Suspect
ddc1145905d4a5d35e5dac4363e79fc0
PE Executable | MD5: ddc1145905d4a5d35e5dac4363e79fc0 | Size: 1.06 MB | application/x-dosexec
PE Executable
MD5: ddc1145905d4a5d35e5dac4363e79fc0
Size: 1.06 MB
application/x-dosexec
Summary by MalvaGPT
Characteristics
Symbol Ofbuscation Score
Low
|
Hash | Hash Value |
|---|---|
| MD5 | ddc1145905d4a5d35e5dac4363e79fc0
|
| Sha1 | 1fe760e787768fa977154ba47e63fb4f4c9ba66f
|
| Sha256 | f4d28a6634d2e52dbe653765e5a7521d35bd300d180f67fb2cb683c3852802e8
|
| Sha384 | acb8af31ae70d3c5462c17aa0df1c3f7f5a884fdb813fd87df7a7c28d5eb14bcf27fff1b7e89e4324fbc226b2d7fd599
|
| Sha512 | 0c6fa3a4264f0f3ffb79c5c42e87629848e67b703cdd83aa775a09f0400d41dd7005664314fcd6e1baf6a396a11d3b259ebc58f892c6009f18f83c0aaae3bbf5
|
| SSDeep | 24576:bV4w/q/8Fj8OdB/pfMthVLPP5VnPscAU8J:mw/qUFj8OdBBfMJLPP5VD
|
| TLSH | 4625022072B6CC03C98E477C49B2E13413BD9E996513C35EAFE57DBFB929B910E421A1
|
PeID
Microsoft Visual C++ v6.0 DLL
File Structure
ddc1145905d4a5d35e5dac4363e79fc0
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
GroupBoxDemo.ContentView.resources
GroupBoxDemo.Form1.resources
$this.Icon
[NBF]root.IconData
HQ
[NBF]root.Data
GroupBoxDemo.Form2.resources
$this.BackgroundImage
[NBF]root.Data
[NBF]root.Data-preview.png
GroupBoxDemo.Properties.Resources.resources
tOrJ
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
|
Name0 | Value |
|---|---|
| Module Name | bqVK.exe |
| Full Name | bqVK.exe |
| EntryPoint | System.Void GroupBoxDemo.Program::Main() |
| Scope Name | bqVK.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | bqVK |
| Assembly Version | 4.2.1.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.5 |
| Total Strings | 122 |
| Main Method | System.Void GroupBoxDemo.Program::Main() |
| Main IL Instruction Count | 6 |
| Main IL | call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) newobj System.Void GroupBoxDemo.Form1::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null> |
Artefacts
|
Name0 | Value |
|---|---|
| PDB Path | bqVK.pdb |
ddc1145905d4a5d35e5dac4363e79fc0 (1.06 MB)
File Structure
ddc1145905d4a5d35e5dac4363e79fc0
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
GroupBoxDemo.ContentView.resources
GroupBoxDemo.Form1.resources
$this.Icon
[NBF]root.IconData
HQ
[NBF]root.Data
GroupBoxDemo.Form2.resources
$this.BackgroundImage
[NBF]root.Data
[NBF]root.Data-preview.png
GroupBoxDemo.Properties.Resources.resources
tOrJ
[NBF]root.Data
[NBF]root.Data-preview.png
Characteristics
No malware configuration were found at this point.
Artefacts
|
Name0 | Value | Location |
|---|---|---|
| PDB Path | bqVK.pdb |
ddc1145905d4a5d35e5dac4363e79fc0 |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.