Manalyze report for 4b5fa4941eb78c40ccf5976b72dbd936

This file seems to be a .NET executable.
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
Compilation Date	2104-Oct-29 08:11:57
Debug artifacts	C:\Users\admin\source\repos\CTF4old\obj\Release\CTF4old.pdb
Comments
CompanyName
FileDescription	CTF4old
FileVersion	`1.0.0.0`
InternalName	CTF4old.exe
LegalCopyright	Copyright © 2023
LegalTrademarks
OriginalFilename	CTF4old.exe
ProductName	CTF4old
ProductVersion	`1.0.0.0`
Assembly Version	1.0.0.0

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C# v7.0 / Basic .NET` `.NET executable -> Microsoft`
Malicious	VirusTotal score: 6/69 (Scanned on 2023-03-18 19:21:30)	`Bkav: W32.AIDetectNet.01` `Cynet: Malicious (score: 100)` `Cyren: W32/Trojan.HJG.gen!Eldorado` `APEX: Malicious` `Google: Detected` `MaxSecure: Trojan.Malware.300983.susgen`

Hashes

MD5	`4b5fa4941eb78c40ccf5976b72dbd936`
SHA1	`23c69d40d146146dba11e687e49aaeb1e7be3567`
SHA256	`1ff6f7e1a5abbdbc10e0013879a78a0b052904e571136f9f4868b8f070ebb9d4`
SHA3	`6fdb6a76d8cbddfa76031b57f1bd46cc87078b1717e3e402f135a002e41d9b6c`
SSDeep	`96:wsN25ODGgV9YJKXErhagNAJLHUIjjwLWzNt:ws4m9YJHrhagNOH9jEc`
Imports Hash	`f34d5f2d4577ed6d9ceec516c1f5a744`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`3`
TimeDateStamp	2104-Oct-29 08:11:57
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`48.0`
SizeOfCode	`0x1000`
SizeOfInitializedData	`0x800`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00002F9A (Section: .text)`
BaseOfCode	`0x2000`
BaseOfData	`0x4000`
ImageBase	`0x400000`
SectionAlignment	`0x2000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x8000`
SizeOfHeaders	`0x200`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`8a275ec1c43baaa870b2e92a72d77418`
SHA1	`de990bc2c7508ba164d81f95e83cfe16683a2fae`
SHA256	`62d20e05364c4a9803ad6b0485e67525af413861e2510b03da46cba2721be92a`
SHA3	`3936456f5e864a6a7a03e689013814db72ab509564f7fba475901ff42f530611`
VirtualSize	`0xfa0`
VirtualAddress	`0x2000`
SizeOfRawData	`0x1000`
PointerToRawData	`0x200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`5.31648`

.rsrc

MD5	`69578169c186731da9b02ace3782501d`
SHA1	`a6562820b2718aef56ee623009d7f09585060b01`
SHA256	`97950a09f8a92ab93e494769622cc0bac9ab8324ada21c2e0c20a066a9fa9969`
SHA3	`35cc19268f938e303ec8fee49ec5b24c149e91b683082ad006c2368fed41d2a5`
VirtualSize	`0x59c`
VirtualAddress	`0x4000`
SizeOfRawData	`0x600`
PointerToRawData	`0x1200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.05423`

.reloc

MD5	`618957766bea37e660c7e8e238148303`
SHA1	`8d49d8c09627ee006161f7c6f1755da835d11c94`
SHA256	`3a95d2146537af3e83da9645e6eec0839e4c9413c17299bfd6bff536003618fd`
SHA3	`35530f61122543ad74f667c03c624dafe1f5f427bb4db51deea04fec7dffe86b`
VirtualSize	`0xc`
VirtualAddress	`0x6000`
SizeOfRawData	`0x200`
PointerToRawData	`0x1800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.0815394`

Imports

mscoree.dll	`_CorExeMain`

Delayed Imports

1

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x30c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.26042`
MD5	`fa0f6032e8d1e5992a06f419cd617ed4`
SHA1	`0064c94eb792d8f4e70eedcd45a2e0db33c5435e`
SHA256	`37e08e56d2bae9a8d949394c64daff22197b1c8ac4ef414c482ca5b82f17bf66`
SHA3	`7e89159321b40b9a6ee09d8218232f2ebbbfc887b883aa2ff476b5e83138a4ed`

1 (#2)

Type	`RT_MANIFEST`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1ea`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.00112`
MD5	`b7db84991f23a680df8e95af8946f9c9`
SHA1	`cac699787884fb993ced8d7dc47b7c522c7bc734`
SHA256	`539dc26a14b6277e87348594ab7d6e932d16aabb18612d77f29fe421a9f1d46a`
SHA3	`4f72877413d13a67b52b292a8524e2c43a15253c26aaf6b5d0166a65bc615cff`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.0.0.0
ProductVersion	1.0.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
Comments
CompanyName
FileDescription	CTF4old
FileVersion (#2)	1.0.0.0
InternalName	CTF4old.exe
LegalCopyright	Copyright © 2023
LegalTrademarks
OriginalFilename	CTF4old.exe
ProductName	CTF4old
ProductVersion (#2)	1.0.0.0
Assembly Version	1.0.0.0

Resource LangID	UNKNOWN

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2104-Jul-07 19:46:49
Version	`0.0`
SizeofData	`84`
AddressOfRawData	`0x2ef4`
PointerToRawData	`0x10f4`
Referenced File	C:\Users\admin\source\repos\CTF4old\obj\Release\CTF4old.pdb

UNKNOWN

Characteristics	`0`
TimeDateStamp	1970-Jan-01 00:00:00
Version	`0.0`
SizeofData	`0`
AddressOfRawData	`0`
PointerToRawData	`0`

TLS Callbacks

Load Configuration

RICH Header

4b5fa4941eb78c40ccf5976b72dbd936

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rsrc

.reloc

Imports

Delayed Imports

1

1 (#2)

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

UNKNOWN

TLS Callbacks

Load Configuration

RICH Header

Errors