Suspicious
Suspect

2852b882d8412a5178b84de730f3fdbd

PE Executable
|
MD5: 2852b882d8412a5178b84de730f3fdbd
|
Size: 266.24 KB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
2852b882d8412a5178b84de730f3fdbd
Sha1
d0f0812f46438911901627075d30530c8c7187c5
Sha256
818f25f1096a4e8d508f050ac2a2683982ac9cc2176c33614faecde87a4600dc
Sha384
c8a9df10da5d80833a7eece42ea420d200d77c8994f6b5bb8f1997e2449d814a00d55fe1647f7cdd7c806ebbe90bfae4
Sha512
50480c2cac3daea94512bb06e05819607260ebdd049b89c76cbaa6ab0c05ec2149c428484191f568b6564dd8b2987447a9f39d25351d3db2dbd3a6d322f5c131
SSDeep
3072:tT9LYTV0enEY1lsKqEzDWCkJuJcbCp9758HsdXjjZl5RRO876pDoAkLOojapitwQ:tTJYx0enbxkJDbC775ooZ2z0KyL
TLSH
28449427BBAD571EE2694270B071453087B0EF5B6341DB5A75C8ECAF0862B4CAE413F6

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
2852b882d8412a5178b84de730f3fdbd
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
Informations
Name
 Value
Module Name

6252025546789 ARRIVAL NOTICE HBL SCAN_pdf.exe
Full Name

6252025546789 ARRIVAL NOTICE HBL SCAN_pdf.exe
EntryPoint

System.Void Kasjpjo.Zgkhu::Main()
Scope Name

6252025546789 ARRIVAL NOTICE HBL SCAN_pdf.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

6252025546789 ARRIVAL NOTICE HBL SCAN_pdf
Assembly Version

1.0.8882.27122
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

627
Main Method

System.Void Kasjpjo.Zgkhu::Main()
Main IL Instruction Count

2
Main IL

call System.Void Kasjpjo.Ldrddi::Mtmurumkehj() ret <null>
Module Name

6252025546789 ARRIVAL NOTICE HBL SCAN_pdf.exe
Full Name

6252025546789 ARRIVAL NOTICE HBL SCAN_pdf.exe
EntryPoint

System.Void Kasjpjo.Zgkhu::Main()
Scope Name

6252025546789 ARRIVAL NOTICE HBL SCAN_pdf.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

6252025546789 ARRIVAL NOTICE HBL SCAN_pdf
Assembly Version

1.0.8882.27122
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

627
Main Method

System.Void Kasjpjo.Zgkhu::Main()
Main IL Instruction Count

2
Main IL

call System.Void Kasjpjo.Ldrddi::Mtmurumkehj() ret <null>
Artefacts
Name
 Value
Embedded Resources

0
Suspicious Type Names (1-2 chars)

0
2852b882d8412a5178b84de730f3fdbd (266.24 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙