Manalyze report for d0e13caf971ceef6161ed2257ed7457c147b7c45634682718dd45b71845c21cf

This file seems to be a .NET executable.
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2013-Jun-19 11:38:08
Debug artifacts	C:\Unicam\UNICAM_13\UNICAM_13\obj\x86\Release\Unicam_13.pdb
CompanyName	Мой Дом
FileDescription	Unicam_13
FileVersion	`1.0.0.0`
InternalName	Unicam_13.exe
LegalCopyright	Copyright © Михаил Глибицкий 2011
OriginalFilename	Unicam_13.exe
ProductName	Unicam_13
ProductVersion	`1.0.0.0`
Assembly Version	1.0.0.0

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C# v7.0 / Basic .NET` `.NET executable -> Microsoft`
Info	Interesting strings found in the binary:	`Contains domain names: http://schemas.microsoft.com http://schemas.microsoft.com/expression/blend/2008 http://schemas.microsoft.com/winfx/2006/xaml http://schemas.microsoft.com/winfx/2006/xaml/presentation http://schemas.openxmlformats.org http://schemas.openxmlformats.org/markup-compatibility/2006 microsoft.com openxmlformats.org schemas.microsoft.com schemas.openxmlformats.org`
Suspicious	No VirusTotal score.	`This file has never been scanned on VirusTotal.`

Hashes

MD5	`e6e5197a06eafe9081785bcf42c3309d`
SHA1	`f4daa69dc18b82751a8a8907f7542c9056b257d0`
SHA256	`d0e13caf971ceef6161ed2257ed7457c147b7c45634682718dd45b71845c21cf`
SHA3	`524f5242434449e14ed65fa17dd9758b082234e2c3881d06ee8ac77b0c8af53e`
SSDeep	`6144:aO+AecrdDS4rPOdad841ecCWLY993F6U6OIEmvTX1ZkuytNiPPz5i0T7:eAecrQoO71cCD9vIEmv5Z0Ot`
Imports Hash	`f34d5f2d4577ed6d9ceec516c1f5a744`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`3`
TimeDateStamp	2013-Jun-19 11:38:08
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`8.0`
SizeOfCode	`0x66c00`
SizeOfInitializedData	`0x800`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00068B2E (Section: .text)`
BaseOfCode	`0x2000`
BaseOfData	`0x6a000`
ImageBase	`0x400000`
SectionAlignment	`0x2000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x6e000`
SizeOfHeaders	`0x200`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`a7751a3f7c5d8f6019cf1666b70ce3cb`
SHA1	`daca412875c0725b954685c6b81d4a3b68602a61`
SHA256	`827780ff720cf16a20bdb6c56598fcc1d918de8275a9e5ea3acc02bfcd2f718d`
SHA3	`0b475b91eec1f862922fc84d7bafee4860584a34662261d21871d683cbd28ac7`
VirtualSize	`0x66b34`
VirtualAddress	`0x2000`
SizeOfRawData	`0x66c00`
PointerToRawData	`0x200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.18484`

.rsrc

MD5	`7ed83ea21505d8a133b5eef770adfc49`
SHA1	`3e9a40807f6c02978a5a6f5825ab9ee907ce4a48`
SHA256	`9595d0d2d6221b3ccc05e79ef854fb1933a1fc22b6c7a75a8f89c2d8581a175c`
SHA3	`3a3c63704d0fd4466c10b1b14c281d4fb67a1bdb4ed5cfa2835cc088f288f799`
VirtualSize	`0x590`
VirtualAddress	`0x6a000`
SizeOfRawData	`0x600`
PointerToRawData	`0x66e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.15502`

.reloc

MD5	`845087c8058597104f8eaf32f98aed0b`
SHA1	`52af0132718bdc8efeae1051e091b657ea688e54`
SHA256	`551a159520368f7d2379c6f837425da52b39317663bb422c8b5286daad5ff919`
SHA3	`5e0a9591dccbebd1be91657913c20124c71d92ae1bc1acf05c8d361204701d49`
VirtualSize	`0xc`
VirtualAddress	`0x6c000`
SizeOfRawData	`0x200`
PointerToRawData	`0x67400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.10191`

Imports

mscoree.dll	`_CorExeMain`

Delayed Imports

1

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x300`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.51385`
MD5	`287e59fd3d07054e1dcf2a89d67eec80`
SHA1	`03bd1d23addb135bbb41f69d09a88519685c1bcc`
SHA256	`2ab6f444e387bd17c008dd9216ece4af62d09f3926a3612dcb80c1356165c7b6`
SHA3	`32ee3842390cb338eb75258dcf79633dc51d48a7253f4c487a5b8ded3386cf3d`

1 (#2)

Type	`RT_MANIFEST`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1ea`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.00112`
MD5	`a19a2658ba69030c6ac9d11fd7d7e3c1`
SHA1	`879dcf690e5bf1941b27cf13c8bcf72f8356c650`
SHA256	`c0085eb467d2fc9c9f395047e057183b3cd1503a4087d0db565161c13527a76f`
SHA3	`93cbaf236d2d3870c1052716416ddf1c34f21532e56dd70144e9a01efcd0ce34`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.0.0.0
ProductVersion	1.0.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
CompanyName	Мой Дом
FileDescription	Unicam_13
FileVersion (#2)	1.0.0.0
InternalName	Unicam_13.exe
LegalCopyright	Copyright © Михаил Глибицкий 2011
OriginalFilename	Unicam_13.exe
ProductName	Unicam_13
ProductVersion (#2)	1.0.0.0
Assembly Version	1.0.0.0

Resource LangID	UNKNOWN

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2013-Jun-19 11:38:08
Version	`0.0`
SizeofData	`84`
AddressOfRawData	`0x68a88`
PointerToRawData	`0x66c88`
Referenced File	C:\Unicam\UNICAM_13\UNICAM_13\obj\x86\Release\Unicam_13.pdb

TLS Callbacks

Load Configuration

RICH Header

Errors

Leave a comment

No comments yet.