Suspect
d08210ebbcd8a85c42eb3c40c5a0e40d
PE Executable | MD5: d08210ebbcd8a85c42eb3c40c5a0e40d | Size: 567.81 KB | application/x-dosexec
PE Executable
MD5: d08210ebbcd8a85c42eb3c40c5a0e40d
Size: 567.81 KB
application/x-dosexec
Summary by MalvaGPT
Characteristics
Symbol Ofbuscation Score
Low
|
Hash | Hash Value |
|---|---|
| MD5 | d08210ebbcd8a85c42eb3c40c5a0e40d
|
| Sha1 | 1ff36eadff1051f90c10ba7ce59be5dde35379f3
|
| Sha256 | b55e1d97cb0f73d37af6472d1f7722018ddb8bd9ea1e5d920da9c80964663e13
|
| Sha384 | 9060acb39bdeb4810b3dff524b460c3202b78703851ca2d1b27522b805eb8812c213a4018e1d5c6adf404255d2f10fd7
|
| Sha512 | ed2d072475857d372c15922a386423d924f5a94a5de532d21a8f8b8f8eacc8e948c718942dc5fcadbd928519b881c06be9d93c40e0eeadecd8233215a205743f
|
| SSDeep | 12288:JMxBVn0V6gtShqZkV+8EAV3xGvqLj+l2U9EKDD+8xUmDs:JKB5y6ymqZId1xdm2U9VD
|
| TLSH | EDC4F165330AEC03D49E1BF00871D3B853786E9CB611C3579FFAACDFB86975128952A2
|
File Structure
d08210ebbcd8a85c42eb3c40c5a0e40d
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0.exif
ID:0-preview.png
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
Calculator.Form1.resources
$this.Icon
[NBF]root.IconData
msp
[NBF]root.Data
ExtractAssociatedIcon.Form1.resources
Calculator.Properties.Resources.resources
KBtC
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Info | PDB Path: C:\Users\Administrator\Desktop\Client\Temp\GUALjlFYLL\src\obj\Debug\EbIC.pdb |
| Module Name | EbIC.exe |
| Full Name | EbIC.exe |
| EntryPoint | System.Void Calculator.Program::Main() |
| Scope Name | EbIC.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | EbIC |
| Assembly Version | 0.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.5 |
| Total Strings | 157 |
| Main Method | System.Void Calculator.Program::Main() |
| Main IL Instruction Count | 6 |
| Main IL | call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) newobj System.Void Calculator.Form1::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null> |
d08210ebbcd8a85c42eb3c40c5a0e40d (567.81 KB)
File Structure
d08210ebbcd8a85c42eb3c40c5a0e40d
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0.exif
ID:0-preview.png
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
Calculator.Form1.resources
$this.Icon
[NBF]root.IconData
msp
[NBF]root.Data
ExtractAssociatedIcon.Form1.resources
Calculator.Properties.Resources.resources
KBtC
[NBF]root.Data
[NBF]root.Data-preview.png
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.