Manalyze report for 7a6c5c4e4ca30863c944c0d2a44dbf9a

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2069-Aug-19 20:49:35
Debug artifacts	C:\Users\zhous\Documents\workspace\scanmasterplus\ApiDemo\obj\Debug\ApiTester.pdb
Comments
CompanyName	HP Inc.
FileDescription	ApiDemo
FileVersion	`1.0.0.0`
InternalName	ApiTester.exe
LegalCopyright	Copyright © HP Inc. 2023
LegalTrademarks
OriginalFilename	ApiTester.exe
ProductName	ApiDemo
ProductVersion	`1.0.0.0`
Assembly Version	1.0.0.0

Plugin Output

Info	Interesting strings found in the binary:	`Contains domain names: http://127.0.0.1`
Suspicious	The PE is possibly packed.	`The PE only has 0 import(s).`
Suspicious	No VirusTotal score.	`This file has never been scanned on VirusTotal.`

Hashes

MD5	`7a6c5c4e4ca30863c944c0d2a44dbf9a`
SHA1	`f4f5bb8b09661254e8cdb1c130e0132334a49292`
SHA256	`c488514120ed72d74bb3d5dde519f9a4dd76aaea5e9c466acc8db597e2cf8213`
SHA3	`676130c962d1623b14fb9b3ddc4bc9eae98eb82f71c11dc2c84e28c4d6cfc6f9`
SSDeep	`768:p//arHvAQX8jh3vjmW2cXBtteuKtgW5toPp5:ZmHvnXotlRttrPBp5`
Imports Hash	`d41d8cd98f00b204e9800998ecf8427e`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`2`
TimeDateStamp	2069-Aug-19 20:49:35
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`48.0`
SizeOfCode	`0x8c00`
SizeOfInitializedData	`0x1200`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0000000000000000 (Section: ?)`
BaseOfCode	`0x2000`
ImageBase	`0x140000000`
SectionAlignment	`0x2000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0xe000`
SizeOfHeaders	`0x200`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x400000`
SizeofStackCommit	`0x4000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x2000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`bb28bd52c42cbcf0397a87954ee8d36c`
SHA1	`88dc920864d53c0d06be535678245181c0ac27c4`
SHA256	`69d404432d8c3858bd9615bc93a5aa0dbbe59fcd35f2144b13cb30cddb59694f`
SHA3	`5e1cecfa3ba4aad4db84f4f7e6b21fe8bc48c7905611cfb64bc9d62a6e8c555a`
VirtualSize	`0x8b3e`
VirtualAddress	`0x2000`
SizeOfRawData	`0x8c00`
PointerToRawData	`0x200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`5.66708`

.rsrc

MD5	`6c89abd1e52d084e05d34bc25edf8c1e`
SHA1	`e00df64a183a6a353e71c817ad9ff57340b69e4e`
SHA256	`66a64c14b304f2c93c04999d565b90ee5ca375a54933288652e66f066f842031`
SHA3	`0f4875fd2fbec68d0b4b12d86d3249eebd03c5e527e655a7f3011275c8e71ecc`
VirtualSize	`0x10b0`
VirtualAddress	`0xc000`
SizeOfRawData	`0x1200`
PointerToRawData	`0x8e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.50823`

Imports

Delayed Imports

1

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x330`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.26799`
MD5	`f70e94d0153cd26d7b6391e88609a0a5`
SHA1	`d9851d02be95b2779067034dd63871c9680c55e5`
SHA256	`bc22b44fb030befb3fb1eefb00ce5f236d633b7916cd4875511eb841140bcfcb`
SHA3	`39185ca2f9451c16a52ab57518887bab38e57d7f2296a947ced9ebeeb1124d81`

1 (#2)

Type	`RT_MANIFEST`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xcda`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.88526`
MD5	`49eac70bddb780561ee661d08272bd70`
SHA1	`1e16a44f96e9344b5cb52ef15c08d95113825efa`
SHA256	`320631f9397d9751c546369ae228d7a456f7857fbf19c5ae3680632161d7e925`
SHA3	`13a0756274f8db6f3762df5ff978ea0996e36ec2a5ebcc9275b99df0fdc638b4`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.0.0.0
ProductVersion	1.0.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
Comments
CompanyName	HP Inc.
FileDescription	ApiDemo
FileVersion (#2)	1.0.0.0
InternalName	ApiTester.exe
LegalCopyright	Copyright © HP Inc. 2023
LegalTrademarks
OriginalFilename	ApiTester.exe
ProductName	ApiDemo
ProductVersion (#2)	1.0.0.0
Assembly Version	1.0.0.0

Resource LangID	UNKNOWN

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2092-Apr-30 01:14:58
Version	`0.0`
SizeofData	`106`
AddressOfRawData	`0xaad4`
PointerToRawData	`0x8cd4`
Referenced File	C:\Users\zhous\Documents\workspace\scanmasterplus\ApiDemo\obj\Debug\ApiTester.pdb

UNKNOWN

Characteristics	`0`
TimeDateStamp	1970-Jan-01 00:00:00
Version	`0.0`
SizeofData	`0`
AddressOfRawData	`0`
PointerToRawData	`0`

TLS Callbacks

Load Configuration

RICH Header

7a6c5c4e4ca30863c944c0d2a44dbf9a

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rsrc

Imports

Delayed Imports

1

1 (#2)

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

UNKNOWN

TLS Callbacks

Load Configuration

RICH Header

Errors