Suspicious
Suspect

5ca4abd0007c8c14893c685857389d7f

PE Executable
|
MD5: 5ca4abd0007c8c14893c685857389d7f
|
Size: 1.01 MB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
5ca4abd0007c8c14893c685857389d7f
Sha1
675102efa1d58731e078f12f1f377f9fb2455039
Sha256
5548d5924c918833871e6e6d4d8d3c3647b10907a7618588f97d4d029671de67
Sha384
93c1135b535c9e6ea8ffd05e62df37255e0e95a2b5519b5312aeadc2ca70af060e0bfb47fa0ac57fbc2a42d907d93118
Sha512
840b57fed149c27f471f17ba7e41ccd52885ff3c9c5c65210a3b947facfa6b684df5e9f567507bbbbfb6a153ee5080f5524a3435c80ba5f63d8e403716f9960c
SSDeep
24576:xN0ZOMIfb6hzmjROwbqR0TbTP0X/rs2rDnqJ6RuWjbv:xNlfbkq8w40TbT0X/rBfnqcgk
TLSH
302502927115DC83D9AA47F20921D1B403F69D8DA825D28A6EDA3EDF31F33132852F5B

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
5ca4abd0007c8c14893c685857389d7f
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
RT_GROUP_CURSOR4
ID:0001
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
Informations
Name
 Value
Module Name

SuKB.exe
Full Name

SuKB.exe
EntryPoint

System.Void StreamlinedHelper.Program::Main()
Scope Name

SuKB.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

SuKB
Assembly Version

7.0.0.2
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

560
Main Method

System.Void StreamlinedHelper.Program::Main()
Main IL Instruction Count

7
Main IL

call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) call System.Void StreamlinedHelper.Program::InitializeApplication() newobj System.Void StreamlinedHelper.MainForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null>
Module Name

SuKB.exe
Full Name

SuKB.exe
EntryPoint

System.Void StreamlinedHelper.Program::Main()
Scope Name

SuKB.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

SuKB
Assembly Version

7.0.0.2
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

560
Main Method

System.Void StreamlinedHelper.Program::Main()
Main IL Instruction Count

7
Main IL

call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) call System.Void StreamlinedHelper.Program::InitializeApplication() newobj System.Void StreamlinedHelper.MainForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null>
Artefacts
Name
 Value
Embedded Resources

9
Suspicious Type Names (1-2 chars)

0
5ca4abd0007c8c14893c685857389d7f (1.01 MB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙