Manalyze report for 6ae2e6c5e376f04ae1562b00dec29de9

This file seems to be a .NET executable.
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2052-Dec-28 07:12:52
Debug artifacts	C:\Users\Noah\source\repos\Google Meet\Google Meet\obj\Debug\Google Meet.pdb
Comments
CompanyName
FileDescription	Google Meet
FileVersion	`1.0.0.0`
InternalName	Google Meet.exe
LegalCopyright	Copyright © 2021
LegalTrademarks
OriginalFilename	Google Meet.exe
ProductName	Google Meet
ProductVersion	`1.0.0.0`
Assembly Version	1.0.0.0

Plugin Output

Malicious	The program tries to mislead users about its origins.	`The PE pretends to be from Google but is not signed!`
Malicious	VirusTotal score: 3/69 (Scanned on 2021-04-05 22:39:58)	`Rising: Trojan.Zpevdo!8.F912 (CLOUD)` `APEX: Malicious` `eGambit: Unsafe.AI_Score_99%`

Hashes

MD5	`6ae2e6c5e376f04ae1562b00dec29de9`
SHA1	`bf7386fe487a3d30681b26bcc8a600a7232be471`
SHA256	`bda3f32d0bb1916b46695f656d1960a339883bf0c060a2e223a664160caf9375`
SHA3	`6d6fb37c2cf45c5b5c4c02b097ba9c90e8fe0d890f34ee39bdd90fb7adfed2f4`
SSDeep	`3072:otjtjtjtGCoZIp9EQVyQSyN9EQVyQSyV:pArytCyt`
Imports Hash	`f34d5f2d4577ed6d9ceec516c1f5a744`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`3`
TimeDateStamp	2052-Dec-28 07:12:52
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`80.0`
SizeOfCode	`0x40200`
SizeOfInitializedData	`0x3c200`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x000421F2 (Section: .text)`
BaseOfCode	`0x2000`
BaseOfData	`0x44000`
ImageBase	`0x400000`
SectionAlignment	`0x2000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x82000`
SizeOfHeaders	`0x200`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`f75301848fd1d6d9117460769c6d6dee`
SHA1	`5a5c31f8831842baec40e00b711e7069bebbec3c`
SHA256	`6e6b5c31b32257fea6b03585258349efd98aeb0fc075e194baa716b9960a8192`
SHA3	`4d99204e35532c49ddb737ad75e3bb08a1f0682826dc38ca86e55b5fd23e4752`
VirtualSize	`0x401f8`
VirtualAddress	`0x2000`
SizeOfRawData	`0x40200`
PointerToRawData	`0x200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`2.90293`

.rsrc

MD5	`5174991295e06c1086085e1fe564d5ac`
SHA1	`d870b27ee2a444b08266f79a37b04bd6353f53c4`
SHA256	`13a7129e9be5521a4a003b6a253e0839642131da06a07c88d2722059175fac51`
SHA3	`66681e38a3845c87a754dc1bd0284da808709671430a022f91ab830b7bbbf03a`
VirtualSize	`0x3bf68`
VirtualAddress	`0x44000`
SizeOfRawData	`0x3c000`
PointerToRawData	`0x40400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`2.50234`

.reloc

MD5	`0febb5c93dfa122197e352e38ea75409`
SHA1	`27189f5c1e73a1ec99f3603b4531411cb97ca2e8`
SHA256	`9488724bb2056a7225502447cd8d0add370961e059ed1b474009b11c301292c1`
SHA3	`37805bc0960ca0b90907871886e0e80b165d32f7cbfebaa0f43d23e08a269c04`
VirtualSize	`0xc`
VirtualAddress	`0x80000`
SizeOfRawData	`0x200`
PointerToRawData	`0x7c400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.10191`

Imports

mscoree.dll	`_CorExeMain`

Delayed Imports

1

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x3b908`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.46012`
MD5	`712b20320f4f98c2c5a194b82275efbe`
SHA1	`4663d48d236ab25dc5baa934a4949a4e7fd26c18`
SHA256	`d3fde2589ecb6a7d94093c8f0926fc6726c3072bc00c308a7ad5c6912a55b1c3`
SHA3	`0fbe054d4c293a4230c57a72f7f2d9f719806b384cae1a128de79555c765b5ca`

32512

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.01924`
Detected Filetype	Icon file
MD5	`e133ceeb1f61d4669efaa5d109f63cf9`
SHA1	`7f4a4eee18147421cf12f69487a8024818aa8499`
SHA256	`45d896122ad4f1db7b07ce954aeb58f00f7d8730163a541b0d69e82e033ec371`
SHA3	`bf401747e59429a2ddfdd330bab7e5ebcdfe30df6c76d6c37a97cfc349bcb86f`

1 (#2)

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x32c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.27116`
MD5	`30586a79f4b3db75500e884ad6b4ab61`
SHA1	`e52974dbd326881169d23e66e3fa8daa07966b81`
SHA256	`beee196a075f2c624faa9b0410a966eee929145d56e7936bcdac2113cadd783f`
SHA3	`d293d18f69bbc19184dcc8b44dc32c26d929977a2bdfb592cdf63d34549a5ba8`

1 (#3)

Type	`RT_MANIFEST`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1ea`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.00112`
MD5	`b7db84991f23a680df8e95af8946f9c9`
SHA1	`cac699787884fb993ced8d7dc47b7c522c7bc734`
SHA256	`539dc26a14b6277e87348594ab7d6e932d16aabb18612d77f29fe421a9f1d46a`
SHA3	`4f72877413d13a67b52b292a8524e2c43a15253c26aaf6b5d0166a65bc615cff`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.0.0.0
ProductVersion	1.0.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
Comments
CompanyName
FileDescription	Google Meet
FileVersion (#2)	1.0.0.0
InternalName	Google Meet.exe
LegalCopyright	Copyright © 2021
LegalTrademarks
OriginalFilename	Google Meet.exe
ProductName	Google Meet
ProductVersion (#2)	1.0.0.0
Assembly Version	1.0.0.0

Resource LangID	UNKNOWN

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2061-Oct-15 07:59:09
Version	`0.0`
SizeofData	`101`
AddressOfRawData	`0x42138`
PointerToRawData	`0x40338`
Referenced File	C:\Users\Noah\source\repos\Google Meet\Google Meet\obj\Debug\Google Meet.pdb

UNKNOWN

Characteristics	`0`
TimeDateStamp	1970-Jan-01 00:00:00
Version	`0.0`
SizeofData	`0`
AddressOfRawData	`0`
PointerToRawData	`0`

TLS Callbacks

Load Configuration

RICH Header

6ae2e6c5e376f04ae1562b00dec29de9

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rsrc

.reloc

Imports

Delayed Imports

1

32512

1 (#2)

1 (#3)

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

UNKNOWN

TLS Callbacks

Load Configuration

RICH Header

Errors