Suspicious
Suspect

834dddf89481e1d734e183710f18bf67

PE Executable
|
MD5: 834dddf89481e1d734e183710f18bf67
|
Size: 745.99 KB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very low

Hash
 Hash Value
MD5
834dddf89481e1d734e183710f18bf67
Sha1
4a967fa31da3733767bc31af608665487a2cdd21
Sha256
8ca60d34baa3aaee492a9170904b85ec577fea3d7a4b5fd19f837088b961fb39
Sha384
9509878cd43a83dc687c5c87d0c76d49f2f8786e22c200e800375fdfc134510f2ac81ded5d084a1fadf040d8c55d4dbe
Sha512
afd91d6693c545eae98343951ed70e5a64a802bc7614b9f4a0432bcad508995510f72b51bc09c62920f22cd2a2fa93bff2f1d85d5b06e92004175e0ed47837c6
SSDeep
12288:KP3/wA9OgQIV5ybYb60Y7Wyp9qFS8Cf6VDipwY3xq5XELXSn7Gu77FUkR:KP3v9OgN5yEFFS8DV9m45KXiFT
TLSH
50F4CF5032A8990BE0B68EF156B0D2B11BB47E69B866D2CF4DC12CDF78F6F414A42707

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
834dddf89481e1d734e183710f18bf67
[Authenticode]_a32ace3a.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0-preview.png
RT_GROUP_CURSOR4
ID:0001
ID:0
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
.Net Resources
Assignment_2.ClassBooking.resources
bindingNavigatorAddNewItem.Image
[NBF]root.Data
[NBF]root.Data-preview.png
bindingNavigatorDeleteItem.Image
[NBF]root.Data
[NBF]root.Data-preview.png
bindingNavigatorMoveFirstItem.Image
[NBF]root.Data
[NBF]root.Data-preview.png
bindingNavigatorMoveLastItem.Image
[NBF]root.Data
[NBF]root.Data-preview.png
bindingNavigatorMoveNextItem.Image
[NBF]root.Data
[NBF]root.Data-preview.png
bindingNavigatorMovePreviousItem.Image
[NBF]root.Data
[NBF]root.Data-preview.png
memberBindingNavigatorSaveItem.Image
Assignment_2.MainMenu.resources
$this.Icon
[NBF]root.IconData
SHT
[NBF]root.Data
Assignment_2.Properties.Resources.resources
CityGymLogo
[NBF]root.Data
[NBF]root.Data-preview.png
ContactDetails
[NBF]root.Data
[NBF]root.Data-preview.png
Extras
[NBF]root.Data
[NBF]root.Data-preview.png
Help
[NBF]root.Data
[NBF]root.Data-preview.png
Membership Durationb
[NBF]root.Data
[NBF]root.Data-preview.png
Membership settings
[NBF]root.Data
[NBF]root.Data-preview.png
PaymentOptions
[NBF]root.Data
[NBF]root.Data-preview.png
PersonalGoals
[NBF]root.Data
[NBF]root.Data-preview.png
Special
[NBF]root.Data
[NBF]root.Data-preview.png
Start date
[NBF]root.Data
[NBF]root.Data-preview.png
TUck
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Info

Authenticode present at 0xB2C00 size 13832 bytes
Info

PDB Path: C:\Users\Administrator\Desktop\Client\Temp\veKaYuEjRN\src\obj\Debug\zzAm.pdb
Module Name

zzAm.exe
Full Name

zzAm.exe
EntryPoint

System.Void Assignment_2.Program::Main()
Scope Name

zzAm.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

zzAm
Assembly Version

0.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

1482
Main Method

System.Void Assignment_2.Program::Main()
Main IL Instruction Count

6
Main IL

call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) newobj System.Void Assignment_2.MainMenu::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null>
Module Name

zzAm.exe
Full Name

zzAm.exe
EntryPoint

System.Void Assignment_2.Program::Main()
Scope Name

zzAm.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

zzAm
Assembly Version

0.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

1482
Main Method

System.Void Assignment_2.Program::Main()
Main IL Instruction Count

6
Main IL

call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) newobj System.Void Assignment_2.MainMenu::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null>
834dddf89481e1d734e183710f18bf67 (745.99 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙