Suspicious
Suspect

10430f4d8fa49751d7886583a39a1945

PE Executable
|
MD5: 10430f4d8fa49751d7886583a39a1945
|
Size: 646.66 KB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very high

Hash
 Hash Value
MD5
10430f4d8fa49751d7886583a39a1945
Sha1
72adef6c43aee8fc9240ee2c8fa9464a124a5fa0
Sha256
56ba908c2c9804f2dbdf7efa846c376b6257715336bed8fdb9f8aa89ed46bfea
Sha384
0424ffb110c614682c375eb5cc0ea1892305c3b83e04e86255ac8e438b6caffb27eac9e8f8414468b6e4a2e9dcedb7e2
Sha512
c44695969ce1e5346b1c4d1c4b86444d04c9c08ec2dd8056ac08357b64d48a7f184e8f94d0050a6b8781d947df1aa2d483c00f3e6abd86fe187f73c741381253
SSDeep
12288:oaY03VXlyxjS/gpKEtnMt/5OGpo5hcFg6yoT3ni6:jF1icYGpoDcafs3n
TLSH
3DD45BE51EA43F51D17FFE354B76067067FFBC828E22CB89344726A66A2260588C07D7

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
10430f4d8fa49751d7886583a39a1945
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0032
ID:0
RT_GROUP_CURSOR4
ID:0001
ID:0
RT_VERSION
ID:0001
ID:0
.Net Resources
FiberaDigit.fibraship.ico
2edHjG8.6RytBf7tdZ.resources
$this.Icon
[NBF]root.IconData
AboutDeveloperToolStripMenuItem.Image
[NBF]root.Data
[NBF]root.Data-preview.png
AboutSoftwareToolStripMenuItem.Image
[NBF]root.Data
[NBF]root.Data-preview.png
ExitToolStripMenuItem.Image
[NBF]root.Data
[NBF]root.Data-preview.png
SettingsToolStripMenuItem.Image
[NBF]root.Data
[NBF]root.Data-preview.png
2edHjG8.Resources.resources
aac50708c5cd9d.Resources.resources
c3367ca10
[NBF]root.Data
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

2edHjG8
Full Name

2edHjG8
EntryPoint

System.Void 2edHjG8.zc6J8QgeewE1::5weKf0()
Scope Name

2edHjG8
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

2edHjG8
Assembly Version

15.13.40.215
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

2241
Main Method

System.Void 2edHjG8.zc6J8QgeewE1::5weKf0()
Main IL Instruction Count

73
Main IL

nop <null> ldtoken System.Windows.Forms.Application call System.Type System.Type::GetTypeFromHandle(System.RuntimeTypeHandle) stloc.0 <null> ldloc.0 <null> ldstr EnableVisualStyles ldc.i4.s 24 callvirt System.Reflection.MethodInfo System.Type::GetMethod(System.String,System.Reflection.BindingFlags) ldnull <null> ldnull <null> callvirt System.Object System.Reflection.MethodBase::Invoke(System.Object,System.Object[]) pop <null> ldloc.0 <null> ldstr SetCompatibleTextRenderingDefault ldc.i4.s 24 callvirt System.Reflection.MethodInfo System.Type::GetMethod(System.String,System.Reflection.BindingFlags) ldnull <null> ldc.i4.1 <null> newarr System.Object dup <null> ldc.i4.0 <null> ldc.i4.0 <null> box System.Boolean stelem.ref <null> callvirt System.Object System.Reflection.MethodBase::Invoke(System.Object,System.Object[]) pop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> call System.OperatingSystem System.Environment::get_OSVersion() callvirt System.Version System.OperatingSystem::get_Version() callvirt System.Int32 System.Version::get_Major() ldc.i4.6 <null> clt <null> ldc.i4.0 <null> ceq <null> stloc.1 <null> ldloc.1 <null> brfalse.s IL_0071: nop call System.Boolean 2edHjG8.zc6J8QgeewE1::7yoLd8Zj() pop <null> nop <null> nop <null> call System.Boolean 2edHjG8.zc6J8QgeewE1::Jdp95Gnnq4Nkbg() ldc.i4.0 <null> ceq <null> stloc.2 <null> ldloc.2 <null> brfalse.s IL_0080: nop br.s IL_00B6: ret nop <null> nop <null> call System.Void 2edHjG8.zc6J8QgeewE1::1Xxnm_() nop <null> leave.s IL_00AF: nop dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.3 <null> nop <null> ldstr Application failed to start: ldloc.3 <null> callvirt System.String System.Exception::get_Message() call System.String System.String::Concat(System.String,System.String) call System.Void 2edHjG8.zc6J8QgeewE1::2Rfdi(System.String) nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_00AF: nop nop <null> call System.Void System.Windows.Forms.Application::Exit() nop <null> ret <null>
Module Name

2edHjG8
Full Name

2edHjG8
EntryPoint

System.Void 2edHjG8.zc6J8QgeewE1::5weKf0()
Scope Name

2edHjG8
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

2edHjG8
Assembly Version

15.13.40.215
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

2241
Main Method

System.Void 2edHjG8.zc6J8QgeewE1::5weKf0()
Main IL Instruction Count

73
Main IL

nop <null> ldtoken System.Windows.Forms.Application call System.Type System.Type::GetTypeFromHandle(System.RuntimeTypeHandle) stloc.0 <null> ldloc.0 <null> ldstr EnableVisualStyles ldc.i4.s 24 callvirt System.Reflection.MethodInfo System.Type::GetMethod(System.String,System.Reflection.BindingFlags) ldnull <null> ldnull <null> callvirt System.Object System.Reflection.MethodBase::Invoke(System.Object,System.Object[]) pop <null> ldloc.0 <null> ldstr SetCompatibleTextRenderingDefault ldc.i4.s 24 callvirt System.Reflection.MethodInfo System.Type::GetMethod(System.String,System.Reflection.BindingFlags) ldnull <null> ldc.i4.1 <null> newarr System.Object dup <null> ldc.i4.0 <null> ldc.i4.0 <null> box System.Boolean stelem.ref <null> callvirt System.Object System.Reflection.MethodBase::Invoke(System.Object,System.Object[]) pop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> call System.OperatingSystem System.Environment::get_OSVersion() callvirt System.Version System.OperatingSystem::get_Version() callvirt System.Int32 System.Version::get_Major() ldc.i4.6 <null> clt <null> ldc.i4.0 <null> ceq <null> stloc.1 <null> ldloc.1 <null> brfalse.s IL_0071: nop call System.Boolean 2edHjG8.zc6J8QgeewE1::7yoLd8Zj() pop <null> nop <null> nop <null> call System.Boolean 2edHjG8.zc6J8QgeewE1::Jdp95Gnnq4Nkbg() ldc.i4.0 <null> ceq <null> stloc.2 <null> ldloc.2 <null> brfalse.s IL_0080: nop br.s IL_00B6: ret nop <null> nop <null> call System.Void 2edHjG8.zc6J8QgeewE1::1Xxnm_() nop <null> leave.s IL_00AF: nop dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.3 <null> nop <null> ldstr Application failed to start: ldloc.3 <null> callvirt System.String System.Exception::get_Message() call System.String System.String::Concat(System.String,System.String) call System.Void 2edHjG8.zc6J8QgeewE1::2Rfdi(System.String) nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_00AF: nop nop <null> call System.Void System.Windows.Forms.Application::Exit() nop <null> ret <null>
10430f4d8fa49751d7886583a39a1945 (646.66 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙