Suspicious
Suspect

68c3115909de6af13b312b691122d19a

PE Executable
|
MD5: 68c3115909de6af13b312b691122d19a
|
Size: 716.29 KB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very low

Hash
 Hash Value
MD5
68c3115909de6af13b312b691122d19a
Sha1
c55c3c80b8409ee5f6b45d4ba3365111c2bc5b17
Sha256
9128341eadbe23a479073756b46a420ec61725b60d8b7d68f428e997e30fc85f
Sha384
6fdaa021c6ffc01dc72b0c041a3417569725b2cdfac7c7b33c621a001e5813dd1e7d42c578be97b7ef1b2a64fbb8b0c2
Sha512
f0406ebd713566a58d596b2ffdce0f681a7bbb3748b2453ce67c45b990a1e913cfb25fe9f259d8023fdf0d3bb58a1003457389afb0bf3df12cdbd4458cfce1df
SSDeep
12288:cld7Ux3dgk2L74uD2HdHl+bb5xoXYx+rXf6qn0DHX6:cn72de7WHVl+nPIrXfv2
TLSH
3FE4DF2026604F17EA3A97F24111D13203F85EAC686EE6456FC2BDDF39B9F902990F57

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
68c3115909de6af13b312b691122d19a
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
.Net Resources
QLDTDD_FPT.AM_Edit.resources
QLDTDD_FPT.Login.resources
$this.Icon
QLDTDD_FPT.Mainform.resources
DF
menuStrip1.TrayLocation
QLDTDD_FPT.Properties.Resources.resources
vDFj
Informations
Name
 Value
Module Name

Lvov.exe
Full Name

Lvov.exe
EntryPoint

System.Void QLDTDD_FPT.Program::Main()
Scope Name

Lvov.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Lvov
Assembly Version

5.2.1024.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

998
Main Method

System.Void QLDTDD_FPT.Program::Main()
Main IL Instruction Count

10
Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void QLDTDD_FPT.Mainform::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
Module Name

Lvov.exe
Full Name

Lvov.exe
EntryPoint

System.Void QLDTDD_FPT.Program::Main()
Scope Name

Lvov.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Lvov
Assembly Version

5.2.1024.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

998
Main Method

System.Void QLDTDD_FPT.Program::Main()
Main IL Instruction Count

10
Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void QLDTDD_FPT.Mainform::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
Artefacts
Name
 Value
Embedded Resources

18
Suspicious Type Names (1-2 chars)

0
68c3115909de6af13b312b691122d19a (716.29 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙