Manalyze report for 6dc5656e8533fa2ccf65a01dde66b353

This file seems to be a .NET executable.
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2041-Dec-11 01:50:04
Debug artifacts	C:\Users\Abhishek Deshkar\Desktop\C# Projects\OnlineStudy\OnlineStudy\obj\Debug\OnlineStudy.pdb
Comments
CompanyName
FileDescription	OnlineStudy
FileVersion	`1.0.0.0`
InternalName	OnlineStudy.exe
LegalCopyright	Copyright © 2020
LegalTrademarks
OriginalFilename	OnlineStudy.exe
ProductName	OnlineStudy
ProductVersion	`1.0.0.0`
Assembly Version	1.0.0.0

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C# v7.0 / Basic .NET` `.NET executable -> Microsoft`
Info	Interesting strings found in the binary:	Contains domain names: blackboard.com cuchd.blackboard.com https://cuchd.blackboard.com https://cuchd.blackboard.com/ https://cuchd.blackboard.com/ultra/courses/_4326_1/outline https://cuchd.blackboard.com/ultra/courses/_4327_1/outline https://cuchd.blackboard.com/ultra/courses/_4328_1/outline https://cuchd.blackboard.com/ultra/courses/_4329_1/outline https://cuchd.blackboard.com/ultra/courses/_4373_1/outline https://cuchd.blackboard.com/ultra/courses/_4892_1/outline https://cuchd.blackboard.com/ultra/courses/_4893_1/outline https://cuchd.blackboard.com/ultra/courses/_4958_1/outline https://cuchd.blackboard.com/ultra/courses/_5969_1/outline https://cuchd.blackboard.com/ultra/courses/_6309_1/outline https://cuchd.blackboard.com/ultra/courses/_6475_1/outline https://cuchd.blackboard.com/ultra/courses/_6885_1/outline
Suspicious	VirusTotal score: 1/73 (Scanned on 2020-07-30 00:39:02)	`APEX: Malicious`

Hashes

MD5	`6dc5656e8533fa2ccf65a01dde66b353`
SHA1	`930cfdefce5764081f6c8f12a7677f42a541d336`
SHA256	`b776c4d0c363917a2ccd405b6ba19ebd051c41a60e3aeab96023dcef72b8c867`
SHA3	`7d204d2c61be794374c2c45ba6fcff2e66cf3e99c85a739975466a942e5c33e9`
SSDeep	`384:+Wqd6411dP6Twty/Kv19Uqf1khPKTcfc6:+Ww6gvfpfRF6`
Imports Hash	`f34d5f2d4577ed6d9ceec516c1f5a744`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`3`
TimeDateStamp	2041-Dec-11 01:50:04
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`48.0`
SizeOfCode	`0x2c00`
SizeOfInitializedData	`0x800`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00004A42 (Section: .text)`
BaseOfCode	`0x2000`
BaseOfData	`0x6000`
ImageBase	`0x400000`
SectionAlignment	`0x2000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0xa000`
SizeOfHeaders	`0x200`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`747c56c8f6c856d6e7b3123bd5ec9aee`
SHA1	`962fe1a1fa9013da7c4b2c269f886a3990e0f9fb`
SHA256	`3a6bc82db994ced67ce69f33e190e2e2527db6ded8f8a2230812d0cfd7a60702`
SHA3	`0d37822e9e895be8b203fe3da45825fa4a7134fed9d08e12aa4cea930f1e3995`
VirtualSize	`0x2a48`
VirtualAddress	`0x2000`
SizeOfRawData	`0x2c00`
PointerToRawData	`0x200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`5.22309`

.rsrc

MD5	`4001f822e5fa82c351c5a8774ffb6c6d`
SHA1	`4747966cf4b22a642b5f25ef6fd360c32a144601`
SHA256	`b33237594df1252b99ab5f9e19e781b93019f6652253229c47411c6e066d1b0d`
SHA3	`91e9182143960d656a12a0d362aed61b642be6cecfac579a1413591a58cc97e4`
VirtualSize	`0x5bc`
VirtualAddress	`0x6000`
SizeOfRawData	`0x600`
PointerToRawData	`0x2e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.09879`

.reloc

MD5	`bc687a6c9ebbc7a634f9bc7aca2c5b9e`
SHA1	`79ff58e3c67fbc761ec9eab1df4c57a70eaf1761`
SHA256	`e07d8fd10b2a235bb3fa3888f951813e8a492a3e8d7289cf511a6df480e26325`
SHA3	`3465df96f5a7ff1c8afc268b8c77a7cc88636a1f1c31f71802ca17d65e3c44ee`
VirtualSize	`0xc`
VirtualAddress	`0x8000`
SizeOfRawData	`0x200`
PointerToRawData	`0x3400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.0815394`

Imports

mscoree.dll	`_CorExeMain`

Delayed Imports

1

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x32c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.27188`
MD5	`82d63a0809b0f73647972504366d8357`
SHA1	`d9ca1b46383b2ea2adbada818f2ec5cba505235a`
SHA256	`9537d8f5feb051b22dd264bee8432aa5e58312024f259d93330b6c37a4b020f1`
SHA3	`65416bf109f00ba6953ff17c6285b053e31a0c55681b5b64c66c88a048d79085`

1 (#2)

Type	`RT_MANIFEST`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1ea`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.00112`
MD5	`b7db84991f23a680df8e95af8946f9c9`
SHA1	`cac699787884fb993ced8d7dc47b7c522c7bc734`
SHA256	`539dc26a14b6277e87348594ab7d6e932d16aabb18612d77f29fe421a9f1d46a`
SHA3	`4f72877413d13a67b52b292a8524e2c43a15253c26aaf6b5d0166a65bc615cff`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.0.0.0
ProductVersion	1.0.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
Comments
CompanyName
FileDescription	OnlineStudy
FileVersion (#2)	1.0.0.0
InternalName	OnlineStudy.exe
LegalCopyright	Copyright © 2020
LegalTrademarks
OriginalFilename	OnlineStudy.exe
ProductName	OnlineStudy
ProductVersion (#2)	1.0.0.0
Assembly Version	1.0.0.0

Resource LangID	UNKNOWN

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2104-Apr-25 11:17:03
Version	`0.0`
SizeofData	`120`
AddressOfRawData	`0x4978`
PointerToRawData	`0x2b78`
Referenced File	C:\Users\Abhishek Deshkar\Desktop\C# Projects\OnlineStudy\OnlineStudy\obj\Debug\OnlineStudy.pdb

UNKNOWN

Characteristics	`0`
TimeDateStamp	1970-Jan-01 00:00:00
Version	`0.0`
SizeofData	`0`
AddressOfRawData	`0`
PointerToRawData	`0`

TLS Callbacks

Load Configuration

RICH Header

6dc5656e8533fa2ccf65a01dde66b353

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rsrc

.reloc

Imports

Delayed Imports

1

1 (#2)

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

UNKNOWN

TLS Callbacks

Load Configuration

RICH Header

Errors