be94fd6cde386996a6eb099ecab28730

PE Executable
|
MD5: be94fd6cde386996a6eb099ecab28730
|
Size: 2.51 MB
|
application/x-msdownload

Infection Chain

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	be94fd6cde386996a6eb099ecab28730
Sha1	f4c20349a5c845bb8256fa4bfff14e667fe0782c
Sha256	f4a06ff1449d152e7db1ae642aba721b2764387e9bc8c2b9cf5ac3000433672c
Sha384	6b6775aa978c1b7eccdd076d5c814753c7f59cee61f5f66c14baecbe39b7a6f1af53a7381e2a9e0dd2b29f5aec36501c
Sha512	dbff45ab86da237cf4d40f05d5db3c6d1269954e62df1dcf4f55569590023eb1b435e6e4168aab5e7054d590b5a97ae3f5041a443364c8da9c41f6bf6e401e6f
SSDeep	49152:OSgzXgrTxUnFok2Z9nx76WptvWVHwaT/rGBPRmd:Vg7uT+nGBZ9x7rhokRI
TLSH	82C5CF027E44CE12F0092633D2EF494847B4A9556AE6E31B7CBA37AE15123977C4DACF

PeID

.NET executable

Microsoft Visual C# / Basic .NET

Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL

Microsoft Visual C# v7.0 / Basic .NET

Microsoft Visual Studio .NET

File Structure

Informations

Name0	Value
Module Name	bayTUpPT7qNEV
Full Name	bayTUpPT7qNEV
EntryPoint	System.Void y1mc5DeJ3wlrYRZYCaQ.tbbtIUe4H50FFrrMbTh::tJNWKHCD5a()
Scope Name	bayTUpPT7qNEV
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	TzOO5KDILoaHkIaa1wgu40AFUBU9bkQeGv
Assembly Version	5.6.7.9
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.0
Total Strings	63
Main Method	System.Void y1mc5DeJ3wlrYRZYCaQ.tbbtIUe4H50FFrrMbTh::tJNWKHCD5a()
Main IL Instruction Count	14
Main IL	br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull call System.Void v8P2SaWN2BTkTPrTpkU.OMkZdXWIcdJhouK5UEA::kLjw4iIsCLsZtxc4lksN0j() nop <null> ldsfld System.Object y1mc5DeJ3wlrYRZYCaQ.tbbtIUe4H50FFrrMbTh::gRoWRMW4qp callvirt System.Void auGnAoeIFXIBqCCDZb5.PUA81oedaSPdGBv3IsE::WCkiOOLfSG() nop <null> ret <null>
Module Name	bayTUpPT7qNEV
Full Name	bayTUpPT7qNEV
EntryPoint	System.Void y1mc5DeJ3wlrYRZYCaQ.tbbtIUe4H50FFrrMbTh::tJNWKHCD5a()
Scope Name	bayTUpPT7qNEV
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	TzOO5KDILoaHkIaa1wgu40AFUBU9bkQeGv
Assembly Version	5.6.7.9
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.0
Total Strings	63
Main Method	System.Void y1mc5DeJ3wlrYRZYCaQ.tbbtIUe4H50FFrrMbTh::tJNWKHCD5a()
Main IL Instruction Count	14
Main IL	br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull call System.Void v8P2SaWN2BTkTPrTpkU.OMkZdXWIcdJhouK5UEA::kLjw4iIsCLsZtxc4lksN0j() nop <null> ldsfld System.Object y1mc5DeJ3wlrYRZYCaQ.tbbtIUe4H50FFrrMbTh::gRoWRMW4qp callvirt System.Void auGnAoeIFXIBqCCDZb5.PUA81oedaSPdGBv3IsE::WCkiOOLfSG() nop <null> ret <null>

Artefacts

Name0	Value
Embedded Resources	2
Suspicious Type Names (1-2 chars)	0

be94fd6cde386996a6eb099ecab28730 (2.51 MB)

File Structure

Characteristics

No malware configuration were found at this point.

Artefacts

Name0	Value	Location
Embedded Resources	2	be94fd6cde386996a6eb099ecab28730
Suspicious Type Names (1-2 chars)	0	be94fd6cde386996a6eb099ecab28730

You must be signed in to post a comment.

be94fd6cde386996a6eb099ecab28730

PE Executable | MD5: be94fd6cde386996a6eb099ecab28730 | Size: 2.51 MB | application/x-msdownload

PE Executable
|
MD5: be94fd6cde386996a6eb099ecab28730
|
Size: 2.51 MB
|
application/x-msdownload