Suspicious
Suspect

bdaabd600bb9371423842eb703c8a918

PE Executable
|
MD5: bdaabd600bb9371423842eb703c8a918
|
Size: 754.18 KB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Medium

Hash
 Hash Value
MD5
bdaabd600bb9371423842eb703c8a918
Sha1
2f0b446b3f6737fb3b0a051042771e53aa2b68ee
Sha256
241d00dc87b5c01600a761460116e618505ecb4263f586ef5447b8c1d4329ebd
Sha384
d2a7887666dcd0d6d1011c04af69b7a40dd30cabe07e17c2a864f3587b9ffd8aea1c2f2d4e05e946830d1aa7c7d5820a
Sha512
8561d6f8e24ce7b32221a8ebc9df38805316ce1c8b67688d0a97fb9d398822f04ff4f48c091a04c527cc640fe355d057505c9e9c21a3602d26aeff822af7595b
SSDeep
12288:r2N8J+g9DcAe4LnAKLHKpJKhy5F3iYoI8cdXHukleVAUZfuik2Fs4NG0fbwDv:r2N3gLnA9DF39bXBixk2aYGN
TLSH
31F42228B1F6CB32D5A4DFB67972C17823360C56D522E3068DDE9ECB34687708859F62

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
bdaabd600bb9371423842eb703c8a918
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
ScientificCalculator.Forms.GraphPlotterForm.resources
Scientific_Calc.Properties.Resources.resources
PIP
[NBF]root.Data
qbIn
[NBF]root.Data
[NBF]root.Data-preview.png
t1
[NBF]root.Data
[NBF]root.Data-preview.png
t2
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
Name
 Value
Module Name

gsxC.exe
Full Name

gsxC.exe
EntryPoint

System.Void ScientificCalculator.Program::Main()
Scope Name

gsxC.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

gsxC
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

380
Main Method

System.Void ScientificCalculator.Program::Main()
Main IL Instruction Count

10
Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void ScientificCalculator.Forms.MainCalculatorForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
Module Name

gsxC.exe
Full Name

gsxC.exe
EntryPoint

System.Void ScientificCalculator.Program::Main()
Scope Name

gsxC.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

gsxC
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

380
Main Method

System.Void ScientificCalculator.Program::Main()
Main IL Instruction Count

10
Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void ScientificCalculator.Forms.MainCalculatorForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
Artefacts
Name
 Value
PDB Path

gsxC.pdb
bdaabd600bb9371423842eb703c8a918 (754.18 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙