Manalyze report for 8e7d2a812a7fd41a56d228ca2041eccf

This file seems to be a .NET executable.
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2058-Jan-29 12:56:54
Debug artifacts	MyRustServer.pdb
Comments	MyRustServer
CompanyName	LosGranada
FileDescription	MyRustServer
FileVersion	`3.0.1`
InternalName	MyRustServer.exe
LegalCopyright	Copyright © 2022 LosGranada
LegalTrademarks
OriginalFilename	MyRustServer.exe
ProductName	MyRustServer
ProductVersion	`3.0.1`
Assembly Version	3.0.1.0

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C# v7.0 / Basic .NET`
Info	Interesting strings found in the binary:	`Contains domain names: costura.discord.net discord.net http://tempuri.org inkscape.org tempuri.org www.inkscape.org`
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to MD5`
Suspicious		`Unusual section name found: .sdata`
Suspicious	VirusTotal score: 1/70 (Scanned on 2022-08-05 22:51:45)	`APEX: Malicious`

Hashes

MD5	`8e7d2a812a7fd41a56d228ca2041eccf`
SHA1	`567c7afa13c95750fb0cdf4d34a7e4395d96fc79`
SHA256	`e6f98f8caa3867f851dd3eaca7faa965abc6af95524d810e959656b8ac01a42c`
SHA3	`36dca0ae0eb7380ae2f3e22bc71d0b11ea084f5ad8ed72bad97c5bc22f1f6ecb`
SSDeep	`98304:GT4eqmt+VCMrUa5o/tfvpkoWldR2LRnKltWTHAleyNeEEjdGSNwMWccA3uqFIxU:GT46t+VCMrUa5st3pkqtKo6ZolOuq2H`
Imports Hash	`f34d5f2d4577ed6d9ceec516c1f5a744`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`4`
TimeDateStamp	2058-Jan-29 12:56:54
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`6.0`
SizeOfCode	`0x5b2800`
SizeOfInitializedData	`0xca00`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x005B469E (Section: .text)`
BaseOfCode	`0x2000`
BaseOfData	`0x5b6000`
ImageBase	`0x400000`
SectionAlignment	`0x2000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x5c8000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`15`

.text

MD5	`eeaad0cfebc67c09869a5045832f0b17`
SHA1	`74cb424d9ffebb29fdde80338c731f008cc4a2a1`
SHA256	`f5a64bc34e401dae77499f21094a8fc372d3e222ff6702094af162f3b363c03c`
SHA3	`c9c7c97b8547b4fbcf34522ee3340515f02d05c5b47e8a53f62294dc8d4911e2`
VirtualSize	`0x5b26a4`
VirtualAddress	`0x2000`
SizeOfRawData	`0x5b2800`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`7.83935`

.sdata

MD5	`beb7b2d268fead8fa260fc336a0d4281`
SHA1	`d391152c192d7cb3472215ec31f5b2bc71cecbc9`
SHA256	`af9adec68982029b081d1be72f73c2b90163464ada176296e99b7ce94b82b683`
SHA3	`e58ab4c42aa92f38b825b7c74a8fd069910652e85636b7347f8acfffc28f7d67`
VirtualSize	`0x176`
VirtualAddress	`0x5b6000`
SizeOfRawData	`0x200`
PointerToRawData	`0x5b2c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`6.10731`

.rsrc

MD5	`a05dc433c29f05cc81efa7c192bd6324`
SHA1	`22494db127962988f24585312caa1163974a3607`
SHA256	`a49cfd18ffe9997deadc865c2cce69d3add6b5ce1c0704f437e9600e1b62e50f`
SHA3	`720ce24210356ed6b049b7998706681dc2d138683c1d330b5392772441c9b879`
VirtualSize	`0xc430`
VirtualAddress	`0x5b8000`
SizeOfRawData	`0xc600`
PointerToRawData	`0x5b2e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`7.90459`

.reloc

MD5	`de6a0a5d2339ee2f75bfbd7949334e98`
SHA1	`7d4c4f7eb851ad35e50353eb2039ed352f422038`
SHA256	`59e70d0d69de9d6ec582133f7e8bd5b0a195d5a8de0f63fc0d8b04759a157f35`
SHA3	`6bbd789393411d5c20d118a97cf90038a33627e9f5791dfc7687fb3f4ddb10f1`
VirtualSize	`0xc`
VirtualAddress	`0x5c6000`
SizeOfRawData	`0x200`
PointerToRawData	`0x5bf400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.10191`

Imports

mscoree.dll	`_CorExeMain`

Delayed Imports

1

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xb119`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.98839`
Detected Filetype	PNG graphic file
MD5	`08ff78dc77fef18b5e139ad8e25de22d`
SHA1	`dc166a8b0fa46073c0dfcf82d6abc89323db38b5`
SHA256	`098a3b9e00600df2542aa2d955be9561e73d439643d2b6f20539bedd71430ef9`
SHA3	`4387d3b6c6f2983a933d283cdbfa15055cfeee0fc9a5e57fa6f7918a52334267`

32512

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.51664`
Detected Filetype	Icon file
MD5	`376f0f7bab8fc9e88c97970240726a0a`
SHA1	`801fba4007a74d77b931b660ac3494f134d21016`
SHA256	`79f55f183ca3ebfa3a428a75a28a4bb42f5e0586f5d7cdc1e39d1ae518f5a261`
SHA3	`1cf87a482c3f979083b7c4e865acb0da790a47d3821c8899e6456394db8aa36f`

1 (#2)

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x378`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.3453`
MD5	`2b18e2e13918220b95c52a6f43883de9`
SHA1	`62f8298bbc4f5bc94f50922f519bd2138830376b`
SHA256	`d39470111de0306feefe70cd4904afa8376e3dc83ef6a7cdbdfcd0fdc6236d84`
SHA3	`3ad01217f7be7669f4251568def190b1636b267d9adf4882ae5efdb549758cbc`

1 (#3)

Type	`RT_MANIFEST`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xe58`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.08335`
MD5	`127f5ae2a198fdf0ac9c920bab08d382`
SHA1	`5e02ad56430d69f7cdf42f2f75532fd7bf98c629`
SHA256	`5e3bb200b8b193f76281dab4d4fc81691f4f1ee567520648d06a9b2f247aa46e`
SHA3	`a1bf8d373f123e105b5163b064dc8fea591c518d5aa681a9acd44acbd0be33df`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	3.0.1.0
ProductVersion	3.0.1.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
Comments	MyRustServer
CompanyName	LosGranada
FileDescription	MyRustServer
FileVersion (#2)	3.0.1
InternalName	MyRustServer.exe
LegalCopyright	Copyright © 2022 LosGranada
LegalTrademarks
OriginalFilename	MyRustServer.exe
ProductName	MyRustServer
ProductVersion (#2)	3.0.1
Assembly Version	3.0.1.0

Resource LangID	UNKNOWN

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	1970-Jan-01 00:00:00
Version	`0.0`
SizeofData	`41`
AddressOfRawData	`0x5b4621`
PointerToRawData	`0x5b2a21`
Referenced File	MyRustServer.pdb

TLS Callbacks

Load Configuration

RICH Header

8e7d2a812a7fd41a56d228ca2041eccf

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.sdata

.rsrc

.reloc

Imports

Delayed Imports

1

32512

1 (#2)

1 (#3)

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

TLS Callbacks

Load Configuration

RICH Header

Errors