Manalyze report for 1e7b9959464ae5029e47a15b1dfb7d29

This file seems to be a .NET executable.
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2073-Jun-20 06:42:52
Debug artifacts	C:\projects\ForceCoin\ForceCoin\obj\Release\ForceCoin.pdb
Comments
CompanyName
FileDescription	ForceCoin
FileVersion	`1.0.0.0`
InternalName	ForceCoin.exe
LegalCopyright	Copyright © 2020
LegalTrademarks
OriginalFilename	ForceCoin.exe
ProductName	ForceCoin
ProductVersion	`1.0.0.0`
Assembly Version	1.0.0.0

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C# v7.0 / Basic .NET`
Malicious	VirusTotal score: 3/71 (Scanned on 2021-01-12 20:12:56)	`Sangfor: Malware` `APEX: Malicious` `MaxSecure: Trojan.Malware.300983.susgen`

Hashes

MD5	`1e7b9959464ae5029e47a15b1dfb7d29`
SHA1	`eaf3df111e7fc335009e88cbf79f8e8caf863550`
SHA256	`0a8c000de24cb8b0aeab4271eb381e2cff6e1f59512479de10c9c66061c4905a`
SHA3	`259b668db0f597257a3c544c6f0d10689dc5f470bf88e88439611814c14db9b0`
SSDeep	`384:Ww6hlMlmdshwPVpplLK2ocaf5CoTomrWRh8FvJjWqxtYfBon0uOFfTAffiIe:W0OK2oX9HxCuOFfln`
Imports Hash	`f34d5f2d4577ed6d9ceec516c1f5a744`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`3`
TimeDateStamp	2073-Jun-20 06:42:52
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`48.0`
SizeOfCode	`0x3c00`
SizeOfInitializedData	`0x800`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00005B8A (Section: .text)`
BaseOfCode	`0x2000`
BaseOfData	`0x6000`
ImageBase	`0x400000`
SectionAlignment	`0x2000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0xa000`
SizeOfHeaders	`0x200`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`1b90fd4398d0c0a93d5b2458648886b3`
SHA1	`708a01fb8bad1ef2ba9dadfcc9cf53c390438df4`
SHA256	`2d70c660c9e6939ca3e9728b1c3cdae1abdf6e19ca5a054ca11a141d3e04b476`
SHA3	`3d3e1513e70e8e3b7847e4876392f8ecfc38024bcc58e913f5f0046cfa65e440`
VirtualSize	`0x3b90`
VirtualAddress	`0x2000`
SizeOfRawData	`0x3c00`
PointerToRawData	`0x200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`5.47594`

.rsrc

MD5	`2dd4eac2ce4d19c159eb6f17ea24a8f1`
SHA1	`cc88ab1129d7d768aaec101e9986d067a31bc41a`
SHA256	`0d2e2de340d594d5c3071365588076db8e559a339cb29fb655a14983145d7bf8`
SHA3	`09e37a95df47fd287209822a95dbb4d9b0fc4d1d1e645f5cf0777b327a85fbae`
VirtualSize	`0x5ac`
VirtualAddress	`0x6000`
SizeOfRawData	`0x600`
PointerToRawData	`0x3e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.05691`

.reloc

MD5	`475fff6433704999a3c88d4fdb6c483f`
SHA1	`26bca057d30c59c7a16f7b9d17723a367d4bfb65`
SHA256	`42cf6f9aa3beb869b89c11f3a55b38998a2720e50493e800e8ad37b56127dee9`
SHA3	`e64dcfc6dda61ee95fac3bac842a5a6fb3997b0c9864f79cec7138e8fc9a565f`
VirtualSize	`0xc`
VirtualAddress	`0x8000`
SizeOfRawData	`0x200`
PointerToRawData	`0x4400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.0815394`

Imports

mscoree.dll	`_CorExeMain`

Delayed Imports

1

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x31c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.24759`
MD5	`bdaa4581524544eb8054f3d8e861571d`
SHA1	`0abac12e6784beab56cf785de4d713bb98851713`
SHA256	`fc801a085380c45c1bcbb8c469babbd6227672cefc092cbb0cf3b73b402dc80e`
SHA3	`15ab6984e6e163531d4789b920d799865ccfc7b2edaa074e4ee73c65acbf6641`

1 (#2)

Type	`RT_MANIFEST`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1ea`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.00112`
MD5	`b7db84991f23a680df8e95af8946f9c9`
SHA1	`cac699787884fb993ced8d7dc47b7c522c7bc734`
SHA256	`539dc26a14b6277e87348594ab7d6e932d16aabb18612d77f29fe421a9f1d46a`
SHA3	`4f72877413d13a67b52b292a8524e2c43a15253c26aaf6b5d0166a65bc615cff`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.0.0.0
ProductVersion	1.0.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
Comments
CompanyName
FileDescription	ForceCoin
FileVersion (#2)	1.0.0.0
InternalName	ForceCoin.exe
LegalCopyright	Copyright © 2020
LegalTrademarks
OriginalFilename	ForceCoin.exe
ProductName	ForceCoin
ProductVersion (#2)	1.0.0.0
Assembly Version	1.0.0.0

Resource LangID	UNKNOWN

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2089-Jul-19 11:39:21
Version	`0.0`
SizeofData	`82`
AddressOfRawData	`0x5ae4`
PointerToRawData	`0x3ce4`
Referenced File	C:\projects\ForceCoin\ForceCoin\obj\Release\ForceCoin.pdb

UNKNOWN

Characteristics	`0`
TimeDateStamp	1970-Jan-01 00:00:00
Version	`0.0`
SizeofData	`0`
AddressOfRawData	`0`
PointerToRawData	`0`

TLS Callbacks

Load Configuration

RICH Header

1e7b9959464ae5029e47a15b1dfb7d29

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rsrc

.reloc

Imports

Delayed Imports

1

1 (#2)

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

UNKNOWN

TLS Callbacks

Load Configuration

RICH Header

Errors