Suspicious
Suspect

b24aa2d5cdef270f7111a55dd4192e7e

PE Executable
|
MD5: b24aa2d5cdef270f7111a55dd4192e7e
|
Size: 585.22 KB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Medium

Hash
 Hash Value
MD5
b24aa2d5cdef270f7111a55dd4192e7e
Sha1
7e8e7ffa151c9bbab7a96d13570594459dfa2906
Sha256
e4e1ec8baef2430e8cf82822870eca7c105987cdc674f4c7de670300ea6914cb
Sha384
bd932e0f344c60e1f45530d42c2612c70f79d1f6532c7c5ee1630ac45c5708470604e4d3190da143579c8134c2d852b7
Sha512
1011a01554c783e39eb3b31ec36eaf620468024dc678ffc84aa4642f3dec827ba7c589b077935dc9ae67476d35b2ba8e1ada453096da4a975ddd5d550b9b7486
SSDeep
12288:CkxRDRdcwcXopdaK5WgK5vGxND78tVU4a9cZV3xJHK2Mkj8MHENHU:1xPcXu8ZEKxa9ulK2JYNH
TLSH
36C42318F61FDE72E3A02B3A94DD5C31873A9B869922CF496DC916472C277A24D04FF4

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
UPolyX 0.3 -> delikon
File Structure
b24aa2d5cdef270f7111a55dd4192e7e
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
Xoezpvjvyx.Properties.Resources.resources
Hrcekvrd
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

Xoezpvjvyx.exe
Full Name

Xoezpvjvyx.exe
EntryPoint

System.Void Xoezpvjvyx.Zhtiuyobxxx::Main()
Scope Name

Xoezpvjvyx.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Xoezpvjvyx
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

12
Main Method

System.Void Xoezpvjvyx.Zhtiuyobxxx::Main()
Main IL Instruction Count

18
Main IL

newobj System.Void Xoezpvjvyx.Ypdbzjevaa::.ctor() stloc.s V_0 br IL_000C: nop nop <null> ldloc.s V_0 call System.Byte[] Xoezpvjvyx.Properties.Uxhjsc::get_Hrcekvrd() ldsfld System.Byte[] Xoezpvjvyx.Diagnostics.ListenerDispatcher::_TracerLoggerData ldsfld System.Byte[] Xoezpvjvyx.Diagnostics.ListenerDispatcher::scheduledTracerItems ldstr kny4qGptWGDpWqe8fSe.rQrHJ7pQUA0hDI51wHA ldstr JcGpCtEyLl callvirt System.Void Xoezpvjvyx.Ypdbzjevaa::Rdsdx(System.Byte[],System.Byte[],System.Byte[],System.String,System.String) br IL_0032: leave IL_0047 leave IL_0047: ret pop <null> br IL_003D: leave IL_0047 leave IL_0047: ret br IL_0047: ret ret <null>
Module Name

Xoezpvjvyx.exe
Full Name

Xoezpvjvyx.exe
EntryPoint

System.Void Xoezpvjvyx.Zhtiuyobxxx::Main()
Scope Name

Xoezpvjvyx.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Xoezpvjvyx
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

12
Main Method

System.Void Xoezpvjvyx.Zhtiuyobxxx::Main()
Main IL Instruction Count

18
Main IL

newobj System.Void Xoezpvjvyx.Ypdbzjevaa::.ctor() stloc.s V_0 br IL_000C: nop nop <null> ldloc.s V_0 call System.Byte[] Xoezpvjvyx.Properties.Uxhjsc::get_Hrcekvrd() ldsfld System.Byte[] Xoezpvjvyx.Diagnostics.ListenerDispatcher::_TracerLoggerData ldsfld System.Byte[] Xoezpvjvyx.Diagnostics.ListenerDispatcher::scheduledTracerItems ldstr kny4qGptWGDpWqe8fSe.rQrHJ7pQUA0hDI51wHA ldstr JcGpCtEyLl callvirt System.Void Xoezpvjvyx.Ypdbzjevaa::Rdsdx(System.Byte[],System.Byte[],System.Byte[],System.String,System.String) br IL_0032: leave IL_0047 leave IL_0047: ret pop <null> br IL_003D: leave IL_0047 leave IL_0047: ret br IL_0047: ret ret <null>
b24aa2d5cdef270f7111a55dd4192e7e (585.22 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙