Suspicious
Suspect

4c40fef49a07d9732e11698908593875

PE Executable
|
MD5: 4c40fef49a07d9732e11698908593875
|
Size: 851.46 KB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Low

Hash
 Hash Value
MD5
4c40fef49a07d9732e11698908593875
Sha1
8a1d7108b041bdf9e1ec0588800d3f096a922541
Sha256
c409f4a2bf6e97acde885850ed2aaa30e7816c6f88e594a7dbf6350a8ab350e5
Sha384
920dc7b32b433daa663085417fe07ac5d66e9cf43bde82b402336ce5da23ebd9a0879286f0c2c33f7b70ec973ac89c50
Sha512
c7b3a33f40215de33a56199f1805ad6d0985b86fd6291c3e109f542b7e618ec3e28e9c311e19fa8b57b7da0f46f19d98c97c79878ff551a3382df0bfbf848380
SSDeep
12288:4zO7xKqXaV16pJLzYyDVI+PASuS/3jTZhjyYeI93Gxuq:4S1k/63BVtYSueKYe2S
TLSH
8B05CEB1F2B58955E49867B14926D83021E31DBCECA0D70ED5DA7CA779B3FC2089290F

PeID

Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
File Structure
4c40fef49a07d9732e11698908593875
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0.exif
ID:0-preview.png
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
.Net Resources
Zapsinaya_knizka_new.Form01.resources
$this.Icon
[NBF]root.IconData
Zapsinaya_knizka_new.Form1.resources
$this.Icon
[NBF]root.IconData
Zapsinaya_knizka_new.Properties.Resources.resources
de
[NBF]root.Data
uQBx
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Info

PDB Path: ?
Module Name

NjAu.exe
Full Name

NjAu.exe
EntryPoint

System.Void Zapsinaya_knizka_new.Program::Main()
Scope Name

NjAu.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

NjAu
Assembly Version

0.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

217
Main Method

System.Void Zapsinaya_knizka_new.Program::Main()
Main IL Instruction Count

10
Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void Zapsinaya_knizka_new.Form1::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
Module Name

NjAu.exe
Full Name

NjAu.exe
EntryPoint

System.Void Zapsinaya_knizka_new.Program::Main()
Scope Name

NjAu.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

NjAu
Assembly Version

0.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

217
Main Method

System.Void Zapsinaya_knizka_new.Program::Main()
Main IL Instruction Count

10
Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void Zapsinaya_knizka_new.Form1::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
4c40fef49a07d9732e11698908593875 (851.46 KB)
File Structure
4c40fef49a07d9732e11698908593875
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0.exif
ID:0-preview.png
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
.Net Resources
Zapsinaya_knizka_new.Form01.resources
$this.Icon
[NBF]root.IconData
Zapsinaya_knizka_new.Form1.resources
$this.Icon
[NBF]root.IconData
Zapsinaya_knizka_new.Properties.Resources.resources
de
[NBF]root.Data
uQBx
[NBF]root.Data
[NBF]root.Data-preview.png
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙