Suspicious
Suspect

a46be3481300165f487b1c266eae5f63

PE Executable
|
MD5: a46be3481300165f487b1c266eae5f63
|
Size: 72.7 KB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very high

Hash
 Hash Value
MD5
a46be3481300165f487b1c266eae5f63
Sha1
d9a36397f0806fdfd077f23ba166ab2c30bd741d
Sha256
49de2c0ea488dd89b705c9ed19a78b5f27749a05ca652934df207a999007e1cb
Sha384
705291016179699dacccb326b6d29e59ce116f1e554f468b44120deda72cb890f32475d1d466d14205151f8c388f4c84
Sha512
ef328ca70c49d9b0adee26707d432e9bcbc7d69b8ca156c0d59602112c5b6d90f139820968c05a7e671761cf9e6e07ecf49f289a557c687900b70e4470a005bd
SSDeep
1536:SI9LzYgR64J9FTRuQJnbM6HnEHIPuCTd+br4Dh+FXu0NgUksOlbf/ZT:SWEk64XNTB9gQB+bEYXu0NTpOZf/1
TLSH
A2638D1877E9412AE1FFAFF05DE67642DA79F2236403D21F24D9428B2613A89CD017F6

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
a46be3481300165f487b1c266eae5f63
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
Informations
Name
 Value
Module Name

XWormClientMM.exe
Full Name

XWormClientMM.exe
EntryPoint

System.Void Stub.rFJRM4zaTqoBZUzpZukgQnDq3cg5cK::wsqn7SEuUhfMBKwXS9jXmFhbiizxZG()
Scope Name

XWormClientMM.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

XWormClientMM
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

<null>
Total Strings

292
Main Method

System.Void Stub.rFJRM4zaTqoBZUzpZukgQnDq3cg5cK::wsqn7SEuUhfMBKwXS9jXmFhbiizxZG()
Main IL Instruction Count

63
Main IL

ldsfld System.Int32 t35orJFiiyoTssIqPaDD8H4mU2jolh::wwai6X4RQmCZ2h5wiUfWYSzvWxadTJ ldc.i4 1000 mul.ovf <null> call System.Void System.Threading.Thread::Sleep(System.Int32) ldsfld System.String t35orJFiiyoTssIqPaDD8H4mU2jolh::ZMarg7s3lvP7Yzut5ky4W9HbijNoVX call System.Object Stub.TVGHlq4WprBkvmQf6lRPC0::3xeF9GqnMljJ6Ye5muRWDH(System.String) call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) stsfld System.String t35orJFiiyoTssIqPaDD8H4mU2jolh::ZMarg7s3lvP7Yzut5ky4W9HbijNoVX ldsfld System.String t35orJFiiyoTssIqPaDD8H4mU2jolh::Qnk9MIeUbAkSesM732odyVO2LWKX2X call System.Object Stub.TVGHlq4WprBkvmQf6lRPC0::3xeF9GqnMljJ6Ye5muRWDH(System.String) call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) stsfld System.String t35orJFiiyoTssIqPaDD8H4mU2jolh::Qnk9MIeUbAkSesM732odyVO2LWKX2X ldsfld System.String t35orJFiiyoTssIqPaDD8H4mU2jolh::D9ITMKTN1hDDQIo4FEeqMmFAyLjkA3 call System.Object Stub.TVGHlq4WprBkvmQf6lRPC0::3xeF9GqnMljJ6Ye5muRWDH(System.String) call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) stsfld System.String t35orJFiiyoTssIqPaDD8H4mU2jolh::D9ITMKTN1hDDQIo4FEeqMmFAyLjkA3 ldsfld System.String t35orJFiiyoTssIqPaDD8H4mU2jolh::0CjGlU2DVzO2SZU7boFbGm1osC1JGR call System.Object Stub.TVGHlq4WprBkvmQf6lRPC0::3xeF9GqnMljJ6Ye5muRWDH(System.String) call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) stsfld System.String t35orJFiiyoTssIqPaDD8H4mU2jolh::0CjGlU2DVzO2SZU7boFbGm1osC1JGR ldsfld System.String t35orJFiiyoTssIqPaDD8H4mU2jolh::jILMDOkrMbhOJeWQ8ipxhqWogDw7xw call System.Object Stub.TVGHlq4WprBkvmQf6lRPC0::3xeF9GqnMljJ6Ye5muRWDH(System.String) call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) stsfld System.String t35orJFiiyoTssIqPaDD8H4mU2jolh::jILMDOkrMbhOJeWQ8ipxhqWogDw7xw ldsfld System.String t35orJFiiyoTssIqPaDD8H4mU2jolh::mPyfeCSoLx0mH8PildiMYM292zhFIY call System.Object Stub.TVGHlq4WprBkvmQf6lRPC0::3xeF9GqnMljJ6Ye5muRWDH(System.String) call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) stsfld System.String t35orJFiiyoTssIqPaDD8H4mU2jolh::mPyfeCSoLx0mH8PildiMYM292zhFIY leave.s IL_009E: call System.Boolean Stub.WWv5HUCsb2f1rdK7agvfSn::N2rcZrguzQEVNyv723qTc1() dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.2 <null> ldc.i4.0 <null> call System.Void System.Environment::Exit(System.Int32) call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_009E: call System.Boolean Stub.WWv5HUCsb2f1rdK7agvfSn::N2rcZrguzQEVNyv723qTc1() call System.Boolean Stub.WWv5HUCsb2f1rdK7agvfSn::N2rcZrguzQEVNyv723qTc1() brtrue.s IL_00AB: call System.Void Stub.WWv5HUCsb2f1rdK7agvfSn::vlNrPsvXzGZGm2CtwNb0th() ldc.i4.0 <null> call System.Void System.Environment::Exit(System.Int32) call System.Void Stub.WWv5HUCsb2f1rdK7agvfSn::vlNrPsvXzGZGm2CtwNb0th() ldnull <null> ldftn System.Void Stub.rFJRM4zaTqoBZUzpZukgQnDq3cg5cK::9JmDJ58Gv2yiBM8oQuUfyoWNFFO5YR() newobj System.Void System.Threading.ThreadStart::.ctor(System.Object,System.IntPtr) newobj System.Void System.Threading.Thread::.ctor(System.Threading.ThreadStart) callvirt System.Void System.Threading.Thread::Start() ldnull <null> ldftn System.Void Stub.rFJRM4zaTqoBZUzpZukgQnDq3cg5cK::UfgnRl2hT1m6MVOGevjtactvqqz6MM() newobj System.Void System.Threading.ThreadStart::.ctor(System.Object,System.IntPtr) newobj System.Void System.Threading.Thread::.ctor(System.Threading.ThreadStart) stloc.0 <null> ldnull <null> ldftn System.Void Stub.rFJRM4zaTqoBZUzpZukgQnDq3cg5cK::k8psMx26KBEWC6yBHJnrR9oZXaAV7M() newobj System.Void System.Threading.ThreadStart::.ctor(System.Object,System.IntPtr) newobj System.Void System.Threading.Thread::.ctor(System.Threading.ThreadStart) stloc.1 <null> ldloc.0 <null> callvirt System.Void System.Threading.Thread::Start() ldloc.1 <null> callvirt System.Void System.Threading.Thread::Start() ldloc.1 <null> callvirt System.Void System.Threading.Thread::Join() ret <null>
Module Name

XWormClientMM.exe
Full Name

XWormClientMM.exe
EntryPoint

System.Void Stub.rFJRM4zaTqoBZUzpZukgQnDq3cg5cK::wsqn7SEuUhfMBKwXS9jXmFhbiizxZG()
Scope Name

XWormClientMM.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

XWormClientMM
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

<null>
Total Strings

292
Main Method

System.Void Stub.rFJRM4zaTqoBZUzpZukgQnDq3cg5cK::wsqn7SEuUhfMBKwXS9jXmFhbiizxZG()
Main IL Instruction Count

63
Main IL

ldsfld System.Int32 t35orJFiiyoTssIqPaDD8H4mU2jolh::wwai6X4RQmCZ2h5wiUfWYSzvWxadTJ ldc.i4 1000 mul.ovf <null> call System.Void System.Threading.Thread::Sleep(System.Int32) ldsfld System.String t35orJFiiyoTssIqPaDD8H4mU2jolh::ZMarg7s3lvP7Yzut5ky4W9HbijNoVX call System.Object Stub.TVGHlq4WprBkvmQf6lRPC0::3xeF9GqnMljJ6Ye5muRWDH(System.String) call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) stsfld System.String t35orJFiiyoTssIqPaDD8H4mU2jolh::ZMarg7s3lvP7Yzut5ky4W9HbijNoVX ldsfld System.String t35orJFiiyoTssIqPaDD8H4mU2jolh::Qnk9MIeUbAkSesM732odyVO2LWKX2X call System.Object Stub.TVGHlq4WprBkvmQf6lRPC0::3xeF9GqnMljJ6Ye5muRWDH(System.String) call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) stsfld System.String t35orJFiiyoTssIqPaDD8H4mU2jolh::Qnk9MIeUbAkSesM732odyVO2LWKX2X ldsfld System.String t35orJFiiyoTssIqPaDD8H4mU2jolh::D9ITMKTN1hDDQIo4FEeqMmFAyLjkA3 call System.Object Stub.TVGHlq4WprBkvmQf6lRPC0::3xeF9GqnMljJ6Ye5muRWDH(System.String) call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) stsfld System.String t35orJFiiyoTssIqPaDD8H4mU2jolh::D9ITMKTN1hDDQIo4FEeqMmFAyLjkA3 ldsfld System.String t35orJFiiyoTssIqPaDD8H4mU2jolh::0CjGlU2DVzO2SZU7boFbGm1osC1JGR call System.Object Stub.TVGHlq4WprBkvmQf6lRPC0::3xeF9GqnMljJ6Ye5muRWDH(System.String) call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) stsfld System.String t35orJFiiyoTssIqPaDD8H4mU2jolh::0CjGlU2DVzO2SZU7boFbGm1osC1JGR ldsfld System.String t35orJFiiyoTssIqPaDD8H4mU2jolh::jILMDOkrMbhOJeWQ8ipxhqWogDw7xw call System.Object Stub.TVGHlq4WprBkvmQf6lRPC0::3xeF9GqnMljJ6Ye5muRWDH(System.String) call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) stsfld System.String t35orJFiiyoTssIqPaDD8H4mU2jolh::jILMDOkrMbhOJeWQ8ipxhqWogDw7xw ldsfld System.String t35orJFiiyoTssIqPaDD8H4mU2jolh::mPyfeCSoLx0mH8PildiMYM292zhFIY call System.Object Stub.TVGHlq4WprBkvmQf6lRPC0::3xeF9GqnMljJ6Ye5muRWDH(System.String) call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) stsfld System.String t35orJFiiyoTssIqPaDD8H4mU2jolh::mPyfeCSoLx0mH8PildiMYM292zhFIY leave.s IL_009E: call System.Boolean Stub.WWv5HUCsb2f1rdK7agvfSn::N2rcZrguzQEVNyv723qTc1() dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.2 <null> ldc.i4.0 <null> call System.Void System.Environment::Exit(System.Int32) call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_009E: call System.Boolean Stub.WWv5HUCsb2f1rdK7agvfSn::N2rcZrguzQEVNyv723qTc1() call System.Boolean Stub.WWv5HUCsb2f1rdK7agvfSn::N2rcZrguzQEVNyv723qTc1() brtrue.s IL_00AB: call System.Void Stub.WWv5HUCsb2f1rdK7agvfSn::vlNrPsvXzGZGm2CtwNb0th() ldc.i4.0 <null> call System.Void System.Environment::Exit(System.Int32) call System.Void Stub.WWv5HUCsb2f1rdK7agvfSn::vlNrPsvXzGZGm2CtwNb0th() ldnull <null> ldftn System.Void Stub.rFJRM4zaTqoBZUzpZukgQnDq3cg5cK::9JmDJ58Gv2yiBM8oQuUfyoWNFFO5YR() newobj System.Void System.Threading.ThreadStart::.ctor(System.Object,System.IntPtr) newobj System.Void System.Threading.Thread::.ctor(System.Threading.ThreadStart) callvirt System.Void System.Threading.Thread::Start() ldnull <null> ldftn System.Void Stub.rFJRM4zaTqoBZUzpZukgQnDq3cg5cK::UfgnRl2hT1m6MVOGevjtactvqqz6MM() newobj System.Void System.Threading.ThreadStart::.ctor(System.Object,System.IntPtr) newobj System.Void System.Threading.Thread::.ctor(System.Threading.ThreadStart) stloc.0 <null> ldnull <null> ldftn System.Void Stub.rFJRM4zaTqoBZUzpZukgQnDq3cg5cK::k8psMx26KBEWC6yBHJnrR9oZXaAV7M() newobj System.Void System.Threading.ThreadStart::.ctor(System.Object,System.IntPtr) newobj System.Void System.Threading.Thread::.ctor(System.Threading.ThreadStart) stloc.1 <null> ldloc.0 <null> callvirt System.Void System.Threading.Thread::Start() ldloc.1 <null> callvirt System.Void System.Threading.Thread::Start() ldloc.1 <null> callvirt System.Void System.Threading.Thread::Join() ret <null>
a46be3481300165f487b1c266eae5f63 (72.7 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙