Suspect
PE Executable
MD5: d86a4a463c4347b7580d0729faeab46e
Size: 1.13 MB
application/x-dosexec
General
Structural Analysis
Config.0
Yara Rules22
Sync
Community
Summary by MalvaGPT
Characteristics
Symbol Obfuscation Score
Low
|
Hash | Hash Value |
|---|---|
| MD5 | d86a4a463c4347b7580d0729faeab46e
|
| Sha1 | c79d3bba9c049ccdac28f3353763c861a50072e1
|
| Sha256 | 2ef4c4e15fe09341a0eed5d0b538d1287a230f5e8778cf8acbc317fb873bf977
|
| Sha384 | dab25d7059c61f70e8cf6fc452c49f7f7968314305ac36d88db36e396a49e524a58408f50b75b4134c5f2311ba11bfdc
|
| Sha512 | 5f4973866af9b92db6ea34309727f99227726c0b095304c08b9b5d2ed5b5ac025f497b9eb4b6fb66ce053e73375a2099e685622dfe7b4a3b34caa4f758076f28
|
| SSDeep | 24576:aTqGGb9CwXK5b5wbW3uxFRvTxuM3E5Jp34X6TcvgGVRnj5f:aThEGsWMrVE5/4qTzwj5f
|
| TLSH | CE3502C43B69B709DEAC69308476EDB512B51D687010B9F2AEDD3B877AED2026D0CF05
|
File Structure
d86a4a463c4347b7580d0729faeab46e
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0-preview.png
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
.Net Resources
DigitalLogicSimulator.MainForm.resources
$this.Icon
[NBF]root.IconData
GT
[NBF]root.Data
DigitalLogicSimulator.Properties.Resources.resources
yFSk
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
|
Name | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Info | PDB Path: C:\Users\Administrator\Desktop\Client\Temp\zDoJqpAJnz\src\obj\Debug\wNxL.pdb |
| Module Name | wNxL.exe |
| Full Name | wNxL.exe |
| EntryPoint | System.Void DigitalLogicSimulator.Program::Main() |
| Scope Name | wNxL.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | wNxL |
| Assembly Version | 0.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.8 |
| Total Strings | 210 |
| Main Method | System.Void DigitalLogicSimulator.Program::Main() |
| Main IL Instruction Count | 6 |
| Main IL | call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) newobj System.Void DigitalLogicSimulator.MainForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null> |
d86a4a463c4347b7580d0729faeab46e (1.13 MB)
File Structure
d86a4a463c4347b7580d0729faeab46e
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0-preview.png
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
.Net Resources
DigitalLogicSimulator.MainForm.resources
$this.Icon
[NBF]root.IconData
GT
[NBF]root.Data
DigitalLogicSimulator.Properties.Resources.resources
yFSk
[NBF]root.Data
[NBF]root.Data-preview.png
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.