Manalyze report for ab24d05efc53d0b860866a7d1a7bc99e

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
Compilation Date	2026-Feb-06 17:05:19
Detected languages	English - United States
Debug artifacts	C:\Temp\ConsoleApplication1\x64\Debug\ConsoleApplication1.pdb

Plugin Output

Info	Matching compiler(s):	`MASM/TASM - sig1(h)`
Suspicious	The PE is packed or was manually edited.	`Section .textbss is both writable and executable.` `Unusual section name found: .msvcjmc` `The number of imports reported in the RICH header is inconsistent.`
Suspicious	No VirusTotal score.	`This file has never been scanned on VirusTotal.`

Hashes

MD5	`ab24d05efc53d0b860866a7d1a7bc99e`
SHA1	`06e2e20894df2bdacbf442a9cd145748d2ebb699`
SHA256	`413345aadc7339e20cc0163ef78cc48040c16c01dbea781ddb431bfd3ffbd06f`
SHA3	`d9ed5a27ac32c575223bc9944140f85e3a7bffb0e69bafdac748383fe2bb8847`
SSDeep	`384:1nc0mx+r/wQPJK7eTO1yLNseOaKIpQ4rbOBUltwHtjQfBir+wFJ5oA69XpV:1nrjw7t1yqMnOGlat6BW5oA69`
Imports Hash	`f44ccb367e901a2db9b557d241041da0`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0xf0`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`10`
TimeDateStamp	2026-Feb-06 17:05:19
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0x8800`
SizeOfInitializedData	`0x7800`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x000000000001105A (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x27000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.textbss

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x10000`
VirtualAddress	`0x1000`
SizeOfRawData	`0`
PointerToRawData	`0`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_CNT_UNINITIALIZED_DATA` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`

.text

MD5	`70cc227fe1e3a78a6507d84408c4eda5`
SHA1	`dc0faeddb96b62da5714395f9a7d6028eb146516`
SHA256	`2a55a79eb6e91e61ec3ca02de83a5d40ce7969d6e8fdc2e75eb84b7c375b49f0`
SHA3	`90a1d72b0b9f9f5dec94a7db1afaba77ce9f9ad67fcf2e02d91d6a6c5bddb366`
VirtualSize	`0x8625`
VirtualAddress	`0x11000`
SizeOfRawData	`0x8800`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`3.6538`

.rdata

MD5	`22874248914d935231de9fa46f641b1f`
SHA1	`2f3e32177438397917adf9ac2be66854ff773a76`
SHA256	`af33dffd00c9d63108886b57e10fa41cc1b172e5a4f2824275b80b7e54263f76`
SHA3	`b84396818f5b4fe4f8ef9d3f776bffd4d5dfc9154f45d0592c6ed98049d7b51a`
VirtualSize	`0x2e39`
VirtualAddress	`0x1a000`
SizeOfRawData	`0x3000`
PointerToRawData	`0x8c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`2.2467`

.data

MD5	`9371eb166d2ee7782695f2b14a0bc982`
SHA1	`6cb2d10b95b948e45341b7547db7e7bac2408cdf`
SHA256	`5945ae705ee926020862cf0cf6758c6edec1406a21118837425c2c1160339d7b`
SHA3	`ee6477f5c5f885e9c6b8b95f30a73d17158d5b3078ed37596dc656a75adeab51`
VirtualSize	`0x2c8`
VirtualAddress	`0x1d000`
SizeOfRawData	`0x200`
PointerToRawData	`0xbc00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0.923551`

.pdata

MD5	`aa0f47e2acf16ec384200e5846103d8b`
SHA1	`6e19a3ae907ca612a0b8d671a5ec502ea5e72839`
SHA256	`cab069092388012d4debe2b00ea5f635c3d9361c99c148cae58a9de25c63cb5c`
SHA3	`e3b99e9bcb6a7f7e0b538710e8fbcc4746aa196c04a178bd7ddc97d0fe152439`
VirtualSize	`0x21a8`
VirtualAddress	`0x1e000`
SizeOfRawData	`0x2200`
PointerToRawData	`0xbe00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`1.18453`

.idata

MD5	`d897dff8e00cc06c8b98577c0cba4e65`
SHA1	`5c98e375a4c8e7a801286eef194dc1762f815969`
SHA256	`ade7f1acb51d48bcaf3dd6aed048150647c2aafcd95992417530130487433ce9`
SHA3	`3310194d5ea98fdfeeedbf070e37be497f5277b3e7484b4207ed975ed8a1ca46`
VirtualSize	`0x13e4`
VirtualAddress	`0x21000`
SizeOfRawData	`0x1400`
PointerToRawData	`0xe000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.99607`

.msvcjmc

MD5	`25254dfc47e345a7d4a18f12b79cca4a`
SHA1	`c4f549767d54c4b75d0b0e1cee6d19d4b0b31345`
SHA256	`ce5b19377d36a9f2ed2f7441489c23457e35f4b49951fd945232a7f9d5a1b405`
SHA3	`699178ba2d9ee07e7c335279735aad45243e98af20311011177ba963bb024b95`
VirtualSize	`0x194`
VirtualAddress	`0x23000`
SizeOfRawData	`0x200`
PointerToRawData	`0xf400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0.798659`

.00cfg

MD5	`706c7e0086e5804bd3bc46d95a666601`
SHA1	`3e89da32c3d92eef72eb2d0fc0401cb8bf8cb881`
SHA256	`3a92b1f2ea2187eafefaef640b8f7ebdac6938a8a97a2272d57550cf6f7bff89`
SHA3	`88457e55e035e31f4f49890633d2a378828c0cdd29fdd3946e5abdb58fb39243`
VirtualSize	`0x175`
VirtualAddress	`0x24000`
SizeOfRawData	`0x200`
PointerToRawData	`0xf600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`0.471598`

.rsrc

MD5	`70143e4401b8ff04168516e4dd17d259`
SHA1	`bfab71ccec8f700bda501c77e81f1a808396e75d`
SHA256	`3b929519eb822c1581b2df24b765aa75706840eccc089ae16253306f00ba3738`
SHA3	`db67aceb90304fb09123c72ed4de79a746364d67ef93eca8f94af92114febcd0`
VirtualSize	`0x43c`
VirtualAddress	`0x25000`
SizeOfRawData	`0x600`
PointerToRawData	`0xf800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`2.14297`

.reloc

MD5	`c1b8fbac3810304f5fcc2187a837089b`
SHA1	`7c82eb54bcfa1d4508628df0b34a5898c8f7aff9`
SHA256	`c1d4165cf30886950e10485bd0056c541fdbb54896137283809fdc04bf5c1db6`
SHA3	`f44f7b3d4a89d887a5cb620696c4470a35041c9af15beb94e49b3589bad979fe`
VirtualSize	`0x275`
VirtualAddress	`0x26000`
SizeOfRawData	`0x400`
PointerToRawData	`0xfe00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.729975`

Imports

MSVCP140D.dll	`?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ` `?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ` `?uncaught_exceptions@std@@YAHXZ` `?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ` `?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ` `?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ` `?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A` `?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z` `?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z` `?width@ios_base@std@@QEAA_J_J@Z` `?width@ios_base@std@@QEBA_JXZ` `?flags@ios_base@std@@QEBAHXZ` `?good@ios_base@std@@QEBA_NXZ` `?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z` `??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_J@Z` `??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z`
VCRUNTIME140_1D.dll	`__CxxFrameHandler4`
VCRUNTIME140D.dll	`__vcrt_GetModuleFileNameW` `__current_exception_context` `__current_exception` `__std_type_info_destroy_list` `__C_specific_handler_noexcept` `__C_specific_handler` `memcpy` `__vcrt_LoadLibraryExW` `__vcrt_GetModuleHandleW`
ucrtbased.dll	`__p__commode` `strcpy_s` `strcat_s` `__stdio_common_vsprintf_s` `_seh_filter_dll` `_initialize_onexit_table` `_register_onexit_function` `_execute_onexit_table` `_crt_atexit` `_crt_at_quick_exit` `terminate` `_wmakepath_s` `_wsplitpath_s` `wcscpy_s` `_set_new_mode` `_configthreadlocale` `_cexit` `__p___argc` `_set_fmode` `_exit` `exit` `_initterm_e` `_initterm` `_get_initial_narrow_environment` `_initialize_narrow_environment` `_configure_narrow_argv` `__setusermatherr` `_set_app_type` `_seh_filter_exe` `_CrtDbgReportW` `_CrtDbgReport` `strlen` `_c_exit` `_register_thread_local_exe_atexit_callback` `__p___argv`
KERNEL32.dll	`GetCurrentThreadId` `GetStartupInfoW` `GetModuleHandleW` `GetLastError` `HeapAlloc` `HeapFree` `GetProcessHeap` `VirtualQuery` `FreeLibrary` `GetProcAddress` `InitializeSListHead` `GetSystemTimeAsFileTime` `GetCurrentProcessId` `QueryPerformanceCounter` `IsDebuggerPresent` `WideCharToMultiByte` `RaiseException` `MultiByteToWideChar` `SetUnhandledExceptionFilter`

Delayed Imports

1

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x17d`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.91161`
MD5	`1e4a89b11eae0fcf8bb5fdd5ec3b6f61`
SHA1	`4260284ce14278c397aaf6f389c1609b0ab0ce51`
SHA256	`4bb79dcea0a901f7d9eac5aa05728ae92acb42e0cb22e5dd14134f4421a3d8df`
SHA3	`4bb9e8b5a714cae82782f3831cc2d45f4bf4a50a755fe584d2d1893129d68353`

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2026-Feb-06 16:54:33
Version	`0.0`
SizeofData	`86`
AddressOfRawData	`0x1bd1c`
PointerToRawData	`0xa91c`
Referenced File	C:\Temp\ConsoleApplication1\x64\Debug\ConsoleApplication1.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2026-Feb-06 16:54:33
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0x1bd74`
PointerToRawData	`0xa974`

TLS Callbacks

Load Configuration

Size	`0x140`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x14001d000`

RICH Header

XOR Key	`0x21ac6be7`
Unmarked objects	`0`
ASM objects (35403)	`3`
C objects (35403)	`11`
C++ objects (35403)	`25`
Imports (35403)	`7`
Imports (33145)	`4`
Total imports	`78`
C++ objects (35723)	`1`
Resource objects (35723)	`1`
Linker (35723)	`1`

Errors

[*] Warning: Section .textbss has a size of 0!