Suspicious
Suspect

8375a3ec62bbba2d6a6eaeb189618ec2

PE Executable
|
MD5: 8375a3ec62bbba2d6a6eaeb189618ec2
|
Size: 587.78 KB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very low

Hash
 Hash Value
MD5
8375a3ec62bbba2d6a6eaeb189618ec2
Sha1
d8e8de84c48834f155f42d07e7bf92efe317ef6e
Sha256
5e6b39d039f9fc05c0262c84b33cdfe703b70df0be1491cb2afa294d344756fd
Sha384
e316fdd24d86007c749b37fae99c16eaf3f639d014b2b9c55cebd36448480b30649e405830e81d0a6f56a7e4c7b1da87
Sha512
70182b3903989a38f390ecd206e5c3bd7899ef55257eb32fd1694cd0d9620c11fbd1374cce247f4108a0949b6c2fa2326474a5578dbf6685d70cdbca767fe2c0
SSDeep
12288:/jQa9doBLbOILhpQTdtD4go4DkQGOcLg7m6XIZ09pso6EAmDR:rr9CBLb7etFwB0m6TKNk
TLSH
DBC4F1A1B247DD65D8D51BF00936C3B1027BAE8D9854C20FA4FEBDEB763231238566D2

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
8375a3ec62bbba2d6a6eaeb189618ec2
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
RT_GROUP_CURSOR4
ID:0001
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
PerformanceObjects.Properties.Resources.resources
cls
dfzh
Informations
Name
 Value
Module Name

DRSK.exe
Full Name

DRSK.exe
EntryPoint

System.Void PerformanceObjects.Program::Main()
Scope Name

DRSK.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

DRSK
Assembly Version

1.6.1808.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

230
Main Method

System.Void PerformanceObjects.Program::Main()
Main IL Instruction Count

10
Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void PerformanceObjects.StrategicForm16::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
Module Name

DRSK.exe
Full Name

DRSK.exe
EntryPoint

System.Void PerformanceObjects.Program::Main()
Scope Name

DRSK.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

DRSK
Assembly Version

1.6.1808.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

230
Main Method

System.Void PerformanceObjects.Program::Main()
Main IL Instruction Count

10
Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void PerformanceObjects.StrategicForm16::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
Artefacts
Name
 Value
Embedded Resources

1
Suspicious Type Names (1-2 chars)

0
8375a3ec62bbba2d6a6eaeb189618ec2 (587.78 KB)
File Structure
8375a3ec62bbba2d6a6eaeb189618ec2
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
RT_GROUP_CURSOR4
ID:0001
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
PerformanceObjects.Properties.Resources.resources
cls
dfzh
Characteristics
No malware configuration were found at this point.
Artefacts
Name
 Value Location
Embedded Resources

1

8375a3ec62bbba2d6a6eaeb189618ec2
Suspicious Type Names (1-2 chars)

0

8375a3ec62bbba2d6a6eaeb189618ec2
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙