Symbol Ofbuscation Score
|
Hash | Hash Value |
|---|---|
| MD5 | 92880046dfc43c7b6a826f7dc75c46fb
|
| Sha1 | 922efbcf8358eebe544cc26be73a1aa578695c81
|
| Sha256 | 229ab1e2e26233e8c60b8a14c2a163ba0f64720abbee4aaf34d99b9cc59f8171
|
| Sha384 | 62e0fdd93d2b50f1e4175aa0e4cc679e71068a47837e51176e996ac76ee9aabb377247a528803dd491107125be1ddf4e
|
| Sha512 | 31848369865414e69678110e773663fef1f5e8d92f602f27db3488718df7f41063cdc51e3f6f3b28da8548f31bee40ad3e00d51d4042c7ec6a90cc96423aec7e
|
| SSDeep | 12288:7zM3Sm8g4h6kfxvy4dsuTdvDHQSNPksnsVtb5mxD/lcNwrSaW:nMpSxvy6rDHQQPUN0uN4
|
| TLSH | 68C42328B31FDB41D0A050BBD6AF3B69C7AD94036DD64623EA1CFF424123329DB25B59
|
PeID
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Module Name | Vnzihz.exe |
| Full Name | Vnzihz.exe |
| EntryPoint | System.Void Vnzihz.Beeenydmih::Main() |
| Scope Name | Vnzihz.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Vnzihz |
| Assembly Version | 1.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.0 |
| Total Strings | 5 |
| Main Method | System.Void Vnzihz.Beeenydmih::Main() |
| Main IL Instruction Count | 71 |
| Main IL | br IL_0006: nop ret <null> nop <null> call System.Byte[] Vnzihz.Beeenydmih::FDahBalk5() call System.Reflection.Assembly System.Reflection.Assembly::Load(System.Byte[]) callvirt System.Type[] System.Reflection.Assembly::GetExportedTypes() stloc.s V_3 br IL_00A7: ldc.i4.0 br IL_002B: ldloc V_0 ldc.i4 0 stloc V_0 ldloc V_0 switch dnlib.DotNet.Emit.Instruction[] ldloc V_0 ldc.i4 990 beq IL_002B: ldloc V_0 br IL_0077: nop br IL_00E0: ldloc.s V_1 ldc.i4 1 ldsfld <Module>{5c510dee-d845-4e48-9812-37e5f298a879} <Module>{5c510dee-d845-4e48-9812-37e5f298a879}::m_16978257e919416bb0686c0302e60465 ldfld System.Int32 <Module>{5c510dee-d845-4e48-9812-37e5f298a879}::m_3de121f520d84306b9db5809dec524a5 brfalse IL_002F: switch(IL_0077,IL_00AF,IL_00F5) pop <null> ldc.i4 1 br IL_002F: switch(IL_0077,IL_00AF,IL_00F5) nop <null> ldloc.s V_2 ldstr YvQhkLMVN ldc.i4 256 ldnull <null> ldnull <null> ldnull <null> callvirt System.Object System.Type::InvokeMember(System.String,System.Reflection.BindingFlags,System.Reflection.Binder,System.Object,System.Object[]) pop <null> br IL_0092: leave IL_00D5 leave IL_00D5: ldloc.s V_1 pop <null> br IL_009D: leave IL_00D5 leave IL_00D5: ldloc.s V_1 br IL_00D5: ldloc.s V_1 ldc.i4.0 <null> stloc.s V_1 br IL_0053: br IL_00E0 ldloc.s V_3 ldloc.s V_1 ldelem.ref <null> stloc.s V_2 ldc.i4 0 ldsfld <Module>{5c510dee-d845-4e48-9812-37e5f298a879} <Module>{5c510dee-d845-4e48-9812-37e5f298a879}::m_16978257e919416bb0686c0302e60465 ldfld System.Int32 <Module>{5c510dee-d845-4e48-9812-37e5f298a879}::m_431e5fa1afa2413d91547996fb9d8b8c brtrue IL_002F: switch(IL_0077,IL_00AF,IL_00F5) pop <null> ldc.i4 8 br IL_002F: switch(IL_0077,IL_00AF,IL_00F5) ldloc.s V_1 ldc.i4.1 <null> add <null> stloc.s V_1 br IL_00E0: ldloc.s V_1 ldloc.s V_1 ldloc.s V_3 ldlen <null> conv.i4 <null> blt IL_00AF: ldloc.s V_3 ldc.i4 2 br IL_0027: stloc V_0 leave IL_0005: ret pop <null> br IL_0100: leave IL_0005 leave IL_0005: ret br IL_0005: ret |
| Module Name | Vnzihz.exe |
| Full Name | Vnzihz.exe |
| EntryPoint | System.Void Vnzihz.Beeenydmih::Main() |
| Scope Name | Vnzihz.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Vnzihz |
| Assembly Version | 1.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.0 |
| Total Strings | 5 |
| Main Method | System.Void Vnzihz.Beeenydmih::Main() |
| Main IL Instruction Count | 71 |
| Main IL | br IL_0006: nop ret <null> nop <null> call System.Byte[] Vnzihz.Beeenydmih::FDahBalk5() call System.Reflection.Assembly System.Reflection.Assembly::Load(System.Byte[]) callvirt System.Type[] System.Reflection.Assembly::GetExportedTypes() stloc.s V_3 br IL_00A7: ldc.i4.0 br IL_002B: ldloc V_0 ldc.i4 0 stloc V_0 ldloc V_0 switch dnlib.DotNet.Emit.Instruction[] ldloc V_0 ldc.i4 990 beq IL_002B: ldloc V_0 br IL_0077: nop br IL_00E0: ldloc.s V_1 ldc.i4 1 ldsfld <Module>{5c510dee-d845-4e48-9812-37e5f298a879} <Module>{5c510dee-d845-4e48-9812-37e5f298a879}::m_16978257e919416bb0686c0302e60465 ldfld System.Int32 <Module>{5c510dee-d845-4e48-9812-37e5f298a879}::m_3de121f520d84306b9db5809dec524a5 brfalse IL_002F: switch(IL_0077,IL_00AF,IL_00F5) pop <null> ldc.i4 1 br IL_002F: switch(IL_0077,IL_00AF,IL_00F5) nop <null> ldloc.s V_2 ldstr YvQhkLMVN ldc.i4 256 ldnull <null> ldnull <null> ldnull <null> callvirt System.Object System.Type::InvokeMember(System.String,System.Reflection.BindingFlags,System.Reflection.Binder,System.Object,System.Object[]) pop <null> br IL_0092: leave IL_00D5 leave IL_00D5: ldloc.s V_1 pop <null> br IL_009D: leave IL_00D5 leave IL_00D5: ldloc.s V_1 br IL_00D5: ldloc.s V_1 ldc.i4.0 <null> stloc.s V_1 br IL_0053: br IL_00E0 ldloc.s V_3 ldloc.s V_1 ldelem.ref <null> stloc.s V_2 ldc.i4 0 ldsfld <Module>{5c510dee-d845-4e48-9812-37e5f298a879} <Module>{5c510dee-d845-4e48-9812-37e5f298a879}::m_16978257e919416bb0686c0302e60465 ldfld System.Int32 <Module>{5c510dee-d845-4e48-9812-37e5f298a879}::m_431e5fa1afa2413d91547996fb9d8b8c brtrue IL_002F: switch(IL_0077,IL_00AF,IL_00F5) pop <null> ldc.i4 8 br IL_002F: switch(IL_0077,IL_00AF,IL_00F5) ldloc.s V_1 ldc.i4.1 <null> add <null> stloc.s V_1 br IL_00E0: ldloc.s V_1 ldloc.s V_1 ldloc.s V_3 ldlen <null> conv.i4 <null> blt IL_00AF: ldloc.s V_3 ldc.i4 2 br IL_0027: stloc V_0 leave IL_0005: ret pop <null> br IL_0100: leave IL_0005 leave IL_0005: ret br IL_0005: ret |