Suspicious
Suspect

b4026e653d8b4cff628a7db4cd31009c

PE Executable
|
MD5: b4026e653d8b4cff628a7db4cd31009c
|
Size: 715.78 KB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Medium

Hash
 Hash Value
MD5
b4026e653d8b4cff628a7db4cd31009c
Sha1
65272f1fe2902937f4ae854ace85adc5330180da
Sha256
b8e61acf85a2a2cd74273924522f735464171c456f707d4b3b7355b629d589bb
Sha384
1795c4374777a8286deb250ae41f39c2f9dccd2ec023ff58b73a1805413fc95916c9f5946a3bd7a42c80d1f9bd645633
Sha512
4e487d0e379bf13e8eba812f569e4bbd905a9cff445c688d9ba914ea696c5aca5389aa6222874e0142c247064005992bd61a02d72d678d801db650ff8e510c64
SSDeep
12288:ycVbQ8dRMBe4AoGZWyBZVlWxcuAcCmVWVsYTpGK62TYDWfKIMT5Q+m:ychQ8dzhoGzBZVcyuA4Ia7264hE5P
TLSH
61E412543356E517C99492B81AB2F271237A3DA9E500D3C29FE92EDFB8F9F006D14287

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual C++ v6.0 DLL
Microsoft Visual Studio .NET
File Structure
b4026e653d8b4cff628a7db4cd31009c
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0.exif
ID:0-preview.png
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
.Net Resources
matchingGame.Form1.resources
$this.Icon
[NBF]root.IconData
PIA
[NBF]root.Data
ofd1.TrayLocation
matchingGame.Properties.Resources.resources
gVvT
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Info

PDB Path: C:\Users\Administrator\Desktop\Client\Temp\bZYQzsrZDG\src\obj\Debug\eQGD.pdb
Module Name

eQGD.exe
Full Name

eQGD.exe
EntryPoint

System.Void matchingGame.Program::Main()
Scope Name

eQGD.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

eQGD
Assembly Version

0.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

215
Main Method

System.Void matchingGame.Program::Main()
Main IL Instruction Count

6
Main IL

call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) newobj System.Void matchingGame.Form1::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null>
Module Name

eQGD.exe
Full Name

eQGD.exe
EntryPoint

System.Void matchingGame.Program::Main()
Scope Name

eQGD.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

eQGD
Assembly Version

0.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

215
Main Method

System.Void matchingGame.Program::Main()
Main IL Instruction Count

6
Main IL

call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) newobj System.Void matchingGame.Form1::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null>
b4026e653d8b4cff628a7db4cd31009c (715.78 KB)
File Structure
b4026e653d8b4cff628a7db4cd31009c
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0.exif
ID:0-preview.png
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
.Net Resources
matchingGame.Form1.resources
$this.Icon
[NBF]root.IconData
PIA
[NBF]root.Data
ofd1.TrayLocation
matchingGame.Properties.Resources.resources
gVvT
[NBF]root.Data
[NBF]root.Data-preview.png
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙