×
This file seems to be a .NET executable .
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!
Architecture
IMAGE_FILE_MACHINE_I386
Subsystem
IMAGE_SUBSYSTEM_WINDOWS_CUI
Compilation Date
2041-Dec-19 19:02:52
Debug artifacts
G:\Redirected Folders\My Documents\Visual Studio 2019\Projects\CascDbConnect\CascDbConnect\obj\Release\CascAudit.pdb
Comments
CompanyName
FileDescription
CascDbConnect
FileVersion
1.0.0.0
InternalName
CascAudit.exe
LegalCopyright
Copyright © 2020
LegalTrademarks
OriginalFilename
CascAudit.exe
ProductName
CascDbConnect
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0
Info
Matching compiler(s):
Microsoft Visual C# v7.0 / Basic .NET
Suspicious
VirusTotal score: 1/69 (Scanned on 2022-04-12 15:08:10)
APEX:
Malicious
MD5
dd8233288a718dfb549ee8d57f80fe3b
SHA1
e284887b3c71395233add662684e0f44245cb4da
SHA256
83b737282928bd8dc280c30c65df482b87429b2494d71ec80d8589f63b0a8f35
SHA3
94c6f5df785af711fba8c778bf3117ba9d3627a907094dc98527632ac367135d
SSDeep
192:zqVqOBi0FHS18FQPMo+PSGRrBa+KEtQIqEIW17pZake/gsV8P+WydPv:mVqoHHQ8SOlaMttqWpZakevSFydP
Imports Hash
f34d5f2d4577ed6d9ceec516c1f5a744
e_magic
MZ
e_cblp
0x90
e_cp
0x3
e_crlc
0
e_cparhdr
0x4
e_minalloc
0
e_maxalloc
0xffff
e_ss
0
e_sp
0xb8
e_csum
0
e_ip
0
e_cs
0
e_ovno
0
e_oemid
0
e_oeminfo
0
e_lfanew
0x80
Signature
PE
Machine
IMAGE_FILE_MACHINE_I386
NumberofSections
3
TimeDateStamp
2041-Dec-19 19:02:52
PointerToSymbolTable
0
NumberOfSymbols
0
SizeOfOptionalHeader
0xe0
Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Magic
PE32
LinkerVersion
80.0
SizeOfCode
0x2a00
SizeOfInitializedData
0x800
SizeOfUninitializedData
0
AddressOfEntryPoint
0x00004896 (Section: .text)
BaseOfCode
0x2000
BaseOfData
0x6000
ImageBase
0x400000
SectionAlignment
0x2000
FileAlignment
0x200
OperatingSystemVersion
4.0
ImageVersion
0.0
SubsystemVersion
4.0
Win32VersionValue
0
SizeOfImage
0xa000
SizeOfHeaders
0x200
Checksum
0
Subsystem
IMAGE_SUBSYSTEM_WINDOWS_CUI
DllCharacteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve
0x100000
SizeofStackCommit
0x1000
SizeofHeapReserve
0x100000
SizeofHeapCommit
0x1000
LoaderFlags
0
NumberOfRvaAndSizes
16
MD5
7336bb7a5b01ebff3b274147ad11e742
SHA1
a29bbd1e3362b0b88ba413f4f4910e0e82c40b1e
SHA256
31a9ce0673d564003df917d471e97abe3bf9b0db9fe33b76e37dc2a90627751b
SHA3
c5f314632925d720633471d9ef1701c3411a85a3749a8b2acb8e90b1d530ec46
VirtualSize
0x289c
VirtualAddress
0x2000
SizeOfRawData
0x2a00
PointerToRawData
0x200
PointerToRelocations
0
PointerToLineNumbers
0
NumberOfLineNumbers
0
NumberOfRelocations
0
Characteristics
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy
5.4543
MD5
ef5a4b87e15c7defb9bb6c73cb7664d0
SHA1
451c52f4029a88bb485f6b096ae3d3d945b843d1
SHA256
04ce1610442f1f466f37947b552f49edc1b755bfc757c7f9a5e7b53b242b0408
SHA3
bf401e325c7e78127d6297ef2c829b09b81db975f25c7a006944f9f8d163cbea
VirtualSize
0x5bc
VirtualAddress
0x6000
SizeOfRawData
0x600
PointerToRawData
0x2c00
PointerToRelocations
0
PointerToLineNumbers
0
NumberOfLineNumbers
0
NumberOfRelocations
0
Characteristics
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy
4.09336
MD5
ddfbb815087ae769f1c35a8b45d5fee6
SHA1
8ccaa64241355a11b4b314cb41fa9c6dbd319099
SHA256
1bcfc3c29e272fea33ec5d6f9d8750edb0b4b2afdac9b93817362fc4b61a8ad4
SHA3
2fbc3edf4aef9c4be4bed9368dab6f9d498b328b3be86285e606e75c5d15fea6
VirtualSize
0xc
VirtualAddress
0x8000
SizeOfRawData
0x200
PointerToRawData
0x3200
PointerToRelocations
0
PointerToLineNumbers
0
NumberOfLineNumbers
0
NumberOfRelocations
0
Characteristics
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Entropy
0.0815394
Type
RT_VERSION
Language
UNKNOWN
Codepage
UNKNOWN
Size
0x32c
TimeDateStamp
1980-Jan-01 00:00:00
Entropy
3.27656
MD5
fb65a895d3eb20eeb39d03baa6c70558
SHA1
e81cb10446f7c1000148e9be4e248c889c38da73
SHA256
b5241967ccadd0c8b07da1401971526db9846b7f6b2a2e88b3d4b3cc13ed423a
SHA3
29259685c81d91536aed08250fd7f55dbca194b0c293088fa505fdce0f41d2f6
Type
RT_MANIFEST
Language
UNKNOWN
Codepage
UNKNOWN
Size
0x1ea
TimeDateStamp
1980-Jan-01 00:00:00
Entropy
5.00112
MD5
b7db84991f23a680df8e95af8946f9c9
SHA1
cac699787884fb993ced8d7dc47b7c522c7bc734
SHA256
539dc26a14b6277e87348594ab7d6e932d16aabb18612d77f29fe421a9f1d46a
SHA3
4f72877413d13a67b52b292a8524e2c43a15253c26aaf6b5d0166a65bc615cff
Signature
0xfeef04bd
StructVersion
0x10000
FileVersion
1.0.0.0
ProductVersion
1.0.0.0
FileFlags
(EMPTY)
FileOs
VOS_DOS_WINDOWS32
VOS_NT_WINDOWS32
VOS__WINDOWS32
FileType
VFT_APP
Language
UNKNOWN
Comments
CompanyName
FileDescription
CascDbConnect
FileVersion (#2)
1.0.0.0
InternalName
CascAudit.exe
LegalCopyright
Copyright © 2020
LegalTrademarks
OriginalFilename
CascAudit.exe
ProductName
CascDbConnect
ProductVersion (#2)
1.0.0.0
Assembly Version
1.0.0.0
Characteristics
0
TimeDateStamp
2072-Aug-07 10:48:25
Version
0.0
SizeofData
141
AddressOfRawData
0x47b4
PointerToRawData
0x29b4
Referenced File
G:\Redirected Folders\My Documents\Visual Studio 2019\Projects\CascDbConnect\CascDbConnect\obj\Release\CascAudit.pdb
Characteristics
0
TimeDateStamp
1970-Jan-01 00:00:00
Version
0.0
SizeofData
0
AddressOfRawData
0
PointerToRawData
0