Suspicious
Suspect

4c8a58b01f7688d40de9df5bd3be1de7

PE Executable
|
MD5: 4c8a58b01f7688d40de9df5bd3be1de7
|
Size: 652.8 KB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Medium

Hash
 Hash Value
MD5
4c8a58b01f7688d40de9df5bd3be1de7
Sha1
897ffd784b74de3e104860c10316b0d4a5dcbfb6
Sha256
6500b4198a595f173e1009ec7f6fca35b2e62e175911726a1bf6fbb44b5897c2
Sha384
1a22e6e19373c9e453c95746adab1c51eb96cccad8375e566b054815f1d68f7e335bac15ecf5ed1820bc6fde6992a5a0
Sha512
b0fb5fe9b604dc7c2995df19520e518f39a34a7b6f5160069ffdd45c1b23f83c9deefd8b9e92427325dfe38e67012a7634974f22584bd03db94bad4d2d5f894a
SSDeep
12288:T5tO7xKqX/SpeKNSbTgnq/HkuIFUoGWuKi16k+xcAJj9YkQJ0:T5A1RTgnq/bIioGWuKi12xVJpIJ0
TLSH
67D401282729E707C9B067F959B1F23403B96DBEA861E2165EDA3DEF7576B000C44783
File Structure
4c8a58b01f7688d40de9df5bd3be1de7
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
UnitConvert.BidirectionalConverterForm.resources
UnitConvert.Properties.Resources.resources
de
[NBF]root.Data
elbr
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Info

PDB Path: WJbF.pdb
Module Name

WJbF.exe
Full Name

WJbF.exe
EntryPoint

System.Void UnitConvert.Program::Main()
Scope Name

WJbF.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

WJbF
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

387
Main Method

System.Void UnitConvert.Program::Main()
Main IL Instruction Count

10
Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void UnitConvert.MainMenuForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
4c8a58b01f7688d40de9df5bd3be1de7 (652.8 KB)
File Structure
4c8a58b01f7688d40de9df5bd3be1de7
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
UnitConvert.BidirectionalConverterForm.resources
UnitConvert.Properties.Resources.resources
de
[NBF]root.Data
elbr
[NBF]root.Data
[NBF]root.Data-preview.png
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙