General
Structural Analysis
Config.0
Yara Rules20
Sync
Community
Summary by MalvaGPT
Characteristics
Symbol Ofbuscation Score
Medium
|
Hash | Hash Value |
|---|---|
| MD5 | 55ad7d942c00fd7c663f78ff05fd8e9d
|
| Sha1 | 703ff24ea45d72f84d36bdedfa70480b9e67264d
|
| Sha256 | cb2391d06743d76e0f5494daf21a381c57a6f7f824796697edb50a4424f3fcfc
|
| Sha384 | a925d86fa32c39797b3c7034a1d91a194f75dea83b90bbb21072eb65ac9326ef4c1f81cffa64876f227825b25078c342
|
| Sha512 | 1e915d1722e3c69bbdf6c87c46f7693ca146a0a04af3a120b533305348ac858b71bb53939ce3ef9432a6883de0f93f07c1d8981da5c5697f2a15e3fe83094b1f
|
| SSDeep | 24576:NLTprZnXqyllglglglvRsA9q3pK9kTxul6Ygzc9IC0pF/4:N/v6FEM9kvzcn4/4
|
| TLSH | B525F19D33A5D923D1B9A1F2C460F6B087F56D9BBA20D3C98DEA9CCB31E1F015241A47
|
File Structure
55ad7d942c00fd7c663f78ff05fd8e9d
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
IndexApp.CalTriangle.resources
$this.BackgroundImage
[NBF]root.Data
[NBF]root.Data-preview.png
IndexApp.calBMI.resources
$this.BackgroundImage
[NBF]root.Data
[NBF]root.Data.exif
[NBF]root.Data-preview.png
IndexApp.FormBSB.resources
iamgeA.ErrorImage
[NBF]root.Data
[NBF]root.Data-preview.png
IndexApp.FrmInternetCafe.resources
pictureBox1.BackgroundImage
[NBF]root.Data
[NBF]root.Data-preview.png
IndexApp.FrmStudentBMI.resources
IndexApp.GoldPriceFrm.resources
pictureBox1.BackgroundImage
[NBF]root.Data
[NBF]root.Data-preview.png
IndexApp.IndexApp.resources
$this.Icon
[NBF]root.IconData
Ce
[NBF]root.Data
menuStrip1.TrayLocation
IndexApp.Properties.Resources.resources
Fdqa
[NBF]root.Data
[NBF]root.Data-preview.png
gold-bars
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Info | PDB Path: C:\Users\Administrator\Desktop\Client\Temp\uVGjsGNqAS\src\obj\Debug\NOCj.pdb |
| Module Name | NOCj.exe |
| Full Name | NOCj.exe |
| EntryPoint | System.Void IndexApp.Program::Main() |
| Scope Name | NOCj.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | NOCj |
| Assembly Version | 0.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.5 |
| Total Strings | 749 |
| Main Method | System.Void IndexApp.Program::Main() |
| Main IL Instruction Count | 6 |
| Main IL | call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) newobj System.Void IndexApp.IndexApp::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null> |
55ad7d942c00fd7c663f78ff05fd8e9d (1.03 MB)
File Structure
55ad7d942c00fd7c663f78ff05fd8e9d
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
IndexApp.CalTriangle.resources
$this.BackgroundImage
[NBF]root.Data
[NBF]root.Data-preview.png
IndexApp.calBMI.resources
$this.BackgroundImage
[NBF]root.Data
[NBF]root.Data.exif
[NBF]root.Data-preview.png
IndexApp.FormBSB.resources
iamgeA.ErrorImage
[NBF]root.Data
[NBF]root.Data-preview.png
IndexApp.FrmInternetCafe.resources
pictureBox1.BackgroundImage
[NBF]root.Data
[NBF]root.Data-preview.png
IndexApp.FrmStudentBMI.resources
IndexApp.GoldPriceFrm.resources
pictureBox1.BackgroundImage
[NBF]root.Data
[NBF]root.Data-preview.png
IndexApp.IndexApp.resources
$this.Icon
[NBF]root.IconData
Ce
[NBF]root.Data
menuStrip1.TrayLocation
IndexApp.Properties.Resources.resources
Fdqa
[NBF]root.Data
[NBF]root.Data-preview.png
gold-bars
[NBF]root.Data
[NBF]root.Data-preview.png
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.