Suspicious
Suspect

e63bc44fbf3dd02c91262e309fb4d0eb

PE Executable
MD5: e63bc44fbf3dd02c91262e309fb4d0eb
Size: 1.03 MB
application/x-dosexec
Summary by MalvaGPT
Characteristics

Symbol Obfuscation Score

Very high

Hash
Hash Value
MD5
e63bc44fbf3dd02c91262e309fb4d0eb
Sha1
11758c6808e531b111b91997c67cb15a1e443032
Sha256
51e3e006da49bddcdfaeceb3ada3b0401abc6e1536098caf85d3897a9e3e48e4
Sha384
9969c17317fe4d799a277c945c2897447ab7ce7bbddd0badeb9d7ffd6acf8ce314c49587442202f6595740c63416842a
Sha512
bdc207ac122ec45add63370bbcabc4bacbe0eb178123e9355e366dcae1d40384db0cb38e42504bb25ba9e83a27bab9883aa76c2e78b5277c118e7cb62256863a
SSDeep
12288:Bi1pq0ebB5kODVKaZuCgHebdfS+Rw5j1ypmr0WEErUPBO9l+mbA02:EjefksxDZsv1PrLEjPPmMl
TLSH
2B25F1216E873B46C52E4BB4C121488863F0CA435357EB9F3FFC10E56EA2FE9D912596

PeID

.NET executable
HQR data file
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
Goz7qj3.Resources.resources
Goz7qj3.g.resources
db950a3a0f8021.Resources.resources
54baed380
[NBF]root.Data
54baed381
[NBF]root.Data
54baed3810
[NBF]root.Data
54baed3811
[NBF]root.Data
54baed3812
[NBF]root.Data
54baed3813
[NBF]root.Data
54baed3814
[NBF]root.Data
54baed3815
[NBF]root.Data
54baed3816
[NBF]root.Data
54baed3817
[NBF]root.Data
54baed3818
[NBF]root.Data
54baed3819
[NBF]root.Data
54baed382
[NBF]root.Data
54baed3820
[NBF]root.Data
54baed3821
[NBF]root.Data
54baed3822
[NBF]root.Data
54baed3823
[NBF]root.Data
54baed3824
[NBF]root.Data
54baed3825
[NBF]root.Data
54baed383
[NBF]root.Data
54baed384
[NBF]root.Data
54baed385
[NBF]root.Data
54baed386
[NBF]root.Data
54baed387
[NBF]root.Data
54baed388
[NBF]root.Data
54baed389
[NBF]root.Data
Informations
Name
Value
Info

PE Detect: PeReader OK (file layout)

Module Name

Goz7qj3

Full Name

Goz7qj3

EntryPoint

System.Void oq6Fb0KnNiq9b.0atLcJ1p::dYm7ew2G()

Scope Name

Goz7qj3

Scope Type

ModuleDef

Kind

Windows

Runtime Version

v4.0.30319

Tables Header Version

512

WinMD Version

<null>

Assembly Name

Goz7qj3

Assembly Version

9.20.30.297

Assembly Culture

<null>

Has PublicKey

False

PublicKey Token

<null>

Target Framework

.NETFramework,Version=v4.6

Total Strings

0

Main Method

System.Void oq6Fb0KnNiq9b.0atLcJ1p::dYm7ew2G()

Main IL Instruction Count

51

Main IL

nop <null> br.s IL_0003: ldc.i4.3 ldc.i4.3 <null> stloc.s V_4 ldloc.s V_4 switch dnlib.DotNet.Emit.Instruction[] br.s IL_0027: nop nop <null> ldc.i4.s 25 stloc.0 <null> ldloc.0 <null> ldc.i4.1 <null> sub.ovf <null> ldc.i4.1 <null> add.ovf <null> newarr System.Object stloc.1 <null> ldc.i4.4 <null> stloc.s V_4 br.s IL_0006: ldloc.s V_4 ldloc.1 <null> ldloc.0 <null> call System.Void oq6Fb0KnNiq9b.0atLcJ1p::Nb5jkRa21jb(System.Object[],System.Int32) nop <null> leave.s IL_0068: br.s IL_006A br.s IL_0047: br.s IL_0049 br.s IL_0049: dup dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.2 <null> nop <null> ldloc.2 <null> callvirt System.String System.Exception::ToString() ldc.i4.0 <null> ldnull <null> call Microsoft.VisualBasic.MsgBoxResult Microsoft.VisualBasic.Interaction::MsgBox(System.Object,Microsoft.VisualBasic.MsgBoxStyle,System.Object) pop <null> br.s IL_0061: call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_0068: br.s IL_006A br.s IL_006A: ldc.i4.0 ldc.i4.0 <null> stloc.s V_6 ldloc.s V_6 switch dnlib.DotNet.Emit.Instruction[] br.s IL_008A: nop nop <null> ret <null> ldtoken System.Void oq6Fb0KnNiq9b.0atLcJ1p::dYm7ew2G() pop <null> ret <null>

Module Name

Goz7qj3

Full Name

Goz7qj3

EntryPoint

System.Void oq6Fb0KnNiq9b.0atLcJ1p::dYm7ew2G()

Scope Name

Goz7qj3

Scope Type

ModuleDef

Kind

Windows

Runtime Version

v4.0.30319

Tables Header Version

512

WinMD Version

<null>

Assembly Name

Goz7qj3

Assembly Version

9.20.30.297

Assembly Culture

<null>

Has PublicKey

False

PublicKey Token

<null>

Target Framework

.NETFramework,Version=v4.6

Total Strings

0

Main Method

System.Void oq6Fb0KnNiq9b.0atLcJ1p::dYm7ew2G()

Main IL Instruction Count

51

Main IL

nop <null> br.s IL_0003: ldc.i4.3 ldc.i4.3 <null> stloc.s V_4 ldloc.s V_4 switch dnlib.DotNet.Emit.Instruction[] br.s IL_0027: nop nop <null> ldc.i4.s 25 stloc.0 <null> ldloc.0 <null> ldc.i4.1 <null> sub.ovf <null> ldc.i4.1 <null> add.ovf <null> newarr System.Object stloc.1 <null> ldc.i4.4 <null> stloc.s V_4 br.s IL_0006: ldloc.s V_4 ldloc.1 <null> ldloc.0 <null> call System.Void oq6Fb0KnNiq9b.0atLcJ1p::Nb5jkRa21jb(System.Object[],System.Int32) nop <null> leave.s IL_0068: br.s IL_006A br.s IL_0047: br.s IL_0049 br.s IL_0049: dup dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.2 <null> nop <null> ldloc.2 <null> callvirt System.String System.Exception::ToString() ldc.i4.0 <null> ldnull <null> call Microsoft.VisualBasic.MsgBoxResult Microsoft.VisualBasic.Interaction::MsgBox(System.Object,Microsoft.VisualBasic.MsgBoxStyle,System.Object) pop <null> br.s IL_0061: call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_0068: br.s IL_006A br.s IL_006A: ldc.i4.0 ldc.i4.0 <null> stloc.s V_6 ldloc.s V_6 switch dnlib.DotNet.Emit.Instruction[] br.s IL_008A: nop nop <null> ret <null> ldtoken System.Void oq6Fb0KnNiq9b.0atLcJ1p::dYm7ew2G() pop <null> ret <null>

e63bc44fbf3dd02c91262e309fb4d0eb (1.03 MB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙