General
Structural Analysis
Config.0
Yara Rules13
Sync
Community
Summary by MalvaGPT
Characteristics
Symbol Obfuscation Score
Very high
|
Hash | Hash Value |
|---|---|
| MD5 | bf85b6866561c17b1ce56e8d1b2c80fe
|
| Sha1 | e7c17fb5c644c39974b68d4a8ecea210c76c2e6c
|
| Sha256 | d602128bef26396a9ce57e55bdfdd512b3f8e292cd7e7de5870e3ec81dcc884b
|
| Sha384 | 2e1b2e95450aa4c52c189261683ca6739f3be88a8ef932621e8663023bb29d3bf3ce45fadb95ecbd017f5202e3179e28
|
| Sha512 | 3f5469321e8b1daa4b7fc4ea8568113e38693c761fa8f94eb49261dac04e2bf32c1b19ba6b94b41cb9192ee39d0e7361a06f18712ecbf3e03b158852639007c0
|
| SSDeep | 12288:Sz7dFeE9z3IrmN0Nw1HBY7sOft8VHP2YI1Qsc6F3lrK/CDqZ:Wxz3saJ1a7bfusjF3lejZ
|
| TLSH | 2C15E0109D96AB64E9AD0FBCC12105A4A3F0CA476693E36F6FEC41F49D6BF99CF06401
|
PeID
.NET executable
HQR data file
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
bf85b6866561c17b1ce56e8d1b2c80fe
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
Ⴍ.5icAzgH1Yd7onT.resources
9iwYMb5od.g.resources
74a076c1654a94.Resources.resources
babb489a0
[NBF]root.Data
babb489a1
[NBF]root.Data
babb489a10
[NBF]root.Data
babb489a11
[NBF]root.Data
babb489a12
[NBF]root.Data
babb489a13
[NBF]root.Data
babb489a14
[NBF]root.Data
babb489a15
[NBF]root.Data
babb489a16
[NBF]root.Data
babb489a17
[NBF]root.Data
babb489a18
[NBF]root.Data
babb489a19
[NBF]root.Data
babb489a2
[NBF]root.Data
babb489a20
[NBF]root.Data
babb489a21
[NBF]root.Data
babb489a22
[NBF]root.Data
babb489a23
[NBF]root.Data
babb489a3
[NBF]root.Data
babb489a4
[NBF]root.Data
babb489a5
[NBF]root.Data
babb489a6
[NBF]root.Data
babb489a7
[NBF]root.Data
babb489a8
[NBF]root.Data
babb489a9
[NBF]root.Data
Informations
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Module Name | 9iwYMb5od |
| Full Name | 9iwYMb5od |
| EntryPoint | System.Void San07fBfqX.2TreMtf3y1x::4Assyj() |
| Scope Name | 9iwYMb5od |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | 9iwYMb5od |
| Assembly Version | 5.16.23.252 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.6 |
| Total Strings | 0 |
| Main Method | System.Void San07fBfqX.2TreMtf3y1x::4Assyj() |
| Main IL Instruction Count | 7 |
| Main IL | nop <null> newobj System.Void Aja46Tdxx3yWwk.5icAzgH1Yd7onT::.ctor() stloc.0 <null> ret <null> ldtoken System.Void San07fBfqX.2TreMtf3y1x::4Assyj() pop <null> ret <null> |
| Module Name | 9iwYMb5od |
| Full Name | 9iwYMb5od |
| EntryPoint | System.Void San07fBfqX.2TreMtf3y1x::4Assyj() |
| Scope Name | 9iwYMb5od |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | 9iwYMb5od |
| Assembly Version | 5.16.23.252 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.6 |
| Total Strings | 0 |
| Main Method | System.Void San07fBfqX.2TreMtf3y1x::4Assyj() |
| Main IL Instruction Count | 7 |
| Main IL | nop <null> newobj System.Void Aja46Tdxx3yWwk.5icAzgH1Yd7onT::.ctor() stloc.0 <null> ret <null> ldtoken System.Void San07fBfqX.2TreMtf3y1x::4Assyj() pop <null> ret <null> |
bf85b6866561c17b1ce56e8d1b2c80fe (886.27 KB)
File Structure
bf85b6866561c17b1ce56e8d1b2c80fe
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
Ⴍ.5icAzgH1Yd7onT.resources
9iwYMb5od.g.resources
74a076c1654a94.Resources.resources
babb489a0
[NBF]root.Data
babb489a1
[NBF]root.Data
babb489a10
[NBF]root.Data
babb489a11
[NBF]root.Data
babb489a12
[NBF]root.Data
babb489a13
[NBF]root.Data
babb489a14
[NBF]root.Data
babb489a15
[NBF]root.Data
babb489a16
[NBF]root.Data
babb489a17
[NBF]root.Data
babb489a18
[NBF]root.Data
babb489a19
[NBF]root.Data
babb489a2
[NBF]root.Data
babb489a20
[NBF]root.Data
babb489a21
[NBF]root.Data
babb489a22
[NBF]root.Data
babb489a23
[NBF]root.Data
babb489a3
[NBF]root.Data
babb489a4
[NBF]root.Data
babb489a5
[NBF]root.Data
babb489a6
[NBF]root.Data
babb489a7
[NBF]root.Data
babb489a8
[NBF]root.Data
babb489a9
[NBF]root.Data
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.