Suspicious
Suspect

a19824880209827e274032b064a6bc2f

PE Executable
|
MD5: a19824880209827e274032b064a6bc2f
|
Size: 3.27 MB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Low

Hash
 Hash Value
MD5
a19824880209827e274032b064a6bc2f
Sha1
7739d4e3bdf492c30883e3370c52833426c7c64c
Sha256
b81a85b1d18169da706a48760e6ef3a36cd289516b738c1ecb092155acf42b7e
Sha384
cc129e24071af91b8c44054778ce05ee16b2c168c7df7e56a4d0e8b667bb9cac37369d59f2378d1a87d7b9d33f6ae5ab
Sha512
b6c89966328661541c8a67def8ad22e40ebc773adc9166b7abbfdfe1d63d5084c0279510166d8a41491d62291f56df11a61407003f2766f284c45b43f0aefe29
SSDeep
49152:OvMqm2srax5MlP1lTsypIXXsYt0lkE5oGdoMTHHB72eh2NT:Ovnm2srax5MlP1lTsymXXsYt0lkW
TLSH
CBE56B0437F85E76E16BE6B7D5B1501263F0F82AF363EB1B2581A77A1C53B4088426B7

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
a19824880209827e274032b064a6bc2f
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
Quasar.Client.Properties.Resources.resources
ILRepack.List
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

Client
Full Name

Client
EntryPoint

System.Void 瀾ᥡѭࠞ㺞啨쑅뻾ً潁ዎ蓮ヌ㖐塈頻䆿떭::Main(System.String[])
Scope Name

Client
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Client
Assembly Version

1.4.1.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5.2
Total Strings

11123
Main Method

System.Void 瀾ᥡѭࠞ㺞啨쑅뻾ً潁ዎ蓮ヌ㖐塈頻䆿떭::Main(System.String[])
Main IL Instruction Count

19
Main IL

ldc.i4 3072 call System.Void System.Net.ServicePointManager::set_SecurityProtocol(System.Net.SecurityProtocolType) ldc.i4.2 <null> call System.Void System.Windows.Forms.Application::SetUnhandledExceptionMode(System.Windows.Forms.UnhandledExceptionMode) ldnull <null> ldftn System.Void 瀾ᥡѭࠞ㺞啨쑅뻾ً潁ዎ蓮ヌ㖐塈頻䆿떭::亻ጥ䵸叻�袀꽫㼊靅홉荹㴱鶣礦ᩬ⵸㕑➡�看(System.Object,System.Threading.ThreadExceptionEventArgs) newobj System.Void System.Threading.ThreadExceptionEventHandler::.ctor(System.Object,System.IntPtr) call System.Void System.Windows.Forms.Application::add_ThreadException(System.Threading.ThreadExceptionEventHandler) call System.AppDomain System.AppDomain::get_CurrentDomain() ldnull <null> ldftn System.Void 瀾ᥡѭࠞ㺞啨쑅뻾ً潁ዎ蓮ヌ㖐塈頻䆿떭::㣫䚬፤縜쑨�虩㈯ᡋ㴌분ꀮ钆㞢�㺗謉槔(System.Object,System.UnhandledExceptionEventArgs) newobj System.Void System.UnhandledExceptionEventHandler::.ctor(System.Object,System.IntPtr) callvirt System.Void System.AppDomain::add_UnhandledException(System.UnhandledExceptionEventHandler) call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) newobj System.Void 洇㱹䤸⺮魅徭쨾꣺䀞꣹瀈讑ミḣ폨๹硍䌴::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null>
Module Name

Client
Full Name

Client
EntryPoint

System.Void 瀾ᥡѭࠞ㺞啨쑅뻾ً潁ዎ蓮ヌ㖐塈頻䆿떭::Main(System.String[])
Scope Name

Client
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Client
Assembly Version

1.4.1.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5.2
Total Strings

11123
Main Method

System.Void 瀾ᥡѭࠞ㺞啨쑅뻾ً潁ዎ蓮ヌ㖐塈頻䆿떭::Main(System.String[])
Main IL Instruction Count

19
Main IL

ldc.i4 3072 call System.Void System.Net.ServicePointManager::set_SecurityProtocol(System.Net.SecurityProtocolType) ldc.i4.2 <null> call System.Void System.Windows.Forms.Application::SetUnhandledExceptionMode(System.Windows.Forms.UnhandledExceptionMode) ldnull <null> ldftn System.Void 瀾ᥡѭࠞ㺞啨쑅뻾ً潁ዎ蓮ヌ㖐塈頻䆿떭::亻ጥ䵸叻�袀꽫㼊靅홉荹㴱鶣礦ᩬ⵸㕑➡�看(System.Object,System.Threading.ThreadExceptionEventArgs) newobj System.Void System.Threading.ThreadExceptionEventHandler::.ctor(System.Object,System.IntPtr) call System.Void System.Windows.Forms.Application::add_ThreadException(System.Threading.ThreadExceptionEventHandler) call System.AppDomain System.AppDomain::get_CurrentDomain() ldnull <null> ldftn System.Void 瀾ᥡѭࠞ㺞啨쑅뻾ً潁ዎ蓮ヌ㖐塈頻䆿떭::㣫䚬፤縜쑨�虩㈯ᡋ㴌분ꀮ钆㞢�㺗謉槔(System.Object,System.UnhandledExceptionEventArgs) newobj System.Void System.UnhandledExceptionEventHandler::.ctor(System.Object,System.IntPtr) callvirt System.Void System.AppDomain::add_UnhandledException(System.UnhandledExceptionEventHandler) call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) newobj System.Void 洇㱹䤸⺮魅徭쨾꣺䀞꣹瀈讑ミḣ폨๹硍䌴::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null>
a19824880209827e274032b064a6bc2f (3.27 MB)
File Structure
a19824880209827e274032b064a6bc2f
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
Quasar.Client.Properties.Resources.resources
ILRepack.List
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙