a288cf285d8fa2653eb42a8b916580dd

PE Executable
|
MD5: a288cf285d8fa2653eb42a8b916580dd
|
Size: 1.45 MB
|
application/x-dosexec

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	a288cf285d8fa2653eb42a8b916580dd
Sha1	f9c54cc8a469d6fd4623524476647e1ba76d0dcb
Sha256	b561a4d88cd5aba92e21211019fb4400377993a0e98f655da2ba6c8698021f19
Sha384	e6d147da2f576f78bdd8c551795155dc874578411b81e90da102a62f1fe9844bfe62e17335d127ac4af0571d25ab6ea9
Sha512	e57848d809c207056d84fa8bee9c97fbcf0fd23933b745808bda6077f02f9164bd14f8d80c0e8bcee04ca1688e0d8385fc2c0f45d3c24fe35a332865fd9e4c03
SSDeep	24576:mC7X7l02e2rN8zgwgD7bBC1xmDWIdvsZSwU1pu9QdGUPTn9fizOSNZRDN0N01:JlJdrNQVgrgx+Rfw8pu2GUPT9OOqXN0W
TLSH	12653391D7CF6429C43884FB125317C284C9E86CE18679642FCD6A776C263DA278CFB6

PeID

.NET executable

Microsoft Visual C# / Basic .NET

Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL

Microsoft Visual C# v7.0 / Basic .NET

Microsoft Visual Studio .NET

File Structure

Informations

Name0	Value
Info	PE Detect: PeReader OK (file layout)
Module Name	INQ-N046687-08-2025-AR10386-PR1048506-ITM_PDF.exe
Full Name	INQ-N046687-08-2025-AR10386-PR1048506-ITM_PDF.exe
EntryPoint	System.Void Pjjjpncbo.Mclnnwuckc::Main()
Scope Name	INQ-N046687-08-2025-AR10386-PR1048506-ITM_PDF.exe
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	INQ-N046687-08-2025-AR10386-PR1048506-ITM_PDF
Assembly Version	1.0.4369.14857
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.6
Total Strings	6
Main Method	System.Void Pjjjpncbo.Mclnnwuckc::Main()
Main IL Instruction Count	11
Main IL	ldsfld System.Action`1<System.IO.MemoryStream> Pjjjpncbo.Mclnnwuckc/<>c::<>9__0_0 dup <null> brtrue IL_0022: call System.Void Pjjjpncbo.Mclnnwuckc::Hotfqczw(System.Action`1<System.IO.MemoryStream>) pop <null> ldsfld Pjjjpncbo.Mclnnwuckc/<>c Pjjjpncbo.Mclnnwuckc/<>c::<>9 ldftn System.Void Pjjjpncbo.Mclnnwuckc/<>c::<Main>b__0_0(System.IO.MemoryStream) newobj System.Void System.Action`1<System.IO.MemoryStream>::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Action`1<System.IO.MemoryStream> Pjjjpncbo.Mclnnwuckc/<>c::<>9__0_0 call System.Void Pjjjpncbo.Mclnnwuckc::Hotfqczw(System.Action`1<System.IO.MemoryStream>) ret <null>
Module Name	INQ-N046687-08-2025-AR10386-PR1048506-ITM_PDF.exe
Full Name	INQ-N046687-08-2025-AR10386-PR1048506-ITM_PDF.exe
EntryPoint	System.Void Pjjjpncbo.Mclnnwuckc::Main()
Scope Name	INQ-N046687-08-2025-AR10386-PR1048506-ITM_PDF.exe
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	INQ-N046687-08-2025-AR10386-PR1048506-ITM_PDF
Assembly Version	1.0.4369.14857
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.6
Total Strings	6
Main Method	System.Void Pjjjpncbo.Mclnnwuckc::Main()
Main IL Instruction Count	11
Main IL	ldsfld System.Action`1<System.IO.MemoryStream> Pjjjpncbo.Mclnnwuckc/<>c::<>9__0_0 dup <null> brtrue IL_0022: call System.Void Pjjjpncbo.Mclnnwuckc::Hotfqczw(System.Action`1<System.IO.MemoryStream>) pop <null> ldsfld Pjjjpncbo.Mclnnwuckc/<>c Pjjjpncbo.Mclnnwuckc/<>c::<>9 ldftn System.Void Pjjjpncbo.Mclnnwuckc/<>c::<Main>b__0_0(System.IO.MemoryStream) newobj System.Void System.Action`1<System.IO.MemoryStream>::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Action`1<System.IO.MemoryStream> Pjjjpncbo.Mclnnwuckc/<>c::<>9__0_0 call System.Void Pjjjpncbo.Mclnnwuckc::Hotfqczw(System.Action`1<System.IO.MemoryStream>) ret <null>

a288cf285d8fa2653eb42a8b916580dd (1.45 MB)

File Structure

Characteristics

No malware configuration were found at this point.

You must be signed in to post a comment.

a288cf285d8fa2653eb42a8b916580dd

PE Executable | MD5: a288cf285d8fa2653eb42a8b916580dd | Size: 1.45 MB | application/x-dosexec

PE Executable
|
MD5: a288cf285d8fa2653eb42a8b916580dd
|
Size: 1.45 MB
|
application/x-dosexec