General
Structural Analysis
Config.0
Yara Rules13
Sync
Community
Summary by MalvaGPT
Characteristics
Symbol Ofbuscation Score
Very low
|
Hash | Hash Value |
|---|---|
| MD5 | f9bb9fd2e30b26f664b5d6b282fb4c57
|
| Sha1 | 01efbd69c928cb3bf363867df5a95010beb43dbc
|
| Sha256 | 489c3b4e65ec46019d1b57f2485c8862d3904e85994280a41d5271903386f07f
|
| Sha384 | 5b81af690e0881710ec903eae74b330420258ae701a4b9badc2b276f000818f84dee9558306631fbd553a304b6a5f739
|
| Sha512 | 063eddc3237228cadf6607ca95fa8ba3b464fd45a2a8e67c23d3887dd563d778aed4620a38dd24b937ae0e13aebe155c628caebedd2f3ca1620354439135c4e2
|
| SSDeep | 12288:1yvJoSWhIPbPkaB1fPB0D9mbXE/7Pc8kYMgzXa0i0otiL+K9aTWpDKq22T:1qIhIPjtZ0wbELcYDa0iVsroTuDKR2
|
| TLSH | E7E412291B45ED31D8CA27B558B0E3F952319FC9E403D33B86EAADE7F91561234292C2
|
PeID
UPolyX 0.3 -> delikon
File Structure
f9bb9fd2e30b26f664b5d6b282fb4c57
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
POSManager.Properties.Resources.resources
slch
[NBF]root.Data
[NBF]root.Data-preview.png
whey
[NBF]root.Data
Informations
|
Name0 | Value |
|---|---|
| Module Name | DccU.exe |
| Full Name | DccU.exe |
| EntryPoint | System.Void POSManager.Program::Main() |
| Scope Name | DccU.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | DccU |
| Assembly Version | 8.5.7.3 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.0 |
| Total Strings | 92 |
| Main Method | System.Void POSManager.Program::Main() |
| Main IL Instruction Count | 10 |
| Main IL | nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void POSManager.MainForm::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null> |
Artefacts
|
Name0 | Value |
|---|---|
| PDB Path | DccU.pdb |
f9bb9fd2e30b26f664b5d6b282fb4c57 (671.23 KB)
File Structure
f9bb9fd2e30b26f664b5d6b282fb4c57
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
POSManager.Properties.Resources.resources
slch
[NBF]root.Data
[NBF]root.Data-preview.png
whey
[NBF]root.Data
Characteristics
No malware configuration were found at this point.
Artefacts
|
Name0 | Value | Location |
|---|---|---|
| PDB Path | DccU.pdb |
f9bb9fd2e30b26f664b5d6b282fb4c57 |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.