Malicious
Malicious

8f5ea11261122e563df25b1c4e031083

PE Executable
|
MD5: 8f5ea11261122e563df25b1c4e031083
|
Size: 848.38 KB
|
application/x-dosexec

Infection Chain
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very high

Hash
 Hash Value
MD5
8f5ea11261122e563df25b1c4e031083
Sha1
2d897d6e4b85fd967bf242dc5a517887f34f598d
Sha256
1110bbb4f9ffdfda6352d875a371fefeaee87a15af44d5ac9ac37d1a1baf0f19
Sha384
afdc6e6504339ac9d14fa3b687e6a2c59a64b7729565d260297d2a47ce4344ec5461fcab03951d08bbd44f7f65e8aa46
Sha512
75effbfd2a9be538c4dad91011622e7a763a74eb853101cec19f4d1780aa7aca9dbef79ae422d5647332e1fbe24562071cab30035f6ac7f9657d6391c73cfe5d
SSDeep
12288:T7dh6vpz7PAzuta0htITqam/roQuSV8xSWap016DbxISlKt:t+pfPA0a0wTqN/rebM016DdISUt
TLSH
7805F602BE44CE51F0195233C2EF495887B4AC5166E6E32B7DBA376E15123AB7C0D9CB

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
8f5ea11261122e563df25b1c4e031083
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
.Net Resources
TmTeLC9KaSwoMtoaMS.a6Lni3OM6Ws5W9EgnU
ifLOOpVeIkGTRqpKEB.75dvDJB6mKfxkQZPui
Informations
Name
 Value
Module Name

M6jGT9BPr2l5OhbuxOwBgAOP6d
Full Name

M6jGT9BPr2l5OhbuxOwBgAOP6d
EntryPoint

System.Void oUVcC52wBL5R1rL8gTN.WwoyVw2cCidwCLQx89O::dh3jB2DwMb()
Scope Name

M6jGT9BPr2l5OhbuxOwBgAOP6d
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

2Phl2eOcCY8kGePxFYLjwXFsKrNALrUJzQ
Assembly Version

1.9.1.2
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

63
Main Method

System.Void oUVcC52wBL5R1rL8gTN.WwoyVw2cCidwCLQx89O::dh3jB2DwMb()
Main IL Instruction Count

14
Main IL

br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull call System.Void PYiwOOjlf4FpV5On0lI.x1SvKsjDhf1YDgBSMfm::kLjw4iIsCLsZtxc4lksN0j() nop <null> ldsfld System.Object oUVcC52wBL5R1rL8gTN.WwoyVw2cCidwCLQx89O::q0LjudVUve callvirt System.Void zEyKxQ2DuCKpeGNQBgp.K81EQV2dLVfZkhYpCN4::aTkX9djsRt() nop <null> ret <null>
Module Name

M6jGT9BPr2l5OhbuxOwBgAOP6d
Full Name

M6jGT9BPr2l5OhbuxOwBgAOP6d
EntryPoint

System.Void oUVcC52wBL5R1rL8gTN.WwoyVw2cCidwCLQx89O::dh3jB2DwMb()
Scope Name

M6jGT9BPr2l5OhbuxOwBgAOP6d
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

2Phl2eOcCY8kGePxFYLjwXFsKrNALrUJzQ
Assembly Version

1.9.1.2
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

63
Main Method

System.Void oUVcC52wBL5R1rL8gTN.WwoyVw2cCidwCLQx89O::dh3jB2DwMb()
Main IL Instruction Count

14
Main IL

br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull call System.Void PYiwOOjlf4FpV5On0lI.x1SvKsjDhf1YDgBSMfm::kLjw4iIsCLsZtxc4lksN0j() nop <null> ldsfld System.Object oUVcC52wBL5R1rL8gTN.WwoyVw2cCidwCLQx89O::q0LjudVUve callvirt System.Void zEyKxQ2DuCKpeGNQBgp.K81EQV2dLVfZkhYpCN4::aTkX9djsRt() nop <null> ret <null>
8f5ea11261122e563df25b1c4e031083 (848.38 KB)
File Structure
8f5ea11261122e563df25b1c4e031083
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
.Net Resources
TmTeLC9KaSwoMtoaMS.a6Lni3OM6Ws5W9EgnU
ifLOOpVeIkGTRqpKEB.75dvDJB6mKfxkQZPui
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙