Suspicious
Suspect

eaaabe07ac5a27e0a8c0e3de019dab76

PE Executable
|
MD5: eaaabe07ac5a27e0a8c0e3de019dab76
|
Size: 587.78 KB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Medium

Hash
 Hash Value
MD5
eaaabe07ac5a27e0a8c0e3de019dab76
Sha1
8023ed0642952c59847dbea93096cf85ea99cd68
Sha256
d5aa5302121da2e131ae0cd7826a63043d98862776adff650c28bc86e504db22
Sha384
87056b9b7b1cbdc506b0eddc3bd0591e17e3b2029d6f2f58a8bacda956a3bdd879961276c6b5e9c4f116304e54319460
Sha512
fe3ce71942b336eb8dd6dc147af145bde92b157107a9c15cd506ca850498c477cd585c8a583f5abc457ed72d07a8827b5189e69f2a6b5ae192b8fca82f114122
SSDeep
12288:63KkKk90IW6Ftau+NNeFfKVaw5xDqWChXNowf2fr4tt:aKk90IW6FvKeFfVaxIhXNN2fr4D
TLSH
97C42206D0ADB77EC989877BFCC2A2D16350C3C2E843DEAE788E1A5558D3B77165034A

PeID

Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
File Structure
eaaabe07ac5a27e0a8c0e3de019dab76
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
Wapwgdkkjbn.Properties.Resources.resources
Insjy
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

Wapwgdkkjbn.exe
Full Name

Wapwgdkkjbn.exe
EntryPoint

System.Void Wapwgdkkjbn.Fdkde::Main()
Scope Name

Wapwgdkkjbn.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Wapwgdkkjbn
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

12
Main Method

System.Void Wapwgdkkjbn.Fdkde::Main()
Main IL Instruction Count

18
Main IL

newobj System.Void Wapwgdkkjbn.Jfibluampxo::.ctor() stloc.s V_0 br IL_000D: nop ret <null> nop <null> ldloc.s V_0 call System.Byte[] Wapwgdkkjbn.Properties.Tuhgptnmr::get_Insjy() ldsfld System.Byte[] Wapwgdkkjbn.Verification.VerifierCompiler::_VerifierConverters ldsfld System.Byte[] Wapwgdkkjbn.Verification.VerifierCompiler::m_DistributorPredictorItems ldstr kf6Q9hBgehPhWEPfkfu.ceBU36Ba6bmPfWX2ewo ldstr LwrBkUFgBI callvirt System.Void Wapwgdkkjbn.Jfibluampxo::Dhxsgwel(System.Byte[],System.Byte[],System.Byte[],System.String,System.String) br IL_0033: leave IL_000C leave IL_000C: ret pop <null> br IL_003E: leave IL_000C leave IL_000C: ret br IL_000C: ret
Module Name

Wapwgdkkjbn.exe
Full Name

Wapwgdkkjbn.exe
EntryPoint

System.Void Wapwgdkkjbn.Fdkde::Main()
Scope Name

Wapwgdkkjbn.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Wapwgdkkjbn
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

12
Main Method

System.Void Wapwgdkkjbn.Fdkde::Main()
Main IL Instruction Count

18
Main IL

newobj System.Void Wapwgdkkjbn.Jfibluampxo::.ctor() stloc.s V_0 br IL_000D: nop ret <null> nop <null> ldloc.s V_0 call System.Byte[] Wapwgdkkjbn.Properties.Tuhgptnmr::get_Insjy() ldsfld System.Byte[] Wapwgdkkjbn.Verification.VerifierCompiler::_VerifierConverters ldsfld System.Byte[] Wapwgdkkjbn.Verification.VerifierCompiler::m_DistributorPredictorItems ldstr kf6Q9hBgehPhWEPfkfu.ceBU36Ba6bmPfWX2ewo ldstr LwrBkUFgBI callvirt System.Void Wapwgdkkjbn.Jfibluampxo::Dhxsgwel(System.Byte[],System.Byte[],System.Byte[],System.String,System.String) br IL_0033: leave IL_000C leave IL_000C: ret pop <null> br IL_003E: leave IL_000C leave IL_000C: ret br IL_000C: ret
eaaabe07ac5a27e0a8c0e3de019dab76 (587.78 KB)
File Structure
eaaabe07ac5a27e0a8c0e3de019dab76
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
Wapwgdkkjbn.Properties.Resources.resources
Insjy
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙