General
Structural Analysis
Config.0
Yara Rules27
Sync
Community
Summary by MalvaGPT
Characteristics
Symbol Ofbuscation Score
Medium
|
Hash | Hash Value |
|---|---|
| MD5 | 1446e4cb4414df842a9d8c341588b27c
|
| Sha1 | 5de630aff225fe99e6153a9ff630b3d777d82164
|
| Sha256 | 0c7b70edd8d840be99456cf9e35ca9ac9e341b6e83875745511d60da15661a6a
|
| Sha384 | adc9480bf835b5d812daede1defcb778ce757619521fac3ba84cd486a348d57a2c68aee0ca50f5a1c612d68ddfb96fff
|
| Sha512 | 446b8aad60072012ae7fcee8485624e0212b634bd140fa85c36e24e8b8d63c37c561737ff54bd5ee84bfb790458b155b6c6c7d12ba35c3c7db2726c13033460b
|
| SSDeep | 24576:AhjfJXeCtKZRzd9R1mrHvVQzialj+E/Fv60:ATXeCtQRxH1EVcTJ+ENy0
|
| TLSH | 7E458A4271A4E86BC6768AF1C921C6F393716E07E219C28B0CE57ECBF4F1F060995A57
|
PeID
.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
1446e4cb4414df842a9d8c341588b27c
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
.Net Resources
ColoniaDePescadores.AreaDoPescador.resources
ColoniaDePescadores.FormProduto1.resources
$this.Icon
[NBF]root.IconData
ColoniaDePescadores.FormProduto2.resources
ColoniaDePescadores.FormProduto3.resources
ColoniaDePescadores.FormProduto4.resources
ColoniaDePescadores.FormProduto5.resources
ColoniaDePescadores.FrmMenu.resources
ColoniaDePescadores.Login.resources
chb
[NBF]root.Data
statusStrip1.TrayLocation
ColoniaDePescadores.Parceiros.resources
ColoniaDePescadores.Properties.Resources.resources
ACRE
[NBF]root.Data
[NBF]root.Data-preview.png
ALAGOAS
[NBF]root.Data
[NBF]root.Data-preview.png
AMAPÁ
[NBF]root.Data
[NBF]root.Data-preview.png
AMAZONAS
[NBF]root.Data
[NBF]root.Data-preview.png
BAHIA
[NBF]root.Data
[NBF]root.Data-preview.png
Banco-Itau
[NBF]root.Data
[NBF]root.Data-preview.png
Banco-Votorantim
[NBF]root.Data
[NBF]root.Data.exif
[NBF]root.Data-preview.png
Banco-do-Brasil
[NBF]root.Data
[NBF]root.Data-preview.png
Botão-limpar-limpo
[NBF]root.Data
[NBF]root.Data-preview.png
DISTRITO FEDERAL
[NBF]root.Data
[NBF]root.Data-preview.png
ESPÍRITO SANTO
[NBF]root.Data
[NBF]root.Data-preview.png
FKcW
[NBF]root.Data
[NBF]root.Data-preview.png
Finanças
[NBF]root.Data
[NBF]root.Data-preview.png
GOIÁS
[NBF]root.Data
[NBF]root.Data-preview.png
MARANHÃO
[NBF]root.Data
[NBF]root.Data-preview.png
MATO GROSSO DO SUL
[NBF]root.Data
[NBF]root.Data-preview.png
PARAÍBA
[NBF]root.Data
[NBF]root.Data-preview.png
PARÁ
[NBF]root.Data
[NBF]root.Data-preview.png
PIAUÍ
[NBF]root.Data
[NBF]root.Data-preview.png
RIO GRANDE DO SUL
[NBF]root.Data
[NBF]root.Data-preview.png
RONDÔNIA
[NBF]root.Data
[NBF]root.Data-preview.png
RORAIMA
[NBF]root.Data
[NBF]root.Data-preview.png
SERGIPE
[NBF]root.Data
[NBF]root.Data-preview.png
Sair do sistema
[NBF]root.Data
[NBF]root.Data-preview.png
SÃO PAULO
[NBF]root.Data
[NBF]root.Data-preview.png
TOCANTINS
[NBF]root.Data
[NBF]root.Data-preview.png
banco-do-nordeste
[NBF]root.Data
[NBF]root.Data-preview.png
botão cancelar
[NBF]root.Data
[NBF]root.Data-preview.png
categorias.
[NBF]root.Data
[NBF]root.Data-preview.png
clients
[NBF]root.Data
[NBF]root.Data-preview.png
conecte-se
[NBF]root.Data
[NBF]root.Data-preview.png
conexao-na-nuvem
[NBF]root.Data
[NBF]root.Data-preview.png
confirmar
[NBF]root.Data
[NBF]root.Data-preview.png
excluir
[NBF]root.Data
[NBF]root.Data-preview.png
eye
[NBF]root.Data
[NBF]root.Data-preview.png
financa
[NBF]root.Data
[NBF]root.Data-preview.png
funcionarios
[NBF]root.Data
[NBF]root.Data-preview.png
instagram
[NBF]root.Data
[NBF]root.Data-preview.png
interesse
[NBF]root.Data
[NBF]root.Data-preview.png
liberado
[NBF]root.Data
[NBF]root.Data-preview.png
lupa
[NBF]root.Data
[NBF]root.Data-preview.png
novo-documento
[NBF]root.Data
[NBF]root.Data-preview.png
pescador
[NBF]root.Data
[NBF]root.Data-preview.png
salve-
[NBF]root.Data
[NBF]root.Data-preview.png
santander-logo
[NBF]root.Data
[NBF]root.Data-preview.png
security
[NBF]root.Data
[NBF]root.Data-preview.png
taxaDeJuros
[NBF]root.Data
[NBF]root.Data-preview.png
troca
[NBF]root.Data
[NBF]root.Data-preview.png
twitter
[NBF]root.Data
[NBF]root.Data-preview.png
userLogin
[NBF]root.Data
[NBF]root.Data-preview.png
whatsapp
[NBF]root.Data
[NBF]root.Data-preview.png
x
[NBF]root.Data
[NBF]root.Data-preview.png
ColoniaDePescadores.Simulador.FormFinanciamento.resources
$this.Icon
[NBF]root.IconData
Informations
|
Name0 | Value |
|---|---|
| Module Name | dLxr.exe |
| Full Name | dLxr.exe |
| EntryPoint | System.Void ColoniaDePescadores.Program::Main() |
| Scope Name | dLxr.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | dLxr |
| Assembly Version | 25.4.127.89 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.5 |
| Total Strings | 1731 |
| Main Method | System.Void ColoniaDePescadores.Program::Main() |
| Main IL Instruction Count | 6 |
| Main IL | call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) newobj System.Void ColoniaDePescadores.Login::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null> |
| Module Name | dLxr.exe |
| Full Name | dLxr.exe |
| EntryPoint | System.Void ColoniaDePescadores.Program::Main() |
| Scope Name | dLxr.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | dLxr |
| Assembly Version | 25.4.127.89 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.5 |
| Total Strings | 1731 |
| Main Method | System.Void ColoniaDePescadores.Program::Main() |
| Main IL Instruction Count | 6 |
| Main IL | call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) newobj System.Void ColoniaDePescadores.Login::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null> |
Artefacts
|
Name0 | Value |
|---|---|
| PDB Path | C:\Users\Administrator\Desktop\Client\Temp\stcNoxoKsU\src\obj\Debug\dLxr.pdb |
1446e4cb4414df842a9d8c341588b27c (1.18 MB)
File Structure
1446e4cb4414df842a9d8c341588b27c
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
.Net Resources
ColoniaDePescadores.AreaDoPescador.resources
ColoniaDePescadores.FormProduto1.resources
$this.Icon
[NBF]root.IconData
ColoniaDePescadores.FormProduto2.resources
ColoniaDePescadores.FormProduto3.resources
ColoniaDePescadores.FormProduto4.resources
ColoniaDePescadores.FormProduto5.resources
ColoniaDePescadores.FrmMenu.resources
ColoniaDePescadores.Login.resources
chb
[NBF]root.Data
statusStrip1.TrayLocation
ColoniaDePescadores.Parceiros.resources
ColoniaDePescadores.Properties.Resources.resources
ACRE
[NBF]root.Data
[NBF]root.Data-preview.png
ALAGOAS
[NBF]root.Data
[NBF]root.Data-preview.png
AMAPÁ
[NBF]root.Data
[NBF]root.Data-preview.png
AMAZONAS
[NBF]root.Data
[NBF]root.Data-preview.png
BAHIA
[NBF]root.Data
[NBF]root.Data-preview.png
Banco-Itau
[NBF]root.Data
[NBF]root.Data-preview.png
Banco-Votorantim
[NBF]root.Data
[NBF]root.Data.exif
[NBF]root.Data-preview.png
Banco-do-Brasil
[NBF]root.Data
[NBF]root.Data-preview.png
Botão-limpar-limpo
[NBF]root.Data
[NBF]root.Data-preview.png
DISTRITO FEDERAL
[NBF]root.Data
[NBF]root.Data-preview.png
ESPÍRITO SANTO
[NBF]root.Data
[NBF]root.Data-preview.png
FKcW
[NBF]root.Data
[NBF]root.Data-preview.png
Finanças
[NBF]root.Data
[NBF]root.Data-preview.png
GOIÁS
[NBF]root.Data
[NBF]root.Data-preview.png
MARANHÃO
[NBF]root.Data
[NBF]root.Data-preview.png
MATO GROSSO DO SUL
[NBF]root.Data
[NBF]root.Data-preview.png
PARAÍBA
[NBF]root.Data
[NBF]root.Data-preview.png
PARÁ
[NBF]root.Data
[NBF]root.Data-preview.png
PIAUÍ
[NBF]root.Data
[NBF]root.Data-preview.png
RIO GRANDE DO SUL
[NBF]root.Data
[NBF]root.Data-preview.png
RONDÔNIA
[NBF]root.Data
[NBF]root.Data-preview.png
RORAIMA
[NBF]root.Data
[NBF]root.Data-preview.png
SERGIPE
[NBF]root.Data
[NBF]root.Data-preview.png
Sair do sistema
[NBF]root.Data
[NBF]root.Data-preview.png
SÃO PAULO
[NBF]root.Data
[NBF]root.Data-preview.png
TOCANTINS
[NBF]root.Data
[NBF]root.Data-preview.png
banco-do-nordeste
[NBF]root.Data
[NBF]root.Data-preview.png
botão cancelar
[NBF]root.Data
[NBF]root.Data-preview.png
categorias.
[NBF]root.Data
[NBF]root.Data-preview.png
clients
[NBF]root.Data
[NBF]root.Data-preview.png
conecte-se
[NBF]root.Data
[NBF]root.Data-preview.png
conexao-na-nuvem
[NBF]root.Data
[NBF]root.Data-preview.png
confirmar
[NBF]root.Data
[NBF]root.Data-preview.png
excluir
[NBF]root.Data
[NBF]root.Data-preview.png
eye
[NBF]root.Data
[NBF]root.Data-preview.png
financa
[NBF]root.Data
[NBF]root.Data-preview.png
funcionarios
[NBF]root.Data
[NBF]root.Data-preview.png
instagram
[NBF]root.Data
[NBF]root.Data-preview.png
interesse
[NBF]root.Data
[NBF]root.Data-preview.png
liberado
[NBF]root.Data
[NBF]root.Data-preview.png
lupa
[NBF]root.Data
[NBF]root.Data-preview.png
novo-documento
[NBF]root.Data
[NBF]root.Data-preview.png
pescador
[NBF]root.Data
[NBF]root.Data-preview.png
salve-
[NBF]root.Data
[NBF]root.Data-preview.png
santander-logo
[NBF]root.Data
[NBF]root.Data-preview.png
security
[NBF]root.Data
[NBF]root.Data-preview.png
taxaDeJuros
[NBF]root.Data
[NBF]root.Data-preview.png
troca
[NBF]root.Data
[NBF]root.Data-preview.png
twitter
[NBF]root.Data
[NBF]root.Data-preview.png
userLogin
[NBF]root.Data
[NBF]root.Data-preview.png
whatsapp
[NBF]root.Data
[NBF]root.Data-preview.png
x
[NBF]root.Data
[NBF]root.Data-preview.png
ColoniaDePescadores.Simulador.FormFinanciamento.resources
$this.Icon
[NBF]root.IconData
Characteristics
No malware configuration were found at this point.
Artefacts
|
Name0 | Value | Location |
|---|---|---|
| PDB Path | C:\Users\Administrator\Desktop\Client\Temp\stcNoxoKsU\src\obj\Debug\dLxr.pdb |
1446e4cb4414df842a9d8c341588b27c |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.