Manalyze report for 08a954c1f7646235c929cb07d4f538fb

This file seems to be a .NET executable.
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2104-May-12 00:22:51
Debug artifacts	C:\Users\lacek\OneDrive\Asztali gép\ModActivator\ModActivator\obj\Release\ModActivator.pdb
Comments
CompanyName
FileDescription	ModActivator
FileVersion	`1.7.3.0`
InternalName	ModActivator.exe
LegalCopyright	Copyright © 2023 CryMax
LegalTrademarks
OriginalFilename	ModActivator.exe
ProductName	ModActivator
ProductVersion	`1.7.3.0`
Assembly Version	1.7.3.0

Plugin Output

Info	Matching compiler(s):	`.NET executable -> Microsoft`
Suspicious	Strings found in the binary may indicate undesirable behavior:	`Miscellaneous malware strings: backdoor` Contains domain names: dotnet.microsoft.com google.com gta5-mods.com http://modactivator.com http://modaktivator.hu http://www.modactivator.com http://www.modactivator.com/ModAktivatorData/Download/CodeWalker/CodeWalker.zip http://www.modactivator.com/ModAktivatorData/Download/CodeWalker/CodeWalkerIndex.jpg http://www.modactivator.com/ModAktivatorData/Download/GameConfigXML/GXMLPackages.zip http://www.modactivator.com/ModAktivatorData/Download/Hun/HUN.zip http://www.modactivator.com/ModAktivatorData/Download/Hun/HUNTest.zip http://www.modactivator.com/ModAktivatorData/Download/Hun/HunIndex.png http://www.modactivator.com/ModAktivatorData/Download/Scripts/Scripts.xml http://www.modactivator.com/ModAktivatorData/Download/Scripts/ScriptsIndex.png http://www.modactivator.com/ModAktivatorData/Download/Vehicles/Cars.xml http://www.modactivator.com/ModAktivatorData/Download/Vehicles/Cars/CarsIndex.png http://www.modactivator.com/ModAktivatorData/Download/Vehicles/Engine.xml http://www.modactivator.com/ModAktivatorData/Download/Vehicles/Other.xml http://www.modactivator.com/ModAktivatorData/Download/Vehicles/Truck.xml http://www.modaktivator.hu http://www.modaktivator.hu/ModAktivatorData/Download/GameConfigXML/GXMLPackages.zip http://www.modaktivator.hu/ModAktivatorData/Download/Hun/HUN.zip http://www.modaktivator.hu/ModAktivatorData/Download/Hun/HUNTest.zip http://www.modaktivator.hu/ModAktivatorData/Download/ModActivatorDLC/modactivatordlc.zip http://www.modaktivator.hu/ModAktivatorData/Update/update.xml https://discord.gg https://dotnet.microsoft.com https://dotnet.microsoft.com/en-us/download/dotnet-framework/thank-you/net48-web-installer https://modactivator.com https://modaktivator.hu https://openiv.com https://www.gta5-mods.com https://www.gta5-mods.com/vehicles/tags/add-on https://www.paypal.com https://www.paypal.com/donate/?hosted_button_id https://www.paypal.com/donate?hosted_button_id https://www.rdr2mods.com https://www.rdr2mods.com/downloads/rdr2/tools/76-lennys-mod-loader-rdr/ https://www.rockstargames.com https://www.rockstargames.com/games/info/V https://www.rockstargames.com/reddeadredemption2/order?edition https://www.youtube.com https://www.youtube.com/channel/UCzX83v2Co_4nuVofgxlIChQ https://www.youtube.com/watch?v inkscape.org microsoft.com modactivator.com openiv.com paypal.com rdr2mods.com rockstargames.com www.gta5-mods.com www.inkscape.org www.modactivator.com www.paypal.com www.rdr2mods.com www.rockstargames.com www.youtube.com youtube.com
Malicious	VirusTotal score: 3/69 (Scanned on 2023-03-13 03:41:13)	`Gridinsoft: Trojan.Win32.Downloader.sa` `VBA32: Downloader.MSIL.gen.rexp` `MaxSecure: Trojan.Malware.300983.susgen`

Hashes

MD5	`08a954c1f7646235c929cb07d4f538fb`
SHA1	`c08ba05b27e6d355739431c0f181ac708a7f1f1f`
SHA256	`69401774bfa1503dc789e663f4345804c6f48da6b458f97daa4321122ed00534`
SHA3	`739fdd1d6137fc284b66f26f0a3726efa3c5912ee7355d41e7e6e4ea11a13da7`
SSDeep	`24576:Ux3JnCOwd/OGdhUGssWh8RHr7LghyEfKghVwKMXfmlrCRhU456gG20/o:UzWHrXgYgZCRh75+/`
Imports Hash	`f34d5f2d4577ed6d9ceec516c1f5a744`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`3`
TimeDateStamp	2104-May-12 00:22:51
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`48.0`
SizeOfCode	`0x48c400`
SizeOfInitializedData	`0x22c00`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0048E32E (Section: .text)`
BaseOfCode	`0x2000`
BaseOfData	`0x490000`
ImageBase	`0x400000`
SectionAlignment	`0x2000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x4b6000`
SizeOfHeaders	`0x200`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`a1b0f49fdf11f5469aff8c73cfd124b6`
SHA1	`01c1c0361fc6db8c098b8a91ff616190ce8959c8`
SHA256	`67ccf6c28f2b2866f119bf1b21d100fa879d88bc626ba7f6c6cbfcee92891657`
SHA3	`ee17096a1028c67657174007368630ee3ceae6b0e506eb61bfe42a5afd01d62f`
VirtualSize	`0x48c34c`
VirtualAddress	`0x2000`
SizeOfRawData	`0x48c400`
PointerToRawData	`0x200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.0089`

.rsrc

MD5	`4a90a4c128696559986f44d15e2f2d09`
SHA1	`030dbc060779a6b7a1957a30697b8f17a90343bf`
SHA256	`91d71ba5c0c70c2e70ed8953e35aac23eafd26b2d6c08f5ee7d9c851742cb971`
SHA3	`aaaa8d46e1aee2717f1db301afb61b03ac8846697dd4a894d7cfd321ee92fdb0`
VirtualSize	`0x22878`
VirtualAddress	`0x490000`
SizeOfRawData	`0x22a00`
PointerToRawData	`0x48c600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.91137`

.reloc

MD5	`feb90865b1362b6b4d177c88b021ee74`
SHA1	`73f6155e2f83935b8d62667112417352b190e9d9`
SHA256	`746fd4dcaaf3cf7c5288e49c1d21ae382640bb4d86087f09e4724b71582eb200`
SHA3	`9ff122d1dc2ee5011f8f80b5767cfd96d7dfa9b92a4986e975d53bad5cb49823`
VirtualSize	`0xc`
VirtualAddress	`0x4b4000`
SizeOfRawData	`0x200`
PointerToRawData	`0x4af000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.10191`

Imports

mscoree.dll	`_CorExeMain`

Delayed Imports

1

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x9053`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.97892`
Detected Filetype	PNG graphic file
MD5	`b3bbf75e27a70cf22ce566e9c8cde942`
SHA1	`b1cceed051e9b17af998b10daaf33ba61bd74ce3`
SHA256	`ec733255622e92b4dd4e92abf1eb1c7586e421f5b967821e378405d1d497786e`
SHA3	`378ab726f12d47c48b4b1ac845b204ca9791534b81963b1f2128815cd9276a70`

2

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.43157`
MD5	`2df544511c3a56822c921681451445ca`
SHA1	`d4e0dbac98ad7549c323a0b910e3cb12d79a66cb`
SHA256	`961ece37d04a327d2fedf002a687188422d2083ee74a656f2c9246560ff2809a`
SHA3	`3e096e6e62e03a4003a03e5130f29ff7f63bbf90a10a273401d990168a1ef746`

3

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.90493`
MD5	`992d30187301f6627cacad1faa502a09`
SHA1	`36d5d7ce70a154acd30abbacfaef61925f459dac`
SHA256	`8b477e97026883d8bbb68b6ccd992d287df24b85c7f5d47febf2d4083564b678`
SHA3	`449d702ab780d603c01a84fec7e1afbd7d68a4fecbb61fa7e14397eb9c14d4fe`

4

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.14263`
MD5	`7684ddd179c1a18dfa980e86c96cef6d`
SHA1	`f836ff0d43e212d96440bcc9c3f0417321f00101`
SHA256	`b21021e3796ac422477b9856ea2a23a3f26c467157a5974707cfc81dc692b58d`
SHA3	`b74e0c9fb2e6f3e279390eb2cc109e869674bb576b15e66791f6f9b38c9cab3b`

5

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.44296`
MD5	`de78bc00ea2fa8f4ef0f124544bf15b7`
SHA1	`4128cfe3f4da1d2e64e618b0c0643556125c65e6`
SHA256	`ab299b59ea91b2440feceae32f6a8cc41bde352c44a21401aa067d2b5d98760b`
SHA3	`609b5f3e7e8416d3c6940abf21d62b4656179dfd049c9e0ce336356d68fe3716`

6

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.67009`
MD5	`7676219db892cfabf959c920e6505460`
SHA1	`f56625a1efde836db43c2dc81e7a79d7cdeb4257`
SHA256	`86580b8897109a066bb939d7f9a75f3534e5368ebaeeeb4f7c4cb1349b4edaf5`
SHA3	`1c4dbc673b463882dac69b982ebebee492e2148e66e202990c451834acd8a03d`

32512

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x5a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.79908`
Detected Filetype	Icon file
MD5	`70fa23e230679e575c88b799596c017d`
SHA1	`b5e1c0f1eb92530bd8449fe121aa12a9e1e11104`
SHA256	`175bb0964f36d7fec2a7f25c135ba5034bd139aefa8c765b7e5bdaa3f6fed1af`
SHA3	`8f6ef3e3dacbdd715d0d274d56f00f0afc8b1576319ed6d718482391e74c227c`

1 (#2)

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x34c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.3462`
MD5	`f8a780eb27e753658227cb7ce7b00d97`
SHA1	`ec9f3a37ae1fd359774e4cbef1e0eebb124c63b0`
SHA256	`3f53ddc5bae742cc5032a11b1358e773c5099e66c5e10e6dc4a8abec702ed117`
SHA3	`45fa2818b5ff4cda3b232ee526d7e691543ace24a2f862d20828ec03122fb47c`

1 (#3)

Type	`RT_MANIFEST`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xd4f`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.0187`
MD5	`57fcfaec2d20136a806be9a7d2b7cf41`
SHA1	`2db8a6d07f888e487413a24b9acb0d391d99b47e`
SHA256	`8d7ebe2cca08441e4f1950677b653314ec0733c909fe9e09908ac6b6e4320aa3`
SHA3	`9a9f36fa8dadc4ba2d4bbf443a37467f5dfe8712750f937c4d4a966409f55ba2`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.7.3.0
ProductVersion	1.7.3.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
Comments
CompanyName
FileDescription	ModActivator
FileVersion (#2)	1.7.3.0
InternalName	ModActivator.exe
LegalCopyright	Copyright © 2023 CryMax
LegalTrademarks
OriginalFilename	ModActivator.exe
ProductName	ModActivator
ProductVersion (#2)	1.7.3.0
Assembly Version	1.7.3.0

Resource LangID	UNKNOWN

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2043-Oct-22 14:55:36
Version	`0.0`
SizeofData	`116`
AddressOfRawData	`0x48e268`
PointerToRawData	`0x48c468`
Referenced File	C:\Users\lacek\OneDrive\Asztali gép\ModActivator\ModActivator\obj\Release\ModActivator.pdb

UNKNOWN

Characteristics	`0`
TimeDateStamp	1970-Jan-01 00:00:00
Version	`0.0`
SizeofData	`0`
AddressOfRawData	`0`
PointerToRawData	`0`

TLS Callbacks

Load Configuration

RICH Header

08a954c1f7646235c929cb07d4f538fb

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rsrc

.reloc

Imports

Delayed Imports

1

2

3

4

5

6

32512

1 (#2)

1 (#3)

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

UNKNOWN

TLS Callbacks

Load Configuration

RICH Header

Errors