Manalyze report for 925c2dc1f3fc32a3ccbe4ed4f69061539d3939a4d7fb8ee127ca704be3df2194

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
Compilation Date	2025-Jul-20 19:26:38
Detected languages	English - United States
Debug artifacts	C:\Users\tamar\source\repos\ConsoleApplication1\x64\Release\ConsoleApplication1.pdb

Plugin Output

Suspicious	The PE is possibly packed.	`Unusual section name found: .packed`
Suspicious	No VirusTotal score.	`This file has never been scanned on VirusTotal.`

Hashes

MD5	`55b7dfa1c6908b45dcd84be1552fede2`
SHA1	`8dc20bd47d29aafb8258da38d9c8ff0fea36dd0b`
SHA256	`925c2dc1f3fc32a3ccbe4ed4f69061539d3939a4d7fb8ee127ca704be3df2194`
SHA3	`2d29d0caef997d06cc7e34f23138e27b506bcec4b982c59bfbf511dbb778bc54`
SSDeep	`1536:I8aNQPnYr2KL7a+TCk2AC76br1IqHTNKrNs3K1E:IHNJa+TpTCubraShK6j`
Imports Hash	`9e75fdc833976bd16845b870f5e3f372`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0xf8`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`7`
TimeDateStamp	2025-Jul-20 19:26:38
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0x2600`
SizeOfInitializedData	`0x2800`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00000000000029B0 (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x15000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`ef01a600eb78e9ab642a082efd0621c0`
SHA1	`31598a2e692ef4d58bb8f95a1cc4fe6356800987`
SHA256	`067c28fe3ab007d458473082078736a6e69d252a75e39dead4248149b2d20a4e`
SHA3	`50d6cfae2c4c1eca959af64db679fa6229d9f0b5585d2d0b3bdf743466298296`
VirtualSize	`0x259c`
VirtualAddress	`0x1000`
SizeOfRawData	`0x2600`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.34847`

.rdata

MD5	`5c0bc8bafc0ce8aa48df960fdc419c0c`
SHA1	`b0db75a1a86e8ea95deec670e594356c7003a85d`
SHA256	`28320381c7b2ab76f79b679a73d2fb8e414e6bc9954c607fa5d0c514fb3883d6`
SHA3	`e677fc4421aced4239eeb048653c9e57383ef92be9a9fda31e6a2fe816263cb1`
VirtualSize	`0x1614`
VirtualAddress	`0x4000`
SizeOfRawData	`0x1800`
PointerToRawData	`0x2a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.26259`

.data

MD5	`85c2aebd011c5c1b37c1009def59c2b6`
SHA1	`e6f88330c0bc7698e3f5d77202242a6e10f6e321`
SHA256	`ab4f194dcbbaf38d8dca700fa10eee22d80c5463d8256b36eb72ed5f7126ba69`
SHA3	`a5818bd143f172ebe95ef85b8e270e51e0d1ae2330fd892938463b36527155ea`
VirtualSize	`0x680`
VirtualAddress	`0x6000`
SizeOfRawData	`0x200`
PointerToRawData	`0x4200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0.53249`

.pdata

MD5	`c5db073000b27aeb9a07a05deed639ca`
SHA1	`77237363db57f32adfaebaa83c0194803b31ca17`
SHA256	`be7b24501e47160d03676dd7483fc4b5b568e267e7d6b430f4c40eeeb0bb3f85`
SHA3	`6cfc38da724df7a4dcd19bb8f8d092f8ef6dbdad1ffff6563e141e77ef1b4004`
VirtualSize	`0x2dc`
VirtualAddress	`0x7000`
SizeOfRawData	`0x400`
PointerToRawData	`0x4400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.0706`

.rsrc

MD5	`004d0e678e525ffdfdb49f756c3148c6`
SHA1	`1118e9c2f4604b941d1c0463afa525395d86a754`
SHA256	`e42f4c332ad3da929ebeb2e30afff6fdb3dc348f16b47a31a7ee08b7e091bc48`
SHA3	`9e257ba83c0cde061588f85f85b71c5cee609ca3eceb7cab57495dba54837eb5`
VirtualSize	`0x1e0`
VirtualAddress	`0x8000`
SizeOfRawData	`0x200`
PointerToRawData	`0x4800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.69612`

.reloc

MD5	`e28c1cb5840496c3ced3683999136084`
SHA1	`7132d59355e81e8ac8ba7054d83e8bc35f469c67`
SHA256	`304578eb2f3bff7fc232e0017f7e9dd098adc2c330aa1a5032690ba9350acec1`
SHA3	`a0b2b512aa535f7867d0af49c3cbf44a91b0253c9b0d0d1b807fb67e2b38e1f7`
VirtualSize	`0x30`
VirtualAddress	`0x9000`
SizeOfRawData	`0x200`
PointerToRawData	`0x4a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.719204`

.packed

MD5	`7593f833d5397278a8dc4d04fa743468`
SHA1	`4a8368de45adf5a00625f11978679cb3bc8d2de2`
SHA256	`1cdf7437f766738d81a2fec579198b1af72d6e3aadb796ab883bde36c241da5a`
SHA3	`c8d88fb1b8914b106b55c723444d93575b371ea7edbc58d70b6727a92c11b134`
VirtualSize	`0xa64b`
VirtualAddress	`0xa000`
SizeOfRawData	`0xa800`
PointerToRawData	`0x4c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`7.99068`

Imports

KERNEL32.dll	`VirtualProtect` `GetCurrentProcess` `GetModuleHandleA` `MultiByteToWideChar` `FlushInstructionCache` `RtlLookupFunctionEntry` `RtlVirtualUnwind` `UnhandledExceptionFilter` `SetUnhandledExceptionFilter` `TerminateProcess` `IsProcessorFeaturePresent` `QueryPerformanceCounter` `GetModuleHandleW` `IsDebuggerPresent` `InitializeSListHead` `GetSystemTimeAsFileTime` `GetCurrentThreadId` `GetCurrentProcessId` `RtlCaptureContext`
VCRUNTIME140.dll	`__C_specific_handler` `strrchr` `__current_exception` `__current_exception_context` `memset` `memcpy`
api-ms-win-crt-stdio-l1-1-0.dll	`_set_fmode` `__acrt_iob_func` `__stdio_common_vfprintf` `__p__commode`
api-ms-win-crt-string-l1-1-0.dll	`strncmp` `_wcsicmp` `_strdup`
api-ms-win-crt-convert-l1-1-0.dll	`strtoul`
api-ms-win-crt-runtime-l1-1-0.dll	`_c_exit` `_initialize_onexit_table` `_cexit` `_crt_atexit` `terminate` `_seh_filter_exe` `_set_app_type` `__p___argv` `_register_thread_local_exe_atexit_callback` `exit` `__p___argc` `_register_onexit_function` `_initterm_e` `_initterm` `_get_initial_narrow_environment` `_initialize_narrow_environment` `_configure_narrow_argv` `_exit`
api-ms-win-crt-math-l1-1-0.dll	`__setusermatherr`
api-ms-win-crt-locale-l1-1-0.dll	`_configthreadlocale`
api-ms-win-crt-heap-l1-1-0.dll	`_set_new_mode`

Delayed Imports

1

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x17d`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.91161`
MD5	`1e4a89b11eae0fcf8bb5fdd5ec3b6f61`
SHA1	`4260284ce14278c397aaf6f389c1609b0ab0ce51`
SHA256	`4bb79dcea0a901f7d9eac5aa05728ae92acb42e0cb22e5dd14134f4421a3d8df`
SHA3	`4bb9e8b5a714cae82782f3831cc2d45f4bf4a50a755fe584d2d1893129d68353`

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2025-Jul-20 19:26:38
Version	`0.0`
SizeofData	`108`
AddressOfRawData	`0x47e4`
PointerToRawData	`0x31e4`
Referenced File	C:\Users\tamar\source\repos\ConsoleApplication1\x64\Release\ConsoleApplication1.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2025-Jul-20 19:26:38
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0x4850`
PointerToRawData	`0x3250`

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2025-Jul-20 19:26:38
Version	`0.0`
SizeofData	`644`
AddressOfRawData	`0x4864`
PointerToRawData	`0x3264`

IMAGE_DEBUG_TYPE_ILTCG

Characteristics	`0`
TimeDateStamp	2025-Jul-20 19:26:38
Version	`0.0`
SizeofData	`0`
AddressOfRawData	`0`
PointerToRawData	`0`

TLS Callbacks

Load Configuration

Size	`0x140`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x140006000`

RICH Header

XOR Key	`0xc3350375`
Unmarked objects	`0`
Imports (VS2008 SP1 build 30729)	`14`
Imports (34321)	`2`
ASM objects (34321)	`3`
C objects (34321)	`10`
C++ objects (34321)	`19`
Imports (30795)	`3`
Total imports	`59`
C objects (LTCG) (34810)	`1`
Resource objects (34810)	`1`
Linker (34810)	`1`

Errors

Leave a comment

No comments yet.