General
Structural Analysis
Config.0
Yara Rules12
Sync
Community
Summary by MalvaGPT
Characteristics
Symbol Ofbuscation Score
Low
|
Hash | Hash Value |
|---|---|
| MD5 | 195ebd044610d2088a28b614a2abd9a5
|
| Sha1 | 098b24d66138de0d81c074ea6da05d816cb7c27d
|
| Sha256 | e14543458bbd96f242cc1dbeb9e3ff8c62c592fbe954b6da75fbf7f05aa41a0f
|
| Sha384 | a7ceda06882fcd61d9ae72ac7af65d7692d4f6f9d14755c46d237abcd24c3c06c0bdc0b829599c51ddff8524c196f54c
|
| Sha512 | c12f2d31b0717554450960d2e3ff9a2895cd8f4bb740f778748b07de794f234a48805dfdad23fd4053e6d94403add014e23fab9ef0b1738907ea8e2a7c79888d
|
| SSDeep | 12288:tg2ztJaqojL4ezQZJYcqNQGVujY5B6+Jo3NViAvjCE1B3:t7zCqqMiuauIv2m
|
| TLSH | F994E048201ADE22C5AE0BB8C992D5F907749F99B422E7078ED9BCDB7D37385480D2D7
|
File Structure
195ebd044610d2088a28b614a2abd9a5
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0.exif
ID:0-preview.png
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
SingleQueue.SingleQueue.resources
$this.Icon
[NBF]root.IconData
crc
[NBF]root.Data
Vip.CustomForm.Properties.Resources.resources
Gqyg
[NBF]root.Data
[NBF]root.Data-preview.png
Vip.CustomForm.Images.SystemButtons.bmp
Informations
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Info | PDB Path: C:\Users\Administrator\Desktop\Client\Temp\ebxfUtwKfd\src\obj\Debug\ILoY.pdb |
| Module Name | ILoY.exe |
| Full Name | ILoY.exe |
| EntryPoint | System.Void SingleQueue.Program::Main() |
| Scope Name | ILoY.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | ILoY |
| Assembly Version | 0.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.5 |
| Total Strings | 104 |
| Main Method | System.Void SingleQueue.Program::Main() |
| Main IL Instruction Count | 10 |
| Main IL | nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void SingleQueue.SingleQueue::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null> |
195ebd044610d2088a28b614a2abd9a5 (433.15 KB)
File Structure
195ebd044610d2088a28b614a2abd9a5
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0.exif
ID:0-preview.png
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
SingleQueue.SingleQueue.resources
$this.Icon
[NBF]root.IconData
crc
[NBF]root.Data
Vip.CustomForm.Properties.Resources.resources
Gqyg
[NBF]root.Data
[NBF]root.Data-preview.png
Vip.CustomForm.Images.SystemButtons.bmp
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.