Suspicious
Suspect

9452f5de3e3fcf80898dec5805bacf08

PE Executable
|
MD5: 9452f5de3e3fcf80898dec5805bacf08
|
Size: 1.1 MB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very low

Hash
 Hash Value
MD5
9452f5de3e3fcf80898dec5805bacf08
Sha1
fb3c2a378c53e78262efdb2ef3722f4f21179694
Sha256
2db2a9bad389b0ac1fa712f2a14b817fc35fda9649f9917769c49423cb03e0d2
Sha384
9af7489df7b2b88f196bfc1a319f064b350c454da414e5844956d2fd494ab2f278e9d252f908bf5f827cfe143fba2776
Sha512
de47cc775f3bcc007d84acd6f2cbc6dfffa6afdbbb3b9c2c2bc544b6b0ec1095a7498bc71b06a21ae4ffb97cf888e10487bec78b0d1eaaa1cc9bea1934aa6c1c
SSDeep
24576:iheeJXeCtKZRzdhE/Fv6SBoY/rIKqVRIlClBPOY8D9JC:iZXeCtkRxhENySar/VtmYA9JC
TLSH
B7357A4271A5E86AC27A8EF1C920D6F393726E07E619C28B0CE57DCBF4F1F0509A1657

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
9452f5de3e3fcf80898dec5805bacf08
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
.Net Resources
ColoniaDePescadores.AreaDoPescador.resources
ColoniaDePescadores.FormProduto1.resources
$this.Icon
ColoniaDePescadores.FormProduto2.resources
ColoniaDePescadores.FormProduto3.resources
ColoniaDePescadores.FormProduto4.resources
ColoniaDePescadores.FormProduto5.resources
ColoniaDePescadores.FrmMenu.resources
ColoniaDePescadores.Login.resources
chb
statusStrip1.TrayLocation
ColoniaDePescadores.Parceiros.resources
ColoniaDePescadores.Properties.Resources.resources
ACRE
ALAGOAS
AMAPÁ
AMAZONAS
BAHIA
Banco-Itau
Banco-Votorantim
Banco-do-Brasil
Botão-limpar-limpo
DISTRITO FEDERAL
ESPÍRITO SANTO
Finanças
GOIÁS
MARANHÃO
MATO GROSSO DO SUL
PARAÍBA
PARÁ
PIAUÍ
RIO GRANDE DO SUL
RONDÔNIA
RORAIMA
SERGIPE
Sair do sistema
SÃO PAULO
TOCANTINS
banco-do-nordeste
botão cancelar
categorias.
clients
conecte-se
conexao-na-nuvem
confirmar
excluir
eye
financa
funcionarios
instagram
interesse
liberado
lupa
novo-documento
pescador
salve-
santander-logo
security
taxaDeJuros
troca
twitter
userLogin
whatsapp
x
zOhl
ColoniaDePescadores.Simulador.FormFinanciamento.resources
$this.Icon
Informations
Name
 Value
Module Name

lhgv.exe
Full Name

lhgv.exe
EntryPoint

System.Void ColoniaDePescadores.Program::Main()
Scope Name

lhgv.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

lhgv
Assembly Version

25.4.127.89
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

1731
Main Method

System.Void ColoniaDePescadores.Program::Main()
Main IL Instruction Count

6
Main IL

call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) newobj System.Void ColoniaDePescadores.Login::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null>
Module Name

lhgv.exe
Full Name

lhgv.exe
EntryPoint

System.Void ColoniaDePescadores.Program::Main()
Scope Name

lhgv.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

lhgv
Assembly Version

25.4.127.89
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

1731
Main Method

System.Void ColoniaDePescadores.Program::Main()
Main IL Instruction Count

6
Main IL

call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) newobj System.Void ColoniaDePescadores.Login::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null>
Artefacts
Name
 Value
Embedded Resources

14
Suspicious Type Names (1-2 chars)

0
9452f5de3e3fcf80898dec5805bacf08 (1.1 MB)
File Structure
9452f5de3e3fcf80898dec5805bacf08
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
.Net Resources
ColoniaDePescadores.AreaDoPescador.resources
ColoniaDePescadores.FormProduto1.resources
$this.Icon
ColoniaDePescadores.FormProduto2.resources
ColoniaDePescadores.FormProduto3.resources
ColoniaDePescadores.FormProduto4.resources
ColoniaDePescadores.FormProduto5.resources
ColoniaDePescadores.FrmMenu.resources
ColoniaDePescadores.Login.resources
chb
statusStrip1.TrayLocation
ColoniaDePescadores.Parceiros.resources
ColoniaDePescadores.Properties.Resources.resources
ACRE
ALAGOAS
AMAPÁ
AMAZONAS
BAHIA
Banco-Itau
Banco-Votorantim
Banco-do-Brasil
Botão-limpar-limpo
DISTRITO FEDERAL
ESPÍRITO SANTO
Finanças
GOIÁS
MARANHÃO
MATO GROSSO DO SUL
PARAÍBA
PARÁ
PIAUÍ
RIO GRANDE DO SUL
RONDÔNIA
RORAIMA
SERGIPE
Sair do sistema
SÃO PAULO
TOCANTINS
banco-do-nordeste
botão cancelar
categorias.
clients
conecte-se
conexao-na-nuvem
confirmar
excluir
eye
financa
funcionarios
instagram
interesse
liberado
lupa
novo-documento
pescador
salve-
santander-logo
security
taxaDeJuros
troca
twitter
userLogin
whatsapp
x
zOhl
ColoniaDePescadores.Simulador.FormFinanciamento.resources
$this.Icon
Characteristics
No malware configuration were found at this point.
Artefacts
Name
 Value Location
Embedded Resources

14

9452f5de3e3fcf80898dec5805bacf08
Suspicious Type Names (1-2 chars)

0

9452f5de3e3fcf80898dec5805bacf08
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙