Suspicious
Suspect

06eaaf586b03e42572d0406efc6368c4

PE Executable
|
MD5: 06eaaf586b03e42572d0406efc6368c4
|
Size: 739.33 KB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Low

Hash
 Hash Value
MD5
06eaaf586b03e42572d0406efc6368c4
Sha1
256a36e7f1d168a9d63e8cdd5303cee5e374cb2b
Sha256
8409c2dbea8abea1f92301840dbd317620a985ccf323fb3df04ae51703786cb6
Sha384
8a9b21b1d36c9e660cf07ba33a5df24bed52217a9e14f75a00a71ffa42b0a0fb0cef9cc7ee53ec11a93d21442bf08040
Sha512
c467f418bd367686bddb8b650f085e0a010b05cc27437b7b670fe375f3ba2f10ecd13ffa4894e00ca8b292723a32c55512822b191b5f1db0f5758ad533dc6de1
SSDeep
12288:bKa4ctN7IBWXWWW4lBgxJh5yecjwwJDToqat3OWmdMIieUX0ObX1a+FRJJTjYiQ9:+aTrIH4l2A3jwwh8SLdUEUBRJJQicXV
TLSH
8EF40118020BDC07C1D54FBAA8B1E7B437295EDFB9D2D6979FC53FDBB4296860A40242

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
06eaaf586b03e42572d0406efc6368c4
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0-preview.png
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
.Net Resources
ExamGenerator.Form1.resources
$this.Icon
[NBF]root.IconData
Ch1
[NBF]root.Data
ExamGenerator.Properties.Resources.resources
flZI
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Info

PDB Path: C:\Users\Administrator\Desktop\Client\Temp\UbDKLgOThU\src\obj\Debug\CdYV.pdb
Module Name

CdYV.exe
Full Name

CdYV.exe
EntryPoint

System.Void ExamGenerator.Program::Main()
Scope Name

CdYV.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

CdYV
Assembly Version

6.8.2.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

70
Main Method

System.Void ExamGenerator.Program::Main()
Main IL Instruction Count

10
Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void ExamGenerator.Form1::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
Module Name

CdYV.exe
Full Name

CdYV.exe
EntryPoint

System.Void ExamGenerator.Program::Main()
Scope Name

CdYV.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

CdYV
Assembly Version

6.8.2.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

70
Main Method

System.Void ExamGenerator.Program::Main()
Main IL Instruction Count

10
Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void ExamGenerator.Form1::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
06eaaf586b03e42572d0406efc6368c4 (739.33 KB)
File Structure
06eaaf586b03e42572d0406efc6368c4
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0-preview.png
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
.Net Resources
ExamGenerator.Form1.resources
$this.Icon
[NBF]root.IconData
Ch1
[NBF]root.Data
ExamGenerator.Properties.Resources.resources
flZI
[NBF]root.Data
[NBF]root.Data-preview.png
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙