Manalyze report for 833a0a06529068e9bfa14c0f51132d27

This file seems to be a .NET executable.
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2017-Sep-26 11:34:13
Debug artifacts	C:\Users\The World\Desktop\Da rinovare\Pirater un compte Instagram\Visual basic 2\WindowsApplication1\WindowsApplication1\obj\x86\Debug\Pirater un compte Instagram.pdb
Comments	Clé d'activation
CompanyName	Logiciel Pirater
FileDescription	Pirater un compte Instagram - Clé d'activation
FileVersion	`1.0.0.0`
InternalName	Pirater un compte Instagram.exe
LegalCopyright	2017
OriginalFilename	Pirater un compte Instagram.exe
ProductName	Pirater un compte Instagram - Clé d'activation
ProductVersion	`1.0.0.0`
Assembly Version	1.0.0.0

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C# v7.0 / Basic .NET` `Microsoft Visual C++ 8.0` `.NET executable -> Microsoft`
Info	Interesting strings found in the binary:	`Contains domain names: http://www.obtenircle.com http://www.obtenircle.com/ obtenircle.com www.obtenircle.com`
Suspicious		`Unusual section name found: .sdata`
Malicious	VirusTotal score: 4/71 (Scanned on 2023-08-06 23:28:17)	`APEX: Malicious` `CrowdStrike: win/malicious_confidence_60% (D)` `DrWeb: Trojan.Surveyer.9` `Trapmine: suspicious.low.ml.score`

Hashes

MD5	`833a0a06529068e9bfa14c0f51132d27`
SHA1	`88bc31a8383fa458d1cfaebf629be764468acda8`
SHA256	`abe7427eca1b4f0837ed60e035fbf310292072e7933a365bcd39c055464f113f`
SHA3	`fae1e03cc99a5ba94ec08a0ec2fb2592eaa446cde23febe514d1bcc479323fef`
SSDeep	`12288:XCLyGZNjtCbqeivf8SsKEbUM3ToCLyGZNjtCbqeivf8SsK:XZGDQbqeiv03KEP3ToZGDQbqeiv03K`
Imports Hash	`f34d5f2d4577ed6d9ceec516c1f5a744`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`4`
TimeDateStamp	2017-Sep-26 11:34:13
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`11.0`
SizeOfCode	`0x6ce00`
SizeOfInitializedData	`0x5b000`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0006EC7E (Section: .text)`
BaseOfCode	`0x2000`
BaseOfData	`0x70000`
ImageBase	`0x400000`
SectionAlignment	`0x2000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0xd0000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`6d2674cf5f9166c88c5474c568d1ec10`
SHA1	`0c3707d8e8890468a9c2ac73d4df4a9ec1d4a31d`
SHA256	`e02c1c5cade3e57a47eba561435aec9e5414ca2f1e5921bea5fe66922af8c3ec`
SHA3	`ec5662908244195eb08ca09026faac92ac132bee2d8013bfffb1a64204381458`
VirtualSize	`0x6cc84`
VirtualAddress	`0x2000`
SizeOfRawData	`0x6ce00`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.30282`

.sdata

MD5	`6645341d38222655a99450b56f1079a3`
SHA1	`0bd3c35fd56f7b9c804c501c3a0496410ee4ffc8`
SHA256	`ae9f01f2ecefc0d2ef6ddb95d12a53083d049bcf30f0708de5d4905b15309da4`
SHA3	`2e393e7858f9f9354ad6790a2b0e851def31fb43d0fc2602a715ad4123382f84`
VirtualSize	`0xdc`
VirtualAddress	`0x70000`
SizeOfRawData	`0x200`
PointerToRawData	`0x6d200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`3.04048`

.rsrc

MD5	`10414dace5a275a29617d28413439703`
SHA1	`ed8aa9c1f6aa344dfdbff147b1104e45ee639485`
SHA256	`0ba7ddfa8189f9bdcfc43b971cec7456cbd190a2bc4df25a1c9cb8fd2c4de771`
SHA3	`1492d6a00500a98c166051b88fed72a846c8a0b165e1a8acb3bb215c3b247e51`
VirtualSize	`0x5ab60`
VirtualAddress	`0x72000`
SizeOfRawData	`0x5ac00`
PointerToRawData	`0x6d400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.93075`

.reloc

MD5	`8d2fe4f90724d1ed596bbb468c1b8e02`
SHA1	`cd810ca6b1dabcfe34f0fcd4f9c683bccafb335e`
SHA256	`3e8651df430da9c6f568c5c2061cb89bfe5ed93dfa5a133f0f0c6dfd2c590c99`
SHA3	`cbf3d5ce070239428758c115b8e9299f68a7848e91b02d5eab13483a571cee23`
VirtualSize	`0xc`
VirtualAddress	`0xce000`
SizeOfRawData	`0x200`
PointerToRawData	`0xc8000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.10191`

Imports

mscoree.dll	`_CorExeMain`

Delayed Imports

2

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x42028`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.88037`
MD5	`3e2059d4e50a47eb126d80af926ef313`
SHA1	`5fa77f3656a8c66bea26795e287b94806db6796b`
SHA256	`9686f6117b36ef6465ed55918ce8fe4c0926f5e8f81033f19b87ddc26eff4bc6`
SHA3	`f13b41cf3d1fa73e8c350a51b9830142de9e1ab93f04c36f2b015ef8e59c0b2d`

3

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.99249`
MD5	`fe9431fb0fc7971fcdd87f1b477cdb38`
SHA1	`bad5f5cfa7fe5c1bd63ff1809512588cb97e9d8d`
SHA256	`4d6dde52d26e556a6f38a156c1676933345c3d43eda5fe8fed5899e531cd8b3e`
SHA3	`95e2db1b6f9ca236db1041c4b07fefceedbddaa6b649d1e1f2bcff60044751a2`

4

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.15283`
MD5	`a78add9884548f7d080f2c8f3465be51`
SHA1	`82e4e6bae2c56d28309da35f64b0ea7c6f908da7`
SHA256	`fec7bb94f7ed5d86bf4855142238b9e71f7d40a96ea4ecdbdfd057d93424a512`
SHA3	`4149ce70b382a645e9f76b9c2aa2c3df89337b17e59dbc7e3beb9f83e2555948`

5

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.23863`
MD5	`64dc8978b2ab897bb32f9e456f1f459f`
SHA1	`1aed9af431c74a1fb126214f86a88eef9a314120`
SHA256	`c81c4606a05debbb3f87650e2b01ab5035af7142aef199bbdfdf5474f1bead8c`
SHA3	`7db0b4acd17e0576e3477aca7a74e01e9230a94a64f90d227c45d420ac04e4dc`

6

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.373`
MD5	`cb403e61db92356a2a46cb88424caa01`
SHA1	`7d571fa407dcbb26c9af2addb868e7d03d3535e5`
SHA256	`24a0c9dbc15e838309c2a36074f7863f09a82e1af0cc77439abb8e93c5b5ff17`
SHA3	`a3e283ade036852e9499ec8fd61543f415aee6817938ec6a739b6ca9a0f0fc5a`

7

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.87424`
MD5	`27927847360ceea72e17be43e3342547`
SHA1	`937f6a9e5e4d8cc3e5eceb9bdf9516bcd998ed42`
SHA256	`598e4dd58318a2e403905a3c3657f5ff3b83e3d8054e12033abfc743fc205e30`
SHA3	`162e4961df061d51d9cb4dc6ebe8901f7242c052ee8af46a39e68ae314c4d658`

32512

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x5a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.81543`
Detected Filetype	Icon file
MD5	`27cb9c819c15450c0861872e698a4fb4`
SHA1	`6c1d4746c9619285a54faf0a4e81245054c96808`
SHA256	`a3797bc2bfbceadb35dd104dd8d922139baaf3d9fc73980d3dafaed9a3148b99`
SHA3	`b83ab8ae50737d161c8cbdab9cff7395be426421c182b20da6b28bd5a8008714`

1

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x3f8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.30542`
MD5	`b85c512fc36875896efa77fdbf29d7d8`
SHA1	`2c5d237cf547972ec64d3f5a245e078d48cf619f`
SHA256	`d537fb69811e03ed8d91b75731faf9ff72ade8a1112945a993f87ac7dea26060`
SHA3	`668d68f9cb85481652d55222954ef6c16a4f7b0ccf52c4c0af986e0fb7dc3272`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.0.0.0
ProductVersion	1.0.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
Comments	Clé d'activation
CompanyName	Logiciel Pirater
FileDescription	Pirater un compte Instagram - Clé d'activation
FileVersion (#2)	1.0.0.0
InternalName	Pirater un compte Instagram.exe
LegalCopyright	2017
OriginalFilename	Pirater un compte Instagram.exe
ProductName	Pirater un compte Instagram - Clé d'activation
ProductVersion (#2)	1.0.0.0
Assembly Version	1.0.0.0

Resource LangID	UNKNOWN

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2017-Sep-26 11:34:13
Version	`0.0`
SizeofData	`192`
AddressOfRawData	`0x7001c`
PointerToRawData	`0x6d21c`
Referenced File	C:\Users\The World\Desktop\Da rinovare\Pirater un compte Instagram\Visual basic 2\WindowsApplication1\WindowsApplication1\obj\x86\Debug\Pirater un compte Instagram.pdb

TLS Callbacks

Load Configuration

RICH Header

833a0a06529068e9bfa14c0f51132d27

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.sdata

.rsrc

.reloc

Imports

Delayed Imports

2

3

4

5

6

7

32512

1

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

TLS Callbacks

Load Configuration

RICH Header

Errors