Suspicious
Suspect

b825557157e495681f89fb22d2a7653c

PE Executable
|
MD5: b825557157e495681f89fb22d2a7653c
|
Size: 95.23 KB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Obfuscation Score

Very low

Hash
 Hash Value
MD5
b825557157e495681f89fb22d2a7653c
Sha1
be4ed1d69df573ea9e51f39c9486224d465adaec
Sha256
e7313320034178d492e47cffadb06b304b1a9247d4e109c6bd3113035ac17008
Sha384
0c2def02247742e190492011bc07848772e96ac32947af76591d647d2a0b8de01220c78c5506dbd034f45b63fce065d7
Sha512
ed459e29569d5fe9d42396095b56de723518b093289b92f701b51a9e6db518a6f5c1bc8a985b3934c5e29e90f5519d5ec43ca9fdd98c27b216a121a6129b1b2a
SSDeep
768:7Y3p5ByZnDQMMpAZrGSt6udttXymsahkGJiXxrjEtCdnl2pi1Rz4Rk3lsGdpggS7:o5UZD3rGWNd7DhkhjEwzGi1dDVDggS
TLSH
9193E84977E96524E0BF5AF75471F2404E34B44B1602E39E48F219AA0B33AC44F99FEB

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
b825557157e495681f89fb22d2a7653c
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.reloc
Informations
Name
 Value
Module Name

Stub.exe
Full Name

Stub.exe
EntryPoint

System.Void Stub.A::main()
Scope Name

Stub.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v2.0.50727
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Stub
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

<null>
Total Strings

1272
Main Method

System.Void Stub.A::main()
Main IL Instruction Count

25
Main IL

nop <null> ldc.i4.1 <null> stsfld System.Boolean Stub.A::runx ldnull <null> ldftn System.Void Stub.A::timx_run() newobj System.Void System.Threading.ThreadStart::.ctor(System.Object,System.IntPtr) newobj System.Void System.Threading.Thread::.ctor(System.Threading.ThreadStart) stsfld System.Threading.Thread Stub.A::thx ldsfld System.Threading.Thread Stub.A::thx callvirt System.Void System.Threading.Thread::Start() nop <null> ldc.i4.1 <null> stsfld System.Boolean Stub.A::runy ldnull <null> ldftn System.Void Stub.A::timy_run() newobj System.Void System.Threading.ThreadStart::.ctor(System.Object,System.IntPtr) newobj System.Void System.Threading.Thread::.ctor(System.Threading.ThreadStart) stsfld System.Threading.Thread Stub.A::thy ldsfld System.Threading.Thread Stub.A::thy callvirt System.Void System.Threading.Thread::Start() nop <null> call System.Void Stub.Fransesco::ko() nop <null> nop <null> ret <null>
Module Name

Stub.exe
Full Name

Stub.exe
EntryPoint

System.Void Stub.A::main()
Scope Name

Stub.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v2.0.50727
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Stub
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

<null>
Total Strings

1272
Main Method

System.Void Stub.A::main()
Main IL Instruction Count

25
Main IL

nop <null> ldc.i4.1 <null> stsfld System.Boolean Stub.A::runx ldnull <null> ldftn System.Void Stub.A::timx_run() newobj System.Void System.Threading.ThreadStart::.ctor(System.Object,System.IntPtr) newobj System.Void System.Threading.Thread::.ctor(System.Threading.ThreadStart) stsfld System.Threading.Thread Stub.A::thx ldsfld System.Threading.Thread Stub.A::thx callvirt System.Void System.Threading.Thread::Start() nop <null> ldc.i4.1 <null> stsfld System.Boolean Stub.A::runy ldnull <null> ldftn System.Void Stub.A::timy_run() newobj System.Void System.Threading.ThreadStart::.ctor(System.Object,System.IntPtr) newobj System.Void System.Threading.Thread::.ctor(System.Threading.ThreadStart) stsfld System.Threading.Thread Stub.A::thy ldsfld System.Threading.Thread Stub.A::thy callvirt System.Void System.Threading.Thread::Start() nop <null> call System.Void Stub.Fransesco::ko() nop <null> nop <null> ret <null>
Artefacts
Name
 Value
Embedded Resources

0
Suspicious Type Names (1-2 chars)

2
b825557157e495681f89fb22d2a7653c (95.23 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙