Suspicious
Suspect

df7cd67bc26e491e580f9c992574b3b8

PE Executable
|
MD5: df7cd67bc26e491e580f9c992574b3b8
|
Size: 1.36 MB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Medium

Hash
 Hash Value
MD5
df7cd67bc26e491e580f9c992574b3b8
Sha1
57dfc34af7b4e831ce1629e01605fb2d0b9e828e
Sha256
0b9edf24c002380289d09e7f6c59f95c6ac568fb009993b39cb7ecf90cbdec94
Sha384
ac36e8695071557cc3372e1e7f804e2c490da2c40125c3357668ab8fa09e1628424ae8e96eb8071de623f6a52700765c
Sha512
021dbfed7818d55766343d690345325823bfad2f83ec83caf73357473dae71e1ac889781c7b954392c5d7d172a370a30cf9cefc70fe0704338b71cc95af0567c
SSDeep
24576:dwLqgaMfICJC9Kx8B9klaUIkmhSvZeU77BTbwlOYwHDodhGxhDyH56/tkwN:tgaMw0C97viBNm+7ZbwlO3HTjyHQtj
TLSH
BF5523C9730C9033EB1D13B1F0C6828542B915026943F72D39BDF9A9AADA9DD1584FEE

PeID

Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual Studio .NET
File Structure
df7cd67bc26e491e580f9c992574b3b8
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
Cefvjxfamu.Properties.Resources.resources
Dvnmhtj
        ​     
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

PKS.exe
Full Name

PKS.exe
EntryPoint

System.Void  ::()
Scope Name

PKS.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

PKS
Assembly Version

1.0.2458.2251
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

0
Main Method

System.Void  ::()
Main IL Instruction Count

48
Main IL

ldc.i4 4032 call System.Void System.Net.ServicePointManager::set_SecurityProtocol(System.Net.SecurityProtocolType) ldc.i4 972149518 call System.String ::(System.Int32) newobj System.Void System.Version::.ctor(System.String) stloc.s V_5 ldnull <null> ldloc.s V_5 newobj System.Void  ::.ctor(System.String,System.Version) stloc.1 <null> newobj System.Void  ::.ctor() stloc.2 <null> newobj System.Void  ::.ctor() stloc.3 <null> newobj System.Void  ::.ctor() stloc.s V_4 ldloc.2 <null> ldloc.3 <null> ldloc.s V_4 newobj System.Void  ::.ctor( , , ) stloc.0 <null> ldloc.1 <null> ldloc.0 <null> ldftn System.Void  ::(System.Object, ) newobj System.Void System.EventHandler`1< >::.ctor(System.Object,System.IntPtr) callvirt System.Void  ::(System.EventHandler`1< >) ldloc.2 <null> ldloc.0 <null> ldftn System.Void  ::(System.Object, ) newobj System.Void System.EventHandler`1< >::.ctor(System.Object,System.IntPtr) callvirt System.Void  ::(System.EventHandler`1< >) ldloc.3 <null> ldloc.0 <null> ldftn System.Void  ::(System.Object, ) newobj System.Void System.EventHandler`1< >::.ctor(System.Object,System.IntPtr) callvirt System.Void  ::(System.EventHandler`1< >) ldloc.s V_4 ldloc.0 <null> ldftn System.Void  ::(System.Object, ) newobj System.Void System.EventHandler`1< >::.ctor(System.Object,System.IntPtr) callvirt System.Void  ::(System.EventHandler`1< >) ldloc.1 <null> callvirt System.Void  ::() leave.s IL_0099: ret ldloc.0 <null> callvirt System.Void System.IDisposable::Dispose() endfinally <null> ret <null>
Module Name

PKS.exe
Full Name

PKS.exe
EntryPoint

System.Void  ::()
Scope Name

PKS.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

PKS
Assembly Version

1.0.2458.2251
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

0
Main Method

System.Void  ::()
Main IL Instruction Count

48
Main IL

ldc.i4 4032 call System.Void System.Net.ServicePointManager::set_SecurityProtocol(System.Net.SecurityProtocolType) ldc.i4 972149518 call System.String ::(System.Int32) newobj System.Void System.Version::.ctor(System.String) stloc.s V_5 ldnull <null> ldloc.s V_5 newobj System.Void  ::.ctor(System.String,System.Version) stloc.1 <null> newobj System.Void  ::.ctor() stloc.2 <null> newobj System.Void  ::.ctor() stloc.3 <null> newobj System.Void  ::.ctor() stloc.s V_4 ldloc.2 <null> ldloc.3 <null> ldloc.s V_4 newobj System.Void  ::.ctor( , , ) stloc.0 <null> ldloc.1 <null> ldloc.0 <null> ldftn System.Void  ::(System.Object, ) newobj System.Void System.EventHandler`1< >::.ctor(System.Object,System.IntPtr) callvirt System.Void  ::(System.EventHandler`1< >) ldloc.2 <null> ldloc.0 <null> ldftn System.Void  ::(System.Object, ) newobj System.Void System.EventHandler`1< >::.ctor(System.Object,System.IntPtr) callvirt System.Void  ::(System.EventHandler`1< >) ldloc.3 <null> ldloc.0 <null> ldftn System.Void  ::(System.Object, ) newobj System.Void System.EventHandler`1< >::.ctor(System.Object,System.IntPtr) callvirt System.Void  ::(System.EventHandler`1< >) ldloc.s V_4 ldloc.0 <null> ldftn System.Void  ::(System.Object, ) newobj System.Void System.EventHandler`1< >::.ctor(System.Object,System.IntPtr) callvirt System.Void  ::(System.EventHandler`1< >) ldloc.1 <null> callvirt System.Void  ::() leave.s IL_0099: ret ldloc.0 <null> callvirt System.Void System.IDisposable::Dispose() endfinally <null> ret <null>
df7cd67bc26e491e580f9c992574b3b8 (1.36 MB)
File Structure
df7cd67bc26e491e580f9c992574b3b8
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
Cefvjxfamu.Properties.Resources.resources
Dvnmhtj
        ​     
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙