Manalyze report for caeaf3d7856b3e2719aa9e8da5c355ed

This file seems to be a .NET executable.
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2073-Sep-15 11:16:25
Debug artifacts	C:\Users\danny\source\repos\Taylordrift21 Config Wizard PRO\obj\Release\Taylordrift21 Config Wizard PRO.pdb
Comments
CompanyName
FileDescription	Taylordrift21 Config Wizard PRO
FileVersion	`1.0.0.0`
InternalName	Taylordrift21 Config Wizard PRO.exe
LegalCopyright	Copyright © 2024
LegalTrademarks
OriginalFilename	Taylordrift21 Config Wizard PRO.exe
ProductName	Taylordrift21 Config Wizard PRO
ProductVersion	`1.0.0.0`
Assembly Version	1.0.0.0

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C# v7.0 / Basic .NET` `.NET executable -> Microsoft`
Info	Interesting strings found in the binary:	`Contains domain names: https://discord.gg https://paypal.me https://www.youtube.com https://www.youtube.com/ https://www.youtube.com/watch?v https://youtube.com www.youtube.com youtube.com`
Info	The PE is digitally signed.	`Signer: Taylordrift21` `Issuer: Taylordrift21`
Suspicious	VirusTotal score: 2/73 (Scanned on 2024-10-21 05:12:50)	`Bkav: W32.AIDetectMalware.CS` `Fortinet: Malicious_Behavior.SB`

Hashes

MD5	`caeaf3d7856b3e2719aa9e8da5c355ed`
SHA1	`26f8626986a9f8070bbb10335ebcae9062074007`
SHA256	`2771c9b9cf1bdddeb97e057836d00a4af9e46e34a4f0719bb3d4bcb380a47bf2`
SHA3	`340e6b2ade537561344d2d8dba383a51c1f0d1102d33179022c644259e2680bb`
SSDeep	`393216:lvCwvCwvCTLiyHrVQmd1wKDzTfPjAe5kSMqJCy:lvTvTvg+n2fHjJ1`
Imports Hash	`f34d5f2d4577ed6d9ceec516c1f5a744`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`3`
TimeDateStamp	2073-Sep-15 11:16:25
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`48.0`
SizeOfCode	`0xe3da00`
SizeOfInitializedData	`0xcf400`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00E3F99E (Section: .text)`
BaseOfCode	`0x2000`
BaseOfData	`0`
ImageBase	`0x400000`
SectionAlignment	`0x2000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0xf12000`
SizeOfHeaders	`0x200`
Checksum	`0xf1a7cb`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`c8914e2e64f13293b75a8977589a8d7c`
SHA1	`72c4b17516b6409c133fd47030df0989527f0504`
SHA256	`1b0d26962cf7f3f8f903562018a8ed4687989a4c4a1d151e827cd0612c3d0f3e`
SHA3	`ca20d673d494a828f7c0eeb1ee9ec9401a76f2651e36cf0781f005cdef286715`
VirtualSize	`0xe3d9a4`
VirtualAddress	`0x2000`
SizeOfRawData	`0xe3da00`
PointerToRawData	`0x200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`7.90749`

.rsrc

MD5	`437d0045c8f9a4c57c5fcf7a554a6de5`
SHA1	`21c9f42fd459a3af2e1a178ad087760889d53901`
SHA256	`874d3c95baaac8d947e0fc06bdc1a746ad3c3096a985e270f99a084d0a0fbd27`
SHA3	`dde95987e9ed7a3356864b94b5e5656d573daccc3f439b93701a6881f291b060`
VirtualSize	`0xcf11c`
VirtualAddress	`0xe40000`
SizeOfRawData	`0xcf200`
PointerToRawData	`0xe3dc00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`7.13441`

.reloc

MD5	`1ee745975b91019b5671d2eeacf76a08`
SHA1	`9bb7fbc22544463ef3f3782e9ab0af120f969c69`
SHA256	`5017d5fcb705e6af3d5ec4212405ad23562241c8a4b1aba4009d157ec7f0a8b9`
SHA3	`30a6dffaba0f070216580e76a868947950bb4d0e2c71e49fe2d9ee255193ed1b`
VirtualSize	`0xc`
VirtualAddress	`0xf10000`
SizeOfRawData	`0x200`
PointerToRawData	`0xf0ce00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.10191`

Imports

mscoree.dll	`_CorExeMain`

Delayed Imports

1

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.86241`
MD5	`168edd092c0e345b42b002615b6b4bc5`
SHA1	`f99b722f7240ee29abcb806825e91dca5261a5f0`
SHA256	`45760a1f6311ce4aff16626055190a9420c76bd31b96b43152ac3c95a06c9164`
SHA3	`960aff113aa0778ce621453edb7122fbfc05ce9f71c081712d88337f26758022`

2

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.89001`
MD5	`9f96ee0923573c20dd4b10b761250661`
SHA1	`d782cad4c4904cf9fbd9e90f92cfe608ac404fda`
SHA256	`a53c61012d1525ad80fc94ee3b03c9f62335cba91e8e153e8feffbcd00b62803`
SHA3	`70943329757dd3e6e0bc86e6dceb00233aba148843c23db30371fba08cc6a126`

3

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.84836`
MD5	`961d1d2f309b5af415fb1322025f6f09`
SHA1	`611e3431fddb2c13eb0d04a967bc5958d4e52cc9`
SHA256	`2528b9ac71dac872e9ae9a1318ae03f550caa4fd366de44d969a250895b99ef3`
SHA3	`7db5d406fa302bfc50aad9aff35e655e00fe737dee359cf44cf551765c993651`

4

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.65896`
MD5	`797590051cd2c203dcac314b0f147f3e`
SHA1	`fe4c50b9d9d733913cd4de0a18f1b5076c52fbee`
SHA256	`53db16594b51a09c1f61f0d6a7dce7706e4311911f2bb828de5d241a94b05345`
SHA3	`a814d89dfb88ef293f7559bc452b62d73a39958f2af8150dfbd6bccb01f53021`

5

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.62552`
MD5	`1df9a09d6f399e8e6e5f871b6325a6aa`
SHA1	`f9a0d2e1e2646bc8f1247eb203e8df7b7337cc79`
SHA256	`234e42e255cff6ab357891a5ab6ceea324ea1666524ae5d2722d8d219d821cbb`
SHA3	`e1d8956aff38b5bf20e2ff0ee7d24d119c58ae3b703360ee7b30bb8fb84649c2`

6

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x94a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.58086`
MD5	`e0e7a3d7070a51c2078248f8d45c510e`
SHA1	`b3adc86f94f9c80654b23b0f65f00733b66ed7bd`
SHA256	`e0be83e290773a9a6e328ad558c3b8d10431e982514b7ee17e2d351b5fefd51d`
SHA3	`2206f9f99d324b2031f5bac50d1f4d5e604ad139b9f6f624f15c8ed53e006081`

7

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.55172`
MD5	`82e060e740875ad845f95635c58e04a4`
SHA1	`276e51a820dd76c6b7d0ca5aa115464f325f0849`
SHA256	`26a88c17c6a2143f1677aab0c7c56e09993ec230e1437c2f25d25232eaba3f07`
SHA3	`7f09d1bd038a2a89dcbb163ea7902eef07f5da53d2abbb9cc22a06030cb2fe21`

8

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x42028`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.48359`
MD5	`4f4aab6046c1cb0aaaae58ffaa6151a5`
SHA1	`c9b174527e8271d5825bf77045fd9a649a4c1df1`
SHA256	`d63e4b4d876cbd08673337b24aeffc3d2a9a4dba20c87438d6ce0acc0f0db61d`
SHA3	`9e9117fc5e37c8511068e938ba1cd19668671e8bcd60277c9695ad6d06f94364`

9

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x6a4c9`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.99502`
Detected Filetype	PNG graphic file
MD5	`6743bd66e1d6ccfbb969774397f2a579`
SHA1	`017db7997032cd6d077504a27d4d1b5d510d5694`
SHA256	`bba809e445aafa470a16c186f5fa3fdd4042173b69e53534a780fc554c3ac43c`
SHA3	`d9ab7d06e03068e342d1610b3f5cba70aa1e01a73d1abe022bce52ec4f540da8`

32512

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x84`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.97045`
Detected Filetype	Icon file
MD5	`541f15eed4b462030500a64de31bb85d`
SHA1	`1e6727b8574e95bdf54d48dc6db86c22d8844683`
SHA256	`f6a75a982e63a95a7bd7f39d21905176fdb07cb3c183fdae66dcabf255c82de3`
SHA3	`e62b7c9b8be5752966354bdd8543835b0e29518581082c8eb120c22b793f8cb1`

1 (#2)

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x3cc`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.3466`
MD5	`f2c526e56043d21dc0e5865979834de1`
SHA1	`78376c0d211c7f6cc8ba0e807b8c83f99e98dbab`
SHA256	`336da605954442d3a997e0778422c816ce5c7abb8785297fb10294f9c886d721`
SHA3	`a42992d8966b2be59ccac7a7cc10ee9c1234e4393e865f22360bc23e93b24a45`

1 (#3)

Type	`RT_MANIFEST`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1ea`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.00112`
MD5	`b7db84991f23a680df8e95af8946f9c9`
SHA1	`cac699787884fb993ced8d7dc47b7c522c7bc734`
SHA256	`539dc26a14b6277e87348594ab7d6e932d16aabb18612d77f29fe421a9f1d46a`
SHA3	`4f72877413d13a67b52b292a8524e2c43a15253c26aaf6b5d0166a65bc615cff`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.0.0.0
ProductVersion	1.0.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
Comments
CompanyName
FileDescription	Taylordrift21 Config Wizard PRO
FileVersion (#2)	1.0.0.0
InternalName	Taylordrift21 Config Wizard PRO.exe
LegalCopyright	Copyright © 2024
LegalTrademarks
OriginalFilename	Taylordrift21 Config Wizard PRO.exe
ProductName	Taylordrift21 Config Wizard PRO
ProductVersion (#2)	1.0.0.0
Assembly Version	1.0.0.0

Resource LangID	UNKNOWN

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2073-Sep-15 11:16:25
Version	`0.0`
SizeofData	`132`
AddressOfRawData	`0xe3f8c8`
PointerToRawData	`0xe3dac8`
Referenced File	C:\Users\danny\source\repos\Taylordrift21 Config Wizard PRO\obj\Release\Taylordrift21 Config Wizard PRO.pdb

UNKNOWN

Characteristics	`0`
TimeDateStamp	1970-Jan-01 00:00:00
Version	`0.0`
SizeofData	`0`
AddressOfRawData	`0`
PointerToRawData	`0xe3db4c`

TLS Callbacks

Load Configuration

RICH Header

caeaf3d7856b3e2719aa9e8da5c355ed

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rsrc

.reloc

Imports

Delayed Imports

1

2

3

4

5

6

7

8

9

32512

1 (#2)

1 (#3)

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

UNKNOWN

TLS Callbacks

Load Configuration

RICH Header

Errors