Suspicious
Suspect

32545e9391230b76d480fd06842edb51

PE Executable
|
MD5: 32545e9391230b76d480fd06842edb51
|
Size: 47.61 KB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Medium

Hash
 Hash Value
MD5
32545e9391230b76d480fd06842edb51
Sha1
fb139eb4628c0939142735d28dfdd83423a493d9
Sha256
0d7e7c6c1e02f7e5e5d0bf8f191e9d50636e71cabc2b4883d112b0f04da3d9f0
Sha384
79e5d7ef035355e967a614f6e203f468a1ebfd3cb79c9e7941076c6793369033eb5e06c76947b7e7fdfc350a1cf4fb49
Sha512
7f6e70d851a308d034f07c846c36ce1463884c0a5d520db3670a5ba411863e1dffb3058b7f79e89d8613f94038e9bc48c647c8e056dd2757a17db6096628cfec
SSDeep
768:xHKFphjZM5s7ObPWuR6xZSm5E7I+mfrkYv8iIa3jUq/mfGYhqpRMLK2p5ALK:xHKnzM5s7ObPWuyVx+mfAi8lq/mfG8qw
TLSH
D7236C2FAA0C5D13E59E4DBC94916313BEB8B322A452F34E3D89C5DD19A33C06605ADF

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
32545e9391230b76d480fd06842edb51
[Authenticode]_32436c5d.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
JavaUpdateService.Properties.Resources.resources
             
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Info

Authenticode present at 0x9600 size 9208 bytes
Module Name

JavaUpdateService.exe
Full Name

JavaUpdateService.exe
EntryPoint

System.Void  ::()
Scope Name

JavaUpdateService.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

JavaUpdateService
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.8
Total Strings

0
Main Method

System.Void  ::()
Main IL Instruction Count

24
Main IL

call System.Boolean  ::() brtrue.s IL_0020: call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4 -656109350 call System.String ::(System.Int32) ldsfld System.String System.String::Empty ldc.i4.0 <null> ldc.i4.s 16 call System.Windows.Forms.DialogResult System.Windows.Forms.MessageBox::Show(System.String,System.String,System.Windows.Forms.MessageBoxButtons,System.Windows.Forms.MessageBoxIcon) pop <null> ret <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) call System.Void  ::() call System.Threading.Tasks.Task  ::() ldc.i4.0 <null> callvirt System.Runtime.CompilerServices.ConfiguredTaskAwaitable System.Threading.Tasks.Task::ConfigureAwait(System.Boolean) stloc.0 <null> ldloca.s V_0 call System.Runtime.CompilerServices.ConfiguredTaskAwaitable/ConfiguredTaskAwaiter System.Runtime.CompilerServices.ConfiguredTaskAwaitable::GetAwaiter() stloc.1 <null> ldloca.s V_1 call System.Void System.Runtime.CompilerServices.ConfiguredTaskAwaitable/ConfiguredTaskAwaiter::GetResult() ret <null>
Module Name

JavaUpdateService.exe
Full Name

JavaUpdateService.exe
EntryPoint

System.Void  ::()
Scope Name

JavaUpdateService.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

JavaUpdateService
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.8
Total Strings

0
Main Method

System.Void  ::()
Main IL Instruction Count

24
Main IL

call System.Boolean  ::() brtrue.s IL_0020: call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4 -656109350 call System.String ::(System.Int32) ldsfld System.String System.String::Empty ldc.i4.0 <null> ldc.i4.s 16 call System.Windows.Forms.DialogResult System.Windows.Forms.MessageBox::Show(System.String,System.String,System.Windows.Forms.MessageBoxButtons,System.Windows.Forms.MessageBoxIcon) pop <null> ret <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) call System.Void  ::() call System.Threading.Tasks.Task  ::() ldc.i4.0 <null> callvirt System.Runtime.CompilerServices.ConfiguredTaskAwaitable System.Threading.Tasks.Task::ConfigureAwait(System.Boolean) stloc.0 <null> ldloca.s V_0 call System.Runtime.CompilerServices.ConfiguredTaskAwaitable/ConfiguredTaskAwaiter System.Runtime.CompilerServices.ConfiguredTaskAwaitable::GetAwaiter() stloc.1 <null> ldloca.s V_1 call System.Void System.Runtime.CompilerServices.ConfiguredTaskAwaitable/ConfiguredTaskAwaiter::GetResult() ret <null>
32545e9391230b76d480fd06842edb51 (47.61 KB)
File Structure
32545e9391230b76d480fd06842edb51
[Authenticode]_32436c5d.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
JavaUpdateService.Properties.Resources.resources
             
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙