a7ca27d3140d7d1c3fcf8437d1de595b

PE Executable
|
MD5: a7ca27d3140d7d1c3fcf8437d1de595b
|
Size: 1.42 MB
|
application/x-dosexec

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	a7ca27d3140d7d1c3fcf8437d1de595b
Sha1	3497783a96825f44e0c09656203b54194816c22a
Sha256	252f901a3845e643dece809eb44c4e379814f002310560501592aee538503bd1
Sha384	fc9655f0fe5473d1be19c20e8e6de894a6cb5e829aec002829b9cf0226a41495256ce7f3e5f999971a3580929f5f805f
Sha512	0e0632575d87888d16c4ab664e6e0e185bbf84de56b0cfa71432a6ac1bda030961f80459ca5a1b219ef0b37f039da5742894f26d1108625a5069228c04449d8a
SSDeep	24576:mdw55ptQrXpZufrN2NQhsfhktFfrb67Ms+yVhMQ8jxyZLQSqHeKmf0:mCKjpYZ2NQhsfKtFjZjyT8jxyJQSnZf0
TLSH	9D653336DBFD5251D6BF8D3129C7EFBB6B8C6B188D2FC09C788007C8A1765A1A1544B2

PeID

.NET executable

Microsoft Visual C# / Basic .NET

Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL

Microsoft Visual C# v7.0 / Basic .NET

Microsoft Visual Studio .NET

UPolyX 0.3 -> delikon

File Structure

Informations

Name0	Value
Info	PE Detect: PeReader OK (file layout)
Module Name	Purchase order 12906 - Metriplus.exe
Full Name	Purchase order 12906 - Metriplus.exe
EntryPoint	System.Void Dmuxuml.Dxmqfuoilzf::Main()
Scope Name	Purchase order 12906 - Metriplus.exe
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	Purchase order 12906 - Metriplus
Assembly Version	1.0.345.13756
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.6
Total Strings	6
Main Method	System.Void Dmuxuml.Dxmqfuoilzf::Main()
Main IL Instruction Count	11
Main IL	newobj System.Void Dmuxuml.Jkous::.ctor() call System.Byte[] Dmuxuml.Jkous::Cbagl() stloc.0 <null> newobj System.Void Dmuxuml.Imojyydei::.ctor() ldloc.0 <null> call System.Byte[] Dmuxuml.Imojyydei::Ionnkgxqjt(System.Byte[]) stloc.1 <null> newobj System.Void Dmuxuml.Fnnzxluh::.ctor() ldloc.1 <null> call System.Void Dmuxuml.Fnnzxluh::Gekmwbroba(System.Byte[]) ret <null>
Module Name	Purchase order 12906 - Metriplus.exe
Full Name	Purchase order 12906 - Metriplus.exe
EntryPoint	System.Void Dmuxuml.Dxmqfuoilzf::Main()
Scope Name	Purchase order 12906 - Metriplus.exe
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	Purchase order 12906 - Metriplus
Assembly Version	1.0.345.13756
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.6
Total Strings	6
Main Method	System.Void Dmuxuml.Dxmqfuoilzf::Main()
Main IL Instruction Count	11
Main IL	newobj System.Void Dmuxuml.Jkous::.ctor() call System.Byte[] Dmuxuml.Jkous::Cbagl() stloc.0 <null> newobj System.Void Dmuxuml.Imojyydei::.ctor() ldloc.0 <null> call System.Byte[] Dmuxuml.Imojyydei::Ionnkgxqjt(System.Byte[]) stloc.1 <null> newobj System.Void Dmuxuml.Fnnzxluh::.ctor() ldloc.1 <null> call System.Void Dmuxuml.Fnnzxluh::Gekmwbroba(System.Byte[]) ret <null>

a7ca27d3140d7d1c3fcf8437d1de595b (1.42 MB)

File Structure

Characteristics

No malware configuration were found at this point.

You must be signed in to post a comment.

a7ca27d3140d7d1c3fcf8437d1de595b

PE Executable | MD5: a7ca27d3140d7d1c3fcf8437d1de595b | Size: 1.42 MB | application/x-dosexec

PE Executable
|
MD5: a7ca27d3140d7d1c3fcf8437d1de595b
|
Size: 1.42 MB
|
application/x-dosexec