Suspicious
Suspect

07d9e7b8a1826782fa6b38fb343bd37c

PE Executable
|
MD5: 07d9e7b8a1826782fa6b38fb343bd37c
|
Size: 732.67 KB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Medium

Hash
 Hash Value
MD5
07d9e7b8a1826782fa6b38fb343bd37c
Sha1
f6f677581e1a0700ba7aa80d860ee209c5af87b3
Sha256
476a922ca015b327bb5069b7913818b579ab7f04b95f3f3c733138ef7c4692b5
Sha384
a620a4376ae35c719d1059b948c98309a05de755be731702518cad74e9a3b391dc0ee116e30f79b0378d9812ba4189e7
Sha512
184cb2fc335caf20250cbd942457b93cfbc833d966af2fdc328516316fdd9b02b0381a574d60f8827aaeb3c2a44f0f17e75f52fda11595e9179f390bc3ea6c68
SSDeep
12288:wwi4S2PqhKOLqP1Q1SLfFs3Qgqdq4+2bBJ9NyTf5Joq752/qT8Z0O/:wwtBqhKOLn1gfZt3bHeDoql2FK
TLSH
23F4E00176BA8F13C9A69BF86974E17007F43E9EA911C30F8DE53DDB7638B511A40A53

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
07d9e7b8a1826782fa6b38fb343bd37c
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
Library.FormMenu.resources
$this.Icon
[NBF]root.IconData
TCA
[NBF]root.Data
Library.FormBook.resources
BookFlowLibrary.Properties.Resources.resources
cVvgn
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
Name
 Value
Module Name

NGvjh.exe
Full Name

NGvjh.exe
EntryPoint

System.Void Library.Program::Main()
Scope Name

NGvjh.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

NGvjh
Assembly Version

7.6.5.3
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

759
Main Method

System.Void Library.Program::Main()
Main IL Instruction Count

5
Main IL

nop <null> newobj System.Void Library.FormMenu::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
Module Name

NGvjh.exe
Full Name

NGvjh.exe
EntryPoint

System.Void Library.Program::Main()
Scope Name

NGvjh.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

NGvjh
Assembly Version

7.6.5.3
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

759
Main Method

System.Void Library.Program::Main()
Main IL Instruction Count

5
Main IL

nop <null> newobj System.Void Library.FormMenu::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
Artefacts
Name
 Value
PDB Path

?
07d9e7b8a1826782fa6b38fb343bd37c (732.67 KB)
File Structure
07d9e7b8a1826782fa6b38fb343bd37c
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
Library.FormMenu.resources
$this.Icon
[NBF]root.IconData
TCA
[NBF]root.Data
Library.FormBook.resources
BookFlowLibrary.Properties.Resources.resources
cVvgn
[NBF]root.Data
[NBF]root.Data-preview.png
Characteristics
No malware configuration were found at this point.
Artefacts
Name
 Value Location
PDB Path

?

07d9e7b8a1826782fa6b38fb343bd37c
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙