Suspicious
Suspect

c601b463f2c693d91680a58d962aaf88

PE Executable
|
MD5: c601b463f2c693d91680a58d962aaf88
|
Size: 378.88 KB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Medium

Hash
 Hash Value
MD5
c601b463f2c693d91680a58d962aaf88
Sha1
d3bc4dad714801c3d65c965ea5c28737605bc949
Sha256
ca0e5bdac36d06b847e99c0b8ed87cdf74a884ae97ed7ec2749b18cd7d8e6100
Sha384
f5fd6925e243548f7e104f895a0767665c54aba22c82ff5a00d77299db1c08dd1dcc813238f6b094bd1bab2b7b1ae171
Sha512
37d33ee4cf0b1b099dfd8657232be614e554bbe6f7e349edaf466e7b9d438ba4aa7c10ca1337a96a4bbfd5ac66e719bbc1341bc8dc1c56ea789e4e1560f6123f
SSDeep
6144:QtjUiBMwzBBMKTJXxDHfngtPOVHqQtHGJnQbq0DZU2hrGHFfv6sH:niBJM5ONqQdGJnQbq0NGHF3
TLSH
F9845BAE53C55E6BD0BF077BE4E21B198B70E570A38BE39D10801D698C27B968DC6713

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
c601b463f2c693d91680a58d962aaf88
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
Informations
Name
 Value
Module Name

Djhvwhp.exe
Full Name

Djhvwhp.exe
EntryPoint

System.Void .::()
Scope Name

Djhvwhp.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Djhvwhp
Assembly Version

1.0.2320.12117
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

757
Main Method

System.Void .::()
Main IL Instruction Count

21
Main IL

ldc.i4.1 <null> brfalse.s IL_000F: ldsfld ./ ./:: ldc.i4.0 <null> brtrue.s IL_000F: ldsfld ./ ./:: ldsfld System.Action`1<System.IO.MemoryStream> ./:: dup <null> brtrue.s IL_0025: br.s IL_002E pop <null> ldsfld ./ ./:: ldftn System.Void ./::(System.IO.MemoryStream) newobj System.Void System.Action`1<System.IO.MemoryStream>::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Action`1<System.IO.MemoryStream> ./:: br.s IL_002E: call System.Void .::(System.Action`1<System.IO.MemoryStream>) ldc.i4.0 <null> brtrue.s IL_0000: ldc.i4.1 ldc.i4.0 <null> brtrue.s IL_000F: ldsfld ./ ./:: ret <null> call System.Void .::(System.Action`1<System.IO.MemoryStream>) br.s IL_0027: ldc.i4.0
Module Name

Djhvwhp.exe
Full Name

Djhvwhp.exe
EntryPoint

System.Void .::()
Scope Name

Djhvwhp.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Djhvwhp
Assembly Version

1.0.2320.12117
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

757
Main Method

System.Void .::()
Main IL Instruction Count

21
Main IL

ldc.i4.1 <null> brfalse.s IL_000F: ldsfld ./ ./:: ldc.i4.0 <null> brtrue.s IL_000F: ldsfld ./ ./:: ldsfld System.Action`1<System.IO.MemoryStream> ./:: dup <null> brtrue.s IL_0025: br.s IL_002E pop <null> ldsfld ./ ./:: ldftn System.Void ./::(System.IO.MemoryStream) newobj System.Void System.Action`1<System.IO.MemoryStream>::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Action`1<System.IO.MemoryStream> ./:: br.s IL_002E: call System.Void .::(System.Action`1<System.IO.MemoryStream>) ldc.i4.0 <null> brtrue.s IL_0000: ldc.i4.1 ldc.i4.0 <null> brtrue.s IL_000F: ldsfld ./ ./:: ret <null> call System.Void .::(System.Action`1<System.IO.MemoryStream>) br.s IL_0027: ldc.i4.0
c601b463f2c693d91680a58d962aaf88 (378.88 KB)
File Structure
c601b463f2c693d91680a58d962aaf88
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙