Manalyze report for 68061a13e79a672050edae934edbf8e3

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
Compilation Date	2056-Mar-19 08:28:48
CompanyName	StreamFab 6.1.1.6 Loader
FileDescription	StreamFab 6.1.1.6 Loader
FileVersion	`1.0.0.0`
InternalName	StreamFab 6.1.1.6 Loader.dll
LegalCopyright
OriginalFilename	StreamFab 6.1.1.6 Loader.dll
ProductName	StreamFab 6.1.1.6 Loader
ProductVersion	`6.1.1.6`
Assembly Version	6.1.1.6

Plugin Output

Suspicious	Strings found in the binary may indicate undesirable behavior:	`Looks for Qemu presence: qemU`
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to MD5`
Suspicious	The PE is possibly packed.	`The PE only has 0 import(s).`
Suspicious	No VirusTotal score.	`This file has never been scanned on VirusTotal.`

Hashes

MD5	`68061a13e79a672050edae934edbf8e3`
SHA1	`46efa4ce8f2eccb3dae204b6ebdff286bdb0533f`
SHA256	`77e9109f8621bfe0c5d91ae08d867ba4a62f5b0f6f69e8daf9867421d6a3c012`
SHA3	`179c599a057dd376a975ad9a937d7f81f8d896a1265cd76025d5b3bba1b3d567`
SSDeep	`12288:uq8zGm7re1ZUQj12tTsU7Kymv392DrCidsU7KU2Ysmv39:uq8hij1WTsU7Kymvt2pdsU7KUjsmvt`
Imports Hash	`d41d8cd98f00b204e9800998ecf8427e`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`4`
TimeDateStamp	2056-Mar-19 08:28:48
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`11.0`
SizeOfCode	`0xa3000`
SizeOfInitializedData	`0xc8400`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0000000000000000 (Section: ?)`
BaseOfCode	`0x2000`
ImageBase	`0x400000`
SectionAlignment	`0x2000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x172000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x400000`
SizeofStackCommit	`0x4000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x2000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`b748772ec81525b702a6792c7d67159e`
SHA1	`f435e2b8d936aeba6cd040763705103313807f11`
SHA256	`5b547efa7f08d7d570e1a2215c0b9533849985b416f904ef64d606163031e37e`
SHA3	`05c532f5ab3ef0dfaf62b148d99f059334476f02d58747f368d3334f6282bdbc`
VirtualSize	`0x61610`
VirtualAddress	`0x2000`
SizeOfRawData	`0x61800`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.12316`

.rsrc

MD5	`b6d052c91e3a2a6fbe0dc55e6f1d96bb`
SHA1	`ed81f823944a431a618943b1b822036788ecbd08`
SHA256	`279392d7cd02ceb1d8d20acfff9ae884933c444b5b661dd36d274fc0495a69c6`
SHA3	`1f5069c33140ef6d623fce3c1171430ee406074d6aa5f9591f889f58a28477b2`
VirtualSize	`0x641e0`
VirtualAddress	`0x64000`
SizeOfRawData	`0x64200`
PointerToRawData	`0x61c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`4.11477`

.text (#2)

MD5	`4833171ad9cab6e50b606f2a5f1797f0`
SHA1	`c2aa0c426d64b028e6f3db040d15fe864bde8e35`
SHA256	`57356172a78b71acdad1faa5a93416c560efaed55f702b8a35df799f89b67e85`
SHA3	`f15aad1a2bfdd93448e22f9ec0d663fd83a5c214707c57f1e3d8097f3825cf49`
VirtualSize	`0x41754`
VirtualAddress	`0xca000`
SizeOfRawData	`0x41800`
PointerToRawData	`0xc5e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.63358`

.rsrc (#2)

MD5	`bf48dda0ebb8dafe95600074fc2a639c`
SHA1	`304f43e6fe6415da0ace8956f737783045ee5b6c`
SHA256	`fc8a632573556f8f23c3d0575aaea2bbe042ba718ecf76a33dd3d160b90af3b3`
SHA3	`1f5a44599f1abb95874dcce0a9bbccdef0ddb68e978719836e8748a4615866e5`
VirtualSize	`0x641de`
VirtualAddress	`0x10c000`
SizeOfRawData	`0x64200`
PointerToRawData	`0x107600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.11463`

Imports

Delayed Imports

1

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x42028`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.725`
MD5	`b795e4560b2a82b7c041dd518d37191c`
SHA1	`e5947365f793f664abebdf0ed7eef671a895c46b`
SHA256	`2b71318f567c00a0a9aaf2b500c546d05fbd0f19de2f5d8e0857e99f43de7b6b`
SHA3	`d9500f050f9db872d5f2ebe60445da72b275ea00f631926f9d2569463f44faeb`

2

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.07663`
MD5	`54d3934cdc858350fac2c1349bfee961`
SHA1	`ed89dc71571d0127b25bce57a9b7ef3825a263ca`
SHA256	`1398b0beede87a8860af9d5b7289b535dd7debf65e87f60b56a65bdd7fbea816`
SHA3	`1f81d23268a3d3ba9c08e5d80efc4e9c244d2e1afc7cc455ff82fd6cad5071ad`

3

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x94a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.74563`
MD5	`9bdad66695ccb5521aec03d3800fe50f`
SHA1	`fa6b58e739339770d590e624073432236bfb8152`
SHA256	`e55394d70f88ce6088042fce598f22c3dd2ff1507780696722edb46d0353b6ed`
SHA3	`8ecc320f548672a0b90ed726f3067ccb9ca910006999bd18bf4ce2e14a2c681f`

4

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.7178`
MD5	`172cd9c6e5fffb9d516b7c001851d7f7`
SHA1	`070edc73403e2f8de53a1c98c763b27aadf0d060`
SHA256	`b805fd73c520e84a69b25a071ab492609d9e5ae9d89d5bcf39dbeba21e6f638a`
SHA3	`81d96e0d1059a38f89820aa3bdc6272f18af5a6050bd37a1af873af37dfe83a2`

5

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.29832`
MD5	`53c88ebad96d15862f75a373be72f60f`
SHA1	`63b6baaeb7c2acb49c7615cd141843dedbbeb750`
SHA256	`39d0d32833eb479496e09afa010629244be6382e3bef1d5a14abf6fdf6fc64b9`
SHA3	`ad89393c9a6a4d0423e044af57073be8c9a98c8ed9adaf97e161ce3e95a6c5b0`

6

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.51593`
MD5	`7b077975abc8e6690c3d88128c3cd3c8`
SHA1	`943a05d7c2fc62b9521b58a9b26fd3628260007c`
SHA256	`c2b53cf9efabcc920a392b5ca19cad315b0b0c0be72bd803a444491922e4d64f`
SHA3	`7a57f566794f7de9068a27e87dfe5a0aef1f6c9694d7cee3907d8fd22b142d11`

7

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.94675`
MD5	`4110b8da272262be2273ab42f3998f2c`
SHA1	`5246a1d205fce8fa634f0a0a6843ca87e7cffd94`
SHA256	`78d35defe792688d244db7c44b848e9a03a9d6572b3fd0ff218f6977c137eced`
SHA3	`5c92598ddf7eb44a1a5bc36756da121b21b83d84c38b531e2043d015b89acc24`

32512

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x68`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.86354`
Detected Filetype	Icon file
MD5	`10959759a2b4b80740962ea40c58644f`
SHA1	`acbd43afa1f0dd77e2816dc46d83250a821c5f02`
SHA256	`569149e87fb5d5f96be496df071a966eb7067180845dc3c08acfd1fe6a5d1b2d`
SHA3	`4ff06211e7b52e533cc0b3d21b4fffe9330a4af6349f307622c5ee63d5a33175`

1 (#2)

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x364`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.28765`
MD5	`64b276545052516ee9a434d4dd808d2c`
SHA1	`33822723693c0a1edc9c3fd2a5103d76172576a7`
SHA256	`41574e4a77c34d248153121f50d50eb1071c31ccc8af5deaead42f370f4e4ba9`
SHA3	`0b22b41110eebb273a67f1711acb23ae22299b5ff511de17686ed4b8e46eb71e`

1 (#3)

Type	`RT_MANIFEST`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x1ea`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.00112`
MD5	`b7db84991f23a680df8e95af8946f9c9`
SHA1	`cac699787884fb993ced8d7dc47b7c522c7bc734`
SHA256	`539dc26a14b6277e87348594ab7d6e932d16aabb18612d77f29fe421a9f1d46a`
SHA3	`4f72877413d13a67b52b292a8524e2c43a15253c26aaf6b5d0166a65bc615cff`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.0.0.0
ProductVersion	6.1.1.6
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
CompanyName	StreamFab 6.1.1.6 Loader
FileDescription	StreamFab 6.1.1.6 Loader
FileVersion (#2)	1.0.0.0
InternalName	StreamFab 6.1.1.6 Loader.dll
LegalCopyright
OriginalFilename	StreamFab 6.1.1.6 Loader.dll
ProductName	StreamFab 6.1.1.6 Loader
ProductVersion (#2)	6.1.1.6
Assembly Version	6.1.1.6

Resource LangID	UNKNOWN

TLS Callbacks

Load Configuration

RICH Header

68061a13e79a672050edae934edbf8e3

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rsrc

.text (#2)

.rsrc (#2)

Imports

Delayed Imports

1

2

3

4

5

6

7

32512

1 (#2)

1 (#3)

Version Info

TLS Callbacks

Load Configuration

RICH Header

Errors