4cd290cac6d9c4e1de99add6781965ad

PE Executable
|
MD5: 4cd290cac6d9c4e1de99add6781965ad
|
Size: 780.81 KB
|
application/x-dosexec

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	4cd290cac6d9c4e1de99add6781965ad
Sha1	f08934d3d87fa954a648da60425ac98965146e81
Sha256	d374091cdaf72ea9673f8e9d63eebaefc9315a3511f0194dda15252ebb517c66
Sha384	5d3f623e8b6940e1c6c245f3277bfcbc0964a6a1f7966e7f10e4a1a677deafa2f00dae16d563ec5ca86452f3bfe014fd
Sha512	17576160172deb0da1227787cc4f93b35096cbe9870698e65722c20883ed5bb7b25e4fa5f325a02873e8b7985a3cbc228ec396ab06f0c88706591c00f274f168
SSDeep	12288:Kq2mqA5s3GO67L5GU8oJ3/NfU/YLfp3qwTXQllCC/W2YQZikR:K3mB5s3Gj9FZVfUwLVaOC+N4
TLSH	0DF4126463A4E503DDA99B3049F0F27817BA7DC9EA30C3475AD9ADDFB9A4E609C40313

PeID

.NET executable

Microsoft Visual C# / Basic .NET

Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL

Microsoft Visual C# v7.0 / Basic .NET

Microsoft Visual Studio .NET

File Structure

Informations

Name0	Value
Info	PE Detect: PeReader OK (file layout)
Info	Authenticode present at 0xBB400 size 13832 bytes
Info	PDB Path: C:\Users\Administrator\Desktop\Client\Temp\kaduYBbenQ\src\obj\Debug\sJwr.pdb
Module Name	sJwr.exe
Full Name	sJwr.exe
EntryPoint	System.Void Canada_Simulator.Program::Main()
Scope Name	sJwr.exe
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	sJwr
Assembly Version	201.502.607.709
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.5
Total Strings	254
Main Method	System.Void Canada_Simulator.Program::Main()
Main IL Instruction Count	10
Main IL	call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) newobj System.Void Star_generator.Form1::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) newobj System.Void Canada_Simulator.Program::.ctor() call System.Void Canada_Simulator.Program::Menu() newobj System.Void Canada_Simulator.Program::.ctor() call System.Void Canada_Simulator.Program::FailSafe() ret <null>
Module Name	sJwr.exe
Full Name	sJwr.exe
EntryPoint	System.Void Canada_Simulator.Program::Main()
Scope Name	sJwr.exe
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	sJwr
Assembly Version	201.502.607.709
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.5
Total Strings	254
Main Method	System.Void Canada_Simulator.Program::Main()
Main IL Instruction Count	10
Main IL	call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) newobj System.Void Star_generator.Form1::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) newobj System.Void Canada_Simulator.Program::.ctor() call System.Void Canada_Simulator.Program::Menu() newobj System.Void Canada_Simulator.Program::.ctor() call System.Void Canada_Simulator.Program::FailSafe() ret <null>

4cd290cac6d9c4e1de99add6781965ad (780.81 KB)

File Structure

Characteristics

No malware configuration were found at this point.

You must be signed in to post a comment.

4cd290cac6d9c4e1de99add6781965ad

PE Executable | MD5: 4cd290cac6d9c4e1de99add6781965ad | Size: 780.81 KB | application/x-dosexec

PE Executable
|
MD5: 4cd290cac6d9c4e1de99add6781965ad
|
Size: 780.81 KB
|
application/x-dosexec