9d82b9408af99a97511ce4f40b04b176
PE Executable | MD5: 9d82b9408af99a97511ce4f40b04b176 | Size: 33.28 KB | application/x-dosexec
Symbol Ofbuscation Score
|
Hash | Hash Value |
|---|---|
| MD5 | 9d82b9408af99a97511ce4f40b04b176
|
| Sha1 | 95e1dcebb2fb42e2059c99e242fc131951178d4a
|
| Sha256 | 6a3ebc7e04c827188054cf16dc7a3b1546355a3e6cbd67352be4ddb34f0ff3dd
|
| Sha384 | a989ceb7ab3bade95b288476e0b1effc10f96c4959aa7610146b66ed1e91b370bde7a0c8e71cacd5f0c7a3fb2dab81b3
|
| Sha512 | 4df983663bde6bb9b7d50ebb59bf9f671611006589b0715dd8650566037b971b5ec27d50d754aef758801d32dc146c94be6181488f315ada7c5268a4bdfbcb4c
|
| SSDeep | 768:g9oyGH/UUxIZ6Ft0FPEIlMdm2lqGIOGBLW:g6jxxlI0m2Yrk
|
| TLSH | 75E20A0073E8872BC1AE0B7D59F253804B71AA569421EB9D6CE871EE1DF77804601BEB
|
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Info | PDB Path: C:\Users\Izoly\Desktop\NebulaRun\NebulaRun\obj\Release\NebulaRun.pdb |
| Module Name | NebulaRun.exe |
| Full Name | NebulaRun.exe |
| EntryPoint | System.Void NebulaRun.Program::Main() |
| Scope Name | NebulaRun.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | NebulaRun |
| Assembly Version | 1.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.7.2 |
| Total Strings | 84 |
| Main Method | System.Void NebulaRun.Program::Main() |
| Main IL Instruction Count | 39 |
| Main IL | call System.AppDomain System.AppDomain::get_CurrentDomain() ldsfld System.ResolveEventHandler NebulaRun.Program/<>c::<>9__0_0 dup <null> brtrue.s IL_0024: callvirt System.Void System.AppDomain::add_AssemblyResolve(System.ResolveEventHandler) pop <null> ldsfld NebulaRun.Program/<>c NebulaRun.Program/<>c::<>9 ldftn System.Reflection.Assembly NebulaRun.Program/<>c::<Main>b__0_0(System.Object,System.ResolveEventArgs) newobj System.Void System.ResolveEventHandler::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.ResolveEventHandler NebulaRun.Program/<>c::<>9__0_0 callvirt System.Void System.AppDomain::add_AssemblyResolve(System.ResolveEventHandler) call System.Void NebulaRun.Nbl::EncryptAll() ldnull <null> ldftn System.Threading.Tasks.Task NebulaRun.Program::LoopUsbSpread() newobj System.Void System.Func`1<System.Threading.Tasks.Task>::.ctor(System.Object,System.IntPtr) call System.Threading.Tasks.Task System.Threading.Tasks.Task::Run(System.Func`1<System.Threading.Tasks.Task>) pop <null> ldnull <null> ldftn System.Threading.Tasks.Task NebulaRun.Program::LoopLANSpread() newobj System.Void System.Func`1<System.Threading.Tasks.Task>::.ctor(System.Object,System.IntPtr) call System.Threading.Tasks.Task System.Threading.Tasks.Task::Run(System.Func`1<System.Threading.Tasks.Task>) pop <null> ldc.i4 4000 call System.Threading.Tasks.Task System.Threading.Tasks.Task::Delay(System.Int32) pop <null> call System.String NebulaRun.Nbl::GetBase64Key() call System.String NebulaRun.Nbl::GetBase64IV() call System.String NebulaRun.Nbl::get_VictimCode() call System.Threading.Tasks.Task NebulaRun.Send::SendKeyAndIvAsync(System.String,System.String,System.String) callvirt System.Runtime.CompilerServices.TaskAwaiter System.Threading.Tasks.Task::GetAwaiter() stloc.0 <null> ldloca.s V_0 call System.Void System.Runtime.CompilerServices.TaskAwaiter::GetResult() call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) newobj System.Void NebulaRun.Nbl::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null> |