f903aebac814e51381975eef13113c29
PE Executable | MD5: f903aebac814e51381975eef13113c29 | Size: 535.55 KB | application/x-dosexec
Symbol Obfuscation Score
|
Hash | Hash Value |
|---|---|
| MD5 | f903aebac814e51381975eef13113c29
|
| Sha1 | e41f93378937bab4542b82a3da425a3f9d13a323
|
| Sha256 | aba22fcfb92c5d9f2f4daa085256935f786f012311e585f0ef1400faf2046b8c
|
| Sha384 | 9603603e5fc255cec1a8bd732214fcab0ac50dad831b0cdedc63d828a0d17177fb437c9637af5fae3ba4a9e57bf72743
|
| Sha512 | 754b4ed1b153aaccc07b8d134d6c337ef61dc6d824274ff46764e1f436a2dcecb6f0f48a4574e4df778beaf9fc1838cf2910447fdad94b0c809e21198b2cd9ae
|
| SSDeep | 12288:lpA7pXzQTEE+fCs3MhoSwOJoznjovkV97vPl91LhMidv40+z:2pSWfCwE5w7njovkb7vPl91LZX+z
|
| TLSH | 12B42321B3988562E97CE23609B126913772A3B77C578C4F3C9B9A50472BC2CAD49DCD
|
PeID
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Module Name | 0f9f6ab69fb64677b9806d4daa7ee919.exe |
| Full Name | 0f9f6ab69fb64677b9806d4daa7ee919.exe |
| EntryPoint | System.Void Ce99995f7::Main(System.String[]) |
| Scope Name | 0f9f6ab69fb64677b9806d4daa7ee919.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | 0f9f6ab69fb64677b9806d4daa7ee919 |
| Assembly Version | 0.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | <null> |
| Total Strings | 58 |
| Main Method | System.Void Ce99995f7::Main(System.String[]) |
| Main IL Instruction Count | 75 |
| Main IL | call System.Void Ce99995f7::P4732f2c3() call System.Void Ce99995f7::Me9920cb199a6() call System.Void Ce99995f7::Maead7f871067() call System.Void Ce99995f7::Mc39664625e82() ldc.i4.s 32 newarr System.Byte dup <null> ldtoken <PrivateImplementationDetails>/__StaticArrayInitTypeSize=32 <PrivateImplementationDetails>::Fad1185361ce3 call System.Void System.Runtime.CompilerServices.RuntimeHelpers::InitializeArray(System.Array,System.RuntimeFieldHandle) stloc.0 <null> ldc.i4.s 16 newarr System.Byte dup <null> ldtoken <PrivateImplementationDetails>/__StaticArrayInitTypeSize=16 <PrivateImplementationDetails>::Fc8e1b4d08b61 call System.Void System.Runtime.CompilerServices.RuntimeHelpers::InitializeArray(System.Array,System.RuntimeFieldHandle) stloc.1 <null> ldc.i4.s 16 newarr System.Byte dup <null> ldtoken <PrivateImplementationDetails>/__StaticArrayInitTypeSize=16 <PrivateImplementationDetails>::F24df6ef9fc3f call System.Void System.Runtime.CompilerServices.RuntimeHelpers::InitializeArray(System.Array,System.RuntimeFieldHandle) stloc.2 <null> call System.Reflection.Assembly System.Reflection.Assembly::GetExecutingAssembly() ldstr EncryptedResource_553878d658de42e1810fadbcedc4c40c callvirt System.IO.Stream System.Reflection.Assembly::GetManifestResourceStream(System.String) stloc.3 <null> ldloc.3 <null> brtrue.s IL_0062: ldloc.3 leave.s IL_00BC: ret ldloc.3 <null> callvirt System.Int64 System.IO.Stream::get_Length() conv.ovf.i <null> newarr System.Byte stloc.s V_4 ldc.i4.0 <null> stloc.s V_5 br.s IL_0094: ldloc.s V_5 ldloc.3 <null> ldloc.s V_4 ldloc.s V_5 ldloc.s V_4 ldlen <null> conv.i4 <null> ldloc.s V_5 sub <null> callvirt System.Int32 System.IO.Stream::Read(System.Byte[],System.Int32,System.Int32) stloc.s V_6 ldloc.s V_6 ldc.i4.0 <null> ble.s IL_009C: ldloc.s V_4 ldloc.s V_5 ldloc.s V_6 add <null> stloc.s V_5 ldloc.s V_5 ldloc.s V_4 ldlen <null> conv.i4 <null> blt.s IL_0075: ldloc.3 ldloc.s V_4 ldloc.0 <null> ldloc.1 <null> ldloc.2 <null> call System.Byte[] Ce99995f7::D3620741c(System.Byte[],System.Byte[],System.Byte[],System.Byte[]) call System.Void Ce99995f7::M53944fb3(System.Byte[]) leave.s IL_00B7: leave.s IL_00BC ldloc.3 <null> brfalse.s IL_00B6: endfinally ldloc.3 <null> callvirt System.Void System.IDisposable::Dispose() endfinally <null> leave.s IL_00BC: ret pop <null> leave.s IL_00BC: ret ret <null> |