Suspicious
Suspect

e42930f0ac7c5e2a07a6e31880ca5d55

PE Executable
|
MD5: e42930f0ac7c5e2a07a6e31880ca5d55
|
Size: 695.81 KB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Medium

Hash
 Hash Value
MD5
e42930f0ac7c5e2a07a6e31880ca5d55
Sha1
0e51a9ddedcca8c872daff7495326a78991ee034
Sha256
c38bf4313b8f4cd5a20790b4e52f431e125551d049dfdddf1a36bb67733041ab
Sha384
c8ac40e299d6a21e0ced4064f7d9b7cc00dfc7e328e70c80de7155f10f4fff3d71c0687b03084616f744281c3fcb37ad
Sha512
821aee6ce583b4f091f94219b60ef2d9f4884587891a5e2628a4b393dcfa6892db62aa5851034eb57f329b27b4715615ea58376fc8d364ce28f12547be5fab0d
SSDeep
12288:myRrhNLQT8qPZUmJK4ho3CFsCQI0s1vTE/FqxSgJI3PW27878ez8Bc6:jNtI3PmgZi279ZxSb3O4c8Cx6
TLSH
7CE40245274EDA06D0A25FF36872E1B81B79AECABC71D2438FD63EDFB479A404865301

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
e42930f0ac7c5e2a07a6e31880ca5d55
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
SystemDashboard.MainForm.resources
SystemDashboard.Properties.Resources.resources
AdlND
[NBF]root.Data
[NBF]root.Data-preview.png
LayerT
[NBF]root.Data
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Info

PDB Path: Qrgmm.pdb
Module Name

Qrgmm.exe
Full Name

Qrgmm.exe
EntryPoint

System.Void SystemDashboard.Program::Main()
Scope Name

Qrgmm.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Qrgmm
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

184
Main Method

System.Void SystemDashboard.Program::Main()
Main IL Instruction Count

10
Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void SystemDashboard.MainForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
Module Name

Qrgmm.exe
Full Name

Qrgmm.exe
EntryPoint

System.Void SystemDashboard.Program::Main()
Scope Name

Qrgmm.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

Qrgmm
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

184
Main Method

System.Void SystemDashboard.Program::Main()
Main IL Instruction Count

10
Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void SystemDashboard.MainForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
e42930f0ac7c5e2a07a6e31880ca5d55 (695.81 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙