73eab96c0898a78a61d89782ef6fab83

Summary

Architecture IMAGE_FILE_MACHINE_I386
Subsystem IMAGE_SUBSYSTEM_WINDOWS_CUI
Compilation Date 2076-May-27 20:18:09
Debug artifacts /_/artifacts/obj/Microsoft.Extensions.Logging/net461-Release/Microsoft.Extensions.Logging.pdb
Comments Microsoft.Extensions.Logging
CompanyName Microsoft Corporation
FileDescription Microsoft.Extensions.Logging
FileVersion 5.0.20.51904
InternalName Microsoft.Extensions.Logging.dll
LegalCopyright © Microsoft Corporation. All rights reserved.
OriginalFilename Microsoft.Extensions.Logging.dll
ProductName Microsoft® .NET
ProductVersion 5.0.0+cf258a14b70ad9069470a108f13765e0e5988f51
Assembly Version 5.0.0.0

Plugin Output

Info Interesting strings found in the binary: Contains domain names:
  • github.com
Suspicious The PE is possibly packed. The PE only has 1 import(s).
Info The PE is digitally signed. Signer: Microsoft Corporation
Issuer: Microsoft Code Signing PCA 2011
Safe VirusTotal score: 0/69 (Scanned on 2020-12-12 04:58:07) All the AVs think this file is safe.

Hashes

MD5 73eab96c0898a78a61d89782ef6fab83
SHA1 07541eed457b5977890c13622d4fc4cabebc67fb
SHA256 c4b2b98c21b24b88640bc0be5dcd335d82df129dcaa0dcc778d91a759a037524
SHA3 9ddf405dc93d2f37d680c0fc4ac2cbe6b478430b5dff22bf8c1a6a8b80a06a67
SSDeep 768:4h6vD0G7mTf+gzUfLKd5zu3koojbs3a0E:4shm7ALkC0oojA3a0
Imports Hash dae02f32a21e03ce65412f6e56942daa

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0x80

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_I386
NumberofSections 3
TimeDateStamp 2076-May-27 20:18:09
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xe0
Characteristics IMAGE_FILE_DLL
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Image Optional Header

Magic PE32
LinkerVersion 48.0
SizeOfCode 0x7a00
SizeOfInitializedData 0x800
SizeOfUninitializedData 0
AddressOfEntryPoint 0x0000986A (Section: .text)
BaseOfCode 0x2000
BaseOfData 0xa000
ImageBase 0x10000000
SectionAlignment 0x2000
FileAlignment 0x200
OperatingSystemVersion 4.0
ImageVersion 0.0
SubsystemVersion 6.0
Win32VersionValue 0
SizeOfImage 0xe000
SizeOfHeaders 0x200
Checksum 0xc472
Subsystem IMAGE_SUBSYSTEM_WINDOWS_CUI
DllCharacteristics IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 3285b1e935dbd03006fc372f2c009aa3
SHA1 f9f618140b233a5d3a295194e59343aef21df34c
SHA256 b045958ccfc8a74cb9000fb4abd38b4d1bfe8d9e60be12437580d5a31877fdae
SHA3 998f6fffbd18cf5819c44d1e3e39a17b8fafc1a6f71d83e8acde052c788d23f3
VirtualSize 0x7870
VirtualAddress 0x2000
SizeOfRawData 0x7a00
PointerToRawData 0x200
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 5.97145

.rsrc

MD5 a7906e088a2fd09deaa9ca928a13356d
SHA1 0bcc6936c2dcb19e6403eac24ba041c88e2e9306
SHA256 994dc28695321827815a0ca4b5a84f4c30ae93cbe5a329d520c734809740b5a7
SHA3 3b9e7f437dbe53a6ddf075c1863e6c2f41104af96cea213d197eadc87b47dcdc
VirtualSize 0x4c4
VirtualAddress 0xa000
SizeOfRawData 0x600
PointerToRawData 0x7c00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 2.79483

.reloc

MD5 c0a0ec2f67ed584a957e90baf4ceef05
SHA1 725b47434f1e1800710fca72e3a813a8dc54281a
SHA256 4c02accacfc6008e39cb39787d5728b87d9dc3436b45b3669030a3782e5b430b
SHA3 689f64a8dbe361f9890cf62a5c94d0af822e853c6e930131a0c1966e566201cc
VirtualSize 0xc
VirtualAddress 0xc000
SizeOfRawData 0x200
PointerToRawData 0x8200
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Entropy 0.0815394

Imports

mscoree.dll _CorDllMain

Delayed Imports

1

Type RT_VERSION
Language UNKNOWN
Codepage UNKNOWN
Size 0x468
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.44457
MD5 b686adbd8618ad714347f15567f6b100
SHA1 4500b7e1dc58eba0df1ce1ff4a4497c5f73e0d7c
SHA256 587dbb6cc6d5d0f4039d98fa93cc0ff35ffaae3e5c1752e8fafb347b1bfd4945
SHA3 80e2f693b51718858936ccd1b87ad58acb5772c48319ee9eff56929453fce149

Version Info

Signature 0xfeef04bd
StructVersion 0x10000
FileVersion 5.0.20.51904
ProductVersion 5.0.0.0
FileFlags (EMPTY)
FileOs VOS_DOS_WINDOWS32
VOS_NT_WINDOWS32
VOS__WINDOWS32
FileType VFT_DLL
Language UNKNOWN
Comments Microsoft.Extensions.Logging
CompanyName Microsoft Corporation
FileDescription Microsoft.Extensions.Logging
FileVersion (#2) 5.0.20.51904
InternalName Microsoft.Extensions.Logging.dll
LegalCopyright © Microsoft Corporation. All rights reserved.
OriginalFilename Microsoft.Extensions.Logging.dll
ProductName Microsoft® .NET
ProductVersion (#2) 5.0.0+cf258a14b70ad9069470a108f13765e0e5988f51
Assembly Version 5.0.0.0
Resource LangID UNKNOWN

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics 0
TimeDateStamp 2054-Apr-21 14:38:11
Version 256.20557
SizeofData 118
AddressOfRawData 0x9778
PointerToRawData 0x7978
Referenced File /_/artifacts/obj/Microsoft.Extensions.Logging/net461-Release/Microsoft.Extensions.Logging.pdb

UNKNOWN

Characteristics 0
TimeDateStamp 1970-Jan-01 00:00:00
Version 1.0
SizeofData 39
AddressOfRawData 0x97ee
PointerToRawData 0x79ee

UNKNOWN (#2)

Characteristics 0
TimeDateStamp 1970-Jan-01 00:00:00
Version 0.0
SizeofData 0
AddressOfRawData 0
PointerToRawData 0

TLS Callbacks

Load Configuration

RICH Header

Errors

<-- -->