Manalyze report for b7e56b48dfba32c93912a349652656ce

This file seems to be a .NET executable.
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
Compilation Date	2019-Mar-20 10:43:25
Debug artifacts	C:\Users\gj10\Documents\Visual Studio 2013\Projects\KLG_Printerconnect\KLG_Printerconnect\obj\Debug\KLG_Printerconnect.pdb
FileDescription	KLG_Printerconnect
FileVersion	`1.0.0.0`
InternalName	KLG_Printerconnect.exe
LegalCopyright	Copyright © 2015
OriginalFilename	KLG_Printerconnect.exe
ProductName	KLG_Printerconnect
ProductVersion	`1.0.0.0`
Assembly Version	1.0.0.0

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C# v7.0 / Basic .NET` `.NET executable -> Microsoft`
Suspicious		`Unusual section name found: .sdata`
Info	The PE is digitally signed.	`Signer: Dennis Marx` `Issuer: PORTALPKI-SubCA`
Suspicious	No VirusTotal score.	`This file has never been scanned on VirusTotal.`

Hashes

MD5	`b7e56b48dfba32c93912a349652656ce`
SHA1	`0d989ce4802462512c5264cfea7fa3588f6f2601`
SHA256	`497a071cca774ddcc2afeadda07a58505822cc8e5fda1b0ec88032cbf1b9be6b`
SHA3	`765449406a4f9b9239743079a62890eaba1eb35df2dcbb3ec04f2ac42d090296`
SSDeep	`384:lPEBnL4p0XT1tzzwOUFgKVsGhV/KaFcwarlJ8PLpQtlXA2yuRXVJFZAdWLvlaHVc:Sni0Xzzw7bVfhV/7cBfXA2lRHFZBMHbW`
Imports Hash	`f34d5f2d4577ed6d9ceec516c1f5a744`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`4`
TimeDateStamp	2019-Mar-20 10:43:25
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`11.0`
SizeOfCode	`0x3a00`
SizeOfInitializedData	`0x3400`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0000594E (Section: .text)`
BaseOfCode	`0x2000`
BaseOfData	`0x6000`
ImageBase	`0x400000`
SectionAlignment	`0x2000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0xe000`
SizeOfHeaders	`0x400`
Checksum	`0x9ddf`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`1fc7651b5b5e7ef65800ae25873c592e`
SHA1	`a893bc791cd5ef2ef07606ed693de7f6de57372f`
SHA256	`0d3d5b7b5ab7ded521eafaf479e96aba7314116f6081ce66f40836619f2907e2`
SHA3	`c88dad21d851c7089b6050b34f4221b89461fa523adb0a4c64a85a3a9771c341`
VirtualSize	`0x3954`
VirtualAddress	`0x2000`
SizeOfRawData	`0x3a00`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`5.52811`

.sdata

MD5	`fe1b7028bd24c9d720e0ea4efcd519b8`
SHA1	`1dec8d4f6fec19308e021b698227512150dc7ba9`
SHA256	`e8688fea49cad157a44de593e9f8a02a1f86b904170607f48065d385f320928b`
SHA3	`61beca6590c36c538be1401391e2e55d886e0599fa86a67c3a228151ddfd484f`
VirtualSize	`0x138`
VirtualAddress	`0x6000`
SizeOfRawData	`0x200`
PointerToRawData	`0x3e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`2.47549`

.rsrc

MD5	`7a601ac50afa4a98b50712b35e448aae`
SHA1	`e0099ce42aa56a0644b993a2e486ad79342c9ce6`
SHA256	`4980c268dbe49e58e199795e13592e5656241eb3ef5aa474ce2a01fb6b52f3c4`
SHA3	`c9e85a5a9f7e9b7dbdc850e71e8aecdff028e062acda8deb802f911aeaab306e`
VirtualSize	`0x2ff8`
VirtualAddress	`0x8000`
SizeOfRawData	`0x3000`
PointerToRawData	`0x4000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.37001`

.reloc

MD5	`df674402932a03b64f5f0e310c6b8108`
SHA1	`de4219732b10fb608557f42f153ef6c07e65908a`
SHA256	`2608f8618c1880be22e11655b222be42369e24171937ea5d272732df3d601e5a`
SHA3	`b196156784acedf4c7a090cfe34ad401586a95233795a58f72f06d028693a0f5`
VirtualSize	`0xc`
VirtualAddress	`0xc000`
SizeOfRawData	`0x200`
PointerToRawData	`0x7000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.0776332`

Imports

mscoree.dll	`_CorExeMain`

Delayed Imports

2

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x2e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.71396`
MD5	`14dff9b6c56d206aca6add232d20b50a`
SHA1	`d0b685483ff7225729d953638fb65f7d72f333de`
SHA256	`accfee1287c9f7dc25ecb19548ed246ceae1652fef5ad532914d5bb9dc9299ef`
SHA3	`8a9f96e045cf78160e00bb388bf90e23483a77d3075982e33eb9ef4861999af8`

3

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.0843`
MD5	`105b81bd721715275df5b229be68f074`
SHA1	`d9f82fd4974afb06297b803c70381d79bed90f9a`
SHA256	`478fe62e420007abb1a697a24cb1b80ced0a8e0a335d6ce68606efe71c4afaa2`
SHA3	`c5cffeaf58994264ee32c847cfe8575d3d360caa128613a4d47c99a2a49f8375`

4

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.72071`
MD5	`a81075dd2b656f081e035280f17e7a93`
SHA1	`2e05cabb4904b309c79c221eb187ac41c53183de`
SHA256	`b76fc9f2130962dfc25029a639848894feee7e9eb1a0fe5c680e3a90671741b1`
SHA3	`573f8978953f0e5bde7dac42120c262e47727a40c0904aee26cc8e88d99ec10b`

5

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.04772`
MD5	`f3018f2b932e0949bf386acd81aea508`
SHA1	`2515ef70721a15a20410f44b2c6fd724b7a2e07f`
SHA256	`abdc6eaa0ea69a1c506edf070a07fb12071453e08ecf3c6e35f1397d3422051f`
SHA3	`a7a18654c47f77448da7853d9a7d7fb4eee42c9e0cd6fde09467d6ef9e556e2a`

6

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x353`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.04524`
Detected Filetype	PNG graphic file
MD5	`c979c0d3d2f8cca15ea84bf23abe70a9`
SHA1	`1697075cc08b8f994e1b8dae013efecf49e5b363`
SHA256	`37af1cc5a7606c4cce476c2324b066c3a7f625eee010baf8347937ad13fd4081`
SHA3	`b998e975ed11f8abccc19d7145c610059b697a9b90ba911ea27f6900616ed5c5`

7

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.72257`
MD5	`8eb389e5fd517774f26c9d113315365d`
SHA1	`16a2a3489eb31857dff142f6ccbbe110e2b3a90b`
SHA256	`b0a40090c9bfdfdd8d2f77b68d7052d1eeceb41dc5ab2eaa9c85e15104984ef1`
SHA3	`2ce61f9e0b33eb6c7c04168b99a585cc6e346a715f0d0e66cf67d6a0b8a62710`

8

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.76148`
MD5	`52b71dd210ac5cf0fe97a3f9ba9a3896`
SHA1	`ed8632d87b02c7ab7dceb17bac85c8d23982f82b`
SHA256	`dc2a1f63c0882b33321345f27c07ef9f8bdb87aa687f075a474be430a1135982`
SHA3	`1852ad0a2b764cd65724857c1d8b61ca8a44398ac0b545e65747de83c84d9780`

32512

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x68`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.68921`
Detected Filetype	Icon file
MD5	`01374397ad1c6c0d0d72b5c9d8468ec9`
SHA1	`57c2ff986d1b2082848398b5e7827d613a1e3850`
SHA256	`5c120e5caa9e27b5d03f47470a52b231bd0f2d8ab5cefc31115b9fb9cd264540`
SHA3	`d904d1e09e1529633ea4a4faf006e6d3c3fb535202ecfb0563b4be3ce5e992e6`

1

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x300`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.27278`
MD5	`93cf93f16efd464eb1b886d51930d9d4`
SHA1	`d42dad5d96da231a5085e16887ee03f2a9d4d73a`
SHA256	`b3453afb658f63d7d73414cdcc40401562fd08772986f249b98c11e270c60791`
SHA3	`e6bd9f9820e16b44b6753733c845df81f134552daf6d9354400872be453f35d3`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.0.0.0
ProductVersion	1.0.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
FileDescription	KLG_Printerconnect
FileVersion (#2)	1.0.0.0
InternalName	KLG_Printerconnect.exe
LegalCopyright	Copyright © 2015
OriginalFilename	KLG_Printerconnect.exe
ProductName	KLG_Printerconnect
ProductVersion (#2)	1.0.0.0
Assembly Version	1.0.0.0

Resource LangID	UNKNOWN

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2019-Mar-20 10:43:25
Version	`0.0`
SizeofData	`284`
AddressOfRawData	`0x601c`
PointerToRawData	`0x3e1c`
Referenced File	C:\Users\gj10\Documents\Visual Studio 2013\Projects\KLG_Printerconnect\KLG_Printerconnect\obj\Debug\KLG_Printerconnect.pdb

TLS Callbacks

Load Configuration

RICH Header

b7e56b48dfba32c93912a349652656ce

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.sdata

.rsrc

.reloc

Imports

Delayed Imports

2

3

4

5

6

7

8

32512

1

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

TLS Callbacks

Load Configuration

RICH Header

Errors