Suspect
112ee15a15b22c168b63756d62ae54b7
PE Executable | MD5: 112ee15a15b22c168b63756d62ae54b7 | Size: 1.1 MB | application/x-dosexec
PE Executable
MD5: 112ee15a15b22c168b63756d62ae54b7
Size: 1.1 MB
application/x-dosexec
Summary by MalvaGPT
Characteristics
Symbol Ofbuscation Score
Medium
|
Hash | Hash Value |
|---|---|
| MD5 | 112ee15a15b22c168b63756d62ae54b7
|
| Sha1 | 3906f2a895abac7c81039408775f573c868eb6a4
|
| Sha256 | 3cbf0bb73e7973458f172a4d50391803a89ce183a17438f689d9045a683b5cc2
|
| Sha384 | 9da760375d287e612b18c35a8457ea0d7d3e320d046c86471fd75b1354690cd9e17a3d08f54e58da6810a9deda61bb83
|
| Sha512 | 76160dadac96ba05f30199e4d62c491a439a4f66b382e8061844acec420c5117983757ce7e9791e933a93f0a22f9a18cdec61de24079ff49ce96b792f15c88df
|
| SSDeep | 24576:jof7Dvosz8nmUxu91TAV+9CKNxe2zWDlxZ9hH15t:0f78sa9c90+Ese2zoxBH1n
|
| TLSH | 223512557B1EDE21D9A22BF009B1D3B617B06D0DBD00E3074EEA6CDB7468F192869B43
|
PeID
UPolyX 0.3 -> delikon
File Structure
112ee15a15b22c168b63756d62ae54b7
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
SpaceCalculator.MainForm.resources
SpaceCalculator.Properties.Resources.resources
CHT
[NBF]root.Data
LiYi
[NBF]root.Data
[NBF]root.Data-preview.png
fabrica24
[NBF]root.Data
[NBF]root.Data-preview.png
fabrica25
[NBF]root.Data
[NBF]root.Data-preview.png
fabrica26
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Info | PDB Path: ipEI.pdb |
| Module Name | ipEI.exe |
| Full Name | ipEI.exe |
| EntryPoint | System.Void SpaceCalculator.Program::Main() |
| Scope Name | ipEI.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | ipEI |
| Assembly Version | 1.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.5 |
| Total Strings | 414 |
| Main Method | System.Void SpaceCalculator.Program::Main() |
| Main IL Instruction Count | 10 |
| Main IL | nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void SpaceCalculator.MainForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null> |
112ee15a15b22c168b63756d62ae54b7 (1.1 MB)
File Structure
112ee15a15b22c168b63756d62ae54b7
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
SpaceCalculator.MainForm.resources
SpaceCalculator.Properties.Resources.resources
CHT
[NBF]root.Data
LiYi
[NBF]root.Data
[NBF]root.Data-preview.png
fabrica24
[NBF]root.Data
[NBF]root.Data-preview.png
fabrica25
[NBF]root.Data
[NBF]root.Data-preview.png
fabrica26
[NBF]root.Data
[NBF]root.Data-preview.png
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.