Symbol Obfuscation Score
|
Hash | Hash Value |
|---|---|
| MD5 | a94766fcd2059a2cca8e7a5e33b3fc4b
|
| Sha1 | 001e608eb2188b9627e51d4fce1a6bc2bbf6d932
|
| Sha256 | de797c324f42e610eeb38d74e0c21bbf1f010691c7883c0a2cec7869c85086d5
|
| Sha384 | 5e0097f7c26865592b62b7f0e4e621d5466966ee06987b4e188b077bda6768598beb46e5cb032267f87d237f461e8cf0
|
| Sha512 | dc7eecaef7cb33ac2ba10fe5158312a5e3f259425a515cdfd0abbdf566001dd70878010a6548d79796d1a9c68447e6891ceb89cffd62786da67cd49e06154fe6
|
| SSDeep | 12288:YwqvkvPSlb8gTGPL/t2RRyjQr/c3nK4GQtOCSd/LKmyW28V3atuG6JNlXy:rqvkSl+Pb8Dyj6eK+OL52aK6l
|
| TLSH | AD25D0A776538F21C14A1377C0CF8980A3B99765B1B3E30F758513E219463EECE0A6A7
|
PeID
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Module Name | Cpnmfpedxbr.exe |
| Full Name | Cpnmfpedxbr.exe |
| EntryPoint | System.Void tq8RdvtRNpq9MxMP6f.VgbCfS8VASO4nD00Rx::mYWux4YNp() |
| Scope Name | Cpnmfpedxbr.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Cpnmfpedxbr |
| Assembly Version | 1.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.0 |
| Total Strings | 43 |
| Main Method | System.Void tq8RdvtRNpq9MxMP6f.VgbCfS8VASO4nD00Rx::mYWux4YNp() |
| Main IL Instruction Count | 58 |
| Main IL | ldc.i4 1 stloc V_2 ldloc V_2 switch dnlib.DotNet.Emit.Instruction[] ldloc V_2 ldc.i4 989 beq IL_0009: ldloc V_2 br IL_002D: nop nop <null> newobj System.Void Iirl70wvfCC72Ry1mP.CEMphBBjMRBEahuOBb::.ctor() ldsfld ykhGtW7uW0RuTeQ867q ykhGtW7uW0RuTeQ867q::O7Q7yX2TQJ call System.Boolean ykhGtW7uW0RuTeQ867q::REa7791A9q(System.Object,ykhGtW7uW0RuTeQ867q) brtrue IL_0095: leave IL_010C ldc.i4 0 ldsfld <Module>{f6d20844-c9a6-4da5-8b25-af491211448b} <Module>{f6d20844-c9a6-4da5-8b25-af491211448b}::m_b2907f6703724f4fb09e6144708fe4dd ldfld System.Int32 <Module>{f6d20844-c9a6-4da5-8b25-af491211448b}::m_d2fd8235e44a448ba0ab26fd42b41168 brfalse IL_0073: switch(IL_008F) pop <null> ldc.i4 1 br IL_0073: switch(IL_008F) br IL_006F: ldloc V_1 ldc.i4 0 stloc V_1 ldloc V_1 switch dnlib.DotNet.Emit.Instruction[] ldloc V_1 ldc.i4 988 beq IL_006F: ldloc V_1 br IL_008F: newobj System.Void System.InvalidOperationException::.ctor() newobj System.Void System.InvalidOperationException::.ctor() throw <null> leave IL_010C: ret pop <null> ldc.i4 0 ldsfld <Module>{f6d20844-c9a6-4da5-8b25-af491211448b} <Module>{f6d20844-c9a6-4da5-8b25-af491211448b}::m_b2907f6703724f4fb09e6144708fe4dd ldfld System.Int32 <Module>{f6d20844-c9a6-4da5-8b25-af491211448b}::m_de357a069e98497b87b6b9058b1101da brtrue IL_00CC: switch(IL_00E8) pop <null> ldc.i4 3 br IL_00CC: switch(IL_00E8) br IL_00C8: ldloc V_0 ldc.i4 0 stloc V_0 ldloc V_0 switch dnlib.DotNet.Emit.Instruction[] ldloc V_0 ldc.i4 988 beq IL_00C8: ldloc V_0 br IL_00E8: leave IL_010C leave IL_010C: ret ldc.i4 0 ldsfld <Module>{f6d20844-c9a6-4da5-8b25-af491211448b} <Module>{f6d20844-c9a6-4da5-8b25-af491211448b}::m_b2907f6703724f4fb09e6144708fe4dd ldfld System.Int32 <Module>{f6d20844-c9a6-4da5-8b25-af491211448b}::m_5b41935d9e5344c9b6503f0cde69e9df brtrue IL_000D: switch(IL_010C,IL_002D) pop <null> ldc.i4 6 br IL_000D: switch(IL_010C,IL_002D) ret <null> |
| Module Name | Cpnmfpedxbr.exe |
| Full Name | Cpnmfpedxbr.exe |
| EntryPoint | System.Void tq8RdvtRNpq9MxMP6f.VgbCfS8VASO4nD00Rx::mYWux4YNp() |
| Scope Name | Cpnmfpedxbr.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Cpnmfpedxbr |
| Assembly Version | 1.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.0 |
| Total Strings | 43 |
| Main Method | System.Void tq8RdvtRNpq9MxMP6f.VgbCfS8VASO4nD00Rx::mYWux4YNp() |
| Main IL Instruction Count | 58 |
| Main IL | ldc.i4 1 stloc V_2 ldloc V_2 switch dnlib.DotNet.Emit.Instruction[] ldloc V_2 ldc.i4 989 beq IL_0009: ldloc V_2 br IL_002D: nop nop <null> newobj System.Void Iirl70wvfCC72Ry1mP.CEMphBBjMRBEahuOBb::.ctor() ldsfld ykhGtW7uW0RuTeQ867q ykhGtW7uW0RuTeQ867q::O7Q7yX2TQJ call System.Boolean ykhGtW7uW0RuTeQ867q::REa7791A9q(System.Object,ykhGtW7uW0RuTeQ867q) brtrue IL_0095: leave IL_010C ldc.i4 0 ldsfld <Module>{f6d20844-c9a6-4da5-8b25-af491211448b} <Module>{f6d20844-c9a6-4da5-8b25-af491211448b}::m_b2907f6703724f4fb09e6144708fe4dd ldfld System.Int32 <Module>{f6d20844-c9a6-4da5-8b25-af491211448b}::m_d2fd8235e44a448ba0ab26fd42b41168 brfalse IL_0073: switch(IL_008F) pop <null> ldc.i4 1 br IL_0073: switch(IL_008F) br IL_006F: ldloc V_1 ldc.i4 0 stloc V_1 ldloc V_1 switch dnlib.DotNet.Emit.Instruction[] ldloc V_1 ldc.i4 988 beq IL_006F: ldloc V_1 br IL_008F: newobj System.Void System.InvalidOperationException::.ctor() newobj System.Void System.InvalidOperationException::.ctor() throw <null> leave IL_010C: ret pop <null> ldc.i4 0 ldsfld <Module>{f6d20844-c9a6-4da5-8b25-af491211448b} <Module>{f6d20844-c9a6-4da5-8b25-af491211448b}::m_b2907f6703724f4fb09e6144708fe4dd ldfld System.Int32 <Module>{f6d20844-c9a6-4da5-8b25-af491211448b}::m_de357a069e98497b87b6b9058b1101da brtrue IL_00CC: switch(IL_00E8) pop <null> ldc.i4 3 br IL_00CC: switch(IL_00E8) br IL_00C8: ldloc V_0 ldc.i4 0 stloc V_0 ldloc V_0 switch dnlib.DotNet.Emit.Instruction[] ldloc V_0 ldc.i4 988 beq IL_00C8: ldloc V_0 br IL_00E8: leave IL_010C leave IL_010C: ret ldc.i4 0 ldsfld <Module>{f6d20844-c9a6-4da5-8b25-af491211448b} <Module>{f6d20844-c9a6-4da5-8b25-af491211448b}::m_b2907f6703724f4fb09e6144708fe4dd ldfld System.Int32 <Module>{f6d20844-c9a6-4da5-8b25-af491211448b}::m_5b41935d9e5344c9b6503f0cde69e9df brtrue IL_000D: switch(IL_010C,IL_002D) pop <null> ldc.i4 6 br IL_000D: switch(IL_010C,IL_002D) ret <null> |