Suspicious
Suspect

b325d4e78d6b92eb24910c78f7d2665f

PE Executable
|
MD5: b325d4e78d6b92eb24910c78f7d2665f
|
Size: 846.34 KB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very high

Hash
 Hash Value
MD5
b325d4e78d6b92eb24910c78f7d2665f
Sha1
c81f6cf14655ed9f3c3594c983cbd1baeb27fb8d
Sha256
119fc86e6162b86de92c1e1079a7542011f21ecca441cea21fd5989381412074
Sha384
6d65dbed65de86ea70dcf3d2ffd10148cf94981fcd38b811afc9ccdae9af6c4cddaeb9889ed6082424d8a8df7e2b5e12
Sha512
be154531e6f4226ac3c33a6716fa761c7dcd359b2bd0b20bdf0786b90f6a5305ba02da372a57460561cd76e7e5a2b054ded1645e015a97498c982f72ecdd8a64
SSDeep
12288:Hv1RrGgO52Ybv2daD1xAKrSM9e6gVftnmp64k2r35hpDmmKieG/mHqUvF:P1R82eudmAeJe6sfpmLkeJ/IL3qUvF
TLSH
9505DF251BEA0A94F1FF8B38AA74006487F0F817D732E7AE655441ED8E71B859A13373

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
b325d4e78d6b92eb24910c78f7d2665f
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
5g_BQ3.g.resources
5g_BQ3.Resources.resources
24d905bd82f5ce.Resources.resources
575bdab80
[NBF]root.Data
575bdab81
[NBF]root.Data
575bdab810
[NBF]root.Data
575bdab811
[NBF]root.Data
575bdab812
[NBF]root.Data
575bdab813
[NBF]root.Data
575bdab814
[NBF]root.Data
575bdab815
[NBF]root.Data
575bdab816
[NBF]root.Data
575bdab817
[NBF]root.Data
575bdab818
[NBF]root.Data
575bdab819
[NBF]root.Data
575bdab82
[NBF]root.Data
575bdab820
[NBF]root.Data
575bdab821
[NBF]root.Data
575bdab822
[NBF]root.Data
575bdab823
[NBF]root.Data
575bdab824
[NBF]root.Data
575bdab825
[NBF]root.Data
575bdab826
[NBF]root.Data
575bdab827
[NBF]root.Data
575bdab83
[NBF]root.Data
575bdab84
[NBF]root.Data
575bdab85
[NBF]root.Data
575bdab86
[NBF]root.Data
575bdab87
[NBF]root.Data
575bdab88
[NBF]root.Data
575bdab89
[NBF]root.Data
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

5g_BQ3
Full Name

5g_BQ3
EntryPoint

System.Void 5g_BQ3.9HpdZos36c/Cxt23cE.zx8CY::Wgx3ba7B()
Scope Name

5g_BQ3
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

5g_BQ3
Assembly Version

25.22.7.14
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

1253
Main Method

System.Void 5g_BQ3.9HpdZos36c/Cxt23cE.zx8CY::Wgx3ba7B()
Main IL Instruction Count

22
Main IL

nop <null> call System.Threading.Thread System.Threading.Thread::get_CurrentThread() call System.Globalization.CultureInfo System.Globalization.CultureInfo::get_InvariantCulture() callvirt System.Void System.Threading.Thread::set_CurrentCulture(System.Globalization.CultureInfo) nop <null> call System.Threading.Thread System.Threading.Thread::get_CurrentThread() call System.Globalization.CultureInfo System.Globalization.CultureInfo::get_InvariantCulture() callvirt System.Void System.Threading.Thread::set_CurrentUICulture(System.Globalization.CultureInfo) nop <null> nop <null> call System.Void 5g_BQ3.9HpdZos36c::0ffQo9YrRx3z2F() nop <null> leave.s IL_0037: nop call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_0037: nop nop <null> ldc.i4.0 <null> call System.Void System.Environment::Exit(System.Int32) nop <null> ret <null>
Module Name

5g_BQ3
Full Name

5g_BQ3
EntryPoint

System.Void 5g_BQ3.9HpdZos36c/Cxt23cE.zx8CY::Wgx3ba7B()
Scope Name

5g_BQ3
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

5g_BQ3
Assembly Version

25.22.7.14
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

1253
Main Method

System.Void 5g_BQ3.9HpdZos36c/Cxt23cE.zx8CY::Wgx3ba7B()
Main IL Instruction Count

22
Main IL

nop <null> call System.Threading.Thread System.Threading.Thread::get_CurrentThread() call System.Globalization.CultureInfo System.Globalization.CultureInfo::get_InvariantCulture() callvirt System.Void System.Threading.Thread::set_CurrentCulture(System.Globalization.CultureInfo) nop <null> call System.Threading.Thread System.Threading.Thread::get_CurrentThread() call System.Globalization.CultureInfo System.Globalization.CultureInfo::get_InvariantCulture() callvirt System.Void System.Threading.Thread::set_CurrentUICulture(System.Globalization.CultureInfo) nop <null> nop <null> call System.Void 5g_BQ3.9HpdZos36c::0ffQo9YrRx3z2F() nop <null> leave.s IL_0037: nop call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_0037: nop nop <null> ldc.i4.0 <null> call System.Void System.Environment::Exit(System.Int32) nop <null> ret <null>
b325d4e78d6b92eb24910c78f7d2665f (846.34 KB)
File Structure
b325d4e78d6b92eb24910c78f7d2665f
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
5g_BQ3.g.resources
5g_BQ3.Resources.resources
24d905bd82f5ce.Resources.resources
575bdab80
[NBF]root.Data
575bdab81
[NBF]root.Data
575bdab810
[NBF]root.Data
575bdab811
[NBF]root.Data
575bdab812
[NBF]root.Data
575bdab813
[NBF]root.Data
575bdab814
[NBF]root.Data
575bdab815
[NBF]root.Data
575bdab816
[NBF]root.Data
575bdab817
[NBF]root.Data
575bdab818
[NBF]root.Data
575bdab819
[NBF]root.Data
575bdab82
[NBF]root.Data
575bdab820
[NBF]root.Data
575bdab821
[NBF]root.Data
575bdab822
[NBF]root.Data
575bdab823
[NBF]root.Data
575bdab824
[NBF]root.Data
575bdab825
[NBF]root.Data
575bdab826
[NBF]root.Data
575bdab827
[NBF]root.Data
575bdab83
[NBF]root.Data
575bdab84
[NBF]root.Data
575bdab85
[NBF]root.Data
575bdab86
[NBF]root.Data
575bdab87
[NBF]root.Data
575bdab88
[NBF]root.Data
575bdab89
[NBF]root.Data
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙