Suspicious
Suspect

8db1db60c21403c4e1852638b856e6fe

PE Executable
|
MD5: 8db1db60c21403c4e1852638b856e6fe
|
Size: 470.53 KB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Medium

Hash
 Hash Value
MD5
8db1db60c21403c4e1852638b856e6fe
Sha1
50dd587b873429f42136fdda562ef23d30359075
Sha256
de0892e8c62f21f2fb6669f8b4bf28a7bd9c014cc5820735491c44ce93fe0f09
Sha384
dd1823d4bc1bd30ed5f970e3da13ab9cc559018801fff04340838e96fb784cc379ba426727fb8ff42f3c03cc031acfb6
Sha512
5c251ba9997078b7b772a450c112ed1a64f5f0bbce315e53fccd538877b43f19bd90c88ca9e27f3fcfb6e8141c94bf29e3d11516b4986b3cc78fe50495db471f
SSDeep
12288:TlTQmPoHsk94dzCFfxTQu/F5pVcDCwXoxLWHZdPjUNE:pQmY3mGFfxDnYCLW55wNE
TLSH
2CA412285698C917E9B507B00A31F370177ABE9EE822D317CEED5DEFB425B602904793

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
8db1db60c21403c4e1852638b856e6fe
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
WortSuchRaetsel.HauptForm.resources
WortSuchRaetsel.Properties.Resources.resources
Huffman
[NBF]root.Data
[NBF]root.Data-preview.png
Num
[NBF]root.Data
PZwrW
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Info

PDB Path: guBIK.pdb
Module Name

guBIK.exe
Full Name

guBIK.exe
EntryPoint

System.Void WortSuchRaetsel.Program::Main()
Scope Name

guBIK.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

guBIK
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

146
Main Method

System.Void WortSuchRaetsel.Program::Main()
Main IL Instruction Count

10
Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void WortSuchRaetsel.HauptForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
Module Name

guBIK.exe
Full Name

guBIK.exe
EntryPoint

System.Void WortSuchRaetsel.Program::Main()
Scope Name

guBIK.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

guBIK
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

146
Main Method

System.Void WortSuchRaetsel.Program::Main()
Main IL Instruction Count

10
Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void WortSuchRaetsel.HauptForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
8db1db60c21403c4e1852638b856e6fe (470.53 KB)
File Structure
8db1db60c21403c4e1852638b856e6fe
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
WortSuchRaetsel.HauptForm.resources
WortSuchRaetsel.Properties.Resources.resources
Huffman
[NBF]root.Data
[NBF]root.Data-preview.png
Num
[NBF]root.Data
PZwrW
[NBF]root.Data
[NBF]root.Data-preview.png
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙