Manalyze report for a1e90cb4fb866af2f068ae98cf2ea22d

This file seems to be a .NET executable.
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
Compilation Date	2059-Aug-18 20:07:59
Debug artifacts	C:\Users\ashwi\OneDrive\Desktop\Movistar Private (@a5hwLn)\lib\Movistar Private.pdb
Comments	Best Private SMS Validator Tool Developed By @a5hwLn
CompanyName	@Numify \| @Team_Pentesters
FileDescription	Movistar Private
FileVersion	`1.0.0.0`
InternalName	Movistar Private.exe
LegalCopyright	Copyright a5hwLn © 2021
LegalTrademarks
OriginalFilename	Movistar Private.exe
ProductName	Movistar Private
ProductVersion	`1.0.0.0`
Assembly Version	1.0.0.0

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C# v7.0 / Basic .NET`
Info	Interesting strings found in the binary:	`Contains domain names: https://movistar.recaudo.epayco.co https://movistar.recaudo.epayco.co/corporativo?tipo_servicio`
Suspicious	No VirusTotal score.	`This file has never been scanned on VirusTotal.`

Hashes

MD5	`a1e90cb4fb866af2f068ae98cf2ea22d`
SHA1	`b0f19a516bf2c5987710669a7c196dbddc773f84`
SHA256	`a17c8b951aec6694a3416b521b3faf098613e2bd112baa77ea3748c496c0eee1`
SHA3	`9d3f1e52954704411e5e231c651ca45cd1e334ab3c8dc727a73b5246c03691a2`
SSDeep	`24576:sqvhHip6+QLXESRFO8JO4/DdtesvkDEdelqO8DyvmGB:9vhHip6+QLXESRFO8JO4/DdtesvkDED`
Imports Hash	`f34d5f2d4577ed6d9ceec516c1f5a744`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`3`
TimeDateStamp	2059-Aug-18 20:07:59
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`48.0`
SizeOfCode	`0xe1a00`
SizeOfInitializedData	`0x42a00`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x000E385E (Section: .text)`
BaseOfCode	`0x2000`
BaseOfData	`0`
ImageBase	`0x400000`
SectionAlignment	`0x2000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x12a000`
SizeOfHeaders	`0x200`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`e5bc332ee503a7f83f89bbc2e4c1ebed`
SHA1	`6fe342fd29ab9cf78ea012dd1f2a55ff038a23f9`
SHA256	`43489c7ec5f61e49fd3c9dd5417c62af45072e3b915015350c3b9393884d33db`
SHA3	`09569342679b5a18ca25db586c7315e50ff4a89e0078beb092600da5368a562c`
VirtualSize	`0xe1864`
VirtualAddress	`0x2000`
SizeOfRawData	`0xe1a00`
PointerToRawData	`0x200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`5.0037`

.rsrc

MD5	`32ceb3c35707c81ffed6ef43d79f73c9`
SHA1	`728cdaa4a1f12afd523add624d9568e24dcb5516`
SHA256	`d3c31c0e2b540c0e87a6e7f9169c329886c932eff45ce96b46b8b72d1e6ad8f0`
SHA3	`a5c53238d6116a83e14a8ff87f182bd8fb0fb80378ece1e91991d93fedb5fc24`
VirtualSize	`0x42764`
VirtualAddress	`0xe4000`
SizeOfRawData	`0x42800`
PointerToRawData	`0xe1c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.84048`

.reloc

MD5	`50b56d3380ec2e5663720bd7888c94eb`
SHA1	`5655e7b44a94805a0a43e897decb302eb1d6bcc8`
SHA256	`fd0916a8ff7a25fd12b54cacecc3f49a8f21045cce5eedb03a26f1a37b179a50`
SHA3	`39961cf37bd8b04b9b7845ce5a78d2323ed845dbebb4512358a3a6efcc2d4737`
VirtualSize	`0xc`
VirtualAddress	`0x128000`
SizeOfRawData	`0x200`
PointerToRawData	`0x124400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.10191`

Imports

mscoree.dll	`_CorExeMain`

Delayed Imports

1

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x42028`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.81302`
MD5	`d1236d061468ad0a7fab8a2d56054051`
SHA1	`8f6ca05fde6250d3bcdad92e0408de66f808e301`
SHA256	`cf04192e7fdac57506600f012786183d16ae218be6ea5b37cfadbfcddcd94c1b`
SHA3	`87957275efffea79bcc1cc4e94c1884af4c6bdfcd4e77db1d3393aaafe72effe`

32512

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.67095`
Detected Filetype	Icon file
MD5	`464cb94db3a2622922a9562865009ae8`
SHA1	`dbe17c767d942f219df59f9eae77b213c15eab70`
SHA256	`8affd1fa69a6c5a5b54e504d72d4e9a0eba9b7d702a445ea1399a5978794719a`
SHA3	`3e0e32110c6c0f3323eeeb5e4a6cbb7a8db52ab14e0f065384fb4eedac4fbcda`

1 (#2)

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x408`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.33901`
MD5	`645951c929e96b5a2e56a0364024bb4a`
SHA1	`0261d7c115f8e90113785f021600c594ac8304c0`
SHA256	`3834757f88c2560fee617e7ae9cfac7960de2196d24e9dfbfc604b7806d363da`
SHA3	`7bec3f1a72c4ff1496347972bc4423441899602c69648d0596914b66c17d7ed8`

1 (#3)

Type	`RT_MANIFEST`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1ea`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.00112`
MD5	`b7db84991f23a680df8e95af8946f9c9`
SHA1	`cac699787884fb993ced8d7dc47b7c522c7bc734`
SHA256	`539dc26a14b6277e87348594ab7d6e932d16aabb18612d77f29fe421a9f1d46a`
SHA3	`4f72877413d13a67b52b292a8524e2c43a15253c26aaf6b5d0166a65bc615cff`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.0.0.0
ProductVersion	1.0.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
Comments	Best Private SMS Validator Tool Developed By @a5hwLn
CompanyName	@Numify \| @Team_Pentesters
FileDescription	Movistar Private
FileVersion (#2)	1.0.0.0
InternalName	Movistar Private.exe
LegalCopyright	Copyright a5hwLn © 2021
LegalTrademarks
OriginalFilename	Movistar Private.exe
ProductName	Movistar Private
ProductVersion (#2)	1.0.0.0
Assembly Version	1.0.0.0

Resource LangID	UNKNOWN

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2059-Aug-18 20:07:59
Version	`0.0`
SizeofData	`108`
AddressOfRawData	`0xe37a4`
PointerToRawData	`0xe19a4`
Referenced File	C:\Users\ashwi\OneDrive\Desktop\Movistar Private (@a5hwLn)\lib\Movistar Private.pdb

UNKNOWN

Characteristics	`0`
TimeDateStamp	1970-Jan-01 00:00:00
Version	`0.0`
SizeofData	`0`
AddressOfRawData	`0`
PointerToRawData	`0xe1a10`

TLS Callbacks

Load Configuration

RICH Header

a1e90cb4fb866af2f068ae98cf2ea22d

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rsrc

.reloc

Imports

Delayed Imports

1

32512

1 (#2)

1 (#3)

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

UNKNOWN

TLS Callbacks

Load Configuration

RICH Header

Errors