Manalyze report for 04306c7615674706ab78a0a6ff3f6799

This file seems to be a .NET executable.
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
Compilation Date	1970-Jan-01 00:00:00
Comments
CompanyName
FileDescription
FileVersion	`0.0.0.0`
InternalName	vneship4444
LegalCopyright
LegalTrademarks
OriginalFilename	vneship4444.exe
ProductName
ProductVersion

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C# v7.0 / Basic .NET` `.NET executable -> Microsoft`
Suspicious	No VirusTotal score.	`This file has never been scanned on VirusTotal.`

Hashes

MD5	`04306c7615674706ab78a0a6ff3f6799`
SHA1	`01cbf9bc8ff8f3139e5705a4b5c524b44518a45d`
SHA256	`0fc102e18fec9e72f7e8dd6a3a33aca8e6383bf6f7d94a5683d078ccd122344e`
SHA3	`f9f44a5781fe7bb2f80e5b6ef9f29ffab0f09a6e23bfc29037a4959ff413d9f4`
SSDeep	`384:xwAXXwpskBwiRzj8clsxWPCcmL6nWqlkXhJCYHvQj:xXXXKHBxRzj8cl1PCcfWxXhJCYHYj`
Imports Hash	`f34d5f2d4577ed6d9ceec516c1f5a744`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`3`
TimeDateStamp	1970-Jan-01 00:00:00
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`8.0`
SizeOfCode	`0x3a00`
SizeOfInitializedData	`0x600`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0000598E (Section: .text)`
BaseOfCode	`0x2000`
BaseOfData	`0x6000`
ImageBase	`0x400000`
SectionAlignment	`0x2000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0xa000`
SizeOfHeaders	`0x200`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`d6286b3be66963ef6458c3d6ed74da5a`
SHA1	`395d8897834f83feb10e5afb9c018031244fc8c7`
SHA256	`917018b5df7cf54e0f00b043db4857282267fa1f8dcf1296abd89b947dbe931e`
SHA3	`3df4caf8ca0cc2f35d3f47a19ac31be1faaf2b852d04ca6d125d054b515120df`
VirtualSize	`0x3994`
VirtualAddress	`0x2000`
SizeOfRawData	`0x3a00`
PointerToRawData	`0x200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`3.0879`

.rsrc

MD5	`d616f049e13f1a72108b7e9ab4dbe6c5`
SHA1	`1197bebe39ce7065ddaf296b78a5334327a0f242`
SHA256	`887c23233f9677b608f4d4f0e8fbb506e3f7ffb27589e362cb31073192e32ce6`
SHA3	`ebc192f23e2fa203d963182d9abbfcce9a0b5246ec265fced620b14d55484684`
VirtualSize	`0x2f0`
VirtualAddress	`0x6000`
SizeOfRawData	`0x400`
PointerToRawData	`0x3c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`2.41226`

.reloc

MD5	`17cc0e37168729ef3852fd5f0391b73c`
SHA1	`705f7fdfca508c53acec8dadf6a2ee2349c45543`
SHA256	`202aa5e644f8d3c46b46466b97a3d2f9c829f6952c0312055653acec22db7cb1`
SHA3	`173775a7fac5fda4b01ba91614c0fed3ce53d377d4dcff424a8eb2d2ef12cd05`
VirtualSize	`0xc`
VirtualAddress	`0x8000`
SizeOfRawData	`0x200`
PointerToRawData	`0x4000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.0815394`

Imports

mscoree.dll	`_CorExeMain`

Delayed Imports

1

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x298`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.22583`
MD5	`9c0445067ce47836d7905620515d375e`
SHA1	`5b0e9a1faec6d26cce636145bc2ed77002e182ab`
SHA256	`50fbadf2c852486c1e71526cd8b347e719dec08eeb9ec10130e8d8f31f16232f`
SHA3	`2174a54f303f4a00d07977e95321256d411ad6b1d43c4c449c1abd7c47f37165`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	0.0.0.0
ProductVersion	0.0.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_DLL`
Language	UNKNOWN
Comments
CompanyName
FileDescription
FileVersion (#2)	0.0.0.0
InternalName	vneship4444
LegalCopyright
LegalTrademarks
OriginalFilename	vneship4444.exe
ProductName
ProductVersion (#2)

Resource LangID	UNKNOWN

TLS Callbacks

Load Configuration

RICH Header

04306c7615674706ab78a0a6ff3f6799

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rsrc

.reloc

Imports

Delayed Imports

1

Version Info

TLS Callbacks

Load Configuration

RICH Header

Errors