×
This file seems to be a .NET executable .
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!
Architecture
IMAGE_FILE_MACHINE_I386
Subsystem
IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date
2039-Dec-18 04:32:35
Debug artifacts
MobiOffice_Setup.pdb
CompanyName
MobiSystems Inc.
FileDescription
MobiOffice
FileVersion
10.10.8183.1
InternalName
MobiOffice_Setup.exe
LegalCopyright
© 2015-2024 MobiSystems Inc. All rights reserved.
OriginalFilename
MobiOffice_Setup.exe
ProductName
MobiOffice
ProductVersion
10.10.58183.0+b142426f143f9eb60874f1c025331626ef971462
Assembly Version
10.10.8183.1
Info
Matching compiler(s):
Microsoft Visual C# v7.0 / Basic .NET
.NET DLL -> Microsoft
Suspicious
Strings found in the binary may indicate undesirable behavior:
Contains another PE executable:
This program cannot be run in DOS mode.
Contains domain names:
AppCenter.Bootstrapper.Properties.Resources.de
AppCenter.Bootstrapper.Properties.Resources.es
AppCenter.Bootstrapper.Properties.Resources.fr
AppCenter.Bootstrapper.Properties.Resources.it
AppCenter.Bootstrapper.Properties.Resources.ru
Bootstrapper.Properties.Resources.de
Bootstrapper.Properties.Resources.es
Bootstrapper.Properties.Resources.fr
Bootstrapper.Properties.Resources.it
Bootstrapper.Properties.Resources.ru
MobiSystems.AppCenter.Bootstrapper.Properties.Resources.de
MobiSystems.AppCenter.Bootstrapper.Properties.Resources.es
MobiSystems.AppCenter.Bootstrapper.Properties.Resources.fr
MobiSystems.AppCenter.Bootstrapper.Properties.Resources.it
MobiSystems.AppCenter.Bootstrapper.Properties.Resources.ru
MobiSystems.com
Mobisystems.com
Properties.Resources.de
Properties.Resources.es
Properties.Resources.fr
Properties.Resources.it
Properties.Resources.ru
Resources.de
Resources.es
Resources.fr
Resources.it
Resources.ru
Setup.de
Setup.es
Setup.fr
Setup.it
Setup.ru
analytics.com
cfg.mobisystems.com
connect.mobisystems.com
developers.google.com
exp.connect.mobisystems.com
google-analytics.com
google.com
googleapis.com
http://schemas.microsoft.com
http://schemas.microsoft.com/appx/manifest/externaldependencies
http://schemas.microsoft.com/expression/blend/2008
http://schemas.microsoft.com/winfx/2006/xaml
http://schemas.microsoft.com/winfx/2006/xaml/presentation
http://schemas.microsoft.com/winfx/2006/xaml/presentation/options
http://schemas.openxmlformats.org
http://schemas.openxmlformats.org/markup-compatibility/2006
https://cfg.mobisystems.com
https://cfg.mobisystems.com/update
https://connect.mobisystems.com
https://connect.mobisystems.com/api
https://developers.google.com
https://developers.google.com/analytics/devguides/collection/protocol/ga4
https://exp.connect.mobisystems.com
https://exp.connect.mobisystems.com/api
https://storage.googleapis.com
https://storage.googleapis.com/ms-apps-bucket-exp/update
https://storage.googleapis.com/ms-apps-bucket-test/update
https://test.connect.mobisystems.com
https://test.connect.mobisystems.com/api
https://www.google-analytics.com
https://www.google-analytics.com/debug/mp/collect
https://www.google-analytics.com/mp/collect
microsoft.com
mobisystems.com
openxmlformats.org
schemas.microsoft.com
schemas.openxmlformats.org
sentry.mobisystems.com
storage.googleapis.com
test.connect.mobisystems.com
www.google-analytics.com
Info
The PE is digitally signed.
Signer: MobiSystems
Issuer: DigiCert Global G3 Code Signing ECC SHA384 2021 CA1
Suspicious
No VirusTotal score.
This file has never been scanned on VirusTotal.
MD5
3b0623a664ebfbf9eac72f705b97f9e6
SHA1
3c58f41a21c543865a353854b660696f1cff7aef
SHA256
8579cfaaaf704373c902e6bc5a8bf2269b4185551c737c7e8e407a3c59361134
SHA3
30bf05a5f47907b0d988e35691ec3f38f9be6017ef7d60dd522e4a627c7a0216
SSDeep
24576:9Ubjj2Vi67/fLfSDyFoBkkA1BIwmR3/DhuN8TIlTM6aXl6m:9UXjql7DSmanAG3/DFuTjaXlX
Imports Hash
f34d5f2d4577ed6d9ceec516c1f5a744
e_magic
MZ
e_cblp
0x90
e_cp
0x3
e_crlc
0
e_cparhdr
0x4
e_minalloc
0
e_maxalloc
0xffff
e_ss
0
e_sp
0xb8
e_csum
0
e_ip
0
e_cs
0
e_ovno
0
e_oemid
0
e_oeminfo
0
e_lfanew
0x80
Signature
PE
Machine
IMAGE_FILE_MACHINE_I386
NumberofSections
3
TimeDateStamp
2039-Dec-18 04:32:35
PointerToSymbolTable
0
NumberOfSymbols
0
SizeOfOptionalHeader
0xe0
Characteristics
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Magic
PE32
LinkerVersion
48.0
SizeOfCode
0x17e000
SizeOfInitializedData
0x25e00
SizeOfUninitializedData
0
AddressOfEntryPoint
0x0017FEBE (Section: .text)
BaseOfCode
0x2000
BaseOfData
0
ImageBase
0x400000
SectionAlignment
0x2000
FileAlignment
0x200
OperatingSystemVersion
4.0
ImageVersion
0.0
SubsystemVersion
6.0
Win32VersionValue
0
SizeOfImage
0x1a8000
SizeOfHeaders
0x200
Checksum
0x1b5395
Subsystem
IMAGE_SUBSYSTEM_WINDOWS_GUI
DllCharacteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve
0x100000
SizeofStackCommit
0x1000
SizeofHeapReserve
0x100000
SizeofHeapCommit
0x1000
LoaderFlags
0
NumberOfRvaAndSizes
16
MD5
a6fe843d12d4e913da7b3d272760acbc
SHA1
f0d4b7346b33da51b9d1f5d6e6a5916fc90897ae
SHA256
0c52a6764771b676a4f29ea0ca4fc09ef202241938c01b67a27cf85c6f29dad1
SHA3
2d41ab784a484f6ad3a4311afd6676d33345eababcec96820f420ac5f6a78408
VirtualSize
0x17dec4
VirtualAddress
0x2000
SizeOfRawData
0x17e000
PointerToRawData
0x200
PointerToRelocations
0
PointerToLineNumbers
0
NumberOfLineNumbers
0
NumberOfRelocations
0
Characteristics
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy
7.50453
MD5
633033729791b693672c8de838bcfee1
SHA1
4cf8e3af69c0fc64b60e71523ddf0ec66122567e
SHA256
f393a4f1f95791154df1040356e8de0a7a0cb82a9b81d126fc4944492a1e843d
SHA3
87b4cdd88ba9579b4b68fc71d1ce5a0dd66527ad027c1537ca4b75a2767a0daa
VirtualSize
0x25a9c
VirtualAddress
0x180000
SizeOfRawData
0x25c00
PointerToRawData
0x17e200
PointerToRelocations
0
PointerToLineNumbers
0
NumberOfLineNumbers
0
NumberOfRelocations
0
Characteristics
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy
3.18165
MD5
3b8be2a97fe8da4910c0375993230e95
SHA1
90bfd689466978f5d84973f078e0983bbbf27e05
SHA256
6b727c258c39f651db94a39aeba8bfb8ea1b508a273f02fa4b7e56d2f9e51b48
SHA3
b72ec8c76d022900174cc090697fdc94de2aebc1c625a1f3aba9824ba97de07f
VirtualSize
0xc
VirtualAddress
0x1a6000
SizeOfRawData
0x200
PointerToRawData
0x1a3e00
PointerToRelocations
0
PointerToLineNumbers
0
NumberOfLineNumbers
0
NumberOfRelocations
0
Characteristics
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Entropy
0.10191
Type
RT_ICON
Language
UNKNOWN
Codepage
UNKNOWN
Size
0x468
TimeDateStamp
1980-Jan-01 00:00:00
Entropy
3.96564
MD5
0b7e3ecff048f9ee067d5e8d91b5a5eb
SHA1
e7384c18ea82a48a3aef1a7e2f75d1a7f6030c2f
SHA256
8b4dbc33d5bb1d8ab5f3ac65d527744a47daa5b839c1a9f5b2e0b8f0b9e5c575
SHA3
07ef83eb7c7c638a61bb244be294d59c69d982cea0ac9ce46b8a98dc4581c235
Type
RT_ICON
Language
UNKNOWN
Codepage
UNKNOWN
Size
0x6b8
TimeDateStamp
1980-Jan-01 00:00:00
Entropy
3.79356
MD5
c0ae6d44d77504f3ecfd1144b66c7213
SHA1
6d4621e7ccf1725dd4a5dae125a47d795ca95afa
SHA256
8da82bb579e44f66208a37ebf3cc3f5475e0cad830022b4ec3b371553cebae23
SHA3
b8011a9183a8816e622c334bf9e67a27bd509405914f5a494e1633c6bcda28e6
Type
RT_ICON
Language
UNKNOWN
Codepage
UNKNOWN
Size
0x988
TimeDateStamp
1980-Jan-01 00:00:00
Entropy
3.76002
MD5
1a32efdaf7b8d1771b462b21621f080e
SHA1
ecce6aa692c0b98aac12a1ed45ffb49caa1b6fd2
SHA256
b332f0422b92f558888897c28a1f5f1100c987052d16d566af8d799cf8d7e363
SHA3
8e18e0445fd5fd4514d5842b7f451e10ec48777d99bb0b5a5f2d0c0709f3ff21
Type
RT_ICON
Language
UNKNOWN
Codepage
UNKNOWN
Size
0x10a8
TimeDateStamp
1980-Jan-01 00:00:00
Entropy
3.60323
MD5
2c347c3b20692ab68256ee915a2a6720
SHA1
e0654ac6b7c1b939b5198ad1c99e30dd6baf70ed
SHA256
78f3eea85ce5972c0cd7b9cd7f37047a9c18cd68652cef0d409c9891cfc2826d
SHA3
be3e8179713ac2a3aba88d836f9a95dbab577e5641f5fcdc462df7fac8e84e6e
Type
RT_ICON
Language
UNKNOWN
Codepage
UNKNOWN
Size
0x1a68
TimeDateStamp
1980-Jan-01 00:00:00
Entropy
3.09314
MD5
a70d6cbdd1f5cadb2d5c7cc07c07799e
SHA1
2fd6d50e021a03850da61fafeabd1053eac83c3e
SHA256
06843865bf39840c93c9496a09f64b3a6385498d1c9e0baf2f75ca6f543950ee
SHA3
491464f1a3c2b8df3e2fe47a54896aae25591a281d7784d0649744eb0df217b2
Type
RT_ICON
Language
UNKNOWN
Codepage
UNKNOWN
Size
0x25a8
TimeDateStamp
1980-Jan-01 00:00:00
Entropy
2.87659
MD5
c8cc7a678b29e8106f2642356f26df45
SHA1
1e27aec86f43b09bc4766d0486128051988a3050
SHA256
4a7ca45c46f54cb1ff2858cfd090f913f08a5b6f3a67f910af0b7e0b33e4f15f
SHA3
5ebbc4c3cda10b8298bf9e586ab1c2c34b7515b584763bcf31ffb23e85cbd469
Type
RT_ICON
Language
UNKNOWN
Codepage
UNKNOWN
Size
0x3a48
TimeDateStamp
1980-Jan-01 00:00:00
Entropy
2.61203
MD5
947cf860f0e582290bbc24b2d77af1c3
SHA1
592a7bd8a96099427cd5001c4e22ebf0b3ce13c0
SHA256
0029370cf1a18099b2feddda6f52c182c7d00c77fdddf1cc717ec8fded2b8e8e
SHA3
2aecd683b53fd77de4adf7e044e509cae50d6071ddfff249fdfdef0c9a156ce0
Type
RT_ICON
Language
UNKNOWN
Codepage
UNKNOWN
Size
0x4228
TimeDateStamp
1980-Jan-01 00:00:00
Entropy
2.6374
MD5
1e23026df8239d742a69bcd937465e9d
SHA1
a57a00a378dadfdd5e2aa6fd6559a72111502848
SHA256
af02d958c46f5d80ebc0fbdbe261a081204ef1149debe285ff10cb3e68adf235
SHA3
cb66ec15e778dabec679bca84150df66fcb46e5f5812199f8179992eeab9a4e7
Type
RT_ICON
Language
UNKNOWN
Codepage
UNKNOWN
Size
0x5488
TimeDateStamp
1980-Jan-01 00:00:00
Entropy
2.59374
MD5
fc95700029c59e9d29d93a8ce7bbc976
SHA1
a1dbd0bf298e36394fa8690cf958f902bbdd22cd
SHA256
629a459cc83407b3e0478c588ace094da734a10565c7c24b53d6c70bbf0e8fe8
SHA3
b38e907c5fb021249ef2ae9560da599d16087d120bc151ec66e0a265120d35e2
Type
RT_ICON
Language
UNKNOWN
Codepage
UNKNOWN
Size
0x67e8
TimeDateStamp
1980-Jan-01 00:00:00
Entropy
2.60598
MD5
ca3784a9130e2bd90e390d139e82f356
SHA1
a51de88ac06da661558676056970587eaf3983df
SHA256
dd4519df98631f525e614e9fea94d90f73b32d12410598df64314b90e99f9568
SHA3
4d75fdabcc7b4f0f1279b4fe4c2ec2a715f3e47f4b49ba25579ab41c28150ff3
Type
RT_ICON
Language
UNKNOWN
Codepage
UNKNOWN
Size
0x94a8
TimeDateStamp
1980-Jan-01 00:00:00
Entropy
2.33675
MD5
630d3346a29e13da8ce29c4fe6ac35da
SHA1
59f026ba4c63e2ad0542fb47a60a935715059c52
SHA256
cb6e02ada1cd94496392810fe98420a37a9217cfc90ef661d631e138df7e6bb6
SHA3
9263120d601d57486ce894b0050239488e79e63c6aa8e32652944699d354ab66
Type
RT_ICON
Language
UNKNOWN
Codepage
UNKNOWN
Size
0x1994
TimeDateStamp
1980-Jan-01 00:00:00
Entropy
7.86954
Detected Filetype
PNG graphic file
MD5
cb703d20f2ad2c89243591370e640707
SHA1
96079de93e8b8e7f3cf869994df406b74a24d6a5
SHA256
6431a739937c38a83e4a347dcd5980028f1325474ddab7ecd803d1031a2569f5
SHA3
a940c44bf5a6fc716df2b739f0ad55d0e72d2d2dc6015e478699e994df6ef0d9
Type
RT_GROUP_ICON
Language
UNKNOWN
Codepage
UNKNOWN
Size
0xae
TimeDateStamp
1980-Jan-01 00:00:00
Entropy
3.20218
Detected Filetype
Icon file
MD5
ebaff9a06854fd834bf57a481d87797a
SHA1
ed257f39550351fca1237f579fe41047633eb61a
SHA256
569652f6c57fafa0832d2d0891dbfd9494a5331cbf4ff5709daf9955f66c70c8
SHA3
06a965b54ac8315e4bd79e211de6a3f089acd32ab4aaed42c8dcaf893aa7ac41
Type
RT_VERSION
Language
UNKNOWN
Codepage
UNKNOWN
Size
0x3d2
TimeDateStamp
1980-Jan-01 00:00:00
Entropy
3.51615
MD5
f9c904760ff11d966a0120613e88bf21
SHA1
5f9f53391f46c10a2a518f77ce9e322a8ac41b25
SHA256
fd6293d862928e258f2ca344f1fd3efbfaa90c1946f8af5887e288c6898f3349
SHA3
ba2265949f01cbfb56d1f94316e85562a0881cfd7423767a7a8b9b83943423c0
Type
RT_MANIFEST
Language
UNKNOWN
Codepage
UNKNOWN
Size
0x658
TimeDateStamp
1980-Jan-01 00:00:00
Entropy
4.8216
MD5
83a281746c6a84c991fd38999e2be9d1
SHA1
a5952a3bd0ef5dc8a8e821bfdd2c3c497f698414
SHA256
b60b6ab7a292063f2195f646db2a7aa2462faf765029cddb9a9c98c140033877
SHA3
80471ad3530cb07ff3c483baabcc82fb46bfa8a85abbee16c1b9dd68500b8b6d
Signature
0xfeef04bd
StructVersion
0x10000
FileVersion
10.10.8183.1
ProductVersion
10.10.58183.0
FileFlags
(EMPTY)
FileOs
VOS_DOS_WINDOWS32
VOS_NT_WINDOWS32
VOS__WINDOWS32
FileType
VFT_APP
Language
UNKNOWN
CompanyName
MobiSystems Inc.
FileDescription
MobiOffice
FileVersion (#2)
10.10.8183.1
InternalName
MobiOffice_Setup.exe
LegalCopyright
© 2015-2024 MobiSystems Inc. All rights reserved.
OriginalFilename
MobiOffice_Setup.exe
ProductName
MobiOffice
ProductVersion (#2)
10.10.58183.0+b142426f143f9eb60874f1c025331626ef971462
Assembly Version
10.10.8183.1
Characteristics
0
TimeDateStamp
2039-Dec-18 04:32:35
Version
256.20557
SizeofData
45
AddressOfRawData
0x169638
PointerToRawData
0x167838
Referenced File
MobiOffice_Setup.pdb
Characteristics
0
TimeDateStamp
1970-Jan-01 00:00:00
Version
256.256
SizeofData
92171
AddressOfRawData
0x169665
PointerToRawData
0x167865
Characteristics
0
TimeDateStamp
1970-Jan-01 00:00:00
Version
0.0
SizeofData
0
AddressOfRawData
0
PointerToRawData
0x17e070