Suspicious
Suspect

57e0bc35594f604edaff8cb3be8c6872

PE Executable
|
MD5: 57e0bc35594f604edaff8cb3be8c6872
|
Size: 562.69 KB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Medium

Hash
 Hash Value
MD5
57e0bc35594f604edaff8cb3be8c6872
Sha1
f5139feb68968269f15caa209f44d6a12a4683e3
Sha256
c5f3ff2435c7f3fe3a08a1b762a2046c9e0a34fb3c8117c826d6b9970bd299c5
Sha384
549e9e0f09336f92267771d4ac5c636c7ecce58d55e9e586f322f60700e6d08d78851fb2365764772489f8c87885cdd0
Sha512
48ffc2dc374d6f2eaee0707e37c22c0aa186efb831fbb9c28e2275dac587b56db6aec8889a817e5d1eaafc8ba0b3d726c0e3f2ada8c46a6c1f43329b95c77cd6
SSDeep
12288:HI/HFNJf8UrseA74Q10bwi6kQgPDf/RM3jhQkjZpO0M39y:HIhXrwMbwiHQgPb/qxk0M3Q
TLSH
7DC412606606ED22EC891FF40972E3BA53788FDFB523E3038BEDACD7B9157052544292

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
57e0bc35594f604edaff8cb3be8c6872
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
NetworkMonitor.Properties.Resources.resources
DrXy
[NBF]root.Data
[NBF]root.Data-preview.png
cgi
[NBF]root.Data
Informations
Name
 Value
Module Name

jghs.exe
Full Name

jghs.exe
EntryPoint

System.Void NetworkMonitor.Program::Main()
Scope Name

jghs.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

jghs
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

113
Main Method

System.Void NetworkMonitor.Program::Main()
Main IL Instruction Count

10
Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void NetworkMonitor.Forms.NetworkUtilitiesForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
Module Name

jghs.exe
Full Name

jghs.exe
EntryPoint

System.Void NetworkMonitor.Program::Main()
Scope Name

jghs.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

jghs
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

113
Main Method

System.Void NetworkMonitor.Program::Main()
Main IL Instruction Count

10
Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void NetworkMonitor.Forms.NetworkUtilitiesForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
Artefacts
Name
 Value
PDB Path

jghs.pdb
57e0bc35594f604edaff8cb3be8c6872 (562.69 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙