Suspect
a83af3ab09556c0b862bbf13ed023207
PE Executable | MD5: a83af3ab09556c0b862bbf13ed023207 | Size: 1.12 MB | application/x-dosexec
PE Executable
MD5: a83af3ab09556c0b862bbf13ed023207
Size: 1.12 MB
application/x-dosexec
Summary by MalvaGPT
Characteristics
Symbol Ofbuscation Score
Medium
|
Hash | Hash Value |
|---|---|
| MD5 | a83af3ab09556c0b862bbf13ed023207
|
| Sha1 | 4402e0971369d9d818b08656c4e4628a6677772f
|
| Sha256 | e710b54964053441596c34b3d478d6784b314ffd8bacec9def124050b2a86f04
|
| Sha384 | 1e67e0b3764fe645e8942a1e52f5c14a90e2764da90a14ac6755eb91f0ea7550a95ca8c211079c302fcae59ee7fa7c54
|
| Sha512 | c32b68a04e0dbbac45e422235d100d4e63af3bdbe0e619038dbbf0fb6977ecfcf272d9dd17d99601ee95100c6b6334291e4b2e0bc2a973ecf0bc03ebbb20f30a
|
| SSDeep | 24576:CDClCePmSVy7+zkw9o9Ao/NlWYVqqp2uY0dtosNw5g6B:CACeVVA+z9C9jlWQFvosKT
|
| TLSH | AA3512230AA9DB07F49623FA5C32CA741B7A2F5DE051E79F0AE74DDB79607104DC8229
|
PeID
Microsoft Visual C++ DLL
Microsoft Visual C++ v6.0
UPolyX 0.3 -> delikon
File Structure
a83af3ab09556c0b862bbf13ed023207
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rsrc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
DiceWars.HauptForm.resources
DiceWars.Properties.Resources.resources
NH
[NBF]root.Data
image_1832
[NBF]root.Data
[NBF]root.Data-preview.png
jqLzy
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Info | PDB Path: iXoAG.pdb |
| Module Name | iXoAG.exe |
| Full Name | iXoAG.exe |
| EntryPoint | System.Void DiceWars.Program::Main() |
| Scope Name | iXoAG.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | iXoAG |
| Assembly Version | 1.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.5 |
| Total Strings | 155 |
| Main Method | System.Void DiceWars.Program::Main() |
| Main IL Instruction Count | 10 |
| Main IL | nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void DiceWars.HauptForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null> |
a83af3ab09556c0b862bbf13ed023207 (1.12 MB)
File Structure
a83af3ab09556c0b862bbf13ed023207
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rsrc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
DiceWars.HauptForm.resources
DiceWars.Properties.Resources.resources
NH
[NBF]root.Data
image_1832
[NBF]root.Data
[NBF]root.Data-preview.png
jqLzy
[NBF]root.Data
[NBF]root.Data-preview.png
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.