Suspicious
Suspect

f455803cf736015a73d4f03f165963df

PE Executable
MD5: f455803cf736015a73d4f03f165963df
Size: 1.08 MB
application/x-dosexec
Summary by MalvaGPT
Characteristics

Symbol Obfuscation Score

Medium

Hash
Hash Value
MD5
f455803cf736015a73d4f03f165963df
Sha1
65495e2dc520a54bd2970ef7fb4323e40860ad73
Sha256
c60cbde6033fe5a3bd5f127248959e1742e48aeae539ece6e137dd5179df34e7
Sha384
e911a336afb8421ece9e2dab45c5b3a05aa53fadcadf02c66883e3a2804f233a004d381eac6591fa45e08fadad324f0f
Sha512
523401375b3466b5d32b6221f50c9d014d4037b713e1ad4ad1c91543c830dec78898946705efe40d036b5e9ec9d9c307c39cfe1dbc55c4fc091e43ac130c7091
SSDeep
24576:AslbyI7p+lMceqn8HSSzywJ3RGbn8sa6Uw:ACslMcTn8HqwGbnxa69
TLSH
3B351224236EDB06C4BA4BF41970D3305BB86EC6B922D20B6FD97DDFB86A7905510783

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
LantaarnFees.Properties.Resources.resources
BiGI
[NBF]root.Data
[NBF]root.Data-preview.png
Feep
[NBF]root.Data
Informations
Name
Value
Info

PE Detect: PeReader OK (file layout)

Module Name

bTol.exe

Full Name

bTol.exe

EntryPoint

System.Void LantaarnFees.Program::Main()

Scope Name

bTol.exe

Scope Type

ModuleDef

Kind

Windows

Runtime Version

v4.0.30319

Tables Header Version

512

WinMD Version

<null>

Assembly Name

bTol

Assembly Version

0.0.0.0

Assembly Culture

<null>

Has PublicKey

False

PublicKey Token

<null>

Target Framework

.NETFramework,Version=v4.5

Total Strings

391

Main Method

System.Void LantaarnFees.Program::Main()

Main IL Instruction Count

10

Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void LantaarnFees.HoofForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>

Module Name

bTol.exe

Full Name

bTol.exe

EntryPoint

System.Void LantaarnFees.Program::Main()

Scope Name

bTol.exe

Scope Type

ModuleDef

Kind

Windows

Runtime Version

v4.0.30319

Tables Header Version

512

WinMD Version

<null>

Assembly Name

bTol

Assembly Version

0.0.0.0

Assembly Culture

<null>

Has PublicKey

False

PublicKey Token

<null>

Target Framework

.NETFramework,Version=v4.5

Total Strings

391

Main Method

System.Void LantaarnFees.Program::Main()

Main IL Instruction Count

10

Main IL

nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void LantaarnFees.HoofForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null>

f455803cf736015a73d4f03f165963df (1.08 MB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙