Malicious
Malicious

e039b8d3ef66a4188b8150cf9fbddc11

PE Executable
|
MD5: e039b8d3ef66a4188b8150cf9fbddc11
|
Size: 848.38 KB
|
application/x-msdownload

Executable
PE (Portable Executable)
Win 32 Exe
x86
.Net Obfuscator
.Net Reactor
.Net
SOS: 0.90
Print
General
Structural Analysis
Config.0
Yara Rules33
Sync
Community
Infection Chain
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very high

Hash
 Hash Value
MD5
e039b8d3ef66a4188b8150cf9fbddc11
Sha1
11ad5d77c02ba00c4efb6aed15f41b7f56b36c19
Sha256
c1f39077809bf0075dac779b2d8aa2442d7cca3c3e5b5ac11cd1949ca0bc8ab5
Sha384
ea58b18a813fd6b1313612a13150e32154d15f04cea6e45b4ca395f1355e08bc00778bdc6a583b2d94a158d89b459aed
Sha512
9a4da84f2295751608fe98cf208c4b35cb02a0a532f29d8333fd97c3029a97a950f1087202ceab20e203e8145344e6b342c6bee690cc908e7ece9cf7805ba923
SSDeep
12288:mGh5Wu3NGNQ+8Pr+92ul43lphM7T9+5SEPaLLjqqwTYzg8urGL:VvkQ+8bul8p2TjECLLZCYzTzL
TLSH
EB05E7067E44CE11F0191633C2EF4A484BB09951A6A6E32B7DFA377E55123A77C0DACB

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
e039b8d3ef66a4188b8150cf9fbddc11
Executable
PE (Portable Executable)
Win 32 Exe
x86
.Net Obfuscator
.Net Reactor
.Net
SOS: 0.90
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
.Net Resources
sqSKKhSuv1wtAOk50T.AaoN5LyGm5AR5A1Hem
E7E7OV6rMcDmHCtJDg.AGO2agp4T4l8WgyZLF
Informations
Name
 Value
Module Name

XjgewpY9OSRQBRikVKBJEoJkakEZHAdvMy3
Full Name

XjgewpY9OSRQBRikVKBJEoJkakEZHAdvMy3
EntryPoint

System.Void Eo7v7fjMyPsH4KbWfHr.fYclUDjXKjKiuoYSR3y::isp4ch8Fl0()
Scope Name

XjgewpY9OSRQBRikVKBJEoJkakEZHAdvMy3
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

R0L0aYGiD0X0SXd0BRqtZ5EMk92OygENXqTf9Lt
Assembly Version

6.5.5.5
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

63
Main Method

System.Void Eo7v7fjMyPsH4KbWfHr.fYclUDjXKjKiuoYSR3y::isp4ch8Fl0()
Main IL Instruction Count

14
Main IL

br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull call System.Void xdJjPZ4PYgFBvmWRw6Y.kZLWuc4UU29iMj2Jpog::kLjw4iIsCLsZtxc4lksN0j() nop <null> ldsfld System.Object Eo7v7fjMyPsH4KbWfHr.fYclUDjXKjKiuoYSR3y::FSR4ej2xE3 callvirt System.Void eiEpcXjUTcxZS5CbbyA.I4V3ZejxjiE3wWkFX20::TgRCy4pjHn() nop <null> ret <null>
Module Name

XjgewpY9OSRQBRikVKBJEoJkakEZHAdvMy3
Full Name

XjgewpY9OSRQBRikVKBJEoJkakEZHAdvMy3
EntryPoint

System.Void Eo7v7fjMyPsH4KbWfHr.fYclUDjXKjKiuoYSR3y::isp4ch8Fl0()
Scope Name

XjgewpY9OSRQBRikVKBJEoJkakEZHAdvMy3
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

R0L0aYGiD0X0SXd0BRqtZ5EMk92OygENXqTf9Lt
Assembly Version

6.5.5.5
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

63
Main Method

System.Void Eo7v7fjMyPsH4KbWfHr.fYclUDjXKjKiuoYSR3y::isp4ch8Fl0()
Main IL Instruction Count

14
Main IL

br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull call System.Void xdJjPZ4PYgFBvmWRw6Y.kZLWuc4UU29iMj2Jpog::kLjw4iIsCLsZtxc4lksN0j() nop <null> ldsfld System.Object Eo7v7fjMyPsH4KbWfHr.fYclUDjXKjKiuoYSR3y::FSR4ej2xE3 callvirt System.Void eiEpcXjUTcxZS5CbbyA.I4V3ZejxjiE3wWkFX20::TgRCy4pjHn() nop <null> ret <null>
e039b8d3ef66a4188b8150cf9fbddc11 (848.38 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙