Suspicious
Suspect

a64458dad0ee19084210ead0f7882e46

PE Executable
|
MD5: a64458dad0ee19084210ead0f7882e46
|
Size: 772.1 KB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Low

Hash
 Hash Value
MD5
a64458dad0ee19084210ead0f7882e46
Sha1
af1a1efe1ad91da8cb6a96c2fdbd35d68f3513c3
Sha256
3b8313decdeb72e5bc04326dcb9cedf06c1bcce618e5f65d84fe5f481f9af3c0
Sha384
68152403be7882b7dd48551c7045a650545a4201bd45de23c596a852a90bf938a331a190e4f4c5fa740420f7d8cfba0b
Sha512
8d65a448e3274d944a48fe0bd32b2833c0b3cd3cb9ef459ed33daf27a07229e5bb2010328eb8501e94972802f4b48d778e9f96f1030ee9fc97f2b581040a2c37
SSDeep
12288:BwC1/3plPNWJKWjh1+AlEkyDDv3Sfv0eyGWaNx6lo4jh7g95ujSoLEa/QgAVS8QZ:bF5lPNWJwTD7SfsYXwWCq5urdE/QZ
TLSH
EFF40105E53ADE11C4660BB52B31EDB013BE6D88B420E7239EDABDDB727774204C1A5B

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
a64458dad0ee19084210ead0f7882e46
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
DamassaProject.fmrAdministrador.resources
DamassaProject.fmrListarUsuario.resources
$this.Icon
[NBF]root.IconData
MR
[NBF]root.Data
usuarioRepositoryBindingSource.TrayLocation
DamassaProject.fmrLogin.resources
pic_Imagem.BackgroundImage
[NBF]root.Data
[NBF]root.Data-preview.png
pic_Logo.BackgroundImage
[NBF]root.Data
[NBF]root.Data-preview.png
DamassaProject.fmrSplash.resources
pic_Image.BackgroundImage
[NBF]root.Data
[NBF]root.Data-preview.png
DamassaProject.Properties.Resources.resources
fjTh
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
Name
 Value
Module Name

zHfK.exe
Full Name

zHfK.exe
EntryPoint

System.Void DamassaProject.Program::Main()
Scope Name

zHfK.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

zHfK
Assembly Version

1.3.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

230
Main Method

System.Void DamassaProject.Program::Main()
Main IL Instruction Count

10
Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void DamassaProject.fmrListarUsuario::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
Module Name

zHfK.exe
Full Name

zHfK.exe
EntryPoint

System.Void DamassaProject.Program::Main()
Scope Name

zHfK.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

zHfK
Assembly Version

1.3.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

230
Main Method

System.Void DamassaProject.Program::Main()
Main IL Instruction Count

10
Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void DamassaProject.fmrListarUsuario::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
Artefacts
Name
 Value
PDB Path

C:\Users\Administrator\Desktop\Client\Temp\ItYpdfwLsN\src\obj\Debug\zHfK.pdb
a64458dad0ee19084210ead0f7882e46 (772.1 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙