Suspicious
Suspect

c7a508e2d74c3bd75b5770b68cb8e80a

PE Executable
|
MD5: c7a508e2d74c3bd75b5770b68cb8e80a
|
Size: 778.24 KB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very high

Hash
 Hash Value
MD5
c7a508e2d74c3bd75b5770b68cb8e80a
Sha1
5a1da980c3f765265e4e10406b40f7cf57ed055c
Sha256
4da133b1ed7d9098b7b76b888472c069a08da9334cac292ea995c113d54812e3
Sha384
37cf55be37d87edadd4a76327e20a2ef0ba085430fc3abeb6cbd11228646e1b87c374115c5eae89cb2a1195bbf0eda1c
Sha512
2e7bc4cb60210963fa702d85724249cc29f833fcf2160e53f03d1855f8102fd24c7c118af9208e5881f1a498d44693e04157b56b0598cc2f998d594f825d87b6
SSDeep
12288:NRac20K4GS009Usdb/4Fns2LaaVnUSiF2yO2ICmZchan2Xu3V6Uy1mR/wT:VZGvuHdr4Fs27UhH
TLSH
46F4E1897111B19EC497EA318DA4EEB4EA646CAA5307D303D1E72DEFBC0D587DE041E2

PeID

.NET executable
HQR data file
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual C++ v6.0 DLL
Microsoft Visual Studio .NET
File Structure
c7a508e2d74c3bd75b5770b68cb8e80a
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
StudyGuide.Properties.Resources.resources
VXrV
[NBF]root.Data
[NBF]root.Data-preview.png
shu
[NBF]root.Data
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

sTuS.exe
Full Name

sTuS.exe
EntryPoint

System.Void StudyGuide.Program::Main()
Scope Name

sTuS.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

sTuS
Assembly Version

0.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

2
Main Method

System.Void StudyGuide.Program::Main()
Main IL Instruction Count

43
Main IL

nop <null> ldc.i4 2130427840 ldc.i4 847669229 xor <null> dup <null> stloc.0 <null> ldc.i4.6 <null> rem.un <null> switch dnlib.DotNet.Emit.Instruction[] br.s IL_0083: ret call System.Void StudyGuide.Program::‬‭‫‌‭‮‍‭‮‏‮‌‍​‍‏‫‏‍‭‪‭‍‭​‌‌‭‮() nop <null> ldc.i4.0 <null> call System.Void StudyGuide.Program::‎​‬‭‏‍‪‭‍‭‬‪‭‌‮‍‪‫​‎‮‪‏‮‪‏‮(System.Boolean) ldloc.0 <null> ldc.i4 -996672399 mul <null> ldc.i4 -2027077177 xor <null> br.s IL_0006: ldc.i4 847669229 nop <null> ldloc.0 <null> ldc.i4 1869321464 mul <null> ldc.i4 -1091703939 xor <null> br.s IL_0006: ldc.i4 847669229 newobj System.Void StudyGuide.MainForm::.ctor() call System.Void StudyGuide.Program::‎‌‌‬‪‫‎‫‭‭‌‏‍‏‭‎‍‍​‎‬‏‫‏‏‪‪‮(System.Windows.Forms.Form) ldloc.0 <null> ldc.i4 -631574768 mul <null> ldc.i4 375059187 xor <null> br.s IL_0006: ldc.i4 847669229 nop <null> ldloc.0 <null> ldc.i4 1720485546 mul <null> ldc.i4 -1125085996 xor <null> br.s IL_0006: ldc.i4 847669229 ret <null>
Module Name

sTuS.exe
Full Name

sTuS.exe
EntryPoint

System.Void StudyGuide.Program::Main()
Scope Name

sTuS.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

sTuS
Assembly Version

0.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

2
Main Method

System.Void StudyGuide.Program::Main()
Main IL Instruction Count

43
Main IL

nop <null> ldc.i4 2130427840 ldc.i4 847669229 xor <null> dup <null> stloc.0 <null> ldc.i4.6 <null> rem.un <null> switch dnlib.DotNet.Emit.Instruction[] br.s IL_0083: ret call System.Void StudyGuide.Program::‬‭‫‌‭‮‍‭‮‏‮‌‍​‍‏‫‏‍‭‪‭‍‭​‌‌‭‮() nop <null> ldc.i4.0 <null> call System.Void StudyGuide.Program::‎​‬‭‏‍‪‭‍‭‬‪‭‌‮‍‪‫​‎‮‪‏‮‪‏‮(System.Boolean) ldloc.0 <null> ldc.i4 -996672399 mul <null> ldc.i4 -2027077177 xor <null> br.s IL_0006: ldc.i4 847669229 nop <null> ldloc.0 <null> ldc.i4 1869321464 mul <null> ldc.i4 -1091703939 xor <null> br.s IL_0006: ldc.i4 847669229 newobj System.Void StudyGuide.MainForm::.ctor() call System.Void StudyGuide.Program::‎‌‌‬‪‫‎‫‭‭‌‏‍‏‭‎‍‍​‎‬‏‫‏‏‪‪‮(System.Windows.Forms.Form) ldloc.0 <null> ldc.i4 -631574768 mul <null> ldc.i4 375059187 xor <null> br.s IL_0006: ldc.i4 847669229 nop <null> ldloc.0 <null> ldc.i4 1720485546 mul <null> ldc.i4 -1125085996 xor <null> br.s IL_0006: ldc.i4 847669229 ret <null>
c7a508e2d74c3bd75b5770b68cb8e80a (778.24 KB)
File Structure
c7a508e2d74c3bd75b5770b68cb8e80a
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
StudyGuide.Properties.Resources.resources
VXrV
[NBF]root.Data
[NBF]root.Data-preview.png
shu
[NBF]root.Data
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙