Malicious
Malicious

930985e6f9f330ac8d3998a7b1d271c0

PE Executable
|
MD5: 930985e6f9f330ac8d3998a7b1d271c0
|
Size: 2.41 MB
|
application/x-dosexec

Infection Chain
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
930985e6f9f330ac8d3998a7b1d271c0
Sha1
86fc4f84d4e0c723a430454bc9519d2bc9abc538
Sha256
c428a3d32085008a396db06460612f02bca60056502f484a8968a6e126454213
Sha384
310fe5c7739aa330ee4d1eb3725f2679318bc36bcf0883d2f808dd75fc252404f06c49a1dd1e9416a7624190c4810945
Sha512
10e046c9699132d652785b386dc8ee0a8760b53b9a1f6ffcc527d148371f6ab8abc717aeb9245bc870f433adc70038bb35fa971ebd1df6b4ac302303025de4fe
SSDeep
49152:m70/+XIDePUEhvmZ9cA8ldpJ/bkn8JGT4KHU+RxX5NcTMT2:mxXIDnEc0/CT4izyMq
TLSH
3FB5CF417E44CA12F02A1633D2EF59588BB09C8166A6F32B7DBE376D05123977C4DACB

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual C++ v6.0 DLL
Microsoft Visual Studio .NET
UPolyX 0.3 -> delikon
File Structure
930985e6f9f330ac8d3998a7b1d271c0
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
Informations
Name
 Value
Module Name

mxCcToTw7HS0T76dKogXSrgR
Full Name

mxCcToTw7HS0T76dKogXSrgR
EntryPoint

System.Void DLUjEETqFplf8hWTgyE.X3UfZHT7RUvOjcO0e6f::eR7bfpUcQv()
Scope Name

mxCcToTw7HS0T76dKogXSrgR
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

VMgNorhz
Assembly Version

0.2.2.8
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

63
Main Method

System.Void DLUjEETqFplf8hWTgyE.X3UfZHT7RUvOjcO0e6f::eR7bfpUcQv()
Main IL Instruction Count

14
Main IL

br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull call System.Void OE9vp4b2ObaKO7n0SjR.zQEbn0beNkt4NO2sc8i::kLjw4iIsCLsZtxc4lksN0j() nop <null> ldsfld System.Object DLUjEETqFplf8hWTgyE.X3UfZHT7RUvOjcO0e6f::zAKbDaVH6q callvirt System.Void Jpjq6NTe2xFhOb6Ns1v.rEe6gNTtbu4AkOXw1Ih::sdmF8gHdIm() nop <null> ret <null>
Module Name

mxCcToTw7HS0T76dKogXSrgR
Full Name

mxCcToTw7HS0T76dKogXSrgR
EntryPoint

System.Void DLUjEETqFplf8hWTgyE.X3UfZHT7RUvOjcO0e6f::eR7bfpUcQv()
Scope Name

mxCcToTw7HS0T76dKogXSrgR
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

VMgNorhz
Assembly Version

0.2.2.8
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

63
Main Method

System.Void DLUjEETqFplf8hWTgyE.X3UfZHT7RUvOjcO0e6f::eR7bfpUcQv()
Main IL Instruction Count

14
Main IL

br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull call System.Void OE9vp4b2ObaKO7n0SjR.zQEbn0beNkt4NO2sc8i::kLjw4iIsCLsZtxc4lksN0j() nop <null> ldsfld System.Object DLUjEETqFplf8hWTgyE.X3UfZHT7RUvOjcO0e6f::zAKbDaVH6q callvirt System.Void Jpjq6NTe2xFhOb6Ns1v.rEe6gNTtbu4AkOXw1Ih::sdmF8gHdIm() nop <null> ret <null>
Artefacts
Name
 Value
Embedded Resources

2
Suspicious Type Names (1-2 chars)

0
930985e6f9f330ac8d3998a7b1d271c0 (2.41 MB)
File Structure
930985e6f9f330ac8d3998a7b1d271c0
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
Characteristics
No malware configuration were found at this point.
Artefacts
Name
 Value Location
Embedded Resources

2

930985e6f9f330ac8d3998a7b1d271c0
Suspicious Type Names (1-2 chars)

0

930985e6f9f330ac8d3998a7b1d271c0
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙