Suspect
1ef84563cd9f50994e0a8e3b026e2ee6
PE Executable | MD5: 1ef84563cd9f50994e0a8e3b026e2ee6 | Size: 675.84 KB | application/x-dosexec
PE Executable
MD5: 1ef84563cd9f50994e0a8e3b026e2ee6
Size: 675.84 KB
application/x-dosexec
Summary by MalvaGPT
Characteristics
Symbol Ofbuscation Score
Low
|
Hash | Hash Value |
|---|---|
| MD5 | 1ef84563cd9f50994e0a8e3b026e2ee6
|
| Sha1 | 6c94321b802e00388b9863acd8c72005ca4d7e28
|
| Sha256 | 24d264c5b777a6a199916aa7afa32e92358aa9d13e695035a2b18285facdab0e
|
| Sha384 | 4e12a423455c2639034bcacc427987b8094c8be9e37aed202629118972e3f59561b1111218cb2b0db24e3d8d47c4d8c4
|
| Sha512 | 00e47ee64d7183088669dca9775d8ff3b177578dbaa35a113d4b6f809cb60402653f237e177400257813ba54508856a887ce966a9bcf8ef0e4999750b1abfbdf
|
| SSDeep | 12288:Y6ITnLIPgi75s6TZ8kYS1BCPQpmxvgpIFTTEnusaLUHxfNV:6MIM5bCS/CZg8TEj/HD
|
| TLSH | 13E40158220EDD02C8511FB40972E3B86B788EEDE951D347DFF97EDFF92AA545840282
|
PeID
Microsoft Visual C++ DLL
Microsoft Visual C++ v6.0
File Structure
1ef84563cd9f50994e0a8e3b026e2ee6
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rsrc
Resources
RT_ICON
ID:0001
ID:0
ID:0-preview.png
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
.Net Resources
DocumentStatist.Form1.resources
$this.Icon
[NBF]root.IconData
IU
[NBF]root.Data
DocumentStatist.Properties.Resources.resources
VwKV
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Info | PDB Path: C:\Users\Administrator\Desktop\Client\Temp\UYBYurwjWG\src\obj\Debug\eqsN.pdb |
| Module Name | eqsN.exe |
| Full Name | eqsN.exe |
| EntryPoint | System.Void DocumentStatist.Program::Main() |
| Scope Name | eqsN.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | eqsN |
| Assembly Version | 0.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.5 |
| Total Strings | 88 |
| Main Method | System.Void DocumentStatist.Program::Main() |
| Main IL Instruction Count | 10 |
| Main IL | nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void DocumentStatist.Form1::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null> |
1ef84563cd9f50994e0a8e3b026e2ee6 (675.84 KB)
File Structure
1ef84563cd9f50994e0a8e3b026e2ee6
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rsrc
Resources
RT_ICON
ID:0001
ID:0
ID:0-preview.png
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
.Net Resources
DocumentStatist.Form1.resources
$this.Icon
[NBF]root.IconData
IU
[NBF]root.Data
DocumentStatist.Properties.Resources.resources
VwKV
[NBF]root.Data
[NBF]root.Data-preview.png
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.