Suspicious
Suspect

e24ea1a099b7c7dbcbc43eca5acbd577

PE Executable
|
MD5: e24ea1a099b7c7dbcbc43eca5acbd577
|
Size: 610.82 KB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very high

Hash
 Hash Value
MD5
e24ea1a099b7c7dbcbc43eca5acbd577
Sha1
b86422906bc2467f1790bc83b12d53b4f95544b4
Sha256
c0141e9acfac5a67dcd3a794c24ab41dfb379f14e3c1931771c9a7e98e3f12ea
Sha384
557d0d7a1c05a95216b2a83a793c80d24afeccde710345b1fe63a4da9e6143b8a8bf8f24f945d4b8e3a1f59961c0ca68
Sha512
396fc0550fca21b684c75c6fa69b7e98ec8aa0dfe1cf82fe8c225c46ec9e8e68a23c596b6382fafc764759b65b58bee5d66a6e0080f4e7952d3547a14fa3b0e2
SSDeep
6144:23rXw8xbtu91jQ1al8Ee1OiFqKMt0ufk2zuCdjpEQK6B9gAJWHbFoIpBuzuZKPTD:Ybt7axYhRMykk7CdKdrBuzutow4H
TLSH
18D4E02A27D89F51F0BEAB785471211407FAF846CB62DB1DBEEC54D80922B818933777

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
e24ea1a099b7c7dbcbc43eca5acbd577
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
Kairolytix.DTnolina
9Xcoe2GsFg5pz.Resources.resources
b81af0e7910cb9.Resources.resources
417b854d0
[NBF]root.Data
417b854d1
[NBF]root.Data
417b854d2
[NBF]root.Data
417b854d3
[NBF]root.Data
417b854d4
[NBF]root.Data
417b854d5
[NBF]root.Data
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

9Xcoe2GsFg5pz
Full Name

9Xcoe2GsFg5pz
EntryPoint

System.Void 9Xcoe2GsFg5pz.5KtiYqp1::7moRx8()
Scope Name

9Xcoe2GsFg5pz
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

9Xcoe2GsFg5pz
Assembly Version

25.7.7.158
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

674
Main Method

System.Void 9Xcoe2GsFg5pz.5KtiYqp1::7moRx8()
Main IL Instruction Count

87
Main IL

nop <null> nop <null> ldc.i4.s 25 stloc.0 <null> ldloc.0 <null> ldc.i4.s 23 add.ovf <null> ldc.i4.s 25 div <null> ldc.i4.s 25 mul.ovf <null> stloc.0 <null> ldloc.0 <null> ldc.i4.1 <null> sub.ovf <null> ldc.i4.1 <null> add.ovf <null> newarr System.Object stloc.1 <null> call System.Reflection.Assembly System.Reflection.Assembly::GetExecutingAssembly() callvirt System.String System.Reflection.Assembly::get_Location() call System.Diagnostics.FileVersionInfo System.Diagnostics.FileVersionInfo::GetVersionInfo(System.String) callvirt System.String System.Diagnostics.FileVersionInfo::get_FileVersion() stloc.2 <null> ldloc.2 <null> call System.Boolean System.String::IsNullOrEmpty(System.String) stloc.s V_7 ldloc.s V_7 brfalse.s IL_0042: ldc.i4.s 26 ldstr 1.0.0.0 stloc.2 <null> ldc.i4.s 26 call System.String System.Environment::GetFolderPath(System.Environment/SpecialFolder) ldstr SystemTools call System.String System.IO.Path::Combine(System.String,System.String) stloc.3 <null> ldloc.3 <null> call System.Boolean System.IO.Directory::Exists(System.String) ldc.i4.0 <null> ceq <null> stloc.s V_8 ldloc.s V_8 brfalse.s IL_006B: nop ldloc.3 <null> call System.IO.DirectoryInfo System.IO.Directory::CreateDirectory(System.String) pop <null> nop <null> nop <null> ldc.i4.s 80 call System.Void System.Threading.Thread::Sleep(System.Int32) nop <null> ldstr DTnolina stloc.s V_4 ldloc.s V_4 call System.Object 9Xcoe2GsFg5pz.5KtiYqp1::Yt9e3Fdrf(System.String) call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) stloc.s V_5 ldloc.s V_5 ldnull <null> ceq <null> stloc.s V_9 ldloc.s V_9 brfalse.s IL_0096: ldloc.s V_5 leave.s IL_00CC: nop ldloc.s V_5 call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) call System.Object 9Xcoe2GsFg5pz.5KtiYqp1::Wj8r2ykHf4Kd(System.Object) call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) stloc.s V_6 ldloc.1 <null> ldloc.0 <null> ldc.i4.1 <null> sub.ovf <null> ldloc.s V_6 call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) stelem.ref <null> ldloc.1 <null> ldloc.0 <null> call System.Void 9Xcoe2GsFg5pz.5KtiYqp1::1Wayb4A(System.Object[],System.Int32) nop <null> leave.s IL_00CC: nop call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_00CC: nop nop <null> ret <null>
Module Name

9Xcoe2GsFg5pz
Full Name

9Xcoe2GsFg5pz
EntryPoint

System.Void 9Xcoe2GsFg5pz.5KtiYqp1::7moRx8()
Scope Name

9Xcoe2GsFg5pz
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

9Xcoe2GsFg5pz
Assembly Version

25.7.7.158
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

674
Main Method

System.Void 9Xcoe2GsFg5pz.5KtiYqp1::7moRx8()
Main IL Instruction Count

87
Main IL

nop <null> nop <null> ldc.i4.s 25 stloc.0 <null> ldloc.0 <null> ldc.i4.s 23 add.ovf <null> ldc.i4.s 25 div <null> ldc.i4.s 25 mul.ovf <null> stloc.0 <null> ldloc.0 <null> ldc.i4.1 <null> sub.ovf <null> ldc.i4.1 <null> add.ovf <null> newarr System.Object stloc.1 <null> call System.Reflection.Assembly System.Reflection.Assembly::GetExecutingAssembly() callvirt System.String System.Reflection.Assembly::get_Location() call System.Diagnostics.FileVersionInfo System.Diagnostics.FileVersionInfo::GetVersionInfo(System.String) callvirt System.String System.Diagnostics.FileVersionInfo::get_FileVersion() stloc.2 <null> ldloc.2 <null> call System.Boolean System.String::IsNullOrEmpty(System.String) stloc.s V_7 ldloc.s V_7 brfalse.s IL_0042: ldc.i4.s 26 ldstr 1.0.0.0 stloc.2 <null> ldc.i4.s 26 call System.String System.Environment::GetFolderPath(System.Environment/SpecialFolder) ldstr SystemTools call System.String System.IO.Path::Combine(System.String,System.String) stloc.3 <null> ldloc.3 <null> call System.Boolean System.IO.Directory::Exists(System.String) ldc.i4.0 <null> ceq <null> stloc.s V_8 ldloc.s V_8 brfalse.s IL_006B: nop ldloc.3 <null> call System.IO.DirectoryInfo System.IO.Directory::CreateDirectory(System.String) pop <null> nop <null> nop <null> ldc.i4.s 80 call System.Void System.Threading.Thread::Sleep(System.Int32) nop <null> ldstr DTnolina stloc.s V_4 ldloc.s V_4 call System.Object 9Xcoe2GsFg5pz.5KtiYqp1::Yt9e3Fdrf(System.String) call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) stloc.s V_5 ldloc.s V_5 ldnull <null> ceq <null> stloc.s V_9 ldloc.s V_9 brfalse.s IL_0096: ldloc.s V_5 leave.s IL_00CC: nop ldloc.s V_5 call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) call System.Object 9Xcoe2GsFg5pz.5KtiYqp1::Wj8r2ykHf4Kd(System.Object) call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) stloc.s V_6 ldloc.1 <null> ldloc.0 <null> ldc.i4.1 <null> sub.ovf <null> ldloc.s V_6 call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) stelem.ref <null> ldloc.1 <null> ldloc.0 <null> call System.Void 9Xcoe2GsFg5pz.5KtiYqp1::1Wayb4A(System.Object[],System.Int32) nop <null> leave.s IL_00CC: nop call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_00CC: nop nop <null> ret <null>
e24ea1a099b7c7dbcbc43eca5acbd577 (610.82 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙