Manalyze report for 6160e58f4c38a6b2d991a43d22804b1d

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2050-Aug-06 08:58:49
Debug artifacts	E:\Dev\Projects\C#\Cyberpunk 2077 - Car FoV Changer\Cyberpunk 2077 - Car FoV Changer\obj\x64\Release\Cyberpunk 2077 - Car FOV Changer.pdb
Comments
CompanyName	aveniir
FileDescription	Cyberpunk 2077 - Car FOV Changer
FileVersion	`1.0.0.0`
InternalName	Cyberpunk 2077 - Car FOV Changer.exe
LegalCopyright	Copyright © aveniir 2020
LegalTrademarks	aveniir
OriginalFilename	Cyberpunk 2077 - Car FOV Changer.exe
ProductName	Cyberpunk 2077 - Car FOV Changer
ProductVersion	`1.0.0.0`
Assembly Version	1.0.0.0

Plugin Output

Info	Interesting strings found in the binary:	`Contains domain names: https://ko-fi.com https://steamcommunity.com ko-fi.com steamcommunity.com`
Suspicious	The PE is possibly packed.	`The PE only has 0 import(s).`
Info	The PE is digitally signed.	`Signer: \x00D\x00E\x00S\x00K\x00T\x00O\x00P\x00-\x00O\x00M\x00N\x008\x00S\x00V\x00F\x00\\x00L\x00e\x00o\x00n` `Issuer: \x00D\x00E\x00S\x00K\x00T\x00O\x00P\x00-\x00O\x00M\x00N\x008\x00S\x00V\x00F\x00\\x00L\x00e\x00o\x00n`
Safe	VirusTotal score: 0/71 (Scanned on 2021-01-13 20:42:03)	`All the AVs think this file is safe.`

Hashes

MD5	`6160e58f4c38a6b2d991a43d22804b1d`
SHA1	`7f76ae24bcc254be86877a03a73feb68b36f0983`
SHA256	`dce1190fba40e0ae2b190800229d1fbe076910f9dcce366670dbb27eaa4db766`
SHA3	`e91c1b36e87c3266e6fe97847cba5618122a73d8db8812a4903a9286651f9c84`
SSDeep	`1536:UiPpakN3orEbu+V3YVagHQe6fKsnsCODplGrakN3orEbu1lgJ:XakN3orEbu+VezQel7YakN3orEbu1l0`
Imports Hash	`d41d8cd98f00b204e9800998ecf8427e`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`2`
TimeDateStamp	2050-Aug-06 08:58:49
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`48.0`
SizeOfCode	`0xe200`
SizeOfInitializedData	`0x4200`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0000000000000000 (Section: ?)`
BaseOfCode	`0x2000`
ImageBase	`0x400000`
SectionAlignment	`0x2000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x18000`
SizeOfHeaders	`0x200`
Checksum	`0x17004`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x400000`
SizeofStackCommit	`0x4000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x2000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`4a95d27f5bd56cfbef3ea25c115b88f7`
SHA1	`36a9489f99674e1a21fbd0e7a9c3d6b848948349`
SHA256	`2bf742221774bab7f96d37d1b5c1fd95fcb53b7e9ce9b165eeb4fc6b19f34884`
SHA3	`4e0f715275e8f97aaf88232c57c100e018f3622dd6c1999738b1d5c15f952c5f`
VirtualSize	`0xe1d8`
VirtualAddress	`0x2000`
SizeOfRawData	`0xe200`
PointerToRawData	`0x200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.98858`

.rsrc

MD5	`d7c03ed702d6a8b122bd94d68d92e7bc`
SHA1	`a31080226be429547d87fe0d7d40bbffed006044`
SHA256	`be8c674cb0fc0a2729adfa03c5060ebe4de5fe9430fb6ee1e277c6e4af057029`
SHA3	`394144d58680c77c54bbecd673bc4cbd33aa3612633cf6d73de41c81da6f45ed`
VirtualSize	`0x4038`
VirtualAddress	`0x12000`
SizeOfRawData	`0x4200`
PointerToRawData	`0xe400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.37161`

Imports

Delayed Imports

1

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.66425`
MD5	`de6d967dd62694c15ae63b75e0e64f91`
SHA1	`c709839e1345a0fb29964c87176cd1bbdd2eda4c`
SHA256	`afb5e3eec4b915cf18a078e97c1be03f56c5effee7905dc082b5c0b4fb654154`
SHA3	`22316cc73e2ccf85d6d3c4da011ffde17326e0ef23fa49516091cb5365342ae2`

2

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.51164`
MD5	`ac36190406fc19cf5345838def6a1c54`
SHA1	`ddfdd3abf82bc3b1b4e77a090d202959fa70d517`
SHA256	`e7c1b8b97bf9086d1a9d5775573336b4f74677057b500a076c0fdb6f8f9ccce7`
SHA3	`51271208d3d5b747807506ade45729d245a4cd8bcb1c2e3d11cf692e4cbd9438`

3

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.05666`
MD5	`2d6507371493ab29bfa2beba47818881`
SHA1	`49105ccd7465628b6fea43dafd4232bcff50621c`
SHA256	`fcf2c520b9e31b1b704fd356a917be0db223282bda27254a0a1fb547a535e9ae`
SHA3	`02a0a7605bf4db4edb2537eadcac1d3f6573aa4fe9568c32919f34362be552c7`

32512

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x30`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.45849`
Detected Filetype	Icon file
MD5	`409e1724611e0bc39356e2f58888db55`
SHA1	`c06c0e66cc2f7956256e2f018aa0294bfa914960`
SHA256	`6ab18c3b81a5d30c5a190a4504cae807d73b1a4d02d56ffddf641abbb62b7210`
SHA3	`315b2ad40793f4ef885ff4c878169b02c62f619b57780a98a76c8538cd0ee5c9`

1 (#2)

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x404`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.32308`
MD5	`ef6de27c7ab97f28e3c2a68d149e1c6d`
SHA1	`b6455cdb489d04096812955a4378ea04bd3cb9b0`
SHA256	`96db130334f622f71dab063e920c3270a88905a7036c6cfcf81f479f98ec5c99`
SHA3	`3fbedd14c1d74bbbbd7444f2097561456eb7f05397a866469037048d301a7b4f`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.0.0.0
ProductVersion	1.0.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
Comments
CompanyName	aveniir
FileDescription	Cyberpunk 2077 - Car FOV Changer
FileVersion (#2)	1.0.0.0
InternalName	Cyberpunk 2077 - Car FOV Changer.exe
LegalCopyright	Copyright © aveniir 2020
LegalTrademarks	aveniir
OriginalFilename	Cyberpunk 2077 - Car FOV Changer.exe
ProductName	Cyberpunk 2077 - Car FOV Changer
ProductVersion (#2)	1.0.0.0
Assembly Version	1.0.0.0

Resource LangID	UNKNOWN

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2050-Aug-06 08:58:49
Version	`0.0`
SizeofData	`162`
AddressOfRawData	`0x10134`
PointerToRawData	`0xe334`
Referenced File	E:\Dev\Projects\C#\Cyberpunk 2077 - Car FoV Changer\Cyberpunk 2077 - Car FoV Changer\obj\x64\Release\Cyberpunk 2077 - Car FOV Changer.pdb

UNKNOWN

Characteristics	`0`
TimeDateStamp	1970-Jan-01 00:00:00
Version	`0.0`
SizeofData	`0`
AddressOfRawData	`0`
PointerToRawData	`0xe3d6`

TLS Callbacks

Load Configuration

RICH Header

6160e58f4c38a6b2d991a43d22804b1d

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rsrc

Imports

Delayed Imports

1

2

3

32512

1 (#2)

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

UNKNOWN

TLS Callbacks

Load Configuration

RICH Header

Errors