Symbol Obfuscation Score
|
Hash | Hash Value |
|---|---|
| MD5 | bf8dc83b0de682d4bdf1b555c0088aa8
|
| Sha1 | 7eedef95814606eff407f1ca276b296f87153e62
|
| Sha256 | 7fdfd7462481634f41f936913f011b6e6f7cc6ba63e3e52663f5ca597de7d086
|
| Sha384 | 667817b0fe63b2ca2707c23096a1889d2e3f508005c10ca91ca97d19801a050918a0f79ccfff934dfaffa4bb5cab896f
|
| Sha512 | 1a45caa853b647cf860bf2f1866c24f956db772bea66082f7a962204579bc6135756f5f076a7f377ac3e2558b879833ec3ae53b39dff27a0398d2ec999bcbba1
|
| SSDeep | 49152:GvQt62XlaSFNWPjljiFa2RoUYIoI3jhJ+oGdrhTHHB72eh2NT:Gvc62XlaSFNWPjljiFXRoUYIoI+
|
| TLSH | 37E54A143BF85E23E1BBE27395B0041267F0FC6AF3A3EB0B6591667E1C53B5049426A7
|
PeID
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader FAIL, AsmResolver Mapped OK |
| Info | Remap: Mapped -> FileLayout (RAM only) as [Rebuild from dump]_5c0ba019.exe |
| Module Name | Client |
| Full Name | Client |
| EntryPoint | System.Void 嬵鿿➫Ž悞鵲炒푇뵙ꊙ蚺ᵍ⓬碾툯䂕頚ꑩ╇�::Main(System.String[]) |
| Scope Name | Client |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Client |
| Assembly Version | 1.4.1.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.5.2 |
| Total Strings | 11123 |
| Main Method | System.Void 嬵鿿➫Ž悞鵲炒푇뵙ꊙ蚺ᵍ⓬碾툯䂕頚ꑩ╇�::Main(System.String[]) |
| Main IL Instruction Count | 19 |
| Main IL | ldc.i4 3072 call System.Void System.Net.ServicePointManager::set_SecurityProtocol(System.Net.SecurityProtocolType) ldc.i4.2 <null> call System.Void System.Windows.Forms.Application::SetUnhandledExceptionMode(System.Windows.Forms.UnhandledExceptionMode) ldnull <null> ldftn System.Void 嬵鿿➫Ž悞鵲炒푇뵙ꊙ蚺ᵍ⓬碾툯䂕頚ꑩ╇�::国캳畑ꆩꌾ㿦旈嶪⊧쁶竭왲闐㪊㜌᧲챦(System.Object,System.Threading.ThreadExceptionEventArgs) newobj System.Void System.Threading.ThreadExceptionEventHandler::.ctor(System.Object,System.IntPtr) call System.Void System.Windows.Forms.Application::add_ThreadException(System.Threading.ThreadExceptionEventHandler) call System.AppDomain System.AppDomain::get_CurrentDomain() ldnull <null> ldftn System.Void 嬵鿿➫Ž悞鵲炒푇뵙ꊙ蚺ᵍ⓬碾툯䂕頚ꑩ╇�::坴緙㇖硲䙺皃廿瞱翕ᕵ붢ہ�偨⸌�욃础憙䋴(System.Object,System.UnhandledExceptionEventArgs) newobj System.Void System.UnhandledExceptionEventHandler::.ctor(System.Object,System.IntPtr) callvirt System.Void System.AppDomain::add_UnhandledException(System.UnhandledExceptionEventHandler) call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) newobj System.Void 怟ℒ墲祪연㳖�伅喣�☮䙇䀗ᗮ蕟վ攐::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null> |
| Module Name | Client |
| Full Name | Client |
| EntryPoint | System.Void 嬵鿿➫Ž悞鵲炒푇뵙ꊙ蚺ᵍ⓬碾툯䂕頚ꑩ╇�::Main(System.String[]) |
| Scope Name | Client |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Client |
| Assembly Version | 1.4.1.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.5.2 |
| Total Strings | 11123 |
| Main Method | System.Void 嬵鿿➫Ž悞鵲炒푇뵙ꊙ蚺ᵍ⓬碾툯䂕頚ꑩ╇�::Main(System.String[]) |
| Main IL Instruction Count | 19 |
| Main IL | ldc.i4 3072 call System.Void System.Net.ServicePointManager::set_SecurityProtocol(System.Net.SecurityProtocolType) ldc.i4.2 <null> call System.Void System.Windows.Forms.Application::SetUnhandledExceptionMode(System.Windows.Forms.UnhandledExceptionMode) ldnull <null> ldftn System.Void 嬵鿿➫Ž悞鵲炒푇뵙ꊙ蚺ᵍ⓬碾툯䂕頚ꑩ╇�::国캳畑ꆩꌾ㿦旈嶪⊧쁶竭왲闐㪊㜌᧲챦(System.Object,System.Threading.ThreadExceptionEventArgs) newobj System.Void System.Threading.ThreadExceptionEventHandler::.ctor(System.Object,System.IntPtr) call System.Void System.Windows.Forms.Application::add_ThreadException(System.Threading.ThreadExceptionEventHandler) call System.AppDomain System.AppDomain::get_CurrentDomain() ldnull <null> ldftn System.Void 嬵鿿➫Ž悞鵲炒푇뵙ꊙ蚺ᵍ⓬碾툯䂕頚ꑩ╇�::坴緙㇖硲䙺皃廿瞱翕ᕵ붢ہ�偨⸌�욃础憙䋴(System.Object,System.UnhandledExceptionEventArgs) newobj System.Void System.UnhandledExceptionEventHandler::.ctor(System.Object,System.IntPtr) callvirt System.Void System.AppDomain::add_UnhandledException(System.UnhandledExceptionEventHandler) call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) newobj System.Void 怟ℒ墲祪연㳖�伅喣�☮䙇䀗ᗮ蕟վ攐::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null> |
|
Name0 | Value |
|---|---|
| PE Layout | MemoryMapped (process dump suspected) |
| PE Layout | MemoryMapped (process dump suspected) |
|
Name0 | Value | Location |
|---|---|---|
| PE Layout | MemoryMapped (process dump suspected) |
bf8dc83b0de682d4bdf1b555c0088aa8 |
| PE Layout | MemoryMapped (process dump suspected) |
bf8dc83b0de682d4bdf1b555c0088aa8 > [Rebuild from dump]_5c0ba019.exe |