Suspicious
Suspect

6475c021a81f73ecadd009db501b0e81

PE Executable
|
MD5: 6475c021a81f73ecadd009db501b0e81
|
Size: 103.74 KB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very low

Hash
Hash Value
MD5
6475c021a81f73ecadd009db501b0e81
Sha1
70bc4a021814d3dcc68eac88f10d5b82c89f4105
Sha256
dfc4f3937a61828511c1f70fb56a0cc3104f80e957c0fd582b3f750136f510a7
Sha384
ae381cee45dd90492ae9c3f4f6d22bccecbe49452908b671b15ae6929ae7e3110693cca805a95491892c91d30712c371
Sha512
c1d5431439967952327ae2487761a4fde0edee76b0ae9033c0c6126d6639360a9352d6ca023383557311fa5c563abd1613ebbb2ae21d168f21c7f038a4e24183
SSDeep
1536:MYxlY23kGwgMBUQGum2U8aVCguHEvQEbFeDVC3woFRKpTdm67:DlY23kg3sguGDFaXm8
TLSH
D5A3F1387E862133C67EC1F1A9E6768AABA9212F3191DDCE4C97028518F2F155EC1D1F

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
Overlay_4b5ada37.bin
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
26fc2.resources
1973c.png
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
Name
Value
Info

PE Detect: PeReader OK (file layout)

Info

Overlay extracted: Overlay_4b5ada37.bin (5952 bytes)

Module Name

1.exe

Full Name

1.exe

EntryPoint

System.Void MusicExpress.Program::Main()

Scope Name

1.exe

Scope Type

ModuleDef

Kind

Windows

Runtime Version

v2.0.50727

Tables Header Version

512

WinMD Version

<null>

Assembly Name

1

Assembly Version

1.28.14.52

Assembly Culture

<null>

Has PublicKey

False

PublicKey Token

<null>

Target Framework

<null>

Total Strings

1178

Main Method

System.Void MusicExpress.Program::Main()

Main IL Instruction Count

3

Main IL

newobj System.Void MusicExpress.MusicExpressMain::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null>

Module Name

1.exe

Full Name

1.exe

EntryPoint

System.Void MusicExpress.Program::Main()

Scope Name

1.exe

Scope Type

ModuleDef

Kind

Windows

Runtime Version

v2.0.50727

Tables Header Version

512

WinMD Version

<null>

Assembly Name

1

Assembly Version

1.28.14.52

Assembly Culture

<null>

Has PublicKey

False

PublicKey Token

<null>

Target Framework

<null>

Total Strings

1178

Main Method

System.Void MusicExpress.Program::Main()

Main IL Instruction Count

3

Main IL

newobj System.Void MusicExpress.MusicExpressMain::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null>

6475c021a81f73ecadd009db501b0e81 (103.74 KB)
File Structure
Overlay_4b5ada37.bin
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
26fc2.resources
1973c.png
[NBF]root.Data
[NBF]root.Data-preview.png
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙