Suspicious
Suspect

ae37b31573aa83cd136d37186f8268f8

PE Executable
|
MD5: ae37b31573aa83cd136d37186f8268f8
|
Size: 1 MB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very high

Hash
 Hash Value
MD5
ae37b31573aa83cd136d37186f8268f8
Sha1
6940d3b6a0fc44f18f043c6fd299f7091d9a1c88
Sha256
40349b175d406c91e9ff816243f1906196d98b894e107687369d63f85a8f8224
Sha384
84319c38ceb4980515c05970672384826962933318569e73a0113e35cd6a50cc706f64b0c3b58ef49fe4c708f1d684a5
Sha512
aeee648cb3263843fe25eeff9b39d913f25bb5ea7a6bc974796b9f434ffed83d2dff86bb696ff024021bcc38623e8519b69a98a5a956ba357e7c7892bc511168
SSDeep
24576:rnwqb8u/FTwf623PVDKHP5NFJZvRw2mpNiMR:rnwqbRbKiNDZvR78f
TLSH
842523FA42B559E5DCC9877C908AC5C466B4878BF97EC285ECD211D1BC133A3CA0B399

PeID

Microsoft Visual C++ DLL
Microsoft Visual C++ v6.0
File Structure
ae37b31573aa83cd136d37186f8268f8
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rsrc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
Wjlur.Properties.Resources.resources
Gdleyhomea
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

Dbkpdlmgsa.exe
Full Name

Dbkpdlmgsa.exe
EntryPoint

System.Void Wjlur.Iterators.IteratorMonitor::MatchIterator()
Scope Name

Dbkpdlmgsa.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Dbkpdlmgsa
Assembly Version

1.0.7883.20476
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

6
Main Method

System.Void Wjlur.Iterators.IteratorMonitor::MatchIterator()
Main IL Instruction Count

44
Main IL

ldc.i4 1 stloc V_2 br IL_000E: ldloc V_2 ldloc V_2 switch dnlib.DotNet.Emit.Instruction[] br IL_0024: ret ret <null> nop <null> newobj System.Void Dbkpdlmgsa.Tracking.SystemVerifier::.ctor() ldstr b+iss6uHoGGM9wq9OlUV3A== ldstr kOyNzIqPDLs= ldstr IbfZoddcBkLJlA9iqQ.u0LboQ6XePL99m6x20 ldstr PmBTqQpYK callvirt System.Void Dbkpdlmgsa.Tracking.SystemVerifier::MonitorIterableTracker(System.String,System.String,System.String,System.String) ldc.i4 0 ldsfld <Module>{21b88c3e-e8de-4bfd-a7f0-caca013318e3} <Module>{21b88c3e-e8de-4bfd-a7f0-caca013318e3}::m_f0f496ca480c439aa12ee29355c435cd ldfld System.Int32 <Module>{21b88c3e-e8de-4bfd-a7f0-caca013318e3}::m_8ac93273dfad4992a8697c3fa05a3041 brtrue IL_0067: switch(IL_0075) pop <null> ldc.i4 0 br IL_0067: switch(IL_0075) ldloc V_0 switch dnlib.DotNet.Emit.Instruction[] br IL_0075: leave IL_0024 leave IL_0024: ret pop <null> ldc.i4 0 ldsfld <Module>{21b88c3e-e8de-4bfd-a7f0-caca013318e3} <Module>{21b88c3e-e8de-4bfd-a7f0-caca013318e3}::m_f0f496ca480c439aa12ee29355c435cd ldfld System.Int32 <Module>{21b88c3e-e8de-4bfd-a7f0-caca013318e3}::m_8296296d90fb4b8a8e5762eafa4de2fd brfalse IL_009E: switch(IL_00AC) pop <null> ldc.i4 0 br IL_009E: switch(IL_00AC) ldloc V_1 switch dnlib.DotNet.Emit.Instruction[] br IL_00AC: leave IL_0024 leave IL_0024: ret ldc.i4 0 ldsfld <Module>{21b88c3e-e8de-4bfd-a7f0-caca013318e3} <Module>{21b88c3e-e8de-4bfd-a7f0-caca013318e3}::m_f0f496ca480c439aa12ee29355c435cd ldfld System.Int32 <Module>{21b88c3e-e8de-4bfd-a7f0-caca013318e3}::m_840b0f30a6e845b5af6ed79eb8e870ce brfalse IL_0012: switch(IL_0024,IL_0025) pop <null> ldc.i4 0 br IL_0012: switch(IL_0024,IL_0025)
ae37b31573aa83cd136d37186f8268f8 (1 MB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙