Suspicious
Suspect

1b3757953338f7aa78b6772360352ba1

PE Executable
|
MD5: 1b3757953338f7aa78b6772360352ba1
|
Size: 1 MB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Obfuscation Score

Medium

Hash
Hash Value
MD5
1b3757953338f7aa78b6772360352ba1
Sha1
6d352d87b0f3d397fd93a26d122fc14cdcd118ce
Sha256
b3baa9567f3661525ea666b3c23e427d8550abf4ed4ebc2322121c3616c9cbef
Sha384
df7f463b99c63697a9896005f91b12dea2a01edcbaf3e8546daddd0dff8341b16c12aa642202e3a3ee394c0696f61568
Sha512
b078b8cbad1fbd00b0a1f2aa3f9d1bd4aaf6a9af62bb4e7c095575b3fe82df5adbdb9acc8e954240df36d6dbfcbb7cf8f429f7df7a66fc1f9dc5775565af474a
SSDeep
24576:g8fbDgnWcWxtOaAG6/n2PgXhUHDn0Oco5oEJ0A79:zbsnWckOj9n2PgQD0OcwJvZ
TLSH
832512647B5EE713C9260BB408A0E23417792E9AE950E3030ED9BEEF7974F191D44AD3

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0-preview.png
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
.Net Resources
Wi2nAp1p.frmArvore.resources
Wi2nAp1p.frmCambioCheckBox.resources
$this.Icon
[NBF]root.IconData
Wi2nAp1p.frmPrincipal.resources
RAM
[NBF]root.Data
menuStrip1.TrayLocation
Wi2nAp1p.Properties.Resources.resources
bSCK
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
Name
Value
Info

PE Detect: PeReader OK (file layout)

Info

PDB Path: C:\Users\Administrator\Desktop\Client\Temp\HwnhIlsqXO\src\obj\Debug\VbXa.pdb

Module Name

VbXa.exe

Full Name

VbXa.exe

EntryPoint

System.Void Wi2nAp1p.Program::Main()

Scope Name

VbXa.exe

Scope Type

ModuleDef

Kind

Windows

Runtime Version

v4.0.30319

Tables Header Version

512

WinMD Version

<null>

Assembly Name

VbXa

Assembly Version

9.3.8.0

Assembly Culture

<null>

Has PublicKey

False

PublicKey Token

<null>

Target Framework

.NETFramework,Version=v4.5

Total Strings

417

Main Method

System.Void Wi2nAp1p.Program::Main()

Main IL Instruction Count

10

Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void Wi2nAp1p.frmPrincipal::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>

Module Name

VbXa.exe

Full Name

VbXa.exe

EntryPoint

System.Void Wi2nAp1p.Program::Main()

Scope Name

VbXa.exe

Scope Type

ModuleDef

Kind

Windows

Runtime Version

v4.0.30319

Tables Header Version

512

WinMD Version

<null>

Assembly Name

VbXa

Assembly Version

9.3.8.0

Assembly Culture

<null>

Has PublicKey

False

PublicKey Token

<null>

Target Framework

.NETFramework,Version=v4.5

Total Strings

417

Main Method

System.Void Wi2nAp1p.Program::Main()

Main IL Instruction Count

10

Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void Wi2nAp1p.frmPrincipal::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>

1b3757953338f7aa78b6772360352ba1 (1 MB)
File Structure
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0-preview.png
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
.Net Resources
Wi2nAp1p.frmArvore.resources
Wi2nAp1p.frmCambioCheckBox.resources
$this.Icon
[NBF]root.IconData
Wi2nAp1p.frmPrincipal.resources
RAM
[NBF]root.Data
menuStrip1.TrayLocation
Wi2nAp1p.Properties.Resources.resources
bSCK
[NBF]root.Data
[NBF]root.Data-preview.png
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙