Malicious
Malicious

8d9f90eebdbd8dcbad25b2b584a7af13

PE Executable
|
MD5: 8d9f90eebdbd8dcbad25b2b584a7af13
|
Size: 1.7 MB
|
application/x-dosexec

Infection Chain
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very high

Hash
 Hash Value
MD5
8d9f90eebdbd8dcbad25b2b584a7af13
Sha1
070d69e429c081f3ab2b2f81cdb9248b21d4f73b
Sha256
6dcc2f68713b9fd65e7cbd3c987632b67f4db83a27f7c1a4fc7b16b07f7e5306
Sha384
02f1a47fc4135438adee741bc2f5e145a7e20b031df67473969453808102c23b850f97a2ff20821dd1aae3f15980a56d
Sha512
102ee723d4f6ddf7b8c55b1902347c567284ea5e559c2da6fe5f5500b7f18dcdf11b271dc5d88b65134fd550e5d99ca59de820d08e7bd875ce99e689bc588bcf
SSDeep
24576:F+hGpwOaoH4GkSyUZ4d41IZ42ULkxQRoejdbTUuGDa/2hAJ4SWPhZWfcXyLa8Xpb:sA7Hcd8y4X0Oo+vyh64/PhZWfUyB70r
TLSH
C4759C017E44CA11F0191333C3EF598897B4A9517AA6E32B7DBA376E65123A73C0D9CB

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
UPolyX 0.3 -> delikon
File Structure
8d9f90eebdbd8dcbad25b2b584a7af13
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
.Net Resources
Eijw5kjcgiWxFIVtn4.7N07ptLSSZXsFSAjIA
uiAmarX6ONQr5ocoLA.ZbW8fmMxRGf6nuqX8O
Informations
Name
 Value
Module Name

Vws5XGFq1pUopV
Full Name

Vws5XGFq1pUopV
EntryPoint

System.Void hDBJq39GXX7CgumF8W8.bsMX0l9RMIt2ufBR6WA::gOr8wx5Mx7()
Scope Name

Vws5XGFq1pUopV
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

vyx5P5a401zv
Assembly Version

1.7.5.5
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

63
Main Method

System.Void hDBJq39GXX7CgumF8W8.bsMX0l9RMIt2ufBR6WA::gOr8wx5Mx7()
Main IL Instruction Count

14
Main IL

br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull call System.Void cfaQdKTAtm17HmTARee.xHV7lpTdGdhJAiISMGy::kLjw4iIsCLsZtxc4lksN0j() nop <null> ldsfld System.Object hDBJq39GXX7CgumF8W8.bsMX0l9RMIt2ufBR6WA::ecY8UDH33p callvirt System.Void kbYVl59dbdy6rottuRl.NwPn0Y9mdk1d3I0H9Zx::lXhoIbTBiO() nop <null> ret <null>
Module Name

Vws5XGFq1pUopV
Full Name

Vws5XGFq1pUopV
EntryPoint

System.Void hDBJq39GXX7CgumF8W8.bsMX0l9RMIt2ufBR6WA::gOr8wx5Mx7()
Scope Name

Vws5XGFq1pUopV
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

vyx5P5a401zv
Assembly Version

1.7.5.5
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

63
Main Method

System.Void hDBJq39GXX7CgumF8W8.bsMX0l9RMIt2ufBR6WA::gOr8wx5Mx7()
Main IL Instruction Count

14
Main IL

br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull call System.Void cfaQdKTAtm17HmTARee.xHV7lpTdGdhJAiISMGy::kLjw4iIsCLsZtxc4lksN0j() nop <null> ldsfld System.Object hDBJq39GXX7CgumF8W8.bsMX0l9RMIt2ufBR6WA::ecY8UDH33p callvirt System.Void kbYVl59dbdy6rottuRl.NwPn0Y9mdk1d3I0H9Zx::lXhoIbTBiO() nop <null> ret <null>
8d9f90eebdbd8dcbad25b2b584a7af13 (1.7 MB)
File Structure
8d9f90eebdbd8dcbad25b2b584a7af13
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
.Net Resources
Eijw5kjcgiWxFIVtn4.7N07ptLSSZXsFSAjIA
uiAmarX6ONQr5ocoLA.ZbW8fmMxRGf6nuqX8O
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙