Suspicious
Suspect

a57b8f160df47bcdcb9078c06540caec

PE Executable
|
MD5: a57b8f160df47bcdcb9078c06540caec
|
Size: 872.45 KB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Low

Hash
 Hash Value
MD5
a57b8f160df47bcdcb9078c06540caec
Sha1
ec6c2c07cf9e1e2f499a2f8940c5dde23488f2ff
Sha256
0a65501859a30404dd798a8a68c4a0cc2ba8ade0a71d65c6aba32e93b788234c
Sha384
8651b20ba1ce95e26033d85c578f4f749a340eabb77f610efb2696dee31ac336e1e6da5b82b80ace54bcf0f5c1195a3a
Sha512
5c4f3d3f4df2ad72cd8df0f22d51864e230242b8979c6595c8a15c7b0cfe2c42657408257b2adeb9eaf00f85e9471dadbc56d96f3e2eb13078dcc181c6ddbe14
SSDeep
12288:JmcnSbKvy7OYSvkwfwOMi4jr9m9qBNNGy:JmwvRvkYjDKWqAy
TLSH
8A05D01C752AEC03E4161FB53D61D3B496BE6D4B9D20C203AAD8BFEFB83964167C8251

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
a57b8f160df47bcdcb9078c06540caec
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0002
ID:0
ID:0003
ID:0
ID:0004
ID:0
ID:0005
ID:0
ID:0006
ID:0
RT_GROUP_CURSOR4
ID:0001
ID:0
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
Casablanca.checkinForm.resources
$this.Icon
[NBF]root.IconData
Rewards
[NBF]root.Data
Casablanca.Properties.Resources.resources
RwsL
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Info

PDB Path: ?
Module Name

SuGg.exe
Full Name

SuGg.exe
EntryPoint

System.Void Casablanca.Program::Main()
Scope Name

SuGg.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

SuGg
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.7.2
Total Strings

135
Main Method

System.Void Casablanca.Program::Main()
Main IL Instruction Count

10
Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void Casablanca.checkinForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
Module Name

SuGg.exe
Full Name

SuGg.exe
EntryPoint

System.Void Casablanca.Program::Main()
Scope Name

SuGg.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

SuGg
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.7.2
Total Strings

135
Main Method

System.Void Casablanca.Program::Main()
Main IL Instruction Count

10
Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void Casablanca.checkinForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
a57b8f160df47bcdcb9078c06540caec (872.45 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙