Suspicious
Suspect

5a8bcfee3089263cff5f5741d04bdc45

PE Executable
|
MD5: 5a8bcfee3089263cff5f5741d04bdc45
|
Size: 1.61 MB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Medium

Hash
 Hash Value
MD5
5a8bcfee3089263cff5f5741d04bdc45
Sha1
a46a9769247851a122430b059f5a778e4867d984
Sha256
0de1bc51417ff52dbd8dea0137ce230d6ee9f0ecf5c8b8391288ac4be7f40337
Sha384
4dd225b63f3039565c36a65d93c8202aa2c5869f1413030fd4f5201f952d91e1283a6c70fef795b01ec0a0a084570d4d
Sha512
55f494e5dbe0994819bfad92c51780567adad4b102dc0ac3191319aa8beb9f32821b88e588a280cb1ffab6b4865cb632190050cd5026739523ca4a8e8ac3611d
SSDeep
12288:PYG70BxGPGZD52AmKBhSHIp7bGt4w5aYET0iXhxQYMWz/HfHHCqFM0WM+nSxTsv6:T0BxGPGZD52ASy1w5NCQWjsiiF4
TLSH
0275D891F4A024B29147A6BC90AE054F8F2931EBE986511FF19C6BC52F1FD82B5C7E43

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
5a8bcfee3089263cff5f5741d04bdc45
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
PhoneNumbers.PhoneNumberMetaData.xml
PhoneNumbers.PhoneNumberMetaDataForTesting.xml
PhoneNumbers.res.1_en
PhoneNumbers.res.31_nl
PhoneNumbers.res.34_es
PhoneNumbers.res.43_de
PhoneNumbers.res.46_sv
PhoneNumbers.res.49_de
PhoneNumbers.res.54_es
PhoneNumbers.res.55_pt
PhoneNumbers.res.56_es
PhoneNumbers.res.82_en
PhoneNumbers.res.82_ko
PhoneNumbers.res.82_zh
PhoneNumbers.res.82_zh_Hant
PhoneNumbers.res.86_zh
PhoneNumbers.res.test_1_en
PhoneNumbers.res.test_82_en
PhoneNumbers.res.test_82_ko
PhoneNumbers.res.44_en
PhoneNumbers.res.33_fr
PhoneNumbers.res.351_pt
PhoneNumbers.res.39_en
PhoneNumbers.res.39_it
PhoneNumbers.res.41_de
PhoneNumbers.res.41_en
PhoneNumbers.res.41_fr
PhoneNumbers.res.41_it
PhoneNumbers.res.7_en
PhoneNumbers.res.81_ja
PhoneNumbers.res.886_en
PhoneNumbers.res.886_zh
PhoneNumbers.res.886_zh_Hant
PhoneNumbers.res.90_en
PhoneNumbers.res.90_tr
PhoneNumbers.res.213_en
PhoneNumbers.res.216_en
PhoneNumbers.res.221_en
PhoneNumbers.res.224_en
PhoneNumbers.res.225_en
PhoneNumbers.res.226_en
PhoneNumbers.res.229_en
PhoneNumbers.res.233_en
PhoneNumbers.res.261_en
PhoneNumbers.res.264_en
PhoneNumbers.res.266_en
PhoneNumbers.res.267_en
PhoneNumbers.res.268_en
PhoneNumbers.res.354_en
PhoneNumbers.res.355_en
PhoneNumbers.res.370_en
PhoneNumbers.res.371_en
PhoneNumbers.res.372_en
PhoneNumbers.res.420_en
PhoneNumbers.res.421_en
PhoneNumbers.res.48_pl
PhoneNumbers.res.51_en
PhoneNumbers.res.84_en
PhoneNumbers.res.84_vi
PhoneNumbers.res.94_en
             
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

Ecapctfhgte.exe
Full Name

Ecapctfhgte.exe
EntryPoint

System.Void  ::()
Scope Name

Ecapctfhgte.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Ecapctfhgte
Assembly Version

1.0.3505.13810
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

0
Main Method

System.Void  ::()
Main IL Instruction Count

2
Main IL

call System.Void  ::() ret <null>
Module Name

Ecapctfhgte.exe
Full Name

Ecapctfhgte.exe
EntryPoint

System.Void  ::()
Scope Name

Ecapctfhgte.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Ecapctfhgte
Assembly Version

1.0.3505.13810
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

0
Main Method

System.Void  ::()
Main IL Instruction Count

2
Main IL

call System.Void  ::() ret <null>
5a8bcfee3089263cff5f5741d04bdc45 (1.61 MB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙