General
Structural Analysis
Config.0
Yara Rules24
Sync
Community
Summary by MalvaGPT
Characteristics
Symbol Ofbuscation Score
Medium
|
Hash | Hash Value |
|---|---|
| MD5 | a831e81b2b74203eabe8285ee1509000
|
| Sha1 | d842e9be62d01d895ec527b12b23aba9bdba159f
|
| Sha256 | 08b026f7abf7574f2c01bdfb97e78b406200a874f2638298c489155b84fcb1b2
|
| Sha384 | c6bd58986a3c461a512560951a5465ff6195157204a2a3427529096b9b63a6954081167c7b9204742a10e83a49f54aad
|
| Sha512 | 8c6964e79179a005d68e62b0a86c3a4a5b0b9044e698e067dcb269fa00ca441e6bf2165e126e171da074038b179edf3c8d9606356435deeaab78f8b514819334
|
| SSDeep | 12288:L8x0OW9ZlGP2IJ0ODsJRC1NU0KMky3mMXZmrbVxZn9djx+:LZZlM2IJ1sKjaHuMrbVxP+
|
| TLSH | 76F41299274AD102F5F65BB45CA1E3B513BE6DAAB831C7034BECACDB3836B007550762
|
File Structure
a831e81b2b74203eabe8285ee1509000
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
LoremMaker.Forms.MainForm.resources
LoremMaker.Properties.Resources.resources
KS
[NBF]root.Data
bTnY
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Info | PDB Path: gNrT.pdb |
| Module Name | gNrT.exe |
| Full Name | gNrT.exe |
| EntryPoint | System.Void LoremMaker.Program::Main() |
| Scope Name | gNrT.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | gNrT |
| Assembly Version | 1.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.5 |
| Total Strings | 350 |
| Main Method | System.Void LoremMaker.Program::Main() |
| Main IL Instruction Count | 10 |
| Main IL | nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void LoremMaker.Forms.MainForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null> |
a831e81b2b74203eabe8285ee1509000 (730.11 KB)
File Structure
a831e81b2b74203eabe8285ee1509000
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
LoremMaker.Forms.MainForm.resources
LoremMaker.Properties.Resources.resources
KS
[NBF]root.Data
bTnY
[NBF]root.Data
[NBF]root.Data-preview.png
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.