Suspicious
Suspect

1dd9ba180ae68bd21afe00e7997d7c6c

PE Executable
|
MD5: 1dd9ba180ae68bd21afe00e7997d7c6c
|
Size: 801.79 KB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very low

Hash
 Hash Value
MD5
1dd9ba180ae68bd21afe00e7997d7c6c
Sha1
ae6bda8aa4c8bcbd6c15629e3ef0a8d85f3e5949
Sha256
6efe9fbfc3d3e47786a8ae76434966a1c64f7c4e91d8709c4eb36ae7b6bb0a86
Sha384
0d8103154ad2b9592817d692273783660e2cf8b800c503d74f0f82f7886d95bf37d2b46abbc4266369592c2fde74c93c
Sha512
06c9e7f98d165840a5d64204ab070c1f8055ee8a62f021f15934848729d79e8b853c4ce5c3376fffe17deb2240b6c9e013ff9dbafe80c7d751d3887bc084ccec
SSDeep
12288:jany0UxReTM5NJOx+g+K6eg6O+FQJZD1/oxpZDJfywWvzZXa4QY+rso1:4y0U6o5zqiK6eI+6B1wjw
TLSH
6A05CFAD3214B5DFC8A7C1B28A64DD75A6616DAB53178207D0E708EFB90CA87DF140F2

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual C++ v6.0 DLL
Microsoft Visual Studio .NET
File Structure
1dd9ba180ae68bd21afe00e7997d7c6c
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0-preview.png
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
.Net Resources
ProjectWindowsForms.Form1.resources
$this.Icon
sik
ProjectWindowsForms.Properties.Resources.resources
vLWm
Informations
Name
 Value
Module Name

Wzzm.exe
Full Name

Wzzm.exe
EntryPoint

System.Void ProjectWindowsForms.Program::Main()
Scope Name

Wzzm.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Wzzm
Assembly Version

0.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

527
Main Method

System.Void ProjectWindowsForms.Program::Main()
Main IL Instruction Count

6
Main IL

call System.Void ProjectWindowsForms.Program::‬‍‌‪‏‫​‬​‪‌‫‎‌‎‪‫‌‎‌‭‭‍‮‮() ldc.i4.0 <null> call System.Void ProjectWindowsForms.Program::‮‎​‮‎‫‍‭‍​‎‏‭‍‮‫‮‭‍‬‪‮(System.Boolean) newobj System.Void ProjectWindowsForms.SmartForm13::.ctor() call System.Void ProjectWindowsForms.Program::​‎‭‮​‫‍‍‎‎‪‍‭‌​‎‬‏​‌‬‎‎‎‮(System.Windows.Forms.Form) ret <null>
Module Name

Wzzm.exe
Full Name

Wzzm.exe
EntryPoint

System.Void ProjectWindowsForms.Program::Main()
Scope Name

Wzzm.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Wzzm
Assembly Version

0.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

527
Main Method

System.Void ProjectWindowsForms.Program::Main()
Main IL Instruction Count

6
Main IL

call System.Void ProjectWindowsForms.Program::‬‍‌‪‏‫​‬​‪‌‫‎‌‎‪‫‌‎‌‭‭‍‮‮() ldc.i4.0 <null> call System.Void ProjectWindowsForms.Program::‮‎​‮‎‫‍‭‍​‎‏‭‍‮‫‮‭‍‬‪‮(System.Boolean) newobj System.Void ProjectWindowsForms.SmartForm13::.ctor() call System.Void ProjectWindowsForms.Program::​‎‭‮​‫‍‍‎‎‪‍‭‌​‎‬‏​‌‬‎‎‎‮(System.Windows.Forms.Form) ret <null>
Artefacts
Name
 Value
Embedded Resources

2
Suspicious Type Names (1-2 chars)

0
1dd9ba180ae68bd21afe00e7997d7c6c (801.79 KB)
File Structure
1dd9ba180ae68bd21afe00e7997d7c6c
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0-preview.png
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
.Net Resources
ProjectWindowsForms.Form1.resources
$this.Icon
sik
ProjectWindowsForms.Properties.Resources.resources
vLWm
Characteristics
No malware configuration were found at this point.
Artefacts
Name
 Value Location
Embedded Resources

2

1dd9ba180ae68bd21afe00e7997d7c6c
Suspicious Type Names (1-2 chars)

0

1dd9ba180ae68bd21afe00e7997d7c6c
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙