Suspicious
Suspect

8b6f6d2a5c3684827f658321fb994a36

PE Executable
|
MD5: 8b6f6d2a5c3684827f658321fb994a36
|
Size: 44.56 KB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Medium

Hash
 Hash Value
MD5
8b6f6d2a5c3684827f658321fb994a36
Sha1
4c4b8d29bd9367f6f2cae98f1f6cc12e5f4e8d7e
Sha256
6b66e3843d6228e76437e48033a6a57e45f3133d43aeb0967fc928c42c78f7b7
Sha384
b738c2ea7207c3968b27a335674f165a24db2255f5803f1d1bc42f22280dd51d39a7bc3ad13470de29064b636fe3882d
Sha512
324163d9527943bc2d0be2113da0108fef33750701290b1c267b562ec748928911d4157cb774d981fde516c00e66666fb29de08a6e1a5d821eeb5a8a8d518f67
SSDeep
768:eDtwxXsIxTWli5cOpC96DZSm5E7PBZ6iiQ8fZa3jUq/mfGXhqpRcs82ADB1XgNF1:eDOxDTWli5cOpCUVqBZ6JQ8ftq/mfGR4
TLSH
73136C27A70C4E73F69E897C9865630A2EF99312F052F34F5D8885DE29A73C06A053D7

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
8b6f6d2a5c3684827f658321fb994a36
[Authenticode]_d5e15d54.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
JavaUpdateService.Properties.Resources.resources
             
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Info

Authenticode present at 0x9600 size 6160 bytes
Module Name

JavaUpdateService.exe
Full Name

JavaUpdateService.exe
EntryPoint

System.Void  ::()
Scope Name

JavaUpdateService.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

JavaUpdateService
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.8
Total Strings

0
Main Method

System.Void  ::()
Main IL Instruction Count

25
Main IL

call System.Boolean  ::() brtrue.s IL_0025: call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4 -945421886 call System.String ::(System.Int32) ldc.i4 -945421975 call System.String ::(System.Int32) ldc.i4.0 <null> ldc.i4.s 16 call System.Windows.Forms.DialogResult System.Windows.Forms.MessageBox::Show(System.String,System.String,System.Windows.Forms.MessageBoxButtons,System.Windows.Forms.MessageBoxIcon) pop <null> ret <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) call System.Void  ::() call System.Threading.Tasks.Task  ::() ldc.i4.0 <null> callvirt System.Runtime.CompilerServices.ConfiguredTaskAwaitable System.Threading.Tasks.Task::ConfigureAwait(System.Boolean) stloc.0 <null> ldloca.s V_0 call System.Runtime.CompilerServices.ConfiguredTaskAwaitable/ConfiguredTaskAwaiter System.Runtime.CompilerServices.ConfiguredTaskAwaitable::GetAwaiter() stloc.1 <null> ldloca.s V_1 call System.Void System.Runtime.CompilerServices.ConfiguredTaskAwaitable/ConfiguredTaskAwaiter::GetResult() ret <null>
Module Name

JavaUpdateService.exe
Full Name

JavaUpdateService.exe
EntryPoint

System.Void  ::()
Scope Name

JavaUpdateService.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

JavaUpdateService
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.8
Total Strings

0
Main Method

System.Void  ::()
Main IL Instruction Count

25
Main IL

call System.Boolean  ::() brtrue.s IL_0025: call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4 -945421886 call System.String ::(System.Int32) ldc.i4 -945421975 call System.String ::(System.Int32) ldc.i4.0 <null> ldc.i4.s 16 call System.Windows.Forms.DialogResult System.Windows.Forms.MessageBox::Show(System.String,System.String,System.Windows.Forms.MessageBoxButtons,System.Windows.Forms.MessageBoxIcon) pop <null> ret <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) call System.Void  ::() call System.Threading.Tasks.Task  ::() ldc.i4.0 <null> callvirt System.Runtime.CompilerServices.ConfiguredTaskAwaitable System.Threading.Tasks.Task::ConfigureAwait(System.Boolean) stloc.0 <null> ldloca.s V_0 call System.Runtime.CompilerServices.ConfiguredTaskAwaitable/ConfiguredTaskAwaiter System.Runtime.CompilerServices.ConfiguredTaskAwaitable::GetAwaiter() stloc.1 <null> ldloca.s V_1 call System.Void System.Runtime.CompilerServices.ConfiguredTaskAwaitable/ConfiguredTaskAwaiter::GetResult() ret <null>
8b6f6d2a5c3684827f658321fb994a36 (44.56 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙