Suspicious
Suspect

3a00713754955e9bbce32568194f1b81

PE Executable
|
MD5: 3a00713754955e9bbce32568194f1b81
|
Size: 821.76 KB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very low

Hash
 Hash Value
MD5
3a00713754955e9bbce32568194f1b81
Sha1
1678533483175b824eadd62881c99f70935f1a68
Sha256
068035d7c009e6fec1d2baaad409c8289f1c1bba84c1ba792efe5f963db3f97e
Sha384
f7cf35a7cd41680c6ba0b9aee90b1fe2c32619d4fc8a3f4e114c35ccf2e4327349e7e797ffd425ccc8607e17cc5639a5
Sha512
d4470223dae58c75d6bf82df723bc86c216177341c2d88eaaf2c58f7dcd005b98e610b3f364aa0457e6c6bbb7ae254144e34c1bfe4f14a452f3a3a8662c524f2
SSDeep
12288:kany0Ux9rllGZMnkkPzXv3J0m3YZ8Ge22RWOUccT/wAGiSPhDJjXfvxldRBVMGC6:Ly0U3G6ZPDZSxeB0OUrTNGiSBJDz7MG
TLSH
6805DFAC7214B5EFC4A7C5B2CAA4DD75A6613CAB5317C20780D748AFB94CA939F140F2

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
3a00713754955e9bbce32568194f1b81
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0-preview.png
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
.Net Resources
ProjectWindowsForms.Form1.resources
$this.Icon
sik
ProjectWindowsForms.Properties.Resources.resources
DLmC
Informations
Name
 Value
Module Name

qgUY.exe
Full Name

qgUY.exe
EntryPoint

System.Void ProjectWindowsForms.Program::Main()
Scope Name

qgUY.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

qgUY
Assembly Version

0.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

527
Main Method

System.Void ProjectWindowsForms.Program::Main()
Main IL Instruction Count

6
Main IL

call System.Void ProjectWindowsForms.Program::‌‮‬‪‭‮‫‫‬‍​‎‏​‍‪‎​‬​​‮‬‬​‬‬‍‫‍‫‮() ldc.i4.0 <null> call System.Void ProjectWindowsForms.Program::​‭‭‎‍‮‎‎‪‎‎‏‫​‭‬‭​‎‎‬‎‏‮​‮‪‭‪‎‬‮(System.Boolean) newobj System.Void ProjectWindowsForms.SmartForm13::.ctor() call System.Void ProjectWindowsForms.Program::‬‌‮‮‏‏‍‮‌‏​‭‎‮‪‭‬‬‭‍‪‭‎‏‮(System.Windows.Forms.Form) ret <null>
Module Name

qgUY.exe
Full Name

qgUY.exe
EntryPoint

System.Void ProjectWindowsForms.Program::Main()
Scope Name

qgUY.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

qgUY
Assembly Version

0.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

527
Main Method

System.Void ProjectWindowsForms.Program::Main()
Main IL Instruction Count

6
Main IL

call System.Void ProjectWindowsForms.Program::‌‮‬‪‭‮‫‫‬‍​‎‏​‍‪‎​‬​​‮‬‬​‬‬‍‫‍‫‮() ldc.i4.0 <null> call System.Void ProjectWindowsForms.Program::​‭‭‎‍‮‎‎‪‎‎‏‫​‭‬‭​‎‎‬‎‏‮​‮‪‭‪‎‬‮(System.Boolean) newobj System.Void ProjectWindowsForms.SmartForm13::.ctor() call System.Void ProjectWindowsForms.Program::‬‌‮‮‏‏‍‮‌‏​‭‎‮‪‭‬‬‭‍‪‭‎‏‮(System.Windows.Forms.Form) ret <null>
Artefacts
Name
 Value
Embedded Resources

2
Suspicious Type Names (1-2 chars)

0
3a00713754955e9bbce32568194f1b81 (821.76 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙