General
Structural Analysis
Config.0
Yara Rules24
Sync
Community
Summary by MalvaGPT
Characteristics
Symbol Ofbuscation Score
Low
|
Hash | Hash Value |
|---|---|
| MD5 | 75341500164e965ca44dbfa031af8cd0
|
| Sha1 | c0efbaf0ae94231874b201e38e3f7417c77f9478
|
| Sha256 | 6dd876657514ae7388426ab3bc2523b4322f581dbde93691d9e388085fdd0ec9
|
| Sha384 | 39f89141f070004f3ffddc1297e6cfb7d4e78107967dd4675ef9f3e284e3c109ec29963b14a61ba806763fb2da365251
|
| Sha512 | dd6fa7aa591615063c592ad248deeaa56fcbc5eb390d10e2c6dcc179712f9c810dca481666444fbb0b9d75e3d240262c2da0b41b2a78d2d2bb828d979358b2e4
|
| SSDeep | 12288:EC0OWiCgJ5wxJNCdRBPtrXgAKF8Sn0j8Gt5Si3M9gXft0H4c5v:EjW5wkdbeFjYX5Si33Xft05
|
| TLSH | 92051264224AC403D5D213B20CD3E37547781FCAE815E78B9AEEEDCB7D266563E402DA
|
File Structure
75341500164e965ca44dbfa031af8cd0
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
hosh_genetic.Form1.resources
$this.Icon
[NBF]root.IconData
KS
[NBF]root.Data
hosh_genetic.Form2.resources
hosh_genetic.Form3.resources
$this.BackgroundImage
[NBF]root.Data
[NBF]root.Data-preview.png
hosh_genetic.Properties.Resources.resources
loginAfter
[NBF]root.Data
[NBF]root.Data-preview.png
loginError
[NBF]root.Data
[NBF]root.Data-preview.png
tCTW
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Info | PDB Path: C:\Users\Administrator\Desktop\Client\Temp\JZhFyGgAoS\src\obj\Debug\Kzfm.pdb |
| Module Name | Kzfm.exe |
| Full Name | Kzfm.exe |
| EntryPoint | System.Void hosh_genetic.Program::Main() |
| Scope Name | Kzfm.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | Kzfm |
| Assembly Version | 5.2.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.5 |
| Total Strings | 83 |
| Main Method | System.Void hosh_genetic.Program::Main() |
| Main IL Instruction Count | 6 |
| Main IL | call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) newobj System.Void hosh_genetic.Form1::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null> |
75341500164e965ca44dbfa031af8cd0 (831.49 KB)
File Structure
75341500164e965ca44dbfa031af8cd0
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
hosh_genetic.Form1.resources
$this.Icon
[NBF]root.IconData
KS
[NBF]root.Data
hosh_genetic.Form2.resources
hosh_genetic.Form3.resources
$this.BackgroundImage
[NBF]root.Data
[NBF]root.Data-preview.png
hosh_genetic.Properties.Resources.resources
loginAfter
[NBF]root.Data
[NBF]root.Data-preview.png
loginError
[NBF]root.Data
[NBF]root.Data-preview.png
tCTW
[NBF]root.Data
[NBF]root.Data-preview.png
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.