Suspicious
Suspect

15cb431be1e7eb37abe69f6f4a72194a

PE Executable
|
MD5: 15cb431be1e7eb37abe69f6f4a72194a
|
Size: 207.87 KB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Obfuscation Score

Very high

Hash
 Hash Value
MD5
15cb431be1e7eb37abe69f6f4a72194a
Sha1
c8bb167dcd83152f988def51f0e1184e4a49813a
Sha256
cc6f82015fc2e26a65da84db2dc0e41cc63f5ca735150a5ad55b9f474f0673f3
Sha384
0c7a333a4d190a411c7e4c6dc71f12f4015579cdd51211900aa26ee7ada91221edf07d55c1ba645b9316a69bea426366
Sha512
e2430d899aa0acb638dfbe6a195c70f25d175b2e91c991aa7b187f531431a15242825d3215e47569a86a3419268a104ae73dc8f0f380d5cc2f874c9ca8c3298c
SSDeep
6144:sLV6Bta6dtJmakIM5y0cFHkf8wa3PNMGdw:sLV6BtpmkVrH3wKlMGC
TLSH
2F14CF5677A88A2FE2CE86B9711212128779C2E399C3F3DE58D464F74F227E106071E3

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
15cb431be1e7eb37abe69f6f4a72194a
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.reloc
.rsrc
Resources
RT_RCDATA
ID:0001
ID:0
.Net Resources
ClientLoaderForm.resources
     ​     
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

NanoCore Client.exe
Full Name

NanoCore Client.exe
EntryPoint

System.Void ClientLoaderForm::Main()
Scope Name

NanoCore Client.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v2.0.50727
Tables Header Version

512
WinMD Version

<null>
Assembly Name

NanoCore Client
Assembly Version

1.2.2.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

<null>
Total Strings

2
Main Method

System.Void ClientLoaderForm::Main()
Main IL Instruction Count

4
Main IL

call #=q_jQLaNdtSDa6ovA0VGw50w==/#=qlsj4Kl0M6SYgZMJLZ$QkSw== #=q_jQLaNdtSDa6ovA0VGw50w==::#=qqROT7DfncW7strhZvp0iRQ==() callvirt ClientLoaderForm #=q_jQLaNdtSDa6ovA0VGw50w==/#=qlsj4Kl0M6SYgZMJLZ$QkSw==::#=qbzig1$2CwLluEJt5uPtpgqPx5y_2S$GoPgJP36N8bTE=() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null>
Module Name

NanoCore Client.exe
Full Name

NanoCore Client.exe
EntryPoint

System.Void ClientLoaderForm::Main()
Scope Name

NanoCore Client.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v2.0.50727
Tables Header Version

512
WinMD Version

<null>
Assembly Name

NanoCore Client
Assembly Version

1.2.2.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

<null>
Total Strings

2
Main Method

System.Void ClientLoaderForm::Main()
Main IL Instruction Count

4
Main IL

call #=q_jQLaNdtSDa6ovA0VGw50w==/#=qlsj4Kl0M6SYgZMJLZ$QkSw== #=q_jQLaNdtSDa6ovA0VGw50w==::#=qqROT7DfncW7strhZvp0iRQ==() callvirt ClientLoaderForm #=q_jQLaNdtSDa6ovA0VGw50w==/#=qlsj4Kl0M6SYgZMJLZ$QkSw==::#=qbzig1$2CwLluEJt5uPtpgqPx5y_2S$GoPgJP36N8bTE=() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null>
15cb431be1e7eb37abe69f6f4a72194a (207.87 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙