Suspicious
Suspect

3d8bcd5c17425d8a97de0ffeb8addb8d

PE Executable
|
MD5: 3d8bcd5c17425d8a97de0ffeb8addb8d
|
Size: 45.58 KB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Medium

Hash
 Hash Value
MD5
3d8bcd5c17425d8a97de0ffeb8addb8d
Sha1
dd6edbd9a9cfdce6e02989ac3babee1256e8b4ac
Sha256
873ea83b3507d8391b1b66f0f3d57cefff4307463b018eec09abbff601c83d30
Sha384
8698b88d6bb52211ec37251eeb045e5f59c00375b750856fefcfac6b32f9cf686208011b2a18fc7f0d9b3fca2061c1d5
Sha512
6555c5e164f04b9b9e298dcc21e9b14dce676b87692561b9cfe66607dd4ee7fc60dfb78a87c4dae00f1cc4fc8640d0ae673baf9a248d9a2448fe10cd4035c14b
SSDeep
768:ApJxjrB7yyBv1a7Q5Eve8gGxDu3v3GdahXpLmfGu5sRr182ADB1XgNF13:AXxvB7fV98gqGv3G2pLmfGCwr18t/kP
TLSH
71236C0D573C6E37EB6F4FBC4962118B16B58292A842F31F8CC4A4D922573D29B46BD3

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
3d8bcd5c17425d8a97de0ffeb8addb8d
[Authenticode]_1571fb94.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
BusinessDataProcessor.Properties.Resources.resources
    ​​​​​   
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Info

Authenticode present at 0x9A00 size 6160 bytes
Module Name

BusinessDataProcessor.exe
Full Name

BusinessDataProcessor.exe
EntryPoint

System.Void  ::()
Scope Name

BusinessDataProcessor.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

BusinessDataProcessor
Assembly Version

8.0.450.1
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.8
Total Strings

0
Main Method

System.Void  ::()
Main IL Instruction Count

25
Main IL

call System.Boolean  ::() brtrue.s IL_0025: call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4 642672296 call System.String ::(System.Int32) ldc.i4 642672131 call System.String ::(System.Int32) ldc.i4.0 <null> ldc.i4.s 16 call System.Windows.Forms.DialogResult System.Windows.Forms.MessageBox::Show(System.String,System.String,System.Windows.Forms.MessageBoxButtons,System.Windows.Forms.MessageBoxIcon) pop <null> ret <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) call System.Void  ::() call System.Threading.Tasks.Task  ::() ldc.i4.0 <null> callvirt System.Runtime.CompilerServices.ConfiguredTaskAwaitable System.Threading.Tasks.Task::ConfigureAwait(System.Boolean) stloc.0 <null> ldloca.s V_0 call System.Runtime.CompilerServices.ConfiguredTaskAwaitable/ConfiguredTaskAwaiter System.Runtime.CompilerServices.ConfiguredTaskAwaitable::GetAwaiter() stloc.1 <null> ldloca.s V_1 call System.Void System.Runtime.CompilerServices.ConfiguredTaskAwaitable/ConfiguredTaskAwaiter::GetResult() ret <null>
Module Name

BusinessDataProcessor.exe
Full Name

BusinessDataProcessor.exe
EntryPoint

System.Void  ::()
Scope Name

BusinessDataProcessor.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

BusinessDataProcessor
Assembly Version

8.0.450.1
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.8
Total Strings

0
Main Method

System.Void  ::()
Main IL Instruction Count

25
Main IL

call System.Boolean  ::() brtrue.s IL_0025: call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4 642672296 call System.String ::(System.Int32) ldc.i4 642672131 call System.String ::(System.Int32) ldc.i4.0 <null> ldc.i4.s 16 call System.Windows.Forms.DialogResult System.Windows.Forms.MessageBox::Show(System.String,System.String,System.Windows.Forms.MessageBoxButtons,System.Windows.Forms.MessageBoxIcon) pop <null> ret <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) call System.Void  ::() call System.Threading.Tasks.Task  ::() ldc.i4.0 <null> callvirt System.Runtime.CompilerServices.ConfiguredTaskAwaitable System.Threading.Tasks.Task::ConfigureAwait(System.Boolean) stloc.0 <null> ldloca.s V_0 call System.Runtime.CompilerServices.ConfiguredTaskAwaitable/ConfiguredTaskAwaiter System.Runtime.CompilerServices.ConfiguredTaskAwaitable::GetAwaiter() stloc.1 <null> ldloca.s V_1 call System.Void System.Runtime.CompilerServices.ConfiguredTaskAwaitable/ConfiguredTaskAwaiter::GetResult() ret <null>
3d8bcd5c17425d8a97de0ffeb8addb8d (45.58 KB)
File Structure
3d8bcd5c17425d8a97de0ffeb8addb8d
[Authenticode]_1571fb94.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
BusinessDataProcessor.Properties.Resources.resources
    ​​​​​   
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙