Suspect
PE Executable
MD5: ee358da8d1af5829af1f7d29caf63d47
Size: 835.07 KB
application/x-dosexec
Get an AI-generated breakdown of this malware's behaviour, IOCs and recommendations.
AI analysis is available with Essential.
Unlock with Essential
Symbol Obfuscation Score
Low
| MD5 | ee358da8d1af5829af1f7d29caf63d47 |
| Sha1 | 580acf88dd70cda1dbdbf4ebcd6f4031d0f64402 |
| Sha256 | a6a9b636acea176d2d225f18d8f28797631b1ce4c5b2e46ed4cbe18f1a71fa6e |
| Sha384 | c90df7d2896256df34492444a6452bd83e44f2a97bb9337f7b830fa510be9c80f545ae4c22c9db170facd7f38b4e43fa |
| Sha512 | be29322da98b6d346c96d54f1bbac4c412ff78123cc543c98e63f843dfe24c6e165124aeb723656c8fd94a242a280699b4366fb91a299625d1fb8da664595c7b |
| SSDeep | 12288:jyXGefJUyIrB9MpYqacykOogPEK4ry31nnFG2CgcqOI7LFDwyIATJHe/:vMJU7VmqqRy68D4YE2bt7LFsVAVHe/ |
| TLSH | 160502117799ED13D4B98AF55932E37003B26E5DA026D3CB9DE8BCE738E5B012810B97 |
PeID
.NET executableMicrosoft Visual C# / Basic .NETMicrosoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL Microsoft Visual C# v7.0 / Basic .NETMicrosoft Visual Studio .NET
| Name | Value |
|---|---|
| Module Name | fIGB.exe |
| Full Name | fIGB.exe |
| EntryPoint | System.Void Dorixona.Program::Main() |
| Scope Name | fIGB.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | fIGB |
| Assembly Version | 2.8.5.1 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.0 |
| Total Strings | 473 |
| Main Method | System.Void Dorixona.Program::Main() |
| Main IL Instruction Count | 6 |
| Main IL | |
| Module Name | fIGB.exe |
| Full Name | fIGB.exe |
| EntryPoint | System.Void Dorixona.Program::Main() |
| Scope Name | fIGB.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | fIGB |
| Assembly Version | 2.8.5.1 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.0 |
| Total Strings | 473 |
| Main Method | System.Void Dorixona.Program::Main() |
| Main IL Instruction Count | 6 |
| Main IL | |
PDB Path
PATH
fIhuhuhuhu
Full artefact values (URLs, paths, registry keys, scripts…) are available with Essential.
Unlock with Essential
No malware configuration was found at this point.
PDB Path
PATH
fIhuhuhuhu
ee358da8d1af5829af1f7d29caf63d47
Full artefact values (URLs, paths, registry keys, scripts…) are available with Essential.
Unlock with Essential
You must be signed in to view YARA rules.