×
This file seems to be a .NET executable .
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!
Architecture
IMAGE_FILE_MACHINE_I386
Subsystem
IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date
2041-Dec-11 01:50:04
Debug artifacts
C:\Users\Abhishek Deshkar\Desktop\C# Projects\OnlineStudy\OnlineStudy\obj\Debug\OnlineStudy.pdb
Comments
CompanyName
FileDescription
OnlineStudy
FileVersion
1.0.0.0
InternalName
OnlineStudy.exe
LegalCopyright
Copyright © 2020
LegalTrademarks
OriginalFilename
OnlineStudy.exe
ProductName
OnlineStudy
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0
Info
Matching compiler(s):
Microsoft Visual C# v7.0 / Basic .NET
.NET executable -> Microsoft
Info
Interesting strings found in the binary:
Contains domain names:
blackboard.com
cuchd.blackboard.com
https://cuchd.blackboard.com
https://cuchd.blackboard.com/
https://cuchd.blackboard.com/ultra/courses/_4326_1/outline
https://cuchd.blackboard.com/ultra/courses/_4327_1/outline
https://cuchd.blackboard.com/ultra/courses/_4328_1/outline
https://cuchd.blackboard.com/ultra/courses/_4329_1/outline
https://cuchd.blackboard.com/ultra/courses/_4373_1/outline
https://cuchd.blackboard.com/ultra/courses/_4892_1/outline
https://cuchd.blackboard.com/ultra/courses/_4893_1/outline
https://cuchd.blackboard.com/ultra/courses/_4958_1/outline
https://cuchd.blackboard.com/ultra/courses/_5969_1/outline
https://cuchd.blackboard.com/ultra/courses/_6309_1/outline
https://cuchd.blackboard.com/ultra/courses/_6475_1/outline
https://cuchd.blackboard.com/ultra/courses/_6885_1/outline
Suspicious
VirusTotal score: 1/73 (Scanned on 2020-07-30 00:39:02)
APEX:
Malicious
MD5
6dc5656e8533fa2ccf65a01dde66b353
SHA1
930cfdefce5764081f6c8f12a7677f42a541d336
SHA256
b776c4d0c363917a2ccd405b6ba19ebd051c41a60e3aeab96023dcef72b8c867
SHA3
7d204d2c61be794374c2c45ba6fcff2e66cf3e99c85a739975466a942e5c33e9
SSDeep
384:+Wqd6411dP6Twty/Kv19Uqf1khPKTcfc6:+Ww6gvfpfRF6
Imports Hash
f34d5f2d4577ed6d9ceec516c1f5a744
e_magic
MZ
e_cblp
0x90
e_cp
0x3
e_crlc
0
e_cparhdr
0x4
e_minalloc
0
e_maxalloc
0xffff
e_ss
0
e_sp
0xb8
e_csum
0
e_ip
0
e_cs
0
e_ovno
0
e_oemid
0
e_oeminfo
0
e_lfanew
0x80
Signature
PE
Machine
IMAGE_FILE_MACHINE_I386
NumberofSections
3
TimeDateStamp
2041-Dec-11 01:50:04
PointerToSymbolTable
0
NumberOfSymbols
0
SizeOfOptionalHeader
0xe0
Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Magic
PE32
LinkerVersion
48.0
SizeOfCode
0x2c00
SizeOfInitializedData
0x800
SizeOfUninitializedData
0
AddressOfEntryPoint
0x00004A42 (Section: .text)
BaseOfCode
0x2000
BaseOfData
0x6000
ImageBase
0x400000
SectionAlignment
0x2000
FileAlignment
0x200
OperatingSystemVersion
4.0
ImageVersion
0.0
SubsystemVersion
6.0
Win32VersionValue
0
SizeOfImage
0xa000
SizeOfHeaders
0x200
Checksum
0
Subsystem
IMAGE_SUBSYSTEM_WINDOWS_GUI
DllCharacteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve
0x100000
SizeofStackCommit
0x1000
SizeofHeapReserve
0x100000
SizeofHeapCommit
0x1000
LoaderFlags
0
NumberOfRvaAndSizes
16
MD5
747c56c8f6c856d6e7b3123bd5ec9aee
SHA1
962fe1a1fa9013da7c4b2c269f886a3990e0f9fb
SHA256
3a6bc82db994ced67ce69f33e190e2e2527db6ded8f8a2230812d0cfd7a60702
SHA3
0d37822e9e895be8b203fe3da45825fa4a7134fed9d08e12aa4cea930f1e3995
VirtualSize
0x2a48
VirtualAddress
0x2000
SizeOfRawData
0x2c00
PointerToRawData
0x200
PointerToRelocations
0
PointerToLineNumbers
0
NumberOfLineNumbers
0
NumberOfRelocations
0
Characteristics
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy
5.22309
MD5
4001f822e5fa82c351c5a8774ffb6c6d
SHA1
4747966cf4b22a642b5f25ef6fd360c32a144601
SHA256
b33237594df1252b99ab5f9e19e781b93019f6652253229c47411c6e066d1b0d
SHA3
91e9182143960d656a12a0d362aed61b642be6cecfac579a1413591a58cc97e4
VirtualSize
0x5bc
VirtualAddress
0x6000
SizeOfRawData
0x600
PointerToRawData
0x2e00
PointerToRelocations
0
PointerToLineNumbers
0
NumberOfLineNumbers
0
NumberOfRelocations
0
Characteristics
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy
4.09879
MD5
bc687a6c9ebbc7a634f9bc7aca2c5b9e
SHA1
79ff58e3c67fbc761ec9eab1df4c57a70eaf1761
SHA256
e07d8fd10b2a235bb3fa3888f951813e8a492a3e8d7289cf511a6df480e26325
SHA3
3465df96f5a7ff1c8afc268b8c77a7cc88636a1f1c31f71802ca17d65e3c44ee
VirtualSize
0xc
VirtualAddress
0x8000
SizeOfRawData
0x200
PointerToRawData
0x3400
PointerToRelocations
0
PointerToLineNumbers
0
NumberOfLineNumbers
0
NumberOfRelocations
0
Characteristics
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Entropy
0.0815394
Type
RT_VERSION
Language
UNKNOWN
Codepage
UNKNOWN
Size
0x32c
TimeDateStamp
1980-Jan-01 00:00:00
Entropy
3.27188
MD5
82d63a0809b0f73647972504366d8357
SHA1
d9ca1b46383b2ea2adbada818f2ec5cba505235a
SHA256
9537d8f5feb051b22dd264bee8432aa5e58312024f259d93330b6c37a4b020f1
SHA3
65416bf109f00ba6953ff17c6285b053e31a0c55681b5b64c66c88a048d79085
Type
RT_MANIFEST
Language
UNKNOWN
Codepage
UNKNOWN
Size
0x1ea
TimeDateStamp
1980-Jan-01 00:00:00
Entropy
5.00112
MD5
b7db84991f23a680df8e95af8946f9c9
SHA1
cac699787884fb993ced8d7dc47b7c522c7bc734
SHA256
539dc26a14b6277e87348594ab7d6e932d16aabb18612d77f29fe421a9f1d46a
SHA3
4f72877413d13a67b52b292a8524e2c43a15253c26aaf6b5d0166a65bc615cff
Signature
0xfeef04bd
StructVersion
0x10000
FileVersion
1.0.0.0
ProductVersion
1.0.0.0
FileFlags
(EMPTY)
FileOs
VOS_DOS_WINDOWS32
VOS_NT_WINDOWS32
VOS__WINDOWS32
FileType
VFT_APP
Language
UNKNOWN
Comments
CompanyName
FileDescription
OnlineStudy
FileVersion (#2)
1.0.0.0
InternalName
OnlineStudy.exe
LegalCopyright
Copyright © 2020
LegalTrademarks
OriginalFilename
OnlineStudy.exe
ProductName
OnlineStudy
ProductVersion (#2)
1.0.0.0
Assembly Version
1.0.0.0
Characteristics
0
TimeDateStamp
2104-Apr-25 11:17:03
Version
0.0
SizeofData
120
AddressOfRawData
0x4978
PointerToRawData
0x2b78
Referenced File
C:\Users\Abhishek Deshkar\Desktop\C# Projects\OnlineStudy\OnlineStudy\obj\Debug\OnlineStudy.pdb
Characteristics
0
TimeDateStamp
1970-Jan-01 00:00:00
Version
0.0
SizeofData
0
AddressOfRawData
0
PointerToRawData
0