Suspicious
Suspect

4b70f3b7bd86678722bc1843517cd4a2

PE Executable
|
MD5: 4b70f3b7bd86678722bc1843517cd4a2
|
Size: 209.79 KB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Medium

Hash
 Hash Value
MD5
4b70f3b7bd86678722bc1843517cd4a2
Sha1
3b8652142a0ca2dd94c70e2ed1621ad1785231cb
Sha256
06531922fdad68677036e45406c8a283ed20d07f6ae80ddd4f29053dca846809
Sha384
0f6caf759058e9f15d1a7d12a7dcc907058ff642a05e5d62df10b28500107281581f498dab26b7bda241b73f36d5f40d
Sha512
74c9355961f10b74964480c8de5385f949089f87017a1d32dda0cf228f264539388f8355073a2730e6dee235c2e509a0e913a71c7b570c743ead4068e92f6532
SSDeep
1536:EhIuYL1SWafYVY8f5wTv2FA2BDA2Bgr7OIgC:EhIum1ZCYVY8ilOIp
TLSH
3224C131D2094E6EDB4B87BC402F0DFD5727BD5D3AD1B27C8588B0ECD17A28088BA596

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
4b70f3b7bd86678722bc1843517cd4a2
[Authenticode]_4d8c486e.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:1033
ID:1033-preview.png
ID:0003
ID:1033
ID:0004
ID:1033
ID:0005
ID:1033
ID:0006
ID:1033
ID:0007
ID:1033
ID:0008
ID:1033
ID:0009
ID:1033
RT_GROUP_CURSOR4
ID:0000
ID:1033
RT_VERSION
ID:0001
ID:0
ID:1033
RT_MANIFEST
ID:0001
ID:0
ID:1033
.Net Resources
JavaUpdate.Properties.Resources.resources
         
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Info

Authenticode present at 0x2F000 size 17280 bytes
Module Name

JavaUpdate.exe
Full Name

JavaUpdate.exe
EntryPoint

System.Void  ::()
Scope Name

JavaUpdate.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

JavaUpdate
Assembly Version

8.0.401.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.8
Total Strings

0
Main Method

System.Void  ::()
Main IL Instruction Count

24
Main IL

call System.Boolean  ::() brtrue.s IL_0020: call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4 270776969 call System.String ::(System.Int32) ldsfld System.String System.String::Empty ldc.i4.0 <null> ldc.i4.s 16 call System.Windows.Forms.DialogResult System.Windows.Forms.MessageBox::Show(System.String,System.String,System.Windows.Forms.MessageBoxButtons,System.Windows.Forms.MessageBoxIcon) pop <null> ret <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) call System.Void  ::() call System.Threading.Tasks.Task  ::() ldc.i4.0 <null> callvirt System.Runtime.CompilerServices.ConfiguredTaskAwaitable System.Threading.Tasks.Task::ConfigureAwait(System.Boolean) stloc.0 <null> ldloca.s V_0 call System.Runtime.CompilerServices.ConfiguredTaskAwaitable/ConfiguredTaskAwaiter System.Runtime.CompilerServices.ConfiguredTaskAwaitable::GetAwaiter() stloc.1 <null> ldloca.s V_1 call System.Void System.Runtime.CompilerServices.ConfiguredTaskAwaitable/ConfiguredTaskAwaiter::GetResult() ret <null>
Module Name

JavaUpdate.exe
Full Name

JavaUpdate.exe
EntryPoint

System.Void  ::()
Scope Name

JavaUpdate.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

JavaUpdate
Assembly Version

8.0.401.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.8
Total Strings

0
Main Method

System.Void  ::()
Main IL Instruction Count

24
Main IL

call System.Boolean  ::() brtrue.s IL_0020: call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4 270776969 call System.String ::(System.Int32) ldsfld System.String System.String::Empty ldc.i4.0 <null> ldc.i4.s 16 call System.Windows.Forms.DialogResult System.Windows.Forms.MessageBox::Show(System.String,System.String,System.Windows.Forms.MessageBoxButtons,System.Windows.Forms.MessageBoxIcon) pop <null> ret <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) call System.Void  ::() call System.Threading.Tasks.Task  ::() ldc.i4.0 <null> callvirt System.Runtime.CompilerServices.ConfiguredTaskAwaitable System.Threading.Tasks.Task::ConfigureAwait(System.Boolean) stloc.0 <null> ldloca.s V_0 call System.Runtime.CompilerServices.ConfiguredTaskAwaitable/ConfiguredTaskAwaiter System.Runtime.CompilerServices.ConfiguredTaskAwaitable::GetAwaiter() stloc.1 <null> ldloca.s V_1 call System.Void System.Runtime.CompilerServices.ConfiguredTaskAwaitable/ConfiguredTaskAwaiter::GetResult() ret <null>
4b70f3b7bd86678722bc1843517cd4a2 (209.79 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙