General
Structural Analysis
Config.0
Yara Rules19
Sync
Community
Summary by MalvaGPT
Characteristics
Symbol Ofbuscation Score
Medium
|
Hash | Hash Value |
|---|---|
| MD5 | 30d9c63e0761f3711e890141593be609
|
| Sha1 | 1677a94c5911add8e40c326de00bddd877e65889
|
| Sha256 | 6a2ed18bf270a3af67b3048a69f8e601ab0e6d9200a79183ff3bf9f4daf7b225
|
| Sha384 | 14c5a123fbdbe19c98f85d1e1783ea0e3c91a3408e9c5e16ac788bc8fd5975784a1baf64d4e6cdf99054c6e7fdc18c5b
|
| Sha512 | 018fdbe47655e8e61192b1ec141797125a721f684453f8ab6faab37d808a0768fd56fb8c2b6a4e5943b1af824c0578b1473d7670295a355b3f24b86d56bc1d68
|
| SSDeep | 12288:5j46ACx08yyM+XYhwDVSek4bp1IKxAezNpMdqiBCcv+hsgOTulT78P9CE59GD:hlAa9UwDVHlbp1IKZNsqixvKVZn81CM
|
| TLSH | F405DF506D9DAB2DECA523F0C870F2B103F16D696422E70A4EE92DD77B23B4C16157A3
|
PeID
Microsoft Visual C++ v6.0 DLL
File Structure
30d9c63e0761f3711e890141593be609
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
SoftwareMercado.frmPrincipal.resources
$this.Icon
[NBF]root.IconData
gr
[NBF]root.Data
SoftwareMercado.Properties.Resources.resources
Wjkq
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
|
Name0 | Value |
|---|---|
| Module Name | LpUg.exe |
| Full Name | LpUg.exe |
| EntryPoint | System.Void SoftwareMercado.Program::Main() |
| Scope Name | LpUg.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | LpUg |
| Assembly Version | 3.7.2.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.5 |
| Total Strings | 573 |
| Main Method | System.Void SoftwareMercado.Program::Main() |
| Main IL Instruction Count | 10 |
| Main IL | nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void SoftwareMercado.frmPrincipal::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null> |
Artefacts
|
Name0 | Value |
|---|---|
| PDB Path | ? |
30d9c63e0761f3711e890141593be609 (807.94 KB)
File Structure
30d9c63e0761f3711e890141593be609
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
SoftwareMercado.frmPrincipal.resources
$this.Icon
[NBF]root.IconData
gr
[NBF]root.Data
SoftwareMercado.Properties.Resources.resources
Wjkq
[NBF]root.Data
[NBF]root.Data-preview.png
Characteristics
No malware configuration were found at this point.
Artefacts
|
Name0 | Value | Location |
|---|---|---|
| PDB Path | ? |
30d9c63e0761f3711e890141593be609 |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.