Manalyze report for 0635b940665fd4ba9bd6eb62406f71ee

This file seems to be a .NET executable.
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2017-Sep-23 09:40:48
Debug artifacts	C:\Users\RubiciksTV\documents\visual studio 2013\Projects\bitcoin gen tool 1\bitcoin gen tool 1\obj\Debug\bitcoin gen tool 1.pdb
FileDescription	bitcoin gen tool 1
FileVersion	`1.0.0.0`
InternalName	bitcoin gen tool 1.exe
LegalCopyright	Copyright © 2017
OriginalFilename	bitcoin gen tool 1.exe
ProductName	bitcoin gen tool 1
ProductVersion	`1.0.0.0`
Assembly Version	1.0.0.0

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C# v7.0 / Basic .NET` `Microsoft Visual C++ 8.0` `.NET executable -> Microsoft`
Suspicious		`Unusual section name found: .sdata`
Suspicious	VirusTotal score: 2/68 (Scanned on 2018-09-08 00:38:13)	`SentinelOne: static engine - malicious` `CrowdStrike: malicious_confidence_60% (D)`

Hashes

MD5	`0635b940665fd4ba9bd6eb62406f71ee`
SHA1	`6c164b87aa5de7cb9abdef734c2e5b6c613fb9d3`
SHA256	`4bae03b7285ac34b982422d54ecb8939c8b44243e676ea3e27d5f934b3093a1e`
SHA3	`bb702f9c0b1fb54da15e653c1f8aa348aaea05a96d1eaa4a150d48ad5806c0b2`
SSDeep	`49152:gwdU3Aidp4Z33x3UMBzD2zH21v0C/bilKPm7au+:gwdU33pg2McIvP/bnPS`
Imports Hash	`f34d5f2d4577ed6d9ceec516c1f5a744`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`4`
TimeDateStamp	2017-Sep-23 09:40:48
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`11.0`
SizeOfCode	`0x1e8800`
SizeOfInitializedData	`0x4600`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x001EA73E (Section: .text)`
BaseOfCode	`0x2000`
BaseOfData	`0x1ec000`
ImageBase	`0x400000`
SectionAlignment	`0x2000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x1f6000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`392bba4c52d394c06864102532084c39`
SHA1	`39906fd9565ba124f18e139ec1786252306eb579`
SHA256	`252b8ec796897c1104fa222011c1b3c815fca1349f9ec63caa3d88c6134b2631`
SHA3	`1317ef232fb9275202741f2324b5817e6c36860e661c84df3a2c006fc88991a1`
VirtualSize	`0x1e8744`
VirtualAddress	`0x2000`
SizeOfRawData	`0x1e8800`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`7.96764`

.sdata

MD5	`a950366583b10318506ac12aa4e9d55c`
SHA1	`fb7af42655340dcb8ac4f406437ba583dd94bd43`
SHA256	`8e445fe82f6f38d13c80cad4ba422da4581bad7d3ade8548b822565d33e5f704`
SHA3	`f0ff5304b0ae7fbe16039f63c562858e3aa98a0e6b444bbd928b9c0f10201edc`
VirtualSize	`0x138`
VirtualAddress	`0x1ec000`
SizeOfRawData	`0x200`
PointerToRawData	`0x1e8c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`2.5406`

.rsrc

MD5	`0783ebfc860d9eda2fe7c457e7d51e59`
SHA1	`b3007ebe12bbaa951183c107555157a6db50c664`
SHA256	`9e02cd7c54d4934ad2e8679db1dda029de07c21d051d2ea7672f2950104f2019`
SHA3	`7875661955792684b545cc7340785223d4ca0b6bdc4530944f09f4440b69bdd7`
VirtualSize	`0x4168`
VirtualAddress	`0x1ee000`
SizeOfRawData	`0x4200`
PointerToRawData	`0x1e8e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.35013`

.reloc

MD5	`07271df42785c51d39916a72e431def5`
SHA1	`ac30edeb3cfa39a7932fc74a93ade97e9b80a75f`
SHA256	`1dacc95e78c80a932384a5bcae9c7b0ee9df7d57497855080b0e564de6a0397e`
SHA3	`a723893139956931ddad2f3221a01f5cf43b54e18576d5d15f7345ffe0338dda`
VirtualSize	`0xc`
VirtualAddress	`0x1f4000`
SizeOfRawData	`0x200`
PointerToRawData	`0x1ed000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.10191`

Imports

mscoree.dll	`_CorExeMain`

Delayed Imports

2

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.27087`
MD5	`22041a5fdd1e48b9ff1434058020f34e`
SHA1	`431f73314cba4fe9099d85a27d276b545a581120`
SHA256	`5e2dd15f6e9243ea877c306b72d453a01388a6a65036b3312e0cf012a40a3330`
SHA3	`eedc7ebdaf971be47844779894dbcc3d7c212fb420286789849802e8c78478ad`

3

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.39558`
MD5	`4beb123ae6d078932edab67fc6a46f61`
SHA1	`8d28c135bae8a33c974bc39550e249365e352de9`
SHA256	`834c4a58ffaa38072c5c6f07f6a63fc265811bc7f264ea9b041d46f5ab41df18`
SHA3	`6b4fa4332f3d3fa4eb1974afe22b29f2a5bd408e52bf4655d0aecb4d0d90af2c`

4

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.78754`
MD5	`0ece3406c5488c653ccc2bad47eeb6ed`
SHA1	`615b95802bb611eff1a36e8263eb726e298dcbb7`
SHA256	`94b2935dfb0a79e5c5a4fb5a8f12717ef703c9d2c5a127b9ed850d7448174207`
SHA3	`8fe70d51545a92cc2ce8418ff3bf7d4b858e1ddbc7ea230a5268454fcd27363a`

32512

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x30`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.49203`
Detected Filetype	Icon file
MD5	`07c0f77a1c885d62e8422263fa1db0d5`
SHA1	`cf41fd2184e3ed55d5be792f537e61f96b4d2ef6`
SHA256	`8e839fb7cba6c11370b0bec18e654af7dd77155552c3a309e09c4a41e572ac8e`
SHA3	`13cf42b33da00938f87e0986407b465fda46fcca73d1bbb49962eb9048552d56`

1

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x300`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.24192`
MD5	`94102be52d5ab39485bc4fe3e4842f86`
SHA1	`56cfec7e650d00c72cf24d73622f37d0a90852ba`
SHA256	`f5e62d87cc782d06adf9bdf2bf71028db4e2e431c3cf190506c736df38e4e01e`
SHA3	`292ab0d871c231b2c64833042283db8db9f0cfc80514a3acde02a2265a0f6dfd`

1 (#2)

Type	`RT_MANIFEST`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1ea`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.00112`
MD5	`a19a2658ba69030c6ac9d11fd7d7e3c1`
SHA1	`879dcf690e5bf1941b27cf13c8bcf72f8356c650`
SHA256	`c0085eb467d2fc9c9f395047e057183b3cd1503a4087d0db565161c13527a76f`
SHA3	`93cbaf236d2d3870c1052716416ddf1c34f21532e56dd70144e9a01efcd0ce34`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.0.0.0
ProductVersion	1.0.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
FileDescription	bitcoin gen tool 1
FileVersion (#2)	1.0.0.0
InternalName	bitcoin gen tool 1.exe
LegalCopyright	Copyright © 2017
OriginalFilename	bitcoin gen tool 1.exe
ProductName	bitcoin gen tool 1
ProductVersion (#2)	1.0.0.0
Assembly Version	1.0.0.0

Resource LangID	UNKNOWN

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2017-Sep-23 09:40:48
Version	`0.0`
SizeofData	`284`
AddressOfRawData	`0x1ec01c`
PointerToRawData	`0x1e8c1c`
Referenced File	C:\Users\RubiciksTV\documents\visual studio 2013\Projects\bitcoin gen tool 1\bitcoin gen tool 1\obj\Debug\bitcoin gen tool 1.pdb

TLS Callbacks

Load Configuration

RICH Header

0635b940665fd4ba9bd6eb62406f71ee

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.sdata

.rsrc

.reloc

Imports

Delayed Imports

2

3

4

32512

1

1 (#2)

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

TLS Callbacks

Load Configuration

RICH Header

Errors