Suspicious
Suspect

ef5a7839ac433aded37d006cc435702a

PE Executable
|
MD5: ef5a7839ac433aded37d006cc435702a
|
Size: 805.89 KB
|
application/x-dosexec

Print
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Medium

Hash
 Hash Value
MD5
ef5a7839ac433aded37d006cc435702a
Sha1
77d48b82ea04dde7d82ad7443e793fac69e6a3a2
Sha256
3df755dbfde8549675f88c39372d229225b1056e2957d4fe3f220e8df52593fa
Sha384
a6fa137a46bd6880c81bf3035d4b5efda0ffdbd09d3b6dcac132ef8b8e79bae81a2f587e6bc43c2f4c73712f45b187b3
Sha512
3c7c7561da2bf9548abc734ce3ca8c5290392eb82bf96c261340eeebe24aa7843f377fc37adf1cc99b3262315a9bab18221f73b2c270c604f1aa0f12597c11f5
SSDeep
12288:fOhqhqhTCcF8YJE9TchjrohuH3EzZ0vlJQOQMnepO02b9b+Nh:fOhqhqhV8YJrrDH35zQ9kQcSNh
TLSH
8F0501593369ED03C4A60FF85970D7B503B88E6DE411D2AA4FFBDCEB789AB412904583

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
ef5a7839ac433aded37d006cc435702a
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
ID:0.exif
ID:0-preview.png
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
DesktopProject.AddEmployee.resources
DesktopProject.DeleteEmployee.resources
$this.Icon
[NBF]root.IconData
DesktopProject.Properties.Resources.resources
Teacher
[NBF]root.Data
cwOX
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Info

PDB Path: C:\Users\Administrator\Desktop\Client\Temp\SekXJIiGvh\src\obj\Debug\kVZf.pdb
Module Name

kVZf.exe
Full Name

kVZf.exe
EntryPoint

System.Void DesktopProject.Program::Main()
Scope Name

kVZf.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

kVZf
Assembly Version

0.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

270
Main Method

System.Void DesktopProject.Program::Main()
Main IL Instruction Count

6
Main IL

call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) newobj System.Void DesktopProject.Form1::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null>
Module Name

kVZf.exe
Full Name

kVZf.exe
EntryPoint

System.Void DesktopProject.Program::Main()
Scope Name

kVZf.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

kVZf
Assembly Version

0.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

270
Main Method

System.Void DesktopProject.Program::Main()
Main IL Instruction Count

6
Main IL

call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) newobj System.Void DesktopProject.Form1::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null>
ef5a7839ac433aded37d006cc435702a (805.89 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙