General
Structural Analysis
Config.0
Yara Rules24
Sync
Community
Summary by MalvaGPT
Characteristics
Symbol Ofbuscation Score
Medium
|
Hash | Hash Value |
|---|---|
| MD5 | f2bc4b5191c16e414c1cc5110ff32a97
|
| Sha1 | a2bf768932736a5e0618abcc9473cd7aa886fe5b
|
| Sha256 | f481044b3ea1b4a5d412c7932370602a96cb00763650edb290959491e3c9ef23
|
| Sha384 | 850414a13916b257b5f5823f93293b384e916950b63e4d405f36b3edff696ddb250a59e9f6282a128a215f58afd15ed7
|
| Sha512 | 08be0b265c084eb360d5e00302149a524a3524a3842bdfae48b15cb26ebf820224dc9c1aa8f6946784c800a7d7fba55d4621f940c633e44e8f26120c6c9f31eb
|
| SSDeep | 24576:h/m9xGBpPrxsMmU3TdQc4mVr9a3bf7vvRbY2CYhDgT0eQ:h/JzPrxsm3d4mVu77BE2z9g
|
| TLSH | E725338B2EF7EB5ADDA19AF0B5C78D4814E54390391BBECEF2490E46350058E82FD536
|
PeID
Microsoft Visual C++ DLL
Microsoft Visual C++ v6.0
File Structure
f2bc4b5191c16e414c1cc5110ff32a97
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rsrc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
Nmaiqpy.Properties.Resources.resources
Ffwfzvtqown
Informations
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Module Name | Fnftbneqjbk.exe |
| Full Name | Fnftbneqjbk.exe |
| EntryPoint | System.Void Nmaiqpy.Tgtlidj::Main() |
| Scope Name | Fnftbneqjbk.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Fnftbneqjbk |
| Assembly Version | 1.0.3059.4368 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.6 |
| Total Strings | 6 |
| Main Method | System.Void Nmaiqpy.Tgtlidj::Main() |
| Main IL Instruction Count | 10 |
| Main IL | newobj System.Void Nmaiqpy.Arurtroj::.ctor() ldstr Ku77ZvNGb2R0lXxCkRlHqA== ldstr /FFzmHqxaUg= ldstr jgaoieHI2KhVvidDmj.M7aY0muHDiK4dFGPAJ ldstr DL1nLQl3G callvirt System.Void Nmaiqpy.Arurtroj::Ckqtyj(System.String,System.String,System.String,System.String) leave IL_0029: ret pop <null> leave IL_0029: ret ret <null> |
f2bc4b5191c16e414c1cc5110ff32a97 (985.6 KB)
File Structure
f2bc4b5191c16e414c1cc5110ff32a97
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rsrc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
Nmaiqpy.Properties.Resources.resources
Ffwfzvtqown
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.