General
Structural Analysis
Config.0
Yara Rules14
Sync
Community
Summary by MalvaGPT
Characteristics
Symbol Ofbuscation Score
Low
|
Hash | Hash Value |
|---|---|
| MD5 | 437add06c27777832ce1442b5d4f42eb
|
| Sha1 | 4623766f6f3f8bce6a678146da37688a00f7d1c0
|
| Sha256 | d9be66d734fe5c34f17805e4c54fc22862108dc83120fd30ea27679a0b32b442
|
| Sha384 | aa907bbc58cc3914d12efd62cfd15d0bb2e104ee9aef9bc2fe74cc421460d1e921b3add985cc43e6ffe6e12c07f19dba
|
| Sha512 | 57c29af2ddf71dfaebcc479b14b0e258c5edbf259bcb306495f9992b117dfc821098debf67287a441844b667da801150212763f1d0c1006a5401e7a824d875d3
|
| SSDeep | 12288:POt3L/rb8WkA8yy9qkNz905P60C4QwzYjbwKLisxn/v0ITU9I0kR:Pc7v+AuYI9uP76w8h/vTTU9Iz
|
| TLSH | 9CE402182F1DEE02E9911BB42560D37626309D59E911D2135FFEECCBB4BAF46386C2E1
|
File Structure
437add06c27777832ce1442b5d4f42eb
[Authenticode]_a32ace3a.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0.exif
ID:0-preview.png
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
.Net Resources
oiMundo.Form1.resources
$this.Icon
[NBF]root.IconData
NI
[NBF]root.Data
oiMundo.Properties.Resources.resources
OUNQ
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Info | Authenticode present at 0xAC000 size 13832 bytes |
| Info | PDB Path: ? |
| Module Name | WlTy.exe |
| Full Name | WlTy.exe |
| EntryPoint | System.Void oiMundo.Program::Main() |
| Scope Name | WlTy.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | WlTy |
| Assembly Version | 3.0.1.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.5 |
| Total Strings | 161 |
| Main Method | System.Void oiMundo.Program::Main() |
| Main IL Instruction Count | 10 |
| Main IL | nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void oiMundo.Form1::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null> |
437add06c27777832ce1442b5d4f42eb (718.34 KB)
File Structure
437add06c27777832ce1442b5d4f42eb
[Authenticode]_a32ace3a.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0.exif
ID:0-preview.png
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
.Net Resources
oiMundo.Form1.resources
$this.Icon
[NBF]root.IconData
NI
[NBF]root.Data
oiMundo.Properties.Resources.resources
OUNQ
[NBF]root.Data
[NBF]root.Data-preview.png
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.