General
Structural Analysis
Config.0
Yara Rules43
Sync
Community
Summary by MalvaGPT
Characteristics
Symbol Ofbuscation Score
Medium
|
Hash | Hash Value |
|---|---|
| MD5 | f475dc74ff2dfe6c48e323bc2d3dab37
|
| Sha1 | c653f36918bf9ca405840c60cec672e38045afba
|
| Sha256 | 8f85357f6ffa9ed4190aecc8d75270df936ec412f578bf265e1c655975b63578
|
| Sha384 | 74b9ea40bae44c13f7b52c4d6081b6777b78c39103b9b1f0bbe6fccd5faea975be75bab29c1deb3ab63e433d9e4b4ef1
|
| Sha512 | e8ab3e5092f3176045b0ce750943864efd464f5b337dee4225ef2bc9ce3792e50711e1b4843bd38f3e712fc8def3f55d041f6f540c4a9aade2b1e4c47f8549fe
|
| SSDeep | 49152:AlP45AXXJci2singp8JvS3L3gsa4dAamy:gwuQsWtvS3sOdAam
|
| TLSH | 479512D03E69B70AEEA14230E47DDDB442E93CA870157BEA1AE93B5B74DD3109D48F21
|
PeID
Microsoft Visual C++ DLL
Microsoft Visual C++ v6.0
File Structure
f475dc74ff2dfe6c48e323bc2d3dab37
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rsrc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
AlchemieSpiel.Properties.Resources.resources
Alcatrazzz
[NBF]root.Data
[NBF]root.Data-preview.png
V6
[NBF]root.Data
waEc
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Info | PDB Path: UlZb.pdb |
| Module Name | UlZb.exe |
| Full Name | UlZb.exe |
| EntryPoint | System.Void AlchemieSpiel.Program::Main() |
| Scope Name | UlZb.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | UlZb |
| Assembly Version | 1.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.0 |
| Total Strings | 295 |
| Main Method | System.Void AlchemieSpiel.Program::Main() |
| Main IL Instruction Count | 10 |
| Main IL | nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void AlchemieSpiel.HauptForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null> |
f475dc74ff2dfe6c48e323bc2d3dab37 (1.97 MB)
File Structure
f475dc74ff2dfe6c48e323bc2d3dab37
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rsrc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
AlchemieSpiel.Properties.Resources.resources
Alcatrazzz
[NBF]root.Data
[NBF]root.Data-preview.png
V6
[NBF]root.Data
waEc
[NBF]root.Data
[NBF]root.Data-preview.png
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.