Suspicious
Suspect

2528891ed7a7956ccd99447822e2fdaa

PE Executable
|
MD5: 2528891ed7a7956ccd99447822e2fdaa
|
Size: 620.54 KB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very low

Hash
 Hash Value
MD5
2528891ed7a7956ccd99447822e2fdaa
Sha1
754685316efd5e775d2411d3f26c17ffbf7911bb
Sha256
f10f2a163771c5a1a36a9c243b3887caa461b7c6340c069e16735e2ec7d89219
Sha384
78b55d27900aa369bbe52a65ec2731e2d159955bdde916393355365a7d93b503ba5195089eba5fc11ad4527073e6e0ef
Sha512
ce68a525197908e40d9761cc8a42f55c0ec5574ae4d069d61d68eb622644f01b6aa44137dcbb5f3fc9fcfef229889205757ad1d7191be8164157e6cfad3776fb
SSDeep
12288:sllro8kNQWAPBLNZX4Nqb3VKrK3PZnsJIz1FDy+X9Luuvw:wfNXZUNkSKtwIz1Ry+tLLo
TLSH
2CD4F20EFE75FD21C2480BB7D613297481A74D52F420F69B6CC9B8D21E3AB4584CBA87

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
2528891ed7a7956ccd99447822e2fdaa
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
Informations
Name
 Value
Module Name

gjot.exe
Full Name

gjot.exe
EntryPoint

System.Void DamassaProject.Program::Main()
Scope Name

gjot.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

gjot
Assembly Version

2.8.5.1
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

2
Main Method

System.Void DamassaProject.Program::Main()
Main IL Instruction Count

27
Main IL

ldsfld System.Int32[] DamassaProject.fmrLogin::Ⴈ stloc.2 <null> ldc.i4.3 <null> stloc.1 <null> ldloc.1 <null> switch dnlib.DotNet.Emit.Instruction[] call System.Void DamassaProject.Program::Ⴅ() ldc.i4.8 <null> ldc.i4.s 123 call System.Void DamassaProject.Properties.Resources::Ⴃ(System.Char,System.Int32) ldc.i4.0 <null> ldc.i4 849 ldc.i4 804 call System.Void DamassaProject.Repositories.AdminstradorReposirory::Ⴃ(System.Boolean,System.Char,System.Int32) ldloc.2 <null> ldc.i4 399 ldelem.i4 <null> ldc.i4 22893 sub <null> stloc.1 <null> br.s IL_0008: ldloc.1 newobj System.Void DamassaProject.fmrListarUsuario::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null> ldtoken System.Void DamassaProject.Program::Main() pop <null> ret <null>
Module Name

gjot.exe
Full Name

gjot.exe
EntryPoint

System.Void DamassaProject.Program::Main()
Scope Name

gjot.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

gjot
Assembly Version

2.8.5.1
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

2
Main Method

System.Void DamassaProject.Program::Main()
Main IL Instruction Count

27
Main IL

ldsfld System.Int32[] DamassaProject.fmrLogin::Ⴈ stloc.2 <null> ldc.i4.3 <null> stloc.1 <null> ldloc.1 <null> switch dnlib.DotNet.Emit.Instruction[] call System.Void DamassaProject.Program::Ⴅ() ldc.i4.8 <null> ldc.i4.s 123 call System.Void DamassaProject.Properties.Resources::Ⴃ(System.Char,System.Int32) ldc.i4.0 <null> ldc.i4 849 ldc.i4 804 call System.Void DamassaProject.Repositories.AdminstradorReposirory::Ⴃ(System.Boolean,System.Char,System.Int32) ldloc.2 <null> ldc.i4 399 ldelem.i4 <null> ldc.i4 22893 sub <null> stloc.1 <null> br.s IL_0008: ldloc.1 newobj System.Void DamassaProject.fmrListarUsuario::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null> ldtoken System.Void DamassaProject.Program::Main() pop <null> ret <null>
Artefacts
Name
 Value
Embedded Resources

0
Suspicious Type Names (1-2 chars)

0
2528891ed7a7956ccd99447822e2fdaa (620.54 KB)
File Structure
2528891ed7a7956ccd99447822e2fdaa
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
Characteristics
No malware configuration were found at this point.
Artefacts
Name
 Value Location
Embedded Resources

0

2528891ed7a7956ccd99447822e2fdaa
Suspicious Type Names (1-2 chars)

0

2528891ed7a7956ccd99447822e2fdaa
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙