Manalyze report for da7047fce5f3f65cb06f569e764b9f32

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
Compilation Date	2023-Sep-05 08:23:15
Detected languages	English - United States
Debug artifacts	C:\Users\chuye\source\repos\SimpleApp64\x64\Debug\SimpleApp64.pdb

Plugin Output

Info	Matching compiler(s):	`MASM/TASM - sig1(h)`
Suspicious	The PE is possibly packed.	`Section .textbss is both writable and executable.` `Unusual section name found: .msvcjmc`
Suspicious	No VirusTotal score.	`This file has never been scanned on VirusTotal.`

Hashes

MD5	`da7047fce5f3f65cb06f569e764b9f32`
SHA1	`f0be25278c89ff55f4b2506f4fe69fa3b7689000`
SHA256	`af717bdb55ededd600f35ee68f6a5175b8b0805675520c55d2d5ea9f5a48d818`
SHA3	`93dad3a720e2163d586ff42e5035370cfe9a4252c2b8b37a73519be66b3df3e3`
SSDeep	`768:93idU9WAzjyLlr3PuW5Z1ZWBV5L6vWA69:xzgr2W5bZWBXLKW`
Imports Hash	`722dd8fe2b658b1928556ba0e76364c4`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0xf8`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`10`
TimeDateStamp	2023-Sep-05 08:23:15
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0x8c00`
SizeOfInitializedData	`0x8200`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00000000000112D5 (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x27000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.textbss

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x10000`
VirtualAddress	`0x1000`
SizeOfRawData	`0`
PointerToRawData	`0`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_CNT_UNINITIALIZED_DATA` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`

.text

MD5	`cc6e87de0906224754803650dc4154a5`
SHA1	`4baf650f493bb3389562c5e5a5fa3808a2cf1a79`
SHA256	`6b272880329c8145bf4cecca7263694c11dee86f8f12946021f910444411616a`
SHA3	`7377307af07ad5607b3116af8271166a0fed0cee1aee95d847d507ef6642391b`
VirtualSize	`0x8ac3`
VirtualAddress	`0x11000`
SizeOfRawData	`0x8c00`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`3.69504`

.rdata

MD5	`33dd987d93860f81295699be0cee7da1`
SHA1	`5f27d70c1f096393b8814081abde60367eed345c`
SHA256	`0e5f03780f6797e5c55aa156b2a783f1333dbbba22a090799f8733be3337d226`
SHA3	`c25b3ba3a7b3fd82eeae44fa4b250f9cd7de75f063a147ec0b993f4ece7f72f8`
VirtualSize	`0x2f35`
VirtualAddress	`0x1a000`
SizeOfRawData	`0x3000`
PointerToRawData	`0x9000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`2.29871`

.data

MD5	`6a4c7a8567d6b15659b224a9b7d8edfe`
SHA1	`a21523093daa460036fea91f4a1fdb514dcd2c34`
SHA256	`11d9b14188e90371467122ec1b2507bce51b5896fdc5cb02e258ac660e8997eb`
SHA3	`d493c0b94da0accf97d35ff0b75529ac80af5e64f48df874782abb101ad8285b`
VirtualSize	`0x8f0`
VirtualAddress	`0x1d000`
SizeOfRawData	`0x200`
PointerToRawData	`0xc000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0.508048`

.pdata

MD5	`bb68378907e94add3d02a9132150e33f`
SHA1	`ded499389432f18f95ffaafa1c0cf1b6c1963ef4`
SHA256	`ffab2587a55be5d9595dcfc3ec067801353d0c2a5d19a058f2ffa3ff00431952`
SHA3	`871f95530738e22cb323f3551a7bbdb4537d8c1354f907b1282798a2c5fceb46`
VirtualSize	`0x21f0`
VirtualAddress	`0x1e000`
SizeOfRawData	`0x2200`
PointerToRawData	`0xc200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`1.22915`

.idata

MD5	`bf82c975210c688378b2d228baab2088`
SHA1	`4b444216716170568e92876ffe53419575d6cb7d`
SHA256	`271103c1edceece97fec3dcfa90996827f92d1138d0d09b92e756f551f894e54`
SHA3	`a0b19f7e63dfca70fe147fd63574203185a67a0014d901ff3fe371d4121459d6`
VirtualSize	`0x164f`
VirtualAddress	`0x21000`
SizeOfRawData	`0x1800`
PointerToRawData	`0xe400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.7578`

.msvcjmc

MD5	`c4668aee6ad8a4249ca134c96bb01144`
SHA1	`6bd28a0a51570e98c4ee0e88320507a0c809f99b`
SHA256	`2c4f471903789642462d245d72651ebc55124ad996b4202d968edc57bcc9e487`
SHA3	`6d9ab7cf016566da16b68d9346da9f55d3814aa25efde4a3bc061f76544e2a67`
VirtualSize	`0x17b`
VirtualAddress	`0x23000`
SizeOfRawData	`0x200`
PointerToRawData	`0xfc00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0.724266`

.00cfg

MD5	`f843a1a433a5c1ad1b130bc9834a2ec1`
SHA1	`2ed24693cae30d5db66f6c65bd9583b19333342c`
SHA256	`eb713b38326d8e94b8433ceecd24e3673e33c848f78184d699d8091363dbf0ca`
SHA3	`7e7b4fa6b87c10ed38d0b2ff0ff69d21c5d4a36f493aba67e1557d2e1923fac5`
VirtualSize	`0x175`
VirtualAddress	`0x24000`
SizeOfRawData	`0x200`
PointerToRawData	`0xfe00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`0.464548`

.rsrc

MD5	`70143e4401b8ff04168516e4dd17d259`
SHA1	`bfab71ccec8f700bda501c77e81f1a808396e75d`
SHA256	`3b929519eb822c1581b2df24b765aa75706840eccc089ae16253306f00ba3738`
SHA3	`db67aceb90304fb09123c72ed4de79a746364d67ef93eca8f94af92114febcd0`
VirtualSize	`0x43c`
VirtualAddress	`0x25000`
SizeOfRawData	`0x600`
PointerToRawData	`0x10000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`2.14297`

.reloc

MD5	`f1293129d1cb8f5cec3f6bf0ca90da71`
SHA1	`c66d580942ccae80817596ac9c41beeaff5c3845`
SHA256	`cbb0e2eca985e44dfcf6930f06ae484e6a40ff0fa6007cd330171a2ef5ea9ac5`
SHA3	`6d64e1c8a1681f05e596aea5141fa1eeb6ef90a1e10a76ab61ac0dd40bdd5399`
VirtualSize	`0x27a`
VirtualAddress	`0x26000`
SizeOfRawData	`0x400`
PointerToRawData	`0x10600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.738573`

Imports

MSVCP140D.dll	`?good@ios_base@std@@QEBA_NXZ` `?flags@ios_base@std@@QEBAHXZ` `?width@ios_base@std@@QEBA_JXZ` `?width@ios_base@std@@QEAA_J_J@Z` `?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z` `?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z` `?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z` `?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ` `?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ` `?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A` `?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ` `?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z` `??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z` `?uncaught_exception@std@@YA_NXZ` `?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z` `?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ` `?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ`
VCRUNTIME140_1D.dll	`__CxxFrameHandler4`
VCRUNTIME140D.dll	`__C_specific_handler` `memcpy` `__C_specific_handler_noexcept` `__std_type_info_destroy_list` `__current_exception` `__current_exception_context` `__vcrt_GetModuleFileNameW` `__vcrt_GetModuleHandleW` `__vcrt_LoadLibraryExW`
ucrtbased.dll	`_execute_onexit_table` `_crt_atexit` `_crt_at_quick_exit` `terminate` `_wmakepath_s` `_wsplitpath_s` `wcscpy_s` `_register_onexit_function` `__stdio_common_vsprintf_s` `strcat_s` `strcpy_s` `__p__commode` `_set_new_mode` `_configthreadlocale` `_register_thread_local_exe_atexit_callback` `_initialize_onexit_table` `__p___argv` `__p___argc` `_set_fmode` `_exit` `exit` `_initterm_e` `_initterm` `_get_initial_narrow_environment` `_initialize_narrow_environment` `_configure_narrow_argv` `__setusermatherr` `_set_app_type` `_seh_filter_exe` `_CrtDbgReportW` `_CrtDbgReport` `strlen` `_cexit` `_seh_filter_dll` `_c_exit`
KERNEL32.dll	`GetProcAddress` `IsDebuggerPresent` `RaiseException` `MultiByteToWideChar` `WideCharToMultiByte` `RtlCaptureContext` `RtlLookupFunctionEntry` `RtlVirtualUnwind` `UnhandledExceptionFilter` `SetUnhandledExceptionFilter` `GetCurrentProcess` `TerminateProcess` `IsProcessorFeaturePresent` `QueryPerformanceCounter` `GetCurrentProcessId` `GetSystemTimeAsFileTime` `InitializeSListHead` `GetStartupInfoW` `GetModuleHandleW` `GetLastError` `HeapAlloc` `HeapFree` `GetProcessHeap` `VirtualQuery` `FreeLibrary` `GetCurrentThreadId`

Delayed Imports

1

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x17d`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.91161`
MD5	`1e4a89b11eae0fcf8bb5fdd5ec3b6f61`
SHA1	`4260284ce14278c397aaf6f389c1609b0ab0ce51`
SHA256	`4bb79dcea0a901f7d9eac5aa05728ae92acb42e0cb22e5dd14134f4421a3d8df`
SHA3	`4bb9e8b5a714cae82782f3831cc2d45f4bf4a50a755fe584d2d1893129d68353`

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2023-Sep-05 08:23:15
Version	`0.0`
SizeofData	`90`
AddressOfRawData	`0x1bd9c`
PointerToRawData	`0xad9c`
Referenced File	C:\Users\chuye\source\repos\SimpleApp64\x64\Debug\SimpleApp64.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2023-Sep-05 08:23:15
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0x1bdf8`
PointerToRawData	`0xadf8`

TLS Callbacks

Load Configuration

Size	`0x140`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x14001d008`

RICH Header

XOR Key	`0x4b2ceea4`
Unmarked objects	`0`
C++ objects (VS2022 Update 3 (17.3.0) compiler 31616)	`25`
C objects (VS2022 Update 3 (17.3.0) compiler 31616)	`11`
ASM objects (VS2022 Update 3 (17.3.0) compiler 31616)	`3`
Imports (VS2022 Update 3 (17.3.0) compiler 31616)	`7`
Imports (29395)	`4`
Total imports	`88`
C++ objects (VS2022 Update 3 (17.3.4-5) compiler 31630)	`1`
Resource objects (VS2022 Update 3 (17.3.4-5) compiler 31630)	`1`
Linker (VS2022 Update 3 (17.3.4-5) compiler 31630)	`1`

Errors

[*] Warning: Section .textbss has a size of 0!