Manalyze report for 7190400fe5e52fc14ec3d5a1d324068cbfb6cf35d1f984d99c93ec0a8019ba04

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2026-Jun-14 20:22:00
Detected languages	English - United States
CompanyName	USSD Monitoring Tool
FileDescription	USSD Monitoring Tool
FileVersion	`1.3.9+1`
InternalName	ussd_monitor
LegalCopyright	Copyright (C) 2023 Your Company. All rights reserved.
OriginalFilename	ussd_monitor.exe
ProductName	USSD Monitoring Tool
ProductVersion	`1.3.9+1`

Plugin Output

Info	Matching compiler(s):	`MASM/TASM - sig1(h)`
Suspicious	Strings found in the binary may indicate undesirable behavior:	`Contains references to security software: monitor.exe`
Info	The PE contains common functions which appear in legitimate applications.	`[!] The program may be hiding some of its imports: LoadLibraryA GetProcAddress` `Can access the registry: RegGetValueW`
Suspicious	No VirusTotal score.	`This file has never been scanned on VirusTotal.`

Hashes

MD5	`66d5b01e2986462d0f67aa0d28375dcb`
SHA1	`38ee53b4932432971f20623887f87db2ef6f0d83`
SHA256	`7190400fe5e52fc14ec3d5a1d324068cbfb6cf35d1f984d99c93ec0a8019ba04`
SHA3	`41b235c913785425c43a838352ccfa6781ea5df3a5c026268fa2c79d3bf200ea`
SSDeep	`3072:Y5+w2OETs66scwJ3kKeQ4qVW6KURFS9eVVoX5hpKjKSOHpMe9:Y5+w2OEo66O3kKeQ4qVW6KFeVVEgqH`
Imports Hash	`292673545ce72a52cc7407e55a553fb6`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x118`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`6`
TimeDateStamp	2026-Jun-14 20:22:00
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0x5e00`
SizeOfInitializedData	`0x1a400`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0000000000005DA4 (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x24000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`71271c02bfe7573e9deadee52ef2b36c`
SHA1	`b32dec73214584974b72c20a381d48fd9e0cc02f`
SHA256	`c6084eddd6f4d6f903f5595455b2fc807c8f7ac3f7c78e5d2f71090a302c167f`
SHA3	`9bcd64eb782a72b28b9826f0a34bb21983924285a6df169f3616f305ecf7e16d`
VirtualSize	`0x5da0`
VirtualAddress	`0x1000`
SizeOfRawData	`0x5e00`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.11579`

.rdata

MD5	`2d669cf18adf3261843a1f916dbe1499`
SHA1	`069dca7c73ac2052e347edafbb0f82b7c083020d`
SHA256	`d5ff473f1dbbf61aa54a72976d57e96930282e6381fb1ac32e7a08778858e142`
SHA3	`73d2e8d68a2d6060b42891c547c6f99d1a672715e06b0c9829a41f5acfad2fa5`
VirtualSize	`0x62fa`
VirtualAddress	`0x7000`
SizeOfRawData	`0x6400`
PointerToRawData	`0x6200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.00132`

.data

MD5	`fdd34b607e85b72338f8e42d4efdc0f1`
SHA1	`f29e1b77ae7a824f5402f460db66470934568370`
SHA256	`fa4235acd7ba549d14c3753db64fd658701fb3adefb39da15ade0379699f6132`
SHA3	`d89b049cb11cf873c37ae05ca07edcc1f940899432f7030254abb4941c0ab436`
VirtualSize	`0xc38`
VirtualAddress	`0xe000`
SizeOfRawData	`0x800`
PointerToRawData	`0xc600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`3.63391`

.pdata

MD5	`a293c8494e45dc44f2f3ea4f324f9f51`
SHA1	`5ac112d300e8b0b3821ce8853aac027857e05ed2`
SHA256	`0c511250520d237a66ff31e238d06bf5dab2c97c1e6d075680a758e88051ad11`
SHA3	`99046aef83bf9843ffeec81571a8e49ef645d1865fe06f1df18a73a3494ec73d`
VirtualSize	`0x75c`
VirtualAddress	`0xf000`
SizeOfRawData	`0x800`
PointerToRawData	`0xce00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.08381`

.rsrc

MD5	`4a24585ef4c520c1d996da0fe87184a0`
SHA1	`ab7b9632882aa7a05153129a3c3553fb19b8086b`
SHA256	`db08fdf08e4588146e554a766a3a69442b3ed479b41d3b8483d2eca931449b07`
SHA3	`f1f972e7c039907f486d501098ef414b0a72911c769f30707b569a110174f60d`
VirtualSize	`0x12640`
VirtualAddress	`0x10000`
SizeOfRawData	`0x12800`
PointerToRawData	`0xd600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`7.9091`

.reloc

MD5	`3fa5ded7004dca835ecf24ef5bdd056b`
SHA1	`82f7c2b718f05d84110f3dd4d49c919eedf69975`
SHA256	`2dc3f4c8f7416d011e35892492a7cd79d2f2209371d60cf3d1b3be80fecc51ea`
SHA3	`587cb22564285b6628ec1de16f823424cdbc49155e3bfba5fad0bb0675e9c0e1`
VirtualSize	`0xfc`
VirtualAddress	`0x23000`
SizeOfRawData	`0x200`
PointerToRawData	`0x1fe00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`3.22207`

Imports

dwmapi.dll	`DwmSetWindowAttribute`
desktop_multi_window_plugin.dll	`DesktopMultiWindowPluginRegisterWithRegistrar`
screen_retriever_plugin.dll	`ScreenRetrieverPluginRegisterWithRegistrar`
url_launcher_windows_plugin.dll	`UrlLauncherWindowsRegisterWithRegistrar`
window_manager_plugin.dll	`WindowManagerPluginRegisterWithRegistrar`
flutter_windows.dll	`FlutterDesktopViewControllerCreate` `FlutterDesktopViewControllerForceRedraw` `FlutterDesktopViewControllerGetView` `FlutterDesktopMessengerUnlock` `FlutterDesktopMessengerLock` `FlutterDesktopMessengerIsAvailable` `FlutterDesktopMessengerRelease` `FlutterDesktopMessengerAddRef` `FlutterDesktopMessengerSetCallback` `FlutterDesktopMessengerSendResponse` `FlutterDesktopMessengerSendWithReply` `FlutterDesktopMessengerSend` `FlutterDesktopEngineGetPluginRegistrar` `FlutterDesktopEngineGetMessenger` `FlutterDesktopEngineSetNextFrameCallback` `FlutterDesktopViewControllerHandleTopLevelWindowProc` `FlutterDesktopViewControllerDestroy` `FlutterDesktopEngineReloadSystemFonts` `FlutterDesktopEngineDestroy` `FlutterDesktopEngineCreate` `FlutterDesktopGetDpiForMonitor` `FlutterDesktopResyncOutputStreams` `FlutterDesktopViewGetHWND`
KERNEL32.dll	`GetSystemTimeAsFileTime` `GetCurrentThreadId` `GetCurrentProcessId` `QueryPerformanceCounter` `IsProcessorFeaturePresent` `TerminateProcess` `GetCurrentProcess` `SetUnhandledExceptionFilter` `UnhandledExceptionFilter` `RtlVirtualUnwind` `RtlLookupFunctionEntry` `InitializeSListHead` `LoadLibraryA` `GetProcAddress` `GetModuleHandleW` `FreeLibrary` `AllocConsole` `WideCharToMultiByte` `LocalFree` `GetCommandLineW` `RtlCaptureContext` `AttachConsole` `IsDebuggerPresent` `GetStartupInfoW`
USER32.dll	`DefWindowProcW` `PostQuitMessage` `RegisterClassW` `UnregisterClassW` `CreateWindowExW` `DestroyWindow` `ShowWindow` `MoveWindow` `TranslateMessage` `SetFocus` `GetClientRect` `GetWindowLongPtrW` `SetWindowLongPtrW` `SetParent` `LoadCursorW` `LoadIconW` `MonitorFromPoint` `DispatchMessageW` `SetWindowPos` `GetMessageW`
SHELL32.dll	`CommandLineToArgvW`
ole32.dll	`CoInitializeEx` `CoUninitialize`
ADVAPI32.dll	`RegGetValueW`
MSVCP140.dll	`?width@ios_base@std@@QEAA_J_J@Z` `?width@ios_base@std@@QEBA_JXZ` `?flags@ios_base@std@@QEBAHXZ` `?good@ios_base@std@@QEBA_NXZ` `?_Xbad_function_call@std@@YAXXZ` `?sync_with_stdio@ios_base@std@@SA_N_N@Z` `?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA` `?_Xlength_error@std@@YAXPEBD@Z` `?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z` `?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z` `?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z` `?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ` `?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ` `?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z` `?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ` `??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z` `?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z` `?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ` `?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A` `?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ`
VCRUNTIME140_1.dll	`__CxxFrameHandler4`
VCRUNTIME140.dll	`_CxxThrowException` `__std_exception_destroy` `__std_exception_copy` `__current_exception_context` `__current_exception` `__C_specific_handler` `memcmp` `__std_type_info_compare` `memmove` `__std_terminate` `memset` `memcpy`
api-ms-win-crt-runtime-l1-1-0.dll	`_crt_atexit` `_configure_wide_argv` `_get_wide_winmain_command_line` `terminate` `_initialize_onexit_table` `_register_onexit_function` `_initialize_wide_environment` `_register_thread_local_exe_atexit_callback` `_c_exit` `_cexit` `_set_app_type` `_initterm_e` `exit` `_invoke_watson` `_seh_filter_exe` `_initterm` `_exit`
api-ms-win-crt-string-l1-1-0.dll	`strlen` `wcslen`
api-ms-win-crt-stdio-l1-1-0.dll	`_dup2` `freopen_s` `__acrt_iob_func` `__p__commode` `_set_fmode` `_fileno`
api-ms-win-crt-heap-l1-1-0.dll	`malloc` `_set_new_mode` `_callnewh` `free`
api-ms-win-crt-math-l1-1-0.dll	`__setusermatherr`
api-ms-win-crt-locale-l1-1-0.dll	`_configthreadlocale`

Delayed Imports

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x11d89`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.94607`
Detected Filetype	PNG graphic file
MD5	`e0eaa9d6044b7f46283db6a37fadc777`
SHA1	`fde3ee1fe71b305aee88b84143fc9b2b23d1b82b`
SHA256	`a2036ddc7a0088e9805d78de24a120425e9723ba92b39588ad7480fac33a43f8`
SHA3	`424582c9206d98603116d644a529e7e4e257c273a53f5e649018b47030122393`

101

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.59047`
Detected Filetype	Icon file
MD5	`1e3c52e8a1770037e53e15163f839709`
SHA1	`bd0f4caeb38670817d8b5366fa2cbdd945b432e7`
SHA256	`628a2c81ebd08c9337f5e26f3bc040d57d50a0ad1ee2a9d61ceca2f0f9008e85`
SHA3	`eaefa917734596891814058e48d8d67103cc06e98cb034f9890ee95c45cc9758`

1 (#2)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x344`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.42328`
MD5	`f6c5f1cb729083272825c678b9953ca6`
SHA1	`1ca1d53bcaffd0e112726072d3d90d7347364236`
SHA256	`7240fcf84c9d09b3497fdf9a6268e136de5a316567dacb69d45f6b434df74514`
SHA3	`e864e53ec8ed4c97a1a2ddfc9bf0d7e16a62e92668c59345a917b1a4c92df23a`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x41a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.05432`
MD5	`03395896369b9f4d54afe96da59504a0`
SHA1	`2ed56089540e69abed7a1301e805acd46b2fd790`
SHA256	`ad004b008efc9493f914a11d76fa9869e8e10222ae9a276859456af8aa17cf1b`
SHA3	`1301031d7d35879e3c236cbbf6b349dcc3aa44f886a1e004c99944a5014a3384`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.3.9.1
ProductVersion	1.3.9.1
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	English - United States
CompanyName	USSD Monitoring Tool
FileDescription	USSD Monitoring Tool
FileVersion (#2)	1.3.9+1
InternalName	ussd_monitor
LegalCopyright	Copyright (C) 2023 Your Company. All rights reserved.
OriginalFilename	ussd_monitor.exe
ProductName	USSD Monitoring Tool
ProductVersion (#2)	1.3.9+1

Resource LangID	English - United States

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2026-Jun-14 20:22:00
Version	`0.0`
SizeofData	`832`
AddressOfRawData	`0xac88`
PointerToRawData	`0x9e88`

TLS Callbacks

StartAddressOfRawData	`0x14000afe8`
EndAddressOfRawData	`0x14000aff0`
AddressOfIndex	`0x14000e678`
AddressOfCallbacks	`0x140007578`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_ALIGN_4BYTES`
Callbacks	`(EMPTY)`

Load Configuration

Size	`0x140`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x14000e000`

RICH Header

XOR Key	`0x20bafb1a`
Unmarked objects	`0`
Imports (VS2008 SP1 build 30729)	`12`
ASM objects (35207)	`3`
C objects (35207)	`10`
C++ objects (35207)	`30`
Imports (35207)	`6`
Imports (VS2022 Update 4 (17.4.3-4) compiler 31937)	`2`
Imports (35227)	`8`
Imports (33145)	`13`
Total imports	`160`
C++ objects (35227)	`9`
Resource objects (35227)	`1`
151	`1`
Linker (35227)	`1`

Errors

Leave a comment

No comments yet.