71e1d2196ad6d942d9d38f92d45c36b8

PE Executable
|
MD5: 71e1d2196ad6d942d9d38f92d45c36b8
|
Size: 870.41 KB
|
application/x-dosexec

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	71e1d2196ad6d942d9d38f92d45c36b8
Sha1	27d3760512efa437991ac64d7d19a359d8be4a18
Sha256	2261076a897c78824d78af89c1a409308893eab0242e7e04399ed7b7b6c7d245
Sha384	22ffb1d2f342b48fb726137e43c20e44f1cfa69e1fa13a71d6d17c4160f754559c668fe5b3cfead82afed36ce9b84889
Sha512	5b5c313da4d7f8ef4c2c21cf9b25102344fc665c0479e4bc5af908d8c3d6f9438e0f790b91949e53bd097986e67f53d6c9c82fd6f27ba8b9c3d54dbab1fb646c
SSDeep	24576:8HcrlxKj/2PFwoX2ABvzZHeYOqtwWY/QK:8OPo/2PJ9vzZHeYTtwpoK
TLSH	A70502983200F05EC497DA724DA0EE74DA717DAA6207C603E1E72CEF7D5D6869F112E2

PeID

.NET executable

Microsoft Visual C# / Basic .NET

Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL

Microsoft Visual C# v7.0 / Basic .NET

Microsoft Visual Studio .NET

File Structure

Informations

Name0	Value
Info	PE Detect: PeReader OK (file layout)
Info	Authenticode present at 0xD1200 size 13832 bytes
Module Name	UsFp.exe
Full Name	UsFp.exe
EntryPoint	System.Void WorldClock.Program::Main()
Scope Name	UsFp.exe
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	UsFp
Assembly Version	1.0.0.0
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.5
Total Strings	165
Main Method	System.Void WorldClock.Program::Main()
Main IL Instruction Count	31
Main IL	nop <null> ldc.i4 1428848598 ldc.i4 816423260 xor <null> dup <null> stloc.0 <null> ldc.i4.4 <null> rem.un <null> switch dnlib.DotNet.Emit.Instruction[] br.s IL_005D: ret call System.Void WorldClock.Program::‫‍⁯‬⁫⁮⁬‬‮‎⁯‪⁬‪‌‏‬‮‎‌⁭‍‪‬‍‬‏‬⁪‎‬‬⁮‍⁬⁭⁭‪‮() nop <null> ldloc.0 <null> ldc.i4 -1682451839 mul <null> ldc.i4 -1425923167 xor <null> br.s IL_0006: ldc.i4 816423260 ldc.i4.0 <null> call System.Void WorldClock.Program::⁫‫‏‭⁫‍⁭⁭‏⁯⁭⁫‌‬⁬‏⁭‮‏‎‫⁪‭‍‍⁬‍⁮‏‎⁬⁯‏‎⁯⁭‭‍‮(System.Boolean) nop <null> newobj System.Void WorldClock.Form1::.ctor() call System.Void WorldClock.Program::⁪‪‌⁪⁬‭⁯‫‮‎‬‏⁬⁪‭‏‮⁬‬‬‌⁯‎‮⁭⁬‍‫⁪‮⁯‎⁭⁮‮‍‭‮‮(System.Windows.Forms.Form) nop <null> ldloc.0 <null> ldc.i4 -1073767906 mul <null> ldc.i4 -1110345685 xor <null> br.s IL_0006: ldc.i4 816423260 ret <null>
Module Name	UsFp.exe
Full Name	UsFp.exe
EntryPoint	System.Void WorldClock.Program::Main()
Scope Name	UsFp.exe
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	UsFp
Assembly Version	1.0.0.0
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.5
Total Strings	165
Main Method	System.Void WorldClock.Program::Main()
Main IL Instruction Count	31
Main IL	nop <null> ldc.i4 1428848598 ldc.i4 816423260 xor <null> dup <null> stloc.0 <null> ldc.i4.4 <null> rem.un <null> switch dnlib.DotNet.Emit.Instruction[] br.s IL_005D: ret call System.Void WorldClock.Program::‫‍⁯‬⁫⁮⁬‬‮‎⁯‪⁬‪‌‏‬‮‎‌⁭‍‪‬‍‬‏‬⁪‎‬‬⁮‍⁬⁭⁭‪‮() nop <null> ldloc.0 <null> ldc.i4 -1682451839 mul <null> ldc.i4 -1425923167 xor <null> br.s IL_0006: ldc.i4 816423260 ldc.i4.0 <null> call System.Void WorldClock.Program::⁫‫‏‭⁫‍⁭⁭‏⁯⁭⁫‌‬⁬‏⁭‮‏‎‫⁪‭‍‍⁬‍⁮‏‎⁬⁯‏‎⁯⁭‭‍‮(System.Boolean) nop <null> newobj System.Void WorldClock.Form1::.ctor() call System.Void WorldClock.Program::⁪‪‌⁪⁬‭⁯‫‮‎‬‏⁬⁪‭‏‮⁬‬‬‌⁯‎‮⁭⁬‍‫⁪‮⁯‎⁭⁮‮‍‭‮‮(System.Windows.Forms.Form) nop <null> ldloc.0 <null> ldc.i4 -1073767906 mul <null> ldc.i4 -1110345685 xor <null> br.s IL_0006: ldc.i4 816423260 ret <null>

71e1d2196ad6d942d9d38f92d45c36b8 (870.41 KB)

71e1d2196ad6d942d9d38f92d45c36b8

PE Executable | MD5: 71e1d2196ad6d942d9d38f92d45c36b8 | Size: 870.41 KB | application/x-dosexec

PE Executable
|
MD5: 71e1d2196ad6d942d9d38f92d45c36b8
|
Size: 870.41 KB
|
application/x-dosexec