Suspicious
Suspect

de0b664e934c16e839d27acd3940184c

PE Executable
|
MD5: de0b664e934c16e839d27acd3940184c
|
Size: 2.22 MB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Medium

Hash
 Hash Value
MD5
de0b664e934c16e839d27acd3940184c
Sha1
073f91241486c3049199127be597bad04f66192d
Sha256
6c0ddb4207c9f2e26e9a777dce19643f068c706d4f4b50a9d1ac381d63fd78eb
Sha384
7c32b2bc0c4da15f075c0fe235cf26fa90fa473331b4984c8d227a8897903763ee833e25645592f473becf4165647dc4
Sha512
0ee5ff0b2fe5322c8833d921a288cedcb9b0a8c90d794fa9f79e2271d91ceababc82d700aa64517389556031c7635c1bd2f34806a8ffd706f9a8633bd87fff5f
SSDeep
49152:/UaJ4/i9mji8WhfLS+gC7xOobNgGTHUKf18dLbBFyr2b:/UaYsNfyC7xDBgsHsfLm
TLSH
F6A5CE04AAE85B13C63E837989E3889573B294DCFF9BD30B9944B56215063E16B431FF

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
UPolyX 0.3 -> delikon
File Structure
de0b664e934c16e839d27acd3940184c
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
Jtumfrw.Properties.Resources.resources
Sywosobeyj
          
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

Kufwfunomuh.exe
Full Name

Kufwfunomuh.exe
EntryPoint

System.Void   ::()
Scope Name

Kufwfunomuh.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Kufwfunomuh
Assembly Version

1.0.3507.20853
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

0
Main Method

System.Void   ::()
Main IL Instruction Count

37
Main IL

newobj System.Void   ::.ctor() stloc.0 <null> ldloc.0 <null> callvirt System.String   ::() brfalse.s IL_0060: leave IL_006C ldloc.0 <null> callvirt System.Type[]   ::() ldsfld System.Func`2<System.Type,System.Boolean>   /:: dup <null> brtrue.s IL_0033: call System.Collections.Generic.IEnumerable`1<System.Type> System.Linq.Enumerable::Where<System.Type>(System.Collections.Generic.IEnumerable`1<System.Type>,System.Func`2<System.Type,System.Boolean>) pop <null> ldsfld   /   /:: ldftn System.Boolean   /::(System.Type) newobj System.Void System.Func`2<System.Type,System.Boolean>::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Func`2<System.Type,System.Boolean>   /:: call System.Collections.Generic.IEnumerable`1<System.Type> System.Linq.Enumerable::Where<System.Type>(System.Collections.Generic.IEnumerable`1<System.Type>,System.Func`2<System.Type,System.Boolean>) stloc.1 <null> ldloc.1 <null> call System.Int32 System.Linq.Enumerable::Count<System.Type>(System.Collections.Generic.IEnumerable`1<System.Type>) ldc.i4.0 <null> ble.s IL_0060: leave IL_006C ldloc.1 <null> call System.Type System.Linq.Enumerable::First<System.Type>(System.Collections.Generic.IEnumerable`1<System.Type>) ldc.i4 -2112676956 call System.String ::(System.Int32) ldc.i4 256 ldnull <null> ldnull <null> ldnull <null> callvirt System.Object System.Type::InvokeMember(System.String,System.Reflection.BindingFlags,System.Reflection.Binder,System.Object,System.Object[]) pop <null> leave IL_006C: ret ldloc.0 <null> callvirt System.Void System.IDisposable::Dispose() endfinally <null> ret <null>
Module Name

Kufwfunomuh.exe
Full Name

Kufwfunomuh.exe
EntryPoint

System.Void   ::()
Scope Name

Kufwfunomuh.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Kufwfunomuh
Assembly Version

1.0.3507.20853
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

0
Main Method

System.Void   ::()
Main IL Instruction Count

37
Main IL

newobj System.Void   ::.ctor() stloc.0 <null> ldloc.0 <null> callvirt System.String   ::() brfalse.s IL_0060: leave IL_006C ldloc.0 <null> callvirt System.Type[]   ::() ldsfld System.Func`2<System.Type,System.Boolean>   /:: dup <null> brtrue.s IL_0033: call System.Collections.Generic.IEnumerable`1<System.Type> System.Linq.Enumerable::Where<System.Type>(System.Collections.Generic.IEnumerable`1<System.Type>,System.Func`2<System.Type,System.Boolean>) pop <null> ldsfld   /   /:: ldftn System.Boolean   /::(System.Type) newobj System.Void System.Func`2<System.Type,System.Boolean>::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Func`2<System.Type,System.Boolean>   /:: call System.Collections.Generic.IEnumerable`1<System.Type> System.Linq.Enumerable::Where<System.Type>(System.Collections.Generic.IEnumerable`1<System.Type>,System.Func`2<System.Type,System.Boolean>) stloc.1 <null> ldloc.1 <null> call System.Int32 System.Linq.Enumerable::Count<System.Type>(System.Collections.Generic.IEnumerable`1<System.Type>) ldc.i4.0 <null> ble.s IL_0060: leave IL_006C ldloc.1 <null> call System.Type System.Linq.Enumerable::First<System.Type>(System.Collections.Generic.IEnumerable`1<System.Type>) ldc.i4 -2112676956 call System.String ::(System.Int32) ldc.i4 256 ldnull <null> ldnull <null> ldnull <null> callvirt System.Object System.Type::InvokeMember(System.String,System.Reflection.BindingFlags,System.Reflection.Binder,System.Object,System.Object[]) pop <null> leave IL_006C: ret ldloc.0 <null> callvirt System.Void System.IDisposable::Dispose() endfinally <null> ret <null>
de0b664e934c16e839d27acd3940184c (2.22 MB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙