Manalyze report for 1cbaf523e7eaa8150be533046b37b103

This file seems to be a .NET executable.
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
Compilation Date	2016-Nov-02 14:36:51
Debug artifacts	d:\Projects\stardewvalley\Farmer\Farmer\obj\ORBIS\Release\StardewValley.pdb
CompanyName	ConcernedApe
FileDescription	Stardew Valley
FileVersion	`1.1.0.0`
InternalName	StardewValley.exe
LegalCopyright	Copyright © ConcernedApe 2013
OriginalFilename	StardewValley.exe
ProductName	Stardew Valley
ProductVersion	`1.1.0.0`
Assembly Version	1.1.0.0

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C# v7.0 / Basic .NET` `.NET executable -> Microsoft`
Info	Interesting strings found in the binary:	`Contains domain names: blog.chucklefish.org chucklefish.org http://blog.chucklefish.org http://blog.chucklefish.org/ http://stardewvalley.net http://www.stardewvalley.net http://www.twitter.com http://www.twitter.com/ConcernedApe stardewvalley.net twitter.com www.stardewvalley.net www.twitter.com`
Suspicious	VirusTotal score: 1/75 (Scanned on 2024-08-01 04:33:32)	`MaxSecure: Trojan.Malware.300983.susgen`

Hashes

MD5	`1cbaf523e7eaa8150be533046b37b103`
SHA1	`0a0f1d35fbdcca73fc916aff282bdb9c324b8b89`
SHA256	`f13a02b619491393e2b684f3ad41cf20d55cfb1eb6f54d54c70ba5efbdb0280e`
SHA3	`d0c4720ca8577c57b49b2253beb3210246e718d2ae2235108b0c6eeeed65d810`
SSDeep	`49152:9xFlXgBiCrky3J0OTlU8ZXInZ4p4WgIV:9ArkyTFZXI8`
Imports Hash	`f34d5f2d4577ed6d9ceec516c1f5a744`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`3`
TimeDateStamp	2016-Nov-02 14:36:51
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`11.0`
SizeOfCode	`0x229a00`
SizeOfInitializedData	`0x800`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0022B84E (Section: .text)`
BaseOfCode	`0x2000`
BaseOfData	`0x22c000`
ImageBase	`0x400000`
SectionAlignment	`0x2000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x230000`
SizeOfHeaders	`0x200`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`eb45eed7e840c93308a322af4eb55f56`
SHA1	`46a9171e1d537fd9bf41f367b982782fe28237b7`
SHA256	`e206bfdd9875c1667913c7a7fb03af7c9307903bff2edcb3688eca52fbc3d78e`
SHA3	`c9e8ca9ed171c6c333b3366952431053abcabfbca21c7108df897f140ae4eb9a`
VirtualSize	`0x229854`
VirtualAddress	`0x2000`
SizeOfRawData	`0x229a00`
PointerToRawData	`0x200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`5.80734`

.rsrc

MD5	`515c47775bec33ad4310784d6a9ff3a8`
SHA1	`98984c82c5cc2112c0e1254dd873b35f81d0e2ca`
SHA256	`e32957f0b2238532ed93a26d640c608a93748bb45ab24c5f50b9c2275977d0d7`
SHA3	`8505454cbedd297c066b9beeae49fd10cb34729645cd9bb7fb12be36fc0be3dc`
VirtualSize	`0x5c0`
VirtualAddress	`0x22c000`
SizeOfRawData	`0x600`
PointerToRawData	`0x229c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.12606`

.reloc

MD5	`51510f25d08812000355f1e08f0fdb15`
SHA1	`a45e7ee815ab3c29ad7dac0fdd6a50bd51abbf2b`
SHA256	`f72243f7f3abe005e1fd2f7393b3dab56fe381b77b75d5d25bc79d702c71b2a9`
SHA3	`0fbe61b28e726d4497d2636d27ffd0d5a1110b87dd5f4134b9d9950015761f74`
VirtualSize	`0xc`
VirtualAddress	`0x22e000`
SizeOfRawData	`0x200`
PointerToRawData	`0x22a200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.10191`

Imports

mscoree.dll	`_CorExeMain`

Delayed Imports

1

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x32c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.31858`
MD5	`92d4c24a815be17c65be93695c1dce7f`
SHA1	`e31d340a4870eb2eb2ee2d96339a30e49948e820`
SHA256	`fdf7eabdde8946cb163df33d832b65d9156aaac865e73657bc50524e8905c963`
SHA3	`6345935efc69a1bdee79ecbde51c73e52aec721402ce7e83fb569c40b1e3f44f`

1 (#2)

Type	`RT_MANIFEST`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1ea`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.00112`
MD5	`a19a2658ba69030c6ac9d11fd7d7e3c1`
SHA1	`879dcf690e5bf1941b27cf13c8bcf72f8356c650`
SHA256	`c0085eb467d2fc9c9f395047e057183b3cd1503a4087d0db565161c13527a76f`
SHA3	`93cbaf236d2d3870c1052716416ddf1c34f21532e56dd70144e9a01efcd0ce34`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.1.0.0
ProductVersion	1.1.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
CompanyName	ConcernedApe
FileDescription	Stardew Valley
FileVersion (#2)	1.1.0.0
InternalName	StardewValley.exe
LegalCopyright	Copyright © ConcernedApe 2013
OriginalFilename	StardewValley.exe
ProductName	Stardew Valley
ProductVersion (#2)	1.1.0.0
Assembly Version	1.1.0.0

Resource LangID	UNKNOWN

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2016-Nov-02 14:36:51
Version	`0.0`
SizeofData	`284`
AddressOfRawData	`0x22b6e0`
PointerToRawData	`0x2298e0`
Referenced File	d:\Projects\stardewvalley\Farmer\Farmer\obj\ORBIS\Release\StardewValley.pdb

TLS Callbacks

Load Configuration

RICH Header

1cbaf523e7eaa8150be533046b37b103

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rsrc

.reloc

Imports

Delayed Imports

1

1 (#2)

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

TLS Callbacks

Load Configuration

RICH Header

Errors