Suspect
4d0875c9005d84159b6ba0d2e7fd994a
PE Executable | MD5: 4d0875c9005d84159b6ba0d2e7fd994a | Size: 16.9 KB | application/x-dosexec
PE Executable
MD5: 4d0875c9005d84159b6ba0d2e7fd994a
Size: 16.9 KB
application/x-dosexec
Summary by MalvaGPT
Characteristics
Symbol Ofbuscation Score
Low
|
Hash | Hash Value |
|---|---|
| MD5 | 4d0875c9005d84159b6ba0d2e7fd994a
|
| Sha1 | c03adc191ea0ce7af1c8e9b67a54188c848e5354
|
| Sha256 | 5e46b08b08cf4a2722459f48f9ef18f63d2c824bfa6798e254dac4f99b1eec49
|
| Sha384 | 7d0350c5916b9764d601e663ab87b9a29cc88cba8a201486e88d81ee6257cea2464ff3cc3addf845fea029fe49571def
|
| Sha512 | 03903ac3b11efb9a82e11e819797b4cb3203b1500f74dfb7a55d31d308d007453ae0e0b7230d83f0add6af93650168e414ffef7d46ba4d8a5e750e9d91183c1b
|
| SSDeep | 384:CP4lTO7H/GFfaXh2UlsUldFYC5R9VZw9q/x3WqVGNhj:CP4lq7+1AwUleCT97lVyR
|
| TLSH | FC721A0833D84614E1BF4B7D59F2022449B6F96A9935EE4C2CCD216E1EF3784DA20FB6
|
PeID
.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
4d0875c9005d84159b6ba0d2e7fd994a
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
Informations
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Module Name | agent_anycpu.exe |
| Full Name | agent_anycpu.exe |
| EntryPoint | System.Void FleetAgent.Program::Main(System.String[]) |
| Scope Name | agent_anycpu.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | agent_anycpu |
| Assembly Version | 0.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | <null> |
| Total Strings | 151 |
| Main Method | System.Void FleetAgent.Program::Main(System.String[]) |
| Main IL Instruction Count | 2 |
| Main IL | call System.Void FleetAgent.Program::Execute() ret <null> |
| Module Name | agent_anycpu.exe |
| Full Name | agent_anycpu.exe |
| EntryPoint | System.Void FleetAgent.Program::Main(System.String[]) |
| Scope Name | agent_anycpu.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | agent_anycpu |
| Assembly Version | 0.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | <null> |
| Total Strings | 151 |
| Main Method | System.Void FleetAgent.Program::Main(System.String[]) |
| Main IL Instruction Count | 2 |
| Main IL | call System.Void FleetAgent.Program::Execute() ret <null> |
4d0875c9005d84159b6ba0d2e7fd994a (16.9 KB)
File Structure
4d0875c9005d84159b6ba0d2e7fd994a
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.