Suspect
123c468c9bdfab161e5033fc900ef73a
PE Executable | MD5: 123c468c9bdfab161e5033fc900ef73a | Size: 852.99 KB | application/x-dosexec
PE Executable
MD5: 123c468c9bdfab161e5033fc900ef73a
Size: 852.99 KB
application/x-dosexec
Summary by MalvaGPT
Characteristics
Symbol Ofbuscation Score
Very low
|
Hash | Hash Value |
|---|---|
| MD5 | 123c468c9bdfab161e5033fc900ef73a
|
| Sha1 | e8cc5c482a409b8501294e9683511e6cbff9fc4c
|
| Sha256 | a7f7a2ba4874202dd3c17d81618c0f5f03421b13fe9b48a81f475025f97f2fd3
|
| Sha384 | 3240cecf11532707f65b89e475734d5836b6f5b751df7d833611374b048c219ee609b77c9a2c14b6f1d0e51c59485b61
|
| Sha512 | b70f8a57e81634a9037294915199d0d5667f078d7f69bf82c1be6da95bae2614182bac1c72c615cb379be0f562f0ed101e129d7b53c83270f426e714e09248ee
|
| SSDeep | 24576:6eWOfKvFBks59dT4TwgPgRMfoyQK+pFKUD:IQKjks59dGrwNPTKU
|
| TLSH | A80501546653CBC6C0E217FD99B1EF7812270E887861DF3E8ADE7DAB3F26A041D80255
|
File Structure
123c468c9bdfab161e5033fc900ef73a
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
ticTacToe.Form1.resources
$this.Icon
[NBF]root.IconData
htta
[NBF]root.Data
pictureBox1.Image
[NBF]root.Data
[NBF]root.Data-preview.png
Core.Properties.Resources.resources
cIIB
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Info | PDB Path: SOql.pdb |
| Module Name | SOql.exe |
| Full Name | SOql.exe |
| EntryPoint | System.Void ticTacToe.Program::Main() |
| Scope Name | SOql.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | SOql |
| Assembly Version | 1.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.5 |
| Total Strings | 155 |
| Main Method | System.Void ticTacToe.Program::Main() |
| Main IL Instruction Count | 10 |
| Main IL | nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void ticTacToe.Form1::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null> |
123c468c9bdfab161e5033fc900ef73a (852.99 KB)
File Structure
123c468c9bdfab161e5033fc900ef73a
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
ticTacToe.Form1.resources
$this.Icon
[NBF]root.IconData
htta
[NBF]root.Data
pictureBox1.Image
[NBF]root.Data
[NBF]root.Data-preview.png
Core.Properties.Resources.resources
cIIB
[NBF]root.Data
[NBF]root.Data-preview.png
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.