Suspicious
Suspect

ecee5cac8dbb4b2ff440836979ea5835

PE Executable
|
MD5: ecee5cac8dbb4b2ff440836979ea5835
|
Size: 901.12 KB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Medium

Hash
Hash Value
MD5
ecee5cac8dbb4b2ff440836979ea5835
Sha1
438318c24937837e403db5399707323288d911b5
Sha256
395de71926a9c15057a2767ac6ea27c2829b3b05c2ecfaf325b070b23a12f393
Sha384
b21c14ddc8acae08edc5304063a4fec9640e3fd792a93358849aa48114ee35cdc567468cbe01383d9d37aaa28b244349
Sha512
78f1d0d07a65228230cab605b4a56e885c52ca5233f7e8c2225fd94e1b62f1f5aeeb94770a0b46d2195d8bf4fee42b5476872ddae87d5c4b2864467fe1eb2930
SSDeep
24576:7LtICqRROmvBMtE+emfLAkdthKyYxc5L:7GCwo21+zdmO
TLSH
43150278B18E48E7E26A49B44579BC616BB170E3B9C9D6B40B296148CFE7F503F0844F

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0-preview.png
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
.Net Resources
 .resources
timer1.TrayLocation
timer2.TrayLocation
 .resources
$this.Icon
[NBF]root.IconData
WonderMarket.Properties.Resources.resources
NA
[NBF]root.Data
[NBF]root.Data-preview.png
cAez
[NBF]root.Data
[NBF]root.Data-preview.png
clouds
[NBF]root.Data
[NBF]root.Data-preview.png
mainforecast
[NBF]root.Data
[NBF]root.Data.exif
[NBF]root.Data-preview.png
off
[NBF]root.Data
[NBF]root.Data-preview.png
on
[NBF]root.Data
[NBF]root.Data-preview.png
          
Informations
Name
Value
Info

PE Detect: PeReader OK (file layout)

Module Name

WIsf.exe

Full Name

WIsf.exe

EntryPoint

System.Void  ::()

Scope Name

WIsf.exe

Scope Type

ModuleDef

Kind

Windows

Runtime Version

v4.0.30319

Tables Header Version

512

WinMD Version

<null>

Assembly Name

WIsf

Assembly Version

23.76.7.7

Assembly Culture

<null>

Has PublicKey

False

PublicKey Token

<null>

Target Framework

.NETFramework,Version=v4.5

Total Strings

0

Main Method

System.Void  ::()

Main IL Instruction Count

10

Main IL

call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) ldc.i4 76809199 call System.String  ::(System.Int32) ldc.i4 76809180 call System.String  ::(System.Int32) newobj System.Void  ::.ctor(System.String,System.String) call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null>

Module Name

WIsf.exe

Full Name

WIsf.exe

EntryPoint

System.Void  ::()

Scope Name

WIsf.exe

Scope Type

ModuleDef

Kind

Windows

Runtime Version

v4.0.30319

Tables Header Version

512

WinMD Version

<null>

Assembly Name

WIsf

Assembly Version

23.76.7.7

Assembly Culture

<null>

Has PublicKey

False

PublicKey Token

<null>

Target Framework

.NETFramework,Version=v4.5

Total Strings

0

Main Method

System.Void  ::()

Main IL Instruction Count

10

Main IL

call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) ldc.i4 76809199 call System.String  ::(System.Int32) ldc.i4 76809180 call System.String  ::(System.Int32) newobj System.Void  ::.ctor(System.String,System.String) call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null>

ecee5cac8dbb4b2ff440836979ea5835 (901.12 KB)
File Structure
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0-preview.png
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
.Net Resources
 .resources
timer1.TrayLocation
timer2.TrayLocation
 .resources
$this.Icon
[NBF]root.IconData
WonderMarket.Properties.Resources.resources
NA
[NBF]root.Data
[NBF]root.Data-preview.png
cAez
[NBF]root.Data
[NBF]root.Data-preview.png
clouds
[NBF]root.Data
[NBF]root.Data-preview.png
mainforecast
[NBF]root.Data
[NBF]root.Data.exif
[NBF]root.Data-preview.png
off
[NBF]root.Data
[NBF]root.Data-preview.png
on
[NBF]root.Data
[NBF]root.Data-preview.png
          
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙