f9ba48a30f732650dec47ba011c63fb1

PE Executable
|
MD5: f9ba48a30f732650dec47ba011c63fb1
|
Size: 19.46 KB
|
application/x-dosexec

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	f9ba48a30f732650dec47ba011c63fb1
Sha1	1ff5ce937f249ec6a2d6096238bacd8f9b26a731
Sha256	8f79f3498f99153a250e593eeabd59baef4cc7858c0a002705622f294e86c648
Sha384	5a59aec09b7a0cc04ce2cbc1065d0711bd18cc46bf6b92fff938adf1252b04f1c319f81646985feb71e9d0bb899f8dda
Sha512	6dfa90532bfd6c1e0d6deee1713282cf638c5775d355fa3c110e73a922858e0e4d13e8c4b51569fa385866b3f64659cbe1dd757fc3a32741a376775ddfdddfff
SSDeep	384:U/jnLSGyVLm3DV1nHHBRVCr/raxhDcRnhfvmF9UHiqTmQI35z:AILEHnBnCr/ramBmF9Im335z
TLSH	B5920857BA4D4663D164FF3EC8FBF5440320E2421D53DD4E798B334A681336AE6562CA

PeID

.NET executable

Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL

Microsoft Visual Studio .NET

File Structure

Informations

Name0	Value
Module Name	Xveszateqbz.exe
Full Name	Xveszateqbz.exe
EntryPoint	System.Void Oapxsdywqt.Proxies.JoinedProxy::InterceptInternalProxy()
Scope Name	Xveszateqbz.exe
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	Xveszateqbz
Assembly Version	1.0.4362.8918
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.6
Total Strings	5
Main Method	System.Void Oapxsdywqt.Proxies.JoinedProxy::InterceptInternalProxy()
Main IL Instruction Count	31
Main IL	ldc.i4 1 stloc V_0 br IL_000E: ldloc V_0 ldloc V_0 switch dnlib.DotNet.Emit.Instruction[] br IL_0054: ldsfld Oapxsdywqt.Proxies.JoinedProxy/<>c Oapxsdywqt.Proxies.JoinedProxy/<>c::m_RequesterError ret <null> ldsfld System.Action`1<System.IO.MemoryStream> Oapxsdywqt.Proxies.JoinedProxy/<>c::_ProxyRecommender dup <null> brtrue IL_006A: call System.Void Oapxsdywqt.Proxies.JoinedProxy::EvaluateProxy(System.Action`1<System.IO.MemoryStream>) pop <null> ldc.i4 0 ldsfld <Module>{21d6b43d-bd7d-44f9-b844-b64c2ba4d305} <Module>{21d6b43d-bd7d-44f9-b844-b64c2ba4d305}::m_f1bac9a8fc7044d580f023b03a707796 ldfld System.Int32 <Module>{21d6b43d-bd7d-44f9-b844-b64c2ba4d305}::m_afd39b7fbc0046f0b1c2b55e2c675389 brfalse IL_0012: switch(IL_0054,IL_0029,IL_0028) pop <null> ldc.i4 0 br IL_0012: switch(IL_0054,IL_0029,IL_0028) ldsfld Oapxsdywqt.Proxies.JoinedProxy/<>c Oapxsdywqt.Proxies.JoinedProxy/<>c::m_RequesterError ldftn System.Void Oapxsdywqt.Proxies.JoinedProxy/<>c::PrepareProxy(System.IO.MemoryStream) newobj System.Void System.Action`1<System.IO.MemoryStream>::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Action`1<System.IO.MemoryStream> Oapxsdywqt.Proxies.JoinedProxy/<>c::_ProxyRecommender call System.Void Oapxsdywqt.Proxies.JoinedProxy::EvaluateProxy(System.Action`1<System.IO.MemoryStream>) ldc.i4 0 ldsfld <Module>{21d6b43d-bd7d-44f9-b844-b64c2ba4d305} <Module>{21d6b43d-bd7d-44f9-b844-b64c2ba4d305}::m_f1bac9a8fc7044d580f023b03a707796 ldfld System.Int32 <Module>{21d6b43d-bd7d-44f9-b844-b64c2ba4d305}::m_afd39b7fbc0046f0b1c2b55e2c675389 brfalse IL_0012: switch(IL_0054,IL_0029,IL_0028) pop <null> ldc.i4 2 br IL_0012: switch(IL_0054,IL_0029,IL_0028)
Module Name	Xveszateqbz.exe
Full Name	Xveszateqbz.exe
EntryPoint	System.Void Oapxsdywqt.Proxies.JoinedProxy::InterceptInternalProxy()
Scope Name	Xveszateqbz.exe
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	Xveszateqbz
Assembly Version	1.0.4362.8918
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.6
Total Strings	5
Main Method	System.Void Oapxsdywqt.Proxies.JoinedProxy::InterceptInternalProxy()
Main IL Instruction Count	31
Main IL	ldc.i4 1 stloc V_0 br IL_000E: ldloc V_0 ldloc V_0 switch dnlib.DotNet.Emit.Instruction[] br IL_0054: ldsfld Oapxsdywqt.Proxies.JoinedProxy/<>c Oapxsdywqt.Proxies.JoinedProxy/<>c::m_RequesterError ret <null> ldsfld System.Action`1<System.IO.MemoryStream> Oapxsdywqt.Proxies.JoinedProxy/<>c::_ProxyRecommender dup <null> brtrue IL_006A: call System.Void Oapxsdywqt.Proxies.JoinedProxy::EvaluateProxy(System.Action`1<System.IO.MemoryStream>) pop <null> ldc.i4 0 ldsfld <Module>{21d6b43d-bd7d-44f9-b844-b64c2ba4d305} <Module>{21d6b43d-bd7d-44f9-b844-b64c2ba4d305}::m_f1bac9a8fc7044d580f023b03a707796 ldfld System.Int32 <Module>{21d6b43d-bd7d-44f9-b844-b64c2ba4d305}::m_afd39b7fbc0046f0b1c2b55e2c675389 brfalse IL_0012: switch(IL_0054,IL_0029,IL_0028) pop <null> ldc.i4 0 br IL_0012: switch(IL_0054,IL_0029,IL_0028) ldsfld Oapxsdywqt.Proxies.JoinedProxy/<>c Oapxsdywqt.Proxies.JoinedProxy/<>c::m_RequesterError ldftn System.Void Oapxsdywqt.Proxies.JoinedProxy/<>c::PrepareProxy(System.IO.MemoryStream) newobj System.Void System.Action`1<System.IO.MemoryStream>::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Action`1<System.IO.MemoryStream> Oapxsdywqt.Proxies.JoinedProxy/<>c::_ProxyRecommender call System.Void Oapxsdywqt.Proxies.JoinedProxy::EvaluateProxy(System.Action`1<System.IO.MemoryStream>) ldc.i4 0 ldsfld <Module>{21d6b43d-bd7d-44f9-b844-b64c2ba4d305} <Module>{21d6b43d-bd7d-44f9-b844-b64c2ba4d305}::m_f1bac9a8fc7044d580f023b03a707796 ldfld System.Int32 <Module>{21d6b43d-bd7d-44f9-b844-b64c2ba4d305}::m_afd39b7fbc0046f0b1c2b55e2c675389 brfalse IL_0012: switch(IL_0054,IL_0029,IL_0028) pop <null> ldc.i4 2 br IL_0012: switch(IL_0054,IL_0029,IL_0028)

f9ba48a30f732650dec47ba011c63fb1 (19.46 KB)

f9ba48a30f732650dec47ba011c63fb1

PE Executable | MD5: f9ba48a30f732650dec47ba011c63fb1 | Size: 19.46 KB | application/x-dosexec

PE Executable
|
MD5: f9ba48a30f732650dec47ba011c63fb1
|
Size: 19.46 KB
|
application/x-dosexec