Symbol Ofbuscation Score
|
Hash | Hash Value |
|---|---|
| MD5 | e583be3521b1528090c486b54f5a8900
|
| Sha1 | e4b4713c9cbb42860bcaae6516442097fbfc0a1a
|
| Sha256 | b98ea057f9fd6b40c4cc5918f7132a229d959e1c5a78c4553b446221ad110009
|
| Sha384 | f9d7ceebec2cf9dd7c1d9b3772330fcf4be018bce1c4e7b0964826513fb20165665bb54c13ebe2784f3405b8da11aa96
|
| Sha512 | 11aedbb225722c56c09ee1438594c5dc0aed1b2df82cbb60a1482d90c3d274091e535b5698a173ad0580df562fb5e3fdc6fb58ffccbf4075a695074fab07c9c2
|
| SSDeep | 1536:PHQ8vq8n1m275GKpWljoIrqF3g1oukKWvA3AToDqLI9b:PHQyWKpWljo3zceW
|
| TLSH | A983E517FA4B81F2CE445B7BC9AB44300364D382F693D74A798E335A69877FE894124B
|
PeID
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Module Name | HSBC swift copy |
| Full Name | HSBC swift copy |
| EntryPoint | System.Void HSBCswiftcopy.Handling.DispatcherObserver::HandleScheduledObserver() |
| Scope Name | HSBC swift copy |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | HSBC swift copy |
| Assembly Version | 1.0.3861.20169 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.6 |
| Total Strings | 0 |
| Main Method | System.Void HSBCswiftcopy.Handling.DispatcherObserver::HandleScheduledObserver() |
| Main IL Instruction Count | 102 |
| Main IL | ldc.i4 1 stloc V_1 br IL_000E: ldloc V_1 ldloc V_1 switch dnlib.DotNet.Emit.Instruction[] br IL_0034: ldc.i4 545773132 ldc.i4 545773132 call System.String HSBCswiftcopy.Reporting.ReporterError::LogSymbolicReporter(System.Int32) stloc.s V_3 ldc.i4 3 br IL_0012: switch(IL_0034,IL_004B,IL_00CC,IL_0071,IL_004A,IL_009C) ret <null> newobj System.Void HSBCswiftcopy.Handling.DispatcherObserver/AutomatableDecryptor::.ctor() stloc.s V_0 ldc.i4 0 ldsfld <Module>{e25d9e71-4e62-4c16-9639-7015407a4822} <Module>{e25d9e71-4e62-4c16-9639-7015407a4822}::m_5807e5254dae4389bfd4b82cdd04ddb6 ldfld System.Int32 <Module>{e25d9e71-4e62-4c16-9639-7015407a4822}::m_2a8ad246cc70499e8ad80d202ae06055 brtrue IL_0012: switch(IL_0034,IL_004B,IL_00CC,IL_0071,IL_004A,IL_009C) pop <null> ldc.i4 0 br IL_0012: switch(IL_0034,IL_004B,IL_00CC,IL_0071,IL_004A,IL_009C) ldc.i4 545773485 call System.String HSBCswiftcopy.Reporting.ReporterError::LogSymbolicReporter(System.Int32) stloc.s V_2 ldc.i4 2 ldsfld <Module>{e25d9e71-4e62-4c16-9639-7015407a4822} <Module>{e25d9e71-4e62-4c16-9639-7015407a4822}::m_5807e5254dae4389bfd4b82cdd04ddb6 ldfld System.Int32 <Module>{e25d9e71-4e62-4c16-9639-7015407a4822}::m_6f7135a1c7404f91a9336ee5a5dd9630 brtrue IL_0012: switch(IL_0034,IL_004B,IL_00CC,IL_0071,IL_004A,IL_009C) pop <null> ldc.i4 5 br IL_0012: switch(IL_0034,IL_004B,IL_00CC,IL_0071,IL_004A,IL_009C) ldsfld System.Func`1<System.Byte[]> HSBCswiftcopy.Handling.DispatcherObserver/CalcGateway::_RequesterError dup <null> brfalse IL_00AC: pop br IL_00E2: newobj System.Void HSBCswiftcopy.Networking.ConfigurableGateway::.ctor(System.Func`1<System.Byte[]>) pop <null> ldc.i4 2 ldsfld <Module>{e25d9e71-4e62-4c16-9639-7015407a4822} <Module>{e25d9e71-4e62-4c16-9639-7015407a4822}::m_5807e5254dae4389bfd4b82cdd04ddb6 ldfld System.Int32 <Module>{e25d9e71-4e62-4c16-9639-7015407a4822}::m_7d6d62ec3b4f452db76fd708cbc9f280 brfalse IL_0012: switch(IL_0034,IL_004B,IL_00CC,IL_0071,IL_004A,IL_009C) pop <null> ldc.i4 0 br IL_0012: switch(IL_0034,IL_004B,IL_00CC,IL_0071,IL_004A,IL_009C) ldsfld System.Object HSBCswiftcopy.Handling.DispatcherObserver/CalcGateway::_PortableTester ldftn System.Byte[] HSBCswiftcopy.Handling.DispatcherObserver/CalcGateway::RequestPassiveRequester() newobj System.Void System.Func`1<System.Byte[]>::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Func`1<System.Byte[]> HSBCswiftcopy.Handling.DispatcherObserver/CalcGateway::_RequesterError newobj System.Void HSBCswiftcopy.Networking.ConfigurableGateway::.ctor(System.Func`1<System.Byte[]>) ldloc.s V_0 ldloc.s V_3 ldloc.s V_2 newobj System.Void HSBCswiftcopy.Providers.CustomProvider::.ctor(System.String,System.String) stfld System.Object HSBCswiftcopy.Handling.DispatcherObserver/AutomatableDecryptor::globalDecryptor ldloc.s V_0 newobj System.Void HSBCswiftcopy.Compilers.DriverAggregator::.ctor() stfld System.Object HSBCswiftcopy.Handling.DispatcherObserver/AutomatableDecryptor::_ActiveDecryptor ldloc.s V_0 ldc.i4 545773466 call System.String HSBCswiftcopy.Reporting.ReporterError::LogSymbolicReporter(System.Int32) ldc.i4 545773550 call System.String HSBCswiftcopy.Reporting.ReporterError::LogSymbolicReporter(System.Int32) newobj System.Void HSBCswiftcopy.Services.FlexibleService::.ctor(System.String,System.String) stfld System.Object HSBCswiftcopy.Handling.DispatcherObserver/AutomatableDecryptor::m_IterableDecryptor dup <null> ldloc.s V_0 ldftn System.Void HSBCswiftcopy.Handling.DispatcherObserver/AutomatableDecryptor::SaveDecryptor(System.IO.MemoryStream) newobj System.Void System.Action`1<System.IO.MemoryStream>::.ctor(System.Object,System.IntPtr) callvirt System.Void HSBCswiftcopy.Networking.ConfigurableGateway::RouteRemoteGateway(System.Action`1<System.IO.MemoryStream>) ldloc.s V_0 ldfld System.Object HSBCswiftcopy.Handling.DispatcherObserver/AutomatableDecryptor::globalDecryptor ldloc.s V_0 ldftn System.Void HSBCswiftcopy.Handling.DispatcherObserver/AutomatableDecryptor::InterruptDecryptor(System.IO.MemoryStream) newobj System.Void System.Action`1<System.IO.MemoryStream>::.ctor(System.Object,System.IntPtr) callvirt System.Void HSBCswiftcopy.Providers.CustomProvider::InsertProvider(System.Action`1<System.IO.MemoryStream>) ldloc.s V_0 ldfld System.Object HSBCswiftcopy.Handling.DispatcherObserver/AutomatableDecryptor::_ActiveDecryptor ldloc.s V_0 ldftn System.Void HSBCswiftcopy.Handling.DispatcherObserver/AutomatableDecryptor::ValidateStaticDecryptor(System.Reflection.Assembly) newobj System.Void System.Action`1<System.Reflection.Assembly>::.ctor(System.Object,System.IntPtr) callvirt System.Void HSBCswiftcopy.Compilers.DriverAggregator::OptimizeAttachedCompiler(System.Action`1<System.Reflection.Assembly>) ldloc.s V_0 ldfld System.Object HSBCswiftcopy.Handling.DispatcherObserver/AutomatableDecryptor::m_IterableDecryptor ldsfld System.Object HSBCswiftcopy.Handling.DispatcherObserver/CalcGateway::_ResolverFinalizer dup <null> brfalse IL_017F: pop br IL_0196: callvirt System.Void HSBCswiftcopy.Services.FlexibleService::QueryService(System.Action) pop <null> ldsfld System.Object HSBCswiftcopy.Handling.DispatcherObserver/CalcGateway::_PortableTester ldftn System.Void HSBCswiftcopy.Handling.DispatcherObserver/CalcGateway::RequestInternalRequester() newobj System.Void System.Action::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Object HSBCswiftcopy.Handling.DispatcherObserver/CalcGateway::_ResolverFinalizer callvirt System.Void HSBCswiftcopy.Services.FlexibleService::QueryService(System.Action) callvirt System.Void HSBCswiftcopy.Networking.ConfigurableGateway::CloneGateway() ldc.i4 0 ldsfld <Module>{e25d9e71-4e62-4c16-9639-7015407a4822} <Module>{e25d9e71-4e62-4c16-9639-7015407a4822}::m_5807e5254dae4389bfd4b82cdd04ddb6 ldfld System.Int32 <Module>{e25d9e71-4e62-4c16-9639-7015407a4822}::m_a3c2c20fa56b46a688081395b71bc493 brtrue IL_0012: switch(IL_0034,IL_004B,IL_00CC,IL_0071,IL_004A,IL_009C) pop <null> ldc.i4 4 br IL_0012: switch(IL_0034,IL_004B,IL_00CC,IL_0071,IL_004A,IL_009C) |
| Module Name | HSBC swift copy |
| Full Name | HSBC swift copy |
| EntryPoint | System.Void HSBCswiftcopy.Handling.DispatcherObserver::HandleScheduledObserver() |
| Scope Name | HSBC swift copy |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | HSBC swift copy |
| Assembly Version | 1.0.3861.20169 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.6 |
| Total Strings | 0 |
| Main Method | System.Void HSBCswiftcopy.Handling.DispatcherObserver::HandleScheduledObserver() |
| Main IL Instruction Count | 102 |
| Main IL | ldc.i4 1 stloc V_1 br IL_000E: ldloc V_1 ldloc V_1 switch dnlib.DotNet.Emit.Instruction[] br IL_0034: ldc.i4 545773132 ldc.i4 545773132 call System.String HSBCswiftcopy.Reporting.ReporterError::LogSymbolicReporter(System.Int32) stloc.s V_3 ldc.i4 3 br IL_0012: switch(IL_0034,IL_004B,IL_00CC,IL_0071,IL_004A,IL_009C) ret <null> newobj System.Void HSBCswiftcopy.Handling.DispatcherObserver/AutomatableDecryptor::.ctor() stloc.s V_0 ldc.i4 0 ldsfld <Module>{e25d9e71-4e62-4c16-9639-7015407a4822} <Module>{e25d9e71-4e62-4c16-9639-7015407a4822}::m_5807e5254dae4389bfd4b82cdd04ddb6 ldfld System.Int32 <Module>{e25d9e71-4e62-4c16-9639-7015407a4822}::m_2a8ad246cc70499e8ad80d202ae06055 brtrue IL_0012: switch(IL_0034,IL_004B,IL_00CC,IL_0071,IL_004A,IL_009C) pop <null> ldc.i4 0 br IL_0012: switch(IL_0034,IL_004B,IL_00CC,IL_0071,IL_004A,IL_009C) ldc.i4 545773485 call System.String HSBCswiftcopy.Reporting.ReporterError::LogSymbolicReporter(System.Int32) stloc.s V_2 ldc.i4 2 ldsfld <Module>{e25d9e71-4e62-4c16-9639-7015407a4822} <Module>{e25d9e71-4e62-4c16-9639-7015407a4822}::m_5807e5254dae4389bfd4b82cdd04ddb6 ldfld System.Int32 <Module>{e25d9e71-4e62-4c16-9639-7015407a4822}::m_6f7135a1c7404f91a9336ee5a5dd9630 brtrue IL_0012: switch(IL_0034,IL_004B,IL_00CC,IL_0071,IL_004A,IL_009C) pop <null> ldc.i4 5 br IL_0012: switch(IL_0034,IL_004B,IL_00CC,IL_0071,IL_004A,IL_009C) ldsfld System.Func`1<System.Byte[]> HSBCswiftcopy.Handling.DispatcherObserver/CalcGateway::_RequesterError dup <null> brfalse IL_00AC: pop br IL_00E2: newobj System.Void HSBCswiftcopy.Networking.ConfigurableGateway::.ctor(System.Func`1<System.Byte[]>) pop <null> ldc.i4 2 ldsfld <Module>{e25d9e71-4e62-4c16-9639-7015407a4822} <Module>{e25d9e71-4e62-4c16-9639-7015407a4822}::m_5807e5254dae4389bfd4b82cdd04ddb6 ldfld System.Int32 <Module>{e25d9e71-4e62-4c16-9639-7015407a4822}::m_7d6d62ec3b4f452db76fd708cbc9f280 brfalse IL_0012: switch(IL_0034,IL_004B,IL_00CC,IL_0071,IL_004A,IL_009C) pop <null> ldc.i4 0 br IL_0012: switch(IL_0034,IL_004B,IL_00CC,IL_0071,IL_004A,IL_009C) ldsfld System.Object HSBCswiftcopy.Handling.DispatcherObserver/CalcGateway::_PortableTester ldftn System.Byte[] HSBCswiftcopy.Handling.DispatcherObserver/CalcGateway::RequestPassiveRequester() newobj System.Void System.Func`1<System.Byte[]>::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Func`1<System.Byte[]> HSBCswiftcopy.Handling.DispatcherObserver/CalcGateway::_RequesterError newobj System.Void HSBCswiftcopy.Networking.ConfigurableGateway::.ctor(System.Func`1<System.Byte[]>) ldloc.s V_0 ldloc.s V_3 ldloc.s V_2 newobj System.Void HSBCswiftcopy.Providers.CustomProvider::.ctor(System.String,System.String) stfld System.Object HSBCswiftcopy.Handling.DispatcherObserver/AutomatableDecryptor::globalDecryptor ldloc.s V_0 newobj System.Void HSBCswiftcopy.Compilers.DriverAggregator::.ctor() stfld System.Object HSBCswiftcopy.Handling.DispatcherObserver/AutomatableDecryptor::_ActiveDecryptor ldloc.s V_0 ldc.i4 545773466 call System.String HSBCswiftcopy.Reporting.ReporterError::LogSymbolicReporter(System.Int32) ldc.i4 545773550 call System.String HSBCswiftcopy.Reporting.ReporterError::LogSymbolicReporter(System.Int32) newobj System.Void HSBCswiftcopy.Services.FlexibleService::.ctor(System.String,System.String) stfld System.Object HSBCswiftcopy.Handling.DispatcherObserver/AutomatableDecryptor::m_IterableDecryptor dup <null> ldloc.s V_0 ldftn System.Void HSBCswiftcopy.Handling.DispatcherObserver/AutomatableDecryptor::SaveDecryptor(System.IO.MemoryStream) newobj System.Void System.Action`1<System.IO.MemoryStream>::.ctor(System.Object,System.IntPtr) callvirt System.Void HSBCswiftcopy.Networking.ConfigurableGateway::RouteRemoteGateway(System.Action`1<System.IO.MemoryStream>) ldloc.s V_0 ldfld System.Object HSBCswiftcopy.Handling.DispatcherObserver/AutomatableDecryptor::globalDecryptor ldloc.s V_0 ldftn System.Void HSBCswiftcopy.Handling.DispatcherObserver/AutomatableDecryptor::InterruptDecryptor(System.IO.MemoryStream) newobj System.Void System.Action`1<System.IO.MemoryStream>::.ctor(System.Object,System.IntPtr) callvirt System.Void HSBCswiftcopy.Providers.CustomProvider::InsertProvider(System.Action`1<System.IO.MemoryStream>) ldloc.s V_0 ldfld System.Object HSBCswiftcopy.Handling.DispatcherObserver/AutomatableDecryptor::_ActiveDecryptor ldloc.s V_0 ldftn System.Void HSBCswiftcopy.Handling.DispatcherObserver/AutomatableDecryptor::ValidateStaticDecryptor(System.Reflection.Assembly) newobj System.Void System.Action`1<System.Reflection.Assembly>::.ctor(System.Object,System.IntPtr) callvirt System.Void HSBCswiftcopy.Compilers.DriverAggregator::OptimizeAttachedCompiler(System.Action`1<System.Reflection.Assembly>) ldloc.s V_0 ldfld System.Object HSBCswiftcopy.Handling.DispatcherObserver/AutomatableDecryptor::m_IterableDecryptor ldsfld System.Object HSBCswiftcopy.Handling.DispatcherObserver/CalcGateway::_ResolverFinalizer dup <null> brfalse IL_017F: pop br IL_0196: callvirt System.Void HSBCswiftcopy.Services.FlexibleService::QueryService(System.Action) pop <null> ldsfld System.Object HSBCswiftcopy.Handling.DispatcherObserver/CalcGateway::_PortableTester ldftn System.Void HSBCswiftcopy.Handling.DispatcherObserver/CalcGateway::RequestInternalRequester() newobj System.Void System.Action::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Object HSBCswiftcopy.Handling.DispatcherObserver/CalcGateway::_ResolverFinalizer callvirt System.Void HSBCswiftcopy.Services.FlexibleService::QueryService(System.Action) callvirt System.Void HSBCswiftcopy.Networking.ConfigurableGateway::CloneGateway() ldc.i4 0 ldsfld <Module>{e25d9e71-4e62-4c16-9639-7015407a4822} <Module>{e25d9e71-4e62-4c16-9639-7015407a4822}::m_5807e5254dae4389bfd4b82cdd04ddb6 ldfld System.Int32 <Module>{e25d9e71-4e62-4c16-9639-7015407a4822}::m_a3c2c20fa56b46a688081395b71bc493 brtrue IL_0012: switch(IL_0034,IL_004B,IL_00CC,IL_0071,IL_004A,IL_009C) pop <null> ldc.i4 4 br IL_0012: switch(IL_0034,IL_004B,IL_00CC,IL_0071,IL_004A,IL_009C) |