Suspect
6d47f927efa2be69085f8899bd5734bc
PE Executable | MD5: 6d47f927efa2be69085f8899bd5734bc | Size: 914.94 KB | application/x-dosexec
PE Executable
MD5: 6d47f927efa2be69085f8899bd5734bc
Size: 914.94 KB
application/x-dosexec
Summary by MalvaGPT
Characteristics
Symbol Ofbuscation Score
Low
|
Hash | Hash Value |
|---|---|
| MD5 | 6d47f927efa2be69085f8899bd5734bc
|
| Sha1 | 017be244e138f85842d1af4efcae7cde5aed0d03
|
| Sha256 | 06a4f5872145608425c3b41c01ee00f6b20986236d673ec5319184cc68a029e5
|
| Sha384 | 336cb73cb8694cbeebcb56f47ceb520dc06b6c7b400271a31a5cbe506f94a20fa11459c804e5d1191a20200b2dda1594
|
| Sha512 | 5d35df2786a100c18bc22cec05f77e420c068767478601a76c520b7843ec17525f60d83dd76112e03190eb1a29ed7c80c3cc642091d508292f1bf3828260f7c6
|
| SSDeep | 24576:UKEcZN7pVWDQThYtPbfGphaGlCP1xqeDslUjX:B3hkPCU1pQlUj
|
| TLSH | BD1523845345E822CC6A0F755C92C5362BFABEAE6212D717AFE97DEB3533311A164303
|
PeID
Microsoft Visual C++ v6.0 DLL
File Structure
6d47f927efa2be69085f8899bd5734bc
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
CalculatorPlus.Properties.Resources.resources
FU
[NBF]root.Data
OWpm
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
|
Name0 | Value |
|---|---|
| Module Name | jdCU.exe |
| Full Name | jdCU.exe |
| EntryPoint | System.Void CalculatorPlus.Program::Main() |
| Scope Name | jdCU.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | jdCU |
| Assembly Version | 1.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.5 |
| Total Strings | 271 |
| Main Method | System.Void CalculatorPlus.Program::Main() |
| Main IL Instruction Count | 10 |
| Main IL | nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void CalculatorPlus.MainForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null> |
Artefacts
|
Name0 | Value |
|---|---|
| PDB Path | jdCU.pdb |
6d47f927efa2be69085f8899bd5734bc (914.94 KB)
File Structure
6d47f927efa2be69085f8899bd5734bc
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
CalculatorPlus.Properties.Resources.resources
FU
[NBF]root.Data
OWpm
[NBF]root.Data
[NBF]root.Data-preview.png
Characteristics
No malware configuration were found at this point.
Artefacts
|
Name0 | Value | Location |
|---|---|---|
| PDB Path | jdCU.pdb |
6d47f927efa2be69085f8899bd5734bc |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.