Manalyze report for 95ee4b9f039d8491f6c3b537a57a8a16349bdf63cb1d0d69e291b0fde580e4cd

This file seems to be a .NET executable.
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2024-Oct-07 15:31:38
Debug artifacts	C:\Users\vtryh\RiderProjects\ConsoleApplication2\ConsoleApplication2\obj\Release\ConsoleApplication2.pdb
Comments
CompanyName
FileDescription	ConsoleApplication2
FileVersion	`1.0.0.0`
InternalName	ConsoleApplication2.exe
LegalCopyright	Copyright Â© 2024
LegalTrademarks
OriginalFilename	ConsoleApplication2.exe
ProductName	ConsoleApplication2
ProductVersion	`1.0.0.0`
Assembly Version	1.0.0.0

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C# v7.0 / Basic .NET` `.NET executable -> Microsoft`
Malicious	VirusTotal score: 3/72 (Scanned on 2026-04-17 19:13:26)	`K7AntiVirus: Trojan ( 005b60d51 )` `K7GW: Trojan ( 005b60d51 )` `MaxSecure: Trojan.Malware.300983.susgen`

Hashes

MD5	`1abf8d434d51f11a79e1b4ae689a2bfd`
SHA1	`70e061ed9387f807bdc5e7b7db3b0d6da6a7348a`
SHA256	`95ee4b9f039d8491f6c3b537a57a8a16349bdf63cb1d0d69e291b0fde580e4cd`
SHA3	`92acccb77e1f1c947b3feb1561aaed6bbd01b261736b1812d63e98ce29cb2a2d`
SSDeep	`96:VuC1n2uo8ciTtath/Z6ejVAkJUpMwI3WNtW1jYcFKNVcz1W4oKYMsLYUa:f1n26csath/VAkJJL8stYcFwVc03KY`
Imports Hash	`f34d5f2d4577ed6d9ceec516c1f5a744`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`3`
TimeDateStamp	2024-Oct-07 15:31:38
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`48.0`
SizeOfCode	`0xc00`
SizeOfInitializedData	`0x1400`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00002AD6 (Section: .text)`
BaseOfCode	`0x2000`
BaseOfData	`0x4000`
ImageBase	`0x400000`
SectionAlignment	`0x2000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x8000`
SizeOfHeaders	`0x200`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`4c95b8db13a30dc8989663da69b2c632`
SHA1	`d4c4102bbcb21752a476f39df535a5974babf77c`
SHA256	`9d4f233e91e3d0ded6a8755d334286a00be21571992f0c57883c478ad2f4d59a`
SHA3	`a772fe3fb33c752a53ea8c863519ab2424b1b28d70189a00da9900eb7777867e`
VirtualSize	`0xadc`
VirtualAddress	`0x2000`
SizeOfRawData	`0xc00`
PointerToRawData	`0x200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`4.8161`

.rsrc

MD5	`6d7ec34c4653c42533508ebad8f6c192`
SHA1	`3f96f74f9ac5fb811af357bd4b7dfb6f2f5c5661`
SHA256	`294fcc27f60850ff336da0121679e371cdb76f4deb630a961ca98aef58cc20f4`
SHA3	`dd29715c89d640ee9541d3ff17b5918fa263cef38d9c7573d832e301970c5e16`
VirtualSize	`0x1164`
VirtualAddress	`0x4000`
SizeOfRawData	`0x1200`
PointerToRawData	`0xe00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.96519`

.reloc

MD5	`2b9cd40520430d04420d188e78b2359f`
SHA1	`91cd7895d4be498193df7ec3927f9e2382182bde`
SHA256	`5cc75a9237db9be78d624498ffd71180ac2a995fd06f7b48bfd802a1c6831505`
SHA3	`60aa18292979500b46e1efeadd1b2e61712b7b659877810d40337ac57217e1b7`
VirtualSize	`0xc`
VirtualAddress	`0x6000`
SizeOfRawData	`0x200`
PointerToRawData	`0x2000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.0815394`

Imports

mscoree.dll	`_CorExeMain`

Delayed Imports

1

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x36c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.27138`
MD5	`80470242a97d114d4b3f4f23f6eff650`
SHA1	`902f7c32c9873ecf62f3a5b231ac2e362e667a66`
SHA256	`e0ce35382d75ffdea020b49e57375e64b2cafa3118774026b58f6b0cf3e7131f`
SHA3	`2a6aa4049ae67b5cdce23f4f451ce2aca0b3e03d9ed2d19392f2304de62b7745`

1 (#2)

Type	`RT_MANIFEST`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xd53`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.01752`
MD5	`a99c09dbd4a65da324e2d732f5351786`
SHA1	`164d3ec47c9487bd42d9ec580fb730a61dc156d7`
SHA256	`59c778ad5af1032a264960d8cf35e7b4226e9ab5d1d9cbe91d4f93b347768b88`
SHA3	`5e12a029662dd5cc2e838e5e40d2e0715685e718c429233ccb2e35881abdd4e6`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.0.0.0
ProductVersion	1.0.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
Comments
CompanyName
FileDescription	ConsoleApplication2
FileVersion (#2)	1.0.0.0
InternalName	ConsoleApplication2.exe
LegalCopyright	Copyright Â© 2024
LegalTrademarks
OriginalFilename	ConsoleApplication2.exe
ProductName	ConsoleApplication2
ProductVersion (#2)	1.0.0.0
Assembly Version	1.0.0.0

Resource LangID	UNKNOWN

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2024-Oct-07 15:31:38
Version	`0.0`
SizeofData	`284`
AddressOfRawData	`0x2968`
PointerToRawData	`0xb68`
Referenced File	C:\Users\vtryh\RiderProjects\ConsoleApplication2\ConsoleApplication2\obj\Release\ConsoleApplication2.pdb

TLS Callbacks

Load Configuration

RICH Header

Errors

Leave a comment

No comments yet.