Suspicious
Suspect

4a876ed79fd1c70195267b3b9326e6c5

PE Executable
|
MD5: 4a876ed79fd1c70195267b3b9326e6c5
|
Size: 1.01 MB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Obfuscation Score

Low

Hash
 Hash Value
MD5
4a876ed79fd1c70195267b3b9326e6c5
Sha1
9da33c860a8846aec55407b3b2ac8d1d5bde9693
Sha256
59b9ff739510ae6d1741c1835e79281a9394213e431627b11286a5691da49961
Sha384
6e8f0d86a442025ea1533c479bd51567728168f8a0a8072a73aa561fa67d3873bf1003b9ed22173e2d7d146e2a43934c
Sha512
786da6438dee0ce9df8498b73d73e0870ec4a7756ad0e87ba6a731de9e57362150a9b4ddd4e149f92d3a0bc1fe13c4aa3782b7572b72fb3a185156691b983427
SSDeep
24576:R5BghRfV4hoYBv04d+KRV1wMzrUucHely:R5qLN4Sk84kKRzlrUuc+c
TLSH
422512D43F36A32ADD6447749526CEB853661E787011F6EB59CC6F9BB39C200A80CF26

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
4a876ed79fd1c70195267b3b9326e6c5
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0-preview.png
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
.Net Resources
firstForms.Form1.resources
$this.Icon
[NBF]root.IconData
LastGame
[NBF]root.Data
PauseButton.Image
RecordsButton.Image
[NBF]root.Data
[NBF]root.Data-preview.png
ResetButton.Image
ResumeButton.Image
[NBF]root.Data
[NBF]root.Data-preview.png
statusStrip1.TrayLocation
toolStrip1.TrayLocation
firstForms.FormSensor.resources
firstForms.Properties.Resources.resources
oPmX
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Info

PDB Path: AGPD.pdb
Module Name

AGPD.exe
Full Name

AGPD.exe
EntryPoint

System.Void firstForms.Program::Main()
Scope Name

AGPD.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

AGPD
Assembly Version

0.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

72
Main Method

System.Void firstForms.Program::Main()
Main IL Instruction Count

10
Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void firstForms.Form1::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
Module Name

AGPD.exe
Full Name

AGPD.exe
EntryPoint

System.Void firstForms.Program::Main()
Scope Name

AGPD.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

AGPD
Assembly Version

0.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

72
Main Method

System.Void firstForms.Program::Main()
Main IL Instruction Count

10
Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void firstForms.Form1::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
4a876ed79fd1c70195267b3b9326e6c5 (1.01 MB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙