c384138b5ea21c5ba6962a7d01f8266d

PE Executable
|
MD5: c384138b5ea21c5ba6962a7d01f8266d
|
Size: 1.17 MB
|
application/x-dosexec

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	c384138b5ea21c5ba6962a7d01f8266d
Sha1	d6c5c086b4c20e1aaf915b69c2838fccc2b2ee54
Sha256	7588832247132c319cf651c3c22d96a7e6e427c642c95caad385ea086624f28d
Sha384	feba63468334cace577aa79fb9802ba8f8f154f4d04bf7da70e8a271b769a9df43b3bad5e78cfbc351295dfc7f8f9632
Sha512	618c6d68ebfb18e1e3bb1bce4564326ab99bbba59fc00289a41aadf95c67c96a778415d93201d1df7b3c41f30d9270b4554bd266a4a727b0c9488cc98ad2b6e3
SSDeep	24576:af39HT4qnaH0P2l/daes9S7ufPNxPb+cUxifknM9DFZ+hj:Yw5l/nss7udxPhX8Kaj
TLSH	6945E01923C99F88E47FA3B8DBB5052847F2ED06DE61D38F799928FC7522B418548723

PeID

.NET executable

Microsoft Visual C# / Basic .NET

Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL

Microsoft Visual C# v7.0 / Basic .NET

Microsoft Visual Studio .NET

File Structure

Informations

Name0	Value
Info	PE Detect: PeReader OK (file layout)
Module Name	Ek8i3wtMP
Full Name	Ek8i3wtMP
EntryPoint	System.Void Ek8i3wtMP.8gmNEr/Swx7j.5awPp::3xsLy()
Scope Name	Ek8i3wtMP
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	Ek8i3wtMP
Assembly Version	18.21.15.116
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.6
Total Strings	1038
Main Method	System.Void Ek8i3wtMP.8gmNEr/Swx7j.5awPp::3xsLy()
Main IL Instruction Count	97
Main IL	nop <null> nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> ldc.r8 0 stloc.0 <null> ldc.i4.0 <null> stloc.s V_5 ldloc.0 <null> ldloc.s V_5 conv.r8 <null> ldc.r8 0.01 mul <null> call System.Double System.Math::Sin(System.Double) ldloc.s V_5 conv.r8 <null> ldc.r8 0.015 mul <null> call System.Double System.Math::Cos(System.Double) mul <null> add <null> stloc.0 <null> ldloc.s V_5 ldc.i4.1 <null> add.ovf <null> stloc.s V_5 ldloc.s V_5 ldc.i4 5000 ble.s IL_001C: ldloc.0 ldstr FacilityBook Pro stloc.1 <null> ldc.i4 214 stloc.2 <null> ldloc.2 <null> call System.Object Ek8i3wtMP.5goXRg3iwNc8Fi::Zs6fq9zSW(System.Int32) call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) stloc.3 <null> ldloc.3 <null> castclass System.Byte[] call System.Void Ek8i3wtMP.Tm4oqPe3/Bkt6g9jD8ZpyLr.dEn3Mj1w6Knqw7::tDs7G6y(System.Byte[]) nop <null> ldloc.1 <null> call System.Boolean System.Diagnostics.EventLog::SourceExists(System.String) ldc.i4.0 <null> ceq <null> stloc.s V_6 ldloc.s V_6 brfalse.s IL_0093: nop ldloc.1 <null> ldstr Application call System.Void System.Diagnostics.EventLog::CreateEventSource(System.String,System.String) nop <null> nop <null> nop <null> ldstr Application newobj System.Void System.Diagnostics.EventLog::.ctor(System.String) stloc.s V_4 ldloc.s V_4 ldloc.1 <null> callvirt System.Void System.Diagnostics.EventLog::set_Source(System.String) nop <null> ldloc.s V_4 ldstr Service started: initializing compliance module. ldc.i4.4 <null> callvirt System.Void System.Diagnostics.EventLog::WriteEntry(System.String,System.Diagnostics.EventLogEntryType) nop <null> leave.s IL_0101: nop dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.s V_7 nop <null> nop <null> ldstr Application newobj System.Void System.Diagnostics.EventLog::.ctor(System.String) stloc.s V_8 ldloc.s V_8 ldstr FacilityBook Pro callvirt System.Void System.Diagnostics.EventLog::set_Source(System.String) nop <null> ldloc.s V_8 ldstr Compliance module error (non-critical). ldc.i4.2 <null> callvirt System.Void System.Diagnostics.EventLog::WriteEntry(System.String,System.Diagnostics.EventLogEntryType) nop <null> leave.s IL_00F9: nop call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_00F9: nop nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_0101: nop nop <null> ret <null>
Module Name	Ek8i3wtMP
Full Name	Ek8i3wtMP
EntryPoint	System.Void Ek8i3wtMP.8gmNEr/Swx7j.5awPp::3xsLy()
Scope Name	Ek8i3wtMP
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	Ek8i3wtMP
Assembly Version	18.21.15.116
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.6
Total Strings	1038
Main Method	System.Void Ek8i3wtMP.8gmNEr/Swx7j.5awPp::3xsLy()
Main IL Instruction Count	97
Main IL	nop <null> nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> ldc.r8 0 stloc.0 <null> ldc.i4.0 <null> stloc.s V_5 ldloc.0 <null> ldloc.s V_5 conv.r8 <null> ldc.r8 0.01 mul <null> call System.Double System.Math::Sin(System.Double) ldloc.s V_5 conv.r8 <null> ldc.r8 0.015 mul <null> call System.Double System.Math::Cos(System.Double) mul <null> add <null> stloc.0 <null> ldloc.s V_5 ldc.i4.1 <null> add.ovf <null> stloc.s V_5 ldloc.s V_5 ldc.i4 5000 ble.s IL_001C: ldloc.0 ldstr FacilityBook Pro stloc.1 <null> ldc.i4 214 stloc.2 <null> ldloc.2 <null> call System.Object Ek8i3wtMP.5goXRg3iwNc8Fi::Zs6fq9zSW(System.Int32) call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) stloc.3 <null> ldloc.3 <null> castclass System.Byte[] call System.Void Ek8i3wtMP.Tm4oqPe3/Bkt6g9jD8ZpyLr.dEn3Mj1w6Knqw7::tDs7G6y(System.Byte[]) nop <null> ldloc.1 <null> call System.Boolean System.Diagnostics.EventLog::SourceExists(System.String) ldc.i4.0 <null> ceq <null> stloc.s V_6 ldloc.s V_6 brfalse.s IL_0093: nop ldloc.1 <null> ldstr Application call System.Void System.Diagnostics.EventLog::CreateEventSource(System.String,System.String) nop <null> nop <null> nop <null> ldstr Application newobj System.Void System.Diagnostics.EventLog::.ctor(System.String) stloc.s V_4 ldloc.s V_4 ldloc.1 <null> callvirt System.Void System.Diagnostics.EventLog::set_Source(System.String) nop <null> ldloc.s V_4 ldstr Service started: initializing compliance module. ldc.i4.4 <null> callvirt System.Void System.Diagnostics.EventLog::WriteEntry(System.String,System.Diagnostics.EventLogEntryType) nop <null> leave.s IL_0101: nop dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.s V_7 nop <null> nop <null> ldstr Application newobj System.Void System.Diagnostics.EventLog::.ctor(System.String) stloc.s V_8 ldloc.s V_8 ldstr FacilityBook Pro callvirt System.Void System.Diagnostics.EventLog::set_Source(System.String) nop <null> ldloc.s V_8 ldstr Compliance module error (non-critical). ldc.i4.2 <null> callvirt System.Void System.Diagnostics.EventLog::WriteEntry(System.String,System.Diagnostics.EventLogEntryType) nop <null> leave.s IL_00F9: nop call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_00F9: nop nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_0101: nop nop <null> ret <null>

c384138b5ea21c5ba6962a7d01f8266d (1.17 MB)

File Structure

Characteristics

No malware configuration were found at this point.

You must be signed in to post a comment.

c384138b5ea21c5ba6962a7d01f8266d

PE Executable | MD5: c384138b5ea21c5ba6962a7d01f8266d | Size: 1.17 MB | application/x-dosexec

PE Executable
|
MD5: c384138b5ea21c5ba6962a7d01f8266d
|
Size: 1.17 MB
|
application/x-dosexec