Suspect
7dd2cfe8aa333b5a2ddfafcfebc55d33
PE Executable | MD5: 7dd2cfe8aa333b5a2ddfafcfebc55d33 | Size: 974.85 KB | application/x-dosexec
PE Executable
MD5: 7dd2cfe8aa333b5a2ddfafcfebc55d33
Size: 974.85 KB
application/x-dosexec
Summary by MalvaGPT
Characteristics
Symbol Ofbuscation Score
Very low
|
Hash | Hash Value |
|---|---|
| MD5 | 7dd2cfe8aa333b5a2ddfafcfebc55d33
|
| Sha1 | 9e1147331c9680888ceb62cf2c49b46772fd6f52
|
| Sha256 | ec7615c1c9aa8d049dd4c8f86407d3253b30137a88e711eccd2e26e017dee00f
|
| Sha384 | 92f64445c1b45f5e77418d151d214182b0ec361b0de61724ca11e0f147622863695a68088ac6811a596ccd744c279861
|
| Sha512 | b6c72b180e9527edddffb0a6757a36d86086356d21e6a754b4d753ad4f2a92f4a5f16425255d11f45800e400d07c293ca2c9b494945c334d6df969ed01e10f89
|
| SSDeep | 24576:bQNpq/Ym3MTcxmoXZ+mYp2IDXP/sIxwKZOp:MiyTcxRgGIDHH3Z0
|
| TLSH | 55251250325EDF66E4A947F40920D27203B5AE9ED411E306AEEFBCDBB93178024A57C7
|
File Structure
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0002
ID:0
ID:0003
ID:0
RT_GROUP_CURSOR4
ID:0001
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
CoreCompiler.MainForm.resources
CoreCompiler.Properties.Resources.resources
DijQ
emn
Informations
|
Name0 | Value |
|---|---|
| Module Name | ZWjv.exe |
| Full Name | ZWjv.exe |
| EntryPoint | System.Void CoreCompiler.Program::Main() |
| Scope Name | ZWjv.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | ZWjv |
| Assembly Version | 1.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.0 |
| Total Strings | 591 |
| Main Method | System.Void CoreCompiler.Program::Main() |
| Main IL Instruction Count | 12 |
| Main IL | nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> call System.Void CoreCompiler.Program::InitializeApplication() nop <null> newobj System.Void CoreCompiler.MainForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null> |
Artefacts
|
Name0 | Value |
|---|---|
| Embedded Resources | 8 |
| Suspicious Type Names (1-2 chars) | 0 |
7dd2cfe8aa333b5a2ddfafcfebc55d33 (974.85 KB)
File Structure
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0002
ID:0
ID:0003
ID:0
RT_GROUP_CURSOR4
ID:0001
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
CoreCompiler.MainForm.resources
CoreCompiler.Properties.Resources.resources
DijQ
emn
Characteristics
No malware configuration were found at this point.
Artefacts
|
Name0 | Value | Location |
|---|---|---|
| Embedded Resources | 8 |
7dd2cfe8aa333b5a2ddfafcfebc55d33 |
| Suspicious Type Names (1-2 chars) | 0 |
7dd2cfe8aa333b5a2ddfafcfebc55d33 |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.