Suspicious
Suspect

d091653400c6db41ff12d0ae4efae481

PE Executable
|
MD5: d091653400c6db41ff12d0ae4efae481
|
Size: 750.59 KB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Medium

Hash
 Hash Value
MD5
d091653400c6db41ff12d0ae4efae481
Sha1
827125a99db81d5905f9518ec88ea3bc966908d9
Sha256
f94f36ad5e8746f9b9dd6a23e079d8d12f0e55d49a96c761cba4b9bbde734f04
Sha384
9cdd5a1054a18e579c14d1cfc86cfc0f90ee47eb6de18c569e17973a97b04edbefa52fd58af4b7cf722614a1b1960f4c
Sha512
cb6d0b5e61da0d5d196a873496a7ce3e8ea54c490973c6cd876dee46cda857175a30f611cbeac73c3e7f63e9983be43786fe70d9eb1e0cc448f6b9192134837e
SSDeep
12288:LxUzMLrDng5yeKQCm4H8RziSi6L8vghGfcEJYvcs1saou39Hcp/31medguYhan2:NUYDng5tZ4HwLlwfHY03nHP
TLSH
21F4129422E5E711C1FA6BF86871E33443B87E9A3412D7055FEA7DEB3C24B51A8443A3

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
d091653400c6db41ff12d0ae4efae481
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
DailyPlanner.MainForm.resources
DailyPlanner.Properties.Resources.resources
HpCX
[NBF]root.Data
[NBF]root.Data-preview.png
shu
[NBF]root.Data
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Info

PDB Path: CtTI.pdb
Module Name

CtTI.exe
Full Name

CtTI.exe
EntryPoint

System.Void DailyPlanner.Program::Main()
Scope Name

CtTI.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

CtTI
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

294
Main Method

System.Void DailyPlanner.Program::Main()
Main IL Instruction Count

10
Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void DailyPlanner.MainForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
Module Name

CtTI.exe
Full Name

CtTI.exe
EntryPoint

System.Void DailyPlanner.Program::Main()
Scope Name

CtTI.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

CtTI
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

294
Main Method

System.Void DailyPlanner.Program::Main()
Main IL Instruction Count

10
Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void DailyPlanner.MainForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
d091653400c6db41ff12d0ae4efae481 (750.59 KB)
File Structure
d091653400c6db41ff12d0ae4efae481
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
DailyPlanner.MainForm.resources
DailyPlanner.Properties.Resources.resources
HpCX
[NBF]root.Data
[NBF]root.Data-preview.png
shu
[NBF]root.Data
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙