a7c223130a1bdbb4300a60fc8b10f3c1

PE Executable
|
MD5: a7c223130a1bdbb4300a60fc8b10f3c1
|
Size: 1.91 MB
|
application/x-dosexec

Infection Chain

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	a7c223130a1bdbb4300a60fc8b10f3c1
Sha1	d48f1b2f1676906cc0b729a4805cffe181afd69b
Sha256	a76551af52b38a25b869a868de5cd1b0490889c91849b9380403d78dac2c8e1d
Sha384	7d9512c17a92a9468c73a460f9f027ed0543f1a027c5741cd0e9e0f03b7468ba545f1ca45499a6549ae102af441a9eb3
Sha512	8916f23c5b6cc01b751ced5cb384ece54c9cccf0a8659755e1087f2367c186724ac1d8492fe1648b98ad8b38cf61d1b4ca1d64026d8c1eecab167d9e77556f06
SSDeep	49152:dnfDnRjkmZqKwbCDNaI+7iLocttyGUoY:dnrnpSb6iohty
TLSH	89957C07BBC7ABA3C2641776C5AB041C9374E5877713DE1A3A4A2B1E58C3BFA5E41123

PeID

.NET executable

Microsoft Visual C# / Basic .NET

Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL

Microsoft Visual C# v7.0 / Basic .NET

Microsoft Visual Studio .NET

File Structure

Informations

Name0	Value
Module Name	Bpotkwxcn.exe
Full Name	Bpotkwxcn.exe
EntryPoint	System.Void Bpotkwxcn.Controllers.GroupedController::ControlEditableController()
Scope Name	Bpotkwxcn.exe
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	Bpotkwxcn
Assembly Version	1.0.7754.10754
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.6
Total Strings	754
Main Method	System.Void Bpotkwxcn.Controllers.GroupedController::ControlEditableController()
Main IL Instruction Count	32
Main IL	ldc.i4 1 stloc V_0 br IL_000E: ldloc V_0 ldloc V_0 switch dnlib.DotNet.Emit.Instruction[] br IL_0059: ldsfld Bpotkwxcn.Controllers.GroupedController/<>c Bpotkwxcn.Controllers.GroupedController/<>c::m_GroupedLogger ret <null> ldsfld System.Action`1<System.IO.MemoryStream> Bpotkwxcn.Controllers.GroupedController/<>c::_AttachedTag dup <null> brfalse IL_0039: pop br IL_006F: call System.Void Bpotkwxcn.Controllers.GroupedController::ControlTransferableController(System.Action`1<System.IO.MemoryStream>) pop <null> ldc.i4 0 ldsfld <Module>{df973447-2985-4edc-88d3-5e292cf4d240} <Module>{df973447-2985-4edc-88d3-5e292cf4d240}::m_f9a80fa2aa9a4cd0a7bfcaad712d07c9 ldfld System.Int32 <Module>{df973447-2985-4edc-88d3-5e292cf4d240}::m_1f9ad7e256ab4878b04bf5256b3bd400 brfalse IL_0012: switch(IL_0059,IL_0029,IL_0028) pop <null> ldc.i4 0 br IL_0012: switch(IL_0059,IL_0029,IL_0028) ldsfld Bpotkwxcn.Controllers.GroupedController/<>c Bpotkwxcn.Controllers.GroupedController/<>c::m_GroupedLogger ldftn System.Void Bpotkwxcn.Controllers.GroupedController/<>c::MoveStub(System.IO.MemoryStream) newobj System.Void System.Action`1<System.IO.MemoryStream>::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Action`1<System.IO.MemoryStream> Bpotkwxcn.Controllers.GroupedController/<>c::_AttachedTag call System.Void Bpotkwxcn.Controllers.GroupedController::ControlTransferableController(System.Action`1<System.IO.MemoryStream>) ldc.i4 1 ldsfld <Module>{df973447-2985-4edc-88d3-5e292cf4d240} <Module>{df973447-2985-4edc-88d3-5e292cf4d240}::m_f9a80fa2aa9a4cd0a7bfcaad712d07c9 ldfld System.Int32 <Module>{df973447-2985-4edc-88d3-5e292cf4d240}::m_2238def2371c4d378a0e247a5c154360 brfalse IL_0012: switch(IL_0059,IL_0029,IL_0028) pop <null> ldc.i4 2 br IL_0012: switch(IL_0059,IL_0029,IL_0028)
Module Name	Bpotkwxcn.exe
Full Name	Bpotkwxcn.exe
EntryPoint	System.Void Bpotkwxcn.Controllers.GroupedController::ControlEditableController()
Scope Name	Bpotkwxcn.exe
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	Bpotkwxcn
Assembly Version	1.0.7754.10754
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.6
Total Strings	754
Main Method	System.Void Bpotkwxcn.Controllers.GroupedController::ControlEditableController()
Main IL Instruction Count	32
Main IL	ldc.i4 1 stloc V_0 br IL_000E: ldloc V_0 ldloc V_0 switch dnlib.DotNet.Emit.Instruction[] br IL_0059: ldsfld Bpotkwxcn.Controllers.GroupedController/<>c Bpotkwxcn.Controllers.GroupedController/<>c::m_GroupedLogger ret <null> ldsfld System.Action`1<System.IO.MemoryStream> Bpotkwxcn.Controllers.GroupedController/<>c::_AttachedTag dup <null> brfalse IL_0039: pop br IL_006F: call System.Void Bpotkwxcn.Controllers.GroupedController::ControlTransferableController(System.Action`1<System.IO.MemoryStream>) pop <null> ldc.i4 0 ldsfld <Module>{df973447-2985-4edc-88d3-5e292cf4d240} <Module>{df973447-2985-4edc-88d3-5e292cf4d240}::m_f9a80fa2aa9a4cd0a7bfcaad712d07c9 ldfld System.Int32 <Module>{df973447-2985-4edc-88d3-5e292cf4d240}::m_1f9ad7e256ab4878b04bf5256b3bd400 brfalse IL_0012: switch(IL_0059,IL_0029,IL_0028) pop <null> ldc.i4 0 br IL_0012: switch(IL_0059,IL_0029,IL_0028) ldsfld Bpotkwxcn.Controllers.GroupedController/<>c Bpotkwxcn.Controllers.GroupedController/<>c::m_GroupedLogger ldftn System.Void Bpotkwxcn.Controllers.GroupedController/<>c::MoveStub(System.IO.MemoryStream) newobj System.Void System.Action`1<System.IO.MemoryStream>::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Action`1<System.IO.MemoryStream> Bpotkwxcn.Controllers.GroupedController/<>c::_AttachedTag call System.Void Bpotkwxcn.Controllers.GroupedController::ControlTransferableController(System.Action`1<System.IO.MemoryStream>) ldc.i4 1 ldsfld <Module>{df973447-2985-4edc-88d3-5e292cf4d240} <Module>{df973447-2985-4edc-88d3-5e292cf4d240}::m_f9a80fa2aa9a4cd0a7bfcaad712d07c9 ldfld System.Int32 <Module>{df973447-2985-4edc-88d3-5e292cf4d240}::m_2238def2371c4d378a0e247a5c154360 brfalse IL_0012: switch(IL_0059,IL_0029,IL_0028) pop <null> ldc.i4 2 br IL_0012: switch(IL_0059,IL_0029,IL_0028)

a7c223130a1bdbb4300a60fc8b10f3c1 (1.91 MB)

File Structure

Characteristics

No malware configuration were found at this point.

You must be signed in to post a comment.

a7c223130a1bdbb4300a60fc8b10f3c1

PE Executable | MD5: a7c223130a1bdbb4300a60fc8b10f3c1 | Size: 1.91 MB | application/x-dosexec

PE Executable
|
MD5: a7c223130a1bdbb4300a60fc8b10f3c1
|
Size: 1.91 MB
|
application/x-dosexec