Suspicious
Suspect

188029eb1ab18abc89805a4da974605f

PE Executable
|
MD5: 188029eb1ab18abc89805a4da974605f
|
Size: 793.09 KB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

High

Hash
 Hash Value
MD5
188029eb1ab18abc89805a4da974605f
Sha1
4e55313987967b3de3be592a1c929aef6edcbe20
Sha256
9cc0ec6a21bd5a6623933e5d35f40cf3d5f3bc9465c0e848b6b39fe8fe1c7038
Sha384
b173364ea0095694d8ca174b201696010db4bb0f32e3cc24727710f3c79733e70f85747c9faa581521e2a03cc41bfbcb
Sha512
8d8fc7142f59447817094b48bf714776b1ee8d544fba286146c3a53bb506b792418695d4fed9b18f2b4acc196cf6a39f24e9f9993623b0cac1208ca6607c1825
SSDeep
12288:9q0OW25RFrGcE1UjO2U14CcBvmthnu8sG1GjWcdbo5RsFxcJRn79s9TgVXDkF6D:9gRtEUZU17cButA8sGoj9W7sLcJzs9
TLSH
0DF4D0AC3240B59FC893C97289A4DE74AA247DBA530BC20391E71DAFB91D5D7DE101F2

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
188029eb1ab18abc89805a4da974605f
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
CSVViewer.Forms.MainForm.resources
CSVViewer.Properties.Resources.resources
KS
[NBF]root.Data
KzEQ
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

wmpW.exe
Full Name

wmpW.exe
EntryPoint

System.Void CSVViewer.Program::Main()
Scope Name

wmpW.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

wmpW
Assembly Version

3.4.3.4
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

183
Main Method

System.Void CSVViewer.Program::Main()
Main IL Instruction Count

43
Main IL

nop <null> call System.Void CSVViewer.Program::​‌‪‪‫‭​‏‭‎‪‎‌‬‍‏‭‌‌‏‭‭‮‎‭‬‮() ldc.i4 438093221 ldc.i4 603622247 xor <null> dup <null> stloc.0 <null> ldc.i4.6 <null> rem.un <null> switch dnlib.DotNet.Emit.Instruction[] br.s IL_0083: ret nop <null> ldloc.0 <null> ldc.i4 777983754 mul <null> ldc.i4 179946714 xor <null> br.s IL_000B: ldc.i4 603622247 nop <null> ldloc.0 <null> ldc.i4 -662712153 mul <null> ldc.i4 -208949548 xor <null> br.s IL_000B: ldc.i4 603622247 ldc.i4.0 <null> call System.Void CSVViewer.Program::​‫‬‍‮‬‬‮‌‫‌‪‏‎​‬​‮‭‌‌‏‏‮‮‍‎‪‭‫‫‮(System.Boolean) nop <null> ldloc.0 <null> ldc.i4 791931060 mul <null> ldc.i4 1469735396 xor <null> br.s IL_000B: ldc.i4 603622247 newobj System.Void CSVViewer.Forms.MainForm::.ctor() call System.Void CSVViewer.Program::‍‪‍‭‌‪‌‍‍‮‭​‬‎‍‫‫‏‮‬‪‭‎‭‬‎‭‮(System.Windows.Forms.Form) ldloc.0 <null> ldc.i4 -1819693109 mul <null> ldc.i4 -1355634185 xor <null> br.s IL_000B: ldc.i4 603622247 ret <null>
Module Name

wmpW.exe
Full Name

wmpW.exe
EntryPoint

System.Void CSVViewer.Program::Main()
Scope Name

wmpW.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

wmpW
Assembly Version

3.4.3.4
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

183
Main Method

System.Void CSVViewer.Program::Main()
Main IL Instruction Count

43
Main IL

nop <null> call System.Void CSVViewer.Program::​‌‪‪‫‭​‏‭‎‪‎‌‬‍‏‭‌‌‏‭‭‮‎‭‬‮() ldc.i4 438093221 ldc.i4 603622247 xor <null> dup <null> stloc.0 <null> ldc.i4.6 <null> rem.un <null> switch dnlib.DotNet.Emit.Instruction[] br.s IL_0083: ret nop <null> ldloc.0 <null> ldc.i4 777983754 mul <null> ldc.i4 179946714 xor <null> br.s IL_000B: ldc.i4 603622247 nop <null> ldloc.0 <null> ldc.i4 -662712153 mul <null> ldc.i4 -208949548 xor <null> br.s IL_000B: ldc.i4 603622247 ldc.i4.0 <null> call System.Void CSVViewer.Program::​‫‬‍‮‬‬‮‌‫‌‪‏‎​‬​‮‭‌‌‏‏‮‮‍‎‪‭‫‫‮(System.Boolean) nop <null> ldloc.0 <null> ldc.i4 791931060 mul <null> ldc.i4 1469735396 xor <null> br.s IL_000B: ldc.i4 603622247 newobj System.Void CSVViewer.Forms.MainForm::.ctor() call System.Void CSVViewer.Program::‍‪‍‭‌‪‌‍‍‮‭​‬‎‍‫‫‏‮‬‪‭‎‭‬‎‭‮(System.Windows.Forms.Form) ldloc.0 <null> ldc.i4 -1819693109 mul <null> ldc.i4 -1355634185 xor <null> br.s IL_000B: ldc.i4 603622247 ret <null>
188029eb1ab18abc89805a4da974605f (793.09 KB)
File Structure
188029eb1ab18abc89805a4da974605f
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
CSVViewer.Forms.MainForm.resources
CSVViewer.Properties.Resources.resources
KS
[NBF]root.Data
KzEQ
[NBF]root.Data
[NBF]root.Data-preview.png
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙