d1d8a5fb9d9543a304048d53144ac0f1

PE Executable
|
MD5: d1d8a5fb9d9543a304048d53144ac0f1
|
Size: 556.54 KB
|
application/x-dosexec

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	d1d8a5fb9d9543a304048d53144ac0f1
Sha1	a8ba8a1342b95b0545a50d0b66e22f21be359146
Sha256	677ce0d368b44c16550269a5f337c5d8c67cf025664c614ab1add706627b0594
Sha384	07cc5c79763a1cf834709c423f42dadccb3e037e0fbbdcc9e65a25ea5acaa2139e45daba8dcaf4fbfb1bc19a67e317c0
Sha512	1346eaa8de57e0f7f6c5ef374a5fb5e16b8c12dd9865acada4cb3064525536b792c240cab5404c905bbf0e352abeb3da5f1f4c05eb632c3cd3fd00558f9c1c00
SSDeep	12288:JLV6Btpmkf+JmbM0KOaqQ8WUTSbGstalPyKa5MUad/bGMq2B+0I1:xApfGJmb7KOaPpbGstalP0MUad/hy
TLSH	A0C4020677B5862FE3DE46B971522616C338D2E3E8C3F7DE18D864B64F162E0061B1A7

PeID

.NET executable

Microsoft Visual C# / Basic .NET

Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL

Microsoft Visual C# v7.0 / Basic .NET

Microsoft Visual Studio .NET

File Structure

Informations

Name0	Value
Info	PE Detect: PeReader OK (file layout)
Module Name	NanoCore Client.exe
Full Name	NanoCore Client.exe
EntryPoint	System.Void ClientLoaderForm::Main()
Scope Name	NanoCore Client.exe
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v2.0.50727
Tables Header Version	512
WinMD Version	<null>
Assembly Name	NanoCore Client
Assembly Version	1.2.2.0
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	<null>
Total Strings	2
Main Method	System.Void ClientLoaderForm::Main()
Main IL Instruction Count	4
Main IL	call #=q_jQLaNdtSDa6ovA0VGw50w==/#=qlsj4Kl0M6SYgZMJLZ$QkSw== #=q_jQLaNdtSDa6ovA0VGw50w==::#=qqROT7DfncW7strhZvp0iRQ==() callvirt ClientLoaderForm #=q_jQLaNdtSDa6ovA0VGw50w==/#=qlsj4Kl0M6SYgZMJLZ$QkSw==::#=qbzig1$2CwLluEJt5uPtpgqPx5y_2S$GoPgJP36N8bTE=() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null>
Module Name	NanoCore Client.exe
Full Name	NanoCore Client.exe
EntryPoint	System.Void ClientLoaderForm::Main()
Scope Name	NanoCore Client.exe
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v2.0.50727
Tables Header Version	512
WinMD Version	<null>
Assembly Name	NanoCore Client
Assembly Version	1.2.2.0
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	<null>
Total Strings	2
Main Method	System.Void ClientLoaderForm::Main()
Main IL Instruction Count	4
Main IL	call #=q_jQLaNdtSDa6ovA0VGw50w==/#=qlsj4Kl0M6SYgZMJLZ$QkSw== #=q_jQLaNdtSDa6ovA0VGw50w==::#=qqROT7DfncW7strhZvp0iRQ==() callvirt ClientLoaderForm #=q_jQLaNdtSDa6ovA0VGw50w==/#=qlsj4Kl0M6SYgZMJLZ$QkSw==::#=qbzig1$2CwLluEJt5uPtpgqPx5y_2S$GoPgJP36N8bTE=() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null>

d1d8a5fb9d9543a304048d53144ac0f1 (556.54 KB)

File Structure

Characteristics

No malware configuration were found at this point.

You must be signed in to post a comment.

d1d8a5fb9d9543a304048d53144ac0f1

PE Executable | MD5: d1d8a5fb9d9543a304048d53144ac0f1 | Size: 556.54 KB | application/x-dosexec

PE Executable
|
MD5: d1d8a5fb9d9543a304048d53144ac0f1
|
Size: 556.54 KB
|
application/x-dosexec