Manalyze report for c7128b34b5f7b5ea4a5ab7ce2be5d20d

This file seems to be a .NET executable.
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
Compilation Date	2018-Oct-05 09:44:19
Debug artifacts	D:\projects\Marx\ConsoleApplication4\ConsoleApplication4\obj\Debug\ConsoleApplication4.pdb
FileDescription	ConsoleApplication4
FileVersion	`1.0.0.0`
InternalName	ConsoleApplication4.exe
LegalCopyright	Copyright © 2018
OriginalFilename	ConsoleApplication4.exe
ProductName	ConsoleApplication4
ProductVersion	`1.0.0.0`
Assembly Version	1.0.0.0

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C# v7.0 / Basic .NET` `Microsoft Visual C++ 8.0` `.NET executable -> Microsoft`
Suspicious	No VirusTotal score.	`This file has never been scanned on VirusTotal.`

Hashes

MD5	`c7128b34b5f7b5ea4a5ab7ce2be5d20d`
SHA1	`4ad1a5d89ba714701b3805c3d77a145337282af6`
SHA256	`834bec7ff4d25c84bca140c193940b15bd7f83a24e63401ea5e856d2902716e1`
SHA3	`eaa937a225a0c0946819df930b3bb9d3cf88e9ddeed6e0344e9ee901902fb8fe`
SSDeep	`48:6vBhseEFI1o46cAVduJDPV6wyMF6NWtAclDAraAp6AtF:aVL21rQV6wyMoRcqr35`
Imports Hash	`f34d5f2d4577ed6d9ceec516c1f5a744`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`3`
TimeDateStamp	2018-Oct-05 09:44:19
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`8.0`
SizeOfCode	`0x1000`
SizeOfInitializedData	`0x2000`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x000026CE (Section: .text)`
BaseOfCode	`0x2000`
BaseOfData	`0x4000`
ImageBase	`0x400000`
SectionAlignment	`0x2000`
FileAlignment	`0x1000`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x8000`
SizeOfHeaders	`0x1000`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`49609f0f313bea0e825e837e33cc65c3`
SHA1	`3f23e2c01f1f4a33878a088b183c0b7aba8e88c9`
SHA256	`23cb12497938311d2e329e794fbc0afdf93ea7c43764dea54a78067f8815b9b7`
SHA3	`100f337281bfdbbf23391d25f6084cac7491909cfad297a23a6bcbc85f9e22fe`
VirtualSize	`0x6d4`
VirtualAddress	`0x2000`
SizeOfRawData	`0x1000`
PointerToRawData	`0x1000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`2.64576`

.rsrc

MD5	`3e5d97ffa9e1b270ca3b2db575e6d086`
SHA1	`d021c3b8053f1bfddb10ef188e37b641b7bbeb14`
SHA256	`d5ad038149444204c996773575d5e0f04f3402337378e264cfc916ba6557704c`
SHA3	`3a3a65538ed2444551bf0f053a104fa241913bea99fcf179846f85d9b6b5b4bf`
VirtualSize	`0x358`
VirtualAddress	`0x4000`
SizeOfRawData	`0x1000`
PointerToRawData	`0x2000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`0.873113`

.reloc

MD5	`041c9f8f6c42d3f486ceca1784c8abb5`
SHA1	`c848b769606615f2bbe02156553ee599af33146a`
SHA256	`bc4688acc1dbbb2fb652f2f42564f6e7ab8b32ea356245da0bfc9e65fb68181b`
SHA3	`d9f52ee555f21d2ea6506b3797ab32006896b52866f1b19ce32ac81cb7edaf44`
VirtualSize	`0xc`
VirtualAddress	`0x6000`
SizeOfRawData	`0x1000`
PointerToRawData	`0x3000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.0131269`

Imports

mscoree.dll	`_CorExeMain`

Delayed Imports

1

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x300`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.27988`
MD5	`aa2df295691561de1f1bb0da8ce64bba`
SHA1	`8cc91fef6dce2730c277fb73ac71191226f59fd4`
SHA256	`efc03c9efbaa3cc180ac6d8939a8496a17c699a9ec66ad0184412e72c7af83d7`
SHA3	`1faa222f76c89e840accd32072093a6590ecc29f30833090c458d4d36bc95a24`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.0.0.0
ProductVersion	1.0.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
FileDescription	ConsoleApplication4
FileVersion (#2)	1.0.0.0
InternalName	ConsoleApplication4.exe
LegalCopyright	Copyright © 2018
OriginalFilename	ConsoleApplication4.exe
ProductName	ConsoleApplication4
ProductVersion (#2)	1.0.0.0
Assembly Version	1.0.0.0

Resource LangID	UNKNOWN

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2018-Oct-05 09:44:19
Version	`0.0`
SizeofData	`115`
AddressOfRawData	`0x2604`
PointerToRawData	`0x1604`
Referenced File	D:\projects\Marx\ConsoleApplication4\ConsoleApplication4\obj\Debug\ConsoleApplication4.pdb

TLS Callbacks

Load Configuration

RICH Header

c7128b34b5f7b5ea4a5ab7ce2be5d20d

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rsrc

.reloc

Imports

Delayed Imports

1

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

TLS Callbacks

Load Configuration

RICH Header

Errors