Symbol Ofbuscation Score
|
Hash | Hash Value |
|---|---|
| MD5 | e39b1f18555d8ede296e50c49cdf2885
|
| Sha1 | c6b502c03cb4d0afdd20618c60a7a5e1cd4c3782
|
| Sha256 | 8c9084133b3d9cf46b8f3b9447c38f4e0fe509c299f496ea9a755baaf4aac467
|
| Sha384 | bfbad7cf1f7d3cf7f73dda50e9c9afe1f60366cf420b0d7a2587e6cb6a4ebf16bced83ba8ea0c0777d8f3e7edcf491d8
|
| Sha512 | 096e1820403a977c4c6dc8d53934810186639fafb02cb8ae6a0124538683e946457eda63535ed4c27a542679ebeac3937d6b5eecd5444390c698f2bb1e3d8c5b
|
| SSDeep | 24576:WBXAP+3NKsqnwGrKBwio5zadY9RZJUiIV2yYmrQ27IK2S8glkGUzQqtN:WRqjWBwizpiIV2yq4JUrf
|
| TLSH | DB552307FE8F81E1C2164B71C1DB11544394CBD2B7A3FA4ABB8F176B29123A6D548E4B
|
PeID
|
Name0 | Value |
|---|---|
| Module Name | Nweur.exe |
| Full Name | Nweur.exe |
| EntryPoint | System.Void Ovwmvpomz.Collections.ListTransaction::SortVisibleList() |
| Scope Name | Nweur.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Nweur |
| Assembly Version | 1.0.1566.14167 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.6 |
| Total Strings | 20 |
| Main Method | System.Void Ovwmvpomz.Collections.ListTransaction::SortVisibleList() |
| Main IL Instruction Count | 66 |
| Main IL | ldc.i4 4 stloc V_0 br IL_000E: ldloc V_0 ldloc V_0 switch dnlib.DotNet.Emit.Instruction[] br IL_0100: call System.AppDomain System.AppDomain::get_CurrentDomain() ret <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) ldc.i4 6 ldsfld <Module>{3d294af5-a859-45f3-ba02-cb6907b00929} <Module>{3d294af5-a859-45f3-ba02-cb6907b00929}::m_4725896ce07e4f12be74536e0c36ff73 ldfld System.Int32 <Module>{3d294af5-a859-45f3-ba02-cb6907b00929}::m_33a8c52d566844b7a01ad08265b00be3 brtrue IL_0012: switch(IL_0100,IL_0039,IL_0038,IL_00C6,IL_00AB,IL_0087,IL_005E) pop <null> ldc.i4 2 br IL_0012: switch(IL_0100,IL_0039,IL_0038,IL_00C6,IL_00AB,IL_0087,IL_005E) newobj System.Void Nweur.Compression.CompressorEvaluator::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ldc.i4 2 ldsfld <Module>{3d294af5-a859-45f3-ba02-cb6907b00929} <Module>{3d294af5-a859-45f3-ba02-cb6907b00929}::m_4725896ce07e4f12be74536e0c36ff73 ldfld System.Int32 <Module>{3d294af5-a859-45f3-ba02-cb6907b00929}::m_774bbcdf7a424a81a0457c25af1bf269 brtrue IL_0012: switch(IL_0100,IL_0039,IL_0038,IL_00C6,IL_00AB,IL_0087,IL_005E) pop <null> ldc.i4 0 br IL_0012: switch(IL_0100,IL_0039,IL_0038,IL_00C6,IL_00AB,IL_0087,IL_005E) call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4 0 ldsfld <Module>{3d294af5-a859-45f3-ba02-cb6907b00929} <Module>{3d294af5-a859-45f3-ba02-cb6907b00929}::m_4725896ce07e4f12be74536e0c36ff73 ldfld System.Int32 <Module>{3d294af5-a859-45f3-ba02-cb6907b00929}::m_aa399f2ad2fb4ce0bfa623e922d1b889 brfalse IL_0012: switch(IL_0100,IL_0039,IL_0038,IL_00C6,IL_00AB,IL_0087,IL_005E) pop <null> ldc.i4 1 br IL_0012: switch(IL_0100,IL_0039,IL_0038,IL_00C6,IL_00AB,IL_0087,IL_005E) ldsfld System.Threading.ThreadExceptionEventHandler Ovwmvpomz.Collections.ListTransaction/<>c::filteredList dup <null> brfalse IL_00BB: pop br IL_00DC: call System.Void System.Windows.Forms.Application::add_ThreadException(System.Threading.ThreadExceptionEventHandler) pop <null> ldc.i4 3 br IL_0012: switch(IL_0100,IL_0039,IL_0038,IL_00C6,IL_00AB,IL_0087,IL_005E) ldsfld Ovwmvpomz.Collections.ListTransaction/<>c Ovwmvpomz.Collections.ListTransaction/<>c::functionRecord ldftn System.Void Ovwmvpomz.Collections.ListTransaction/<>c::MonitorList(System.Object,System.Threading.ThreadExceptionEventArgs) newobj System.Void System.Threading.ThreadExceptionEventHandler::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Threading.ThreadExceptionEventHandler Ovwmvpomz.Collections.ListTransaction/<>c::filteredList call System.Void System.Windows.Forms.Application::add_ThreadException(System.Threading.ThreadExceptionEventHandler) ldc.i4 0 ldsfld <Module>{3d294af5-a859-45f3-ba02-cb6907b00929} <Module>{3d294af5-a859-45f3-ba02-cb6907b00929}::m_4725896ce07e4f12be74536e0c36ff73 ldfld System.Int32 <Module>{3d294af5-a859-45f3-ba02-cb6907b00929}::m_674ade691cb04370a5064c0c3ae64f91 brfalse IL_0012: switch(IL_0100,IL_0039,IL_0038,IL_00C6,IL_00AB,IL_0087,IL_005E) pop <null> ldc.i4 0 br IL_0012: switch(IL_0100,IL_0039,IL_0038,IL_00C6,IL_00AB,IL_0087,IL_005E) call System.AppDomain System.AppDomain::get_CurrentDomain() ldsfld System.UnhandledExceptionEventHandler Ovwmvpomz.Collections.ListTransaction/<>c::m_OrderProc dup <null> brtrue IL_0127: callvirt System.Void System.AppDomain::add_UnhandledException(System.UnhandledExceptionEventHandler) pop <null> ldsfld Ovwmvpomz.Collections.ListTransaction/<>c Ovwmvpomz.Collections.ListTransaction/<>c::functionRecord ldftn System.Void Ovwmvpomz.Collections.ListTransaction/<>c::SetList(System.Object,System.UnhandledExceptionEventArgs) newobj System.Void System.UnhandledExceptionEventHandler::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.UnhandledExceptionEventHandler Ovwmvpomz.Collections.ListTransaction/<>c::m_OrderProc callvirt System.Void System.AppDomain::add_UnhandledException(System.UnhandledExceptionEventHandler) ldc.i4 5 br IL_0012: switch(IL_0100,IL_0039,IL_0038,IL_00C6,IL_00AB,IL_0087,IL_005E) |
| Module Name | Nweur.exe |
| Full Name | Nweur.exe |
| EntryPoint | System.Void Ovwmvpomz.Collections.ListTransaction::SortVisibleList() |
| Scope Name | Nweur.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Nweur |
| Assembly Version | 1.0.1566.14167 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.6 |
| Total Strings | 20 |
| Main Method | System.Void Ovwmvpomz.Collections.ListTransaction::SortVisibleList() |
| Main IL Instruction Count | 66 |
| Main IL | ldc.i4 4 stloc V_0 br IL_000E: ldloc V_0 ldloc V_0 switch dnlib.DotNet.Emit.Instruction[] br IL_0100: call System.AppDomain System.AppDomain::get_CurrentDomain() ret <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) ldc.i4 6 ldsfld <Module>{3d294af5-a859-45f3-ba02-cb6907b00929} <Module>{3d294af5-a859-45f3-ba02-cb6907b00929}::m_4725896ce07e4f12be74536e0c36ff73 ldfld System.Int32 <Module>{3d294af5-a859-45f3-ba02-cb6907b00929}::m_33a8c52d566844b7a01ad08265b00be3 brtrue IL_0012: switch(IL_0100,IL_0039,IL_0038,IL_00C6,IL_00AB,IL_0087,IL_005E) pop <null> ldc.i4 2 br IL_0012: switch(IL_0100,IL_0039,IL_0038,IL_00C6,IL_00AB,IL_0087,IL_005E) newobj System.Void Nweur.Compression.CompressorEvaluator::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ldc.i4 2 ldsfld <Module>{3d294af5-a859-45f3-ba02-cb6907b00929} <Module>{3d294af5-a859-45f3-ba02-cb6907b00929}::m_4725896ce07e4f12be74536e0c36ff73 ldfld System.Int32 <Module>{3d294af5-a859-45f3-ba02-cb6907b00929}::m_774bbcdf7a424a81a0457c25af1bf269 brtrue IL_0012: switch(IL_0100,IL_0039,IL_0038,IL_00C6,IL_00AB,IL_0087,IL_005E) pop <null> ldc.i4 0 br IL_0012: switch(IL_0100,IL_0039,IL_0038,IL_00C6,IL_00AB,IL_0087,IL_005E) call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4 0 ldsfld <Module>{3d294af5-a859-45f3-ba02-cb6907b00929} <Module>{3d294af5-a859-45f3-ba02-cb6907b00929}::m_4725896ce07e4f12be74536e0c36ff73 ldfld System.Int32 <Module>{3d294af5-a859-45f3-ba02-cb6907b00929}::m_aa399f2ad2fb4ce0bfa623e922d1b889 brfalse IL_0012: switch(IL_0100,IL_0039,IL_0038,IL_00C6,IL_00AB,IL_0087,IL_005E) pop <null> ldc.i4 1 br IL_0012: switch(IL_0100,IL_0039,IL_0038,IL_00C6,IL_00AB,IL_0087,IL_005E) ldsfld System.Threading.ThreadExceptionEventHandler Ovwmvpomz.Collections.ListTransaction/<>c::filteredList dup <null> brfalse IL_00BB: pop br IL_00DC: call System.Void System.Windows.Forms.Application::add_ThreadException(System.Threading.ThreadExceptionEventHandler) pop <null> ldc.i4 3 br IL_0012: switch(IL_0100,IL_0039,IL_0038,IL_00C6,IL_00AB,IL_0087,IL_005E) ldsfld Ovwmvpomz.Collections.ListTransaction/<>c Ovwmvpomz.Collections.ListTransaction/<>c::functionRecord ldftn System.Void Ovwmvpomz.Collections.ListTransaction/<>c::MonitorList(System.Object,System.Threading.ThreadExceptionEventArgs) newobj System.Void System.Threading.ThreadExceptionEventHandler::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Threading.ThreadExceptionEventHandler Ovwmvpomz.Collections.ListTransaction/<>c::filteredList call System.Void System.Windows.Forms.Application::add_ThreadException(System.Threading.ThreadExceptionEventHandler) ldc.i4 0 ldsfld <Module>{3d294af5-a859-45f3-ba02-cb6907b00929} <Module>{3d294af5-a859-45f3-ba02-cb6907b00929}::m_4725896ce07e4f12be74536e0c36ff73 ldfld System.Int32 <Module>{3d294af5-a859-45f3-ba02-cb6907b00929}::m_674ade691cb04370a5064c0c3ae64f91 brfalse IL_0012: switch(IL_0100,IL_0039,IL_0038,IL_00C6,IL_00AB,IL_0087,IL_005E) pop <null> ldc.i4 0 br IL_0012: switch(IL_0100,IL_0039,IL_0038,IL_00C6,IL_00AB,IL_0087,IL_005E) call System.AppDomain System.AppDomain::get_CurrentDomain() ldsfld System.UnhandledExceptionEventHandler Ovwmvpomz.Collections.ListTransaction/<>c::m_OrderProc dup <null> brtrue IL_0127: callvirt System.Void System.AppDomain::add_UnhandledException(System.UnhandledExceptionEventHandler) pop <null> ldsfld Ovwmvpomz.Collections.ListTransaction/<>c Ovwmvpomz.Collections.ListTransaction/<>c::functionRecord ldftn System.Void Ovwmvpomz.Collections.ListTransaction/<>c::SetList(System.Object,System.UnhandledExceptionEventArgs) newobj System.Void System.UnhandledExceptionEventHandler::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.UnhandledExceptionEventHandler Ovwmvpomz.Collections.ListTransaction/<>c::m_OrderProc callvirt System.Void System.AppDomain::add_UnhandledException(System.UnhandledExceptionEventHandler) ldc.i4 5 br IL_0012: switch(IL_0100,IL_0039,IL_0038,IL_00C6,IL_00AB,IL_0087,IL_005E) |