Manalyze report for 5fd9f540098ef093e6399f83f54758e9

This file seems to be a .NET executable.
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2021-Jul-18 08:52:20
Comments	Google Chrome
CompanyName	Google Inc.
FileDescription	chrome_exe
FileVersion	`67.0.3396.87`
InternalName	pNBAN.exe
LegalCopyright	Copyright 2017 Google Inc. All rights reserved.
OriginalFilename	pNBAN.exe
ProductName	Google Chrome
ProductVersion	`67.0.3396.87`
Assembly Version	0.0.0.0

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C# v7.0 / Basic .NET`
Malicious	The program tries to mislead users about its origins.	`The PE pretends to be from Google but is not signed!`
Suspicious	No VirusTotal score.	`This file has never been scanned on VirusTotal.`

Hashes

MD5	`5fd9f540098ef093e6399f83f54758e9`
SHA1	`3a5d08970a3d27e1279f214507aee09eb6d654f2`
SHA256	`ebb569d412952d9b4da3757ca4b434ce713e45f429833d5a96fba9931ffa6965`
SHA3	`245b0a5ed4cd8e3e4ed7401cf61def0dfc06aff0c3c6b38aad860c2dfa16b3a0`
SSDeep	`24576:qTzE88rr7odeEkGgKL4upPFtW640fqSLn:qTz0oBjLVvtW640NLn`
Imports Hash	`f34d5f2d4577ed6d9ceec516c1f5a744`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`3`
TimeDateStamp	2021-Jul-18 08:52:20
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`11.0`
SizeOfCode	`0xc9e00`
SizeOfInitializedData	`0x800`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x000CBC7E (Section: .text)`
BaseOfCode	`0x2000`
BaseOfData	`0xcc000`
ImageBase	`0x400000`
SectionAlignment	`0x2000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0xd0000`
SizeOfHeaders	`0x200`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`75efffd562360b3ced832cc01a449593`
SHA1	`d1a0a8e5506503f21a4ca90b324dec06927e10a5`
SHA256	`babc95fd274e86485d79b8909428e9ab00930023f67c6384399aaae6560fa422`
SHA3	`589ecd16aac6593b7dc68ba0fe8571f7daf7d4c008a30fba01253a037cc15e48`
VirtualSize	`0xc9c84`
VirtualAddress	`0x2000`
SizeOfRawData	`0xc9e00`
PointerToRawData	`0x200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`7.99688`

.rsrc

MD5	`fbe2142a0d9c3c9f540e379b0386ba0b`
SHA1	`47e8d1ae99ca5c35d7492ceac9078725fb624369`
SHA256	`886132eb15743cabde94e1cb6d6e4ce3bbc829dc6c5837ff3446c383bb98c69c`
SHA3	`b74b1de75c834c05b6e0043d7366bd4cd30ad548ddfc388b3e96befd9e1d3b52`
VirtualSize	`0x5f8`
VirtualAddress	`0xcc000`
SizeOfRawData	`0x600`
PointerToRawData	`0xca000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.27084`

.reloc

MD5	`c9f2724e5613d2b684cf2e2c5789000d`
SHA1	`fa159d1e45003c3b6f5dfdcb7bda65dd54142d1b`
SHA256	`94813d7414763a03d389f23c4f211484a0fecc52d4f62f884c07b690b94e0940`
SHA3	`a0e3bee8025824021db5d32752fe19eda0e79344abcdbb7ccda209ff1baac07d`
VirtualSize	`0xc`
VirtualAddress	`0xce000`
SizeOfRawData	`0x200`
PointerToRawData	`0xca600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.0980042`

Imports

mscoree.dll	`_CorExeMain`

Delayed Imports

1

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x36c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.42909`
MD5	`8a540502f7145e807af43c2baab615ee`
SHA1	`f2ca7507cf91d4fda7fa32311a5de4221f62788a`
SHA256	`ac3bf4b7d2e82d9a56f11da880fa84bfa4ab8ad837fda3e611a51c15ab770f65`
SHA3	`5b36770a8f56f206769f4bc618bdb1a3b223e382b168b57e3667dc77a5f12527`

1 (#2)

Type	`RT_MANIFEST`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1ea`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.00112`
MD5	`a19a2658ba69030c6ac9d11fd7d7e3c1`
SHA1	`879dcf690e5bf1941b27cf13c8bcf72f8356c650`
SHA256	`c0085eb467d2fc9c9f395047e057183b3cd1503a4087d0db565161c13527a76f`
SHA3	`93cbaf236d2d3870c1052716416ddf1c34f21532e56dd70144e9a01efcd0ce34`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	67.0.3396.87
ProductVersion	67.0.3396.87
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
Comments	Google Chrome
CompanyName	Google Inc.
FileDescription	chrome_exe
FileVersion (#2)	67.0.3396.87
InternalName	pNBAN.exe
LegalCopyright	Copyright 2017 Google Inc. All rights reserved.
OriginalFilename	pNBAN.exe
ProductName	Google Chrome
ProductVersion (#2)	67.0.3396.87
Assembly Version	0.0.0.0

Resource LangID	UNKNOWN

TLS Callbacks

Load Configuration

RICH Header

5fd9f540098ef093e6399f83f54758e9

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rsrc

.reloc

Imports

Delayed Imports

1

1 (#2)

Version Info

TLS Callbacks

Load Configuration

RICH Header

Errors