×
This file seems to be a .NET executable .
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!
Architecture
IMAGE_FILE_MACHINE_I386
Subsystem
IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date
2095-Feb-04 10:23:25
Debug artifacts
C:\Users\Ki Gonzalez\source\repos\Lunar Client\Lunar Client\obj\Release\Lunar Client.pdb
Comments
CompanyName
FileDescription
Lunar Client
FileVersion
1.0.0.0
InternalName
Lunar Client.exe
LegalCopyright
Copyright © 2021
LegalTrademarks
OriginalFilename
Lunar Client.exe
ProductName
Lunar Client
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0
Info
Matching compiler(s):
Microsoft Visual C# v7.0 / Basic .NET
Info
Interesting strings found in the binary:
Contains domain names:
https://discord.gg
https://store.lunarclient.com
https://store.lunarclient.com/
https://store.lunarclient.com/spring
https://twitter.com
https://www.lunarclient.com
https://www.lunarclient.com/
https://www.lunarclient.com/faq/
https://www.lunarclient.com/terms/
lunarclient.com
store.lunarclient.com
twitter.com
www.lunarclient.com
Malicious
VirusTotal score: 4/68 (Scanned on 2021-06-13 22:34:41)
Cynet:
Malicious (score: 100)
Symantec:
ML.Attribute.HighConfidence
APEX:
Malicious
MaxSecure:
Trojan.Malware.300983.susgen
MD5
352352b54a1054a7f3e304e2a533ab70
SHA1
9cd379eb8f77ddf783b61412d68eb49bbc6a2aa7
SHA256
8a8deb9a0a93d59009a21de656307b51123145dd57b7dd5bf97f4f8f519ed6de
SHA3
2a8ed311d5111c86c02bfb337c90887fa75217b3a123775a6fc286608305badb
SSDeep
98304:RvGRg/TZwYQQ4UemknTtjB/fUzh7xZz7nh7xZz7nh7xZz7safnlafn0uE:1G2TGxUemGTrfU7xZfh7xZfh7xZfsaf
Imports Hash
f34d5f2d4577ed6d9ceec516c1f5a744
e_magic
MZ
e_cblp
0x90
e_cp
0x3
e_crlc
0
e_cparhdr
0x4
e_minalloc
0
e_maxalloc
0xffff
e_ss
0
e_sp
0xb8
e_csum
0
e_ip
0
e_cs
0
e_ovno
0
e_oemid
0
e_oeminfo
0
e_lfanew
0x80
Signature
PE
Machine
IMAGE_FILE_MACHINE_I386
NumberofSections
3
TimeDateStamp
2095-Feb-04 10:23:25
PointerToSymbolTable
0
NumberOfSymbols
0
SizeOfOptionalHeader
0xe0
Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Magic
PE32
LinkerVersion
48.0
SizeOfCode
0x578800
SizeOfInitializedData
0x9000
SizeOfUninitializedData
0
AddressOfEntryPoint
0x0057A6AA (Section: .text)
BaseOfCode
0x2000
BaseOfData
0x57c000
ImageBase
0x400000
SectionAlignment
0x2000
FileAlignment
0x200
OperatingSystemVersion
4.0
ImageVersion
0.0
SubsystemVersion
4.0
Win32VersionValue
0
SizeOfImage
0x588000
SizeOfHeaders
0x200
Checksum
0
Subsystem
IMAGE_SUBSYSTEM_WINDOWS_GUI
DllCharacteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve
0x100000
SizeofStackCommit
0x1000
SizeofHeapReserve
0x100000
SizeofHeapCommit
0x1000
LoaderFlags
0
NumberOfRvaAndSizes
16
MD5
cb83a8ec6e7206e3ff6f1b0a294a3e56
SHA1
4660a8e9c2a1965ab4b19e129ac6688df0d5680d
SHA256
e25f89c02d15895266b3f83556bf8a671f74322b99f13a0e7ab361c22bb0bf68
SHA3
4cd26c86059a06668a457dffec575eb58f83baab6ac7a1a4a5b6fc50f06bf30e
VirtualSize
0x5786b0
VirtualAddress
0x2000
SizeOfRawData
0x578800
PointerToRawData
0x200
PointerToRelocations
0
PointerToLineNumbers
0
NumberOfLineNumbers
0
NumberOfRelocations
0
Characteristics
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy
7.98111
MD5
6768f29f99938a8d34f0c5e285234a82
SHA1
78b63a1629b96bbf6a3aa3e149e054120f53724c
SHA256
a2357c8a5235928e64dd6778b7df41a26dc6f2556a8e98f8ee24304fc82ca4fb
SHA3
c095ee1537597fa423b933379b21cedd1d158f90e7b2ce28f7624d188aee5100
VirtualSize
0x8dc4
VirtualAddress
0x57c000
SizeOfRawData
0x8e00
PointerToRawData
0x578a00
PointerToRelocations
0
PointerToLineNumbers
0
NumberOfLineNumbers
0
NumberOfRelocations
0
Characteristics
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy
6.4704
MD5
8659840018effd03c09e0bf96302f371
SHA1
7fff9581537b850ef2a202c9db65eda32a793113
SHA256
ea58d315e049231dc81135e319c9b1ef8c450984fbd2d80bfba88bc4b251cf4f
SHA3
90dbb3c378624ba278f31e72e241e963429e69721f161acc0df743035b63e390
VirtualSize
0xc
VirtualAddress
0x586000
SizeOfRawData
0x200
PointerToRawData
0x581800
PointerToRelocations
0
PointerToLineNumbers
0
NumberOfLineNumbers
0
NumberOfRelocations
0
Characteristics
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Entropy
0.10191
Type
RT_ICON
Language
UNKNOWN
Codepage
UNKNOWN
Size
0x468
TimeDateStamp
1980-Jan-01 00:00:00
Entropy
5.16746
MD5
b3ea57810f33ef1fe8f02f41b3b43899
SHA1
aedd2c33ead93851b0a57acb33cd995d1b8dc252
SHA256
b2071a9f9608fa67499e5f231ed771d19af76769e32ed76c3ee1281e36ce34c2
SHA3
e4292c5cba94921a71ed1622ce58d444ba277dc7d2378851d01648e1c16a3d3c
Type
RT_ICON
Language
UNKNOWN
Codepage
UNKNOWN
Size
0x988
TimeDateStamp
1980-Jan-01 00:00:00
Entropy
4.74484
MD5
04f1c7072719be6e4786973ec89907af
SHA1
6a38cb8c44c78a8b6a334331616bdb74af1d46b2
SHA256
739260a0ad0332cee30956a456edf3b959f7368f15f5374c70e02ba5adea1b8c
SHA3
c1c05c97de2ceb55f0689a78db4f63bf6a5a4e414c3b73cf5816725ec78f34ca
Type
RT_ICON
Language
UNKNOWN
Codepage
UNKNOWN
Size
0x10a8
TimeDateStamp
1980-Jan-01 00:00:00
Entropy
4.39915
MD5
8a46e2446a4bf06b244de05ce70b9c30
SHA1
17daffa97b6384239d7e442ce1e774e55b7bb851
SHA256
71960b9ebef961e3769b266ef90ea8660f05ab7dc05d2751f4fd403d449c2947
SHA3
4596a0bc1946c2d95b1dd402e6f7d9c8bd702ef55d2440e5b14267cff4647153
Type
RT_ICON
Language
UNKNOWN
Codepage
UNKNOWN
Size
0x25a8
TimeDateStamp
1980-Jan-01 00:00:00
Entropy
3.67192
MD5
78bfe1a1792a3e9a425f69265d151184
SHA1
07ed2253e86c0b97b7ce99e6feb7ae307de24b94
SHA256
eb455c4b5e5edc5c1df15c1663bd669592bc77ba48fcd667c022dc971d30fd90
SHA3
b2b07d2da746b481d465a655a4d4f715e2b4ce826f08218d4691809f9a00b897
Type
RT_ICON
Language
UNKNOWN
Codepage
UNKNOWN
Size
0x421b
TimeDateStamp
1980-Jan-01 00:00:00
Entropy
7.97473
Detected Filetype
PNG graphic file
MD5
06402baef23da764cdfee32299b96684
SHA1
acdf5a9e404b37e9f30d613fdd713440ede4fba3
SHA256
335bcdf808c6933a9774e06ab14d6920f69a84c8bf6c2987dfe38e2a9294c48c
SHA3
fd3891530d3c325ba50e8aeb08f7420b16996ef201911105e19055ad7d82c83b
Type
RT_GROUP_ICON
Language
UNKNOWN
Codepage
UNKNOWN
Size
0x4c
TimeDateStamp
1980-Jan-01 00:00:00
Entropy
2.64638
Detected Filetype
Icon file
MD5
a24a291e82475efa531ebc313c29c504
SHA1
c34621b02bef4b50cd80b4bf408555f74e11dd43
SHA256
29d3ee3937fda09a1877575aaaa0ffb71cf506bfe8c9d15b1df186a8a8eb4884
SHA3
5db59c7620333169e55b264f878f339cfb791ecb7d47a5a582522cac46b56e6a
Type
RT_VERSION
Language
UNKNOWN
Codepage
UNKNOWN
Size
0x33c
TimeDateStamp
1980-Jan-01 00:00:00
Entropy
3.24711
MD5
2e59810b8d662f3eb04c80233ca5bdc4
SHA1
d297cc214b67a927d6bbe262c385e465114feb75
SHA256
289653f3f595d23e6dcef9099dc1efb394a7c5ca9832e07085176b9fa5585da6
SHA3
dd37913d6ce0724727112ddfa7e20228d630509a2dde9a4dd19987b24b6fd66d
Type
RT_MANIFEST
Language
UNKNOWN
Codepage
UNKNOWN
Size
0x1ea
TimeDateStamp
1980-Jan-01 00:00:00
Entropy
5.00112
MD5
b7db84991f23a680df8e95af8946f9c9
SHA1
cac699787884fb993ced8d7dc47b7c522c7bc734
SHA256
539dc26a14b6277e87348594ab7d6e932d16aabb18612d77f29fe421a9f1d46a
SHA3
4f72877413d13a67b52b292a8524e2c43a15253c26aaf6b5d0166a65bc615cff
Signature
0xfeef04bd
StructVersion
0x10000
FileVersion
1.0.0.0
ProductVersion
1.0.0.0
FileFlags
(EMPTY)
FileOs
VOS_DOS_WINDOWS32
VOS_NT_WINDOWS32
VOS__WINDOWS32
FileType
VFT_APP
Language
UNKNOWN
Comments
CompanyName
FileDescription
Lunar Client
FileVersion (#2)
1.0.0.0
InternalName
Lunar Client.exe
LegalCopyright
Copyright © 2021
LegalTrademarks
OriginalFilename
Lunar Client.exe
ProductName
Lunar Client
ProductVersion (#2)
1.0.0.0
Assembly Version
1.0.0.0
Characteristics
0
TimeDateStamp
2044-May-12 19:16:44
Version
0.0
SizeofData
113
AddressOfRawData
0x57a5e4
PointerToRawData
0x5787e4
Referenced File
C:\Users\Ki Gonzalez\source\repos\Lunar Client\Lunar Client\obj\Release\Lunar Client.pdb
Characteristics
0
TimeDateStamp
1970-Jan-01 00:00:00
Version
0.0
SizeofData
0
AddressOfRawData
0
PointerToRawData
0