Suspicious
Suspect

c1908aa1d46e5e976a27d5c66378a6fb

PE Executable
MD5: c1908aa1d46e5e976a27d5c66378a6fb
Size: 1.6 MB
application/x-dosexec
Summary by MalvaGPT
Characteristics

Symbol Obfuscation Score

Medium

Hash
Hash Value
MD5
c1908aa1d46e5e976a27d5c66378a6fb
Sha1
15eb7c26a04fdde1d7829c4df22e8db312c251e0
Sha256
0b491c48b9be2a68202ac644589f0dfe57bbf00abef12ee4d57c7839e7933fcd
Sha384
4f36640a7c4665acaa25bb75e4ca99e24575f2ab811dd667611b8a7d762d759c4a11a4ef587d134df2c01e12be4f00fb
Sha512
621d250220c1fecb5e67da9e5db30dd66e11be613fd05cdeddf785700bf2cce86770bf957c174b9476896e17a40e9aad4a2fc8c0d5d8d11b50c017d1cb3987bb
SSDeep
24576:+9cVA6kxP2VV1eatHh48Q4XmWkXP34xDDKx0HPDPOI5OPUiby8Ca:+HHUG41W0Hr15OTy8C
TLSH
B9756B057B9CD711C429033049BE8725E336AEB98293F74F1A88BEF46C7B394691E653

PeID

Microsoft Visual C++ DLL
Microsoft Visual C++ v6.0
Microsoft Visual C++ v6.0 DLL
File Structure
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rsrc
Resources
RT_ICON
ID:0001
ID:0
ID:0002
ID:0
ID:0003
ID:0
ID:0004
ID:0
ID:0005
ID:0
ID:0006
ID:0
ID:0007
ID:0
ID:0-preview.png
RT_RCDATA
ID:0000
[Authenticode]_e323fa63.p7b
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.rdata
.data
.rsrc
.text
.pdata
.reloc
.didat
_RDATA
Resources
RT_VERSION
ID:0001
ID:1033
MUI
ID:0001
ID:1033
RT_STRING
ID:003F
ID:1033
ID:007E
ID:1033
ID:007F
ID:1033
ID:00BC
ID:1033
ID:00BD
ID:1033
[Authenticode]_3adc769c.p7b
[Authenticode]_86fd92c9.p7b
[Authenticode]_4b45d4bf.p7b
[Authenticode]_a45c9537.p7b
[Authenticode]_d9f02a80.p7b
RT_GROUP_CURSOR4
ID:0001
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
{1e240c28-b2c8-447d-a923-6d76c2371d80}
Informations
Name
Value
Info

PE Detect: PeReader OK (file layout)

Module Name

DoziestAliet.exe

Full Name

DoziestAliet.exe

EntryPoint

System.Void GrangesWaver.DevelJammer::Main()

Scope Name

DoziestAliet.exe

Scope Type

ModuleDef

Kind

Windows

Runtime Version

v4.0.30319

Tables Header Version

512

WinMD Version

<null>

Assembly Name

DoziestAliet

Assembly Version

0.0.0.0

Assembly Culture

<null>

Has PublicKey

False

PublicKey Token

<null>

Target Framework

<null>

Total Strings

10

Main Method

System.Void GrangesWaver.DevelJammer::Main()

Main IL Instruction Count

24

Main IL

ldc.i4.0 <null> stloc.0 <null> ldc.i4.0 <null> stloc.1 <null> ldc.i4.0 <null> stloc.1 <null> nop <null> ldloc.1 <null> ldc.i4.2 <null> bne.un.s IL_000F: nop ldc.i4.0 <null> stloc.1 <null> br.s IL_0024: nop nop <null> ldloca.s V_0 ldloca.s V_1 ldloca.s V_2 ldsfld System.IntPtr[] GrangesWaver.DevelJammer::InvalidOperationNoValueLdtoken ldloc.0 <null> ldelem.i <null> calli System.Void (System.Int32&,System.Int32&,System.Int32&) br.s IL_0006: nop nop <null> ret <null>

c1908aa1d46e5e976a27d5c66378a6fb (1.6 MB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙