×
This file seems to be a .NET executable .
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!
Architecture
IMAGE_FILE_MACHINE_I386
Subsystem
IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date
2058-Jan-29 12:56:54
Debug artifacts
MyRustServer.pdb
Comments
MyRustServer
CompanyName
LosGranada
FileDescription
MyRustServer
FileVersion
3.0.1
InternalName
MyRustServer.exe
LegalCopyright
Copyright © 2022 LosGranada
LegalTrademarks
OriginalFilename
MyRustServer.exe
ProductName
MyRustServer
ProductVersion
3.0.1
Assembly Version
3.0.1.0
Info
Matching compiler(s):
Microsoft Visual C# v7.0 / Basic .NET
Info
Interesting strings found in the binary:
Contains domain names:
costura.discord.net
discord.net
http://tempuri.org
inkscape.org
tempuri.org
www.inkscape.org
Info
Cryptographic algorithms detected in the binary:
Uses constants related to MD5
Suspicious
Unusual section name found: .sdata
Suspicious
VirusTotal score: 1/70 (Scanned on 2022-08-05 22:51:45)
APEX:
Malicious
MD5
8e7d2a812a7fd41a56d228ca2041eccf
SHA1
567c7afa13c95750fb0cdf4d34a7e4395d96fc79
SHA256
e6f98f8caa3867f851dd3eaca7faa965abc6af95524d810e959656b8ac01a42c
SHA3
36dca0ae0eb7380ae2f3e22bc71d0b11ea084f5ad8ed72bad97c5bc22f1f6ecb
SSDeep
98304:GT4eqmt+VCMrUa5o/tfvpkoWldR2LRnKltWTHAleyNeEEjdGSNwMWccA3uqFIxU:GT46t+VCMrUa5st3pkqtKo6ZolOuq2H
Imports Hash
f34d5f2d4577ed6d9ceec516c1f5a744
e_magic
MZ
e_cblp
0x90
e_cp
0x3
e_crlc
0
e_cparhdr
0x4
e_minalloc
0
e_maxalloc
0xffff
e_ss
0
e_sp
0xb8
e_csum
0
e_ip
0
e_cs
0
e_ovno
0
e_oemid
0
e_oeminfo
0
e_lfanew
0x80
Signature
PE
Machine
IMAGE_FILE_MACHINE_I386
NumberofSections
4
TimeDateStamp
2058-Jan-29 12:56:54
PointerToSymbolTable
0
NumberOfSymbols
0
SizeOfOptionalHeader
0xe0
Characteristics
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
Magic
PE32
LinkerVersion
6.0
SizeOfCode
0x5b2800
SizeOfInitializedData
0xca00
SizeOfUninitializedData
0
AddressOfEntryPoint
0x005B469E (Section: .text)
BaseOfCode
0x2000
BaseOfData
0x5b6000
ImageBase
0x400000
SectionAlignment
0x2000
FileAlignment
0x200
OperatingSystemVersion
4.0
ImageVersion
0.0
SubsystemVersion
4.0
Win32VersionValue
0
SizeOfImage
0x5c8000
SizeOfHeaders
0x400
Checksum
0
Subsystem
IMAGE_SUBSYSTEM_WINDOWS_GUI
DllCharacteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve
0x100000
SizeofStackCommit
0x1000
SizeofHeapReserve
0x100000
SizeofHeapCommit
0x1000
LoaderFlags
0
NumberOfRvaAndSizes
15
MD5
eeaad0cfebc67c09869a5045832f0b17
SHA1
74cb424d9ffebb29fdde80338c731f008cc4a2a1
SHA256
f5a64bc34e401dae77499f21094a8fc372d3e222ff6702094af162f3b363c03c
SHA3
c9c7c97b8547b4fbcf34522ee3340515f02d05c5b47e8a53f62294dc8d4911e2
VirtualSize
0x5b26a4
VirtualAddress
0x2000
SizeOfRawData
0x5b2800
PointerToRawData
0x400
PointerToRelocations
0
PointerToLineNumbers
0
NumberOfLineNumbers
0
NumberOfRelocations
0
Characteristics
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy
7.83935
MD5
beb7b2d268fead8fa260fc336a0d4281
SHA1
d391152c192d7cb3472215ec31f5b2bc71cecbc9
SHA256
af9adec68982029b081d1be72f73c2b90163464ada176296e99b7ce94b82b683
SHA3
e58ab4c42aa92f38b825b7c74a8fd069910652e85636b7347f8acfffc28f7d67
VirtualSize
0x176
VirtualAddress
0x5b6000
SizeOfRawData
0x200
PointerToRawData
0x5b2c00
PointerToRelocations
0
PointerToLineNumbers
0
NumberOfLineNumbers
0
NumberOfRelocations
0
Characteristics
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy
6.10731
MD5
a05dc433c29f05cc81efa7c192bd6324
SHA1
22494db127962988f24585312caa1163974a3607
SHA256
a49cfd18ffe9997deadc865c2cce69d3add6b5ce1c0704f437e9600e1b62e50f
SHA3
720ce24210356ed6b049b7998706681dc2d138683c1d330b5392772441c9b879
VirtualSize
0xc430
VirtualAddress
0x5b8000
SizeOfRawData
0xc600
PointerToRawData
0x5b2e00
PointerToRelocations
0
PointerToLineNumbers
0
NumberOfLineNumbers
0
NumberOfRelocations
0
Characteristics
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy
7.90459
MD5
de6a0a5d2339ee2f75bfbd7949334e98
SHA1
7d4c4f7eb851ad35e50353eb2039ed352f422038
SHA256
59e70d0d69de9d6ec582133f7e8bd5b0a195d5a8de0f63fc0d8b04759a157f35
SHA3
6bbd789393411d5c20d118a97cf90038a33627e9f5791dfc7687fb3f4ddb10f1
VirtualSize
0xc
VirtualAddress
0x5c6000
SizeOfRawData
0x200
PointerToRawData
0x5bf400
PointerToRelocations
0
PointerToLineNumbers
0
NumberOfLineNumbers
0
NumberOfRelocations
0
Characteristics
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Entropy
0.10191
Type
RT_ICON
Language
UNKNOWN
Codepage
UNKNOWN
Size
0xb119
TimeDateStamp
1980-Jan-01 00:00:00
Entropy
7.98839
Detected Filetype
PNG graphic file
MD5
08ff78dc77fef18b5e139ad8e25de22d
SHA1
dc166a8b0fa46073c0dfcf82d6abc89323db38b5
SHA256
098a3b9e00600df2542aa2d955be9561e73d439643d2b6f20539bedd71430ef9
SHA3
4387d3b6c6f2983a933d283cdbfa15055cfeee0fc9a5e57fa6f7918a52334267
Type
RT_GROUP_ICON
Language
UNKNOWN
Codepage
UNKNOWN
Size
0x14
TimeDateStamp
1980-Jan-01 00:00:00
Entropy
1.51664
Detected Filetype
Icon file
MD5
376f0f7bab8fc9e88c97970240726a0a
SHA1
801fba4007a74d77b931b660ac3494f134d21016
SHA256
79f55f183ca3ebfa3a428a75a28a4bb42f5e0586f5d7cdc1e39d1ae518f5a261
SHA3
1cf87a482c3f979083b7c4e865acb0da790a47d3821c8899e6456394db8aa36f
Type
RT_VERSION
Language
UNKNOWN
Codepage
UNKNOWN
Size
0x378
TimeDateStamp
1980-Jan-01 00:00:00
Entropy
3.3453
MD5
2b18e2e13918220b95c52a6f43883de9
SHA1
62f8298bbc4f5bc94f50922f519bd2138830376b
SHA256
d39470111de0306feefe70cd4904afa8376e3dc83ef6a7cdbdfcd0fdc6236d84
SHA3
3ad01217f7be7669f4251568def190b1636b267d9adf4882ae5efdb549758cbc
Type
RT_MANIFEST
Language
UNKNOWN
Codepage
UNKNOWN
Size
0xe58
TimeDateStamp
1980-Jan-01 00:00:00
Entropy
5.08335
MD5
127f5ae2a198fdf0ac9c920bab08d382
SHA1
5e02ad56430d69f7cdf42f2f75532fd7bf98c629
SHA256
5e3bb200b8b193f76281dab4d4fc81691f4f1ee567520648d06a9b2f247aa46e
SHA3
a1bf8d373f123e105b5163b064dc8fea591c518d5aa681a9acd44acbd0be33df
Signature
0xfeef04bd
StructVersion
0x10000
FileVersion
3.0.1.0
ProductVersion
3.0.1.0
FileFlags
(EMPTY)
FileOs
VOS_DOS_WINDOWS32
VOS_NT_WINDOWS32
VOS__WINDOWS32
FileType
VFT_APP
Language
UNKNOWN
Comments
MyRustServer
CompanyName
LosGranada
FileDescription
MyRustServer
FileVersion (#2)
3.0.1
InternalName
MyRustServer.exe
LegalCopyright
Copyright © 2022 LosGranada
LegalTrademarks
OriginalFilename
MyRustServer.exe
ProductName
MyRustServer
ProductVersion (#2)
3.0.1
Assembly Version
3.0.1.0
Characteristics
0
TimeDateStamp
1970-Jan-01 00:00:00
Version
0.0
SizeofData
41
AddressOfRawData
0x5b4621
PointerToRawData
0x5b2a21
Referenced File
MyRustServer.pdb