Manalyze report for 517a43003923965e5c6e220aac3c6540

This file seems to be a .NET executable.
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2017-Jun-30 08:00:01
Debug artifacts	C:\Users\jan\Documents\Visual Studio 2017\Projects\Windows ISO Downloader\Windows ISO Downloader\obj\Release\Windows ISO Downloader.pdb
Comments
CompanyName
FileDescription	Windows ISO Downloader
FileVersion	`5.0.6.0`
InternalName	Windows ISO Downloader.exe
LegalCopyright	Copyright © 2017
LegalTrademarks
OriginalFilename	Windows ISO Downloader.exe
ProductName	Windows ISO Downloader
ProductVersion	`5.0.6.0`
Assembly Version	5.0.6.0

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C# v7.0 / Basic .NET` `.NET executable -> Microsoft`
Safe	VirusTotal score: 0/63 (Scanned on 2017-07-09 13:32:50)	`All the AVs think this file is safe.`

Hashes

MD5	`517a43003923965e5c6e220aac3c6540`
SHA1	`39108a27288a85b9c8297e01ff8654b75aa4e459`
SHA256	`6618fd13b126013fc5df8bf397d949fcb782fb78c3c0c0df06c3c8d3423f0ae1`
SHA3	`2f88287893b5fec4d6198396378f466fa66d9966374918cdcb14ceb3674477c9`
SSDeep	`6144:5pSiJEyj9iMlniJKbhMlpgJKbhMlpKVtQmGpSijBDgqHyQ7/1PTcQDU8Cu5iTTH:TiJaOpgJaOpK4pSiqOXTcKivHaFp`
Imports Hash	`f34d5f2d4577ed6d9ceec516c1f5a744`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`3`
TimeDateStamp	2017-Jun-30 08:00:01
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`80.0`
SizeOfCode	`0x136c00`
SizeOfInitializedData	`0x4b600`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00138A62 (Section: .text)`
BaseOfCode	`0x2000`
BaseOfData	`0x13a000`
ImageBase	`0x400000`
SectionAlignment	`0x2000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x188000`
SizeOfHeaders	`0x200`
Checksum	`0x18ea3c`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`274e13986db4be8901169994cc5629b7`
SHA1	`2d1df273cbf44330c7ef423d72602ebdf89521bf`
SHA256	`ae6fd8f80e368a53e1f3dd3fe510d7b51a8ebc594fb76812a80b140cdbeb9e83`
SHA3	`57607f3b5e1dfb3a302448b420d01c72cb116e7b51b7a9c26c9d75d13b1a6878`
VirtualSize	`0x136a68`
VirtualAddress	`0x2000`
SizeOfRawData	`0x136c00`
PointerToRawData	`0x200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`5.53017`

.rsrc

MD5	`4721b1d45572d34f95e448664bae65f2`
SHA1	`7fe9824786a61a240265687555ee2b3edc9d216f`
SHA256	`b6b6ed6b46c52eaa4798c48a36753eb5c371d5f49917ff2709433a41d920fbda`
SHA3	`4b6842795ed59eef20c4358420cd4203c1a2127e69a27a194c8d9d223d77a736`
VirtualSize	`0x4b3a4`
VirtualAddress	`0x13a000`
SizeOfRawData	`0x4b400`
PointerToRawData	`0x136e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.42874`

.reloc

MD5	`df46114db1056c760aa2d627461b8833`
SHA1	`ffe6d669a1f324095d7fd7da7092e93027167b51`
SHA256	`1ac2ad2ef6e6d947b9f022b96d046666e761a0ab95d24d822c57424e29d53743`
SHA3	`9615675370c2a13502e81974a5836707f995324ffd5f989f1aa9d2c9739123d5`
VirtualSize	`0xc`
VirtualAddress	`0x186000`
SizeOfRawData	`0x200`
PointerToRawData	`0x182200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.10191`

Imports

mscoree.dll	`_CorExeMain`

Delayed Imports

1

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.22648`
MD5	`f44629894f49d23067a04e638d170168`
SHA1	`354ac5cf6827c0379ca9199665d62a0ba65cb6d9`
SHA256	`2b4e79c718d405bb0fdc3983ceed1409382bedfa64a7fe14ece962d8c0b8b31d`
SHA3	`88aa800b81abde9f5bf8cbd9a23e04041b018445969da455cf4716bb5580074a`

2

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.66927`
MD5	`bb0dac0486caae3cbdb7cf6e5d6dab67`
SHA1	`2b5715518a92c1520986053dd830e2c7d9d3d673`
SHA256	`788d7e4bf17d7f4bbe92a169d1c3fe76a9920032be8c6ef98ad23370c77c4a4f`
SHA3	`b91a1c632aaccd2b1adf99cd2aeeeaa86c61bce7eeb7431a65e4a6943646ed97`

3

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.31647`
MD5	`f27df574bd14b051d3c44fdc13217c96`
SHA1	`9150b576ff8c7af2f006b8a8a1bbc25ea9422267`
SHA256	`53758086086d2982b738708442249a90b552898948fa425aa9dc9578f9abbf65`
SHA3	`f302f321cd6ca6a6018c8618cb9d42ed9b7367396965b7e64c09f22c7cb36abd`

4

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.81771`
MD5	`b43b8aaf2a8b84a2019b38b0b75021dd`
SHA1	`ba332b28410ff09705ec03af65b23c2025b4bb8e`
SHA256	`cada59a515b65efa092f22aa14e2cb29fb115e62a95a13ab482157f9aedf28a4`
SHA3	`714b5885d7b9f2364f3dd29b8aed8a970ea2e06a97749d56bed48855d2962b55`

5

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.50631`
MD5	`9ddcba50dbb7373906d478456aa385d8`
SHA1	`92880b7dcdd0e96001cf4e9de30a718021715300`
SHA256	`7476411991f19ec16b7ba757af2a2ceeb49ce8dea6736dd7e078670c62094801`
SHA3	`5fc92f2f0ca254207e2ba67638443f75fa0e394c5f37cc02c632d2dd6b479e59`

6

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x94a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.15714`
MD5	`2f6f18fa3f6f226925b61bd0dff810b1`
SHA1	`462f74fcc34f16311f39d2ec3842f9c717b68161`
SHA256	`8ccc865bcb8c4b3e9ec0adc130d6869f5e89d70fbbcbf70e80e3cba04a30bd89`
SHA3	`1731a9612a05c208eb1079f18d7fbe5fe0f37505f25a5f433d2c92e97a7a9286`

7

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.02373`
MD5	`f778f74b8ae229c75f84b114d5a9f627`
SHA1	`79af30de7bab015b160f6d09622ea643889a711f`
SHA256	`3d31919bbdec1c84042b739839538f42d2e12483e97d2ca011faffff1e4b21c7`
SHA3	`4b105e2d78a5f53cea2a4bc174f2d4a881398706201157ca76da4db0a29c8f65`

8

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x25228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.78483`
MD5	`1dbd59cfb8f469b7d4a66efc84e97a74`
SHA1	`f5e63a1e69474d795c89ba41eba1c70ffaa50f9f`
SHA256	`53c921c10d6d4e943c87f9181f859c9fc37da5c89417ac9d4ed41635fa18c4c9`
SHA3	`82469c6ca1d01f457b32165566d0191bcfe3bbd1cac5ea8dd70e57d8c1a3aa1c`

9

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x37c7`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.95518`
Detected Filetype	PNG graphic file
MD5	`efa5247f3a96fbbb3806ac65006c5c76`
SHA1	`f3eabc10a322ff6243bbb5c41ae873b55a1fb0aa`
SHA256	`f562235522cacda6c9dec1c26ec84b62721bc5d871f6d44aba21e1bc41601a5a`
SHA3	`20b42b3764975a1e25fdd7cbe525ea32597ed1cec497a23689e8a6b365b4db68`

32512

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x84`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.07075`
Detected Filetype	Icon file
MD5	`6b7beac2f9a23cc819d2a2c1060642cf`
SHA1	`9dad20ea7fd54cdee46787b9cd11b00bc1385a19`
SHA256	`75af233835f7b346885a23c575f8ce6c9a5e0f7d5011fc2a08e36986f8c2f51e`
SHA3	`1d8e09185cd3b1c74ef4eb6a2508337b9ce8089aaded7bc14292c903cfb45f72`

1 (#2)

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x38c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.34496`
MD5	`99b716b7b59c132aea93a156ac1ef592`
SHA1	`16e147c57c045427ab56f477c6e3f51d5f5dcdde`
SHA256	`7d3d7e845848bb141dcea44014a3391ba78d652b89ec886a18d515324cc2d006`
SHA3	`45e68c96fc8df6f92dcc51ad4900d138739d9b446ee7b1d68d50500a9393af8d`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	5.0.6.0
ProductVersion	5.0.6.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
Comments
CompanyName
FileDescription	Windows ISO Downloader
FileVersion (#2)	5.0.6.0
InternalName	Windows ISO Downloader.exe
LegalCopyright	Copyright © 2017
LegalTrademarks
OriginalFilename	Windows ISO Downloader.exe
ProductName	Windows ISO Downloader
ProductVersion (#2)	5.0.6.0
Assembly Version	5.0.6.0

Resource LangID	UNKNOWN

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2017-Jun-30 08:00:01
Version	`0.0`
SizeofData	`284`
AddressOfRawData	`0x1388f4`
PointerToRawData	`0x136af4`
Referenced File	C:\Users\jan\Documents\Visual Studio 2017\Projects\Windows ISO Downloader\Windows ISO Downloader\obj\Release\Windows ISO Downloader.pdb

TLS Callbacks

Load Configuration

RICH Header

517a43003923965e5c6e220aac3c6540

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rsrc

.reloc

Imports

Delayed Imports

1

2

3

4

5

6

7

8

9

32512

1 (#2)

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

TLS Callbacks

Load Configuration

RICH Header

Errors