Suspect
PE Executable
MD5: e0ac8c1a2560fb58a79142f1a6f8c39f
Size: 675.33 KB
application/x-dosexec
Get an AI-generated breakdown of this malware's behaviour, IOCs and recommendations.
AI analysis is available with Essential.
Unlock with Essential
Symbol Obfuscation Score
Very low
| MD5 | e0ac8c1a2560fb58a79142f1a6f8c39f |
| Sha1 | 96b836df49a68bb2fcefe10b5c1c100e3038ef24 |
| Sha256 | 417c165a04979b22d52eeb3fda53a4b6a699f80c3fc89a69fd408ea0fbad16ac |
| Sha384 | 926ab598f4d7bab27dfb5a620c541f9b74eb7e0e206608007857c0ded1646a4c56768e853438e4dafe105aa71dfc0158 |
| Sha512 | 6fc0c6f5ed375cb4aec31428719f15c78844a104e44ca2700c6a96cd8dd3d814e309b8fc8265aa2b6dc9aa814db13f3a0b0e32bc4527a5d8c7299d22f1492c0c |
| SSDeep | 12288:4WVNP8tWFOXT/M8hw2SeGRjhFUqkIvo+1KuO/ssuqDCaYUAPrUL0avmyJSTWpDKa:4W72T/I1esjHUqDK9/duaXAPGSTuDKR2 |
| TLSH | 13E41265661AFD21E8D667F58DA2E3B592B15ECCF003C313C7E9ACA3FD2A20174542D2 |
| Name | Value |
|---|---|
| Module Name | QnOF.exe |
| Full Name | QnOF.exe |
| EntryPoint | System.Void POSManager.Program::Main() |
| Scope Name | QnOF.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | QnOF |
| Assembly Version | 1.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.0 |
| Total Strings | 92 |
| Main Method | System.Void POSManager.Program::Main() |
| Main IL Instruction Count | 10 |
| Main IL | |
PDB Path
PATH
Qnhuhuhuhu
Full artefact values (URLs, paths, registry keys, scripts…) are available with Essential.
Unlock with Essential