Suspicious
Suspect

d3732621f8e8159efce4667e59864c2b

PE Executable
|
MD5: d3732621f8e8159efce4667e59864c2b
|
Size: 133.63 KB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very low

Hash
 Hash Value
MD5
d3732621f8e8159efce4667e59864c2b
Sha1
454517bee4b6f281c90a802416571f76c20f81e1
Sha256
392b69ef0ccabbf63cf49c66162d2b8c798fb2f09881c0e55f8430d095474551
Sha384
150772548a4ccdb82404233d77368ba74cbedad4484cf38883128a928c6a9fa57019f437525b4b7f1cd03b32802ca4c0
Sha512
623708b806093da317c3b364715b39b711b078a4e2a60b6c27d88aab0281306340dfda949e6d94cd44c1c45472699949128037d455dd3f6cc63c037012270132
SSDeep
3072:Z4yR9vd7Xu77W3qrSnNWW6b5kdesLuwvxXEgbY:J918rSNWW6bKXFb
TLSH
A3D3070D2BE49814E5FEA9730270A115C775B8030A66DE1D1BC2B86E2E7D6D1CE1AF93

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
d3732621f8e8159efce4667e59864c2b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
lfwhUWZlmFnGhDYPudAJ.Resources.resources
Informations
Name
 Value
Module Name

lfwhUWZlmFnGhDYPudAJ.exe
Full Name

lfwhUWZlmFnGhDYPudAJ.exe
EntryPoint

System.Void 퓜jܣŔ츠.ܹՄ��C::Main()
Scope Name

lfwhUWZlmFnGhDYPudAJ.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

lfwhUWZlmFnGhDYPudAJ
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

1475
Main Method

System.Void 퓜jܣŔ츠.ܹՄ��C::Main()
Main IL Instruction Count

160
Main IL

nop <null> call System.Void 퓜jܣŔ츠.ܹՄ��C::zÒ̔ꓞş() nop <null> call System.Void 퓜jܣŔ츠.ܹՄ��C::ӺבӺεR() nop <null> call System.Void 퓜jܣŔ츠.ܹՄ��C::Īζˤ�Ȩ() nop <null> call System.Void 퓜jܣŔ츠.ܹՄ��C::嵱;̱Ŕϒ() nop <null> call System.Void 퓜jܣŔ츠.ܹՄ��C::ި̀גϱջ() nop <null> call System.Void 퓜jܣŔ츠.ܹՄ��C::ܪɩ뫆�ܹ() nop <null> call System.Void 퓜jܣŔ츠.ܹՄ��C::Ŵ�ҡٗé() nop <null> call System.Void 퓜jܣŔ츠.ܹՄ��C::ۨ쐬ۣƜ«() nop <null> call System.Void 퓜jܣŔ츠.ܹՄ��C::Ӥľɩ늻J() nop <null> call System.Void 퓜jܣŔ츠.ܹՄ��C::בߟ˳�с() nop <null> call System.Void 퓜jܣŔ츠.ܹՄ��C::߂Ī��߻() nop <null> call System.Void 퓜jܣŔ츠.ܹՄ��C::kגٷW늻() nop <null> call System.Void 퓜jܣŔ츠.ܹՄ��C::ҭבױŎ츠() nop <null> call System.Void 퓜jܣŔ츠.ܹՄ��C::꼺zɢҟë() nop <null> call System.Void 퓜jܣŔ츠.ܹՄ��C::ֵ恁Īۣӓ() nop <null> call System.Void 퓜jܣŔ츠.ܹՄ��C::똛ʓã�C() nop <null> call System.Void 퓜jܣŔ츠.ܹՄ��C::񭍣أή�() nop <null> call System.Void 퓜jܣŔ츠.ܹՄ��C::Ȩ꼺Ȩܹ̀() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::ױՄ̲ē�() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::Ɯ�t㹃�() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::ݶ�ӓ�ב() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::Ŏ؉�˨׉() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::뫆Թߟ؜Թ() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::�Ԝܪا�() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::Ю蠺⛊ב�() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::J̲ƚלş() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::΅߂߂쐬ا() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::ʤ��UK() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::أۣלW�() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::BȨԌB() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::ا̲ʭ�Ŵ() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::똛嵱ʭҟ�() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::Ϙϒ�ņި() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::Ц���ɩ() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::Jݝל㠰ɮ() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::�Ω盀�˳() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::Αі޴ҡz() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::ՕӓƉک߻() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::ߟߡӛֵΑ() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::嵱չOמٵ() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::Ă츠؜ΑԌ() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::JΩzĂ恁() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::�ۨՕܣ�() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::̔-Ɵ΅ا() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::ܹéƌľϘ() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::��Ѕk�() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::��鈇ẕ() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::Цٕ恁ܹ�() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::��޴ɇҢ() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::ˤֵלƚε() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::z̲쐬�ٷ() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::ۨké츠ᔖ() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::�mȨ̲ا() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::k^�ٗҢ() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::Īk֏iܪ() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::�޹�盀Ŏ() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::ҭ�ë2ᔖ() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::޴ë泮Уľ() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::اӓۨՕ-() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::Ԝ�mӥс() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::嵱΅ãӛ䇹() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::�퓜«ô�() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::tᔖׁۨ؜() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::󙱫،Ɵ�() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::WԜΠ˳-() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::cԌ⛊Ɯ䇹() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::꼺Kӥ޸չ() nop <null> call System.Void ޸ٷ߻�ɮ.ε�󕷑ƌ::�ܪ􃀬퓜() nop <null> call System.Void ޸ٷ߻�ɮ.ε�󕷑ƌ::Ŕ̔ϱٗݝ() nop <null> call System.Void ޸ٷ߻�ɮ.ε�󕷑ƌ::ۚΩӤ�J() nop <null> call System.Void ޸ٷ߻�ɮ.ε�󕷑ƌ::ϫ��ߟ޻() nop <null> call System.Void ޸ٷ߻�ɮ.ε�󕷑ƌ::�퓜«ٚޗ() nop <null> call System.Void ޸ٷ߻�ɮ.ε�󕷑ƌ::ҡ޻ɩ�t() nop <null> call System.Void ޸ٷ߻�ɮ.ε�󕷑ƌ::콪ިУݝŁ() nop <null> call System.Void ޸ٷ߻�ɮ.ε�󕷑ƌ::ҡکųJϘ() nop <null> call System.Void ޸ٷ߻�ɮ.ε�󕷑ƌ::հεRƌЮ() nop <null> call System.Void 퓜jܣŔ츠.ܹՄ��C::�ʓמ⥤߂() nop <null> call System.Void 퓜jܣŔ츠.ܹՄ��C::ņȨRU�() nop <null> call System.Void System.Windows.Forms.Application::Run() nop <null> ret <null>
Module Name

lfwhUWZlmFnGhDYPudAJ.exe
Full Name

lfwhUWZlmFnGhDYPudAJ.exe
EntryPoint

System.Void 퓜jܣŔ츠.ܹՄ��C::Main()
Scope Name

lfwhUWZlmFnGhDYPudAJ.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

lfwhUWZlmFnGhDYPudAJ
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

1475
Main Method

System.Void 퓜jܣŔ츠.ܹՄ��C::Main()
Main IL Instruction Count

160
Main IL

nop <null> call System.Void 퓜jܣŔ츠.ܹՄ��C::zÒ̔ꓞş() nop <null> call System.Void 퓜jܣŔ츠.ܹՄ��C::ӺבӺεR() nop <null> call System.Void 퓜jܣŔ츠.ܹՄ��C::Īζˤ�Ȩ() nop <null> call System.Void 퓜jܣŔ츠.ܹՄ��C::嵱;̱Ŕϒ() nop <null> call System.Void 퓜jܣŔ츠.ܹՄ��C::ި̀גϱջ() nop <null> call System.Void 퓜jܣŔ츠.ܹՄ��C::ܪɩ뫆�ܹ() nop <null> call System.Void 퓜jܣŔ츠.ܹՄ��C::Ŵ�ҡٗé() nop <null> call System.Void 퓜jܣŔ츠.ܹՄ��C::ۨ쐬ۣƜ«() nop <null> call System.Void 퓜jܣŔ츠.ܹՄ��C::Ӥľɩ늻J() nop <null> call System.Void 퓜jܣŔ츠.ܹՄ��C::בߟ˳�с() nop <null> call System.Void 퓜jܣŔ츠.ܹՄ��C::߂Ī��߻() nop <null> call System.Void 퓜jܣŔ츠.ܹՄ��C::kגٷW늻() nop <null> call System.Void 퓜jܣŔ츠.ܹՄ��C::ҭבױŎ츠() nop <null> call System.Void 퓜jܣŔ츠.ܹՄ��C::꼺zɢҟë() nop <null> call System.Void 퓜jܣŔ츠.ܹՄ��C::ֵ恁Īۣӓ() nop <null> call System.Void 퓜jܣŔ츠.ܹՄ��C::똛ʓã�C() nop <null> call System.Void 퓜jܣŔ츠.ܹՄ��C::񭍣أή�() nop <null> call System.Void 퓜jܣŔ츠.ܹՄ��C::Ȩ꼺Ȩܹ̀() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::ױՄ̲ē�() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::Ɯ�t㹃�() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::ݶ�ӓ�ב() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::Ŏ؉�˨׉() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::뫆Թߟ؜Թ() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::�Ԝܪا�() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::Ю蠺⛊ב�() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::J̲ƚלş() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::΅߂߂쐬ا() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::ʤ��UK() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::أۣלW�() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::BȨԌB() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::ا̲ʭ�Ŵ() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::똛嵱ʭҟ�() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::Ϙϒ�ņި() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::Ц���ɩ() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::Jݝל㠰ɮ() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::�Ω盀�˳() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::Αі޴ҡz() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::ՕӓƉک߻() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::ߟߡӛֵΑ() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::嵱չOמٵ() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::Ă츠؜ΑԌ() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::JΩzĂ恁() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::�ۨՕܣ�() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::̔-Ɵ΅ا() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::ܹéƌľϘ() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::��Ѕk�() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::��鈇ẕ() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::Цٕ恁ܹ�() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::��޴ɇҢ() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::ˤֵלƚε() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::z̲쐬�ٷ() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::ۨké츠ᔖ() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::�mȨ̲ا() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::k^�ٗҢ() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::Īk֏iܪ() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::�޹�盀Ŏ() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::ҭ�ë2ᔖ() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::޴ë泮Уľ() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::اӓۨՕ-() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::Ԝ�mӥс() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::嵱΅ãӛ䇹() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::�퓜«ô�() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::tᔖׁۨ؜() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::󙱫،Ɵ�() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::WԜΠ˳-() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::cԌ⛊Ɯ䇹() nop <null> call System.Void ՄJ�ޗܣ.�㹃ٚ쐬ҟ::꼺Kӥ޸չ() nop <null> call System.Void ޸ٷ߻�ɮ.ε�󕷑ƌ::�ܪ􃀬퓜() nop <null> call System.Void ޸ٷ߻�ɮ.ε�󕷑ƌ::Ŕ̔ϱٗݝ() nop <null> call System.Void ޸ٷ߻�ɮ.ε�󕷑ƌ::ۚΩӤ�J() nop <null> call System.Void ޸ٷ߻�ɮ.ε�󕷑ƌ::ϫ��ߟ޻() nop <null> call System.Void ޸ٷ߻�ɮ.ε�󕷑ƌ::�퓜«ٚޗ() nop <null> call System.Void ޸ٷ߻�ɮ.ε�󕷑ƌ::ҡ޻ɩ�t() nop <null> call System.Void ޸ٷ߻�ɮ.ε�󕷑ƌ::콪ިУݝŁ() nop <null> call System.Void ޸ٷ߻�ɮ.ε�󕷑ƌ::ҡکųJϘ() nop <null> call System.Void ޸ٷ߻�ɮ.ε�󕷑ƌ::հεRƌЮ() nop <null> call System.Void 퓜jܣŔ츠.ܹՄ��C::�ʓמ⥤߂() nop <null> call System.Void 퓜jܣŔ츠.ܹՄ��C::ņȨRU�() nop <null> call System.Void System.Windows.Forms.Application::Run() nop <null> ret <null>
Artefacts
Name
 Value
Embedded Resources

1
Suspicious Type Names (1-2 chars)

0
d3732621f8e8159efce4667e59864c2b (133.63 KB)
File Structure
d3732621f8e8159efce4667e59864c2b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
lfwhUWZlmFnGhDYPudAJ.Resources.resources
Characteristics
No malware configuration were found at this point.
Artefacts
Name
 Value Location
Embedded Resources

1

d3732621f8e8159efce4667e59864c2b
Suspicious Type Names (1-2 chars)

0

d3732621f8e8159efce4667e59864c2b
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙