Suspicious
Suspect

f50501abb0f1da7d8d230933577a9004

PE Executable
|
MD5: f50501abb0f1da7d8d230933577a9004
|
Size: 593.41 KB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very high

Hash
 Hash Value
MD5
f50501abb0f1da7d8d230933577a9004
Sha1
b818d95b45a1ba8d497701355ef3a38551af663b
Sha256
c70aab79c8b80c02aa4d3d77cc64c0791b31c0707633209202cdeacfbbee8232
Sha384
447e9416c4796d18569af625fb40b3ba80d7a26d0e52fae96c9421646b192c3c07f2c7d5a86e2fabf95ecfa99b130130
Sha512
fa07cb85a66cd204e1e56cd4a6b1a0b63167c8211ef0908b05576a49e2fcba8b1ff92c5e4ab0f47988111d3e8e4822517e0ad2434ed12ac849fde14ea24ccb48
SSDeep
12288:kpYaxYhRMykk7CdKdrBWwz+0fSSMw3Yy:k2SqyOCdR+NMwo
TLSH
81C4E02923E89F41F57FAB785472111407FAF846C763EB1DBEE844E90922B908933767

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
f50501abb0f1da7d8d230933577a9004
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
Kairolytix.DTnolina
Xs4oynA01Mt.Resources.resources
4421b3bb143a0e.Resources.resources
e06d85f80
[NBF]root.Data
e06d85f81
[NBF]root.Data
e06d85f82
[NBF]root.Data
e06d85f83
[NBF]root.Data
e06d85f84
[NBF]root.Data
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

Xs4oynA01Mt
Full Name

Xs4oynA01Mt
EntryPoint

System.Void Xs4oynA01Mt.bf3PRgc::s_9Ga0L()
Scope Name

Xs4oynA01Mt
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Xs4oynA01Mt
Assembly Version

21.4.1.123
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

674
Main Method

System.Void Xs4oynA01Mt.bf3PRgc::s_9Ga0L()
Main IL Instruction Count

87
Main IL

nop <null> nop <null> ldc.i4.s 25 stloc.0 <null> ldloc.0 <null> ldc.i4.s 23 add.ovf <null> ldc.i4.s 25 div <null> ldc.i4.s 25 mul.ovf <null> stloc.0 <null> ldloc.0 <null> ldc.i4.1 <null> sub.ovf <null> ldc.i4.1 <null> add.ovf <null> newarr System.Object stloc.1 <null> call System.Reflection.Assembly System.Reflection.Assembly::GetExecutingAssembly() callvirt System.String System.Reflection.Assembly::get_Location() call System.Diagnostics.FileVersionInfo System.Diagnostics.FileVersionInfo::GetVersionInfo(System.String) callvirt System.String System.Diagnostics.FileVersionInfo::get_FileVersion() stloc.2 <null> ldloc.2 <null> call System.Boolean System.String::IsNullOrEmpty(System.String) stloc.s V_7 ldloc.s V_7 brfalse.s IL_0042: ldc.i4.s 26 ldstr 1.0.0.0 stloc.2 <null> ldc.i4.s 26 call System.String System.Environment::GetFolderPath(System.Environment/SpecialFolder) ldstr SystemTools call System.String System.IO.Path::Combine(System.String,System.String) stloc.3 <null> ldloc.3 <null> call System.Boolean System.IO.Directory::Exists(System.String) ldc.i4.0 <null> ceq <null> stloc.s V_8 ldloc.s V_8 brfalse.s IL_006B: nop ldloc.3 <null> call System.IO.DirectoryInfo System.IO.Directory::CreateDirectory(System.String) pop <null> nop <null> nop <null> ldc.i4.s 80 call System.Void System.Threading.Thread::Sleep(System.Int32) nop <null> ldstr DTnolina stloc.s V_4 ldloc.s V_4 call System.Object Xs4oynA01Mt.bf3PRgc::Kt5o_Fr83(System.String) call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) stloc.s V_5 ldloc.s V_5 ldnull <null> ceq <null> stloc.s V_9 ldloc.s V_9 brfalse.s IL_0096: ldloc.s V_5 leave.s IL_00CC: nop ldloc.s V_5 call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) call System.Object Xs4oynA01Mt.bf3PRgc::Caf0o2iF3SxpE(System.Object) call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) stloc.s V_6 ldloc.1 <null> ldloc.0 <null> ldc.i4.1 <null> sub.ovf <null> ldloc.s V_6 call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) stelem.ref <null> ldloc.1 <null> ldloc.0 <null> call System.Void Xs4oynA01Mt.bf3PRgc::Feb8mC4s7gQq(System.Object[],System.Int32) nop <null> leave.s IL_00CC: nop call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_00CC: nop nop <null> ret <null>
Module Name

Xs4oynA01Mt
Full Name

Xs4oynA01Mt
EntryPoint

System.Void Xs4oynA01Mt.bf3PRgc::s_9Ga0L()
Scope Name

Xs4oynA01Mt
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Xs4oynA01Mt
Assembly Version

21.4.1.123
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

674
Main Method

System.Void Xs4oynA01Mt.bf3PRgc::s_9Ga0L()
Main IL Instruction Count

87
Main IL

nop <null> nop <null> ldc.i4.s 25 stloc.0 <null> ldloc.0 <null> ldc.i4.s 23 add.ovf <null> ldc.i4.s 25 div <null> ldc.i4.s 25 mul.ovf <null> stloc.0 <null> ldloc.0 <null> ldc.i4.1 <null> sub.ovf <null> ldc.i4.1 <null> add.ovf <null> newarr System.Object stloc.1 <null> call System.Reflection.Assembly System.Reflection.Assembly::GetExecutingAssembly() callvirt System.String System.Reflection.Assembly::get_Location() call System.Diagnostics.FileVersionInfo System.Diagnostics.FileVersionInfo::GetVersionInfo(System.String) callvirt System.String System.Diagnostics.FileVersionInfo::get_FileVersion() stloc.2 <null> ldloc.2 <null> call System.Boolean System.String::IsNullOrEmpty(System.String) stloc.s V_7 ldloc.s V_7 brfalse.s IL_0042: ldc.i4.s 26 ldstr 1.0.0.0 stloc.2 <null> ldc.i4.s 26 call System.String System.Environment::GetFolderPath(System.Environment/SpecialFolder) ldstr SystemTools call System.String System.IO.Path::Combine(System.String,System.String) stloc.3 <null> ldloc.3 <null> call System.Boolean System.IO.Directory::Exists(System.String) ldc.i4.0 <null> ceq <null> stloc.s V_8 ldloc.s V_8 brfalse.s IL_006B: nop ldloc.3 <null> call System.IO.DirectoryInfo System.IO.Directory::CreateDirectory(System.String) pop <null> nop <null> nop <null> ldc.i4.s 80 call System.Void System.Threading.Thread::Sleep(System.Int32) nop <null> ldstr DTnolina stloc.s V_4 ldloc.s V_4 call System.Object Xs4oynA01Mt.bf3PRgc::Kt5o_Fr83(System.String) call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) stloc.s V_5 ldloc.s V_5 ldnull <null> ceq <null> stloc.s V_9 ldloc.s V_9 brfalse.s IL_0096: ldloc.s V_5 leave.s IL_00CC: nop ldloc.s V_5 call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) call System.Object Xs4oynA01Mt.bf3PRgc::Caf0o2iF3SxpE(System.Object) call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) stloc.s V_6 ldloc.1 <null> ldloc.0 <null> ldc.i4.1 <null> sub.ovf <null> ldloc.s V_6 call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) stelem.ref <null> ldloc.1 <null> ldloc.0 <null> call System.Void Xs4oynA01Mt.bf3PRgc::Feb8mC4s7gQq(System.Object[],System.Int32) nop <null> leave.s IL_00CC: nop call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_00CC: nop nop <null> ret <null>
f50501abb0f1da7d8d230933577a9004 (593.41 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙