Manalyze report for 7c4cf7f51600337ecc26066d5139b515

This file seems to be a .NET executable.
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2050-Mar-19 01:44:06
Debug artifacts	PowerISO_Keygen.pdb
Comments	Keygen for PowerISO v7.x
CompanyName	DeFconX
FileDescription	PowerISO_Keygen
FileVersion	`1.1.0.0`
InternalName	PowerISO_Keygen.exe
LegalCopyright	Copyright © 2019
LegalTrademarks	DeltaFoX
OriginalFilename	PowerISO_Keygen.exe
ProductName	PowerISO_Keygen
ProductVersion	`1.1.0.0`
Assembly Version	1.1.0.0

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C# v7.0 / Basic .NET`
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to MD5`
Suspicious		`Unusual section name found: .sdata`
Malicious	VirusTotal score: 32/74 (Scanned on 2024-05-27 08:05:13)	`APEX: Malicious` `AhnLab-V3: Trojan/Win.Hacktool.R268820` `Alibaba: HackTool:Win32/Generic.64b3feef` `Antiy-AVL: Trojan/Win32.Wacatac` `CAT-QuickHeal: Trojan.Keygen` `CrowdStrike: win/grayware_confidence_100% (W)` `Cylance: unsafe` `DeepInstinct: MALICIOUS` `Fortinet: Riskware/PUP` `Google: Detected` `Gridinsoft: Malware.Win32.GenericMC.cc` `Ikarus: not-a-virus:Keygen` `K7AntiVirus: Riskware ( 00584baa1 )` `K7GW: Riskware ( 00584baa1 )` `Lionic: Trojan.Win32.Keygen.4!c` `Malwarebytes: RiskWare.Keygen.MSIL` `MaxSecure: Trojan.Malware.7164915.susgen` `McAfee: RDN/Generic PUP.z` `McAfeeD: Real Protect-LS!7C4CF7F51600` `Microsoft: HackTool:Win32/Keygen` `Paloalto: generic.ml` `Rising: Trojan.Occamy!8.F1CD (CLOUD)` `Sangfor: Hacktool.Win32.Agent.Vkas` `SentinelOne: Static AI - Suspicious PE` `Skyhigh: RDN/Generic PUP.z` `Sophos: Mal/Generic-R` `Symantec: ML.Attribute.HighConfidence` `Trapmine: suspicious.low.ml.score` `TrendMicro-HouseCall: TROJ_GEN.R002H06L522` `Varist: W32/ABRisk.DFSW-2219` `Webroot: W32.HackTool.Gen` `Xcitium: Malware@#2x1xg87wxbpmu`

Hashes

MD5	`7c4cf7f51600337ecc26066d5139b515`
SHA1	`33ffb64ffd28921e12e15007abd4286ec846efd3`
SHA256	`725f8237287582c81c51b560099a00a544c646bbee81fc122dd5fec30ecb4882`
SHA3	`a03a52cc7d1c2c8166931f1f7016438dbd0b630284615ee34821c1c4d37e1162`
SSDeep	`6144:RA0VGx3Yg4QNS8l6tGHF2gGBTKHhGHF2gGBTKH:iPYmQ2951451`
Imports Hash	`f34d5f2d4577ed6d9ceec516c1f5a744`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`4`
TimeDateStamp	2050-Mar-19 01:44:06
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`6.0`
SizeOfCode	`0x38600`
SizeOfInitializedData	`0x21400`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0003A4AE (Section: .text)`
BaseOfCode	`0x2000`
BaseOfData	`0x3c000`
ImageBase	`0x400000`
SectionAlignment	`0x2000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x62000`
SizeOfHeaders	`0x400`
Checksum	`0x69138`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`15`

.text

MD5	`b0056ecd2cdc036bed0f8d97167519fc`
SHA1	`ac95be1010a13948bc40af473d9380504fefe9e2`
SHA256	`83db94a6db4340cebd526d8a17fb64d5b0df288004d3a80486c8e6d8845ac3a3`
SHA3	`6b7d5b20eaa8d27bda8c54a376dd0ecfe8ce37807087daa4c24db4a9b9f13790`
VirtualSize	`0x384b4`
VirtualAddress	`0x2000`
SizeOfRawData	`0x38600`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`5.66541`

.sdata

MD5	`372de65128cdb1934c74f22542a292ac`
SHA1	`867982ad0debb0cea9b1bcf97fa937968c959add`
SHA256	`66b37a593cfe4b8579e3e5b30a5545fe3deab097ba8434ec092b5e165d516e30`
SHA3	`1eeb3b5be1dd01badd6643498f779c596940f5801f7dc69201539f0e561cfbca`
VirtualSize	`0x1a6`
VirtualAddress	`0x3c000`
SizeOfRawData	`0x200`
PointerToRawData	`0x38a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`6.44839`

.rsrc

MD5	`6f546be8f1902aee67baf185d716c1ba`
SHA1	`b836a2c30f59386b34d34d7e0e53ec80b86a06ab`
SHA256	`39b1fd7606e60a2f907d4fe5e8fb3dce7f884b5648cbc9d52744b7f6bdfe5ca6`
SHA3	`61a747b7fd3b595fad1c7f2d7d144813a22ec877b13b0ecf3558fa3c0d314269`
VirtualSize	`0x20f5c`
VirtualAddress	`0x3e000`
SizeOfRawData	`0x21000`
PointerToRawData	`0x38c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.46549`

.reloc

MD5	`7933eb27a25001c592048d914284046e`
SHA1	`c8e6b28216de4da05688e94b0d857a3c1e53678e`
SHA256	`a01680d2ded9a89f96c1f52f0fe7b45954c3c88bd70072cba712b317bfba0130`
SHA3	`633d1c95d8340728df572eae01f9c9082909dbdbb8be276caf245915ca1ca05c`
VirtualSize	`0xc`
VirtualAddress	`0x60000`
SizeOfRawData	`0x200`
PointerToRawData	`0x59c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.10191`

Imports

mscoree.dll	`_CorExeMain`

Delayed Imports

1

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.24941`
MD5	`a1fa017f39e378c88ac5aa61a6569ca0`
SHA1	`9d63bdeedcd3b7f93a5590940ad5d412c38da625`
SHA256	`71bff290c13b4a25f0684f1299239fc493d07f5bc2573ec9204f68ac46556ba0`
SHA3	`7f8ef4ab4c088c6b800d5195ceac13ee7e91abca21a516fd3bdc79bc22b0c4cc`

2

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.51423`
MD5	`c102719e506466dd3cfb9b2cf7a0aa02`
SHA1	`65d0c4b33f18469830829a2a939fc939a66a54bb`
SHA256	`d626f4b9974ee4aceb0195ddc94cba4dad2d6179b525e23a97a57b4a5e68dfb3`
SHA3	`02fc9dcef60e8d2a5d17f13b51fb16e3707597caea4d5e1573b349a7e917e4f3`

3

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x6c8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.61316`
MD5	`7c1f88ca0d39f7f43a846132e8de7f89`
SHA1	`c6058589c5390077cf9d922b4067285ab7cd7b0c`
SHA256	`e1e85839734f085334a6d09263b7f26ef19bbc2504eb7edee1d1ce0d35eb3c0e`
SHA3	`d614fa9d625e53a46f65114d99c20e3e52485e4749681009097706cfaf9b04f5`

4

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.24575`
MD5	`3dbaf7299c6958570399fb41d9b1fec2`
SHA1	`7c16b51cd14a1aa710f70339e65de9cfabf1a463`
SHA256	`5dfcae5a7667ed652909b8d5f7eda4fbb404b41ba85968dbdd65d137fd138c82`
SHA3	`9f69b201658764e45e2c11d10e95677b9277e2615bfbda6a21bb577c84cf2244`

5

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x5418`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.94307`
Detected Filetype	PNG graphic file
MD5	`12ed9430466af5e8821d47351ab76558`
SHA1	`77c329a9d13b25a1186f035ed1735260f3c0938f`
SHA256	`e1e75fb6bc2ca5955074a0f8bb72b089b346ed52360ddf0775de76829cdca5cc`
SHA3	`f1761e8b9b5adb067b25bbd50b992d593ee118a68c4ccab433837a120acf340a`

6

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.5489`
MD5	`036d911f608f9fd7214d025e71873469`
SHA1	`80c9eeaaeca5b66f50d8c022067161ce250d4110`
SHA256	`ad357abee6a8161f7ba0075f24bd4bd36d015b7ba928ff3b4c9c9b8a2bae736a`
SHA3	`aca532226b922ac745765893e8e9915639ae793d7831cbb77d23ae9ef3d87985`

7

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.67618`
MD5	`45b98ee6a0b45e819afd22004bbce807`
SHA1	`844f7e400ec76260419b9933336df800cc1749d9`
SHA256	`5d7ea96b71b98cc741289b2945feeb55bcf9cc4b356585a54a8c57acdace8a19`
SHA3	`f5f53670240a788adbc0af821374ca7e8e8396285555c6a2178c894c264f7542`

8

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.84429`
MD5	`7b3716311a2688f188f88098e784bc48`
SHA1	`54bfe6a195f08315af248a89b555f2a2ff8a3b49`
SHA256	`59a58781816d974a83f20e12dff1bb857402b78cc3809c0390a39b9257d7350a`
SHA3	`87402fce19dfa1e2268dc201a73847a3d7c1eaad9753dd50811d6ebc3127e9d3`

9

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.85277`
MD5	`a604027a84e77d3e0cb5af4324dd823d`
SHA1	`a907e8e586b5e4a17fdcc0611cf059069192d34f`
SHA256	`6ff2862b57b8fadd78908a46adc5daef4b7359df980adefb68d7d99b44020370`
SHA3	`622079c5b8a7b733fbebaefb16727fd234d5dabf10d39f3f7390286ff4247db8`

10

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.0996`
MD5	`09a8b5c4c1e9006f061a708649bfe5a1`
SHA1	`67b2dd1d26531e8c937345cf95f44191b791ac9f`
SHA256	`d9caf3e527ac6c65f07298490a41767df8fc7e5527a40c5db82796ecdbf5f071`
SHA3	`e9fdb7312d4aa9cab8f1229513da30e4bb7c0768c3cb7219d6f77fca0899e368`

11

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.0438`
MD5	`203dd29eb9414bd5a89d12cc8b54b3a5`
SHA1	`27220ffc0b34f194bfdfb37a9fdf3fc72340a879`
SHA256	`4a9e0f70b865511f313f15d9fc641a9c578c052ce8ab1045d989a6e276b3aad8`
SHA3	`0eb55aaeca73d59eb3cb9dc9b3ae4a9551d1991d6e5d14984d9e4f254fb12d01`

32512

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xa0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.01226`
Detected Filetype	Icon file
MD5	`928cca1ae1a3c1547c17c48b1ed7dfa2`
SHA1	`6a509e3bd9d33dc6f243cf7b528399350efd9421`
SHA256	`2c5e586c724f9ceddd3207edcebca21f442ddff830849a86277ec57c8642f23c`
SHA3	`fcbddb24aa2b9c9ea4cff5394c0768bc56799a40b3125cef40c5b201aef6ee7a`

1 (#2)

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x398`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.386`
MD5	`de37fb8bdba908b58127a4daedea21d2`
SHA1	`412cc44759984a37b05bf71bce179721807e9b5d`
SHA256	`abbe21c3534488d6a4119a8616a362ea4b2f51cb20920d854c96d457b9fa70f0`
SHA3	`dce7df494e3b126cd8804c7fd3f111c5d16e53d323af03d7ac77e44f3349dd62`

1 (#3)

Type	`RT_MANIFEST`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1ea`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.00112`
MD5	`b7db84991f23a680df8e95af8946f9c9`
SHA1	`cac699787884fb993ced8d7dc47b7c522c7bc734`
SHA256	`539dc26a14b6277e87348594ab7d6e932d16aabb18612d77f29fe421a9f1d46a`
SHA3	`4f72877413d13a67b52b292a8524e2c43a15253c26aaf6b5d0166a65bc615cff`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.1.0.0
ProductVersion	1.1.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
Comments	Keygen for PowerISO v7.x
CompanyName	DeFconX
FileDescription	PowerISO_Keygen
FileVersion (#2)	1.1.0.0
InternalName	PowerISO_Keygen.exe
LegalCopyright	Copyright © 2019
LegalTrademarks	DeltaFoX
OriginalFilename	PowerISO_Keygen.exe
ProductName	PowerISO_Keygen
ProductVersion (#2)	1.1.0.0
Assembly Version	1.1.0.0

Resource LangID	UNKNOWN

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	1970-Jan-01 00:00:00
Version	`0.0`
SizeofData	`44`
AddressOfRawData	`0x3a430`
PointerToRawData	`0x38830`
Referenced File	PowerISO_Keygen.pdb

TLS Callbacks

Load Configuration

RICH Header

7c4cf7f51600337ecc26066d5139b515

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.sdata

.rsrc

.reloc

Imports

Delayed Imports

1

2

3

4

5

6

7

8

9

10

11

32512

1 (#2)

1 (#3)

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

TLS Callbacks

Load Configuration

RICH Header

Errors