Suspicious
Suspect

338ef5feaa08e3d7adb37e503723962d

PE Executable
|
MD5: 338ef5feaa08e3d7adb37e503723962d
|
Size: 689.66 KB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very high

Hash
 Hash Value
MD5
338ef5feaa08e3d7adb37e503723962d
Sha1
b82ea37bd2be84b88ce005d4d9658497708bb1a8
Sha256
de65498751e45e61b367395674e794ccd7e88f14c4661218a095b538ad0bca71
Sha384
5b1b3f0afc12a3f66af1659daa719071138fb4b2bd03499dd6fbfd468e5d8a1a73e12aca6ae3c7c6932915329ba1fedf
Sha512
0ea725d363fe26110802411c20446bc1e3e7ac72e321e03a6e7912eb2b38abb94152da1b87f78effaf8299f9dfb14a0420ed7ed039cf9c276771a5993a72c05e
SSDeep
12288:lGx63VXlyxjS/gpKEtnMt/5OGpo5hckaFoqkh6z:RF1icYGpoDc/e
TLSH
A9E46CE51EA43F51D17EFF364B76097067FEB8828E62CB49344723A75A2270688C07D6

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
338ef5feaa08e3d7adb37e503723962d
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
FiberaDigit.fibraship.ico
Smt9d.Eo0g5ZenCni3k.resources
$this.Icon
[NBF]root.IconData
AboutDeveloperToolStripMenuItem.Image
[NBF]root.Data
[NBF]root.Data-preview.png
AboutSoftwareToolStripMenuItem.Image
[NBF]root.Data
[NBF]root.Data-preview.png
ExitToolStripMenuItem.Image
[NBF]root.Data
[NBF]root.Data-preview.png
SettingsToolStripMenuItem.Image
[NBF]root.Data
[NBF]root.Data-preview.png
Smt9d.Resources.resources
7ebc64a4769b08.Resources.resources
fc4344920
[NBF]root.Data
fc4344921
[NBF]root.Data
fc4344922
[NBF]root.Data
fc4344923
[NBF]root.Data
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

Smt9d
Full Name

Smt9d
EntryPoint

System.Void Smt9d.3ecXroF70Yqj::Xai2fx6H8()
Scope Name

Smt9d
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Smt9d
Assembly Version

15.13.40.215
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

2241
Main Method

System.Void Smt9d.3ecXroF70Yqj::Xai2fx6H8()
Main IL Instruction Count

73
Main IL

nop <null> ldtoken System.Windows.Forms.Application call System.Type System.Type::GetTypeFromHandle(System.RuntimeTypeHandle) stloc.0 <null> ldloc.0 <null> ldstr EnableVisualStyles ldc.i4.s 24 callvirt System.Reflection.MethodInfo System.Type::GetMethod(System.String,System.Reflection.BindingFlags) ldnull <null> ldnull <null> callvirt System.Object System.Reflection.MethodBase::Invoke(System.Object,System.Object[]) pop <null> ldloc.0 <null> ldstr SetCompatibleTextRenderingDefault ldc.i4.s 24 callvirt System.Reflection.MethodInfo System.Type::GetMethod(System.String,System.Reflection.BindingFlags) ldnull <null> ldc.i4.1 <null> newarr System.Object dup <null> ldc.i4.0 <null> ldc.i4.0 <null> box System.Boolean stelem.ref <null> callvirt System.Object System.Reflection.MethodBase::Invoke(System.Object,System.Object[]) pop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> call System.OperatingSystem System.Environment::get_OSVersion() callvirt System.Version System.OperatingSystem::get_Version() callvirt System.Int32 System.Version::get_Major() ldc.i4.6 <null> clt <null> ldc.i4.0 <null> ceq <null> stloc.1 <null> ldloc.1 <null> brfalse.s IL_0071: nop call System.Boolean Smt9d.3ecXroF70Yqj::3NrkQf0z4neM() pop <null> nop <null> nop <null> call System.Boolean Smt9d.3ecXroF70Yqj::Li3f1DsemmS7X() ldc.i4.0 <null> ceq <null> stloc.2 <null> ldloc.2 <null> brfalse.s IL_0080: nop br.s IL_00B6: ret nop <null> nop <null> call System.Void Smt9d.3ecXroF70Yqj::2Rooi4zK8J() nop <null> leave.s IL_00AF: nop dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.3 <null> nop <null> ldstr Application failed to start: ldloc.3 <null> callvirt System.String System.Exception::get_Message() call System.String System.String::Concat(System.String,System.String) call System.Void Smt9d.3ecXroF70Yqj::Nn7emzW(System.String) nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_00AF: nop nop <null> call System.Void System.Windows.Forms.Application::Exit() nop <null> ret <null>
Module Name

Smt9d
Full Name

Smt9d
EntryPoint

System.Void Smt9d.3ecXroF70Yqj::Xai2fx6H8()
Scope Name

Smt9d
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Smt9d
Assembly Version

15.13.40.215
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

2241
Main Method

System.Void Smt9d.3ecXroF70Yqj::Xai2fx6H8()
Main IL Instruction Count

73
Main IL

nop <null> ldtoken System.Windows.Forms.Application call System.Type System.Type::GetTypeFromHandle(System.RuntimeTypeHandle) stloc.0 <null> ldloc.0 <null> ldstr EnableVisualStyles ldc.i4.s 24 callvirt System.Reflection.MethodInfo System.Type::GetMethod(System.String,System.Reflection.BindingFlags) ldnull <null> ldnull <null> callvirt System.Object System.Reflection.MethodBase::Invoke(System.Object,System.Object[]) pop <null> ldloc.0 <null> ldstr SetCompatibleTextRenderingDefault ldc.i4.s 24 callvirt System.Reflection.MethodInfo System.Type::GetMethod(System.String,System.Reflection.BindingFlags) ldnull <null> ldc.i4.1 <null> newarr System.Object dup <null> ldc.i4.0 <null> ldc.i4.0 <null> box System.Boolean stelem.ref <null> callvirt System.Object System.Reflection.MethodBase::Invoke(System.Object,System.Object[]) pop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> call System.OperatingSystem System.Environment::get_OSVersion() callvirt System.Version System.OperatingSystem::get_Version() callvirt System.Int32 System.Version::get_Major() ldc.i4.6 <null> clt <null> ldc.i4.0 <null> ceq <null> stloc.1 <null> ldloc.1 <null> brfalse.s IL_0071: nop call System.Boolean Smt9d.3ecXroF70Yqj::3NrkQf0z4neM() pop <null> nop <null> nop <null> call System.Boolean Smt9d.3ecXroF70Yqj::Li3f1DsemmS7X() ldc.i4.0 <null> ceq <null> stloc.2 <null> ldloc.2 <null> brfalse.s IL_0080: nop br.s IL_00B6: ret nop <null> nop <null> call System.Void Smt9d.3ecXroF70Yqj::2Rooi4zK8J() nop <null> leave.s IL_00AF: nop dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.3 <null> nop <null> ldstr Application failed to start: ldloc.3 <null> callvirt System.String System.Exception::get_Message() call System.String System.String::Concat(System.String,System.String) call System.Void Smt9d.3ecXroF70Yqj::Nn7emzW(System.String) nop <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_00AF: nop nop <null> call System.Void System.Windows.Forms.Application::Exit() nop <null> ret <null>
338ef5feaa08e3d7adb37e503723962d (689.66 KB)
File Structure
338ef5feaa08e3d7adb37e503723962d
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
FiberaDigit.fibraship.ico
Smt9d.Eo0g5ZenCni3k.resources
$this.Icon
[NBF]root.IconData
AboutDeveloperToolStripMenuItem.Image
[NBF]root.Data
[NBF]root.Data-preview.png
AboutSoftwareToolStripMenuItem.Image
[NBF]root.Data
[NBF]root.Data-preview.png
ExitToolStripMenuItem.Image
[NBF]root.Data
[NBF]root.Data-preview.png
SettingsToolStripMenuItem.Image
[NBF]root.Data
[NBF]root.Data-preview.png
Smt9d.Resources.resources
7ebc64a4769b08.Resources.resources
fc4344920
[NBF]root.Data
fc4344921
[NBF]root.Data
fc4344922
[NBF]root.Data
fc4344923
[NBF]root.Data
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙