Suspect
596592a01f784b5766a0fbbd61d18adc
PE Executable | MD5: 596592a01f784b5766a0fbbd61d18adc | Size: 650.24 KB | application/x-dosexec
PE Executable
MD5: 596592a01f784b5766a0fbbd61d18adc
Size: 650.24 KB
application/x-dosexec
Summary by MalvaGPT
Characteristics
Symbol Ofbuscation Score
Medium
|
Hash | Hash Value |
|---|---|
| MD5 | 596592a01f784b5766a0fbbd61d18adc
|
| Sha1 | 2ce5012c19743a88927d61e7bbbc88bc5e554787
|
| Sha256 | 3cc8ebdc770eed05864ce67f642df1d35a59005ee108fbeba205cf8e9f27f514
|
| Sha384 | 5808ea6287f56308ea055545e5d2e19e8be22000432a64e07a9822e79b6874c018c0ed0f86e97747593401537a25d64c
|
| Sha512 | 4db4b318dd49ada7f5f396c69415947c0bddcd3f86a231add492595cbca2bb72a30ae2e9c9135e7e4bff9f9c131e0a746e728253beabfeb4598c31d6ecc40c99
|
| SSDeep | 12288:rHKAc4WEC7xwBy1Lee4maSxBrcYKIpnrWCtwizuzYe0Y5YjBjRs:rHKAc4wdwUEM/KbW9np4
|
| TLSH | C4D412003AA9CA42E6B61BF42872E27073B4BD9DDD26E7194ED92CDF3437BA04255353
|
File Structure
596592a01f784b5766a0fbbd61d18adc
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
TextTools.Forms.MainForm.resources
TextTools.Properties.Resources.resources
Mars
[NBF]root.Data
TREG
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Info | PDB Path: vXXX.pdb |
| Module Name | vXXX.exe |
| Full Name | vXXX.exe |
| EntryPoint | System.Void TextTools.Program::Main() |
| Scope Name | vXXX.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | vXXX |
| Assembly Version | 1.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.0 |
| Total Strings | 204 |
| Main Method | System.Void TextTools.Program::Main() |
| Main IL Instruction Count | 10 |
| Main IL | nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void TextTools.Forms.MainForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null> |
596592a01f784b5766a0fbbd61d18adc (650.24 KB)
File Structure
596592a01f784b5766a0fbbd61d18adc
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
TextTools.Forms.MainForm.resources
TextTools.Properties.Resources.resources
Mars
[NBF]root.Data
TREG
[NBF]root.Data
[NBF]root.Data-preview.png
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.