Manalyze report for 8b5b0bb7256f24acd9aea856dd594d11c3b603f982d3de2ce860d0dbfae872af

This file seems to be a .NET executable.
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2020-Nov-25 09:50:45
Debug artifacts	F:\d_acer_backup\ixiConnect - Version 2.0.500.36\src\obj\Debug\ixiConnect.pdb
Comments
CompanyName	Ixilos-Glanzmann info
FileDescription	ixiConnect
FileVersion	`2.4.0.2`
InternalName	ixiConnect.exe
LegalCopyright	Ixilos -Glanzmann info
LegalTrademarks	ixiConnect
OriginalFilename	ixiConnect.exe
ProductName	ixiConnect
ProductVersion	`2.4.0.2`
Assembly Version	2.4.0.2

Plugin Output

Info	Matching compiler(s):	`.NET executable -> Microsoft`
Suspicious	Strings found in the binary may indicate undesirable behavior:	`Contains references to system / monitoring tools: rundll32.exe` `Contains references to internet browsers: iexplore.exe` `Contains domain names: http://127.0.0.1 http://www.ixilos`
Suspicious	No VirusTotal score.	`This file has never been scanned on VirusTotal.`

Hashes

MD5	`3ff7f1f14edcbe37e72edaf42400eb97`
SHA1	`0db96dd07ae4661ce16a5a97aba9f3190a8dfac3`
SHA256	`8b5b0bb7256f24acd9aea856dd594d11c3b603f982d3de2ce860d0dbfae872af`
SHA3	`7ceadf12b6112cada7442dbcc535706ce80039dcd9f9362ce7a7b63bb6b61a46`
SSDeep	`12288:MaYaSn9ajeX9VGzc/MNURzw5yWUozPG940F:MDnUjubGzcnzeO9TF`
Imports Hash	`f34d5f2d4577ed6d9ceec516c1f5a744`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`3`
TimeDateStamp	2020-Nov-25 09:50:45
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`48.0`
SizeOfCode	`0x4de00`
SizeOfInitializedData	`0x1aa00`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0004FC7A (Section: .text)`
BaseOfCode	`0x2000`
BaseOfData	`0x50000`
ImageBase	`0x400000`
SectionAlignment	`0x2000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x6e000`
SizeOfHeaders	`0x200`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`5487fac7777ee017c3334d64c9cb7dd4`
SHA1	`589eb1f55a81d1788f313aaa220ccd0396a3eb1a`
SHA256	`7d9293f0da86dbcb01d0b8e6a6a3384d6107ce3e9b8fef4dd4dd792e95723d33`
SHA3	`ac9f4c53ce19e256c3c56a4df66486504b381b44a194afd7ba93fc9733598460`
VirtualSize	`0x4dc88`
VirtualAddress	`0x2000`
SizeOfRawData	`0x4de00`
PointerToRawData	`0x200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.09838`

.rsrc

MD5	`b13055a395abeda74484595387483938`
SHA1	`070eaadf184ee1a9b86abb5255d7104c749534d6`
SHA256	`ce09d9855f37c1064acb713d7b80acb45f8547da6fbe895b8de5c8aba64e614c`
SHA3	`a2b1967789a3d3179e778d4d445e70c2c8a59037e72b1ea44b4af4aa703eb26a`
VirtualSize	`0x1a6dc`
VirtualAddress	`0x50000`
SizeOfRawData	`0x1a800`
PointerToRawData	`0x4e000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`7.55626`

.reloc

MD5	`433142b07e241b991c7654ce6a15a2aa`
SHA1	`1d72c5358526af577f85cd2c71b933c430fbbc75`
SHA256	`1b3d6928e4b33761002fe340f65882af2f088b1040baf964c8e492bab8dd2e28`
SHA3	`b774db83c6b1e7e4f6dee389bd52747484192811127256fe19cd7ba4bee4de45`
VirtualSize	`0xc`
VirtualAddress	`0x6c000`
SizeOfRawData	`0x200`
PointerToRawData	`0x68800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.10191`

Imports

mscoree.dll	`_CorExeMain`

Delayed Imports

1

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x2062`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.88105`
Detected Filetype	PNG graphic file
MD5	`7136a73db22502fa18583699ae72aec9`
SHA1	`43ee60a30a5338568072eaaf826ffdbcb5004c79`
SHA256	`c0d398f3e1134d1e3a811351336d0088e0287912b3cce7574acd35525fa71b63`
SHA3	`36a753a5b5ebfc4f941982cf4c72a12e7d9c38d6569a898a81412236409d0cf0`

2

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x3af0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.86439`
Detected Filetype	PNG graphic file
MD5	`2712a33ba83212b34a872e350ffca55e`
SHA1	`8445caa1bea3933b1a0f14d900ba1ba7c609e67e`
SHA256	`0a3453048374ee23f3ce8c248b8f69a6812c1eb1f85723bb2aa5766ecb15dce4`
SHA3	`64ea9db5146c360fe99f709c489124ba23508f805ba9ec7f8668a78e2f0aa072`

3

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xd768`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.98304`
Detected Filetype	PNG graphic file
MD5	`ee6603ab76307dff406e084ea587e52a`
SHA1	`08577e360425236173e0f1a9a2fd934cb9b605ae`
SHA256	`9abe241a9935907be1b25204619e20660c02f8fd2bcc2869cd180b3a0441b0ca`
SHA3	`99bc463759afef219bc02ad7903ee4a62ded91eb7e1abab4a499b71a29abadd6`

4

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.52897`
MD5	`0495a95d2c4af6f5ac847d3a2ee5e5ac`
SHA1	`f6e4504fd1e68f51a2a36be8d0fb1b558a35c1a5`
SHA256	`f4f30591d0f297d6215e8fb01caf83375fec075cacc4244f1f7c95e4e8301408`
SHA3	`da3fcce377f66f7ed04d93e3ee4ed14991e214e5d031e84db35b1d5dd145f404`

5

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x2e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.8967`
MD5	`4d66ccabd86f9535759f9ddf54decb48`
SHA1	`35991463d4f86cd2a1bf13e410bd368fc0b61ad4`
SHA256	`93196181f340e72b0253d54f80ac841b97f050b1359f8fa5b835c2d374127f6c`
SHA3	`0e2a37c9c1931833c2acba6b3520338d1befedc4e79feffd4847c9b3208a1ea4`

6

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x668`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.41312`
MD5	`0266a279d945fd589afb31878ccdf06e`
SHA1	`d82a909d3cafacfc30ec1a42de2c2187b12980fa`
SHA256	`494ff82230119c844be88095402647deda02be3a185daae68e91a0d4ff61b3e1`
SHA3	`fbdea9ddafa4abce3e57ad5588cf91bd60ff5c4b520c4254e3aef952d1f0ff85`

7

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.75357`
MD5	`ce9648afed2d8e5a5488cd9b6ea3a5ad`
SHA1	`27535bad74a6496cbedbd37a86d02ae01b253f62`
SHA256	`0628d817be2c4e090b1e7bafb5423715775806b88b9ff272bd0ae369a12fae60`
SHA3	`17dc5f7f3c5f7552785c939eb1b0b74c4dc5e576fe44100001e9a5d4c689a53f`

8

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.97364`
MD5	`82fc248ff0f1a320cc741e6fde207188`
SHA1	`4b6e56413d562dac4ed98f356a7bf7508724dd1c`
SHA256	`5539dff0eef92870544523370e0fbe14726c6d0fa62a1beb200e48714056f90d`
SHA3	`c3c1d2a9428e5dc5828db4553b816ce96f765eea0f011461c8f99e10a9e17448`

9

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.58415`
MD5	`8587be03d1e652d70a10843f5663f1fa`
SHA1	`82cf07c872e50bcceb07d201066110b432b74b7e`
SHA256	`8bcdd58bc512735588abe56fd2db9d1f3f0dfc03c0d8a816c3fdbd0fb6a5faeb`
SHA3	`29d15be9e280defb7fe5dc7394705d3b25d84d9923fec7bf10b8a4590c99b07c`

10

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.24784`
MD5	`64a51b33eca5bb66b852cab8d803ec9a`
SHA1	`33b8866b1331771b458e99b85cf7d632b45537b9`
SHA256	`29aed2f4951cf65f00cf22cf88157df2d9a6b29b9f7383b73ace3443cce21edf`
SHA3	`9ffa59f6d1d241d8d76ea02cda861be110c30d33972da934426ac6587a030c9c`

11

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.04258`
MD5	`cce54a143b7c6c350be815767734f8e4`
SHA1	`373e81289924ad1cbd3e14fbc337d29e670e054d`
SHA256	`26a7a42dd3f05b54828348df7ada0ef4a7e4bd24784c9a1acb84746ace7266a4`
SHA3	`022894f694b71f651c3eff2a0cfac39044f075d946f4bc75d8d2bc204178f8bf`

12

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.95458`
MD5	`b9788a4aaa35ad3b20e7dfdcb1eeadac`
SHA1	`cff3b8bb2120ed62b2e29fb6ae044643a347fe58`
SHA256	`5b59a934364e3c461482c8dc4877bdd425d525d67b13d8799faa1e661347252b`
SHA3	`3d3ce9e034f47be256a21153b97e87857877137e3a09b5abf8074d3650c4bde7`

32512

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xae`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.90555`
Detected Filetype	Icon file
MD5	`16da4c7ad8a278187a9625ba1ce439f0`
SHA1	`84246abd36ea627daecf94e06e3f27fda25a1bec`
SHA256	`7583f4da699484d8b95acf31cff6a82bda6cdd7b34339dcb59967f98a30a7d43`
SHA3	`7797eaf253878d0ba24904134e661b932281ff7e715a2d2d209b95dd3941e2bd`

1 (#2)

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x374`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.28021`
MD5	`b31ddb9e2745904ca939b75aa7a81e72`
SHA1	`39391b91df97487b8c4fc9ec1ac3dd9db1d71dbd`
SHA256	`54b25b4b9211ce0d1152737008d5025e70c4c0cebe1c9b9fd2654b546e1a782f`
SHA3	`811bf6c69958f3ef13cba3aae58079759a7c817b54646c7b1bf25200ab481b97`

1 (#3)

Type	`RT_MANIFEST`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xace`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.93188`
MD5	`3203e229710c5c1f17eae4488abfcf9f`
SHA1	`2a5cf1af7a94faab358bf131af9abedb29431fef`
SHA256	`899f2c4f1fbfcc6af050c6aed100f6e097592a27215c62ac227251242f28b3be`
SHA3	`e26f6d1af17d872af77e98812e58d3dcd78ff6eb05a2ea5991db65671a1863de`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	2.4.0.2
ProductVersion	2.4.0.2
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
Comments
CompanyName	Ixilos-Glanzmann info
FileDescription	ixiConnect
FileVersion (#2)	2.4.0.2
InternalName	ixiConnect.exe
LegalCopyright	Ixilos -Glanzmann info
LegalTrademarks	ixiConnect
OriginalFilename	ixiConnect.exe
ProductName	ixiConnect
ProductVersion (#2)	2.4.0.2
Assembly Version	2.4.0.2

Resource LangID	UNKNOWN

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2020-Nov-25 09:50:45
Version	`0.0`
SizeofData	`284`
AddressOfRawData	`0x4fb0c`
PointerToRawData	`0x4dd0c`
Referenced File	F:\d_acer_backup\ixiConnect - Version 2.0.500.36\src\obj\Debug\ixiConnect.pdb

TLS Callbacks

Load Configuration

RICH Header

Errors

Leave a comment

No comments yet.