c7c677f4d824b6e894476c265f0c40f7
PE Executable | MD5: c7c677f4d824b6e894476c265f0c40f7 | Size: 646.66 KB | application/x-dosexec
Symbol Obfuscation Score
|
Hash | Hash Value |
|---|---|
| MD5 | c7c677f4d824b6e894476c265f0c40f7
|
| Sha1 | 8b935947b5442b4afb7a0519cf8a107f2aa82e09
|
| Sha256 | 940773be1f5061eb206c7bbf3030765aac7b973f5a9915c62ba893a2d97b28f2
|
| Sha384 | 8e9f785ea5643401c15f8e5771cd68bb05851d39889c21e8002871acdae1eb47b6735b986cfb56974ae9b83de9054b46
|
| Sha512 | 70990245db87224678a223af17d14030bc9a5c51c1593ac27641506b5ea7f8d38faae607170a1a22d5c128057e518e570decb76938b66f8e914d6c8deb17b268
|
| SSDeep | 12288:cPRb9qoSjkqjVnl36ud0zR/6CtQ9PUHIG8Dl8gSD+37PWY1Y1+f7LfN//TT34:cJ9mjkqjVnlqud+/2P+AlUDcPt1aKFHQ
|
| TLSH | 40D4122037F9864BE1BF66B898F161416676F663B623E74C1C8462FD4433741A9C33BA
|
PeID
|
Config. Field0 | Value |
|---|---|
| Conf. AES-Salt | BF-EB-1E-56-FB-CD-97-3B-B2-19-02-24-30-A5-78-43-00-3D-56-44-D2-1E-62-B9-D4-F1-80-E7-E6-C3-39-41 |
| Conf. AES-Key | |
| Version | 8Xddu0CX4sRrp0qrQncvcq7iP8be1D0Mo+L9C/GPyRwCsrwRBxgkVDc1oxH0VRtu+UyZwCHWH9UPGcs1CBbMGw== |
| Port | aVqVFHrApWTUvIBfiuiFGeQHq/ibzf2M7zbBBxihUlTcryDKmSL00RtzC1fH0ZotWv0HVW1g2E9LUmO+FzEeteoJt7mZq2BlaKtrtFzGxxQ= |
| Host | aVqVFHrApWTUvIBfiuiFGeQHq/ibzf2M7zbBBxihUlTcryDKmSL00RtzC1fH0ZotWv0HVW1g2E9LUmO+FzEeteoJt7mZq2BlaKtrtFzGxxQ= |
| ReconnectDelay | 3000 |
| Key | 9EO5O1t/YS9tCoTQz5dtXxdfKkPWCJAYd7/d5UvHOzUKElZ1XtbCNXlUJz6h32HUbV57QJMUjLzH9vgQb21Xuw== |
| SubDirectory | CVM8thWz/MGoPqpslxEZs1ZaK8oSMSOnYAYGsT85e6gobsCWKIyaLuLAt6JVHAcSWnHeTSvfJnAoSsg7OGBfWw== |
| InstallName | 1 |
| Install | 1 |
| Startup | Tyw5pTpsz3l3FSR5FNFL9CQhQZYfo9dN0pHqF6osW3janfQ+e5UuoEcjIBt14po/69NnNoU/jQwbe4D9areevI+QI5gtdx9Odcqsld+D12t/cKH0U8eYEvOCrHVYS0u3 |
| Mutex | DroFQGDb0xm/kGVM6+WwDyB02YwNJlMexFEzGrlpEhIc1EN+r1O41/DvqGVc0XbRfeABNfhM/0fK1FQqltdF5w== |
| StartupKey | 1 |
| HideFile | 1 |
| EnableLogger | 6351234662461217B8B3178BD777B2DFFE766EAD |
| EncryptionKey | eoqahdEeEkEyyhAp95l4EToeImnBwlpkOZL4vQxtakjIfqRW2r0zw/9tOEY7Hl5Ri0NX4tqtNMYSj/37Bf+h1w== |
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Module Name | Client |
| Full Name | Client |
| EntryPoint | System.Void 弱᱅炰婜标ꭾᮬ䐰⋭拒ᔭ忉畄ᦂဣ頕㵏隟斧娴::Main() |
| Scope Name | Client |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Client |
| Assembly Version | 0.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.8 |
| Total Strings | 613 |
| Main Method | System.Void 弱᱅炰婜标ꭾᮬ䐰⋭拒ᔭ忉畄ᦂဣ頕㵏隟斧娴::Main() |
| Main IL Instruction Count | 21 |
| Main IL | call System.Boolean 弱᱅炰婜标ꭾᮬ䐰⋭拒ᔭ忉畄ᦂဣ頕㵏隟斧娴::囅皨䫵ꂺ磷�歝뙩㫡搩铜댣葑馦肗갊ꯇ섳() pop <null> ldc.i4 3072 call System.Void System.Net.ServicePointManager::set_SecurityProtocol(System.Net.SecurityProtocolType) ldc.i4.2 <null> call System.Void System.Windows.Forms.Application::SetUnhandledExceptionMode(System.Windows.Forms.UnhandledExceptionMode) ldnull <null> ldftn System.Void 弱᱅炰婜标ꭾᮬ䐰⋭拒ᔭ忉畄ᦂဣ頕㵏隟斧娴::⭗澍梭骹�館킦飉꜎︃哬얅鮠䀘돨啡(System.Object,System.Threading.ThreadExceptionEventArgs) newobj System.Void System.Threading.ThreadExceptionEventHandler::.ctor(System.Object,System.IntPtr) call System.Void System.Windows.Forms.Application::add_ThreadException(System.Threading.ThreadExceptionEventHandler) call System.AppDomain System.AppDomain::get_CurrentDomain() ldnull <null> ldftn System.Void 弱᱅炰婜标ꭾᮬ䐰⋭拒ᔭ忉畄ᦂဣ頕㵏隟斧娴::ﴑ䲗奿㠊읶⑲﹑ꗼ欋㲟惛﹊뢿儒ⶆ礚(System.Object,System.UnhandledExceptionEventArgs) newobj System.Void System.UnhandledExceptionEventHandler::.ctor(System.Object,System.IntPtr) callvirt System.Void System.AppDomain::add_UnhandledException(System.UnhandledExceptionEventHandler) call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) newobj System.Void 䈕糧ퟅ昫䅙貯鼯븄ᑘꎋ尀㿧쪟ࣉⱷ::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null> |
| Module Name | Client |
| Full Name | Client |
| EntryPoint | System.Void 弱᱅炰婜标ꭾᮬ䐰⋭拒ᔭ忉畄ᦂဣ頕㵏隟斧娴::Main() |
| Scope Name | Client |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Client |
| Assembly Version | 0.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.8 |
| Total Strings | 613 |
| Main Method | System.Void 弱᱅炰婜标ꭾᮬ䐰⋭拒ᔭ忉畄ᦂဣ頕㵏隟斧娴::Main() |
| Main IL Instruction Count | 21 |
| Main IL | call System.Boolean 弱᱅炰婜标ꭾᮬ䐰⋭拒ᔭ忉畄ᦂဣ頕㵏隟斧娴::囅皨䫵ꂺ磷�歝뙩㫡搩铜댣葑馦肗갊ꯇ섳() pop <null> ldc.i4 3072 call System.Void System.Net.ServicePointManager::set_SecurityProtocol(System.Net.SecurityProtocolType) ldc.i4.2 <null> call System.Void System.Windows.Forms.Application::SetUnhandledExceptionMode(System.Windows.Forms.UnhandledExceptionMode) ldnull <null> ldftn System.Void 弱᱅炰婜标ꭾᮬ䐰⋭拒ᔭ忉畄ᦂဣ頕㵏隟斧娴::⭗澍梭骹�館킦飉꜎︃哬얅鮠䀘돨啡(System.Object,System.Threading.ThreadExceptionEventArgs) newobj System.Void System.Threading.ThreadExceptionEventHandler::.ctor(System.Object,System.IntPtr) call System.Void System.Windows.Forms.Application::add_ThreadException(System.Threading.ThreadExceptionEventHandler) call System.AppDomain System.AppDomain::get_CurrentDomain() ldnull <null> ldftn System.Void 弱᱅炰婜标ꭾᮬ䐰⋭拒ᔭ忉畄ᦂဣ頕㵏隟斧娴::ﴑ䲗奿㠊읶⑲﹑ꗼ欋㲟惛﹊뢿儒ⶆ礚(System.Object,System.UnhandledExceptionEventArgs) newobj System.Void System.UnhandledExceptionEventHandler::.ctor(System.Object,System.IntPtr) callvirt System.Void System.AppDomain::add_UnhandledException(System.UnhandledExceptionEventHandler) call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) newobj System.Void 䈕糧ퟅ昫䅙貯鼯븄ᑘꎋ尀㿧쪟ࣉⱷ::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null> |
|
Name0 | Value |
|---|---|
| CnC | aVqVFHrApWTUvIBfiuiFGeQHq/ibzf2M7zbBBxihUlTcryDKmSL00RtzC1fH0ZotWv0HVW1g2E9LUmO+FzEeteoJt7mZq2BlaKtrtFzGxxQ= |
| Port | aVqVFHrApWTUvIBfiuiFGeQHq/ibzf2M7zbBBxihUlTcryDKmSL00RtzC1fH0ZotWv0HVW1g2E9LUmO+FzEeteoJt7mZq2BlaKtrtFzGxxQ= |
|
Config. Field0 | Value |
|---|---|
| Conf. AES-Salt | BF-EB-1E-56-FB-CD-97-3B-B2-19-02-24-30-A5-78-43-00-3D-56-44-D2-1E-62-B9-D4-F1-80-E7-E6-C3-39-41 |
| Conf. AES-Key | |
| Version | 8Xddu0CX4sRrp0qrQncvcq7iP8be1D0Mo+L9C/GPyRwCsrwRBxgkVDc1oxH0VRtu+UyZwCHWH9UPGcs1CBbMGw== |
| Port | aVqVFHrApWTUvIBfiuiFGeQHq/ibzf2M7zbBBxihUlTcryDKmSL00RtzC1fH0ZotWv0HVW1g2E9LUmO+FzEeteoJt7mZq2BlaKtrtFzGxxQ= |
| Host | aVqVFHrApWTUvIBfiuiFGeQHq/ibzf2M7zbBBxihUlTcryDKmSL00RtzC1fH0ZotWv0HVW1g2E9LUmO+FzEeteoJt7mZq2BlaKtrtFzGxxQ= |
| ReconnectDelay | 3000 |
| Key | 9EO5O1t/YS9tCoTQz5dtXxdfKkPWCJAYd7/d5UvHOzUKElZ1XtbCNXlUJz6h32HUbV57QJMUjLzH9vgQb21Xuw== |
| SubDirectory | CVM8thWz/MGoPqpslxEZs1ZaK8oSMSOnYAYGsT85e6gobsCWKIyaLuLAt6JVHAcSWnHeTSvfJnAoSsg7OGBfWw== |
| InstallName | 1 |
| Install | 1 |
| Startup | Tyw5pTpsz3l3FSR5FNFL9CQhQZYfo9dN0pHqF6osW3janfQ+e5UuoEcjIBt14po/69NnNoU/jQwbe4D9areevI+QI5gtdx9Odcqsld+D12t/cKH0U8eYEvOCrHVYS0u3 |
| Mutex | DroFQGDb0xm/kGVM6+WwDyB02YwNJlMexFEzGrlpEhIc1EN+r1O41/DvqGVc0XbRfeABNfhM/0fK1FQqltdF5w== |
| StartupKey | 1 |
| HideFile | 1 |
| EnableLogger | 6351234662461217B8B3178BD777B2DFFE766EAD |
| EncryptionKey | eoqahdEeEkEyyhAp95l4EToeImnBwlpkOZL4vQxtakjIfqRW2r0zw/9tOEY7Hl5Ri0NX4tqtNMYSj/37Bf+h1w== |
|
Name0 | Value | Location |
|---|---|---|
| CnC | aVqVFHrApWTUvIBfiuiFGeQHq/ibzf2M7zbBBxihUlTcryDKmSL00RtzC1fH0ZotWv0HVW1g2E9LUmO+FzEeteoJt7mZq2BlaKtrtFzGxxQ= Malicious |
c7c677f4d824b6e894476c265f0c40f7 |
| Port | aVqVFHrApWTUvIBfiuiFGeQHq/ibzf2M7zbBBxihUlTcryDKmSL00RtzC1fH0ZotWv0HVW1g2E9LUmO+FzEeteoJt7mZq2BlaKtrtFzGxxQ= Malicious |
c7c677f4d824b6e894476c265f0c40f7 |