General
Structural Analysis
Config.0
Yara Rules14
Sync
Community
Summary by MalvaGPT
Characteristics
Symbol Ofbuscation Score
Low
|
Hash | Hash Value |
|---|---|
| MD5 | f86c132cf618581a5279482d67e5deda
|
| Sha1 | 22c63028816ced0104f2fd45017dd35146ec1b9b
|
| Sha256 | dd33f8080b6dc03098609e93e5fb3cf8345c60d9cc980f336bc495f234712d35
|
| Sha384 | 83151cabfbb08d937ec65169d7b874014c8d4b8397348abb185622f21d10b541297f6044d1da5a78edf6c63477aa6613
|
| Sha512 | 9b59475101b9b29d74117bf6c3934e366f641dd2dda3f4d0d984147c6be8af0451e0bb2d872c7900c218fa416e24a8d0606f4bf1b7c6b73308f188e9050beb74
|
| SSDeep | 12288:hMpppppppppjHpppppppppp3j3S2SGF9RJQBUCnZN/QrjR3CpipWb/UUG/DhCk/6:CpppppppppjHpppppppppp3j3iGF9RJk
|
| TLSH | 83B401243486ED13FC995AB405B1D37153795ECCF412E74B8AEDBCE37ABB2826518283
|
File Structure
f86c132cf618581a5279482d67e5deda
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
usercontrolwithdatabinding.Form1.resources
$this.Icon
[NBF]root.IconData
bsCustomer.TrayLocation
engh
[NBF]root.Data
errorProvider1.TrayLocation
usercontrolwithdatabinding.Properties.Resources.resources
PcRz
[NBF]root.Data
[NBF]root.Data-preview.png
usercontrolwithdatabinding.UserControls.AddressControl.resources
Informations
|
Name0 | Value |
|---|---|
| Module Name | FQJi.exe |
| Full Name | FQJi.exe |
| EntryPoint | System.Void usercontrolwithdatabinding.Program::Main() |
| Scope Name | FQJi.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | FQJi |
| Assembly Version | 1.2.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.5 |
| Total Strings | 106 |
| Main Method | System.Void usercontrolwithdatabinding.Program::Main() |
| Main IL Instruction Count | 6 |
| Main IL | call System.Void System.Windows.Forms.Application::EnableVisualStyles() ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) newobj System.Void usercontrolwithdatabinding.Form1::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) ret <null> |
Artefacts
|
Name0 | Value |
|---|---|
| PDB Path | FQJi.pdb |
f86c132cf618581a5279482d67e5deda (535.04 KB)
File Structure
f86c132cf618581a5279482d67e5deda
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:0
RT_GROUP_CURSOR4
ID:7F00
ID:0
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
usercontrolwithdatabinding.Form1.resources
$this.Icon
[NBF]root.IconData
bsCustomer.TrayLocation
engh
[NBF]root.Data
errorProvider1.TrayLocation
usercontrolwithdatabinding.Properties.Resources.resources
PcRz
[NBF]root.Data
[NBF]root.Data-preview.png
usercontrolwithdatabinding.UserControls.AddressControl.resources
Characteristics
No malware configuration were found at this point.
Artefacts
|
Name0 | Value | Location |
|---|---|---|
| PDB Path | FQJi.pdb |
f86c132cf618581a5279482d67e5deda |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.