General
Structural Analysis
Config.0
Yara Rules17
Sync
Community
Summary by MalvaGPT
Characteristics
Symbol Obfuscation Score
Low
|
Hash | Hash Value |
|---|---|
| MD5 | df6022315109645d7d59c19a22a3de60
|
| Sha1 | 1e877a1254a7bd9c71aa3a7b69239023064d7978
|
| Sha256 | 5c0320d2f4ccb84a48c255a3db4057771046db1fb5ee1923354d8518932b42a7
|
| Sha384 | 25c177abc06cbab462771b0a76de1028ab133755b00c32dd5a1bf5a758ffb572fd5bee08860eede7913a8ddefce23139
|
| Sha512 | eff9d6f03feffb035f9d3216c78abde69ccb585e2e7f338f7a10312449ed2a5c4ecec029f6860a396548b63a66a8bc76d8501953183586cf739eb82b683ef902
|
| SSDeep | 24576:Padj+IcJ61AE+yIQnavMZA0sEgMuaYBEKz:wcMIZvMbSMuaYr
|
| TLSH | E625127422ADCB47E9AA07F80472DBB607724E5DEA33E3428CE59DEBB8017197414B53
|
File Structure
df6022315109645d7d59c19a22a3de60
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0-preview.png
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
.Net Resources
WindowsFormsDemo.About.resources
WindowsFormsDemo.Calculator.resources
$this.Icon
[NBF]root.IconData
WELL
[NBF]root.Data
WindowsFormsDemo.MenüForm.resources
WindowsFormsDemo.Properties.Resources.resources
1
[NBF]root.Data
[NBF]root.Data-preview.png
2
[NBF]root.Data
[NBF]root.Data-preview.png
3
[NBF]root.Data
[NBF]root.Data-preview.png
4
[NBF]root.Data
[NBF]root.Data-preview.png
5
[NBF]root.Data
[NBF]root.Data-preview.png
6
[NBF]root.Data
[NBF]root.Data-preview.png
7
[NBF]root.Data
[NBF]root.Data-preview.png
YLdE
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Info | PDB Path: ? |
| Module Name | LCxO.exe |
| Full Name | LCxO.exe |
| EntryPoint | System.Void WindowsFormsDemo.Program::Main() |
| Scope Name | LCxO.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | LCxO |
| Assembly Version | 16.9.2.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.7.2 |
| Total Strings | 287 |
| Main Method | System.Void WindowsFormsDemo.Program::Main() |
| Main IL Instruction Count | 10 |
| Main IL | nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void WindowsFormsDemo.MenüForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null> |
df6022315109645d7d59c19a22a3de60 (988.16 KB)
File Structure
df6022315109645d7d59c19a22a3de60
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0-preview.png
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
.Net Resources
WindowsFormsDemo.About.resources
WindowsFormsDemo.Calculator.resources
$this.Icon
[NBF]root.IconData
WELL
[NBF]root.Data
WindowsFormsDemo.MenüForm.resources
WindowsFormsDemo.Properties.Resources.resources
1
[NBF]root.Data
[NBF]root.Data-preview.png
2
[NBF]root.Data
[NBF]root.Data-preview.png
3
[NBF]root.Data
[NBF]root.Data-preview.png
4
[NBF]root.Data
[NBF]root.Data-preview.png
5
[NBF]root.Data
[NBF]root.Data-preview.png
6
[NBF]root.Data
[NBF]root.Data-preview.png
7
[NBF]root.Data
[NBF]root.Data-preview.png
YLdE
[NBF]root.Data
[NBF]root.Data-preview.png
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.