×
This file seems to be a .NET executable .
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!
Architecture
IMAGE_FILE_MACHINE_I386
Subsystem
IMAGE_SUBSYSTEM_WINDOWS_CUI
Compilation Date
2063-Mar-16 04:39:01
Debug artifacts
C:\Users\0xdf\source\repos\UserInfo\obj\Release\UserInfo.pdb
Comments
CompanyName
FileDescription
UserInfo
FileVersion
1.0.0.0
InternalName
UserInfo.exe
LegalCopyright
Copyright © 2022
LegalTrademarks
OriginalFilename
UserInfo.exe
ProductName
UserInfo
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0
Info
Matching compiler(s):
Microsoft Visual C# v7.0 / Basic .NET
Suspicious
VirusTotal score: 1/70 (Scanned on 2022-09-19 10:02:59)
APEX:
Malicious
MD5
58388633eaf163cd95c1183afb8fadf5
SHA1
4493f05ce276c328501926c5931e654fbf1f9816
SHA256
ac9373f7ae2d3a8631aa725401e32f5bf9a264b78816e2ffc1b424380deb5e4d
SHA3
5930b88c9bd794e9436ee52e41b019bf08bc234c99261cc40e45bcafb343f831
SSDeep
192:V0eEcRVw3c/VaMETylzsax0UaYhACeJuAnuJO6jX:xq3czETwzP/aYhYJuAnu5X
Imports Hash
f34d5f2d4577ed6d9ceec516c1f5a744
e_magic
MZ
e_cblp
0x90
e_cp
0x3
e_crlc
0
e_cparhdr
0x4
e_minalloc
0
e_maxalloc
0xffff
e_ss
0
e_sp
0xb8
e_csum
0
e_ip
0
e_cs
0
e_ovno
0
e_oemid
0
e_oeminfo
0
e_lfanew
0x80
Signature
PE
Machine
IMAGE_FILE_MACHINE_I386
NumberofSections
3
TimeDateStamp
2063-Mar-16 04:39:01
PointerToSymbolTable
0
NumberOfSymbols
0
SizeOfOptionalHeader
0xe0
Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Magic
PE32
LinkerVersion
48.0
SizeOfCode
0x2800
SizeOfInitializedData
0x600
SizeOfUninitializedData
0
AddressOfEntryPoint
0x0000464A (Section: .text)
BaseOfCode
0x2000
BaseOfData
0x6000
ImageBase
0x400000
SectionAlignment
0x2000
FileAlignment
0x200
OperatingSystemVersion
4.0
ImageVersion
0.0
SubsystemVersion
6.0
Win32VersionValue
0
SizeOfImage
0xa000
SizeOfHeaders
0x200
Checksum
0
Subsystem
IMAGE_SUBSYSTEM_WINDOWS_CUI
DllCharacteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve
0x100000
SizeofStackCommit
0x1000
SizeofHeapReserve
0x100000
SizeofHeapCommit
0x1000
LoaderFlags
0
NumberOfRvaAndSizes
16
MD5
ebe7b5860316c654370c68aa0efc1d0a
SHA1
a5999113df1e42d284dc39bd403e26772c391495
SHA256
044ac4d83c94f4e210f2e238b86813d333b97ce344991e558b0254170817508e
SHA3
9d0d92dc721a91dd46917eeb7aa0e58496a718009d69524990fb067d5da0e930
VirtualSize
0x2650
VirtualAddress
0x2000
SizeOfRawData
0x2800
PointerToRawData
0x200
PointerToRelocations
0
PointerToLineNumbers
0
NumberOfLineNumbers
0
NumberOfRelocations
0
Characteristics
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy
5.37988
MD5
78653fec4a11328654623bde9610a794
SHA1
e5603f9cc92578776b64022905687ccfd5a52bbc
SHA256
2131842f99219d0ea23aaa2ec30d16aee2807c00afd23509ee17853a21fa2334
SHA3
9e13dd11c0227dfdfa07b978e9ed2620625be0799a3870831865327082e2c8b7
VirtualSize
0x378
VirtualAddress
0x6000
SizeOfRawData
0x400
PointerToRawData
0x2a00
PointerToRelocations
0
PointerToLineNumbers
0
NumberOfLineNumbers
0
NumberOfRelocations
0
Characteristics
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy
2.78504
MD5
fc36e0b3de1162576bbe7163fb1c90ac
SHA1
ba59eca1dd59257e1a849ba0a8ae73c3fe5d700b
SHA256
2d17f7137df2872787b2394a4cc8c277998ca0b8c0a0bc24cacfe7cf7c12833a
SHA3
70111086cf555d34f4a1d51801314881b81edfdd366a658680cdbc3526c2b523
VirtualSize
0xc
VirtualAddress
0x8000
SizeOfRawData
0x200
PointerToRawData
0x2e00
PointerToRelocations
0
PointerToLineNumbers
0
NumberOfLineNumbers
0
NumberOfRelocations
0
Characteristics
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Entropy
0.0815394
Type
RT_VERSION
Language
UNKNOWN
Codepage
UNKNOWN
Size
0x31c
TimeDateStamp
1980-Jan-01 00:00:00
Entropy
3.24792
MD5
2c751cc97c073ba19203c2c55548c0df
SHA1
5917ca20f19c725af2338c60b914bd43d162ae8e
SHA256
687e79b9142c778d2491cc8ad2f73d60b41c321546265889fc3c992c5402e546
SHA3
a9f8690f1327efb1f61a7809bf99696c7fe7933cd69a9b3ba47a605b0cef3565
Signature
0xfeef04bd
StructVersion
0x10000
FileVersion
1.0.0.0
ProductVersion
1.0.0.0
FileFlags
(EMPTY)
FileOs
VOS_DOS_WINDOWS32
VOS_NT_WINDOWS32
VOS__WINDOWS32
FileType
VFT_APP
Language
UNKNOWN
Comments
CompanyName
FileDescription
UserInfo
FileVersion (#2)
1.0.0.0
InternalName
UserInfo.exe
LegalCopyright
Copyright © 2022
LegalTrademarks
OriginalFilename
UserInfo.exe
ProductName
UserInfo
ProductVersion (#2)
1.0.0.0
Assembly Version
1.0.0.0
Characteristics
0
TimeDateStamp
2093-Nov-18 13:30:55
Version
0.0
SizeofData
85
AddressOfRawData
0x45a0
PointerToRawData
0x27a0
Referenced File
C:\Users\0xdf\source\repos\UserInfo\obj\Release\UserInfo.pdb
Characteristics
0
TimeDateStamp
1970-Jan-01 00:00:00
Version
0.0
SizeofData
0
AddressOfRawData
0
PointerToRawData
0