General
Structural Analysis
Config.0
Yara Rules25
Sync
Community
Infection Chain
Summary by MalvaGPT
Characteristics
Symbol Obfuscation Score
Very low
|
Hash | Hash Value |
|---|---|
| MD5 | e2759b5ef495bfcfad9074678497f649
|
| Sha1 | 2d85ab32e77ddc0a365985cfd287d5153216a516
|
| Sha256 | 59079dbdfb0346deae4efc361d78844141bf77d916adec96b23d8061e20e123c
|
| Sha384 | fb00d6b0f1d85dff98b6f3a1f38487cef6253bdd39fd6706aff2c01173dd485461df83920239b9a17eb57441eba80197
|
| Sha512 | 632da3629241e4698857585784093c9223dc582a722fbd40f04187bbf65e74640ee110d09b4e811ca27a51c5f0b591f2d4674c5c32fc00203007b4e63822507c
|
| SSDeep | 12288:Ge+oLQF2xfPAHgRrBDLxa4Mxmx2a6uBTkPMvv:GeplRPAAnDLxatIHBTmEv
|
| TLSH | 60F44C4175E3DFB2C67E0FB9C0B14C5887B04628AF67FB4618923171884B7235ADF99A
|
PeID
.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
e2759b5ef495bfcfad9074678497f649
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
ProxyCalc.DetailedProxy
ProxyWatcher.ProxyQueue
FlexibleProxy.ReceiverProxy
Informations
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Module Name | Lhjknyy.dll |
| Full Name | Lhjknyy.dll |
| Scope Name | Lhjknyy.dll |
| Scope Type | ModuleDef |
| Kind | Dll |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Lhjknyy |
| Assembly Version | 1.0.9337.15913 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.0 |
| Total Strings | 70 |
| Main Method | Not found or no body |
| Module Name | Lhjknyy.dll |
| Full Name | Lhjknyy.dll |
| Scope Name | Lhjknyy.dll |
| Scope Type | ModuleDef |
| Kind | Dll |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Lhjknyy |
| Assembly Version | 1.0.9337.15913 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.0 |
| Total Strings | 70 |
| Main Method | Not found or no body |
e2759b5ef495bfcfad9074678497f649 (788.48 KB)
File Structure
e2759b5ef495bfcfad9074678497f649
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
ProxyCalc.DetailedProxy
ProxyWatcher.ProxyQueue
FlexibleProxy.ReceiverProxy
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.