Suspicious
Suspect

391bccb83046402ad4884c3eada2b9b2

PE Executable
|
MD5: 391bccb83046402ad4884c3eada2b9b2
|
Size: 1.34 MB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Medium

Hash
 Hash Value
MD5
391bccb83046402ad4884c3eada2b9b2
Sha1
a9ade8fb36d7f1ce4b04cb9edef128c79292a02a
Sha256
52207df335c820318cdaae9991f9a57af0601e9fe99eac755c7bd46b2cba5e25
Sha384
55c3b5ca288b0acb7d099dd40c7e4867e0cb07c050e0fd9f6f6ecb3510d06b6f45b23cca3dcd07476cd0abddf7e8303b
Sha512
acbccf35726d9771c89539673e0065b3fe134096da784027bec37ed72bf0eeab29b0af07c51857081d514596b91c023708119f62def16cb2a00ee93acc76fad0
SSDeep
24576:D9b0N/F3VD8nX04kbuZxUZJJdPyYfOjoqLtVNxtJbzymQKqq7ZY8OfTLRb:RsRVik4kb0xUZJTA7tVT3imrOrp
TLSH
9255336CED480A35C2E85C3D851B416053AAE3F7AE93F84B74F9659E0E1F7C6A603247

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
391bccb83046402ad4884c3eada2b9b2
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
yaiv
Informations
Name
 Value
Module Name

Jwbeark.exe
Full Name

Jwbeark.exe
EntryPoint

System.Void  ::()
Scope Name

Jwbeark.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Jwbeark
Assembly Version

1.0.2410.26423
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

20
Main Method

System.Void  ::()
Main IL Instruction Count

27
Main IL

ldsfld System.Threading.ThreadExceptionEventHandler  /:: dup <null> brtrue.s IL_001F: call System.Void System.Windows.Forms.Application::add_ThreadException(System.Threading.ThreadExceptionEventHandler) pop <null> ldsfld  /  /:: ldftn System.Void  /::(System.Object,System.Threading.ThreadExceptionEventArgs) newobj System.Void System.Threading.ThreadExceptionEventHandler::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Threading.ThreadExceptionEventHandler  /:: call System.Void System.Windows.Forms.Application::add_ThreadException(System.Threading.ThreadExceptionEventHandler) call System.AppDomain System.AppDomain::get_CurrentDomain() ldsfld System.UnhandledExceptionEventHandler  /:: dup <null> brtrue.s IL_0048: callvirt System.Void System.AppDomain::add_UnhandledException(System.UnhandledExceptionEventHandler) pop <null> ldsfld  /  /:: ldftn System.Void  /::(System.Object,System.UnhandledExceptionEventArgs) newobj System.Void System.UnhandledExceptionEventHandler::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.UnhandledExceptionEventHandler  /:: callvirt System.Void System.AppDomain::add_UnhandledException(System.UnhandledExceptionEventHandler) call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) newobj System.Void  ::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null>
Module Name

Jwbeark.exe
Full Name

Jwbeark.exe
EntryPoint

System.Void  ::()
Scope Name

Jwbeark.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Jwbeark
Assembly Version

1.0.2410.26423
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

20
Main Method

System.Void  ::()
Main IL Instruction Count

27
Main IL

ldsfld System.Threading.ThreadExceptionEventHandler  /:: dup <null> brtrue.s IL_001F: call System.Void System.Windows.Forms.Application::add_ThreadException(System.Threading.ThreadExceptionEventHandler) pop <null> ldsfld  /  /:: ldftn System.Void  /::(System.Object,System.Threading.ThreadExceptionEventArgs) newobj System.Void System.Threading.ThreadExceptionEventHandler::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.Threading.ThreadExceptionEventHandler  /:: call System.Void System.Windows.Forms.Application::add_ThreadException(System.Threading.ThreadExceptionEventHandler) call System.AppDomain System.AppDomain::get_CurrentDomain() ldsfld System.UnhandledExceptionEventHandler  /:: dup <null> brtrue.s IL_0048: callvirt System.Void System.AppDomain::add_UnhandledException(System.UnhandledExceptionEventHandler) pop <null> ldsfld  /  /:: ldftn System.Void  /::(System.Object,System.UnhandledExceptionEventArgs) newobj System.Void System.UnhandledExceptionEventHandler::.ctor(System.Object,System.IntPtr) dup <null> stsfld System.UnhandledExceptionEventHandler  /:: callvirt System.Void System.AppDomain::add_UnhandledException(System.UnhandledExceptionEventHandler) call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) newobj System.Void  ::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null>
391bccb83046402ad4884c3eada2b9b2 (1.34 MB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙