Suspicious
Suspect

6c8b06d6b0fe7f734cf9f1d0bfe8cdcb

PE Executable
|
MD5: 6c8b06d6b0fe7f734cf9f1d0bfe8cdcb
|
Size: 543.24 KB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Low

Hash
 Hash Value
MD5
6c8b06d6b0fe7f734cf9f1d0bfe8cdcb
Sha1
9794731ebf2f8cdf742bbdc45bcd39df6fbb7c54
Sha256
6d1482246540a4952079125b87176149a72fe0b36f62af7f897065808a1c5c8d
Sha384
9ab86ae75ee4813413c050096f6ac326b3f5f671bbf86baaee79a0e7b840bd9019bfe2c553f72d739e020ca5151d9e42
Sha512
fbc9c659f128e608e416f31c86f3d12b1dd5d9293e4138c980ac6174f5421855a4ee7b04310437ecfd1ef5f8ffb0209812869c2e6bcd5500033ed215cf7bb593
SSDeep
12288:KKjWl37bj1ia9W3GNskdGgShCVU2l5u4peRAE1kR:KKql5iHE9dG/g7VpeRAEI
TLSH
2BC4BDD7331EA903C5624AB00DE1C2B757BC6D99A91DC3868FEA7CCB78B4B412705297

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
6c8b06d6b0fe7f734cf9f1d0bfe8cdcb
[Authenticode]_a32ace3a.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
RT_GROUP_CURSOR4
ID:0001
ID:0
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
GameApi.MainForm.resources
$this.Icon
[NBF]root.IconData
fee
[NBF]root.Data
CrudForm.Properties.Resources.resources
CQmy
[NBF]root.Data
[NBF]root.Data-preview.png
GameApi.StoresForm.resources
$this.Icon
[NBF]root.IconData
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Info

Authenticode present at 0x81400 size 13832 bytes
Info

PDB Path: C:\Users\Administrator\Desktop\Client\Temp\TfJiUbIUID\src\obj\Debug\bUSU.pdb
Module Name

bUSU.exe
Full Name

bUSU.exe
EntryPoint

System.Void GameApi.Program::Main()
Scope Name

bUSU.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

bUSU
Assembly Version

5.4.2.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.7.2
Total Strings

305
Main Method

System.Void GameApi.Program::Main()
Main IL Instruction Count

6
Main IL

call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) newobj System.Void GameApi.MainForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null>
Module Name

bUSU.exe
Full Name

bUSU.exe
EntryPoint

System.Void GameApi.Program::Main()
Scope Name

bUSU.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

bUSU
Assembly Version

5.4.2.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.7.2
Total Strings

305
Main Method

System.Void GameApi.Program::Main()
Main IL Instruction Count

6
Main IL

call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) newobj System.Void GameApi.MainForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null>
6c8b06d6b0fe7f734cf9f1d0bfe8cdcb (543.24 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙