Suspicious
Suspect

a88732933fd3d4f4363070280254e3c1

PE Executable
|
MD5: a88732933fd3d4f4363070280254e3c1
|
Size: 868.86 KB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Medium

Hash
 Hash Value
MD5
a88732933fd3d4f4363070280254e3c1
Sha1
5427258797cfff08a911300cd75f5cc92bcd8517
Sha256
8753968482ef91fe499489d0d3e3add91fe90f49b98f347793e654da937edaeb
Sha384
190d875b8b0d53d4e7f0ce20ee318183a1f9a342f0dd559f1cebe5c55953348870027146b49d018e6508c458abf7bc90
Sha512
e4d324fae731131d9fa90e2844233fdbc68c31e3d8c0a813e0de6333acc74f1c44da42a2b25d6fe48e6e542345165e435ca0401a498d03a7be84fe837b78b52b
SSDeep
24576:qPFqDDWmtJjkb2VfSVkxig+K5rn0wB26Rbw:qPE33Rig+KtPB26Rk
TLSH
E105238F77B866ABC6A951FD60C2061673BCD143BBD2E75B7D8042982541FF840268FB

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
a88732933fd3d4f4363070280254e3c1
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
pqwi
     ​​​     
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

acr-GETWELL-myrudnah.14u_.exe
Full Name

acr-GETWELL-myrudnah.14u_.exe
EntryPoint

System.Void  ::()
Scope Name

acr-GETWELL-myrudnah.14u_.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

acr-GETWELL-myrudnah.14u_
Assembly Version

1.0.3960.22861
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

0
Main Method

System.Void  ::()
Main IL Instruction Count

14
Main IL

newobj System.Void  ::.ctor() ldc.i4 12211 call System.String  ::(System.Int32) ldc.i4 12268 call System.String  ::(System.Int32) ldc.i4 12273 call System.String  ::(System.Int32) ldc.i4 12251 call System.String  ::(System.Int32) callvirt System.Void  ::(System.String,System.String,System.String,System.String) leave.s IL_0037: ret pop <null> leave.s IL_0037: ret ret <null>
Module Name

acr-GETWELL-myrudnah.14u_.exe
Full Name

acr-GETWELL-myrudnah.14u_.exe
EntryPoint

System.Void  ::()
Scope Name

acr-GETWELL-myrudnah.14u_.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

acr-GETWELL-myrudnah.14u_
Assembly Version

1.0.3960.22861
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

0
Main Method

System.Void  ::()
Main IL Instruction Count

14
Main IL

newobj System.Void  ::.ctor() ldc.i4 12211 call System.String  ::(System.Int32) ldc.i4 12268 call System.String  ::(System.Int32) ldc.i4 12273 call System.String  ::(System.Int32) ldc.i4 12251 call System.String  ::(System.Int32) callvirt System.Void  ::(System.String,System.String,System.String,System.String) leave.s IL_0037: ret pop <null> leave.s IL_0037: ret ret <null>
a88732933fd3d4f4363070280254e3c1 (868.86 KB)
File Structure
a88732933fd3d4f4363070280254e3c1
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
pqwi
     ​​​     
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙