Suspicious
Suspect

9deb144e10217225b86a34e071f76010

PE Executable
|
MD5: 9deb144e10217225b86a34e071f76010
|
Size: 710.66 KB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Low

Hash
 Hash Value
MD5
9deb144e10217225b86a34e071f76010
Sha1
cbecd4727ae12284a9dc67d61d664bd64118a3cc
Sha256
17776164a56b367dda9a0a376e10049105ee2bbf8f939e55c768e912557a6687
Sha384
ad6ffae4de8c16933a686681c0c6f4c180dad67b18541d00567e86b63bc0fd467d6a7cf2497d0677c3ec08e1fbe5fcd3
Sha512
e553ea530ccdc922f7a480f31c2db31d4bd094a600cae324d2c49c62cbead739acb595df92671a1cb597b5df5e66e0f61250cb434ce27f7257fe9ed7661d1996
SSDeep
12288:01eW7txCPJfF+kRLEZgznCJKtF6MqnUzVe7/kIDLM/t+7kDsE/LFSo:MeWKPJd+mIOznCUOUhcJMcoDdTIo
TLSH
11E42364A31ACA13C5D11BF4ADB0D7B0826C9F9EAC01E3439FF5EDEB3C2AB161945251

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
9deb144e10217225b86a34e071f76010
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
SmartNotesApp.Properties.Resources.resources
htta
[NBF]root.Data
iuBg
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Info

PDB Path: brZR.pdb
Module Name

brZR.exe
Full Name

brZR.exe
EntryPoint

System.Void SmartNotesApp.Program::Main()
Scope Name

brZR.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

brZR
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

76
Main Method

System.Void SmartNotesApp.Program::Main()
Main IL Instruction Count

10
Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void SmartNotesApp.MainForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
Module Name

brZR.exe
Full Name

brZR.exe
EntryPoint

System.Void SmartNotesApp.Program::Main()
Scope Name

brZR.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

brZR
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

76
Main Method

System.Void SmartNotesApp.Program::Main()
Main IL Instruction Count

10
Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void SmartNotesApp.MainForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
9deb144e10217225b86a34e071f76010 (710.66 KB)
File Structure
9deb144e10217225b86a34e071f76010
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
SmartNotesApp.Properties.Resources.resources
htta
[NBF]root.Data
iuBg
[NBF]root.Data
[NBF]root.Data-preview.png
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙