Manalyze report for b96ba00d188cd1d5c9f8c9cec99b56eea80a4462260f9f513faceb058dd6c3b1

This file seems to be a .NET executable.
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2025-Nov-13 01:32:06
Debug artifacts	D:\desktop\work program\software\100083\100083_V1\è½¯ä»¶\mc3000-2\FirmwareUpgrade\obj\Debug\UpgradeFirmware.pdb
Comments
CompanyName
FileDescription	usb loader host
FileVersion	`1.0.0.0`
InternalName	UpgradeFirmware.exe
LegalCopyright	Copyright Â© 2010
LegalTrademarks
OriginalFilename	UpgradeFirmware.exe
ProductName	usb loader host
ProductVersion	`1.0.0.0`
Assembly Version	1.0.0.0

Plugin Output

Info	Matching compiler(s):	`.NET executable -> Microsoft`
Malicious	VirusTotal score: 3/72 (Scanned on 2026-02-21 16:24:34)	`APEX: Malicious` `Cylance: Unsafe` `Malwarebytes: MachineLearning/Anomalous.100%`

Hashes

MD5	`a5240a029641c682376a0412993180f5`
SHA1	`490edfca935226b32ed37f64e287b34cc5f2a5c2`
SHA256	`b96ba00d188cd1d5c9f8c9cec99b56eea80a4462260f9f513faceb058dd6c3b1`
SHA3	`e1cad55b6700900502696e5b0fe265e12d335d4f6dce6934edc78b944ecd1ed2`
SSDeep	`6144:1l6Gy5gVecbF/pZdxlcAitUIYW7AmWjC:8VcbF/R0dtUIYW75h`
Imports Hash	`f34d5f2d4577ed6d9ceec516c1f5a744`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`3`
TimeDateStamp	2025-Nov-13 01:32:06
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`48.0`
SizeOfCode	`0x48e00`
SizeOfInitializedData	`0xfa00`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0004AC82 (Section: .text)`
BaseOfCode	`0x2000`
BaseOfData	`0x4c000`
ImageBase	`0x400000`
SectionAlignment	`0x2000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x5e000`
SizeOfHeaders	`0x200`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`6d92a3c8148a7f9bf165a4c53487f10e`
SHA1	`a17e75c5b9006872f9cde98707e620152fa4f594`
SHA256	`c3c4b677be9abe20f4e42c3f0b7f1fc48ee24a875f0ddb584c7653c577f9b31f`
SHA3	`b0e7d0996ad0a595241e6930ab9c1fcfb247c28a30c6b1b1a2963b88b5412570`
VirtualSize	`0x48ca8`
VirtualAddress	`0x2000`
SizeOfRawData	`0x48e00`
PointerToRawData	`0x200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`4.38982`

.rsrc

MD5	`6127a628b60cc884d988e8d63c111926`
SHA1	`73f77e787f60bc80e8d98085bf8fbb2708176ec7`
SHA256	`337d95fd20873952e83bb15ca78531e091c727a710b1b52aad862b51ac07afcd`
SHA3	`c0f9948ea11db04684bfefbd24d77d7e9cb07f267fdce0870baf163f0d8f5fa8`
VirtualSize	`0xf63c`
VirtualAddress	`0x4c000`
SizeOfRawData	`0xf800`
PointerToRawData	`0x49000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.6878`

.reloc

MD5	`5a79ff5ca20ecd6aed31d63c3c68e1a3`
SHA1	`5fda685fc9125d509aac158929c62efe736e7b63`
SHA256	`e10092c2295fe507029a3503e1d2978bd9fb5b40aed452f34840b1b59c248db9`
SHA3	`e10e14faac0b1d048a9c021369f42a0f3dbf720cdeea33b0fa6fa489d00480c2`
VirtualSize	`0xc`
VirtualAddress	`0x5c000`
SizeOfRawData	`0x200`
PointerToRawData	`0x58800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.10191`

Imports

mscoree.dll	`_CorExeMain`

Delayed Imports

1

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x668`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.94062`
MD5	`a72e324bbed3391d8462bfdc64ecc9b4`
SHA1	`c3905a10342346a08fc9f786374d7ed0f42b0d97`
SHA256	`0044f12f69b65c78b10770fe36640ed41a7e9cdeb9defa4724d88c056b43e943`
SHA3	`2e528c26066480cafa34425a349ec8d9d8d46f8e2115edad317cddbad43b5798`

2

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x2e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.31441`
MD5	`3fec310dcf2e9c2a2687a58b1f281c98`
SHA1	`8f3d02c9db57ce79cbe609aca8d9c567e20bab84`
SHA256	`bd882528ded86e1c58a20ec3f7a5d794fc22a44120da723a4acfbabf7710cb45`
SHA3	`9e86f74cc4ae0ccefb0ca607a8aa6ab9480634d7595e0b5ef15b09120386bdc8`

3

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.8641`
MD5	`19c0338ae4396b89cfb4410a06988a0b`
SHA1	`a12735a9bd483e6d67703600d0dd6fc8bd3e9ccb`
SHA256	`6b0be2baa3658fcbad6056d68d1dfe6575a353462b42c2b6ebaa786b2ee9a09f`
SHA3	`3af9169c232003a2aab2c3b1678a342fe2eab99c7272a2f8f56e963d8a214880`

4

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.67324`
MD5	`f1183d77f1e8576a03202de182c45ab6`
SHA1	`3d8e4ea52dc67c233e7a5d29e276f840edce8d72`
SHA256	`a5402d91c8ed4819dc89c19370040d0ad2e7988d5208f3ddad56d9dee56599a9`
SHA3	`caa81b1d09e80fd57011656550edad410b29715e6ad73e19f49a275a8100a29e`

5

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.35793`
MD5	`127a02f483cd3e556a6783fecf0d5740`
SHA1	`8ff6631b978dbf555234b21c82bdb284abea610e`
SHA256	`b625f4bde5695b3932ac3c6b0504bb220fd6cff6c725f76a8cefca7a7c7a6bcf`
SHA3	`bcf7e9e669c5a5838e7790865b82abc229051a89f8a4cd451584e6d5b5ebad97`

6

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.31047`
MD5	`94880771f65e19c4cd198e2479a604d3`
SHA1	`33faa4d41303ed750ce63a54e3ead25ee3d6358a`
SHA256	`6b71f9682d6abfe2c3caa78625f3ce65f1a0137bb59041211dc385f52d7fa36f`
SHA3	`4617db2fcff51142e45863444ccb41fbdfafdf035233f8711bf0ff4590d8db53`

7

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x8ba1`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.93727`
Detected Filetype	PNG graphic file
MD5	`2985aa0afaf6891bd38ac91ec2af3d3b`
SHA1	`bdf399326d1e965b94de890451bc2f4ccaf06d1a`
SHA256	`440fb79d5039494df123ee771c2fe91c85befc39ebdfab3d37a5570d8d26e4b5`
SHA3	`34d50914f425cf7ca2b7e232e47cba4a9fa23b70fb2a564bb29e6dbaafe83d50`

8

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.74364`
MD5	`eb0bdd3228b174eac495e88e1969ba68`
SHA1	`b323d8500c21081949387e323f0f3d2b6f7cdf9f`
SHA256	`a5ccf9143e7212bccaf3ef477532302658d2897cfd861623b59c8a0842435f2d`
SHA3	`84b2d5641cbbbfd426e6334cc5df78a82e11f3b43fdaada20500f9bd4eb4ca2e`

9

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.86827`
MD5	`fdf9906d22bbd005c9a14543d3d0f6b6`
SHA1	`61340e0496e80f0992c459c95a4c5e27c49a8ba7`
SHA256	`cb4d54e9daa8329165127ce610a06d48bad4e3ce123e9d8b1cf49a3dcd0bdcfd`
SHA3	`963ef6a16e1bce16ea8b5356ab841a0a9e149b18642acf4ef31d9d2562bcbe74`

10

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.70178`
MD5	`5d62c9622a4d170efd61448304a2c34e`
SHA1	`1c82966c85c80410c440f20d56c2e6fc76b5aa93`
SHA256	`d564f480496e6eb13aac3804f26cac7473112222e0a7bde7d364ea2000a33285`
SHA3	`4218e275a9a195a7859f3bce75c0ddcddc223bc3c2e62a83b4d2fcf28509bd1d`

32512

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x92`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.90294`
Detected Filetype	Icon file
MD5	`dd53265ab4abab03ef6b7da7fd2bec2e`
SHA1	`0410a97b50bcc5f757edeb39272b62ea1a6fdfce`
SHA256	`ec1848eef528ba6095c39df9d159fa9209b2d53e500d869ce32f651562aba439`
SHA3	`60741bd70b961546396e30632424e3c1456b10f4aa1e0d8789ed1b57b9b45e37`

1 (#2)

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x34c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.29133`
MD5	`1324af8ff409a673b1030b258da898dc`
SHA1	`37acdff67eed24db787f4700681f3a43e75a2258`
SHA256	`7c87ddc18de4c957e7d6146d9d1fbca8ea9f997eb27a795692e602ace51adc92`
SHA3	`6c3cd64cb287de20ba00ba20436d69add0aded46792d7c532ee62a058d79878e`

1 (#3)

Type	`RT_MANIFEST`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1ea`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.00112`
MD5	`b7db84991f23a680df8e95af8946f9c9`
SHA1	`cac699787884fb993ced8d7dc47b7c522c7bc734`
SHA256	`539dc26a14b6277e87348594ab7d6e932d16aabb18612d77f29fe421a9f1d46a`
SHA3	`4f72877413d13a67b52b292a8524e2c43a15253c26aaf6b5d0166a65bc615cff`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.0.0.0
ProductVersion	1.0.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
Comments
CompanyName
FileDescription	usb loader host
FileVersion (#2)	1.0.0.0
InternalName	UpgradeFirmware.exe
LegalCopyright	Copyright Â© 2010
LegalTrademarks
OriginalFilename	UpgradeFirmware.exe
ProductName	usb loader host
ProductVersion (#2)	1.0.0.0
Assembly Version	1.0.0.0

Resource LangID	UNKNOWN

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2025-Nov-13 01:32:06
Version	`0.0`
SizeofData	`284`
AddressOfRawData	`0x4ab14`
PointerToRawData	`0x48d14`
Referenced File	D:\desktop\work program\software\100083\100083_V1\è½¯ä»¶\mc3000-2\FirmwareUpgrade\obj\Debug\UpgradeFirmware.pdb

TLS Callbacks

Load Configuration

RICH Header

Errors

Leave a comment

No comments yet.