Suspicious
Suspect

b94455267d21a4f8b75fbc0abaf0354b

PE Executable
|
MD5: b94455267d21a4f8b75fbc0abaf0354b
|
Size: 46.59 KB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Obfuscation Score

Low

Hash
 Hash Value
MD5
b94455267d21a4f8b75fbc0abaf0354b
Sha1
ec56034e179c25184760dd66157cf6018be29906
Sha256
9e2cf2cc2c04526324791235be04224bdf13442ba120045bebf9639b435b240f
Sha384
f59f4557cb5d6e2780e78ebe9c48ca9c142b725176791799e21cdc428552e318a63cb4a9fab8b1cf327e20c6030f2898
Sha512
8e618c5001f4f850d5543ce6e8f7bb5177770063163efe9b26d92fc8f62041930388fbbd83aae9e4feea9ee305d3dc82385ef35faa327fe8eb2af2ad52f301f5
SSDeep
768:hdhO/poiiUcjlJInNQH9Xqk5nWEZ5SbTDaFWI7CPW5w:fw+jjgnuH9XqcnW85SbTkWII
TLSH
2E23F84C57AC8927E6AF1ABD98324263C7B3F2669532E38F08CCD4E937933855905397

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
b94455267d21a4f8b75fbc0abaf0354b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

xeno rat client.exe
Full Name

xeno rat client.exe
EntryPoint

System.Void xeno_rat_client.Program::<Main>(System.String[])
Scope Name

xeno rat client.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

xeno rat client
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.8
Total Strings

64
Main Method

System.Void xeno_rat_client.Program::<Main>(System.String[])
Main IL Instruction Count

7
Main IL

ldarg.0 <null> call System.Threading.Tasks.Task xeno_rat_client.Program::Main(System.String[]) callvirt System.Runtime.CompilerServices.TaskAwaiter System.Threading.Tasks.Task::GetAwaiter() stloc.0 <null> ldloca.s V_0 call System.Void System.Runtime.CompilerServices.TaskAwaiter::GetResult() ret <null>
Module Name

xeno rat client.exe
Full Name

xeno rat client.exe
EntryPoint

System.Void xeno_rat_client.Program::<Main>(System.String[])
Scope Name

xeno rat client.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

xeno rat client
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.8
Total Strings

64
Main Method

System.Void xeno_rat_client.Program::<Main>(System.String[])
Main IL Instruction Count

7
Main IL

ldarg.0 <null> call System.Threading.Tasks.Task xeno_rat_client.Program::Main(System.String[]) callvirt System.Runtime.CompilerServices.TaskAwaiter System.Threading.Tasks.Task::GetAwaiter() stloc.0 <null> ldloca.s V_0 call System.Void System.Runtime.CompilerServices.TaskAwaiter::GetResult() ret <null>
b94455267d21a4f8b75fbc0abaf0354b (46.59 KB)
File Structure
b94455267d21a4f8b75fbc0abaf0354b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙