Suspicious
Suspect

370997224916f1bd0157297d39031f44

PE Executable
|
MD5: 370997224916f1bd0157297d39031f44
|
Size: 716.29 KB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very low

Hash
 Hash Value
MD5
370997224916f1bd0157297d39031f44
Sha1
61ec9d24b65730cd036b7b2bb494ca764883ffaf
Sha256
888e3ee78f9d77ebe995ee5cd3aaaf1b0c6f1c62e5349fb2666cc8ca8c095c7e
Sha384
f6ef56c9de6a27dc35bfa575a771b396efabefc204c751f63408218a38c27c185d404c3fc69bc8a58a6a827a031c02ff
Sha512
87f2d887f8c6ee6c2bec90df8b69222219b405044b6f74f46019d43cf4185771b90298fa306464a5bda69cf935f4c18343fb3c5c330d135706015d66f5e4c155
SSDeep
12288:WRDxDfH00tgWY7xrAArS5NXm8hN/nTC6ZzHj3S0XUxkep7ukxVbMiNgvmjmk:6NfUfDrS3WkBTCifS5L7ukxVb6Y
TLSH
A4E412A06649FA01CC9657F05A64DBFB433E4DCCD411D30BABDEADEBF81A34524A62C1

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
370997224916f1bd0157297d39031f44
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
PuhonRM.Properties.Resources.resources
RIWH
vgx
PuhonRM.AddItem.resources
PuhonRM.ItemView.resources
btnAdd.Image
Informations
Name
 Value
Module Name

gqjs.exe
Full Name

gqjs.exe
EntryPoint

System.Void PuhonRM.Program::Main()
Scope Name

gqjs.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

gqjs
Assembly Version

1.6.2010.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

107
Main Method

System.Void PuhonRM.Program::Main()
Main IL Instruction Count

10
Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void PuhonRM.ItemView::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
Module Name

gqjs.exe
Full Name

gqjs.exe
EntryPoint

System.Void PuhonRM.Program::Main()
Scope Name

gqjs.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

gqjs
Assembly Version

1.6.2010.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

107
Main Method

System.Void PuhonRM.Program::Main()
Main IL Instruction Count

10
Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void PuhonRM.ItemView::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
Artefacts
Name
 Value
Embedded Resources

6
Suspicious Type Names (1-2 chars)

0
370997224916f1bd0157297d39031f44 (716.29 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙