Manalyze report for 58388633eaf163cd95c1183afb8fadf5

This file seems to be a .NET executable.
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
Compilation Date	2063-Mar-16 04:39:01
Debug artifacts	C:\Users\0xdf\source\repos\UserInfo\obj\Release\UserInfo.pdb
Comments
CompanyName
FileDescription	UserInfo
FileVersion	`1.0.0.0`
InternalName	UserInfo.exe
LegalCopyright	Copyright © 2022
LegalTrademarks
OriginalFilename	UserInfo.exe
ProductName	UserInfo
ProductVersion	`1.0.0.0`
Assembly Version	1.0.0.0

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C# v7.0 / Basic .NET`
Suspicious	VirusTotal score: 1/70 (Scanned on 2022-09-19 10:02:59)	`APEX: Malicious`

Hashes

MD5	`58388633eaf163cd95c1183afb8fadf5`
SHA1	`4493f05ce276c328501926c5931e654fbf1f9816`
SHA256	`ac9373f7ae2d3a8631aa725401e32f5bf9a264b78816e2ffc1b424380deb5e4d`
SHA3	`5930b88c9bd794e9436ee52e41b019bf08bc234c99261cc40e45bcafb343f831`
SSDeep	`192:V0eEcRVw3c/VaMETylzsax0UaYhACeJuAnuJO6jX:xq3czETwzP/aYhYJuAnu5X`
Imports Hash	`f34d5f2d4577ed6d9ceec516c1f5a744`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`3`
TimeDateStamp	2063-Mar-16 04:39:01
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`48.0`
SizeOfCode	`0x2800`
SizeOfInitializedData	`0x600`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0000464A (Section: .text)`
BaseOfCode	`0x2000`
BaseOfData	`0x6000`
ImageBase	`0x400000`
SectionAlignment	`0x2000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0xa000`
SizeOfHeaders	`0x200`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`ebe7b5860316c654370c68aa0efc1d0a`
SHA1	`a5999113df1e42d284dc39bd403e26772c391495`
SHA256	`044ac4d83c94f4e210f2e238b86813d333b97ce344991e558b0254170817508e`
SHA3	`9d0d92dc721a91dd46917eeb7aa0e58496a718009d69524990fb067d5da0e930`
VirtualSize	`0x2650`
VirtualAddress	`0x2000`
SizeOfRawData	`0x2800`
PointerToRawData	`0x200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`5.37988`

.rsrc

MD5	`78653fec4a11328654623bde9610a794`
SHA1	`e5603f9cc92578776b64022905687ccfd5a52bbc`
SHA256	`2131842f99219d0ea23aaa2ec30d16aee2807c00afd23509ee17853a21fa2334`
SHA3	`9e13dd11c0227dfdfa07b978e9ed2620625be0799a3870831865327082e2c8b7`
VirtualSize	`0x378`
VirtualAddress	`0x6000`
SizeOfRawData	`0x400`
PointerToRawData	`0x2a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`2.78504`

.reloc

MD5	`fc36e0b3de1162576bbe7163fb1c90ac`
SHA1	`ba59eca1dd59257e1a849ba0a8ae73c3fe5d700b`
SHA256	`2d17f7137df2872787b2394a4cc8c277998ca0b8c0a0bc24cacfe7cf7c12833a`
SHA3	`70111086cf555d34f4a1d51801314881b81edfdd366a658680cdbc3526c2b523`
VirtualSize	`0xc`
VirtualAddress	`0x8000`
SizeOfRawData	`0x200`
PointerToRawData	`0x2e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.0815394`

Imports

mscoree.dll	`_CorExeMain`

Delayed Imports

1

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x31c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.24792`
MD5	`2c751cc97c073ba19203c2c55548c0df`
SHA1	`5917ca20f19c725af2338c60b914bd43d162ae8e`
SHA256	`687e79b9142c778d2491cc8ad2f73d60b41c321546265889fc3c992c5402e546`
SHA3	`a9f8690f1327efb1f61a7809bf99696c7fe7933cd69a9b3ba47a605b0cef3565`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.0.0.0
ProductVersion	1.0.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
Comments
CompanyName
FileDescription	UserInfo
FileVersion (#2)	1.0.0.0
InternalName	UserInfo.exe
LegalCopyright	Copyright © 2022
LegalTrademarks
OriginalFilename	UserInfo.exe
ProductName	UserInfo
ProductVersion (#2)	1.0.0.0
Assembly Version	1.0.0.0

Resource LangID	UNKNOWN

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2093-Nov-18 13:30:55
Version	`0.0`
SizeofData	`85`
AddressOfRawData	`0x45a0`
PointerToRawData	`0x27a0`
Referenced File	C:\Users\0xdf\source\repos\UserInfo\obj\Release\UserInfo.pdb

UNKNOWN

Characteristics	`0`
TimeDateStamp	1970-Jan-01 00:00:00
Version	`0.0`
SizeofData	`0`
AddressOfRawData	`0`
PointerToRawData	`0`

TLS Callbacks

Load Configuration

RICH Header

58388633eaf163cd95c1183afb8fadf5

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rsrc

.reloc

Imports

Delayed Imports

1

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

UNKNOWN

TLS Callbacks

Load Configuration

RICH Header

Errors