df01b439cfc5fc1c31c18371c2cee83e

Summary

Architecture IMAGE_FILE_MACHINE_I386
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date 2019-Feb-11 14:57:55
Debug artifacts C:\Users\Giovanni\Desktop\Jass Work\Software\Soft1\obj\Debug\PlaystationChecker.pdb
Comments
CompanyName
FileDescription PlaystationChecker
FileVersion 1.0.0.0
InternalName PlaystationChecker.exe
LegalCopyright Copyright © 2018
LegalTrademarks
OriginalFilename PlaystationChecker.exe
ProductName PlaystationChecker
ProductVersion 1.0.0.0
Assembly Version 1.0.0.0

Plugin Output

Info Matching compiler(s): Microsoft Visual C# v7.0 / Basic .NET
.NET executable -> Microsoft
Suspicious Strings found in the binary may indicate undesirable behavior: Accesses the WMI:
  • root\CIMV2
Contains domain names:
  • ac.playstation.net
  • auth.np.ac.playstation.net
  • https://auth.np.ac.playstation.net
  • https://auth.np.ac.playstation.net/np/auth
  • np.ac.playstation.net
  • playstation.net
Malicious VirusTotal score: 33/72 (Scanned on 2020-05-23 08:42:53) MicroWorld-eScan: Trojan.GenericKD.41447042
CAT-QuickHeal: Trojan.Zpevdo
ALYac: Trojan.GenericKD.41447042
Cylance: Unsafe
Zillya: Tool.BruteForce.Win32.1955
Sangfor: Malware
Arcabit: Trojan.Generic.D2786E82
TrendMicro: TROJ_GEN.R002C0PBJ20
Symantec: ML.Attribute.HighConfidence
ESET-NOD32: a variant of MSIL/HackTool.BruteForce.JD
APEX: Malicious
BitDefender: Trojan.GenericKD.41447042
Avast: Win32:Trojan-gen
Rising: Trojan.Zpevdo!8.F912 (CLOUD)
Ad-Aware: Trojan.GenericKD.41447042
Sophos: Generic PUA FP (PUA)
VIPRE: Trojan.Win32.Generic!BT
McAfee-GW-Edition: RDN/Generic PUP.z
FireEye: Trojan.GenericKD.41447042
Emsisoft: Trojan.GenericKD.41447042 (B)
Webroot: W32.Trojan.Genkd
Microsoft: Trojan:Win32/Mamson.A!rfn
AegisLab: Trojan.Win32.Generic.4!c
GData: Trojan.GenericKD.41447042
McAfee: RDN/Generic PUP.z
MAX: malware (ai score=99)
Malwarebytes: HackTool.BruteForce
TrendMicro-HouseCall: TROJ_GEN.R002C0PBJ20
Tencent: Malware.Win32.Gencirc.114d97eb
Fortinet: MSIL/BruteForce.JD!tr
MaxSecure: Trojan.Malware.74186166.susgen
AVG: Win32:Trojan-gen
CrowdStrike: win/malicious_confidence_60% (W)

Hashes

MD5 df01b439cfc5fc1c31c18371c2cee83e
SHA1 5fcb3b5f17e534087fd2de981f6dd406803f78c3
SHA256 6e9fff11dbc9bf8c6615b2ec7285866e99d4f05830070713115416d937b5b5ea
SHA3 ebd994533f38862b197870adf4ff3448a2258cbb363f1d9824ad5fce4da79437
SSDeep 1536:kFKlikzr/80zckNusrBFID48NMXyoEJvYwZxf/wamnm:kFxkzr/80ziSlOJvYw34amnm
Imports Hash f34d5f2d4577ed6d9ceec516c1f5a744

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0x80

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_I386
NumberofSections 3
TimeDateStamp 2019-Feb-11 14:57:55
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xe0
Characteristics IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Image Optional Header

Magic PE32
LinkerVersion 48.0
SizeOfCode 0x30200
SizeOfInitializedData 0x800
SizeOfUninitializedData 0
AddressOfEntryPoint 0x000321A6 (Section: .text)
BaseOfCode 0x2000
BaseOfData 0x34000
ImageBase 0x400000
SectionAlignment 0x2000
FileAlignment 0x200
OperatingSystemVersion 4.0
ImageVersion 0.0
SubsystemVersion 6.0
Win32VersionValue 0
SizeOfImage 0x38000
SizeOfHeaders 0x200
Checksum 0
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
DllCharacteristics IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 175a9983ffe6f72d1f789220bd560a7d
SHA1 725ab54ac3d72397206afad7b7f96d0b0b3b2ffd
SHA256 374a1f8271e74879fadd3e8bf82a3f1b7508a1255ea97fcaf59ac0c08b11239c
SHA3 8cec7e1be2491005e39864eb52934afcf1c31ba28496dce2dda59aae238a9d39
VirtualSize 0x301ac
VirtualAddress 0x2000
SizeOfRawData 0x30200
PointerToRawData 0x200
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 5.27818

.rsrc

MD5 20cba4ada8c4867cd245e2cf51a04759
SHA1 f7c18baf5271c2f4955755d70802c25e6d2a35e2
SHA256 8351e0f45971181547299d104402fbcefcf0c84346542204692b33ab24be0c32
SHA3 64330a14177ed99d64dc0cf5329a71fdf77f81851512c61afa1703960ee55869
VirtualSize 0x5fc
VirtualAddress 0x34000
SizeOfRawData 0x600
PointerToRawData 0x30400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 4.17747

.reloc

MD5 c93cf2b43a375100630685799e53b491
SHA1 9af680c1263fdc24a464da216143c9442eaa64cf
SHA256 97a3ae43a0e6819e27677a44bb9c946d36873aa10a15c44628cb004012c0a43a
SHA3 4dee891fcacf3b40a9a83f7e4a0706eaee74941b4983ef61148d489d72110098
VirtualSize 0xc
VirtualAddress 0x36000
SizeOfRawData 0x200
PointerToRawData 0x30a00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Entropy 0.10191

Imports

mscoree.dll _CorExeMain

Delayed Imports

1

Type RT_VERSION
Language UNKNOWN
Codepage UNKNOWN
Size 0x36c
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.23523
MD5 20cd1e855699aa5b99c7a51d8bef5d02
SHA1 6de9442fd5a2927f8146108e7ad394c6e0cb0815
SHA256 7c1f0af8b8f47ee54f6b9421eb77c9285c95131ecfc8515daaef0ce67efea27c
SHA3 d6fb90730d7a100e31c49b5b668b70089af3e0c8aeee971d65476a64bfd82644

1 (#2)

Type RT_MANIFEST
Language UNKNOWN
Codepage UNKNOWN
Size 0x1ea
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.00112
MD5 b7db84991f23a680df8e95af8946f9c9
SHA1 cac699787884fb993ced8d7dc47b7c522c7bc734
SHA256 539dc26a14b6277e87348594ab7d6e932d16aabb18612d77f29fe421a9f1d46a
SHA3 4f72877413d13a67b52b292a8524e2c43a15253c26aaf6b5d0166a65bc615cff

Version Info

Signature 0xfeef04bd
StructVersion 0x10000
FileVersion 1.0.0.0
ProductVersion 1.0.0.0
FileFlags (EMPTY)
FileOs VOS_DOS_WINDOWS32
VOS_NT_WINDOWS32
VOS__WINDOWS32
FileType VFT_APP
Language UNKNOWN
Comments
CompanyName
FileDescription PlaystationChecker
FileVersion (#2) 1.0.0.0
InternalName PlaystationChecker.exe
LegalCopyright Copyright © 2018
LegalTrademarks
OriginalFilename PlaystationChecker.exe
ProductName PlaystationChecker
ProductVersion (#2) 1.0.0.0
Assembly Version 1.0.0.0
Resource LangID UNKNOWN

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics 0
TimeDateStamp 2019-Feb-11 14:57:55
Version 0.0
SizeofData 284
AddressOfRawData 0x32038
PointerToRawData 0x30238
Referenced File C:\Users\Giovanni\Desktop\Jass Work\Software\Soft1\obj\Debug\PlaystationChecker.pdb

TLS Callbacks

Load Configuration

RICH Header

Errors