Manalyze report for 572d0287cf2a2c415eaf8eb4dabc1179

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2022-Nov-22 09:47:46
Detected languages	English - United States
Debug artifacts	d:\701\w\4gohw2x2jl\gen\src\OptU\ntintel\netsetup.pdb
CompanyName	SAP SE
FileDescription	Proxy Application
FileVersion	`2022, 0, 112, 0`
InternalName	Proxy Application
LegalCopyright	Copyright (C)2001-2021 SAP SE
Copyright	Copyright (C)2001-2021 SAP SE
OriginalFilename	netsetup.exe
ProductName	SAP Front-End Setup for the Windows(R) Environment
ProductVersion	`2022, 0, 112, 0`
SpecialBuild	Unicode Build

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C++ 6.0 - 8.0`
Info	The PE contains common functions which appear in legitimate applications.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryExW` `Possibly launches other programs: CreateProcessW` `Enumerates local disk drives: GetDriveTypeW`
Info	The PE is digitally signed.	`Signer: SAP SE` `Issuer: DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1`
Safe	VirusTotal score: 0/71 (Scanned on 2023-05-20 00:21:05)	`All the AVs think this file is safe.`

Hashes

MD5	`572d0287cf2a2c415eaf8eb4dabc1179`
SHA1	`10572920d4549f1448c4690ae19adeee07c39e0e`
SHA256	`d3338830cbc505b8029c13841ea1817956adac953ac95da8760905967f1cd8ed`
SHA3	`ba839c2685495f1de3e20c7ba2ded2749d6fb574269bd227aed304759ea6819f`
SSDeep	`6144:dF18tcltWEDM1/4K8ews64HNiKAOBUOQADFF:dF1vtWEDM1/rV7VDFF`
Imports Hash	`b50646c5f11b2577c0b05b0305cd076f`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x100`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`5`
TimeDateStamp	2022-Nov-22 09:47:46
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`14.0`
SizeOfCode	`0x27000`
SizeOfInitializedData	`0x1a000`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0000DE95 (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0x28000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x45000`
SizeOfHeaders	`0x400`
Checksum	`0x53bcc`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`b64257b5e90cebcd03f8fe80ecba76f3`
SHA1	`72e827f73ce6d8c0db0893453842c42a84baaa02`
SHA256	`10394c0941b3a413ee9aac291df263e5e4fa06474ff088a9222758929b452c64`
SHA3	`7b28e5e0fed518bdc312a3c70b242fd9fa7627eaa51d66e6f3563114722c8923`
VirtualSize	`0x26e4b`
VirtualAddress	`0x1000`
SizeOfRawData	`0x27000`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.57601`

.rdata

MD5	`fb9a19be460def70c7531135e73e4d92`
SHA1	`1bc677ac22fb48f661cb4ea8fa90f7eefc72c98b`
SHA256	`66a3b2921eb383af305d6a760bdb7bc4589bd7b2ac8ff30881bc0f56d5412760`
SHA3	`8b2e46f25dea209c6ba10558ded4b728248256f6e73fdf54f382d8d192ae617d`
VirtualSize	`0xfc80`
VirtualAddress	`0x28000`
SizeOfRawData	`0xfe00`
PointerToRawData	`0x27400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.32229`

.data

MD5	`92f373d06038864bbe810212e49b57f6`
SHA1	`359bac27584c3079c580943f4679891e91c3bde1`
SHA256	`7b1ca742e768b42a557512ae42cfc549a76e26cdbd2b8f0cd105623ab7f9e78e`
SHA3	`e2654a0faf419ca59e7323f0d7ca1a99d2450d35cfc79e0cd2e347bb70ed1f39`
VirtualSize	`0x20e8`
VirtualAddress	`0x38000`
SizeOfRawData	`0x1000`
PointerToRawData	`0x37200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`3.35705`

.rsrc

MD5	`107c34f73690943ce68e1018779e87d4`
SHA1	`428acb82a3f0c248cb669209884ea3d882553d14`
SHA256	`113a958a30d7dfee46f6b9e671858c083c1ed3be49ace48c32f7e5e1853b46a1`
SHA3	`411cf525e800147824b41074b1d8ee96e7f5e71ee8ef01ea160ef4272e2f5c4d`
VirtualSize	`0x6d1c`
VirtualAddress	`0x3b000`
SizeOfRawData	`0x6e00`
PointerToRawData	`0x38200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.99504`

.reloc

MD5	`176d813607029df29be312f041b8e681`
SHA1	`a940e505a0b688a123907c2a911067be172c3d65`
SHA256	`3018b0b229cbc4ec758fa44ec99378dbfc41fbfb470fce1dce0c413d010cf436`
SHA3	`14cb3b1e03bc53232c7cd818704c0675994d1991f3da519c951e92f739cef2a1`
VirtualSize	`0x2318`
VirtualAddress	`0x42000`
SizeOfRawData	`0x2400`
PointerToRawData	`0x3f000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`6.51788`

Imports

KERNEL32.dll	`GetProcAddress` `GetCommandLineW` `CreateProcessW` `GetProcessHeap` `DeleteCriticalSection` `DecodePointer` `HeapAlloc` `RaiseException` `CloseHandle` `HeapReAlloc` `GetLastError` `HeapSize` `WaitForSingleObject` `InitializeCriticalSectionEx` `LoadLibraryExW` `WideCharToMultiByte` `FindClose` `GetFileAttributesW` `CreateFileW` `GetCurrentDirectoryW` `FindFirstFileW` `FindNextFileW` `WriteFile` `GetDriveTypeW` `GetModuleHandleW` `GetModuleFileNameW` `GetCurrentProcess` `FormatMessageW` `LocalFree` `GetPrivateProfileStringW` `MultiByteToWideChar` `GetStringTypeW` `QueryPerformanceCounter` `WaitForSingleObjectEx` `GetCurrentThreadId` `EnterCriticalSection` `LeaveCriticalSection` `EncodePointer` `LCMapStringEx` `GetSystemTimeAsFileTime` `GetCPInfo` `IsDebuggerPresent` `OutputDebugStringW` `InitializeCriticalSectionAndSpinCount` `SetEvent` `ResetEvent` `CreateEventW` `GetCurrentProcessId` `InitializeSListHead` `UnhandledExceptionFilter` `SetUnhandledExceptionFilter` `GetStartupInfoW` `IsProcessorFeaturePresent` `TerminateProcess` `RtlUnwind` `SetLastError` `TlsAlloc` `TlsGetValue` `TlsSetValue` `TlsFree` `FreeLibrary` `GetFullPathNameW` `GetModuleHandleExW` `GetStdHandle` `ExitProcess` `GetFileType` `LCMapStringW` `GetLocaleInfoW` `IsValidLocale` `GetUserDefaultLCID` `EnumSystemLocalesW` `SetFilePointerEx` `FindFirstFileExW` `IsValidCodePage` `GetACP` `GetOEMCP` `GetCommandLineA` `GetEnvironmentStringsW` `FreeEnvironmentStringsW` `SetStdHandle` `FlushFileBuffers` `GetConsoleOutputCP` `GetConsoleMode` `WriteConsoleW` `HeapFree`
USER32.dll	`MessageBoxW` `GetDesktopWindow`

Delayed Imports

1

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x668`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.07719`
MD5	`8292afab580f8ddb53ce643b6fc668ed`
SHA1	`9cf9e90ea40a7314877562cfa1f38069c2b97252`
SHA256	`6051f2156d653a1696d1d624c772e907f51064a8c58eb9464be4a558ce443948`
SHA3	`3404d8dfa5be8a24d0393299a7b8f93a4f15ce0ce63e86fb8305137f165f35e7`

2

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x2e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.29282`
MD5	`1882f3b78a0fe9ed48143d540a53655f`
SHA1	`32ab6c16b439923d36d4c89537371f99bece7968`
SHA256	`9c5682c2778ae872895fc2cbb70765430305f0a5f219c3a35b88217b2ee1b5f1`
SHA3	`8bf76006177d5d6bbd96758c8f76d9ff45c312d5d131dbbc147746459285c7b6`

3

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.5546`
MD5	`0c973838110352ca77d7aa3203964e23`
SHA1	`ea93238ccac3262e16b07ffb043d492f7e919a31`
SHA256	`fd83c3ef50cc0cf87b680845b796bc12524c2d647dcc24fe462df8c646aa3dbb`
SHA3	`2bbebeb15ac828d76cbc4f952d0fa10ed4e7d954d59dd60b523201d3de307fbe`

4

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.98053`
MD5	`788e791e295da9da6d5da7f09d8ad130`
SHA1	`7194d00a32d0aa08c9e46d2c66da9f23cc4197eb`
SHA256	`8a7cdd05fce727f955fb24f501b4bfc62361044bf12943ca66230e061290c98c`
SHA3	`a1ed20d333136b7577e4e913c65e1d9d0238a491cb4b24d4e95f8469aedd3420`

5

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.1098`
MD5	`48eb18376f2785d3baa5909345ffb2f0`
SHA1	`d6b2624019b08439a1b8b313652622fd18a47e8d`
SHA256	`369f3fc7cd0210acc8f515ab3962905406215d699a2ebf557e9f70ff4cd35866`
SHA3	`44342871cdc040413e450e449d0f6ed8bc027eee2c611608e41731c67c9384ce`

6

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.08587`
MD5	`17c60445a21b7c825a68672dd0295a08`
SHA1	`fe6289d06e3581b0298c71e0010a33aa119582f0`
SHA256	`0b35aa05429813e15da09f69eb176294c3ec0148a0f51bdd034e57cee898992f`
SHA3	`e31e958de0a14f7feecb6602f49f673b4c1d891b31650341f4547791bbdaa55a`

7

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.6857`
MD5	`db9870621dcf6a1d2ab3ffbe1b7523ae`
SHA1	`6a4b80ac0df37a5fc123880a9f4d8751a3f8d87b`
SHA256	`06a33cc860e11b314399bea19c9a37332624fc1557784a57f7ead114d9d8ba0e`
SHA3	`3c4c7cc5c2b385794186fdd749ecc087b64ae457115f8949e804b3b46b210840`

8

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.70101`
MD5	`d13ca046d150c8fa220c044ad2b23171`
SHA1	`8494397d8111cc272929b7322ac454bc24752151`
SHA256	`e75acb0a16c9279522cabd3134bb72da318a1d158ad89126e340e38d561f186d`
SHA3	`cac3dd3d463915c473e8c21749c2183b13bfd03fab5c7c492a7008d194100c65`

9

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.44703`
MD5	`bc46a4560a0eccdd945c32cb3c24d964`
SHA1	`b4fdd28738efd31d7b999ada46f8896826a4ca0a`
SHA256	`8325cc2e95f06af72e4608ced74ff26b9f5a9cfb5c0dfe08e9a2d060a92433f6`
SHA3	`2d2d44adde3a2e2872092cb86056ea60fe8871cbaef69a5c1322e1041134c818`

101

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x84`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.89097`
Detected Filetype	Icon file
MD5	`a6469ac97a109b7c2bc1bf3020168af3`
SHA1	`53f3b4b4b61af9cde9de74a33fbc492c71f7660c`
SHA256	`ca82878ac6f8f5d26249f03257b496eebf06e2d20e02349a0b871bf92766535c`
SHA3	`15f2850e54173ca36462fa901e1019404484e4da82f3668cb938a5e593f2ed53`

1 (#2)

Type	`RT_VERSION`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x440`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.48424`
MD5	`0c3195b7cef992a94deb92393a5a1ad8`
SHA1	`5a5d1381f7a8edd2c13e42ac8f3024a6ae344e98`
SHA256	`7381e1e05992f03d853eefe0539db518a7937e0cde7d93e240cfd8ab11932379`
SHA3	`41ff94526aa476f360fa88f3036a92d73d900c51a766e176182f02ffbcb88553`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x3be`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.24162`
MD5	`8939029b30a3fd4dceccf6a6d9c19660`
SHA1	`416915d02d352e3a2b4e01fa1053e84100cfe7de`
SHA256	`d6550eed7177819bc4809e5c7ec3efd225997f136481538559c887cd96e2756c`
SHA3	`4642c803bb6bea14ef7d2ad734af23998bcc9f677feb8ddd685e3c2372bab7a5`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	2022.0.112.0
ProductVersion	2022.0.112.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	English - United States
CompanyName	SAP SE
FileDescription	Proxy Application
FileVersion (#2)	2022, 0, 112, 0
InternalName	Proxy Application
LegalCopyright	Copyright (C)2001-2021 SAP SE
Copyright	Copyright (C)2001-2021 SAP SE
OriginalFilename	netsetup.exe
ProductName	SAP Front-End Setup for the Windows(R) Environment
ProductVersion (#2)	2022, 0, 112, 0
SpecialBuild	Unicode Build

Resource LangID	English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2022-Nov-22 09:47:46
Version	`0.0`
SizeofData	`78`
AddressOfRawData	`0x34e6c`
PointerToRawData	`0x3426c`
Referenced File	d:\701\w\4gohw2x2jl\gen\src\OptU\ntintel\netsetup.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2022-Nov-22 09:47:46
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0x34ebc`
PointerToRawData	`0x342bc`

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2022-Nov-22 09:47:46
Version	`0.0`
SizeofData	`964`
AddressOfRawData	`0x34ed0`
PointerToRawData	`0x342d0`

TLS Callbacks

StartAddressOfRawData	`0x4352a4`
EndAddressOfRawData	`0x4352ac`
AddressOfIndex	`0x4397d4`
AddressOfCallbacks	`0x4281c0`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_ALIGN_4BYTES`
Callbacks	`(EMPTY)`

Load Configuration

Size	`0xbc`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x438018`
SEHandlerTable	`0x434ca0`
SEHandlerCount	`101`

RICH Header

XOR Key	`0xcfbdd95f`
Unmarked objects	`0`
ASM objects (27412)	`13`
C++ objects (27412)	`167`
C objects (27412)	`22`
C objects (30034)	`17`
ASM objects (30034)	`20`
C++ objects (30034)	`85`
Imports (27412)	`19`
Total imports	`222`
C++ objects (LTCG) (VS2019 Update 11 (16.11.14) compiler 30145)	`11`
Resource objects (VS2019 Update 11 (16.11.14) compiler 30145)	`1`
Linker (VS2019 Update 11 (16.11.14) compiler 30145)	`1`

572d0287cf2a2c415eaf8eb4dabc1179

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rdata

.data

.rsrc

.reloc

Imports

Delayed Imports

1

2

3

4

5

6

7

8

9

101

1 (#2)

1 (#3)

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

IMAGE_DEBUG_TYPE_VC_FEATURE

IMAGE_DEBUG_TYPE_POGO

TLS Callbacks

Load Configuration

RICH Header

Errors