×
This file seems to be a .NET executable .
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!
Architecture
IMAGE_FILE_MACHINE_I386
Subsystem
IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date
2021-Jan-14 22:06:23
Info
Matching compiler(s):
.NET executable -> Microsoft
Suspicious
No VirusTotal score.
This file has never been scanned on VirusTotal.
MD5
5ed110f0485671d0d17bde86ff8cfc4d
SHA1
43973a4d2f5da406f3bc5913e2a730ef026aaed1
SHA256
3e03eeebf1d404d71b1583dc6d81cfdfdb11a30f7aafea2ed6066a288117e940
SHA3
6b2e9603dafa03451e594f3488b4b8b038aaaf2d6b98aee6ecaec2c296bfdcf7
SSDeep
384:cr6vhaqDc0ottQxwYpQ5VPkQiPN2RwsA+6xwIPc5dngAPZw/wKbt3clsqJoVQez:I6Z3DcZtkaWXxEnguZw/wKp8CZ
Imports Hash
f34d5f2d4577ed6d9ceec516c1f5a744
e_magic
MZ
e_cblp
0x90
e_cp
0x3
e_crlc
0
e_cparhdr
0x4
e_minalloc
0
e_maxalloc
0xffff
e_ss
0
e_sp
0xb8
e_csum
0
e_ip
0
e_cs
0
e_ovno
0
e_oemid
0
e_oeminfo
0
e_lfanew
0x80
Signature
PE
Machine
IMAGE_FILE_MACHINE_I386
NumberofSections
2
TimeDateStamp
2021-Jan-14 22:06:23
PointerToSymbolTable
0
NumberOfSymbols
0
SizeOfOptionalHeader
0xe0
Characteristics
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE
Magic
PE32
LinkerVersion
11.0
SizeOfCode
0x7000
SizeOfInitializedData
0x200
SizeOfUninitializedData
0
AddressOfEntryPoint
0x00008FCE (Section: .text)
BaseOfCode
0x2000
BaseOfData
0xa000
ImageBase
0x400000
SectionAlignment
0x2000
FileAlignment
0x200
OperatingSystemVersion
4.0
ImageVersion
0.0
SubsystemVersion
4.0
Win32VersionValue
0
SizeOfImage
0xc000
SizeOfHeaders
0x200
Checksum
0
Subsystem
IMAGE_SUBSYSTEM_WINDOWS_GUI
DllCharacteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve
0x100000
SizeofStackCommit
0x1000
SizeofHeapReserve
0x100000
SizeofHeapCommit
0x1000
LoaderFlags
0
NumberOfRvaAndSizes
16
MD5
42641effde809baa43be8467abc29402
SHA1
84d7d876d5f8355727b62216198a688061c09a4a
SHA256
8155d496f6f956f226cb9f9986ed3521919f30c855db89962cbc177598b654b3
SHA3
6350c83d7bc16b078d89de82960966f3c2963911029b371b778f27804eb1cec3
VirtualSize
0x6fd4
VirtualAddress
0x2000
SizeOfRawData
0x7000
PointerToRawData
0x200
PointerToRelocations
0
PointerToLineNumbers
0
NumberOfLineNumbers
0
NumberOfRelocations
0
Characteristics
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy
5.83126
MD5
31ca38b3f46e1c56e0678c2fc19748f8
SHA1
07dbf5d0dfa3ba999bd87ee1fb46c8d628459aa9
SHA256
a22f96db83bac009c14f16420162f441bfe82207d54ce3507fe68dc53d4cf00f
SHA3
de199ec7f971bfb7f37e3c3d6514482b270b28801a98508865bedfc6567e61a1
VirtualSize
0xc
VirtualAddress
0xa000
SizeOfRawData
0x200
PointerToRawData
0x7200
PointerToRelocations
0
PointerToLineNumbers
0
NumberOfLineNumbers
0
NumberOfRelocations
0
Characteristics
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Entropy
0.0815394