Manalyze report for 352352b54a1054a7f3e304e2a533ab70

This file seems to be a .NET executable.
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2095-Feb-04 10:23:25
Debug artifacts	C:\Users\Ki Gonzalez\source\repos\Lunar Client\Lunar Client\obj\Release\Lunar Client.pdb
Comments
CompanyName
FileDescription	Lunar Client
FileVersion	`1.0.0.0`
InternalName	Lunar Client.exe
LegalCopyright	Copyright © 2021
LegalTrademarks
OriginalFilename	Lunar Client.exe
ProductName	Lunar Client
ProductVersion	`1.0.0.0`
Assembly Version	1.0.0.0

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C# v7.0 / Basic .NET`
Info	Interesting strings found in the binary:	`Contains domain names: https://discord.gg https://store.lunarclient.com https://store.lunarclient.com/ https://store.lunarclient.com/spring https://twitter.com https://www.lunarclient.com https://www.lunarclient.com/ https://www.lunarclient.com/faq/ https://www.lunarclient.com/terms/ lunarclient.com store.lunarclient.com twitter.com www.lunarclient.com`
Malicious	VirusTotal score: 4/68 (Scanned on 2021-06-13 22:34:41)	`Cynet: Malicious (score: 100)` `Symantec: ML.Attribute.HighConfidence` `APEX: Malicious` `MaxSecure: Trojan.Malware.300983.susgen`

Hashes

MD5	`352352b54a1054a7f3e304e2a533ab70`
SHA1	`9cd379eb8f77ddf783b61412d68eb49bbc6a2aa7`
SHA256	`8a8deb9a0a93d59009a21de656307b51123145dd57b7dd5bf97f4f8f519ed6de`
SHA3	`2a8ed311d5111c86c02bfb337c90887fa75217b3a123775a6fc286608305badb`
SSDeep	`98304:RvGRg/TZwYQQ4UemknTtjB/fUzh7xZz7nh7xZz7nh7xZz7safnlafn0uE:1G2TGxUemGTrfU7xZfh7xZfh7xZfsaf`
Imports Hash	`f34d5f2d4577ed6d9ceec516c1f5a744`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`3`
TimeDateStamp	2095-Feb-04 10:23:25
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`48.0`
SizeOfCode	`0x578800`
SizeOfInitializedData	`0x9000`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0057A6AA (Section: .text)`
BaseOfCode	`0x2000`
BaseOfData	`0x57c000`
ImageBase	`0x400000`
SectionAlignment	`0x2000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x588000`
SizeOfHeaders	`0x200`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`cb83a8ec6e7206e3ff6f1b0a294a3e56`
SHA1	`4660a8e9c2a1965ab4b19e129ac6688df0d5680d`
SHA256	`e25f89c02d15895266b3f83556bf8a671f74322b99f13a0e7ab361c22bb0bf68`
SHA3	`4cd26c86059a06668a457dffec575eb58f83baab6ac7a1a4a5b6fc50f06bf30e`
VirtualSize	`0x5786b0`
VirtualAddress	`0x2000`
SizeOfRawData	`0x578800`
PointerToRawData	`0x200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`7.98111`

.rsrc

MD5	`6768f29f99938a8d34f0c5e285234a82`
SHA1	`78b63a1629b96bbf6a3aa3e149e054120f53724c`
SHA256	`a2357c8a5235928e64dd6778b7df41a26dc6f2556a8e98f8ee24304fc82ca4fb`
SHA3	`c095ee1537597fa423b933379b21cedd1d158f90e7b2ce28f7624d188aee5100`
VirtualSize	`0x8dc4`
VirtualAddress	`0x57c000`
SizeOfRawData	`0x8e00`
PointerToRawData	`0x578a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.4704`

.reloc

MD5	`8659840018effd03c09e0bf96302f371`
SHA1	`7fff9581537b850ef2a202c9db65eda32a793113`
SHA256	`ea58d315e049231dc81135e319c9b1ef8c450984fbd2d80bfba88bc4b251cf4f`
SHA3	`90dbb3c378624ba278f31e72e241e963429e69721f161acc0df743035b63e390`
VirtualSize	`0xc`
VirtualAddress	`0x586000`
SizeOfRawData	`0x200`
PointerToRawData	`0x581800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.10191`

Imports

mscoree.dll	`_CorExeMain`

Delayed Imports

1

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.16746`
MD5	`b3ea57810f33ef1fe8f02f41b3b43899`
SHA1	`aedd2c33ead93851b0a57acb33cd995d1b8dc252`
SHA256	`b2071a9f9608fa67499e5f231ed771d19af76769e32ed76c3ee1281e36ce34c2`
SHA3	`e4292c5cba94921a71ed1622ce58d444ba277dc7d2378851d01648e1c16a3d3c`

2

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.74484`
MD5	`04f1c7072719be6e4786973ec89907af`
SHA1	`6a38cb8c44c78a8b6a334331616bdb74af1d46b2`
SHA256	`739260a0ad0332cee30956a456edf3b959f7368f15f5374c70e02ba5adea1b8c`
SHA3	`c1c05c97de2ceb55f0689a78db4f63bf6a5a4e414c3b73cf5816725ec78f34ca`

3

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.39915`
MD5	`8a46e2446a4bf06b244de05ce70b9c30`
SHA1	`17daffa97b6384239d7e442ce1e774e55b7bb851`
SHA256	`71960b9ebef961e3769b266ef90ea8660f05ab7dc05d2751f4fd403d449c2947`
SHA3	`4596a0bc1946c2d95b1dd402e6f7d9c8bd702ef55d2440e5b14267cff4647153`

4

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.67192`
MD5	`78bfe1a1792a3e9a425f69265d151184`
SHA1	`07ed2253e86c0b97b7ce99e6feb7ae307de24b94`
SHA256	`eb455c4b5e5edc5c1df15c1663bd669592bc77ba48fcd667c022dc971d30fd90`
SHA3	`b2b07d2da746b481d465a655a4d4f715e2b4ce826f08218d4691809f9a00b897`

5

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x421b`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.97473`
Detected Filetype	PNG graphic file
MD5	`06402baef23da764cdfee32299b96684`
SHA1	`acdf5a9e404b37e9f30d613fdd713440ede4fba3`
SHA256	`335bcdf808c6933a9774e06ab14d6920f69a84c8bf6c2987dfe38e2a9294c48c`
SHA3	`fd3891530d3c325ba50e8aeb08f7420b16996ef201911105e19055ad7d82c83b`

32512

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x4c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.64638`
Detected Filetype	Icon file
MD5	`a24a291e82475efa531ebc313c29c504`
SHA1	`c34621b02bef4b50cd80b4bf408555f74e11dd43`
SHA256	`29d3ee3937fda09a1877575aaaa0ffb71cf506bfe8c9d15b1df186a8a8eb4884`
SHA3	`5db59c7620333169e55b264f878f339cfb791ecb7d47a5a582522cac46b56e6a`

1 (#2)

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x33c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.24711`
MD5	`2e59810b8d662f3eb04c80233ca5bdc4`
SHA1	`d297cc214b67a927d6bbe262c385e465114feb75`
SHA256	`289653f3f595d23e6dcef9099dc1efb394a7c5ca9832e07085176b9fa5585da6`
SHA3	`dd37913d6ce0724727112ddfa7e20228d630509a2dde9a4dd19987b24b6fd66d`

1 (#3)

Type	`RT_MANIFEST`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1ea`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.00112`
MD5	`b7db84991f23a680df8e95af8946f9c9`
SHA1	`cac699787884fb993ced8d7dc47b7c522c7bc734`
SHA256	`539dc26a14b6277e87348594ab7d6e932d16aabb18612d77f29fe421a9f1d46a`
SHA3	`4f72877413d13a67b52b292a8524e2c43a15253c26aaf6b5d0166a65bc615cff`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.0.0.0
ProductVersion	1.0.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
Comments
CompanyName
FileDescription	Lunar Client
FileVersion (#2)	1.0.0.0
InternalName	Lunar Client.exe
LegalCopyright	Copyright © 2021
LegalTrademarks
OriginalFilename	Lunar Client.exe
ProductName	Lunar Client
ProductVersion (#2)	1.0.0.0
Assembly Version	1.0.0.0

Resource LangID	UNKNOWN

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2044-May-12 19:16:44
Version	`0.0`
SizeofData	`113`
AddressOfRawData	`0x57a5e4`
PointerToRawData	`0x5787e4`
Referenced File	C:\Users\Ki Gonzalez\source\repos\Lunar Client\Lunar Client\obj\Release\Lunar Client.pdb

UNKNOWN

Characteristics	`0`
TimeDateStamp	1970-Jan-01 00:00:00
Version	`0.0`
SizeofData	`0`
AddressOfRawData	`0`
PointerToRawData	`0`

TLS Callbacks

Load Configuration

RICH Header

352352b54a1054a7f3e304e2a533ab70

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rsrc

.reloc

Imports

Delayed Imports

1

2

3

4

5

32512

1 (#2)

1 (#3)

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

UNKNOWN

TLS Callbacks

Load Configuration

RICH Header

Errors