Suspicious
Suspect

a0e16f76f7d441ec8e2ef284b2d841e9

PE Executable
|
MD5: a0e16f76f7d441ec8e2ef284b2d841e9
|
Size: 1.84 MB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Medium

Hash
 Hash Value
MD5
a0e16f76f7d441ec8e2ef284b2d841e9
Sha1
bfcdce3ecc5da6a04c9fd4ae54fa67020c256b53
Sha256
b2d70004757350c572d2222eb6930eaa288ec0e7735715f802af9e32d8c60492
Sha384
57f71802990a276121ce8f279fd3ed53e2806da9c88cb69425b96b369c4fcc30e444825eb75e9362fc2e0f1590115d0d
Sha512
093c9efb16ae6df4abcfb45d634a2533c2dde7b34ea94b9e47ec7462aac02f29425350ea0c21c7a522cd54df090a8c9e3d8dcfa3cf3f493cfafe932ba6499f36
SSDeep
24576:vMz/puYMKkKYz/gibvsYZNOey6Y8yrPkdyGr7qG9J8dw5/hcYrp:+UVJciDsYjBDocdTqG9id0JRrp
TLSH
4185AC099AE41F53E2BA4736C4F39A847375A890FB5BE70B914434A60C963D25B433FB

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
a0e16f76f7d441ec8e2ef284b2d841e9
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
{71494d5c-2251-4f31-9805-1653e0fdab84}
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

4719363800.exe
Full Name

4719363800.exe
EntryPoint

System.Void .::()
Scope Name

4719363800.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

4719363800
Assembly Version

1.0.6938.1572
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

1232
Main Method

System.Void .::()
Main IL Instruction Count

58
Main IL

br IL_008B: newobj System.Void .::.ctor() br IL_0095: stloc.0 br.s IL_005C: ldloc.0 br.s IL_005F: callvirt System.String .::() brfalse.s IL_005A: leave.s IL_008A br.s IL_0066: ldloc.0 br.s IL_0069: call System.Type[] .::(.) ldsfld System.Func`2<System.Type,System.Boolean> ./:: dup <null> brtrue.s IL_0033: br.s IL_0070 pop <null> ldsfld ./ ./:: ldftn System.Boolean ./::(System.Type) newobj System.Void System.Func`2<System.Type,System.Boolean>::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Func`2<System.Type,System.Boolean> ./:: br.s IL_0070: call System.Collections.Generic.IEnumerable`1<System.Type> System.Linq.Enumerable::Where<System.Type>(System.Collections.Generic.IEnumerable`1<System.Type>,System.Func`2<System.Type,System.Boolean>) br.s IL_0077: stloc.1 br.s IL_007A: ldloc.1 call System.Int32 System.Linq.Enumerable::Count<System.Type>(System.Collections.Generic.IEnumerable`1<System.Type>) ldc.i4.0 <null> ble.s IL_005A: leave.s IL_008A ldloc.1 <null> call System.Type System.Linq.Enumerable::First<System.Type>(System.Collections.Generic.IEnumerable`1<System.Type>) ldstr iVmHBmCOp ldc.i4 256 ldnull <null> ldnull <null> ldnull <null> callvirt System.Object System.Type::InvokeMember(System.String,System.Reflection.BindingFlags,System.Reflection.Binder,System.Object,System.Object[]) pop <null> leave.s IL_008A: ret ldloc.0 <null> br.s IL_000C: br.s IL_005F callvirt System.String .::() br.s IL_000E: brfalse.s IL_005A ldloc.0 <null> br.s IL_0012: br.s IL_0069 call System.Type[] .::(.) br.s IL_0014: ldsfld System.Func`2<System.Type,System.Boolean> ./:: call System.Collections.Generic.IEnumerable`1<System.Type> System.Linq.Enumerable::Where<System.Type>(System.Collections.Generic.IEnumerable`1<System.Type>,System.Func`2<System.Type,System.Boolean>) br.s IL_0035: br.s IL_0077 stloc.1 <null> br.s IL_0037: br.s IL_007A ldloc.1 <null> br.s IL_0039: call System.Int32 System.Linq.Enumerable::Count<System.Type>(System.Collections.Generic.IEnumerable`1<System.Type>) ldloc.0 <null> brfalse.s IL_0086: ldc.i4.3 ldloc.0 <null> callvirt System.Void System.IDisposable::Dispose() ldc.i4.3 <null> brfalse.s IL_007D: ldloc.0 endfinally <null> ret <null> newobj System.Void .::.ctor() br IL_0005: br IL_0095 stloc.0 <null> br IL_000A: br.s IL_005C
Module Name

4719363800.exe
Full Name

4719363800.exe
EntryPoint

System.Void .::()
Scope Name

4719363800.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

4719363800
Assembly Version

1.0.6938.1572
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

1232
Main Method

System.Void .::()
Main IL Instruction Count

58
Main IL

br IL_008B: newobj System.Void .::.ctor() br IL_0095: stloc.0 br.s IL_005C: ldloc.0 br.s IL_005F: callvirt System.String .::() brfalse.s IL_005A: leave.s IL_008A br.s IL_0066: ldloc.0 br.s IL_0069: call System.Type[] .::(.) ldsfld System.Func`2<System.Type,System.Boolean> ./:: dup <null> brtrue.s IL_0033: br.s IL_0070 pop <null> ldsfld ./ ./:: ldftn System.Boolean ./::(System.Type) newobj System.Void System.Func`2<System.Type,System.Boolean>::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Func`2<System.Type,System.Boolean> ./:: br.s IL_0070: call System.Collections.Generic.IEnumerable`1<System.Type> System.Linq.Enumerable::Where<System.Type>(System.Collections.Generic.IEnumerable`1<System.Type>,System.Func`2<System.Type,System.Boolean>) br.s IL_0077: stloc.1 br.s IL_007A: ldloc.1 call System.Int32 System.Linq.Enumerable::Count<System.Type>(System.Collections.Generic.IEnumerable`1<System.Type>) ldc.i4.0 <null> ble.s IL_005A: leave.s IL_008A ldloc.1 <null> call System.Type System.Linq.Enumerable::First<System.Type>(System.Collections.Generic.IEnumerable`1<System.Type>) ldstr iVmHBmCOp ldc.i4 256 ldnull <null> ldnull <null> ldnull <null> callvirt System.Object System.Type::InvokeMember(System.String,System.Reflection.BindingFlags,System.Reflection.Binder,System.Object,System.Object[]) pop <null> leave.s IL_008A: ret ldloc.0 <null> br.s IL_000C: br.s IL_005F callvirt System.String .::() br.s IL_000E: brfalse.s IL_005A ldloc.0 <null> br.s IL_0012: br.s IL_0069 call System.Type[] .::(.) br.s IL_0014: ldsfld System.Func`2<System.Type,System.Boolean> ./:: call System.Collections.Generic.IEnumerable`1<System.Type> System.Linq.Enumerable::Where<System.Type>(System.Collections.Generic.IEnumerable`1<System.Type>,System.Func`2<System.Type,System.Boolean>) br.s IL_0035: br.s IL_0077 stloc.1 <null> br.s IL_0037: br.s IL_007A ldloc.1 <null> br.s IL_0039: call System.Int32 System.Linq.Enumerable::Count<System.Type>(System.Collections.Generic.IEnumerable`1<System.Type>) ldloc.0 <null> brfalse.s IL_0086: ldc.i4.3 ldloc.0 <null> callvirt System.Void System.IDisposable::Dispose() ldc.i4.3 <null> brfalse.s IL_007D: ldloc.0 endfinally <null> ret <null> newobj System.Void .::.ctor() br IL_0005: br IL_0095 stloc.0 <null> br IL_000A: br.s IL_005C
a0e16f76f7d441ec8e2ef284b2d841e9 (1.84 MB)
File Structure
a0e16f76f7d441ec8e2ef284b2d841e9
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
{71494d5c-2251-4f31-9805-1653e0fdab84}
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙