Manalyze report for 5e5602573de2f5ba760f146bebceef4e49e579e463e054123525d0d73fdd0fc0

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	1970-Jan-01 00:00:00
Detected languages	English - United States
Comments	Built using Wails (https://wails.io)
CompanyName	SpotiFLAC
FileDescription	SpotiFLAC
LegalCopyright	Â© 2026 afkarxyz
ProductName	SpotiFLAC
ProductVersion	`7.1.3`

Plugin Output

Info	Interesting strings found in the binary:	`Contains domain names: https://wails.io`
Suspicious	The PE is packed with UPX	`Unusual section name found: UPX0` `Section UPX0 is both writable and executable.` `Unusual section name found: UPX1` `Section UPX1 is both writable and executable.` `The PE only has 4 import(s).`
Info	The PE contains common functions which appear in legitimate applications.	`[!] The program may be hiding some of its imports: LoadLibraryA GetProcAddress`
Malicious	VirusTotal score: 5/71 (Scanned on 2026-04-07 19:09:19)	`Bkav: W64.AIDetectMalware` `CrowdStrike: win/malicious_confidence_60% (D)` `Cylance: Unsafe` `DeepInstinct: MALICIOUS` `Trapmine: malicious.high.ml.score`

Hashes

MD5	`303e1906bb8fc932500fc6dc2278cf61`
SHA1	`2ffe34d512ce31c3d38289d1c0fac59f88769cee`
SHA256	`5e5602573de2f5ba760f146bebceef4e49e579e463e054123525d0d73fdd0fc0`
SHA3	`7bde7ae47b8a79e60b4f8bbe4cb6e0a629b07d03aa8d62746bf4ce15b262e4eb`
SSDeep	`98304:uC3U7qCdfMSc7lGM2Uyey5GlKXMZKz5qVI2LM15Hrgm+EBQaTzZ:h3Iq+MSc7AUVT45qmHLN+aQaTz`
Imports Hash	`6ed4f5f04d62b18d96b26d6db7c18840`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0x8b`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`3`
TimeDateStamp	1970-Jan-01 00:00:00
PointerToSymbolTable	`0xe53400`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`3.0`
SizeOfCode	`0x4e8000`
SizeOfInitializedData	`0xa000`
SizeOfUninitializedData	`0x29e4000`
AddressOfEntryPoint	`0x0000000002ECC440 (Section: UPX1)`
BaseOfCode	`0x29e5000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.1`
ImageVersion	`1.0`
SubsystemVersion	`6.1`
Win32VersionValue	`0`
SizeOfImage	`0x2ed7000`
SizeOfHeaders	`0x200`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x200000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

UPX0

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x29e4000`
VirtualAddress	`0x1000`
SizeOfRawData	`0`
PointerToRawData	`0x200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_UNINITIALIZED_DATA` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`

UPX1

MD5	`a16b9f6d99de8ba64d40e008ea5f7c17`
SHA1	`533e93eee387d7413425c37fd93856f846c713f4`
SHA256	`2dc712b7502f501079d19c89806fd994083c41949bb4859f2dfee0e5986da675`
SHA3	`1b1dc04a6645ec83249a69f7fc85d98a19359001df475597024ab61bff799c16`
VirtualSize	`0x4e8000`
VirtualAddress	`0x29e5000`
SizeOfRawData	`0x4e8000`
PointerToRawData	`0x200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`7.99997`

.rsrc

MD5	`2a50d87295da582b8365470d0fa6c307`
SHA1	`3e850fab2b616af9a501bbeb96967ae2dcc428a0`
SHA256	`a07818cf952724ad04ff659a6df871cb52a4b8e2ca5dec479d8f7c318ca71bb4`
SHA3	`b1620397e78754d4e58c5becd3a6b126a42ce006ed1f1c656a0a4e00cecf6a4a`
VirtualSize	`0xa000`
VirtualAddress	`0x2ecd000`
SizeOfRawData	`0xa000`
PointerToRawData	`0x4e8200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`7.897`

Imports

KERNEL32.DLL	`LoadLibraryA` `ExitProcess` `GetProcAddress` `VirtualProtect`

Delayed Imports

1

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x4726`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.97392`
Detected Filetype	PNG graphic file
MD5	`1e245387000dd7a90a504e0c9095e30a`
SHA1	`901e46b9f297ec3c6176b5b9c27e9cf62142305a`
SHA256	`f01388cf61d519ad56bbdcb6825fa16b416ebbefd9b91d1d69a259f988115f72`
SHA3	`82191f271b391bf44aadc5c2ad3d653afb5da7bd9fc93ca088e37b6f9813cc22`

2

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x22de`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.97076`
Detected Filetype	PNG graphic file
MD5	`ce8005b6394948410f4c9f01ec50d0e8`
SHA1	`d3e10eb312f1c9c83a50cf53e174aa79e66ffeca`
SHA256	`63da9c549967fd978c16e5a915055b77b108a283a017072224af619313a5888d`
SHA3	`0c14b83fe6891457d029f7f963ae40c971a16192a4734c2214f9f5573bfd99b3`

3

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x119c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.94166`
Detected Filetype	PNG graphic file
MD5	`a2109a5493b9036416696fad65e7aa71`
SHA1	`23d278fc40e58662fa39bd8df6fd2a80e9a96342`
SHA256	`e26187f963dc0edb6ae0a8b633db3f668638f01054319c42f4aac6d4adaff392`
SHA3	`84247cc6bf27198660ad258eded4231b2d21cfffe6b00e104f1f78ca19203a58`

4

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xcfe`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.91901`
Detected Filetype	PNG graphic file
MD5	`9b0c5a8dfb2003120d8d5ca8486eac45`
SHA1	`6d775a67aeccef4c46ee9ce38f89da2fd5dbd156`
SHA256	`0f6c041038f784d978f0e0cf713fd08a3a0fe2a939b8d1e27f041f821c24d5bc`
SHA3	`4b22e4ba2f1f2eeb0fc2bbdfeb491a10dd996635f4cebf3b559aa6faeacc0a7b`

5

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x7e9`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.86604`
Detected Filetype	PNG graphic file
MD5	`2060ef811e81c1e6a7d229e78b3da3f0`
SHA1	`883d08fc4a027c0e294ece5f360be1f916d3d1c8`
SHA256	`9110e69afa82d536dbd6222406c25a167638d72d0ddb99f2ca46a55b1d3beb04`
SHA3	`8f6d7a939c8113de58c6f1541898769b60e60e6a6d7f3a1c20fb7be3a9abbc0f`

6

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x2f9`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.6902`
Detected Filetype	PNG graphic file
MD5	`8d5ca1316e72dd8b3d181d0678366c99`
SHA1	`fd7b28a379dfb9f97015073bced8eddf2dbd93dd`
SHA256	`0355339251f0b27aac35e105c6a77c81a1756ab190450364480041b5c6c5ada2`
SHA3	`ac5ce9583b6a297acd31a31fc5dfecc35b1e438c63ce64486f5f28f9ee5d4816`

3 (#2)

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x5a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.6167`
Detected Filetype	Icon file
MD5	`ba1612d208458dfa8bc41c53ee0e9f6e`
SHA1	`0ae4d6a4fa13b290db606029c0cb7c2ae1962a18`
SHA256	`9e9c3c5344aae58df7297c036b63f746427576737d40088f3f4f258a2177c4f0`
SHA3	`9f5a20a234fc39802084e5fa1f42689a1569bbe16f42f4938cb934db5a084731`

1 (#2)

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x258`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.40522`
MD5	`79115cde0a538a2887eb61fa6d2a15df`
SHA1	`08b579aa7287e6345eae5c8d91e83c62762c36b0`
SHA256	`8eeff32fe4ff3e170922d68a49c3ec3b65c145229ede5b2649477c3b2419609c`
SHA3	`3540b3154a0e9a381180b7959d0ec76c8b382a2ff353e78d02d9969b90097570`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x5a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.23961`
MD5	`97596a2b61dde11054df68d9f7decb02`
SHA1	`2d34215d8689e291d65d016f36f49e9779821944`
SHA256	`de550419b07c1d8c2510387d1beb72b45b5ac4de481ea2331474cf51cd4c4b75`
SHA3	`88139ec0b22642623054bceb6f65e35e92f92fe87045a9dcd383874a1fabb6df`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	7.1.3.0
ProductVersion	0.0.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT` `VOS_NT_WINDOWS32` `VOS_WINCE` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
Comments	Built using Wails (https://wails.io)
CompanyName	SpotiFLAC
FileDescription	SpotiFLAC
LegalCopyright	Â© 2026 afkarxyz
ProductName	SpotiFLAC
ProductVersion (#2)	7.1.3

Resource LangID	UNKNOWN

TLS Callbacks

Load Configuration

RICH Header

Errors

[*] Warning: Section UPX0 has a size of 0!

Leave a comment

No comments yet.