NA== stloc.2 <null> call System.Text.Encoding System.Text.Encoding::get_UTF8() ldloc.0 <null> call System.Byte[] System.Convert::FromBase64String(System.String) callvirt System.String System.Text.Encoding::GetString(System.Byte[]) call System.Int32 System.Convert::ToInt32(System.String) stloc.3 <null> call System.Text.Encoding System.Text.Encoding::get_UTF8() ldloc.1 <null> call System.Byte[] System.Convert::FromBase64String(System.String) callvirt System.String System.Text.Encoding::GetString(System.Byte[]) call System.Int32 System.Convert::ToInt32(System.String) stloc.s V_4 call System.Text.Encoding System.Text.Encoding::get_UTF8() ldloc.2 <null> call System.Byte[] System.Convert::FromBase64String(System.String) callvirt System.String System.Text.Encoding::GetString(System.Byte[]) call System.Int32 System.Convert::ToInt32(System.String) stloc.s V_5 ldloc.3 <null> ldloc.s V_4 mul.ovf <null> stloc.s V_6 ldloc.s V_6 ldloc.s V_5 add.ovf <null> stloc.s V_7 call System.DateTime System.DateTime::get_Now() stloc.s V_8 ldc.i4 2000 stloc.s V_9 br.s IL_00A6: call System.DateTime System.DateTime::get_Now() ldloc.s V_7 conv.r8 <null> call System.Double System.Math::Sqrt(System.Double) ldloc.s V_7 conv.r8 <null> ldc.r8 2 call System.Double System.Math::Pow(System.Double,System.Double) mul <null> stloc.s V_11 ldloc.s V_11 ldc.r8 100 rem <null> call System.Double System.Math::Round(System.Double) conv.ovf.i4 <null> stloc.s V_7 nop <null> call System.DateTime System.DateTime::get_Now() ldloc.s V_8 call System.TimeSpan System.DateTime::op_Subtraction(System.DateTime,System.DateTime) stloc.s V_13 ldloca.s V_13 call System.Double System.TimeSpan::get_TotalMilliseconds() ldloc.s V_9 conv.r8 <null> clt <null> stloc.s V_12 ldloc.s V_12 brtrue.s IL_0075: ldloc.s V_7 ldc.r8 0 stloc.s V_10 ldc.i4.1 <null> stloc.s V_14 ldloc.s V_10 ldloc.s V_14 conv.r8 <null> call System.Double System.Math::Sin(System.Double) ldloc.s V_14 conv.r8 <null> call System.Double System.Math::Cos(System.Double) mul <null> add <null> stloc.s V_10 ldloc.s V_14 ldc.i4.1 <null> add.ovf <null> stloc.s V_14 ldloc.s V_14 ldc.i4 1000000 ble.s IL_00D4: ldloc.s V_10 call System.DateTime System.DateTime::get_Now() stloc.s V_8 ldc.i4 3000 stloc.s V_9 br.s IL_0131: call System.DateTime System.DateTime::get_Now() ldloc.s V_7 conv.r8 <null> call System.Double System.Math::Log(System.Double) ldloc.s V_7 conv.r8 <null> call System.Double System.Math::Exp(System.Double) add <null> stloc.s V_15 ldloc.s V_15 ldc.r8 50 rem <null> call System.Double System.Math::Round(System.Double) conv.ovf.i4 <null> stloc.s V_7 nop <null> call System.DateTime System.DateTime::get_Now() ldloc.s V_8 call System.TimeSpan System.DateTime::op_Subtraction(System.DateTime,System.DateTime) stloc.s V_13 ldloca.s V_13 call System.Double System.TimeSpan::get_TotalMilliseconds() ldloc.s V_9 conv.r8 <null> clt <null> stloc.s V_16 ldloc.s V_16 brtrue.s IL_0109: ldloc.s V_7 ldstr 595183056 call System.Void t1PAe8.k1DRy49::z0W4Lte(System.String) nop <null> leave.s IL_016E: nop dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.s V_17 nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_016E: nop nop <null> ret <null>
Module Name	xworn data enc
Full Name	xworn data enc
EntryPoint	System.Void t1PAe8.t2K5Jpd::s0N7Sxz()
Scope Name	xworn data enc
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	xworn data enc
Assembly Version	1.4.6.13
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.6
Total Strings	3094
Main Method	System.Void t1PAe8.t2K5Jpd::s0N7Sxz()
Main IL Instruction Count	132
Main IL	nop <null> nop <null> ldstr MjA= stloc.0 <null> ldstr MTA= stloc.1 <null> ldstr NA== stloc.2 <null> call System.Text.Encoding System.Text.Encoding::get_UTF8() ldloc.0 <null> call System.Byte[] System.Convert::FromBase64String(System.String) callvirt System.String System.Text.Encoding::GetString(System.Byte[]) call System.Int32 System.Convert::ToInt32(System.String) stloc.3 <null> call System.Text.Encoding System.Text.Encoding::get_UTF8() ldloc.1 <null> call System.Byte[] System.Convert::FromBase64String(System.String) callvirt System.String System.Text.Encoding::GetString(System.Byte[]) call System.Int32 System.Convert::ToInt32(System.String) stloc.s V_4 call System.Text.Encoding System.Text.Encoding::get_UTF8() ldloc.2 <null> call System.Byte[] System.Convert::FromBase64String(System.String) callvirt System.String System.Text.Encoding::GetString(System.Byte[]) call System.Int32 System.Convert::ToInt32(System.String) stloc.s V_5 ldloc.3 <null> ldloc.s V_4 mul.ovf <null> stloc.s V_6 ldloc.s V_6 ldloc.s V_5 add.ovf <null> stloc.s V_7 call System.DateTime System.DateTime::get_Now() stloc.s V_8 ldc.i4 2000 stloc.s V_9 br.s IL_00A6: call System.DateTime System.DateTime::get_Now() ldloc.s V_7 conv.r8 <null> call System.Double System.Math::Sqrt(System.Double) ldloc.s V_7 conv.r8 <null> ldc.r8 2 call System.Double System.Math::Pow(System.Double,System.Double) mul <null> stloc.s V_11 ldloc.s V_11 ldc.r8 100 rem <null> call System.Double System.Math::Round(System.Double) conv.ovf.i4 <null> stloc.s V_7 nop <null> call System.DateTime System.DateTime::get_Now() ldloc.s V_8 call System.TimeSpan System.DateTime::op_Subtraction(System.DateTime,System.DateTime) stloc.s V_13 ldloca.s V_13 call System.Double System.TimeSpan::get_TotalMilliseconds() ldloc.s V_9 conv.r8 <null> clt <null> stloc.s V_12 ldloc.s V_12 brtrue.s IL_0075: ldloc.s V_7 ldc.r8 0 stloc.s V_10 ldc.i4.1 <null> stloc.s V_14 ldloc.s V_10 ldloc.s V_14 conv.r8 <null> call System.Double System.Math::Sin(System.Double) ldloc.s V_14 conv.r8 <null> call System.Double System.Math::Cos(System.Double) mul <null> add <null> stloc.s V_10 ldloc.s V_14 ldc.i4.1 <null> add.ovf <null> stloc.s V_14 ldloc.s V_14 ldc.i4 1000000 ble.s IL_00D4: ldloc.s V_10 call System.DateTime System.DateTime::get_Now() stloc.s V_8 ldc.i4 3000 stloc.s V_9 br.s IL_0131: call System.DateTime System.DateTime::get_Now() ldloc.s V_7 conv.r8 <null> call System.Double System.Math::Log(System.Double) ldloc.s V_7 conv.r8 <null> call System.Double System.Math::Exp(System.Double) add <null> stloc.s V_15 ldloc.s V_15 ldc.r8 50 rem <null> call System.Double System.Math::Round(System.Double) conv.ovf.i4 <null> stloc.s V_7 nop <null> call System.DateTime System.DateTime::get_Now() ldloc.s V_8 call System.TimeSpan System.DateTime::op_Subtraction(System.DateTime,System.DateTime) stloc.s V_13 ldloca.s V_13 call System.Double System.TimeSpan::get_TotalMilliseconds() ldloc.s V_9 conv.r8 <null> clt <null> stloc.s V_16 ldloc.s V_16 brtrue.s IL_0109: ldloc.s V_7 ldstr 595183056 call System.Void t1PAe8.k1DRy49::z0W4Lte(System.String) nop <null> leave.s IL_016E: nop dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.s V_17 nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_016E: nop nop <null> ret <null>

Artefacts

Name0	Value
Embedded Resources	5
Suspicious Type Names (1-2 chars)	0

8d44f00f6a87e0bc15b5f244e3eda0c2 (822.78 KB)

8d44f00f6a87e0bc15b5f244e3eda0c2

PE Executable | MD5: 8d44f00f6a87e0bc15b5f244e3eda0c2 | Size: 822.78 KB | application/x-dosexec

PE Executable
|
MD5: 8d44f00f6a87e0bc15b5f244e3eda0c2
|
Size: 822.78 KB
|
application/x-dosexec