Manalyze report for 0d7a08e7f58bfe020c59d739911ee519

This file seems to be a .NET executable.
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
Compilation Date	2013-Jun-24 19:32:43
CompanyName	NETRESEC AB
FileDescription	RawCap
FileVersion	`0.1.5.0`
InternalName	RawCap.exe
LegalCopyright	Copyright NETRESEC AB 2013
OriginalFilename	RawCap.exe
ProductName	RawCap
ProductVersion	`0.1.5.0`
Assembly Version	0.1.5.0

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C# v7.0 / Basic .NET` `.NET executable -> Microsoft`
Suspicious	VirusTotal score: 1/69 (Scanned on 2019-01-11 18:53:11)	`Trapmine: suspicious.low.ml.score`

Hashes

MD5	`0d7a08e7f58bfe020c59d739911ee519`
SHA1	`c427933591274c97ad00516ab91454c9ea71c5eb`
SHA256	`f6917fa47ce498af0dd840e1467c29c1701dde0a850009ae7523f554b12ad379`
SHA3	`fbad84f0c9f4fd7885729633f468cdf16029fe36c5527da25664bea19d256881`
SSDeep	`384:4hhCzKWJ+QbGt8UpJSj81FnU6boLNqbag/MDyNfn1AB+CzYcHe+m:ChCa8YFxbI/kNABfzYcHe+m`
Imports Hash	`f34d5f2d4577ed6d9ceec516c1f5a744`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`3`
TimeDateStamp	2013-Jun-24 19:32:43
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`6.0`
SizeOfCode	`0x4a00`
SizeOfInitializedData	`0x5800`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0000693A (Section: .text)`
BaseOfCode	`0x2000`
BaseOfData	`0x8000`
ImageBase	`0x400000`
SectionAlignment	`0x2000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0xc000`
SizeOfHeaders	`0x200`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`100f4eec0ea385dd232a367771ec2041`
SHA1	`f724ad12fc8c93b0bc2f2c6b442854570a5aa4f0`
SHA256	`adb5dff08ec4a5ca32c17f052f049d89e3e85b125ab2adebcd0854f07678349d`
SHA3	`21b3475b2349fc78e57b7cbf09f7775ab48c5c167f2122f7a76f659c45665700`
VirtualSize	`0x4940`
VirtualAddress	`0x2000`
SizeOfRawData	`0x4a00`
PointerToRawData	`0x200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`5.98309`

.reloc

MD5	`2537474412496456e450e19e02d4bd0e`
SHA1	`c89c59811ba27a03b72b5a46fba29dfeb0f55c62`
SHA256	`e56c2e964e85054a9ad74987b77e96c9210f277d0a4d3753244c0707385334c1`
SHA3	`e623631a8959a3d5b2293f124e91b9bb47a87854167fb7fd4d24236c4f13c8e1`
VirtualSize	`0xc`
VirtualAddress	`0x8000`
SizeOfRawData	`0x200`
PointerToRawData	`0x4c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.0815394`

.rsrc

MD5	`783d954df32ae2d2b646dfc3e9584132`
SHA1	`46d6c118ce2d8a63ec6dd369f7e5d6c9229af97c`
SHA256	`f37f0cb4a10d6675a0484a79d20cd7c3d44d3ac990436c68651edaf33a668ab1`
SHA3	`fb1bb865a237823383fc32744470342a6757eff0a40350b3d5cf25b0277128ea`
VirtualSize	`0xc6c`
VirtualAddress	`0xa000`
SizeOfRawData	`0xe00`
PointerToRawData	`0x4e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.6624`

Imports

mscoree.dll	`_CorExeMain`

Delayed Imports

1

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x2ec`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.35116`
MD5	`8955931a25437b39630b01f54e7d28a7`
SHA1	`67b09b166b5ccb6d30ccb0c8e00c1472bcada76b`
SHA256	`444229f2159de41cf35ff81686445cc01ea3ac9cf533032a618a6893ac85bef2`
SHA3	`a82a6888e9ac36a6b9f615ebdfc6cf96fd4bd9cf93313f3ecf54c28b742b7289`

1 (#2)

Type	`RT_MANIFEST`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x8de`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.94274`
MD5	`82312969f8bd80ed78f48b1f155bc184`
SHA1	`71742b1fa6c9a5f5352dc71aba13f45408ecdbb5`
SHA256	`de573605851f560ebe913b6e3b4f06d88b8c805d4123d1d39cf4f2c9ddc9512f`
SHA3	`106a19735c8430882b8ba479053177bf97025e64d6785cba0e3f097dc155b706`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	0.1.5.0
ProductVersion	0.1.5.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
CompanyName	NETRESEC AB
FileDescription	RawCap
FileVersion (#2)	0.1.5.0
InternalName	RawCap.exe
LegalCopyright	Copyright NETRESEC AB 2013
OriginalFilename	RawCap.exe
ProductName	RawCap
ProductVersion (#2)	0.1.5.0
Assembly Version	0.1.5.0

Resource LangID	UNKNOWN

TLS Callbacks

Load Configuration

RICH Header

0d7a08e7f58bfe020c59d739911ee519

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.reloc

.rsrc

Imports

Delayed Imports

1

1 (#2)

Version Info

TLS Callbacks

Load Configuration

RICH Header

Errors