Suspicious
Suspect

b1c54e5b0cd2d9af5e9614f99bba0c67

PE Executable
|
MD5: b1c54e5b0cd2d9af5e9614f99bba0c67
|
Size: 841.22 KB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Medium

Hash
 Hash Value
MD5
b1c54e5b0cd2d9af5e9614f99bba0c67
Sha1
3e4ea25a744143468c585fc0bee1461a9520c27f
Sha256
b11795618dd4c3d57ad342cade637ad1d96006c7d46e803bd9eb3bee29ef2b67
Sha384
aa04b4451969893e6dbe8b2e28ed0464201b27e0cf187debc7ac7ad33cf7b9f60538021004586152696fc1f60bf0ff16
Sha512
0556a7c4db71117d64e47d38c03b37384baa59031bd3bd25046790954d9859eed4d0d4c17f9eef1787f3a52778084493c3862ac41e843707b9f9f020ce069d36
SSDeep
12288:CgpQgmPX0tn48UrdouUz+EBkSrDjbg5DIEHix4ibLscobxycLd1r/tXXZ3p:CaQg664hTk+EBkSrBEIZsh1vb3
TLSH
6D05F10EB972A556C58F06358F027F4C47A5583F5DE1F3CADFB338920B2A647A10A5CA

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
b1c54e5b0cd2d9af5e9614f99bba0c67
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
RT_GROUP_CURSOR4
ID:0001
ID:0
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
Informations
Name
 Value
Module Name

ZCFP.exe
Full Name

ZCFP.exe
EntryPoint

System.Void DamassaProject.Program::Main()
Scope Name

ZCFP.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

ZCFP
Assembly Version

7.8.6.7
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

2
Main Method

System.Void DamassaProject.Program::Main()
Main IL Instruction Count

21
Main IL

ldc.i4.4 <null> stloc.1 <null> ldloc.1 <null> switch dnlib.DotNet.Emit.Instruction[] call System.Void DamassaProject.fmrUsuario::Ⴅ() ldc.i4 867 ldc.i4 791 call System.Void DamassaProject.fmrLogin::Ⴍ(System.Int32,System.Int32) ldc.i4.0 <null> ldc.i4 906 ldc.i4 1000 call System.Void DamassaProject.fmrCadastro::Ⴍ(System.Boolean,System.Char,System.Int32) ldc.i4.1 <null> stloc.1 <null> br.s IL_0002: ldloc.1 newobj System.Void DamassaProject.fmrListarUsuario::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null> ldtoken System.Void DamassaProject.Program::Main() pop <null> ret <null>
Module Name

ZCFP.exe
Full Name

ZCFP.exe
EntryPoint

System.Void DamassaProject.Program::Main()
Scope Name

ZCFP.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

ZCFP
Assembly Version

7.8.6.7
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

2
Main Method

System.Void DamassaProject.Program::Main()
Main IL Instruction Count

21
Main IL

ldc.i4.4 <null> stloc.1 <null> ldloc.1 <null> switch dnlib.DotNet.Emit.Instruction[] call System.Void DamassaProject.fmrUsuario::Ⴅ() ldc.i4 867 ldc.i4 791 call System.Void DamassaProject.fmrLogin::Ⴍ(System.Int32,System.Int32) ldc.i4.0 <null> ldc.i4 906 ldc.i4 1000 call System.Void DamassaProject.fmrCadastro::Ⴍ(System.Boolean,System.Char,System.Int32) ldc.i4.1 <null> stloc.1 <null> br.s IL_0002: ldloc.1 newobj System.Void DamassaProject.fmrListarUsuario::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null> ldtoken System.Void DamassaProject.Program::Main() pop <null> ret <null>
b1c54e5b0cd2d9af5e9614f99bba0c67 (841.22 KB)
File Structure
b1c54e5b0cd2d9af5e9614f99bba0c67
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
RT_GROUP_CURSOR4
ID:0001
ID:0
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙