Suspicious
Suspect

395ec571bcbd1ab1d401659f124effcd

PE Executable
|
MD5: 395ec571bcbd1ab1d401659f124effcd
|
Size: 61.44 KB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Obfuscation Score

Very low

Hash
 Hash Value
MD5
395ec571bcbd1ab1d401659f124effcd
Sha1
d1c7398d7e3d572bab6e258cce9897c4edec70a2
Sha256
feb5f7a346f616dc78ee7eff52e3295ff56e377da26cc0a3dbcc28c9862c9b1c
Sha384
f5645b62030b432aeec9be246194bd599646d162c37f7f837538905183840637fb3fca7db76d2d462ba3d1a49b5f5ab0
Sha512
116c5bde1d5bf0c504e165e49d7542b0c1cf2bf1899f1b512d8f9fd0c87c35bdc50a52c3a825946ef9b9b2e60664c6caef9677eb89f74ff73b626c9b7a7ae509
SSDeep
768:4z3SKou/Y6Ce19avKYkX6eGem6Dv8fH9g9QS+nmwOLy22wULcyGYoPYg6+qGaIIg:WBNMOXee+H9g5+nmXL9vjAg6GaIIRW
TLSH
2053F12B527AC7BBC8E452B92CD7DB21533BC04796522F4F29F4C3791F132887AA1594

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
395ec571bcbd1ab1d401659f124effcd
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
zplvviukcgz.resources
wuv2b3o2qt4
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

nvc.exe
Full Name

nvc.exe
EntryPoint

System.Void Loader.Program::Main()
Scope Name

nvc.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

nvc
Assembly Version

0.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

<null>
Total Strings

5
Main Method

System.Void Loader.Program::Main()
Main IL Instruction Count

6
Main IL

call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) newobj System.Void Loader.Nyan::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null>
Module Name

nvc.exe
Full Name

nvc.exe
EntryPoint

System.Void Loader.Program::Main()
Scope Name

nvc.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

nvc
Assembly Version

0.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

<null>
Total Strings

5
Main Method

System.Void Loader.Program::Main()
Main IL Instruction Count

6
Main IL

call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) newobj System.Void Loader.Nyan::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null>
395ec571bcbd1ab1d401659f124effcd (61.44 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙