Suspicious
Suspect

da41d2a77e65fd05a8df93a2e25e7a5f

PE Executable
|
MD5: da41d2a77e65fd05a8df93a2e25e7a5f
|
Size: 47.61 KB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Medium

Hash
 Hash Value
MD5
da41d2a77e65fd05a8df93a2e25e7a5f
Sha1
52fa6053d033684d372156f0942474a89a913750
Sha256
a71dba9cd1e4632108ad6bab379bb29dd31119e30572ff31628df096354fa998
Sha384
e35509418418204b15728ce7dd8f54c86989f4b95f7b4dabf7e9a9974f58fc807c1361febc0aa0039737e88bcf70c852
Sha512
dc3fd0bfbf918cef2ac5f71869cb690192ef783ef27175ce9bf14249b45741b2caf8683f9d3428dc35f504b4471f5bd8be46cb580df1bd89a4ea094ee3208823
SSDeep
768:JHKFphjZM5s7ObPWuR6xZSm5E7I+mfrkYv8iIa3jUq/mfGYhqpRMqK2L5ALRA:JHKnzM5s7ObPWuyVx+mfAi8lq/mfG8qh
TLSH
27236B2FAA0C1D13E59E4DFC94952313BEB8B322A452F34F3D89C59D19A33C02605ADB

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
da41d2a77e65fd05a8df93a2e25e7a5f
[Authenticode]_20d2391c.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
JavaUpdateService.Properties.Resources.resources
             
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Info

Authenticode present at 0x9600 size 9208 bytes
Module Name

JavaUpdateService.exe
Full Name

JavaUpdateService.exe
EntryPoint

System.Void  ::()
Scope Name

JavaUpdateService.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

JavaUpdateService
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.8
Total Strings

0
Main Method

System.Void  ::()
Main IL Instruction Count

24
Main IL

call System.Boolean  ::() brtrue.s IL_0020: call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4 -656109350 call System.String ::(System.Int32) ldsfld System.String System.String::Empty ldc.i4.0 <null> ldc.i4.s 16 call System.Windows.Forms.DialogResult System.Windows.Forms.MessageBox::Show(System.String,System.String,System.Windows.Forms.MessageBoxButtons,System.Windows.Forms.MessageBoxIcon) pop <null> ret <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) call System.Void  ::() call System.Threading.Tasks.Task  ::() ldc.i4.0 <null> callvirt System.Runtime.CompilerServices.ConfiguredTaskAwaitable System.Threading.Tasks.Task::ConfigureAwait(System.Boolean) stloc.0 <null> ldloca.s V_0 call System.Runtime.CompilerServices.ConfiguredTaskAwaitable/ConfiguredTaskAwaiter System.Runtime.CompilerServices.ConfiguredTaskAwaitable::GetAwaiter() stloc.1 <null> ldloca.s V_1 call System.Void System.Runtime.CompilerServices.ConfiguredTaskAwaitable/ConfiguredTaskAwaiter::GetResult() ret <null>
Module Name

JavaUpdateService.exe
Full Name

JavaUpdateService.exe
EntryPoint

System.Void  ::()
Scope Name

JavaUpdateService.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

JavaUpdateService
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.8
Total Strings

0
Main Method

System.Void  ::()
Main IL Instruction Count

24
Main IL

call System.Boolean  ::() brtrue.s IL_0020: call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4 -656109350 call System.String ::(System.Int32) ldsfld System.String System.String::Empty ldc.i4.0 <null> ldc.i4.s 16 call System.Windows.Forms.DialogResult System.Windows.Forms.MessageBox::Show(System.String,System.String,System.Windows.Forms.MessageBoxButtons,System.Windows.Forms.MessageBoxIcon) pop <null> ret <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) call System.Void  ::() call System.Threading.Tasks.Task  ::() ldc.i4.0 <null> callvirt System.Runtime.CompilerServices.ConfiguredTaskAwaitable System.Threading.Tasks.Task::ConfigureAwait(System.Boolean) stloc.0 <null> ldloca.s V_0 call System.Runtime.CompilerServices.ConfiguredTaskAwaitable/ConfiguredTaskAwaiter System.Runtime.CompilerServices.ConfiguredTaskAwaitable::GetAwaiter() stloc.1 <null> ldloca.s V_1 call System.Void System.Runtime.CompilerServices.ConfiguredTaskAwaitable/ConfiguredTaskAwaiter::GetResult() ret <null>
da41d2a77e65fd05a8df93a2e25e7a5f (47.61 KB)
File Structure
da41d2a77e65fd05a8df93a2e25e7a5f
[Authenticode]_20d2391c.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
JavaUpdateService.Properties.Resources.resources
             
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙