934606d0b471255b68f0028326316894

PE Executable
|
MD5: 934606d0b471255b68f0028326316894
|
Size: 685.06 KB
|
application/x-dosexec

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	934606d0b471255b68f0028326316894
Sha1	e2e1b2d922caac94aa960f5dce54c983365688a4
Sha256	fd55e57a095fc22e451fd7288ec7d450ab4d55a57a76adea5fd812175e127b8b
Sha384	808c757aa18c29c3874cb6d7d16c81df5d5303decc3a87557c4ca5d742b9a117301c5365f18516b36a9e95ff2b666934
Sha512	37afe3554a5aaebfc41dec825d27fd04bac65559a7a5668ccbe539a4dd153759a602cb06fb86d0d713dfe4624bd151d6c3df979cca6220ce6a22cb54202f99fc
SSDeep	12288:7zSQysRzG0g3zCbZlYfm5K8nizLQJwv+esJdzuVxf+:yiGB3zCllVkoav+HJdj
TLSH	20E4DF119E8B2F65D63F0B7CC0220094A3F1C887EBA6D7AB6FFD14F91972B44CA26551

PeID

.NET executable

Microsoft Visual C# / Basic .NET

Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL

Microsoft Visual C# v7.0 / Basic .NET

Microsoft Visual Studio .NET

File Structure

Informations

Name0	Value
Info	PE Detect: PeReader OK (file layout)
Module Name	wGr6Kj2nc
Full Name	wGr6Kj2nc
EntryPoint	System.Void 9bsNP2xmwrC1cQ.5oeBn7Zy/qo6WtBx0Q7icjR.8GypttM3L2ycfH::3asJPg8d()
Scope Name	wGr6Kj2nc
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	wGr6Kj2nc
Assembly Version	29.11.14.200
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.6
Total Strings	0
Main Method	System.Void 9bsNP2xmwrC1cQ.5oeBn7Zy/qo6WtBx0Q7icjR.8GypttM3L2ycfH::3asJPg8d()
Main IL Instruction Count	247
Main IL	ldc.i4.7 <null> stloc.s V_19 ldloc.s V_19 switch dnlib.DotNet.Emit.Instruction[] nop <null> newobj System.Void System.Windows.Forms.Form::.ctor() stloc.1 <null> ldc.i4.s 25 stloc.2 <null> ldc.i4 826790 box System.Int32 stloc.3 <null> ldsfld System.String 9bsNP2xmwrC1cQ.5oeBn7Zy::7WpxTro8fL5n stloc.s V_4 ldc.i4.6 <null> stloc.s V_19 br.s IL_0003: ldloc.s V_19 ldloc.s V_4 call System.String 9bsNP2xmwrC1cQ.5oeBn7Zy::Rjt3g0S(System.String) stloc.s V_5 ldloc.s V_5 call System.Byte[] 2oqJCc3e0.jFn5Ad1g2Nwi::Scs95xLjjp(System.String) ldloc.3 <null> call System.Int32 Microsoft.VisualBasic.CompilerServices.Conversions::ToInteger(System.Object) call System.Object 2oqJCc3e0.jFn5Ad1g2Nwi/ok9P1rQxjSw6.2gbHY1::8zyLC3j_1(System.Byte[],System.Int32) ldnull <null> nop <null> ldnull <null> ldc.i4.4 <null> ldc.i4.7 <null> ldc.i4 208859043 call System.String 4XirLdb2mF6xA1.Hf8rg9t/Yt5e4Qfe.az4LA5kg::2rpPiE0f(System.Reflection.Assembly,System.Int32,System.Int32,System.Int32) ldc.i4.0 <null> newarr System.Object ldnull <null> ldnull <null> ldnull <null> call System.Object Microsoft.VisualBasic.CompilerServices.NewLateBinding::LateGet(System.Object,System.Type,System.String,System.Object[],System.String[],System.Type[],System.Boolean[]) call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) stloc.s V_6 ldc.i4.1 <null> stloc.s V_19 br IL_0003: ldloc.s V_19 ldc.i4.3 <null> stloc.s V_7 ldc.i4.7 <null> stloc.0 <null> nop <null> ldloc.s V_7 ldc.i4.3 <null> ldsfld System.Int32[] sPn8Rd1d6TtxHk.E_w54Cnptx6::8ppQFd2f ldc.i4 456 ldsfld System.Int32[] sPn8Rd1d6TtxHk.E_w54Cnptx6::8ppQFd2f ldc.i4 456 ldelem.i4 <null> ldsfld System.Int32[] sPn8Rd1d6TtxHk.E_w54Cnptx6::8ppQFd2f ldc.i4 142 ldelem.i4 <null> xor <null> ldc.i4 184 and <null> stelem.i4 <null> beq.s IL_00DD: ldc.i4.2 ldc.i4.8 <null> stloc.s V_19 br IL_0003: ldloc.s V_19 ldc.i4.2 <null> br.s IL_00D6: stloc.s V_19 ldc.i4.s 9 stloc.s V_19 br IL_0003: ldloc.s V_19 nop <null> ldloc.s V_6 call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) stloc.s V_8 ldc.i4.s 9 stloc.s V_19 br IL_0003: ldloc.s V_19 nop <null> ldc.i4.s 9 stloc.0 <null> ldsfld System.String gYe5A4.k_7DL8yr1n/We8wd9Jaj.Ecb05XjkCqa2qA/8sqCj6Wc2F.pd8A4NbdXpb::pm3Fw7X nop <null> ldnull <null> ldc.i4.6 <null> ldc.i4.2 <null> ldc.i4 208859051 call System.String 4XirLdb2mF6xA1.Hf8rg9t/Yt5e4Qfe.az4LA5kg::2rpPiE0f(System.Reflection.Assembly,System.Int32,System.Int32,System.Int32) nop <null> ldc.i4 1956669144 ldnull <null> ldc.i4.s 12 ldc.i4.0 <null> call System.String 4XirLdb2mF6xA1.Hf8rg9t::dn3RPgz0gJ1pM9(System.Int32,System.String,System.Byte,System.Int32) callvirt System.String System.String::Replace(System.String,System.String) stloc.s V_9 ldc.i4.s 10 stloc.s V_19 br IL_0003: ldloc.s V_19 ldtoken System.Reflection.Assembly call System.Type System.Type::GetTypeFromHandle(System.RuntimeTypeHandle) call System.Reflection.MethodInfo[] System.Type::GetMethods() stloc.s V_10 ldc.i4.0 <null> stloc.s V_11 ldloc.s V_10 stloc.s V_12 ldc.i4.0 <null> stloc.s V_13 br IL_029C: ldloc.s V_13 ldloc.s V_12 ldloc.s V_13 ldelem.ref <null> stloc.s V_14 ldloc.s V_14 callvirt System.String System.Reflection.MemberInfo::get_Name() ldloc.s V_9 ldc.i4.0 <null> call System.Int32 Microsoft.VisualBasic.CompilerServices.Operators::CompareString(System.String,System.String,System.Boolean) ldc.i4.0 <null> ceq <null> stloc.s V_15 ldc.i4.5 <null> stloc.s V_19 br IL_0003: ldloc.s V_19 ldloc.s V_15 brfalse IL_028F: nop br.s IL_017E: ldc.i4.3 ldc.i4.3 <null> stloc.s V_21 ldloc.s V_21 switch dnlib.DotNet.Emit.Instruction[] br.s IL_01A6: nop nop <null> ldloc.s V_14 ldnull <null> ldc.i4.1 <null> newarr System.Object dup <null> ldc.i4.0 <null> ldloc.s V_8 stelem.ref <null> callvirt System.Object System.Reflection.MethodBase::Invoke(System.Object,System.Object[]) call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) stloc.s V_16 ldc.i4.4 <null> stloc.s V_21 br.s IL_0181: ldloc.s V_21 ldloc.s V_16 ldnull <null> nop <null> ldc.i4 1956669944 ldnull <null> ldc.i4.s 25 ldc.i4.1 <null> call System.String 4XirLdb2mF6xA1.Hf8rg9t::dn3RPgz0gJ1pM9(System.Int32,System.String,System.Byte,System.Int32) ldc.i4.0 <null> newarr System.Object ldnull <null> ldnull <null> ldnull <null> call System.Object Microsoft.VisualBasic.CompilerServices.NewLateBinding::LateGet(System.Object,System.Type,System.String,System.Object[],System.String[],System.Type[],System.Boolean[]) ldc.i4.1 <null> newarr System.Object dup <null> ldc.i4.0 <null> ldc.i4.s 25 box System.Int32 stelem.ref <null> ldnull <null> call System.Object Microsoft.VisualBasic.CompilerServices.NewLateBinding::LateIndexGet(System.Object,System.Object[],System.String[]) ldnull <null> nop <null> ldc.i4.2 <null> ldnull <null> ldnull <null> ldc.i4 1690166290 call System.String 4XirLdb2mF6xA1.Hf8rg9t::Gk2iz5sM4Zjksq(System.Int32,System.String,System.Reflection.Assembly,System.Int32) ldc.i4.0 <null> newarr System.Object ldnull <null> ldnull <null> ldnull <null> call System.Object Microsoft.VisualBasic.CompilerServices.NewLateBinding::LateGet(System.Object,System.Type,System.String,System.Object[],System.String[],System.Type[],System.Boolean[]) ldc.i4.1 <null> newarr System.Object dup <null> ldc.i4.0 <null> ldc.i4.0 <null> box System.Int32 stelem.ref <null> ldnull <null> call System.Object Microsoft.VisualBasic.CompilerServices.NewLateBinding::LateIndexGet(System.Object,System.Object[],System.String[]) call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) call System.Object 9bsNP2xmwrC1cQ.5oeBn7Zy/qo6WtBx0Q7icjR.8GypttM3L2ycfH::pHd64iMbK9(System.Object) pop <null> ldc.i4.0 <null> stloc.s V_21 br IL_0181: ldloc.s V_21 ldc.i4.1 <null> stloc.s V_11 leave IL_02B2: ldc.i4.4 br.s IL_024B: br.s IL_024D br.s IL_024D: call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_025A: br.s IL_025C br.s IL_025C: ldc.i4.2 ldc.i4.2 <null> stloc.s V_23 ldloc.s V_23 switch dnlib.DotNet.Emit.Instruction[] br.s IL_0288: nop nop <null> nop <null> ldc.i4.1 <null> stloc.s V_23 br.s IL_025F: ldloc.s V_23 nop <null> nop <null> ldloc.s V_13 ldc.i4.1 <null> add.ovf <null> stloc.s V_13 ldc.i4.5 <null> stloc.s V_23 br.s IL_025F: ldloc.s V_23 ldloc.s V_13 ldloc.s V_12 ldlen <null> conv.i4 <null> clt <null> stloc.s V_17 ldloc.s V_17 brtrue IL_0152: ldloc.s V_12 ldc.i4.7 <null> stloc.s V_23 br.s IL_025F: ldloc.s V_23 ldc.i4.4 <null> stloc.0 <null> ldc.i4.4 <null> stloc.0 <null> ret <null> ldtoken System.Void 9bsNP2xmwrC1cQ.5oeBn7Zy/qo6WtBx0Q7icjR.8GypttM3L2ycfH::3asJPg8d() pop <null> ret <null>
Module Name	wGr6Kj2nc
Full Name	wGr6Kj2nc
EntryPoint	System.Void 9bsNP2xmwrC1cQ.5oeBn7Zy/qo6WtBx0Q7icjR.8GypttM3L2ycfH::3asJPg8d()
Scope Name	wGr6Kj2nc
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	wGr6Kj2nc
Assembly Version	29.11.14.200
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.6
Total Strings	0
Main Method	System.Void 9bsNP2xmwrC1cQ.5oeBn7Zy/qo6WtBx0Q7icjR.8GypttM3L2ycfH::3asJPg8d()
Main IL Instruction Count	247
Main IL	ldc.i4.7 <null> stloc.s V_19 ldloc.s V_19 switch dnlib.DotNet.Emit.Instruction[] nop <null> newobj System.Void System.Windows.Forms.Form::.ctor() stloc.1 <null> ldc.i4.s 25 stloc.2 <null> ldc.i4 826790 box System.Int32 stloc.3 <null> ldsfld System.String 9bsNP2xmwrC1cQ.5oeBn7Zy::7WpxTro8fL5n stloc.s V_4 ldc.i4.6 <null> stloc.s V_19 br.s IL_0003: ldloc.s V_19 ldloc.s V_4 call System.String 9bsNP2xmwrC1cQ.5oeBn7Zy::Rjt3g0S(System.String) stloc.s V_5 ldloc.s V_5 call System.Byte[] 2oqJCc3e0.jFn5Ad1g2Nwi::Scs95xLjjp(System.String) ldloc.3 <null> call System.Int32 Microsoft.VisualBasic.CompilerServices.Conversions::ToInteger(System.Object) call System.Object 2oqJCc3e0.jFn5Ad1g2Nwi/ok9P1rQxjSw6.2gbHY1::8zyLC3j_1(System.Byte[],System.Int32) ldnull <null> nop <null> ldnull <null> ldc.i4.4 <null> ldc.i4.7 <null> ldc.i4 208859043 call System.String 4XirLdb2mF6xA1.Hf8rg9t/Yt5e4Qfe.az4LA5kg::2rpPiE0f(System.Reflection.Assembly,System.Int32,System.Int32,System.Int32) ldc.i4.0 <null> newarr System.Object ldnull <null> ldnull <null> ldnull <null> call System.Object Microsoft.VisualBasic.CompilerServices.NewLateBinding::LateGet(System.Object,System.Type,System.String,System.Object[],System.String[],System.Type[],System.Boolean[]) call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) stloc.s V_6 ldc.i4.1 <null> stloc.s V_19 br IL_0003: ldloc.s V_19 ldc.i4.3 <null> stloc.s V_7 ldc.i4.7 <null> stloc.0 <null> nop <null> ldloc.s V_7 ldc.i4.3 <null> ldsfld System.Int32[] sPn8Rd1d6TtxHk.E_w54Cnptx6::8ppQFd2f ldc.i4 456 ldsfld System.Int32[] sPn8Rd1d6TtxHk.E_w54Cnptx6::8ppQFd2f ldc.i4 456 ldelem.i4 <null> ldsfld System.Int32[] sPn8Rd1d6TtxHk.E_w54Cnptx6::8ppQFd2f ldc.i4 142 ldelem.i4 <null> xor <null> ldc.i4 184 and <null> stelem.i4 <null> beq.s IL_00DD: ldc.i4.2 ldc.i4.8 <null> stloc.s V_19 br IL_0003: ldloc.s V_19 ldc.i4.2 <null> br.s IL_00D6: stloc.s V_19 ldc.i4.s 9 stloc.s V_19 br IL_0003: ldloc.s V_19 nop <null> ldloc.s V_6 call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) stloc.s V_8 ldc.i4.s 9 stloc.s V_19 br IL_0003: ldloc.s V_19 nop <null> ldc.i4.s 9 stloc.0 <null> ldsfld System.String gYe5A4.k_7DL8yr1n/We8wd9Jaj.Ecb05XjkCqa2qA/8sqCj6Wc2F.pd8A4NbdXpb::pm3Fw7X nop <null> ldnull <null> ldc.i4.6 <null> ldc.i4.2 <null> ldc.i4 208859051 call System.String 4XirLdb2mF6xA1.Hf8rg9t/Yt5e4Qfe.az4LA5kg::2rpPiE0f(System.Reflection.Assembly,System.Int32,System.Int32,System.Int32) nop <null> ldc.i4 1956669144 ldnull <null> ldc.i4.s 12 ldc.i4.0 <null> call System.String 4XirLdb2mF6xA1.Hf8rg9t::dn3RPgz0gJ1pM9(System.Int32,System.String,System.Byte,System.Int32) callvirt System.String System.String::Replace(System.String,System.String) stloc.s V_9 ldc.i4.s 10 stloc.s V_19 br IL_0003: ldloc.s V_19 ldtoken System.Reflection.Assembly call System.Type System.Type::GetTypeFromHandle(System.RuntimeTypeHandle) call System.Reflection.MethodInfo[] System.Type::GetMethods() stloc.s V_10 ldc.i4.0 <null> stloc.s V_11 ldloc.s V_10 stloc.s V_12 ldc.i4.0 <null> stloc.s V_13 br IL_029C: ldloc.s V_13 ldloc.s V_12 ldloc.s V_13 ldelem.ref <null> stloc.s V_14 ldloc.s V_14 callvirt System.String System.Reflection.MemberInfo::get_Name() ldloc.s V_9 ldc.i4.0 <null> call System.Int32 Microsoft.VisualBasic.CompilerServices.Operators::CompareString(System.String,System.String,System.Boolean) ldc.i4.0 <null> ceq <null> stloc.s V_15 ldc.i4.5 <null> stloc.s V_19 br IL_0003: ldloc.s V_19 ldloc.s V_15 brfalse IL_028F: nop br.s IL_017E: ldc.i4.3 ldc.i4.3 <null> stloc.s V_21 ldloc.s V_21 switch dnlib.DotNet.Emit.Instruction[] br.s IL_01A6: nop nop <null> ldloc.s V_14 ldnull <null> ldc.i4.1 <null> newarr System.Object dup <null> ldc.i4.0 <null> ldloc.s V_8 stelem.ref <null> callvirt System.Object System.Reflection.MethodBase::Invoke(System.Object,System.Object[]) call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) stloc.s V_16 ldc.i4.4 <null> stloc.s V_21 br.s IL_0181: ldloc.s V_21 ldloc.s V_16 ldnull <null> nop <null> ldc.i4 1956669944 ldnull <null> ldc.i4.s 25 ldc.i4.1 <null> call System.String 4XirLdb2mF6xA1.Hf8rg9t::dn3RPgz0gJ1pM9(System.Int32,System.String,System.Byte,System.Int32) ldc.i4.0 <null> newarr System.Object ldnull <null> ldnull <null> ldnull <null> call System.Object Microsoft.VisualBasic.CompilerServices.NewLateBinding::LateGet(System.Object,System.Type,System.String,System.Object[],System.String[],System.Type[],System.Boolean[]) ldc.i4.1 <null> newarr System.Object dup <null> ldc.i4.0 <null> ldc.i4.s 25 box System.Int32 stelem.ref <null> ldnull <null> call System.Object Microsoft.VisualBasic.CompilerServices.NewLateBinding::LateIndexGet(System.Object,System.Object[],System.String[]) ldnull <null> nop <null> ldc.i4.2 <null> ldnull <null> ldnull <null> ldc.i4 1690166290 call System.String 4XirLdb2mF6xA1.Hf8rg9t::Gk2iz5sM4Zjksq(System.Int32,System.String,System.Reflection.Assembly,System.Int32) ldc.i4.0 <null> newarr System.Object ldnull <null> ldnull <null> ldnull <null> call System.Object Microsoft.VisualBasic.CompilerServices.NewLateBinding::LateGet(System.Object,System.Type,System.String,System.Object[],System.String[],System.Type[],System.Boolean[]) ldc.i4.1 <null> newarr System.Object dup <null> ldc.i4.0 <null> ldc.i4.0 <null> box System.Int32 stelem.ref <null> ldnull <null> call System.Object Microsoft.VisualBasic.CompilerServices.NewLateBinding::LateIndexGet(System.Object,System.Object[],System.String[]) call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) call System.Object 9bsNP2xmwrC1cQ.5oeBn7Zy/qo6WtBx0Q7icjR.8GypttM3L2ycfH::pHd64iMbK9(System.Object) pop <null> ldc.i4.0 <null> stloc.s V_21 br IL_0181: ldloc.s V_21 ldc.i4.1 <null> stloc.s V_11 leave IL_02B2: ldc.i4.4 br.s IL_024B: br.s IL_024D br.s IL_024D: call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_025A: br.s IL_025C br.s IL_025C: ldc.i4.2 ldc.i4.2 <null> stloc.s V_23 ldloc.s V_23 switch dnlib.DotNet.Emit.Instruction[] br.s IL_0288: nop nop <null> nop <null> ldc.i4.1 <null> stloc.s V_23 br.s IL_025F: ldloc.s V_23 nop <null> nop <null> ldloc.s V_13 ldc.i4.1 <null> add.ovf <null> stloc.s V_13 ldc.i4.5 <null> stloc.s V_23 br.s IL_025F: ldloc.s V_23 ldloc.s V_13 ldloc.s V_12 ldlen <null> conv.i4 <null> clt <null> stloc.s V_17 ldloc.s V_17 brtrue IL_0152: ldloc.s V_12 ldc.i4.7 <null> stloc.s V_23 br.s IL_025F: ldloc.s V_23 ldc.i4.4 <null> stloc.0 <null> ldc.i4.4 <null> stloc.0 <null> ret <null> ldtoken System.Void 9bsNP2xmwrC1cQ.5oeBn7Zy/qo6WtBx0Q7icjR.8GypttM3L2ycfH::3asJPg8d() pop <null> ret <null>

934606d0b471255b68f0028326316894 (685.06 KB)

File Structure

Characteristics

No malware configuration were found at this point.

You must be signed in to post a comment.

934606d0b471255b68f0028326316894

PE Executable | MD5: 934606d0b471255b68f0028326316894 | Size: 685.06 KB | application/x-dosexec

PE Executable
|
MD5: 934606d0b471255b68f0028326316894
|
Size: 685.06 KB
|
application/x-dosexec