Suspect
eb666beaeb949061fb46885bb172bb13
PE Executable | MD5: eb666beaeb949061fb46885bb172bb13 | Size: 769.54 KB | application/x-dosexec
PE Executable
MD5: eb666beaeb949061fb46885bb172bb13
Size: 769.54 KB
application/x-dosexec
Summary by MalvaGPT
Characteristics
Symbol Ofbuscation Score
Low
|
Hash | Hash Value |
|---|---|
| MD5 | eb666beaeb949061fb46885bb172bb13
|
| Sha1 | b9337f125970d79b4819bf219c48bdaad943ceb6
|
| Sha256 | a5dd168a825506e616ba3601e4511e6348f52b7b3168dbc8d3d199fe7a3b84f1
|
| Sha384 | 6cd2fc582c483b7ddb1da8017fa1eb4556bf78a6ff32e41ada2794d1a413b523a9fc42fb67f25ddcccf1fb27a3402caa
|
| Sha512 | 508bac4720fed377417b39c65a73c76ba13a8d523b44c10beed9531dab5258b9cb7d4d6601ca3760c3136cf79345460a7f061eec1bbebb4853933666f0e99de2
|
| SSDeep | 12288:ChJriISA9hWWHCzWS3QE6Yys8l5TnXEepccS5Ki3bHUt1KQ2VTrsXjjwoq9kR:7ISA9kWHWV3QZLLTXNpc/ZZrsXjko5
|
| TLSH | C7F412905387DE03D88A47B80C92E376777A9E4D7532C3475EE87CEB7A7A74139012A2
|
File Structure
eb666beaeb949061fb46885bb172bb13
[Authenticode]_a32ace3a.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
WordleForms.GameOver.resources
WordleForms.WordleForm.resources
$this.Icon
[NBF]root.IconData
True
[NBF]root.Data
statusStrip1.TrayLocation
toolStrip1.TrayLocation
WordleForms.Properties.Resources.resources
flkb
[NBF]root.Data
[NBF]root.Data-preview.png
help_FILL0_wght300_GRAD0_opsz48
[NBF]root.Data
[NBF]root.Data-preview.png
restart
restart_alt_FILL0_wght400_GRAD0_opsz48
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Info | Authenticode present at 0xB8800 size 13832 bytes |
| Info | PDB Path: ? |
| Module Name | yXwa.exe |
| Full Name | yXwa.exe |
| EntryPoint | System.Void WordleForms.Program::Main() |
| Scope Name | yXwa.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | yXwa |
| Assembly Version | 9.7.9.8 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.5 |
| Total Strings | 152 |
| Main Method | System.Void WordleForms.Program::Main() |
| Main IL Instruction Count | 10 |
| Main IL | nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void WordleForms.WordleForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null> |
eb666beaeb949061fb46885bb172bb13 (769.54 KB)
File Structure
eb666beaeb949061fb46885bb172bb13
[Authenticode]_a32ace3a.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
WordleForms.GameOver.resources
WordleForms.WordleForm.resources
$this.Icon
[NBF]root.IconData
True
[NBF]root.Data
statusStrip1.TrayLocation
toolStrip1.TrayLocation
WordleForms.Properties.Resources.resources
flkb
[NBF]root.Data
[NBF]root.Data-preview.png
help_FILL0_wght300_GRAD0_opsz48
[NBF]root.Data
[NBF]root.Data-preview.png
restart
restart_alt_FILL0_wght400_GRAD0_opsz48
[NBF]root.Data
[NBF]root.Data-preview.png
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.