Suspect
27ff4ab1a8e8a68cacfc119e5d4df3f5
PE Executable | MD5: 27ff4ab1a8e8a68cacfc119e5d4df3f5 | Size: 699.39 KB | application/x-dosexec
PE Executable
MD5: 27ff4ab1a8e8a68cacfc119e5d4df3f5
Size: 699.39 KB
application/x-dosexec
Summary by MalvaGPT
Characteristics
Symbol Ofbuscation Score
Medium
|
Hash | Hash Value |
|---|---|
| MD5 | 27ff4ab1a8e8a68cacfc119e5d4df3f5
|
| Sha1 | 85db0f1fe91c502f5c4074d0c7a52821fef295c8
|
| Sha256 | a7db6df5960231b52632b929d91f56f275347d1af9b18326d1ebbf575eb5f2ba
|
| Sha384 | d1554285eb61eb98bf2216e05689e3ace989af0d2432a89a8a78bbd2855d0bd4acd923e8da88e719429ddf5432266039
|
| Sha512 | 4be51648a42d0e5aa87be5fc89336a0d30e3a27f0eda910205e5708b15583f26b0782928924f8d0f3f1becfa921dd80865c27dc4e42071c7c4b71f26f3127fd5
|
| SSDeep | 12288:pLURUG1NeLlk/HR+aJ55gYtDcYh/3qzoNbAVOvkK3Pw58i/HKVkk4b5r9uO8:m6G1NeLUs659DcYh/6zoFw58oXpuO8
|
| TLSH | AAE412A52BA9CB27D47A1BF21671F13113B22D5FA426D756CFDAACFB7406B100A40B13
|
File Structure
27ff4ab1a8e8a68cacfc119e5d4df3f5
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
SlotMachine.SlotDisplay.resources
SlotMachine.Properties.Resources.resources
GoBVKO
[NBF]root.Data
[NBF]root.Data-preview.png
NH
[NBF]root.Data
Informations
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Info | PDB Path: DIwgnH.pdb |
| Module Name | DIwgnH.exe |
| Full Name | DIwgnH.exe |
| EntryPoint | System.Void SlotMachine.Program::Main() |
| Scope Name | DIwgnH.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | DIwgnH |
| Assembly Version | 1.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.5 |
| Total Strings | 374 |
| Main Method | System.Void SlotMachine.Program::Main() |
| Main IL Instruction Count | 10 |
| Main IL | nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void SlotMachine.SlotDisplay::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null> |
27ff4ab1a8e8a68cacfc119e5d4df3f5 (699.39 KB)
File Structure
27ff4ab1a8e8a68cacfc119e5d4df3f5
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
SlotMachine.SlotDisplay.resources
SlotMachine.Properties.Resources.resources
GoBVKO
[NBF]root.Data
[NBF]root.Data-preview.png
NH
[NBF]root.Data
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.