Suspicious
Suspect

4964c1751f6db917b5c285338efc4687

PE Executable
|
MD5: 4964c1751f6db917b5c285338efc4687
|
Size: 3.95 MB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Medium

Hash
 Hash Value
MD5
4964c1751f6db917b5c285338efc4687
Sha1
be090d53f30ad6addb9e6a98576789503f833f45
Sha256
6353b1218561a746bb3e009b611a1945bc2367b4d3ffef7849d4af4d369f184c
Sha384
aa6cf9a7d041f2ddb66bc0b5b4693a0c5f72883e0011aa69f7a3dd689574a694a538780cdceb34d18864b7764be2be8e
Sha512
80b540b866d98a82235d26e2a0cc4d72f4e097f9e4124c0ac07649f498158c858904af692761d4a9c0c9a244f9eb78f5f32ab7be2db53b1761c758110ac0954b
SSDeep
98304:IIoMs037L1oFNOG3Zbfu7xaMKDrK3Pmas:K03X1ojOG3ZK7AMKKuz
TLSH
6706221B7EED6A54F5F78B3968D67101893E7CAEDC04D644289020CC19E3B5CA8A9F37

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
4964c1751f6db917b5c285338efc4687
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
{2de14ba6-31f0-4176-b2c0-d2c477e7b82f}
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

bilal.exe
Full Name

bilal.exe
EntryPoint

System.Void .::()
Scope Name

bilal.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

bilal
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

3141
Main Method

System.Void .::()
Main IL Instruction Count

10
Main IL

br.s IL_0007: call System.Byte[] .::() br.s IL_000E: call System.Byte[] .::(System.Byte[]) br.s IL_0015: call System.Void .::(System.Byte[]) ret <null> call System.Byte[] .::() br.s IL_0002: br.s IL_000E call System.Byte[] .::(System.Byte[]) br.s IL_0004: br.s IL_0015 call System.Void .::(System.Byte[]) br.s IL_0006: ret
Module Name

bilal.exe
Full Name

bilal.exe
EntryPoint

System.Void .::()
Scope Name

bilal.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

bilal
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

3141
Main Method

System.Void .::()
Main IL Instruction Count

10
Main IL

br.s IL_0007: call System.Byte[] .::() br.s IL_000E: call System.Byte[] .::(System.Byte[]) br.s IL_0015: call System.Void .::(System.Byte[]) ret <null> call System.Byte[] .::() br.s IL_0002: br.s IL_000E call System.Byte[] .::(System.Byte[]) br.s IL_0004: br.s IL_0015 call System.Void .::(System.Byte[]) br.s IL_0006: ret
4964c1751f6db917b5c285338efc4687 (3.95 MB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙