Suspicious
Suspect

c7dcf55f6ec9f2d6044ce631e17f11d9

PE Executable
|
MD5: c7dcf55f6ec9f2d6044ce631e17f11d9
|
Size: 1.13 MB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Obfuscation Score

Medium

Hash
 Hash Value
MD5
c7dcf55f6ec9f2d6044ce631e17f11d9
Sha1
25fc50e825a5c17941b6b1051cfd2e5a0a04410a
Sha256
8f851a6b9ed143766d3fd2cb899de35b57259a422fdf9e81a8213b7198f2018e
Sha384
33b6eee72c9ca88c061d32298ee0ed84313bb4a706ef8e398ba177beaf021e6a96df2c83831c0961514511dddd0980e0
Sha512
f6df1cf786e46a51a5ad63061dbac51438b6fc7a1018f4a6081f906b7efb62ec3524d76a29eed00a0fdf0a8d200b35b0033d4bdb86aa5ecc59cee5800150e87b
SSDeep
24576:+zZN9u1HddYItzYZ4225WbcyfYOQnecq4JphAH/S4ilkwPkO1e:+yUZfIWbeOQnjJXAfSRlkwPhe
TLSH
ED35015623989E02C6BA03F51421E23CC3B19D9B7570C384BEDDA9D77B66B011B0ABD7

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
c7dcf55f6ec9f2d6044ce631e17f11d9
[Authenticode]_a32ace3a.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0-preview.png
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
.Net Resources
Otopark.ChangePassword.resources
btnBack.Image
[NBF]root.Data
[NBF]root.Data-preview.png
btnCancel.Image
[NBF]root.Data
[NBF]root.Data-preview.png
btnSave.Image
[NBF]root.Data
[NBF]root.Data-preview.png
pictureBox1.Image
[NBF]root.Data
[NBF]root.Data-preview.png
Otopark.FormCustomerOperations.resources
btnFind.Image
[NBF]root.Data
[NBF]root.Data-preview.png
btnList.Image
[NBF]root.Data
[NBF]root.Data-preview.png
Otopark.FormGiris.resources
$this.Icon
[NBF]root.IconData
GT8
[NBF]root.Data
btnExit.Image
[NBF]root.Data
[NBF]root.Data-preview.png
btnLogin.Image
[NBF]root.Data
[NBF]root.Data-preview.png
pctrBoxBlack.Image
[NBF]root.Data
[NBF]root.Data-preview.png
pctrBoxBlue.Image
[NBF]root.Data
[NBF]root.Data-preview.png
pictureBox1.Image
[NBF]root.Data
[NBF]root.Data-preview.png
Otopark.FormPersonelOperations.resources
btnChangePassword.Image
[NBF]root.Data
[NBF]root.Data-preview.png
btnCikis.Image
[NBF]root.Data
[NBF]root.Data-preview.png
Otopark.FormPlace.resources
Otopark.FormVehicleEntryRecord.resources
Otopark.FormVehicleExitOperation.resources
btnCalculatePrice.Image
[NBF]root.Data
[NBF]root.Data-preview.png
Otopark.Properties.Resources.resources
RUPyuEp
[NBF]root.Data
[NBF]root.Data-preview.png
Otopark.csdl
Otopark.msl
Otopark.ssdl
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Info

Authenticode present at 0x110400 size 13832 bytes
Info

PDB Path: C:\Users\Administrator\Desktop\Client\Temp\ckhjKQBaol\src\obj\Debug\JsUretC.pdb
Module Name

JsUretC.exe
Full Name

JsUretC.exe
EntryPoint

System.Void Otopark.Program::Main()
Scope Name

JsUretC.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

JsUretC
Assembly Version

3.0.2.3
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

462
Main Method

System.Void Otopark.Program::Main()
Main IL Instruction Count

10
Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void Otopark.FormGiris::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
Module Name

JsUretC.exe
Full Name

JsUretC.exe
EntryPoint

System.Void Otopark.Program::Main()
Scope Name

JsUretC.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

JsUretC
Assembly Version

3.0.2.3
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

462
Main Method

System.Void Otopark.Program::Main()
Main IL Instruction Count

10
Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void Otopark.FormGiris::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
c7dcf55f6ec9f2d6044ce631e17f11d9 (1.13 MB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙