c1b7c362229994d9d8c5d075e391794c

PE Executable
|
MD5: c1b7c362229994d9d8c5d075e391794c
|
Size: 743.94 KB
|
application/x-dosexec

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	c1b7c362229994d9d8c5d075e391794c
Sha1	a912e8e22a2b982c3b1e6ac261fbf0de0d63b7c4
Sha256	ccc0b9b62c26f70e3ef5559b35c531e2b2b049b9da0b2275f0f6e5d0801ba0ff
Sha384	0ccb186496911fe47088ec66f26394912cc3ce7d2758e1406e1e32df1f8cbd26963e9b8c6c44ba414a7a04136e9b9d80
Sha512	054f2dbcbb587fadce6a40ef344e64e8d1e06c8b837f845ab661bf11b1cc6eb9e32d2cf8b051f5fc05ac2c8c81f03e665cf6bb1f105c5fa0e91c43b73f96350d
SSDeep	12288:NkW52SlxBVn0V6gtShqZ5/VxvmPJBXFCmG6+ekROH8ecTw7pt/nMQqb9OHK7hmK5:NlLB5y6ymqZdvmPJBXFtGlROHRzkNcHw
TLSH	C5F4CFAC3255B89EC853CE728D64DE74A6206DAB970BC20395E71C9FB90D693DF101E3

PeID

.NET executable

Microsoft Visual C# / Basic .NET

Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL

Microsoft Visual C# v7.0 / Basic .NET

Microsoft Visual Studio .NET

File Structure

Informations

Name0	Value
Info	PE Detect: PeReader OK (file layout)
Module Name	Gcjg.exe
Full Name	Gcjg.exe
EntryPoint	System.Void LotterySimulation.Program::Main()
Scope Name	Gcjg.exe
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	Gcjg
Assembly Version	1.0.0.0
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.5
Total Strings	271
Main Method	System.Void LotterySimulation.Program::Main()
Main IL Instruction Count	31
Main IL	nop <null> ldc.i4 1888754418 ldc.i4 1191846743 xor <null> dup <null> stloc.0 <null> ldc.i4.4 <null> rem.un <null> switch dnlib.DotNet.Emit.Instruction[] br.s IL_005C: nop call System.Void LotterySimulation.Program::⁬‭‍‍‮‏‭⁯⁮⁮⁮‬⁭‪⁯⁫‫‎‏⁯⁮‌⁮⁭‮⁫‏⁪⁫⁫‪‌‬‍⁯‪⁮‮() nop <null> ldloc.0 <null> ldc.i4 2056407566 mul <null> ldc.i4 1723059902 xor <null> br.s IL_0006: ldc.i4 1191846743 ldc.i4.0 <null> call System.Void LotterySimulation.Program::‪‪‌⁪‫‭‏⁪⁯‫‪‬⁮‍‏⁬⁯‌⁬‮‬‍‏‌⁪‮‌⁪⁮‭‫‬‪⁯‎‪‭‎‏‮(System.Boolean) nop <null> newobj System.Void LotterySimulation.Forms.MainForm::.ctor() call System.Void LotterySimulation.Program::⁬⁭‍⁯‎‫‭‮‌‪⁪‏⁬⁮‏⁪‬‍⁫‍‭⁭⁬⁭⁫‎⁪⁮‪‭‭‍‏‏‎‬‬⁪‌‮(System.Windows.Forms.Form) ldloc.0 <null> ldc.i4 1131899009 mul <null> ldc.i4 -108529486 xor <null> br.s IL_0006: ldc.i4 1191846743 nop <null> ret <null>
Module Name	Gcjg.exe
Full Name	Gcjg.exe
EntryPoint	System.Void LotterySimulation.Program::Main()
Scope Name	Gcjg.exe
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	Gcjg
Assembly Version	1.0.0.0
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	.NETFramework,Version=v4.5
Total Strings	271
Main Method	System.Void LotterySimulation.Program::Main()
Main IL Instruction Count	31
Main IL	nop <null> ldc.i4 1888754418 ldc.i4 1191846743 xor <null> dup <null> stloc.0 <null> ldc.i4.4 <null> rem.un <null> switch dnlib.DotNet.Emit.Instruction[] br.s IL_005C: nop call System.Void LotterySimulation.Program::⁬‭‍‍‮‏‭⁯⁮⁮⁮‬⁭‪⁯⁫‫‎‏⁯⁮‌⁮⁭‮⁫‏⁪⁫⁫‪‌‬‍⁯‪⁮‮() nop <null> ldloc.0 <null> ldc.i4 2056407566 mul <null> ldc.i4 1723059902 xor <null> br.s IL_0006: ldc.i4 1191846743 ldc.i4.0 <null> call System.Void LotterySimulation.Program::‪‪‌⁪‫‭‏⁪⁯‫‪‬⁮‍‏⁬⁯‌⁬‮‬‍‏‌⁪‮‌⁪⁮‭‫‬‪⁯‎‪‭‎‏‮(System.Boolean) nop <null> newobj System.Void LotterySimulation.Forms.MainForm::.ctor() call System.Void LotterySimulation.Program::⁬⁭‍⁯‎‫‭‮‌‪⁪‏⁬⁮‏⁪‬‍⁫‍‭⁭⁬⁭⁫‎⁪⁮‪‭‭‍‏‏‎‬‬⁪‌‮(System.Windows.Forms.Form) ldloc.0 <null> ldc.i4 1131899009 mul <null> ldc.i4 -108529486 xor <null> br.s IL_0006: ldc.i4 1191846743 nop <null> ret <null>

c1b7c362229994d9d8c5d075e391794c (743.94 KB)

File Structure

Characteristics

No malware configuration were found at this point.

You must be signed in to post a comment.

c1b7c362229994d9d8c5d075e391794c

PE Executable | MD5: c1b7c362229994d9d8c5d075e391794c | Size: 743.94 KB | application/x-dosexec

PE Executable
|
MD5: c1b7c362229994d9d8c5d075e391794c
|
Size: 743.94 KB
|
application/x-dosexec