Suspicious
Suspect

49269c2c74f14d99fae13730605b23fb

PE Executable
|
MD5: 49269c2c74f14d99fae13730605b23fb
|
Size: 673.79 KB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Medium

Hash
 Hash Value
MD5
49269c2c74f14d99fae13730605b23fb
Sha1
e6d89f986087965bb2378b8d70d4c7ca07bc3f2c
Sha256
a5a4a5447b51ed494efaaabe4359b3e674185659f491dc2202f4082fbf2e4db5
Sha384
452d2f39ce75444b001ba9e937f13e188723907a7e81b97450cc16e5a3f29d0b8062e0b8c510f7008e01bf16f343f69f
Sha512
ceb2a583dca785b241dd543a0615b498c15abc2fe8843b8a4b1ed56b3b8c471d038f8d8a1e5f363a8616454f20d26ea9a0e6aeab61208dc9ce13e3fd68177c73
SSDeep
12288:+cVbQF6eS3vObBVtQioBha4vywjMMVruzOaGx:+chQF+ObBVCTLqOMO7a
TLSH
F7E412683325D403D5A153B80AF1F27613B86D64DA22E3CA9ED97EDF3AE6F005C10697

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
49269c2c74f14d99fae13730605b23fb
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0.exif
ID:0-preview.png
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
.Net Resources
matchingGame.Form1.resources
$this.Icon
[NBF]root.IconData
PIA
[NBF]root.Data
ofd1.TrayLocation
matchingGame.Properties.Resources.resources
qhCk
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Info

PDB Path: C:\Users\Administrator\Desktop\Client\Temp\caABtpCoYX\src\obj\Debug\Fldy.pdb
Module Name

Fldy.exe
Full Name

Fldy.exe
EntryPoint

System.Void matchingGame.Program::Main()
Scope Name

Fldy.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Fldy
Assembly Version

0.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

215
Main Method

System.Void matchingGame.Program::Main()
Main IL Instruction Count

6
Main IL

call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) newobj System.Void matchingGame.Form1::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null>
Module Name

Fldy.exe
Full Name

Fldy.exe
EntryPoint

System.Void matchingGame.Program::Main()
Scope Name

Fldy.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Fldy
Assembly Version

0.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

215
Main Method

System.Void matchingGame.Program::Main()
Main IL Instruction Count

6
Main IL

call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) newobj System.Void matchingGame.Form1::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null>
49269c2c74f14d99fae13730605b23fb (673.79 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙