Suspicious
Suspect

4a3973e364e29c417b3aadba6cbd16af

PE Executable
|
MD5: 4a3973e364e29c417b3aadba6cbd16af
|
Size: 989.7 KB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Low

Hash
 Hash Value
MD5
4a3973e364e29c417b3aadba6cbd16af
Sha1
45b660f2686500978b42c20f4a435150edfbcef8
Sha256
89b5724cc6f47227d806e6383d1da6534f28e1d3be5a914c89d3fe2689c6a1f8
Sha384
3c216ccf4c5f84803a2cda3156c84138a1242aceae5b0480897acbbe17f00cbc86181f40a81fe1f6bd223749c46c7b53
Sha512
6eb193dcc218fbc5e84f57834b86cc41ed22929011d30dbe67ddd9a70b31812231220221633201236d018b6cf9e3e92fa7f6f0b92448364cd08bf82a8f8f0666
SSDeep
24576:F5gGF9RJdh8ktYe/qCYWMXJzAyxFPZpETsQh6o6fEEnyNo:FdnRJdh8kfSCYWMZMyxFzbsozyNo
TLSH
D32523507304DD12ED999FB845E0E77102B1AE88F513F3174CEAACAB7DD2B917E1428A
File Structure
4a3973e364e29c417b3aadba6cbd16af
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
ComplexApp.Form1.resources
ComplexApp.Properties.Resources.resources
engh
[NBF]root.Data
sjPa
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
Name
 Value
Module Name

zIDN.exe
Full Name

zIDN.exe
EntryPoint

System.Void ComplexApp.Program::Main()
Scope Name

zIDN.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

zIDN
Assembly Version

0.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

169
Main Method

System.Void ComplexApp.Program::Main()
Main IL Instruction Count

91
Main IL

nop <null> ldc.i4.0 <null> stloc.0 <null> ldc.i4.0 <null> stloc.2 <null> br.s IL_0023: ldloc.2 nop <null> ldloc.0 <null> ldloc.2 <null> conv.r8 <null> ldc.r8 2 call System.Double System.Math::Pow(System.Double,System.Double) conv.i4 <null> ldc.i4.3 <null> rem <null> add <null> stloc.0 <null> nop <null> ldloc.2 <null> ldc.i4.1 <null> add <null> stloc.2 <null> ldloc.2 <null> ldc.i4.s 10 clt <null> stloc.3 <null> ldloc.3 <null> brtrue.s IL_0007: nop ldloc.0 <null> ldc.i4.5 <null> cgt <null> stloc.s V_4 ldloc.s V_4 brfalse.s IL_0044: nop nop <null> ldloc.0 <null> ldc.i4.2 <null> mul <null> ldc.i4.7 <null> sub <null> ldloc.0 <null> ldc.i4.3 <null> div <null> add <null> stloc.0 <null> nop <null> br.s IL_004F: ldloca.s calculationResult nop <null> ldloc.0 <null> ldc.i4.s 42 add <null> ldloc.0 <null> ldc.i4.5 <null> rem <null> sub <null> stloc.0 <null> nop <null> ldloca.s calculationResult call System.String System.Int32::ToString() stloc.1 <null> ldloc.1 <null> callvirt System.Int32 System.String::get_Length() ldc.i4.1 <null> ble.s IL_006D: ldc.i4.0 ldloc.1 <null> ldc.i4.0 <null> callvirt System.Char System.String::get_Chars(System.Int32) ldc.i4.s 49 ceq <null> br.s IL_006E: stloc.s V_5 ldc.i4.0 <null> stloc.s V_5 ldloc.s V_5 brfalse.s IL_0081: call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldloc.1 <null> ldc.i4.s 49 ldc.i4.s 57 callvirt System.String System.String::Replace(System.Char,System.Char) stloc.1 <null> nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> ldloc.1 <null> newobj System.Void ComplexApp.Form1::.ctor(System.String) call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
Artefacts
Name
 Value
PDB Path

zIDN.pdb
4a3973e364e29c417b3aadba6cbd16af (989.7 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙