Suspicious
Suspect

1d2356b62e1c5c503d3cef4a3fb994fd

PE Executable
|
MD5: 1d2356b62e1c5c503d3cef4a3fb994fd
|
Size: 517.63 KB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Medium

Hash
 Hash Value
MD5
1d2356b62e1c5c503d3cef4a3fb994fd
Sha1
bbde22050be86b0d9267bb49b2beb666d3bc89fd
Sha256
a866ea54f436fbc64be8cf3d2941a9558151ee9ea1ca3fc28a8b48d512de8b83
Sha384
56123fdc5815ec344f715ab6f63195cd3139fde53ed6659972e8ecae5b7511240a67583b99d958e63232c7a3661b8a7d
Sha512
03bdcf0379bd582ac0126b912b7d4be314012ff3b786c6de1a388c092ae7bdab62ce7cc1b4d398f2691b6d4eebf8a550e2165cd945d57ba74ac649df4d623d99
SSDeep
12288:C16iIIBZ+jew5OH5pYBXafFKTs5oL+9HlUnNpht9F:CM5yoCCOZpYBKfgI6es3t9
TLSH
18B4126D270DC307E8A11FF10831E1B143B56CA9E816D9161FEA6DDFB87EB920A55383

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
1d2356b62e1c5c503d3cef4a3fb994fd
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
KeyboardIndicator.Forms.MainForm.resources
KeyboardIndicator.Properties.Resources.resources
ECym
[NBF]root.Data
[NBF]root.Data-preview.png
SC
[NBF]root.Data
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Info

PDB Path: eBke.pdb
Module Name

eBke.exe
Full Name

eBke.exe
EntryPoint

System.Void KeyboardIndicator.Program::Main()
Scope Name

eBke.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

eBke
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

142
Main Method

System.Void KeyboardIndicator.Program::Main()
Main IL Instruction Count

10
Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void KeyboardIndicator.Forms.MainForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
Module Name

eBke.exe
Full Name

eBke.exe
EntryPoint

System.Void KeyboardIndicator.Program::Main()
Scope Name

eBke.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

eBke
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

142
Main Method

System.Void KeyboardIndicator.Program::Main()
Main IL Instruction Count

10
Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void KeyboardIndicator.Forms.MainForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
1d2356b62e1c5c503d3cef4a3fb994fd (517.63 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙