Suspicious
Suspect

f0a27f78c6eeaf7ccb8793bcbe5bad58

PE Executable
|
MD5: f0a27f78c6eeaf7ccb8793bcbe5bad58
|
Size: 818.18 KB
|
application/x-dosexec

Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Low

Hash
 Hash Value
MD5
f0a27f78c6eeaf7ccb8793bcbe5bad58
Sha1
88dc74b24c0e6b4322927bbfdbabc48fcf92266e
Sha256
87a78bd27eda1a7c573d260e007d7740032b102d7487b77048f23276f365e64f
Sha384
9695777ff9962575ebd76cb550eba6eba1e947e6f6703503b53e9b175ba8217bf16c5e765dd25d696a6e22dd6a103945
Sha512
ba6041e40f330c16001ccb3113d9673a43cda94b0df71a6c54f7e831d7639329d4d0b49320cac15b8c6b39ffca0917820e447fb02144e50f315b902a534ac938
SSDeep
12288:EGI1DjjhBkevJCuliugw/u2wn1O+/0litNVaS4noxTtMvYOKwOH4VvVOt0s1eW7:cjvkAH/gw/u3n1kiQoxTROKZsdaeW
TLSH
F2051254230BD102C6A667B48D30D3B84668BEDEB854D313AEEFFDEB3D36B465684211

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
f0a27f78c6eeaf7ccb8793bcbe5bad58
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
SmartNotesApp.Properties.Resources.resources
erVQ
[NBF]root.Data
[NBF]root.Data-preview.png
htta
[NBF]root.Data
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Info

PDB Path: nugf.pdb
Module Name

nugf.exe
Full Name

nugf.exe
EntryPoint

System.Void SmartNotesApp.Program::Main()
Scope Name

nugf.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

nugf
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

76
Main Method

System.Void SmartNotesApp.Program::Main()
Main IL Instruction Count

10
Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void SmartNotesApp.MainForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
Module Name

nugf.exe
Full Name

nugf.exe
EntryPoint

System.Void SmartNotesApp.Program::Main()
Scope Name

nugf.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

nugf
Assembly Version

1.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.5
Total Strings

76
Main Method

System.Void SmartNotesApp.Program::Main()
Main IL Instruction Count

10
Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void SmartNotesApp.MainForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>
f0a27f78c6eeaf7ccb8793bcbe5bad58 (818.18 KB)
File Structure
f0a27f78c6eeaf7ccb8793bcbe5bad58
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
SmartNotesApp.Properties.Resources.resources
erVQ
[NBF]root.Data
[NBF]root.Data-preview.png
htta
[NBF]root.Data
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙