Suspicious
Suspect

82ee6623c299c6390197d616003839dd

PE Executable
MD5: 82ee6623c299c6390197d616003839dd
Size: 1.08 MB
application/x-dosexec
Summary by MalvaGPT
Characteristics

Symbol Obfuscation Score

Low

Hash
Hash Value
MD5
82ee6623c299c6390197d616003839dd
Sha1
8962258e08dd8c6bd229ac04cefce47e7391fd46
Sha256
13bab9f76e7c622aa132da33387b1a6f46f7882e02426e7a4e3b3510a7618bc3
Sha384
fb7e24f488d4479ffa23e2a17bfee86f39a7631a9f620f3b1a3d051f503c0f6831a998c96764cfb2581a229659364de2
Sha512
2102f01f024041de7d74321d58006daac62ab8b0f66b42857a674ea1cd9b4a85894b5f55228bb6556e41f2ee746a56cf88d555637dfc5353a3efae9b09e5a03b
SSDeep
24576:rLPFv0+5oymM0gjCBvp4iwQE/3KYj1DIziruS:ry+5ozpmTQOOziruS
TLSH
99350148292B8546D4B26FF50DB2E2F09776BC66B539C51A4FE60DFB766730039003AB

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
SwampLight.Properties.Resources.resources
CTR
[NBF]root.Data
LdCg
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
Name
Value
Info

PE Detect: PeReader OK (file layout)

Info

PDB Path: C:\Users\Administrator\Desktop\Client\Temp\FqStwIZtCP\src\obj\Debug\pINX.pdb

Module Name

pINX.exe

Full Name

pINX.exe

EntryPoint

System.Void SwampLight.Program::Main()

Scope Name

pINX.exe

Scope Type

ModuleDef

Kind

Windows

Runtime Version

v4.0.30319

Tables Header Version

512

WinMD Version

<null>

Assembly Name

pINX

Assembly Version

0.0.0.0

Assembly Culture

<null>

Has PublicKey

False

PublicKey Token

<null>

Target Framework

.NETFramework,Version=v4.5

Total Strings

426

Main Method

System.Void SwampLight.Program::Main()

Main IL Instruction Count

10

Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void SwampLight.MainForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>

Module Name

pINX.exe

Full Name

pINX.exe

EntryPoint

System.Void SwampLight.Program::Main()

Scope Name

pINX.exe

Scope Type

ModuleDef

Kind

Windows

Runtime Version

v4.0.30319

Tables Header Version

512

WinMD Version

<null>

Assembly Name

pINX

Assembly Version

0.0.0.0

Assembly Culture

<null>

Has PublicKey

False

PublicKey Token

<null>

Target Framework

.NETFramework,Version=v4.5

Total Strings

426

Main Method

System.Void SwampLight.Program::Main()

Main IL Instruction Count

10

Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void SwampLight.MainForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>

82ee6623c299c6390197d616003839dd (1.08 MB)
File Structure
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
SwampLight.Properties.Resources.resources
CTR
[NBF]root.Data
LdCg
[NBF]root.Data
[NBF]root.Data-preview.png
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙