Suspicious
Suspect

d86fc991509b5c14c9ecc6918b065dc0

PE Executable
|
MD5: d86fc991509b5c14c9ecc6918b065dc0
|
Size: 737.29 KB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Medium

Hash
 Hash Value
MD5
d86fc991509b5c14c9ecc6918b065dc0
Sha1
05d5a05774e516a68427c9030449deb601a528c8
Sha256
422402851019bc4421161c525b901d326acdfff9b33e026256e5de20a91ef0bc
Sha384
75b8f7614c952c2cc1d409fcd9a6c2601edae01c2ee0981db93e26378d50a4492529d0a0e941214f662c0ee8205fb87f
Sha512
2d0b41cba46dd7063d0c5cb8481e0fca974b9817d9b84a5eb76bba687ac5fb46378e470c4e750ac4bfbd85ddadfc52a28b25bcda9c2e46f58281aee825c6f5bd
SSDeep
12288:HiPpjZm3qOm1cjTCnJgynOnEWIz4u7JCHzMU1Vgs4x6Al5yhBYKjB1cJiekR:CPQ7ZCJcnpq7JCTMUEx6AlF2HcJiF
TLSH
47F40146236AEE01D5A65FF018B0E3741774BE8EBC25C3079EE56CE7B475B8069A0393

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
d86fc991509b5c14c9ecc6918b065dc0
[Authenticode]_a32ace3a.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
BaselineTool.Forms.MainForm.resources
BaselineTool.Properties.Resources.resources
AUDI
[NBF]root.Data
Nelf
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Info

Authenticode present at 0xB0A00 size 13832 bytes
Info

PDB Path: SaWn.pdb
Module Name

SaWn.exe
Full Name

SaWn.exe
EntryPoint

System.Void BaselineTool.Program::Main()
Scope Name

SaWn.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

SaWn
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

346
Main Method

System.Void BaselineTool.Program::Main()
Main IL Instruction Count

10
Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void BaselineTool.Forms.MainForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
Module Name

SaWn.exe
Full Name

SaWn.exe
EntryPoint

System.Void BaselineTool.Program::Main()
Scope Name

SaWn.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

SaWn
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

346
Main Method

System.Void BaselineTool.Program::Main()
Main IL Instruction Count

10
Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void BaselineTool.Forms.MainForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
d86fc991509b5c14c9ecc6918b065dc0 (737.29 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙