d17be97db505f8d60ec1eb803f1d0a2f

PE Executable
|
MD5: d17be97db505f8d60ec1eb803f1d0a2f
|
Size: 1.13 MB
|
application/x-dosexec

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	d17be97db505f8d60ec1eb803f1d0a2f
Sha1	9012f1079387c311f8e9cdd058566b33adf446e7
Sha256	84e858b5ba08923e9efa2506aa14baa45d6d2999f0fa0c69740a2a4c30cce67a
Sha384	a521a9ae5839043b8fd570c0f6bf2694864dc5dddda0461605f919bf582dbd81e2f5dc960dc38bd9d668aa47f2950586
Sha512	5952c350d347de4088a1cef1632ae274db1513175684be4c40de7fea2f51572ca8d59d4aee320e481177c534f6c64e8d41ce8962a92fa596411251d6cb1a4ce4
SSDeep	24576:ojWklvrpz6P9qJWdGwndgEci0DW4mMU7bvz2PeIZ/SdE6v/xdjWB3EzdaTs:levrpz6P9qJWdGwdgEEbmM8SSdN//csp
TLSH	8635AD63478128D1856ADAB78F4B7E3CD991F80DEB1AA093394E85DFE77B3440940C6B

PeID

.NET executable

Microsoft Visual C# / Basic .NET

Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL

Microsoft Visual C# v7.0 / Basic .NET

Microsoft Visual Studio .NET

File Structure

Informations

Name0	Value
Info	PE Detect: PeReader OK (file layout)
Module Name	9770324432.exe
Full Name	9770324432.exe
EntryPoint	System.Void .Core.ViewerWatcher::DestroyIsolatedObject()
Scope Name	9770324432.exe
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	9770324432
Assembly Version	1.0.1580.22884
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.5
Total Strings	43
Main Method	System.Void .Core.ViewerWatcher::DestroyIsolatedObject()
Main IL Instruction Count	17
Main IL	ldc.i4 1 stloc V_0 br IL_000E: ldloc V_0 ldloc V_0 switch dnlib.DotNet.Emit.Instruction[] br IL_0049: nop nop <null> call System.Void .Core.ViewerWatcher::CompareTransferableObject() ldc.i4 0 ldsfld <Module>{78e84834-6760-4a9c-b84d-d3711f1935f8} <Module>{78e84834-6760-4a9c-b84d-d3711f1935f8}::m_d9dde2ae54de4beea262acbde4a62749 ldfld System.Int32 <Module>{78e84834-6760-4a9c-b84d-d3711f1935f8}::m_963fb0a08e0a4da2add41c9ed6fc8add brfalse IL_0012: switch(IL_0049,IL_0024) pop <null> ldc.i4 0 br IL_0012: switch(IL_0049,IL_0024) nop <null> ret <null>
Module Name	9770324432.exe
Full Name	9770324432.exe
EntryPoint	System.Void .Core.ViewerWatcher::DestroyIsolatedObject()
Scope Name	9770324432.exe
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	9770324432
Assembly Version	1.0.1580.22884
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.5
Total Strings	43
Main Method	System.Void .Core.ViewerWatcher::DestroyIsolatedObject()
Main IL Instruction Count	17
Main IL	ldc.i4 1 stloc V_0 br IL_000E: ldloc V_0 ldloc V_0 switch dnlib.DotNet.Emit.Instruction[] br IL_0049: nop nop <null> call System.Void .Core.ViewerWatcher::CompareTransferableObject() ldc.i4 0 ldsfld <Module>{78e84834-6760-4a9c-b84d-d3711f1935f8} <Module>{78e84834-6760-4a9c-b84d-d3711f1935f8}::m_d9dde2ae54de4beea262acbde4a62749 ldfld System.Int32 <Module>{78e84834-6760-4a9c-b84d-d3711f1935f8}::m_963fb0a08e0a4da2add41c9ed6fc8add brfalse IL_0012: switch(IL_0049,IL_0024) pop <null> ldc.i4 0 br IL_0012: switch(IL_0049,IL_0024) nop <null> ret <null>

d17be97db505f8d60ec1eb803f1d0a2f (1.13 MB)

File Structure

Characteristics

No malware configuration were found at this point.

You must be signed in to post a comment.

d17be97db505f8d60ec1eb803f1d0a2f

PE Executable | MD5: d17be97db505f8d60ec1eb803f1d0a2f | Size: 1.13 MB | application/x-dosexec

PE Executable
|
MD5: d17be97db505f8d60ec1eb803f1d0a2f
|
Size: 1.13 MB
|
application/x-dosexec