Suspicious
Suspect

aa6cacfcf87ccdeebbc5d3839acd6dce

PE Executable
|
MD5: aa6cacfcf87ccdeebbc5d3839acd6dce
|
Size: 793.09 KB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very high

Hash
 Hash Value
MD5
aa6cacfcf87ccdeebbc5d3839acd6dce
Sha1
dd5aa22217e2da2bdfdc6e08ff1f40a2ec08dbe0
Sha256
432393600780f23c5e93469a8725e0fc453404d06b3ac64e0d3c28ff7bb625d8
Sha384
ffe6b441a0cf2b97dc3adf2ebd09ec40b4e9b0840d333846e21d18d62435aeb09d0ab620eddb0bdc924a3a0c65d59acc
Sha512
0c588b8456d611cb6bce8cba933e31217d76641775c9ba30c77c63a3c44819e247b4452e49ac7af32dce8694e8cb4d62cc9c23f1a4831971363754bed2397a60
SSDeep
12288:A9JHM9+1y4mzNq1+zn0f3o5KpT/bG3K6HJtYSYo5wUQ:OHU+Ou4245yT/bG3K6zYmlQ
TLSH
BAF4BE8746CC5D91E83CA231E7647905CBF8F585BB5BC25E6FD68AEC21392233B4170A

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
aa6cacfcf87ccdeebbc5d3839acd6dce
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
Qx5cp4Dq.7zmSRq3o2W.resources
a819fc1e374294.Resources.resources
b45be7c50
[NBF]root.Data
b45be7c51
[NBF]root.Data
b45be7c510
[NBF]root.Data
b45be7c511
[NBF]root.Data
b45be7c512
[NBF]root.Data
b45be7c513
[NBF]root.Data
b45be7c514
[NBF]root.Data
b45be7c515
[NBF]root.Data
b45be7c516
[NBF]root.Data
b45be7c517
[NBF]root.Data
b45be7c518
[NBF]root.Data
b45be7c519
[NBF]root.Data
b45be7c52
[NBF]root.Data
b45be7c520
[NBF]root.Data
b45be7c521
[NBF]root.Data
b45be7c53
[NBF]root.Data
b45be7c54
[NBF]root.Data
b45be7c55
[NBF]root.Data
b45be7c56
[NBF]root.Data
b45be7c57
[NBF]root.Data
b45be7c58
[NBF]root.Data
b45be7c59
[NBF]root.Data
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

Qx5cp4Dq
Full Name

Qx5cp4Dq
EntryPoint

System.Void Qx5cp4Dq.by1Z0P::jr3N0R()
Scope Name

Qx5cp4Dq
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Qx5cp4Dq
Assembly Version

15.26.39.53
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

548
Main Method

System.Void Qx5cp4Dq.by1Z0P::jr3N0R()
Main IL Instruction Count

7
Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> newobj System.Void Qx5cp4Dq.7zmSRq3o2W::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
Module Name

Qx5cp4Dq
Full Name

Qx5cp4Dq
EntryPoint

System.Void Qx5cp4Dq.by1Z0P::jr3N0R()
Scope Name

Qx5cp4Dq
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Qx5cp4Dq
Assembly Version

15.26.39.53
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

548
Main Method

System.Void Qx5cp4Dq.by1Z0P::jr3N0R()
Main IL Instruction Count

7
Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> newobj System.Void Qx5cp4Dq.7zmSRq3o2W::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
aa6cacfcf87ccdeebbc5d3839acd6dce (793.09 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙