Suspicious
Suspect

e944892e88bf4a00f37d3ff997e80a76

PE Executable
|
MD5: e944892e88bf4a00f37d3ff997e80a76
|
Size: 114.69 KB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Obfuscation Score

Low

Hash
 Hash Value
MD5
e944892e88bf4a00f37d3ff997e80a76
Sha1
ca26b7aea3f9332085a1299480227e7cf062f1dc
Sha256
b0579da603a03eba258761b8f49653db144c2c7ec6b13e5a399ba8d7487167aa
Sha384
5ccfb56e94f6c06b3988f36d1a060f0e114943c95ee631ea133660eb3194c30c15033b5adb60f138a0140b8055aac069
Sha512
7d68281c30927f6047842718e1f38a640c59abc17c57461d85cccd86a1015b856103e74d0d48742865ef47521d4227691c7a64be0a74c7ebb5b3a8520c10e56f
SSDeep
768:bdhO/poiiUcjlJIny9SH9Xqk5nWEZ5SbTDabuI7CPW5iZ/YJ:Jw+jjgnyoH9XqcnW85SbTOuIuYJ
TLSH
0DB30B6BF6C49707C949C5388D27807A66E3651E12E3F226006B6CED3DF23F9674721A

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
e944892e88bf4a00f37d3ff997e80a76
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
RT_GROUP_CURSOR4
ID:0001
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

xeno rat client.exe
Full Name

xeno rat client.exe
EntryPoint

System.Void xeno_rat_client.Program::<Main>(System.String[])
Scope Name

xeno rat client.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

xeno rat client
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.8
Total Strings

64
Main Method

System.Void xeno_rat_client.Program::<Main>(System.String[])
Main IL Instruction Count

7
Main IL

ldarg.0 <null> call System.Threading.Tasks.Task xeno_rat_client.Program::Main(System.String[]) callvirt System.Runtime.CompilerServices.TaskAwaiter System.Threading.Tasks.Task::GetAwaiter() stloc.0 <null> ldloca.s V_0 call System.Void System.Runtime.CompilerServices.TaskAwaiter::GetResult() ret <null>
Module Name

xeno rat client.exe
Full Name

xeno rat client.exe
EntryPoint

System.Void xeno_rat_client.Program::<Main>(System.String[])
Scope Name

xeno rat client.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

xeno rat client
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.8
Total Strings

64
Main Method

System.Void xeno_rat_client.Program::<Main>(System.String[])
Main IL Instruction Count

7
Main IL

ldarg.0 <null> call System.Threading.Tasks.Task xeno_rat_client.Program::Main(System.String[]) callvirt System.Runtime.CompilerServices.TaskAwaiter System.Threading.Tasks.Task::GetAwaiter() stloc.0 <null> ldloca.s V_0 call System.Void System.Runtime.CompilerServices.TaskAwaiter::GetResult() ret <null>
e944892e88bf4a00f37d3ff997e80a76 (114.69 KB)
File Structure
e944892e88bf4a00f37d3ff997e80a76
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
RT_GROUP_CURSOR4
ID:0001
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙