Suspicious
Suspect

Pre Alert_160-99155055.exe

PE Executable
|
MD5: ca3eea9ceeb6ffd742c0fcab3aaaf205
|
Size: 936.97 KB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very high

Hash
 Hash Value
MD5
ca3eea9ceeb6ffd742c0fcab3aaaf205
Sha1
0ad3231568f6a7d257c7628c1208ea81cbc6dda0
Sha256
cbfd2f5801de66675509ac345081342019346ab477b1b1d708b1f616363c4484
Sha384
96fe210114d7de01610d4bd6aa338d75af852aba90244387b017d10b724fe5ab22828e3b72269fd42e9669442fa70814
Sha512
632cdf7ebcecc5354cedc3bdfe6593accebb3771c9cbd82e65b03aba0c87d88dfb1418101166ff97e9986a20053f133234166a9c5b6f867299a87a19c6e64179
SSDeep
12288:z6xznnf4iuAtcaFLrgQqB5CHEUkat3Rni2xgs20qYh+bIHWzGbYf0BnBy0+ni1ty:zSnnf4iuW1rgv5Kt7fiUPNoJGbYfWox
TLSH
9315E09C3200B48FC45789758969EDB8A6202CAB7707DE03A1D73DDFB93D6929E051E3

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
Pre Alert_160-99155055.exe
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0002
ID:0
ID:0003
ID:0
ID:0004
ID:0
ID:0005
ID:0
ID:0-preview.png
RT_GROUP_CURSOR4
ID:0001
ID:0
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
Calculator_Project.Calculator.resources
$this.Icon
[NBF]root.IconData
greyder
[NBF]root.Data
Login_And_Register_Form.registerForm.resources
pictureBox1.Image
[NBF]root.Data
[NBF]root.Data-preview.png
pictureBox2.Image
[NBF]root.Data
[NBF]root.Data-preview.png
Login_And_Register_Form.frmLogin.resources
Login_And_Register_Form.Properties.Resources.resources
Hqq
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
Name
 Value
Module Name

uNX.exe
Full Name

uNX.exe
EntryPoint

System.Void Login_And_Register_Form.Program::Main()
Scope Name

uNX.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

uNX
Assembly Version

6.3.1.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

19
Main Method

System.Void Login_And_Register_Form.Program::Main()
Main IL Instruction Count

37
Main IL

nop <null> ldc.i4 -1527748382 ldc.i4 -242639852 xor <null> dup <null> stloc.0 <null> ldc.i4.5 <null> rem.un <null> switch dnlib.DotNet.Emit.Instruction[] br.s IL_0070: ret call System.Void Login_And_Register_Form.Program::‬​‫‍‎‪‌‌​‏​​‫‮‎‫‭​‌‬‭‍‮‮() ldloc.0 <null> ldc.i4 -1106077550 mul <null> ldc.i4 2047320609 xor <null> br.s IL_0006: ldc.i4 -242639852 nop <null> newobj System.Void Login_And_Register_Form.registerForm::.ctor() call System.Void Login_And_Register_Form.Program::‪‭‮‍​‍‮‭‬‫‮​‪‫​‎‍‫​‍‍‫‬‭‌‮(System.Windows.Forms.Form) nop <null> ldloc.0 <null> ldc.i4 -1367713603 mul <null> ldc.i4 1151493157 xor <null> br.s IL_0006: ldc.i4 -242639852 nop <null> ldc.i4.0 <null> call System.Void Login_And_Register_Form.Program::‍‌‭‪‍‎‍‪‎​‬‌‪‏​‮‍‏‎‫‌‫‮‌‫‮‫‮(System.Boolean) ldloc.0 <null> ldc.i4 120181450 mul <null> ldc.i4 -241107227 xor <null> br.s IL_0006: ldc.i4 -242639852 ret <null>
Module Name

uNX.exe
Full Name

uNX.exe
EntryPoint

System.Void Login_And_Register_Form.Program::Main()
Scope Name

uNX.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

uNX
Assembly Version

6.3.1.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

19
Main Method

System.Void Login_And_Register_Form.Program::Main()
Main IL Instruction Count

37
Main IL

nop <null> ldc.i4 -1527748382 ldc.i4 -242639852 xor <null> dup <null> stloc.0 <null> ldc.i4.5 <null> rem.un <null> switch dnlib.DotNet.Emit.Instruction[] br.s IL_0070: ret call System.Void Login_And_Register_Form.Program::‬​‫‍‎‪‌‌​‏​​‫‮‎‫‭​‌‬‭‍‮‮() ldloc.0 <null> ldc.i4 -1106077550 mul <null> ldc.i4 2047320609 xor <null> br.s IL_0006: ldc.i4 -242639852 nop <null> newobj System.Void Login_And_Register_Form.registerForm::.ctor() call System.Void Login_And_Register_Form.Program::‪‭‮‍​‍‮‭‬‫‮​‪‫​‎‍‫​‍‍‫‬‭‌‮(System.Windows.Forms.Form) nop <null> ldloc.0 <null> ldc.i4 -1367713603 mul <null> ldc.i4 1151493157 xor <null> br.s IL_0006: ldc.i4 -242639852 nop <null> ldc.i4.0 <null> call System.Void Login_And_Register_Form.Program::‍‌‭‪‍‎‍‪‎​‬‌‪‏​‮‍‏‎‫‌‫‮‌‫‮‫‮(System.Boolean) ldloc.0 <null> ldc.i4 120181450 mul <null> ldc.i4 -241107227 xor <null> br.s IL_0006: ldc.i4 -242639852 ret <null>
Pre Alert_160-99155055.exe (936.97 KB)
File Structure
Pre Alert_160-99155055.exe
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0002
ID:0
ID:0003
ID:0
ID:0004
ID:0
ID:0005
ID:0
ID:0-preview.png
RT_GROUP_CURSOR4
ID:0001
ID:0
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
Calculator_Project.Calculator.resources
$this.Icon
[NBF]root.IconData
greyder
[NBF]root.Data
Login_And_Register_Form.registerForm.resources
pictureBox1.Image
[NBF]root.Data
[NBF]root.Data-preview.png
pictureBox2.Image
[NBF]root.Data
[NBF]root.Data-preview.png
Login_And_Register_Form.frmLogin.resources
Login_And_Register_Form.Properties.Resources.resources
Hqq
[NBF]root.Data
[NBF]root.Data-preview.png
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙