925ec83696ccef660ce6eabdf5dfb2d1

PE Executable
|
MD5: 925ec83696ccef660ce6eabdf5dfb2d1
|
Size: 535.04 KB
|
application/x-dosexec

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	925ec83696ccef660ce6eabdf5dfb2d1
Sha1	cfbae005c699e1461e6cc2ed74ac7e8d9652c445
Sha256	f81a80a1253af14c000762bab41208a7664b5c7153104c8ec3d93072b80528e5
Sha384	c3d0f8d1d9143ee2d794e0316bb4b2494094c4770dff298f48d5c1ccab6a89596844c95cf6d33eab0fefa94c19e1162f
Sha512	5b2d5ae3cb11892f1e551850cc4f013813f15c8e5f2e6c1ae5f68b3dd1acebe5ca43d98179a02d29405d960d68a9a280f6b14dae332f3342b7a5d1d7830a8948
SSDeep	12288:2Vd4CsBA1/eXyrdnl6LjMk7DWfBP4RmK0JqxqPd2:U4CYImX6dl6z+Xix
TLSH	35B4E0493319DC03E4A546F449B0D3B103B86DAEA925D3C74EEBBDDB78FAB502905683

PeID

.NET executable

Microsoft Visual C# / Basic .NET

Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL

Microsoft Visual C# v7.0 / Basic .NET

Microsoft Visual Studio .NET

File Structure

Informations

Name0	Value
Info	PE Detect: PeReader OK (file layout)
Info	PDB Path: C:\Users\Administrator\Desktop\Client\Temp\aSJLthmpfd\src\obj\x86\Debug\Tzsv.pdb
Module Name	Tzsv.exe
Full Name	Tzsv.exe
EntryPoint	System.Void Bin2Reg.Program::Main()
Scope Name	Tzsv.exe
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	Tzsv
Assembly Version	3.0.5.0
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.5
Total Strings	482
Main Method	System.Void Bin2Reg.Program::Main()
Main IL Instruction Count	17
Main IL	call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) newobj System.Void EightBitInterface.MainForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) newobj System.Void Bin2Reg.ResourceHandlers.FileHandler::.ctor() stloc.0 <null> newobj System.Void Bin2Reg.ResourceHandlers.RegistryHandler::.ctor() stloc.1 <null> newobj System.Void Bin2Reg.Encoders.Dpapi::.ctor() stloc.2 <null> ldloc.0 <null> ldloc.1 <null> ldloc.2 <null> newobj System.Void Bin2Reg.ConversionManager::.ctor(Bin2Reg.Interfaces.IResourceHandler,Bin2Reg.Interfaces.IResourceHandler,Bin2Reg.Interfaces.IEncoder) stloc.3 <null> ret <null>
Module Name	Tzsv.exe
Full Name	Tzsv.exe
EntryPoint	System.Void Bin2Reg.Program::Main()
Scope Name	Tzsv.exe
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	Tzsv
Assembly Version	3.0.5.0
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.5
Total Strings	482
Main Method	System.Void Bin2Reg.Program::Main()
Main IL Instruction Count	17
Main IL	call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) newobj System.Void EightBitInterface.MainForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) newobj System.Void Bin2Reg.ResourceHandlers.FileHandler::.ctor() stloc.0 <null> newobj System.Void Bin2Reg.ResourceHandlers.RegistryHandler::.ctor() stloc.1 <null> newobj System.Void Bin2Reg.Encoders.Dpapi::.ctor() stloc.2 <null> ldloc.0 <null> ldloc.1 <null> ldloc.2 <null> newobj System.Void Bin2Reg.ConversionManager::.ctor(Bin2Reg.Interfaces.IResourceHandler,Bin2Reg.Interfaces.IResourceHandler,Bin2Reg.Interfaces.IEncoder) stloc.3 <null> ret <null>

925ec83696ccef660ce6eabdf5dfb2d1 (535.04 KB)

File Structure

Characteristics

No malware configuration were found at this point.

You must be signed in to post a comment.

925ec83696ccef660ce6eabdf5dfb2d1

PE Executable | MD5: 925ec83696ccef660ce6eabdf5dfb2d1 | Size: 535.04 KB | application/x-dosexec

PE Executable
|
MD5: 925ec83696ccef660ce6eabdf5dfb2d1
|
Size: 535.04 KB
|
application/x-dosexec