Manalyze report for 60fabd1a2509b59831876d5e2aa71a6b

This file seems to be a .NET executable.
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2015-Sep-17 08:24:25
Detected languages	Dutch - Netherlands English - United States

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C# v7.0 / Basic .NET` `.NET executable -> Microsoft`
Malicious	VirusTotal score: 62/71 (Scanned on 2023-05-24 14:42:24)	`Lionic: Trojan.Win32.Chimera.j!c` `Elastic: malicious (high confidence)` `MicroWorld-eScan: Gen:Variant.Ransom.Chimera.6` `FireEye: Generic.mg.60fabd1a2509b598` `CAT-QuickHeal: TrojanRansom.Chimera.A3` `ALYac: Trojan.Ransom.Chimera` `Cylance: unsafe` `Zillya: Trojan.Selltim.Win32.121` `Sangfor: Suspicious.Win32.Save.a` `CrowdStrike: win/malicious_confidence_100% (W)` `Alibaba: Ransom:Win32/Chimera.66947bc0` `K7GW: Trojan ( 700000121 )` `K7AntiVirus: Trojan ( 700000121 )` `BitDefenderTheta: Gen:NN.ZemsilF.36196.omW@a4sRpxnO` `VirIT: Trojan.Win32.MSIL9.RN` `Cyren: W32/MSIL_Troj.BSJ.gen!Eldorado` `Symantec: Trojan.Gen` `tehtris: Generic.Malware` `ESET-NOD32: a variant of MSIL/Injector.VJV` `APEX: Malicious` `Cynet: Malicious (score: 99)` `Kaspersky: Trojan-Ransom.Win32.Chimera.a` `BitDefender: Gen:Variant.Ransom.Chimera.6` `NANO-Antivirus: Trojan.Win32.Selltim.dxbmwd` `Avast: MSIL:Crypchim-A [Trj]` `Tencent: Malware.Win32.Gencirc.10be0bde` `Emsisoft: Gen:Variant.Ransom.Chimera.6 (B)` `F-Secure: Heuristic.HEUR/AGEN.1314386` `DrWeb: Trojan.Encoder.1980` `VIPRE: Gen:Variant.Ransom.Chimera.6` `TrendMicro: Ransom_CRYPCHIM.B` `McAfee-GW-Edition: BehavesLike.Win32.Generic.dm` `Trapmine: malicious.moderate.ml.score` `Sophos: Mal/Generic-R` `Ikarus: Trojan.MSIL.Injector` `GData: Gen:Variant.Ransom.Chimera.6` `Jiangmin: TrojanSpy.Selltim.cp` `Webroot: W32.Gen.BT` `Avira: HEUR/AGEN.1314386` `MAX: malware (ai score=100)` `Antiy-AVL: Trojan[Spy]/Win32.Selltim` `Gridinsoft: Ransom.Win32.Chimera.ns` `Xcitium: Malware@#2agyupyzxc55r` `Arcabit: Trojan.Ransom.Chimera.6` `ZoneAlarm: Trojan-Ransom.Win32.Chimera.a` `Microsoft: Ransom:Win32/Chicrypt` `Google: Detected` `AhnLab-V3: Trojan/Win32.Inject.C1230586` `Acronis: suspicious` `McAfee: GenericRXFI-SM!60FABD1A2509` `TACHYON: Trojan/W32.DN-Chimera.237568` `VBA32: TScope.Trojan.MSIL` `Malwarebytes: Injector.Trojan.MSIL.DDS` `Panda: Trj/CI.A` `TrendMicro-HouseCall: Ransom_CRYPCHIM.B` `Rising: Ransom.Chimera!8.32AF (CLOUD)` `SentinelOne: Static AI - Malicious PE` `MaxSecure: Trojan.Malware.8951244.susgen` `Fortinet: MSIL/Injector.LXY!tr` `AVG: MSIL:Crypchim-A [Trj]` `Cybereason: malicious.a2509b` `DeepInstinct: MALICIOUS`

Hashes

MD5	`60fabd1a2509b59831876d5e2aa71a6b`
SHA1	`8b91f3c4f721cb04cc4974fc91056f397ae78faa`
SHA256	`1dacdc296fd6ef6ba817b184cce9901901c47c01d849adfa4222bfabfed61838`
SHA3	`ac3378345705740c10aba91a28e7c040fc569e210ef2f2b32de388b28f076a34`
SSDeep	`3072:BMhIBKH7j7DzQi7y5bvl4YAbdY9KWvwn7XHMzqEOf64CEEl64HBVdGXPKD:BMh5H7j5g54YZKXoxOuEEl64HZAi`
Imports Hash	`f34d5f2d4577ed6d9ceec516c1f5a744`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`3`
TimeDateStamp	2015-Sep-17 08:24:25
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`8.0`
SizeOfCode	`0x35000`
SizeOfInitializedData	`0x4000`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0003644E (Section: .text)`
BaseOfCode	`0x2000`
BaseOfData	`0x38000`
ImageBase	`0x400000`
SectionAlignment	`0x2000`
FileAlignment	`0x1000`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x3e000`
SizeOfHeaders	`0x1000`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`a000a2669e150d5a920296ead8567d9b`
SHA1	`dffe9dfdca57a2d57674c943ad9cce88d0b37722`
SHA256	`8c43bd3a114d878fcd10ee19ed9a88103b176240d4fb8ee97ed44cabd3eff325`
SHA3	`975b87d6351e7f06c3d14fb6af59a1d7eab26a229c516f7bcb9abc658aed6f2d`
VirtualSize	`0x34454`
VirtualAddress	`0x2000`
SizeOfRawData	`0x35000`
PointerToRawData	`0x1000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`5.65243`

.rsrc

MD5	`33135b1e1b1fa911f0179de174191329`
SHA1	`c61c3466f51a90aa12791e32ad230925089e6822`
SHA256	`60886854ff5b46d364c1705db1b476cf9e5b87147bf3b4d343b39e81633f6964`
SHA3	`df73e560aaf11656c34379c985e99738e61814090e98f5201fbe38ee03c2641e`
VirtualSize	`0x2624`
VirtualAddress	`0x38000`
SizeOfRawData	`0x3000`
PointerToRawData	`0x36000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.53176`

.reloc

MD5	`17dc0ea5e55b4403de248d0a503e8244`
SHA1	`f370a7f0b5a50ed34f779041ef2689961fc5c802`
SHA256	`d1e014667d3ae5360fd6bd62f593a068f1ee42999c21a3feb02c9a6f285c2b7c`
SHA3	`b6a89acc8ff83229bd725e998b1f3b10901b96408c7b28549723c236cc67ebd4`
VirtualSize	`0xc`
VirtualAddress	`0x3c000`
SizeOfRawData	`0x1000`
PointerToRawData	`0x39000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.0164085`

Imports

mscoree.dll	`_CorExeMain`

Delayed Imports

1

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.25755`
MD5	`c5af786bfd9fd1c53c8fe9f0bd9ce38b`
SHA1	`4f6f7d9973b47063aa5353225a2bc5a76aa2a96a`
SHA256	`f59f62e7843b3ff992cf769a3c608acd4a85a38b3b302cda8507b75163659d7b`
SHA3	`e178a71f02edb18e31bf550d484b2cba8d865e1e9796065addb07855ce5627f9`

1 (#2)

Type	`RT_ICON`
Language	Dutch - Netherlands
Codepage	Latin 1 / Western European
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.25755`
MD5	`c5af786bfd9fd1c53c8fe9f0bd9ce38b`
SHA1	`4f6f7d9973b47063aa5353225a2bc5a76aa2a96a`
SHA256	`f59f62e7843b3ff992cf769a3c608acd4a85a38b3b302cda8507b75163659d7b`
SHA3	`e178a71f02edb18e31bf550d484b2cba8d865e1e9796065addb07855ce5627f9`

2

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.47151`
MD5	`0a451222f7037983439a58e3b44db529`
SHA1	`6881cba71174502883d53a8885fb90dad81fd0c0`
SHA256	`dc785b2a3e4ea82bd34121cc04e80758e221f11ee686fcfd87ce49f8e6730b22`
SHA3	`d5599c242df5383add3fb330d42b31f1751594b36bbf52195e7d1dd564e7f0e3`

2 (#2)

Type	`RT_ICON`
Language	Dutch - Netherlands
Codepage	Latin 1 / Western European
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.47151`
MD5	`0a451222f7037983439a58e3b44db529`
SHA1	`6881cba71174502883d53a8885fb90dad81fd0c0`
SHA256	`dc785b2a3e4ea82bd34121cc04e80758e221f11ee686fcfd87ce49f8e6730b22`
SHA3	`d5599c242df5383add3fb330d42b31f1751594b36bbf52195e7d1dd564e7f0e3`

3

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x2e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.91708`
MD5	`90ed3aac2a942e3067e6471b32860e77`
SHA1	`b849a2b9901473810b5d74e6703be78c3a7e64e3`
SHA256	`ca8fc96218d0a7e691dd7b95da05a27246439822d09b829af240523b28fd5bb3`
SHA3	`3f02085a0d69091556ede0b585f45145adce9849e175d8177c2f0fe0891a1bd8`

3 (#2)

Type	`RT_ICON`
Language	Dutch - Netherlands
Codepage	Latin 1 / Western European
Size	`0x2e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.91708`
MD5	`90ed3aac2a942e3067e6471b32860e77`
SHA1	`b849a2b9901473810b5d74e6703be78c3a7e64e3`
SHA256	`ca8fc96218d0a7e691dd7b95da05a27246439822d09b829af240523b28fd5bb3`
SHA3	`3f02085a0d69091556ede0b585f45145adce9849e175d8177c2f0fe0891a1bd8`

4

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.91366`
MD5	`af05dd5bd4c3b1fc94922c75ed4f9519`
SHA1	`f54685a8a314e6f911c75cf7554796212fb17c3e`
SHA256	`3bbacbad1458254c59ad7d0fd9bea998d46b70b8f8dcfc56aad561a293ffdae3`
SHA3	`150dba8cc825d5c0e9ff3c59015533288d19931847210338a3ef7cdc390c0e78`

4 (#2)

Type	`RT_ICON`
Language	Dutch - Netherlands
Codepage	Latin 1 / Western European
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.91366`
MD5	`af05dd5bd4c3b1fc94922c75ed4f9519`
SHA1	`f54685a8a314e6f911c75cf7554796212fb17c3e`
SHA256	`3bbacbad1458254c59ad7d0fd9bea998d46b70b8f8dcfc56aad561a293ffdae3`
SHA3	`150dba8cc825d5c0e9ff3c59015533288d19931847210338a3ef7cdc390c0e78`

MAINICON

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x3e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.64576`
Detected Filetype	Icon file
MD5	`f6262f462f61a1af1cac10cf4b790e5a`
SHA1	`4aa3239c2c59fa5f246b0dd68da564e529b98ff4`
SHA256	`44b095a62d7e401671f57271e6cada367bb55cf7b300ef768b3487b841facd3c`
SHA3	`f2a1d165133c29eba349014fa5f8059ddebe1aba5b220fb89f1a474e95c482ca`

Version Info

TLS Callbacks

Load Configuration

RICH Header

60fabd1a2509b59831876d5e2aa71a6b

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rsrc

.reloc

Imports

Delayed Imports

1

1 (#2)

2

2 (#2)

3

3 (#2)

4

4 (#2)

MAINICON

Version Info

TLS Callbacks

Load Configuration

RICH Header

Errors