Manalyze report for 347781fb69eb3524f3276462a8015a58

This file seems to be a .NET executable.
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2022-Mar-17 12:59:24
Debug artifacts	C:\Storage\inProgress\AHOB\AHOB\obj\Debug\AHOB.pdb
Comments	Anlayarak Hızlı Okumaya Başlangıç
CompanyName	Zekasoft® Yazılım T.A.Ş.
FileDescription	AHOB
FileVersion	`4.0.0.0`
InternalName	AHOB.exe
LegalCopyright	Copyright © 2017
LegalTrademarks	Zekasoft® AHOB®
OriginalFilename	AHOB.exe
ProductName	AHOB®
ProductVersion	`4.0.0.0`
Assembly Version	4.0.0.0

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C# v7.0 / Basic .NET` `.NET DLL -> Microsoft` `.NET executable -> Microsoft`
Suspicious	Strings found in the binary may indicate undesirable behavior:	`Contains another PE executable: This program cannot be run in DOS mode.` Contains domain names: crl.globalsign.com crl.globalsign.net database.zekasoft.com globalsign.com globalsign.net http://crl.globalsign.com http://crl.globalsign.com/gs/gstimestampingg2.crl0 http://crl.globalsign.com/gsextendcodesignsha2g3.crl0 http://crl.globalsign.com/root-r3.crl0b http://crl.globalsign.com/root.crl0G http://crl.globalsign.net http://crl.globalsign.net/root.crl0 http://ocsp.globalsign.com http://ocsp.globalsign.com/rootr103 http://ocsp2.globalsign.com http://ocsp2.globalsign.com/gsextendcodesignsha2g30U http://ocsp2.globalsign.com/gstimestampingg20 http://ocsp2.globalsign.com/rootr306 http://schemas.microsoft.com http://schemas.microsoft.com/SMI/2005/WindowsSettings http://secure.globalsign.com http://secure.globalsign.com/cacert/gsextendcodesignsha2g3ocsp.crt0 http://secure.globalsign.com/cacert/gstimestampingg2.crt08 https://www.globalsign.com https://www.globalsign.com/repository/0 https://www.globalsign.com/repository/03 https://www.zekasoft.com.tr https://www.zekasoft.com.tr/AHOB/ https://www.zekasoft.com.tr/AHOB/AHOB.exe.zip https://www.zekasoft.com.tr/ahobquery.asp? https://www.zekasoft.com.tr/default.aspx?act https://www.zekasoft.com.tr/sponsors/asps microsoft.com ocsp.globalsign.com ocsp2.globalsign.com schemas.microsoft.com secure.globalsign.com www.globalsign.com www.zekasoft.com zekasoft.com
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to SHA1` `Uses constants related to SHA256`
Info	The PE is digitally signed.	`Signer: ZEKASOFT YAZILIM T\xC4\xB0CARET A.\xC5\x9E.` `Issuer: GlobalSign GCC R45 EV CodeSigning CA 2020`
Safe	VirusTotal score: 0/70 (Scanned on 2023-09-10 16:16:15)	`All the AVs think this file is safe.`

Hashes

MD5	`347781fb69eb3524f3276462a8015a58`
SHA1	`e5abfab595cba0ce9eca35039347176194558d1d`
SHA256	`ff863e01be81d7f4e603ddf10d3afb7176a1c0d1a2bde77dec3e8a469b8ed726`
SHA3	`0db8ad97535a5c003e570b53c4afa94f1781769e7b8504b99ba99bef6e4b013a`
SSDeep	`98304:N5puO0EDK3izv5puO0FjG6CTVpkr2dY/aBcjJOBHOBIQBajMtWvoJiLE1+XgRKzr:41vCG1zCVpkr2dY/aBcjJOBHOBIQBajb`
Imports Hash	`f34d5f2d4577ed6d9ceec516c1f5a744`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`3`
TimeDateStamp	2022-Mar-17 12:59:24
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`80.0`
SizeOfCode	`0x3ba400`
SizeOfInitializedData	`0x75a00`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x003BC2FA (Section: .text)`
BaseOfCode	`0x2000`
BaseOfData	`0x3be000`
ImageBase	`0x400000`
SectionAlignment	`0x2000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x436000`
SizeOfHeaders	`0x200`
Checksum	`0x439fcc`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`8e57b1c4e34487819f1ed4bc6d598da3`
SHA1	`eef86081d79ea2a8587745574758e37ac30d0322`
SHA256	`7e90007a0bb7f030616d31dae9299fc948728736f2a804ab2bc1c562560db1e6`
SHA3	`8597b5dae53876ed0de1e2f61ccf2d372f03149a481bb8de02e3492d304d3e51`
VirtualSize	`0x3ba348`
VirtualAddress	`0x2000`
SizeOfRawData	`0x3ba400`
PointerToRawData	`0x200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`7.22115`

.rsrc

MD5	`f5e7e90fc50a9d7c535e6c57d9373e2a`
SHA1	`08f92ba3b6ff5c5cb9c1483c11d503142feeaed4`
SHA256	`ee74fe3c6dd66cc748dfb830da47d67cd207b35510d7744f1fe979420a18cfa6`
SHA3	`e579e93fe3bc6b04769b1af0fb55efdbabb9e526432cf9b6705fb4efccd99384`
VirtualSize	`0x756f0`
VirtualAddress	`0x3be000`
SizeOfRawData	`0x75800`
PointerToRawData	`0x3ba600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`7.37092`

.reloc

MD5	`a066c04ba0f896dcc872d9d7570e5625`
SHA1	`2bebf3ff026bc88adb92f1130ada7425267bbff1`
SHA256	`6ae6d248f317971cdd01feb5f72e5b5ba4fb2a1c5a3137b56b94768defee25fb`
SHA3	`7e033ce0aede672c763e6336cc265323465c2782d50b0b43b3dce4652651be7a`
VirtualSize	`0xc`
VirtualAddress	`0x434000`
SizeOfRawData	`0x200`
PointerToRawData	`0x42fe00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.10191`

Imports

mscoree.dll	`_CorExeMain`

Delayed Imports

1

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.21043`
MD5	`731d575d673861ea4c7e8405bdbeb43a`
SHA1	`5900dabde1298bea899c9e729c0bba62446eb56b`
SHA256	`4b2d9f264890aafada077475a96ba13d1515e8c1d5282f700a5018a71f357fc8`
SHA3	`ead9f4b1bf76fb41e254151ad18b51a6f82c58079a1a11d902427aab8cdd18d3`

2

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x94a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.46239`
MD5	`111ce18ae3d4d1e9a115b0a12eca152f`
SHA1	`386cad458baeb1b5f951a8cd6cc16e530e4fab24`
SHA256	`8f65a4754a8e0e81366f43c755f06fa25ef9cd077c85406918af27b3f502250f`
SHA3	`1a6ab9d191366a4e61b676441c3e1bbb28a2af6a517b3600479d8b71c1de80d2`

3

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.72711`
MD5	`fab71a41494eaac78b8eed30f9b2ae49`
SHA1	`a93967e2db92b6a19d0bb5ba8b763980592eef5a`
SHA256	`4705c621d1d3e793817036088c33e2bcd779348d5fe174b1d83db209465937a2`
SHA3	`2997bb479990c359ab17bf84772e91b5e15d4752a8fe622dccb05c3c722e2104`

4

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.95078`
MD5	`3da7aa0f92e9db4ad51502f7764efe11`
SHA1	`ae5559425eeb2b689d6b1833e78dde8c44410add`
SHA256	`1984831d2e1142c09b6f8fa51116101291f663ca2ee0e09ce180825778601c6b`
SHA3	`e94b290da3deec640331256ec1995f48fd23bb1dea491f4780160885c32191cf`

5

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.31664`
MD5	`4434a9489c3699a19bbe12ab5330f2f3`
SHA1	`61c3b445c6dfc12df97a7d2d6912e1d9cd38b957`
SHA256	`eecbb3ce6729c06dc47e3cc82bb739a31a4d362375bb0c61201cce729cd483b8`
SHA3	`d81f76b36d719b97bd5f02bb7df11ff68feff069e0490c7f37e3156204bb21fd`

6

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.51781`
MD5	`b67963ca46ea3bda02cbdde17186b5b0`
SHA1	`565234aeaf58d69bff27482b689caa34c37aecb1`
SHA256	`8dc1d0310e863819690b50d5e97a68b178d59785fa15dcd4ba424efcef824e48`
SHA3	`5958cb678bfabd54b64f254c7c02345ef58696e12b8bfd9fc1d5f4958b8872f4`

7

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.66081`
MD5	`e563340373903205ad973b7000583ae9`
SHA1	`7eed464acc60a2da1682db97b7553103d9310f7a`
SHA256	`adc19bf3a1862870def79e3cce020a3903467b8655d30f72d967b9123c0da547`
SHA3	`c2572fe91c72fd951057519c6897e9a398bff927701257a89b87bf0635784f75`

8

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x201c8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.97869`
Detected Filetype	PNG graphic file
MD5	`780c2bf8c3e83f81f1a9c154c3cb8624`
SHA1	`407cc5b6cb29e165a71d792a1e9520f7e7862996`
SHA256	`f2277f2977b97e352255e62b1f301d9b8d601d8d6c1748fce448f18d011c7608`
SHA3	`9b4a6997e7439463e73dfea581ab9f3883c93cd2874076ec63b49e8cf9154cc2`

9

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1b428`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.98964`
Detected Filetype	PNG graphic file
MD5	`97e986f46c4ab3855d6f63411624a860`
SHA1	`c1840c170fc9841212549fcca9334d954c574294`
SHA256	`cc63ea960cecd1b3de2a25b971bfd406d9eab5488fd1f9c3d50507b812493f65`
SHA3	`e016b2c3de2822f2d5cff37dd62b7315988786a002ddf8c882e88c9a68e770eb`

10

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xc4f4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.98326`
Detected Filetype	PNG graphic file
MD5	`8a033ce572b30cd04ae05046af480b06`
SHA1	`c0ce9b966de454e82210cf095bef5414cf93b112`
SHA256	`d9a3eac4df7cf8f2f13e09a739bda0517fcffce905042f07adb08f0297883d09`
SHA3	`a767c8779bf0398cf9d7c5998bb19a0ac0dec1d2b9e8e2ea9cb30a7f9a4d0fb4`

11

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xa532`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.99196`
Detected Filetype	PNG graphic file
MD5	`d16cba214c16f04ed13b24ba095cd849`
SHA1	`4645cb6bb9f9f68a73d43db82f47f38efae3277b`
SHA256	`7f8bb151f983f083dc85ca9e94f2e87250440aa291a5674eb6d28c2a0ae48e4c`
SHA3	`5defed6a36d4dd05cb021c437aa8c0717cd49f227a6e7a2e1bdb0c16144868d3`

32512

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xa0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.03865`
Detected Filetype	Icon file
MD5	`a5640ef8994f74acb7e1961bdfa583a2`
SHA1	`ecc8324fd06e16c9e056c43366193009a896ab1b`
SHA256	`2a53341d0b85ebcbbba49a6e961b5b66b101e6c43bee8d6824db9367dca7aa49`
SHA3	`078cd146beb877f5e1be374331ea3eebc0b95ae0baf61e2e55e9a347c081833a`

1 (#2)

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x388`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.45915`
MD5	`8be55f34c90526b444481a1711364b30`
SHA1	`5f6f701024f588a6b93e23a765056280be54ea4b`
SHA256	`172867d3b8e2442c86f238afa42d26241204707699ae39d7d982d96c935a2bcf`
SHA3	`553ae2b91fc7c16e54eff6d65c396ec2d0375904ae2ab3999866fe276c4a5498`

1 (#3)

Type	`RT_MANIFEST`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xc62`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.00914`
MD5	`a4c4567b9590cdd5e726f5278f3f1647`
SHA1	`44350c36a0fcc4bd72d1c9cd619dd661edfee30b`
SHA256	`e9a7c7e737553da0ee2d0b343272ddf703dca734c9722358343645e6067bb65d`
SHA3	`e613264127ef2dacf581fe9c2e4084dd4cb337f3f2c0402cc4ce93da3282ce48`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	4.0.0.0
ProductVersion	4.0.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
Comments	Anlayarak Hızlı Okumaya Başlangıç
CompanyName	Zekasoft® Yazılım T.A.Ş.
FileDescription	AHOB
FileVersion (#2)	4.0.0.0
InternalName	AHOB.exe
LegalCopyright	Copyright © 2017
LegalTrademarks	Zekasoft® AHOB®
OriginalFilename	AHOB.exe
ProductName	AHOB®
ProductVersion (#2)	4.0.0.0
Assembly Version	4.0.0.0

Resource LangID	UNKNOWN

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2022-Mar-17 12:59:24
Version	`0.0`
SizeofData	`284`
AddressOfRawData	`0x3bc18c`
PointerToRawData	`0x3ba38c`
Referenced File	C:\Storage\inProgress\AHOB\AHOB\obj\Debug\AHOB.pdb

TLS Callbacks

Load Configuration

RICH Header

347781fb69eb3524f3276462a8015a58

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rsrc

.reloc

Imports

Delayed Imports

1

2

3

4

5

6

7

8

9

10

11

32512

1 (#2)

1 (#3)

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

TLS Callbacks

Load Configuration

RICH Header

Errors