Manalyze report for 86871eb716c12569ba777894274cfd28

This file seems to be a .NET executable.
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
Compilation Date	2025-Oct-21 04:49:46
Debug artifacts	C:\Users\Soumalya\Downloads\ABDM\Compressed\CrackedLunarAccountTool-release\src\CrackedLunarAccountTool\obj\Release\CrackedLunarAccountTool.pdb
Comments
CompanyName	Whatify
FileDescription	CrackedLunarAccountTool
FileVersion	`1.0.0.0`
InternalName	CrackedLunarAccountTool.exe
LegalCopyright	Copyright © Whatify 2024
LegalTrademarks	Whatify
OriginalFilename	CrackedLunarAccountTool.exe
ProductName	CrackedLunarAccountTool
ProductVersion	`1.0.0.0`
Assembly Version	1.0.0.0

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C# v7.0 / Basic .NET` `.NET executable -> Microsoft`
Info	Interesting strings found in the binary:	`Contains domain names: costura.system.net system.net`
Malicious	VirusTotal score: 23/72 (Scanned on 2025-12-20 14:47:35)	`ALYac: IL:Trojan.MSILZilla.211878` `APEX: Malicious` `Arcabit: IL:Trojan.MSILZilla.D33BA6` `BitDefender: IL:Trojan.MSILZilla.211878` `CTX: exe.trojan.msilzilla` `DeepInstinct: MALICIOUS` `Emsisoft: IL:Trojan.MSILZilla.211878 (B)` `GData: IL:Trojan.MSILZilla.211878` `K7AntiVirus: Trojan ( 700000201 )` `K7GW: Trojan ( 700000201 )` `Lionic: Trojan.Win32.Generic.4!c` `Malwarebytes: Generic.Malware/Suspicious` `MaxSecure: Trojan.Malware.241401018.susgen` `McAfeeD: ti!046C0E3B3E01` `MicroWorld-eScan: IL:Trojan.MSILZilla.211878` `Microsoft: Trojan:Win32/Yomal!rfn` `Paloalto: generic.ml` `Sangfor: Trojan.Win32.Agent.V8on` `Sophos: Mal/Generic-S` `Symantec: Trojan.Gen.MBT` `TrellixENS: Artemis!86871EB716C1` `TrendMicro-HouseCall: TROJ_GEN.R002H09LD25` `VIPRE: IL:Trojan.MSILZilla.211878`

Hashes

MD5	`86871eb716c12569ba777894274cfd28`
SHA1	`a22067a4636c100cf6b9e8429e1334ddc26fa13c`
SHA256	`046c0e3b3e016f7d6e5bb0d6c39925bbccab7e83e4a9294df5ea9ad4f3ebaeda`
SHA3	`a59bb36ff8efebbc830ff186e8e2b92af9ac95b28cba9f2f0ef96a129fb07b0d`
SSDeep	`24576:9lkqjVnlqud+/2P+Ag+lHv0PTMSdUkIaqUxUc8MWYVj:9lkqXfd+/9ATlH8PbUEUcZ`
Imports Hash	`f34d5f2d4577ed6d9ceec516c1f5a744`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`3`
TimeDateStamp	2025-Oct-21 04:49:46
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`48.0`
SizeOfCode	`0xcfc00`
SizeOfInitializedData	`0x28c00`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x000D1ADE (Section: .text)`
BaseOfCode	`0x2000`
BaseOfData	`0`
ImageBase	`0x400000`
SectionAlignment	`0x2000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0xfe000`
SizeOfHeaders	`0x200`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`38ccac85582fc421e53f6dede33cbe3f`
SHA1	`963bfa3ea1bc28f6650709a24e5848861f8511f3`
SHA256	`a57dbf6bcace82df75a84a1e50b34f86ee99e60ed6fb8c49121e7ae2a1fe92a6`
SHA3	`07a109505a1dc8cbd0c9b29d4fdf6a0ec5205ce5e2c73e4497d2a9bce7f0d881`
VirtualSize	`0xcfae4`
VirtualAddress	`0x2000`
SizeOfRawData	`0xcfc00`
PointerToRawData	`0x200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`7.98855`

.rsrc

MD5	`e74ccb7c10399829730076eb658fa2b4`
SHA1	`db5aa4b66e0dc10d1c89cc42c1d019e4c479a866`
SHA256	`741f0410f5bf16f5d6fecba174da512b9b0380c6a5e35cd098fed24608fd4d54`
SHA3	`4e9b89c77d96c2827cd1139e82ba42a49b1f08c4709848c049b6e1fdeba6b21e`
VirtualSize	`0x28824`
VirtualAddress	`0xd2000`
SizeOfRawData	`0x28a00`
PointerToRawData	`0xcfe00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.89506`

.reloc

MD5	`023951d2267cad818087c5003783bbe3`
SHA1	`24e8dea699947ff12fac8d30c9c560777107c463`
SHA256	`0e5ded5f9b5697a870b13a85d3704e2d9bb6c8a0e3cfa0b8473c40fba7746fc8`
SHA3	`fdf31e3f99c7dbe583615159d090a6f14da5226a65174df59c32e91a57acf3ed`
VirtualSize	`0xc`
VirtualAddress	`0xfc000`
SizeOfRawData	`0x200`
PointerToRawData	`0xf8800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.10191`

Imports

mscoree.dll	`_CorExeMain`

Delayed Imports

1

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x5c4d`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.9576`
Detected Filetype	PNG graphic file
MD5	`f2bc0867d6d3efcddc0dcb59ba8391ab`
SHA1	`845b329b5cd11a460577bdaa16550b26850f597b`
SHA256	`e40c51e738d2e7fc9ff34aa62dc125357a71e854e9c6b62feed4d275b85f6166`
SHA3	`aba9fdd2226f633346cef6304e98db674d3d85d9e16114b30b0e012f96f32bbc`

2

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.5483`
MD5	`ec328bdf8f493b6f17567e48c93b213c`
SHA1	`5b8391f661bf384c2f0c837d19edcbbdd7c7b470`
SHA256	`4485da70330a5f18e2c33917d8c222c271c23155bce53541865cb957ccdbc1d7`
SHA3	`5e0a30077c22f23854371173139ae5bc77f164b5aad864fea94ffb7f34de3e34`

3

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x94a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.72559`
MD5	`8201d6fc7da2da07faa2a5549dc42663`
SHA1	`10f4030c4a93197ad07977d3d0579145e7b83ffc`
SHA256	`c095a0a1a0c10ad081466dc60517a1e9f4db64a7152f5b46fe65b47e1dcd1431`
SHA3	`bd851f0809bc92394b796e19e4b72bfc5702859ea2db05fc30aa4cd9580fed87`

4

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.95479`
MD5	`514febe724c599aacb169d4a671afec1`
SHA1	`b6786e58ecc250ffcc40c685342a1a4f33690d35`
SHA256	`0046514440c0e562ad08fbac0db60da1d6bfac3103b79f455a2a1b3d77d46cf8`
SHA3	`dbbb6b95a2aa153759e4dfbf43f3ad29f814477991cff43fd927a3dbfa1143a4`

5

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.02778`
MD5	`70fe1344587407c3787e1679ea9d4006`
SHA1	`7a5105141f3090426a0a63b629f5ca61ac26c635`
SHA256	`13a15fc060e0933f9b096712ee477ba987210da23d47efea4f64d12cba116cf7`
SHA3	`261a2e076e05e220339143e445d9d0da24def7b7331108701e4157fa6db982a8`

6

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.28238`
MD5	`39779206b686509ed04ffe42ded263b7`
SHA1	`97a93e1bed92c8bb8525590593d7830f4b941454`
SHA256	`400420e1509c89f90c690f9f03847c2c49358781f377f8af3f0658203000ea97`
SHA3	`2eb873ac0546ceffcf683f67a91aa7e7766faf5accf4542ec4da6a0ffed6de6a`

7

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.31339`
MD5	`f3ec0c5bdfca44c88a5feaa675d54f12`
SHA1	`f0483e2d2e30b82f1edfdfa06123f25516c5100e`
SHA256	`c6c5d9927f80e0156ba41f7d345da28b4a4401d5085eab8eed27ea167d617b14`
SHA3	`8a7e90bd60e7d3f8f0b342595355cdbf571831944600df35cbfb61618774a40b`

8

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.57158`
MD5	`3056f8c3143f93d8014f0bd049dabd7a`
SHA1	`978e376f1b576dbe43e591c8f0b18bb56f57f22f`
SHA256	`1c2cc14bea581dc0391c9d587c17dcdf60ac536d2972a2732a4beb963c447b7f`
SHA3	`7bfae6528d808e70ef8c933097266a3cf61ee88e0f764ac5959f4a557239558c`

32512

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x76`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.97321`
Detected Filetype	Icon file
MD5	`6f0f3fae05eec7f08fa27c1a45bda991`
SHA1	`c1820863da684a7fdf92a4ca3035fb77ffa39afc`
SHA256	`bc1b7c2139d5d9f47e19c2bc19c0f0dfcf68488c2bd545c619c2882cdd9ca6fc`
SHA3	`99ce72ce046c486c38b014aeae637a2daaeefffb998f5444267871bf5029042d`

1 (#2)

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x3b4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.34587`
MD5	`b80a553e05555a68a661dc335c7c0aa2`
SHA1	`1763c681d8abf0302bb61f32db7b1fb58e542b82`
SHA256	`e56f0d85198f9bc059fb24e62f1fa0e5679e9c2291bb35c4fc017ef8ce1831d6`
SHA3	`babaf8b7c174c4d9ccf1ff8d07efc84db1bfc2260161ca52abbde69f6d68bf3d`

1 (#3)

Type	`RT_MANIFEST`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1ea`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.00112`
MD5	`b7db84991f23a680df8e95af8946f9c9`
SHA1	`cac699787884fb993ced8d7dc47b7c522c7bc734`
SHA256	`539dc26a14b6277e87348594ab7d6e932d16aabb18612d77f29fe421a9f1d46a`
SHA3	`4f72877413d13a67b52b292a8524e2c43a15253c26aaf6b5d0166a65bc615cff`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.0.0.0
ProductVersion	1.0.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
Comments
CompanyName	Whatify
FileDescription	CrackedLunarAccountTool
FileVersion (#2)	1.0.0.0
InternalName	CrackedLunarAccountTool.exe
LegalCopyright	Copyright © Whatify 2024
LegalTrademarks	Whatify
OriginalFilename	CrackedLunarAccountTool.exe
ProductName	CrackedLunarAccountTool
ProductVersion (#2)	1.0.0.0
Assembly Version	1.0.0.0

Resource LangID	UNKNOWN

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2025-Oct-21 04:49:46
Version	`0.0`
SizeofData	`168`
AddressOfRawData	`0xd19e0`
PointerToRawData	`0xcfbe0`
Referenced File	C:\Users\Soumalya\Downloads\ABDM\Compressed\CrackedLunarAccountTool-release\src\CrackedLunarAccountTool\obj\Release\CrackedLunarAccountTool.pdb

TLS Callbacks

Load Configuration

RICH Header

86871eb716c12569ba777894274cfd28

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rsrc

.reloc

Imports

Delayed Imports

1

2

3

4

5

6

7

8

32512

1 (#2)

1 (#3)

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

TLS Callbacks

Load Configuration

RICH Header

Errors