General
Structural Analysis
Config.0
Yara Rules19
Sync
Community
Summary by MalvaGPT
Characteristics
Symbol Ofbuscation Score
Low
|
Hash | Hash Value |
|---|---|
| MD5 | cc5b2e3e3af8f14964425c04fc5f41b5
|
| Sha1 | 6b0f02b6446140693e622e536c40ffe79676da6e
|
| Sha256 | f259be9016e7e7fed040f3ba849e86d0932c2f77d66ab608d1efb34f03a17a44
|
| Sha384 | 9c042eed16f1ef5a5e7a3295fa42f1458a7bb6709f5bafe114ce921a43e141918c444efca90e50d127a85dd3ff23c0b4
|
| Sha512 | 4c6c34a7c46ed5380f22f75d2ca71ffb591db2b19173b96943f816913cb0a5fd297f213e73247b556e3d026003079c0fef8aa64d0a8921c87f27a8bff16ba9b1
|
| SSDeep | 12288:GbvxBVn0V6gtShqZfZbKKFBdg9qIv0rnjsk9nolMbAA+PTp6bg61+FFCJY4oYBTD:Gb5B5y6ymqZfZbKKFbg4I49n0iwT61O8
|
| TLSH | FAF41269230BEC03E86D0BF005B1D3F456A99D8DB540C3865FFA2CEFB97A2A11965193
|
File Structure
cc5b2e3e3af8f14964425c04fc5f41b5
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0.exif
ID:0-preview.png
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
Calculator.Form1.resources
$this.Icon
[NBF]root.IconData
msp
[NBF]root.Data
ExtractAssociatedIcon.Form1.resources
Calculator.Properties.Resources.resources
bTlo
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Info | PDB Path: C:\Users\Administrator\Desktop\Client\Temp\ukgWLNJEqx\src\obj\Debug\BGhP.pdb |
| Module Name | BGhP.exe |
| Full Name | BGhP.exe |
| EntryPoint | System.Void Calculator.Program::Main() |
| Scope Name | BGhP.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | BGhP |
| Assembly Version | 0.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.5 |
| Total Strings | 157 |
| Main Method | System.Void Calculator.Program::Main() |
| Main IL Instruction Count | 6 |
| Main IL | call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) newobj System.Void Calculator.Form1::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null> |
cc5b2e3e3af8f14964425c04fc5f41b5 (777.22 KB)
File Structure
cc5b2e3e3af8f14964425c04fc5f41b5
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0.exif
ID:0-preview.png
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
Calculator.Form1.resources
$this.Icon
[NBF]root.IconData
msp
[NBF]root.Data
ExtractAssociatedIcon.Form1.resources
Calculator.Properties.Resources.resources
bTlo
[NBF]root.Data
[NBF]root.Data-preview.png
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.