Suspicious
Suspect

e003ca4e65693a8f57006ac4a931749c

PE Executable
|
MD5: e003ca4e65693a8f57006ac4a931749c
|
Size: 568.32 KB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Obfuscation Score

Very high

Hash
 Hash Value
MD5
e003ca4e65693a8f57006ac4a931749c
Sha1
815bcfb51f9bfdd825f6d0667491f4ac7ebddc53
Sha256
a138f415cd6837538460e01377c8aac345abf74509966886ba994b964105a837
Sha384
cc3ca15910426d768e4c92a61f9f95260e4bf219dabd3e5da020c68ec9d751b82a3930798eb1dda5d081e866f6256584
Sha512
7e4542b4bf2c275fda054c0d94b69a8a6fdf7a864a2ef9035759ebcad8254a1564c81aaadc8e4f074893a2f2928e078e8671c36506f3af90c07098d1269e3ff4
SSDeep
12288:uASOpdzctT3IrmN0Nw1HBY7sOft8VHSzulh1:uAD4Z3saJ1a7bfXy7
TLSH
66C4D0121E826F15D63E5B7CC02214E463F0DA476393E36EBFEC02F58A67B89CE46456

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
e003ca4e65693a8f57006ac4a931749c
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
Ⴗ.Zw4t5KgbmcB.resources
2bkCiKs6Z5xp.g.resources
a395d5aea37b55.Resources.resources
727a9da90
[NBF]root.Data
727a9da91
[NBF]root.Data
727a9da92
[NBF]root.Data
727a9da93
[NBF]root.Data
727a9da94
[NBF]root.Data
727a9da95
[NBF]root.Data
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

2bkCiKs6Z5xp
Full Name

2bkCiKs6Z5xp
EntryPoint

System.Void cx5XdAf.Mce4j2::Ymg4z8()
Scope Name

2bkCiKs6Z5xp
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

2bkCiKs6Z5xp
Assembly Version

3.14.19.232
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

0
Main Method

System.Void cx5XdAf.Mce4j2::Ymg4z8()
Main IL Instruction Count

7
Main IL

nop <null> newobj System.Void We7axt.Zw4t5KgbmcB::.ctor() stloc.0 <null> ret <null> ldtoken System.Void cx5XdAf.Mce4j2::Ymg4z8() pop <null> ret <null>
Module Name

2bkCiKs6Z5xp
Full Name

2bkCiKs6Z5xp
EntryPoint

System.Void cx5XdAf.Mce4j2::Ymg4z8()
Scope Name

2bkCiKs6Z5xp
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

2bkCiKs6Z5xp
Assembly Version

3.14.19.232
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.6
Total Strings

0
Main Method

System.Void cx5XdAf.Mce4j2::Ymg4z8()
Main IL Instruction Count

7
Main IL

nop <null> newobj System.Void We7axt.Zw4t5KgbmcB::.ctor() stloc.0 <null> ret <null> ldtoken System.Void cx5XdAf.Mce4j2::Ymg4z8() pop <null> ret <null>
e003ca4e65693a8f57006ac4a931749c (568.32 KB)
File Structure
e003ca4e65693a8f57006ac4a931749c
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
.Net Resources
Ⴗ.Zw4t5KgbmcB.resources
2bkCiKs6Z5xp.g.resources
a395d5aea37b55.Resources.resources
727a9da90
[NBF]root.Data
727a9da91
[NBF]root.Data
727a9da92
[NBF]root.Data
727a9da93
[NBF]root.Data
727a9da94
[NBF]root.Data
727a9da95
[NBF]root.Data
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙