Suspect
1c429f7aeb7cfb4bda88bc964204e853
PE Executable | MD5: 1c429f7aeb7cfb4bda88bc964204e853 | Size: 805.38 KB | application/x-dosexec
PE Executable
MD5: 1c429f7aeb7cfb4bda88bc964204e853
Size: 805.38 KB
application/x-dosexec
Summary by MalvaGPT
Characteristics
Symbol Ofbuscation Score
Medium
|
Hash | Hash Value |
|---|---|
| MD5 | 1c429f7aeb7cfb4bda88bc964204e853
|
| Sha1 | 8bf4c0df9dead4289bca980bb715a24538ea6360
|
| Sha256 | b7e7bc4e1ecbab19a0f5f2e51abd0cb7d6d3beed30a9edc405e71751eea35a6d
|
| Sha384 | 831430ce8a4356b7f9cf1a0d4fb4281193e73d71be617256df596df7b49a9efcbc238d398b046c7ae72c68540d51cb19
|
| Sha512 | 66ec1ff4bf1c0c0f27ff87e1d4488ee2c3111a44eac83884be52839309fc02fad72fb05b47a521039fe919690048be19a41273b9439697b9b6dcaad9ea1970d2
|
| SSDeep | 12288:rjA6AC3LjlhEj+SscLDN8FOZCnxuphMNYBQfNlmlMKEv9MnHPJHoUP7Lw3skR:/tA4hZcLuq0UpwYQVlm+tWPaUP7Lo
|
| TLSH | 8205EF546D9CAB2EECA953F0C8B0F2754BB17C696412D60A4DE53CDB3B23B0C2625763
|
File Structure
1c429f7aeb7cfb4bda88bc964204e853
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
SoftwareMercado.frmPrincipal.resources
$this.Icon
[NBF]root.IconData
gr
[NBF]root.Data
SoftwareMercado.Properties.Resources.resources
uKbU
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
|
Name0 | Value |
|---|---|
| Module Name | Jway.exe |
| Full Name | Jway.exe |
| EntryPoint | System.Void SoftwareMercado.Program::Main() |
| Scope Name | Jway.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Jway |
| Assembly Version | 3.7.2.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.5 |
| Total Strings | 573 |
| Main Method | System.Void SoftwareMercado.Program::Main() |
| Main IL Instruction Count | 10 |
| Main IL | nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void SoftwareMercado.frmPrincipal::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null> |
Artefacts
|
Name0 | Value |
|---|---|
| PDB Path | ? |
1c429f7aeb7cfb4bda88bc964204e853 (805.38 KB)
File Structure
1c429f7aeb7cfb4bda88bc964204e853
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
SoftwareMercado.frmPrincipal.resources
$this.Icon
[NBF]root.IconData
gr
[NBF]root.Data
SoftwareMercado.Properties.Resources.resources
uKbU
[NBF]root.Data
[NBF]root.Data-preview.png
Characteristics
No malware configuration were found at this point.
Artefacts
|
Name0 | Value | Location |
|---|---|---|
| PDB Path | ? |
1c429f7aeb7cfb4bda88bc964204e853 |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.