Suspicious
Suspect

3a0a17a251e2f16c0114fcc4e25b331a

PE Executable
|
MD5: 3a0a17a251e2f16c0114fcc4e25b331a
|
Size: 1.01 MB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Medium

Hash
 Hash Value
MD5
3a0a17a251e2f16c0114fcc4e25b331a
Sha1
d88bc537d357336b7a08961015d0487ddae25a02
Sha256
e1486fab1fe181f0a28964d147a3948cfa61d02a96b7d98749d7e354cba2be59
Sha384
d8e75a56ecafccee67915fbd8593761c9f26501f0bebc449a64a91bd2acb4a056608d5cd375962d5a362d9fccc3d4ab4
Sha512
9474da3b9b087dc593d831cd8b2102131b9007c6b16578e2c4f7d29f29f777dc04b71b59494c52c7a37595e92a0f4c7dc2400aab94170f4021199dc91d53448e
SSDeep
24576:D1t9wMTJxaJoJRAnL5o3d/FjUGX42RsOv+XY/Y:JfSJkRAL5ot/FQGIHOl
TLSH
92253338F704FAA6EEBED539E47602296165C2533B18F3266EE8DE7D70803D52181E47

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
3a0a17a251e2f16c0114fcc4e25b331a
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
SAvE
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

Purchase order.exe
Full Name

Purchase order.exe
EntryPoint

System.Void Vqfmhogwdc.Jibbsf::Main()
Scope Name

Purchase order.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Purchase order
Assembly Version

1.0.8307.27060
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

11
Main Method

System.Void Vqfmhogwdc.Jibbsf::Main()
Main IL Instruction Count

5
Main IL

newobj System.Void a::.ctor() call System.Byte[] a::a() call System.Byte[] b::a(System.Byte[]) call System.Void c::a(System.Byte[]) ret <null>
Module Name

Purchase order.exe
Full Name

Purchase order.exe
EntryPoint

System.Void Vqfmhogwdc.Jibbsf::Main()
Scope Name

Purchase order.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Purchase order
Assembly Version

1.0.8307.27060
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

11
Main Method

System.Void Vqfmhogwdc.Jibbsf::Main()
Main IL Instruction Count

5
Main IL

newobj System.Void a::.ctor() call System.Byte[] a::a() call System.Byte[] b::a(System.Byte[]) call System.Void c::a(System.Byte[]) ret <null>
3a0a17a251e2f16c0114fcc4e25b331a (1.01 MB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙