Suspicious
Suspect

9d9d54d38aed19ec686522d590a2a462

PE Executable
|
MD5: 9d9d54d38aed19ec686522d590a2a462
|
Size: 1.95 MB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
9d9d54d38aed19ec686522d590a2a462
Sha1
f941481f5e810a5d081b7e0aea2e7ce0567fafb2
Sha256
e7078c1080db9dafe06ac8258d4d685cbdef80ab0363ac7438dcef8c3bf554b1
Sha384
a0261839774f0a8ecf041985af49bb60e39aa124788dd97ea3ddfedbb26600ca1e05615fe142c09b6dd0569a18efb09b
Sha512
fc5d408754e80a01282fe6eb15903cf0086c220400703bfb72921a962bbf783472f1091d2e8a1f9f421ca3a6ea4bc8ff3d1761efe18114cac5214a4290892086
SSDeep
49152:ARFn7wRPirm2NnPTKKm77LrwCB6uanFf:ARFMoZNn2Km77LrwkFW
TLSH
F995F150B7F5811AF1FF2BBAA9B314550B37BA039A3AC74E198C605D1FA33409E513A7

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
9d9d54d38aed19ec686522d590a2a462
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
Informations
Name
 Value
Module Name

Client.exe
Full Name

Client.exe
EntryPoint

System.Void facxznixdgwtugfopwohyey.aARME4LSEmQHAIBzTSNObA::Main()
Scope Name

Client.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Client
Assembly Version

1.6.5.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.7.2
Total Strings

1519
Main Method

System.Void facxznixdgwtugfopwohyey.aARME4LSEmQHAIBzTSNObA::Main()
Main IL Instruction Count

11
Main IL

ldc.i4 3072 call System.Void System.Net.ServicePointManager::set_SecurityProtocol(System.Net.SecurityProtocolType) ldc.i4.2 <null> call System.Void System.Windows.Forms.Application::SetUnhandledExceptionMode(System.Windows.Forms.UnhandledExceptionMode) call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) call System.Void facxznixdgwtugfopwohyey.aARME4LSEmQHAIBzTSNObA::rOytu7v43NcRMqy7W7qI2CcbRJ() newobj System.Void facxznixdgwtugfopwohyey.61mO1QydLWo::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null>
Module Name

Client.exe
Full Name

Client.exe
EntryPoint

System.Void facxznixdgwtugfopwohyey.aARME4LSEmQHAIBzTSNObA::Main()
Scope Name

Client.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Client
Assembly Version

1.6.5.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.7.2
Total Strings

1519
Main Method

System.Void facxznixdgwtugfopwohyey.aARME4LSEmQHAIBzTSNObA::Main()
Main IL Instruction Count

11
Main IL

ldc.i4 3072 call System.Void System.Net.ServicePointManager::set_SecurityProtocol(System.Net.SecurityProtocolType) ldc.i4.2 <null> call System.Void System.Windows.Forms.Application::SetUnhandledExceptionMode(System.Windows.Forms.UnhandledExceptionMode) call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) call System.Void facxznixdgwtugfopwohyey.aARME4LSEmQHAIBzTSNObA::rOytu7v43NcRMqy7W7qI2CcbRJ() newobj System.Void facxznixdgwtugfopwohyey.61mO1QydLWo::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null>
Artefacts
Name
 Value
Embedded Resources

31
Suspicious Type Names (1-2 chars)

0
9d9d54d38aed19ec686522d590a2a462 (1.95 MB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙