Suspicious
Suspect

DllLoader.ShellcodeLoader.dll

PE Executable
|
MD5: b0f04fc4783406f3c22702ed1a27e3dc
|
Size: 473.09 KB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very low

Hash
 Hash Value
MD5
b0f04fc4783406f3c22702ed1a27e3dc
Sha1
7583f9389e7e87c81fb761139b9b3f0a6dc410cd
Sha256
d5d9bd041870f0519c8a30e22e0e8626d48052058e23f7f078e3eae15acb6aae
Sha384
257ae20e8d99fff499ecb43ba2585071484c3b8d2587482b630ebe2626e93e0b2b37e3380e0cf94dd826ccb23ecf413b
Sha512
08cfe0e477a5c0deb309ceab35e17c083cf4c0c8d6b87933e2181c31b56105d87edc5dd5b73bf128ed894d66c1a0469c28b096be11343bf5ba4222d63297ae45
SSDeep
12288:yoIoLkq/s+veQ3kzchV0Vd0e0CwMAxU5SEIXWQwaw18i:ZrQgs+veQUzcD0VGCJAC5SEEwh18
TLSH
ABA4232267F241E1D160A13EED319596DF7071EA173C078F72BA89A61B233129B1D3F9

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
DllLoader.ShellcodeLoader.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
ShellcodeLoader.redline.bin
ShellcodeLoader.shellcode.bin
costura.costura.dll.compressed
costura.costura.dll
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
costura.costura.pdb.compressed
costura.costura.pdb
costura.metadata
Informations
Name
 Value
Module Name

ShellcodeLoader.dll
Full Name

ShellcodeLoader.dll
Scope Name

ShellcodeLoader.dll
Scope Type

ModuleDef
Kind

Dll
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

ShellcodeLoader
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.7.2
Total Strings

16
Main Method

Not found or no body
Module Name

ShellcodeLoader.dll
Full Name

ShellcodeLoader.dll
Scope Name

ShellcodeLoader.dll
Scope Type

ModuleDef
Kind

Dll
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

ShellcodeLoader
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.7.2
Total Strings

16
Main Method

Not found or no body
Artefacts
Name
 Value
PDB Path

D:\Crypter\C# SHellcode\Loader\obj\Debug\net472\ShellcodeLoader.pdb
PDB Path

C:\CI_WS\Ws\274459\Source\Costura_Fody\src\Costura\obj\Release\netstandard2.0\Costura.pdb
DllLoader.ShellcodeLoader.dll (473.09 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙