969505140165f0a33c192ad200916668

PE Executable
|
MD5: 969505140165f0a33c192ad200916668
|
Size: 2.46 MB
|
application/x-dosexec

Infection Chain

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	969505140165f0a33c192ad200916668
Sha1	127f8791920a925dab65790753f46a989e616d7c
Sha256	5c0214f5bd1cfff6cd9d5f23bebe3057d4e50e066e8b49ccd58454da71992c10
Sha384	9b863455c888b5c8c5b722a181169a5038bd29507c56282aa125ac07176602aaab2fe6e8d8135acc5ccc44efe21b9234
Sha512	eebf88563bf747575e0c1b8a1912b6862b9da35144e66f2222041eaf9734cb8c2d052e849f0f4356a8702fcf80e4c0df4cbcdbcdc0c2049bf2f9e756b9351e0c
SSDeep	24576:XojkK6GYj6PEoOARIeHklHfTZVsSc2ocF7ANKY+5cmwq8FqKaUdgWlJBVYf3W:hqIeQISclywX+5+qcqKa8efG
TLSH	F7B5198789C08AA4DD51E4B623B7CA4940E13B239A46B379CF3F25E31D4573EB5B82D4

PeID

.NET executable

Microsoft Visual C# / Basic .NET

Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL

Microsoft Visual C# v7.0 / Basic .NET

Microsoft Visual Studio .NET

File Structure

Informations

Name0	Value
Info	PE Detect: PeReader OK (file layout)
Module Name	Q 玉マ%6マ
Full Name	Q 玉マ%6マ
EntryPoint	System.Void 望dp瑞=瑞伝f _2l影立$9M望\|.命Ѫ科キ_通グ路伝谷{ 命テ$J;9$::††† †††††“(System.String[])
Scope Name	Q 玉マ%6マ
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	lkoWopihA2to7Be
Assembly Version	0.0.0.0
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	<null>
Total Strings	42
Main Method	System.Void 望dp瑞=瑞伝f _2l影立$9M望\|.命Ѫ科キ_通グ路伝谷{ 命テ$J;9$::††† †††††“(System.String[])
Main IL Instruction Count	19
Main IL	ldc.i4.0 <null> newarr System.Byte ldsfld ††† †††–Œ† ††† †††–Œ†::††† †††–Œ‡ call System.Reflection.Assembly ††† †††–Œ†::††† †††–‹ž(System.Byte[],††† †††–Œ†) pop <null> leave IL_0046: ret pop <null> ldsfld ††† †††–Œˆ ††† †††–Œˆ::††† †††–Œ‰ call System.Void ††† †††–Œˆ::††† †††–‹ž(††† †††–Œˆ) ldsfld System.Byte[] り!o<w大N$hO大ササt人8X6ϒ阪丹通ナN\|科:m6i鶐OG$GN命bD鶐::††† †††††› ldsfld System.Byte[] り!o<w大N$hO大ササt人8X6ϒ阪丹通ナN\|科:m6i鶐OG$GN命bD鶐::††† †††††œ ldsfld ††† †††–ŒŠ ††† †††–ŒŠ::††† †††–Œ‹ call System.Byte[] ††† †††–ŒŠ::††† †††–‹ž(System.Byte[],System.Byte[],††† †††–ŒŠ) stloc.0 <null> ldloc.0 <null> ldsfld ††† †††–ŒŒ ††† †††–ŒŒ::††† †††–Œ call System.Void ††† †††–ŒŒ::††† †††–‹ž(System.Byte[],††† †††–ŒŒ) leave IL_0046: ret ret <null>
Module Name	Q 玉マ%6マ
Full Name	Q 玉マ%6マ
EntryPoint	System.Void 望dp瑞=瑞伝f _2l影立$9M望\|.命Ѫ科キ_通グ路伝谷{ 命テ$J;9$::††† †††††“(System.String[])
Scope Name	Q 玉マ%6マ
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	lkoWopihA2to7Be
Assembly Version	0.0.0.0
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	<null>
Total Strings	42
Main Method	System.Void 望dp瑞=瑞伝f _2l影立$9M望\|.命Ѫ科キ_通グ路伝谷{ 命テ$J;9$::††† †††††“(System.String[])
Main IL Instruction Count	19
Main IL	ldc.i4.0 <null> newarr System.Byte ldsfld ††† †††–Œ† ††† †††–Œ†::††† †††–Œ‡ call System.Reflection.Assembly ††† †††–Œ†::††† †††–‹ž(System.Byte[],††† †††–Œ†) pop <null> leave IL_0046: ret pop <null> ldsfld ††† †††–Œˆ ††† †††–Œˆ::††† †††–Œ‰ call System.Void ††† †††–Œˆ::††† †††–‹ž(††† †††–Œˆ) ldsfld System.Byte[] り!o<w大N$hO大ササt人8X6ϒ阪丹通ナN\|科:m6i鶐OG$GN命bD鶐::††† †††††› ldsfld System.Byte[] り!o<w大N$hO大ササt人8X6ϒ阪丹通ナN\|科:m6i鶐OG$GN命bD鶐::††† †††††œ ldsfld ††† †††–ŒŠ ††† †††–ŒŠ::††† †††–Œ‹ call System.Byte[] ††† †††–ŒŠ::††† †††–‹ž(System.Byte[],System.Byte[],††† †††–ŒŠ) stloc.0 <null> ldloc.0 <null> ldsfld ††† †††–ŒŒ ††† †††–ŒŒ::††† †††–Œ call System.Void ††† †††–ŒŒ::††† †††–‹ž(System.Byte[],††† †††–ŒŒ) leave IL_0046: ret ret <null>

969505140165f0a33c192ad200916668 (2.46 MB)

969505140165f0a33c192ad200916668

PE Executable | MD5: 969505140165f0a33c192ad200916668 | Size: 2.46 MB | application/x-dosexec

PE Executable
|
MD5: 969505140165f0a33c192ad200916668
|
Size: 2.46 MB
|
application/x-dosexec