General
Structural Analysis
Config.0
Yara Rules19
Sync
Community
Summary by MalvaGPT
Characteristics
Symbol Ofbuscation Score
Low
|
Hash | Hash Value |
|---|---|
| MD5 | 9c58fdfe1ffce2d7b44923494f4ccd92
|
| Sha1 | 842c6906e776375d824e9f696d66083d24860e59
|
| Sha256 | 0e5ca2f31f00e3aa1eacf918dc957e020d92f8d0198dad5766afb3f101a117d4
|
| Sha384 | 9793a521576ceccc144e537a03f703af68a529bdc37a5cd32aacb0c97b99122f07b0841076e17cbc3228881a6b2dca8e
|
| Sha512 | 33266a6f15db26da12e298b36d4797b577916fd19f602551e0a67811e2c4847f83fa1430d8497066241f826933cedfcabcd9f8efda3768bed3ca11616d08939d
|
| SSDeep | 12288:3Pyx8g8ABkiDeB16uqC3sAQ9nT0s5jIcrG5bJ0v31sAhzdg4oPSRWnkgVBshmEZh:/17ABkiDYAuqCXQ5lIcrG5bJ0fGPhkgw
|
| TLSH | 96E4125197C6E802C97A0B309CB1D6752BF29FEF2511D2032FE5BDEF74A1B952888346
|
File Structure
9c58fdfe1ffce2d7b44923494f4ccd92
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
CalculatorPlus.Properties.Resources.resources
FU
[NBF]root.Data
aRqf
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
|
Name0 | Value |
|---|---|
| Module Name | oPHS.exe |
| Full Name | oPHS.exe |
| EntryPoint | System.Void CalculatorPlus.Program::Main() |
| Scope Name | oPHS.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | oPHS |
| Assembly Version | 1.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.5 |
| Total Strings | 271 |
| Main Method | System.Void CalculatorPlus.Program::Main() |
| Main IL Instruction Count | 10 |
| Main IL | nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void CalculatorPlus.MainForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null> |
Artefacts
|
Name0 | Value |
|---|---|
| PDB Path | oPHS.pdb |
9c58fdfe1ffce2d7b44923494f4ccd92 (716.81 KB)
File Structure
9c58fdfe1ffce2d7b44923494f4ccd92
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
CalculatorPlus.Properties.Resources.resources
FU
[NBF]root.Data
aRqf
[NBF]root.Data
[NBF]root.Data-preview.png
Characteristics
No malware configuration were found at this point.
Artefacts
|
Name0 | Value | Location |
|---|---|---|
| PDB Path | oPHS.pdb |
9c58fdfe1ffce2d7b44923494f4ccd92 |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.