Suspicious
Suspect

cc2740a4d21d5456a6206a21b14d91cd

PE Executable
|
MD5: cc2740a4d21d5456a6206a21b14d91cd
|
Size: 758.27 KB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very high

Hash
 Hash Value
MD5
cc2740a4d21d5456a6206a21b14d91cd
Sha1
3d7dac6e17aa3397e640c11d2e7d99028d4fb718
Sha256
e724f7ec302b8cddd5e0dcf3f3a53df5f465b3b938f1e84effb4fa781eb7abe5
Sha384
e98ac064a9a0ff3a5c680cd0f2d98d0b98742f9105fb797a240b443c496c3903f4e768982678b24d7446b3eca269e80f
Sha512
2c2acf83b85e133bebe7b03f1f1e90f5315c1182706373d85d9c94d6a2798fc24734fafa88aaab8d47991c79bb662c71f01e2796d3610064efc86468e3b8a7c7
SSDeep
12288:pIU5a+izVzERzEfrfqdZDW+LBJikf4hlKbRRYgf5qnzt8GDCuhan2+xKE3An6Ww:pIUodzVzMzEfOdZ5LBJioelsG8IzCGDQ
TLSH
9EF4E0993500F18FC493DA358964EEB4E6656CAA9207D303A5E32EEBBD0D587DF041F2

PeID

Microsoft Visual C++ DLL
Microsoft Visual C++ v6.0
File Structure
cc2740a4d21d5456a6206a21b14d91cd
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rsrc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
StudyGuide.Properties.Resources.resources
sOBX
[NBF]root.Data
[NBF]root.Data-preview.png
shu
[NBF]root.Data
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

eqgq.exe
Full Name

eqgq.exe
EntryPoint

System.Void StudyGuide.Program::Main()
Scope Name

eqgq.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

eqgq
Assembly Version

0.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

2
Main Method

System.Void StudyGuide.Program::Main()
Main IL Instruction Count

37
Main IL

nop <null> call System.Void StudyGuide.Program::‌‭‎‮‬‪‭‮‪‬‭‍‌‌‫‮‮‫‮‪‭‌‭‫‍‭‌‬‮() ldc.i4 1747204495 ldc.i4 1817954317 xor <null> dup <null> stloc.0 <null> ldc.i4.5 <null> rem.un <null> switch dnlib.DotNet.Emit.Instruction[] br.s IL_0070: ret nop <null> ldc.i4.0 <null> call System.Void StudyGuide.Program::‌‎‪‏‬​‏‪‭‪‫‎‏‭‬‍‎‎‌‪‮‫‏‮(System.Boolean) ldloc.0 <null> ldc.i4 1352930430 mul <null> ldc.i4 -1628128776 xor <null> br.s IL_000B: ldc.i4 1817954317 newobj System.Void StudyGuide.MainForm::.ctor() call System.Void StudyGuide.Program::‮‫​‪‮‭‫‭‫‌‌‏‪‫‬‏‫‎‫‫‎‌‭‍‭‏​‬‮(System.Windows.Forms.Form) nop <null> ldloc.0 <null> ldc.i4 -2097484699 mul <null> ldc.i4 -870416846 xor <null> br.s IL_000B: ldc.i4 1817954317 nop <null> ldloc.0 <null> ldc.i4 1125710482 mul <null> ldc.i4 2072334024 xor <null> br.s IL_000B: ldc.i4 1817954317 ret <null>
cc2740a4d21d5456a6206a21b14d91cd (758.27 KB)
File Structure
cc2740a4d21d5456a6206a21b14d91cd
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rsrc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
StudyGuide.Properties.Resources.resources
sOBX
[NBF]root.Data
[NBF]root.Data-preview.png
shu
[NBF]root.Data
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙