Suspicious
Suspect

550a81c0e08e6362ee775a05dfef9973

PE Executable
|
MD5: 550a81c0e08e6362ee775a05dfef9973
|
Size: 799.74 KB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Medium

Hash
 Hash Value
MD5
550a81c0e08e6362ee775a05dfef9973
Sha1
e293420d0d2d3574c4baa8204588d4b87117fb73
Sha256
bf07f6a759a4694da4f35aac373cd5a20f7ba98683766c33a4e120e9b8ab7ec0
Sha384
a7b54f972a38808546bbc79ca3a5b467171941566049ebb1e6de1f9bac9a66a18ac89c821ee7d5a94cae348ed0cc49cd
Sha512
cae4f84c23f69d3a06b38b51fd18d9faea55e3f82dd6e1dfc1bdc0c389938c424dcd1202f192b4d59131dd72c410a6a3958149d57137a24248d63bd4fa0700b4
SSDeep
24576:JOcWOS2OUVWW9n5+P6k1zh5Ajx7AcWxMA94U:JBWOSHUQW9nkPvP5yxLWxMA9
TLSH
3A05F150B3AADA01D1B65BF05970D7740779BE2EB931C31A4FDAACEBB831B005961393

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
550a81c0e08e6362ee775a05dfef9973
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
ErrorAnalyzer.Forms.MainForm.resources
ErrorAnalyzer.Properties.Resources.resources
Coloring
[NBF]root.Data
khjU
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Info

PDB Path: BHjZ.pdb
Module Name

BHjZ.exe
Full Name

BHjZ.exe
EntryPoint

System.Void ErrorAnalyzer.Program::Main()
Scope Name

BHjZ.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

BHjZ
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

438
Main Method

System.Void ErrorAnalyzer.Program::Main()
Main IL Instruction Count

10
Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void ErrorAnalyzer.Forms.MainForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
Module Name

BHjZ.exe
Full Name

BHjZ.exe
EntryPoint

System.Void ErrorAnalyzer.Program::Main()
Scope Name

BHjZ.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

BHjZ
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

438
Main Method

System.Void ErrorAnalyzer.Program::Main()
Main IL Instruction Count

10
Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void ErrorAnalyzer.Forms.MainForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
550a81c0e08e6362ee775a05dfef9973 (799.74 KB)
File Structure
550a81c0e08e6362ee775a05dfef9973
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
ErrorAnalyzer.Forms.MainForm.resources
ErrorAnalyzer.Properties.Resources.resources
Coloring
[NBF]root.Data
khjU
[NBF]root.Data
[NBF]root.Data-preview.png
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙