ceea9fb30ffc65a3b8c01523abd0c850

PE Executable
|
MD5: ceea9fb30ffc65a3b8c01523abd0c850
|
Size: 1.4 MB
|
application/x-dosexec

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	ceea9fb30ffc65a3b8c01523abd0c850
Sha1	edbac27694d36e11650204ec3672c311dbbf7863
Sha256	b3373b9443b2c689f550e98ae11b37a8942f071485ed8fbea9909cecafff797a
Sha384	d8bb09cac7c06af7a758a76518eff5ad987ccaef649afe3cf18fd9c2f1b612cc5e7f323c51d60bd6a1fc58e96eff2533
Sha512	e5d588da747633d33228e27e6166282d21c6e7538b3597e3327b80d7c9d3c1ff038aba1e3b4001156d88ec66925328a6ce99e890fac77386c559c678e8a16ea6
SSDeep	24576:YM/BsZbxLmonhkVklCnRveYepqMKDmfC4KOSSn27694/ZF:XCbgonHgRveYkqM3fC41p2W0
TLSH	C555DF0AE7C91A54F4BF4770A6719E249BF0B66BE62CEA9F3F5401ED89117818803377

PeID

.NET executable

Microsoft Visual C# / Basic .NET

Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL

Microsoft Visual C# v7.0 / Basic .NET

Microsoft Visual Studio .NET

File Structure

Informations

Name0	Value
Info	PE Detect: PeReader OK (file layout)
Module Name	pPq1bt4C
Full Name	pPq1bt4C
EntryPoint	System.Void pPq1bt4C.2m_ZBm/pBf8s6Qm.pj2W0oRmkB9s::4Bzww0oG()
Scope Name	pPq1bt4C
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	pPq1bt4C
Assembly Version	22.19.2.285
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.6
Total Strings	1290
Main Method	System.Void pPq1bt4C.2m_ZBm/pBf8s6Qm.pj2W0oRmkB9s::4Bzww0oG()
Main IL Instruction Count	104
Main IL	nop <null> nop <null> newobj System.Void pPq1bt4C.2m_ZBm::.ctor() stloc.0 <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> newobj System.Void System.Object::.ctor() ldnull <null> ldstr CreateTab ldc.i4.2 <null> newarr System.Object dup <null> ldc.i4.0 <null> ldstr segmen stelem.ref <null> dup <null> ldc.i4.1 <null> ldloc.0 <null> stelem.ref <null> dup <null> stloc.2 <null> ldnull <null> ldnull <null> ldc.i4.2 <null> newarr System.Boolean dup <null> ldc.i4.1 <null> ldc.i4.1 <null> stelem.i1 <null> dup <null> stloc.3 <null> call System.Object Microsoft.VisualBasic.CompilerServices.NewLateBinding::LateGet(System.Object,System.Type,System.String,System.Object[],System.String[],System.Type[],System.Boolean[]) stloc.s V_4 ldloc.3 <null> ldc.i4.1 <null> ldelem.u1 <null> brtrue.s IL_0049: ldloc.2 br.s IL_0066: ldloc.s V_4 ldloc.2 <null> ldc.i4.1 <null> ldelem.ref <null> call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) ldtoken pPq1bt4C.2m_ZBm call System.Type System.Type::GetTypeFromHandle(System.RuntimeTypeHandle) call System.Object Microsoft.VisualBasic.CompilerServices.Conversions::ChangeType(System.Object,System.Type) castclass pPq1bt4C.2m_ZBm stloc.0 <null> ldloc.s V_4 call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) stloc.1 <null> leave.s IL_00E5: nop dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.s V_5 nop <null> nop <null> ldc.i4 214 stloc.s V_6 br.s IL_00A9: ldloc.s V_6 ldloc.s V_6 ldc.i4.3 <null> mul.ovf <null> stloc.s V_6 ldloc.s V_6 ldc.i4.s 24 cgt <null> stloc.s V_8 ldloc.s V_8 brfalse.s IL_00A7: nop ldc.i4.s 24 stloc.s V_6 ldstr resources/s call System.Byte[] pPq1bt4C.Wy6em8dK/bRq62.4qwNcSj3Lb::Xat1pJ(System.String) stloc.s V_7 br.s IL_00B7: ldloc.s V_7 nop <null> nop <null> ldloc.s V_6 ldc.i4.s 24 rem <null> ldc.i4.0 <null> cgt.un <null> stloc.s V_9 ldloc.s V_9 brtrue.s IL_0083: ldloc.s V_6 ldloc.s V_7 castclass System.Byte[] call System.Void pPq1bt4C.9pfPM4ji/qWj03gKx.qx0Cm3So1t::Lfy7p8Pi9G(System.Byte[]) nop <null> ldc.i4.0 <null> call System.Void System.Environment::Exit(System.Int32) nop <null> leave.s IL_00DD: nop dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.s V_10 nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_00DD: nop nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_00E5: nop nop <null> ret <null>
Module Name	pPq1bt4C
Full Name	pPq1bt4C
EntryPoint	System.Void pPq1bt4C.2m_ZBm/pBf8s6Qm.pj2W0oRmkB9s::4Bzww0oG()
Scope Name	pPq1bt4C
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	pPq1bt4C
Assembly Version	22.19.2.285
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.6
Total Strings	1290
Main Method	System.Void pPq1bt4C.2m_ZBm/pBf8s6Qm.pj2W0oRmkB9s::4Bzww0oG()
Main IL Instruction Count	104
Main IL	nop <null> nop <null> newobj System.Void pPq1bt4C.2m_ZBm::.ctor() stloc.0 <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> newobj System.Void System.Object::.ctor() ldnull <null> ldstr CreateTab ldc.i4.2 <null> newarr System.Object dup <null> ldc.i4.0 <null> ldstr segmen stelem.ref <null> dup <null> ldc.i4.1 <null> ldloc.0 <null> stelem.ref <null> dup <null> stloc.2 <null> ldnull <null> ldnull <null> ldc.i4.2 <null> newarr System.Boolean dup <null> ldc.i4.1 <null> ldc.i4.1 <null> stelem.i1 <null> dup <null> stloc.3 <null> call System.Object Microsoft.VisualBasic.CompilerServices.NewLateBinding::LateGet(System.Object,System.Type,System.String,System.Object[],System.String[],System.Type[],System.Boolean[]) stloc.s V_4 ldloc.3 <null> ldc.i4.1 <null> ldelem.u1 <null> brtrue.s IL_0049: ldloc.2 br.s IL_0066: ldloc.s V_4 ldloc.2 <null> ldc.i4.1 <null> ldelem.ref <null> call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) ldtoken pPq1bt4C.2m_ZBm call System.Type System.Type::GetTypeFromHandle(System.RuntimeTypeHandle) call System.Object Microsoft.VisualBasic.CompilerServices.Conversions::ChangeType(System.Object,System.Type) castclass pPq1bt4C.2m_ZBm stloc.0 <null> ldloc.s V_4 call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) stloc.1 <null> leave.s IL_00E5: nop dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.s V_5 nop <null> nop <null> ldc.i4 214 stloc.s V_6 br.s IL_00A9: ldloc.s V_6 ldloc.s V_6 ldc.i4.3 <null> mul.ovf <null> stloc.s V_6 ldloc.s V_6 ldc.i4.s 24 cgt <null> stloc.s V_8 ldloc.s V_8 brfalse.s IL_00A7: nop ldc.i4.s 24 stloc.s V_6 ldstr resources/s call System.Byte[] pPq1bt4C.Wy6em8dK/bRq62.4qwNcSj3Lb::Xat1pJ(System.String) stloc.s V_7 br.s IL_00B7: ldloc.s V_7 nop <null> nop <null> ldloc.s V_6 ldc.i4.s 24 rem <null> ldc.i4.0 <null> cgt.un <null> stloc.s V_9 ldloc.s V_9 brtrue.s IL_0083: ldloc.s V_6 ldloc.s V_7 castclass System.Byte[] call System.Void pPq1bt4C.9pfPM4ji/qWj03gKx.qx0Cm3So1t::Lfy7p8Pi9G(System.Byte[]) nop <null> ldc.i4.0 <null> call System.Void System.Environment::Exit(System.Int32) nop <null> leave.s IL_00DD: nop dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.s V_10 nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_00DD: nop nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_00E5: nop nop <null> ret <null>

ceea9fb30ffc65a3b8c01523abd0c850 (1.4 MB)

File Structure

Characteristics

No malware configuration were found at this point.

You must be signed in to post a comment.

ceea9fb30ffc65a3b8c01523abd0c850

PE Executable | MD5: ceea9fb30ffc65a3b8c01523abd0c850 | Size: 1.4 MB | application/x-dosexec

PE Executable
|
MD5: ceea9fb30ffc65a3b8c01523abd0c850
|
Size: 1.4 MB
|
application/x-dosexec