Manalyze report for 61616c9fd3942ea3e8a6db867d28510a

This file seems to be a .NET executable.
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2023-Jun-29 21:20:11
Debug artifacts	D:\Git\SteamDesktopAuthenticator\Steam Desktop Authenticator\obj\x86\Release\Steam Desktop Authenticator.pdb
Comments	Desktop implementation of Steam's mobile authenticator app
CompanyName
FileDescription	Steam Desktop Authenticator
FileVersion	`1.0.13`
InternalName	Steam Desktop Authenticator.exe
LegalCopyright	Copyright 2017
LegalTrademarks
OriginalFilename	Steam Desktop Authenticator.exe
ProductName	Steam Desktop Authenticator
ProductVersion	`1.0.13`
Assembly Version	1.0.13.0

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C# v7.0 / Basic .NET` `.NET executable -> Microsoft`
Info	Interesting strings found in the binary:	`Contains domain names: api.github.com github.com https://api.github.com https://api.github.com/repos/Jessecar96/SteamDesktopAuthenticator/releases/latest https://github.com https://steamcommunity.com steamcommunity.com`
Malicious	VirusTotal score: 3/72 (Scanned on 2024-02-05 15:08:00)	`Bkav: W32.AIDetectMalware.CS` `Cynet: Malicious (score: 100)` `MaxSecure: Trojan.Malware.300983.susgen`

Hashes

MD5	`61616c9fd3942ea3e8a6db867d28510a`
SHA1	`aeee0a74ab3cd3ec61a34e1a37ead71a1022fb9d`
SHA256	`dfc532c2ce2387f1077a24c85d4cbb83efd5085426289b14a976ac0322d9cefa`
SHA3	`684e46c08c912084380600a6bcee7bdea28aa5cf13acd01da59ea87ac37193ab`
SSDeep	`6144:dO7Eer+ZT6nw10zIffT6nw10zIffT6nw10zIffT6nw10zIffT6nw10zIffT6nw1:d`
Imports Hash	`f34d5f2d4577ed6d9ceec516c1f5a744`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`3`
TimeDateStamp	2023-Jun-29 21:20:11
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`48.0`
SizeOfCode	`0x116800`
SizeOfInitializedData	`0x1a600`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0011868A (Section: .text)`
BaseOfCode	`0x2000`
BaseOfData	`0x11a000`
ImageBase	`0x400000`
SectionAlignment	`0x2000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x138000`
SizeOfHeaders	`0x200`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`b62a0393d11a10b4ab772bce4b7e0081`
SHA1	`6a5962224e2c8fcaa2a371c97b3af35501b5bf41`
SHA256	`2f348d7cf25292c8a83aef0e1516e289e6f4013e87548beb7327964343b04dba`
SHA3	`2a7a6c426cddeb6b3008cb7840a7d9a61875654beb8d1ed13f254e1607636626`
VirtualSize	`0x116690`
VirtualAddress	`0x2000`
SizeOfRawData	`0x116800`
PointerToRawData	`0x200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`4.33562`

.rsrc

MD5	`48373ad10ce8acd7097bf0dda7017152`
SHA1	`fa92fde5eb2292b7e67ca8ec8a775c43ecf09889`
SHA256	`8e6e7b038261b90208ce9c06dac79ae7cc7971c22cc50cf56de48e363d3ef7a3`
SHA3	`787ba3a0fd3524fbce12ab191b44f0690f2c2b8052db580f062d010498475a24`
VirtualSize	`0x1a28c`
VirtualAddress	`0x11a000`
SizeOfRawData	`0x1a400`
PointerToRawData	`0x116a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.0813`

.reloc

MD5	`f356c1f305ac9a96d2bbcc094847bd52`
SHA1	`68366079a5eaff087b96d8bb53f2012750d1cebf`
SHA256	`14d9fa8806edea60193c0dd2005ff25911c4ba4bb572413fca4e4b903162bdcd`
SHA3	`981e7afbf30f93a4d4950bffc3fe6e263844a9b575d948b3f904e029ba63f88a`
VirtualSize	`0xc`
VirtualAddress	`0x136000`
SizeOfRawData	`0x200`
PointerToRawData	`0x130e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.10191`

Imports

mscoree.dll	`_CorExeMain`

Delayed Imports

1

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.72987`
MD5	`3f7871796b2b483bad24ef26902210fd`
SHA1	`fd48c3cbd615460fd32f66d0d674aaac331b18d0`
SHA256	`a9a8da7e17daa1ce5676041e6c68d013d0602cacb98fca50ae098c3ae26dbd18`
SHA3	`f2cb536aef538920b5e4ef254c8c6c28098c6a3e2812d9f230fb58ef3afbde5c`

2

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.68991`
MD5	`69f7c731dc646d981a6c91c16ba958f3`
SHA1	`094e439b3891074d2a1f7b7e915043dc486cda39`
SHA256	`6bed0c3c7a2b1f1ece51ac67d69d59df4d3b6a4b968b32988892fb3b27327a19`
SHA3	`583245d7d14e98849aa261c5759eec316497b32c0c14b7237be7ec76b62068c3`

3

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x162f`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.81587`
Detected Filetype	PNG graphic file
MD5	`bf137cc76b41544f48e9ff72d1fd7d04`
SHA1	`016f1c8024bc2798195a837c1881c13d23ae8467`
SHA256	`b7d77a75615bffd066f5a9d65c8512b6bce4ba42b0371bbd61a96249ed9fdad1`
SHA3	`a0f7d598a5db04d6304e7c20386d8ba5d5942e12f203c77c96803fad7bf9005f`

4

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.2112`
MD5	`e71661e8e1eaf9d66a18a11018148a98`
SHA1	`9df438e74dbbd09f6a25733f72252c4fbbc4d0b4`
SHA256	`e2e6fcf797c4c60127056233cb62fd39c41bb7ad0e1753cf323b657c74b60f10`
SHA3	`89352d8955a1fb2525bffe511cfafd80ef98bcdec429fa65a9fb2196c3360592`

5

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x246f`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.89437`
Detected Filetype	PNG graphic file
MD5	`d0e01a3000e7b9f648d0e200483d4cdc`
SHA1	`9bbfdcb1a63bf6a5c4e1234ae24cb2630587dbb2`
SHA256	`783f4e83bd26f0df77fef9d7936743d1cb6a532a9f262c3cf7249732bf647df6`
SHA3	`aee6edb140d9865d666e6ebbb7b41b6418c5d1bc93364adfbdc14c6b43d629fe`

6

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.9164`
MD5	`b5a21ea5278163cb073a88d2ea1b38b4`
SHA1	`c84b670ed2fc2f8afbcd8598f9ded020813af9a2`
SHA256	`bb99056712da545f06a8be61589aec57a82f13720a292183a9696893989c0269`
SHA3	`13ffcbdf2e26448e017b02998c0e6aba800685bc57358bc868067e7057c38d87`

32512

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x5a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.68735`
Detected Filetype	Icon file
MD5	`5a0d50c3ed8d343f99cc8b9fb4b7dee3`
SHA1	`570a3bce0bdc74a57609da125b74ec2557ccec13`
SHA256	`91e3c075ef585e0256e0b3f5943d9f35bf242865d33997b298798eea4cf6c931`
SHA3	`c0cc1de85884564a96ae44ac897debbf8dee8a0aa85636e28224ca8925efa5e3`

1 (#2)

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x41e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.33103`
MD5	`fe028b6a29b962c725ba56079482cf97`
SHA1	`88ff5bb24caccd5201cf8ba65a0b1a5aee2efb4d`
SHA256	`de06ecbe5c10f4d00ff0e904a5088be2628109965dbf0015852dc9e94a537c8d`
SHA3	`4399e80dd07db0bc057c042d9e5c236c02f746e5de3ae832433d691b70665e5b`

1 (#3)

Type	`RT_MANIFEST`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1ea`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.00112`
MD5	`b7db84991f23a680df8e95af8946f9c9`
SHA1	`cac699787884fb993ced8d7dc47b7c522c7bc734`
SHA256	`539dc26a14b6277e87348594ab7d6e932d16aabb18612d77f29fe421a9f1d46a`
SHA3	`4f72877413d13a67b52b292a8524e2c43a15253c26aaf6b5d0166a65bc615cff`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.0.13.0
ProductVersion	1.0.13.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
Comments	Desktop implementation of Steam's mobile authenticator app
CompanyName
FileDescription	Steam Desktop Authenticator
FileVersion (#2)	1.0.13
InternalName	Steam Desktop Authenticator.exe
LegalCopyright	Copyright 2017
LegalTrademarks
OriginalFilename	Steam Desktop Authenticator.exe
ProductName	Steam Desktop Authenticator
ProductVersion (#2)	1.0.13
Assembly Version	1.0.13.0

Resource LangID	UNKNOWN

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2023-Jun-29 21:20:11
Version	`0.0`
SizeofData	`284`
AddressOfRawData	`0x11851c`
PointerToRawData	`0x11671c`
Referenced File	D:\Git\SteamDesktopAuthenticator\Steam Desktop Authenticator\obj\x86\Release\Steam Desktop Authenticator.pdb

TLS Callbacks

Load Configuration

RICH Header

61616c9fd3942ea3e8a6db867d28510a

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rsrc

.reloc

Imports

Delayed Imports

1

2

3

4

5

6

32512

1 (#2)

1 (#3)

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

TLS Callbacks

Load Configuration

RICH Header

Errors