Suspicious
Suspect

377040e118660c8f763dd0f2b5e97e0f

PE Executable
|
MD5: 377040e118660c8f763dd0f2b5e97e0f
|
Size: 19.46 KB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very low

Hash
 Hash Value
MD5
377040e118660c8f763dd0f2b5e97e0f
Sha1
3df6bc071091aef98e2c9a6f90ff63576df2c1e6
Sha256
731250bf56804235645eda6c028fc5724dad802a1d89cc4b94e1c40509bedbd7
Sha384
a1a477326cf97b20ef79f00a62041299bb9f51f51ab6cfc2dd2b3c1d5491c1677d1fdb636cc34facd62e66c8c5e923c2
Sha512
48d49ec2bf5b7927d60c7687303d473161f5c448cc48b446c832f27e4a1cf44e473b71dafe6ce4eb3456e83c109113f84c433dfd9db78a57b18843229e7214b3
SSDeep
384:bNBm/ztvTFrVlJRcsEvk/aiOZ8DlsECuRp:TmLJGJv8WduRp
TLSH
B9923B84D6EC4533C6AC223A287B174A03B5EA73F492EB0F5DE4D69729063D484147E6

PeID

x64 .NET EXE/DLL ( jmp rax - DBG/noDBG ) Visual Studio v.6.0-11.0
File Structure
377040e118660c8f763dd0f2b5e97e0f
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
         
Informations
Name
 Value
Module Name

Wbdlkjrcy.exe
Full Name

Wbdlkjrcy.exe
EntryPoint

System.Void  ::()
Scope Name

Wbdlkjrcy.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Wbdlkjrcy
Assembly Version

1.0.4268.13634
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

0
Main Method

System.Void  ::()
Main IL Instruction Count

27
Main IL

ldsfld System.Threading.ThreadExceptionEventHandler  /:: dup <null> brtrue.s IL_001F: call System.Void System.Windows.Forms.Application::add_ThreadException(System.Threading.ThreadExceptionEventHandler) pop <null> ldsfld  /  /:: ldftn System.Void  /::(System.Object,System.Threading.ThreadExceptionEventArgs) newobj System.Void System.Threading.ThreadExceptionEventHandler::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Threading.ThreadExceptionEventHandler  /:: call System.Void System.Windows.Forms.Application::add_ThreadException(System.Threading.ThreadExceptionEventHandler) call System.AppDomain System.AppDomain::get_CurrentDomain() ldsfld System.UnhandledExceptionEventHandler  /:: dup <null> brtrue.s IL_0048: callvirt System.Void System.AppDomain::add_UnhandledException(System.UnhandledExceptionEventHandler) pop <null> ldsfld  /  /:: ldftn System.Void  /::(System.Object,System.UnhandledExceptionEventArgs) newobj System.Void System.UnhandledExceptionEventHandler::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.UnhandledExceptionEventHandler  /:: callvirt System.Void System.AppDomain::add_UnhandledException(System.UnhandledExceptionEventHandler) call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) newobj System.Void  ::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null>
Artefacts
Name
 Value
Embedded Resources

1
Suspicious Type Names (1-2 chars)

0
377040e118660c8f763dd0f2b5e97e0f (19.46 KB)
File Structure
377040e118660c8f763dd0f2b5e97e0f
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
         
Characteristics
No malware configuration were found at this point.
Artefacts
Name
 Value Location
Embedded Resources

1

377040e118660c8f763dd0f2b5e97e0f
Suspicious Type Names (1-2 chars)

0

377040e118660c8f763dd0f2b5e97e0f
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙