Suspicious
Suspect

d8943f8b04a7d27810691f542c341fe8

PE Executable
|
MD5: d8943f8b04a7d27810691f542c341fe8
|
Size: 64 KB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Obfuscation Score

Very high

Hash
 Hash Value
MD5
d8943f8b04a7d27810691f542c341fe8
Sha1
51c866ba2970a726600235e3c996e19101ae2578
Sha256
970dd62d5d6e8996defbfda6eacef182820b91aeddcce0845a2f727b421ac9f4
Sha384
259a424d9dd73e5c2febdbc155b6e6415c8599ae08eedbfb84bcd3dfb2b2e98d47f78beca23a84b1de14876cf1a71467
Sha512
eb9904be0ab5066dac82c5109f0371b6d2b65c8ba7034e627769b810da84df8683134a437dd1bac22133bdac9de651cc2847ff2cc243b2d159e8f8afeb4e022c
SSDeep
768:qhQXs5Bx2EOwnynarOopWUEy8i3D9bSSEASoQom1aCu5rsd:I+sR2ELnyn0pWYXT9bSSEAm1ka
TLSH
D053B5C532778872D27FAE7AE6C7624B6DB54073A901D5460CD277D36A02F82C90ACF6

PeID

Microsoft Visual C++ DLL
Microsoft Visual C++ v6.0
File Structure
d8943f8b04a7d27810691f542c341fe8
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rsrc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

OzjuY5E5LmSvrwjlPtep
Full Name

OzjuY5E5LmSvrwjlPtep
EntryPoint

System.Void PMDZDEP7HPMynWh7TEOK.ZOVOfWEZ5cz1j5LkT40q::U7IjUGV21COkal3Aqojg()
Scope Name

OzjuY5E5LmSvrwjlPtep
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Violet
Assembly Version

7.20.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

<null>
Total Strings

323
Main Method

System.Void PMDZDEP7HPMynWh7TEOK.ZOVOfWEZ5cz1j5LkT40q::U7IjUGV21COkal3Aqojg()
Main IL Instruction Count

17
Main IL

ldc.i4 1000 call System.Void System.Threading.Thread::Sleep(System.Int32) call System.Void cp8KjtR53hfxjTGcFRr9.SxUEv40NB2h2E3aRnYep::HUk6eTqY4BPkkY7H2ogs() call System.Boolean TD9BpQXWJnvuTI2MLk3V.85AZIGBkegRrmxPwPJWa::AqUWuD88dLWyjmBPpfWZ() brtrue IL_001F: ldnull ldc.i4.0 <null> call System.Void System.Environment::Exit(System.Int32) ldnull <null> ldftn System.Void PMDZDEP7HPMynWh7TEOK.ZOVOfWEZ5cz1j5LkT40q::AqC4QkPRLxNodYqrFbu8() newobj System.Void System.Threading.ThreadStart::.ctor(System.Object,System.IntPtr) newobj System.Void System.Threading.Thread::.ctor(System.Threading.ThreadStart) stloc.0 <null> ldloc.0 <null> callvirt System.Void System.Threading.Thread::Start() ldloc.0 <null> callvirt System.Void System.Threading.Thread::Join() ret <null>
d8943f8b04a7d27810691f542c341fe8 (64 KB)
File Structure
d8943f8b04a7d27810691f542c341fe8
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rsrc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙