Suspicious
Suspect

5abae22dd2385a878dc8aead6f73ce56

PE Executable
|
MD5: 5abae22dd2385a878dc8aead6f73ce56
|
Size: 853.5 KB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very low

Hash
 Hash Value
MD5
5abae22dd2385a878dc8aead6f73ce56
Sha1
820c69f9de7a1a40367b649ee8bdc681b1d2eaf7
Sha256
1bfbdb647f4ddac6b2bd3bf51f2dd64b5cd7c46a3ae6c0fabfaa348852337b14
Sha384
10cdb3e9d8e35d34dfd8de1e3cd841a88ace03d1c6f7cbc1410e07b8b767548f02071d4a76d3871299dd777f6bca9148
Sha512
b07fb99c57c1bb19e77ad56215cefba9bfc1a80b10427064fe1304e996c48ddd2d17ee5e9c1817f3ec84232ef7dba74df9a4ba38eef38f1dc3a3ba0e39c9aa2a
SSDeep
12288:s9nW09Un3PqfyrPkv0qzFu/lMuhsbDWw9Jk277TnIVGYufaYPUmc1T29oyc:oyn/5k5zIFo19Jk28VGUSUmc5xN
TLSH
A005BE3071AD8863C6A952F04550E57533AB6ECF282ED1DA4DC6BDCB7DE8BC04B94A43

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
5abae22dd2385a878dc8aead6f73ce56
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
.Net Resources
QLDTDD_FPT.AM_Edit.resources
QLDTDD_FPT.Properties.Resources.resources
QFCw
[NBF]root.Data
[NBF]root.Data-preview.png
QLDTDD_FPT.StaffManagementForm.resources
$this.Icon
[NBF]root.IconData
kc
[NBF]root.Data
Informations
Name
 Value
Module Name

QTsU.exe
Full Name

QTsU.exe
EntryPoint

System.Void QLDTDD_FPT.Program::Main()
Scope Name

QTsU.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

QTsU
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

975
Main Method

System.Void QLDTDD_FPT.Program::Main()
Main IL Instruction Count

6
Main IL

call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) newobj System.Void QLDTDD_FPT.Mainform::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null>
Module Name

QTsU.exe
Full Name

QTsU.exe
EntryPoint

System.Void QLDTDD_FPT.Program::Main()
Scope Name

QTsU.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

QTsU
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

975
Main Method

System.Void QLDTDD_FPT.Program::Main()
Main IL Instruction Count

6
Main IL

call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) newobj System.Void QLDTDD_FPT.Mainform::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null>
Artefacts
Name
 Value
PDB Path

QTsU.pdb
5abae22dd2385a878dc8aead6f73ce56 (853.5 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙