1ab7d8d7ef9a5f56e872ac5bf8342a28

PE Executable
|
MD5: 1ab7d8d7ef9a5f56e872ac5bf8342a28
|
Size: 788.99 KB
|
application/x-dosexec

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	1ab7d8d7ef9a5f56e872ac5bf8342a28
Sha1	b452652ca954452b2e6ef1eaf6bc8d4ac1e69dab
Sha256	e2dc30f133c91cab67e24cebc23291f6953654e16d4ea2621dd64dd500c5cc9a
Sha384	05855b016af8e238ec274a251b00901c7496447f399209d3c8e00a2cd0427c99417a16db582ce6247b67b96566741709
Sha512	a52f332773f4716204eddd05ddceb195e6ee1df47699b4f1d3a805df15f64c9ece96576c1b3963bce67213f567c1f73829cbf2655fe601491fcb10f8e7b53c99
SSDeep	24576:zb0F7DW0tT8BMYCEOztGe8DFJG87qfzFM1:8dD4BjCEOzA/DFrqby
TLSH	CEF4F159B551BC5EC0A7DE314DB3DEB09A681FEAA213C24385D71EDBF90F542BE001A2

PeID

.NET executable

Microsoft Visual C# / Basic .NET

Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL

Microsoft Visual C# v7.0 / Basic .NET

Microsoft Visual Studio .NET

File Structure

Informations

Name0	Value
Info	PE Detect: PeReader OK (file layout)
Module Name	ZvTO.exe
Full Name	ZvTO.exe
EntryPoint	System.Void WorldClock.Program::Main()
Scope Name	ZvTO.exe
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	ZvTO
Assembly Version	1.0.0.0
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.5
Total Strings	165
Main Method	System.Void WorldClock.Program::Main()
Main IL Instruction Count	37
Main IL	nop <null> call System.Void WorldClock.Program::‌‬‎‭‮‍‭‌⁯⁮⁭⁪⁯⁮‫‍‬⁪⁯⁫⁭‫⁯‏‏⁬‫⁭⁭⁭‬⁮‫‎⁬⁪‭‍‮() ldc.i4 -368415553 ldc.i4 -1674184630 xor <null> dup <null> stloc.0 <null> ldc.i4.5 <null> rem.un <null> switch dnlib.DotNet.Emit.Instruction[] br.s IL_0070: ret nop <null> ldc.i4.0 <null> call System.Void WorldClock.Program::‬⁫‌‏‮‍‎‭⁭⁯⁮‬‪‪‍‪‏⁭‮‪⁬⁯‬‫‮‎⁪⁮‪‏‎‏‭⁭‮‮(System.Boolean) nop <null> ldloc.0 <null> ldc.i4 -710635500 mul <null> ldc.i4 -2138929788 xor <null> br.s IL_000B: ldc.i4 -1674184630 nop <null> ldloc.0 <null> ldc.i4 900363853 mul <null> ldc.i4 -1669061733 xor <null> br.s IL_000B: ldc.i4 -1674184630 newobj System.Void WorldClock.Form1::.ctor() call System.Void WorldClock.Program::‏⁯⁯⁮‍‭⁪⁬‬⁯⁪⁬⁬⁬‭‫‪⁭‎‭‫‌‪‪‪‪‌‪⁪‬⁮⁯‬‎⁪‮‫‬‮(System.Windows.Forms.Form) ldloc.0 <null> ldc.i4 1942186577 mul <null> ldc.i4 1650844269 xor <null> br.s IL_000B: ldc.i4 -1674184630 ret <null>
Module Name	ZvTO.exe
Full Name	ZvTO.exe
EntryPoint	System.Void WorldClock.Program::Main()
Scope Name	ZvTO.exe
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	ZvTO
Assembly Version	1.0.0.0
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.5
Total Strings	165
Main Method	System.Void WorldClock.Program::Main()
Main IL Instruction Count	37
Main IL	nop <null> call System.Void WorldClock.Program::‌‬‎‭‮‍‭‌⁯⁮⁭⁪⁯⁮‫‍‬⁪⁯⁫⁭‫⁯‏‏⁬‫⁭⁭⁭‬⁮‫‎⁬⁪‭‍‮() ldc.i4 -368415553 ldc.i4 -1674184630 xor <null> dup <null> stloc.0 <null> ldc.i4.5 <null> rem.un <null> switch dnlib.DotNet.Emit.Instruction[] br.s IL_0070: ret nop <null> ldc.i4.0 <null> call System.Void WorldClock.Program::‬⁫‌‏‮‍‎‭⁭⁯⁮‬‪‪‍‪‏⁭‮‪⁬⁯‬‫‮‎⁪⁮‪‏‎‏‭⁭‮‮(System.Boolean) nop <null> ldloc.0 <null> ldc.i4 -710635500 mul <null> ldc.i4 -2138929788 xor <null> br.s IL_000B: ldc.i4 -1674184630 nop <null> ldloc.0 <null> ldc.i4 900363853 mul <null> ldc.i4 -1669061733 xor <null> br.s IL_000B: ldc.i4 -1674184630 newobj System.Void WorldClock.Form1::.ctor() call System.Void WorldClock.Program::‏⁯⁯⁮‍‭⁪⁬‬⁯⁪⁬⁬⁬‭‫‪⁭‎‭‫‌‪‪‪‪‌‪⁪‬⁮⁯‬‎⁪‮‫‬‮(System.Windows.Forms.Form) ldloc.0 <null> ldc.i4 1942186577 mul <null> ldc.i4 1650844269 xor <null> br.s IL_000B: ldc.i4 -1674184630 ret <null>

1ab7d8d7ef9a5f56e872ac5bf8342a28 (788.99 KB)

File Structure

Characteristics

No malware configuration were found at this point.

You must be signed in to post a comment.

1ab7d8d7ef9a5f56e872ac5bf8342a28

PE Executable | MD5: 1ab7d8d7ef9a5f56e872ac5bf8342a28 | Size: 788.99 KB | application/x-dosexec

PE Executable
|
MD5: 1ab7d8d7ef9a5f56e872ac5bf8342a28
|
Size: 788.99 KB
|
application/x-dosexec